All of
 help / color / mirror / Atom feed
* [syzbot] UBSAN: shift-out-of-bounds in dbBackSplit
@ 2022-11-03 15:38 syzbot
  0 siblings, 0 replies; only message in thread
From: syzbot @ 2022-11-03 15:38 UTC (permalink / raw)
  To: jfs-discussion, linux-kernel, mudongliangabcd, paskripkin,
	r33s3n6, shaggy, syzkaller-bugs, wuhoipok


syzbot found the following issue on:

HEAD commit:    61c3426aca2c Add linux-next specific files for 20221102
git tree:       linux-next
kernel config:
dashboard link:
compiler:       gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro:
C reproducer:

Downloadable assets:
disk image:
kernel image:
mounted in repro:

IMPORTANT: if you fix the issue, please add the following tag to the commit:

loop0: detected capacity change from 0 to 32768
UBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:2621:11
shift exponent 109 is too large for 32-bit type 'int'
CPU: 0 PID: 5234 Comm: syz-executor124 Not tainted 6.1.0-rc3-next-20221102-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
Call Trace:
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
 ubsan_epilogue+0xb/0x50 lib/ubsan.c:151
 __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x187 lib/ubsan.c:322
 dbAllocBits+0x14f/0x5f0 fs/jfs/jfs_dmap.c:2173
 dbAllocDmap+0x61/0x110 fs/jfs/jfs_dmap.c:2014
 dbAllocNear fs/jfs/jfs_dmap.c:1243 [inline]
 dbAlloc+0x78a/0xa70 fs/jfs/jfs_dmap.c:828
 diNewExt+0x724/0x1a10 fs/jfs/jfs_imap.c:2251
 diAllocExt fs/jfs/jfs_imap.c:1945 [inline]
 diAllocAG+0x15f1/0x2200 fs/jfs/jfs_imap.c:1662
 diAlloc+0x82d/0x1730 fs/jfs/jfs_imap.c:1583
 ialloc+0x89/0xaa0 fs/jfs/jfs_inode.c:56
 jfs_mkdir+0x1f0/0xab0 fs/jfs/namei.c:225
 vfs_mkdir+0x489/0x740 fs/namei.c:4035
 do_mkdirat+0x277/0x2f0 fs/namei.c:4060
 __do_sys_mkdir fs/namei.c:4080 [inline]
 __se_sys_mkdir fs/namei.c:4078 [inline]
 __x64_sys_mkdir+0xf2/0x140 fs/namei.c:4078
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
RIP: 0033:0x7fd3da355dc9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe6b87ad38 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd3da355dc9
RDX: 00007fd3da3142c3 RSI: 0000000000000000 RDI: 00000000200052c0
RBP: 00007fd3da315590 R08: 000055555709e2c0 R09: 0000000000000000
R10: 00007ffe6b87ac00 R11: 0000000000000246 R12: 00000000f8008000
R13: 0000000000000000 R14: 00080000000000fc R15: 0000000000000000

This report is generated by a bot. It may contain errors.
See for more information about syzbot.
syzbot engineers can be reached at

syzbot will keep track of this issue. See: for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2022-11-03 15:38 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-11-03 15:38 [syzbot] UBSAN: shift-out-of-bounds in dbBackSplit syzbot

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.