syzbot

 sign-in | mailing list | source | docs
🐞 Open [706]
🐞 Fixed [58]
🐞 Invalid [596]
Missing Backports [56]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

UBSAN: shift-out-of-bounds in dbUpdatePMap

Status: auto-obsoleted due to no activity on 2023/10/24 09:05
Reported-by: syzbot+c168963dcba8b242600d@syzkaller.appspotmail.com
First crash: 528d, last: 494d
Fix bisection: failed (error log, bisect log)
  
Bug presence (1)
Date Name Commit Repro Result
2023/07/27 upstream (ToT) 57012c57536f C Didn't crash
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream UBSAN: shift-out-of-bounds in dbUpdatePMap (2) jfs C error error 4 469d 524d 0/28 auto-obsoleted due to no activity on 2023/11/17 21:23
linux-6.1 UBSAN: shift-out-of-bounds in dbUpdatePMap origin:upstream C done 1 487d 528d 3/3 fixed on 2023/09/28 03:03
upstream UBSAN: shift-out-of-bounds in dbUpdatePMap jfs C error inconclusive 149 731d 782d 0/28 auto-obsoleted due to no activity on 2023/03/01 17:05

Sample crash report:
================================================================================
UBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:470:12
shift exponent 131072 is too large for 64-bit type 'long long'
CPU: 1 PID: 275 Comm: jfsCommit Not tainted 5.15.120-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106
 ubsan_epilogue lib/ubsan.c:151 [inline]
 __ubsan_handle_shift_out_of_bounds+0x3bf/0x420 lib/ubsan.c:321
 dbUpdatePMap+0xe4a/0xf50 fs/jfs/jfs_dmap.c:470
 txAllocPMap+0x57b/0x6b0 fs/jfs/jfs_txnmgr.c:2454
 txUpdateMap+0x7c8/0x9e0 fs/jfs/jfs_txnmgr.c:2392
 txLazyCommit fs/jfs/jfs_txnmgr.c:2693 [inline]
 jfs_lazycommit+0x470/0xc30 fs/jfs/jfs_txnmgr.c:2761
 kthread+0x3f6/0x4f0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:298
 </TASK>
================================================================================
Kernel panic - not syncing: UBSAN: panic_on_warn set ...
CPU: 0 PID: 275 Comm: jfsCommit Not tainted 5.15.120-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106
 panic+0x318/0x84d kernel/panic.c:309
 check_panic_on_warn+0x7e/0xa0 kernel/panic.c:229
 ubsan_epilogue lib/ubsan.c:157 [inline]
 __ubsan_handle_shift_out_of_bounds+0x3de/0x420 lib/ubsan.c:321
 dbUpdatePMap+0xe4a/0xf50 fs/jfs/jfs_dmap.c:470
 txAllocPMap+0x57b/0x6b0 fs/jfs/jfs_txnmgr.c:2454
 txUpdateMap+0x7c8/0x9e0 fs/jfs/jfs_txnmgr.c:2392
 txLazyCommit fs/jfs/jfs_txnmgr.c:2693 [inline]
 jfs_lazycommit+0x470/0xc30 fs/jfs/jfs_txnmgr.c:2761
 kthread+0x3f6/0x4f0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:298
 </TASK>
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/07/16 09:04 linux-5.15.y d54cfc420586 35d9ecc5 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in dbUpdatePMap
2023/06/12 09:14 linux-5.15.y 7349e40704a0 49519f06 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in dbUpdatePMap
* Struck through repros no longer work on HEAD.