syzbot


UBSAN: shift-out-of-bounds in parse_options

Status: upstream: reported C repro on 2023/11/19 20:08
Bug presence: origin:lts-only
[Documentation on labels]
Reported-by: syzbot+de6af439f087e7e7b142@syzkaller.appspotmail.com
First crash: 650d, last: 5d23h
Bug presence (2)
Date Name Commit Repro Result
2023/11/19 linux-5.15.y (ToT) 80529b4968a8 C [report] UBSAN: shift-out-of-bounds in parse_options
2023/11/19 upstream (ToT) 037266a5f723 C Didn't crash
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-5-15 UBSAN: shift-out-of-bounds in parse_options ext4 origin:lts -1 C error 635 3h17m 965d 0/2 upstream: reported C repro on 2023/01/08 05:56
linux-6.1 UBSAN: shift-out-of-bounds in parse_options origin:lts-only -1 C inconclusive 154 6h21m 382d 0/3 upstream: reported C repro on 2024/08/13 23:52
android-6-1 UBSAN: shift-out-of-bounds in parse_options origin:lts -1 C 298 2d14h 378d 0/2 upstream: reported C repro on 2024/08/17 08:59
Last patch testing requests (3)
Created Duration User Patch Repo Result
2024/12/22 19:55 11m retest repro linux-5.15.y report log
2024/12/22 19:55 9m retest repro linux-5.15.y report log
2024/12/22 19:55 11m retest repro linux-5.15.y report log
Fix bisection attempts (3)
Created Duration User Patch Repo Result
2024/02/27 12:08 6h19m fix candidate upstream OK (1) job log
2024/01/22 16:01 12h12m fix candidate upstream error job log
2023/12/14 01:21 12h00m fix candidate upstream error job log

Sample crash report:
EXT4-fs (loop0): Mount option "nouser_xattr" will be removed by 3.5
Contact linux-ext4@vger.kernel.org if you think we should keep it.
================================================================================
UBSAN: shift-out-of-bounds in fs/ext4/super.c:2501:15
shift exponent 2147876968 is too large for 32-bit type 'int'
CPU: 1 PID: 4686 Comm: syz.0.93 Not tainted 5.15.189-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Call Trace:
 <TASK>
 dump_stack_lvl+0x168/0x230 lib/dump_stack.c:106
 ubsan_epilogue+0xa/0x30 lib/ubsan.c:151
 __ubsan_handle_shift_out_of_bounds+0x37c/0x400 lib/ubsan.c:321
 parse_options+0x277a/0x27e0 fs/ext4/super.c:2501
 ext4_fill_super+0x200c/0x9a00 fs/ext4/super.c:4175
 mount_bdev+0x287/0x3c0 fs/super.c:1400
 legacy_get_tree+0xe6/0x180 fs/fs_context.c:611
 vfs_get_tree+0x88/0x270 fs/super.c:1530
 do_new_mount+0x24a/0xa40 fs/namespace.c:3014
 do_mount fs/namespace.c:3357 [inline]
 __do_sys_mount fs/namespace.c:3565 [inline]
 __se_sys_mount+0x2d6/0x3c0 fs/namespace.c:3542
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f63a520438a
Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f63a4871e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007f63a4871ef0 RCX: 00007f63a520438a
RDX: 0000200000000040 RSI: 0000200000000500 RDI: 00007f63a4871eb0
RBP: 0000200000000040 R08: 00007f63a4871ef0 R09: 0000000000004500
R10: 0000000000004500 R11: 0000000000000246 R12: 0000200000000500
R13: 00007f63a4871eb0 R14: 00000000000004b4 R15: 000000000000002c
 </TASK>
================================================================================

Crashes (373):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/08/18 05:19 linux-5.15.y c79648372d02 1804e95e .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2023/11/19 20:07 linux-5.15.y 80529b4968a8 cb976f63 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/05/10 07:08 linux-5.15.y 3b8db0e4f263 77908e5f .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/01/29 22:00 linux-5.15.y 003148680b79 136953f1 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/10/21 07:21 linux-5.15.y 584a40a22cb9 cd6fc0a3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/07/13 03:16 linux-5.15.y f45bea23c39c eaeb5c15 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/08/25 04:54 linux-5.15.y c79648372d02 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/08/24 17:34 linux-5.15.y c79648372d02 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/08/23 17:52 linux-5.15.y c79648372d02 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/08/19 10:01 linux-5.15.y c79648372d02 523f460e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/08/18 10:53 linux-5.15.y c79648372d02 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/08/17 19:45 linux-5.15.y c79648372d02 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/08/16 15:58 linux-5.15.y c79648372d02 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/08/11 17:24 linux-5.15.y c79648372d02 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/08/11 04:51 linux-5.15.y c79648372d02 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/08/10 03:22 linux-5.15.y c79648372d02 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/07/30 03:15 linux-5.15.y c79648372d02 f8f2b4da .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/07/21 19:03 linux-5.15.y c79648372d02 56d87229 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/07/21 09:33 linux-5.15.y c79648372d02 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/07/21 04:56 linux-5.15.y c79648372d02 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/07/21 02:35 linux-5.15.y c79648372d02 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/07/21 01:51 linux-5.15.y c79648372d02 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/07/13 07:31 linux-5.15.y 2f693b607545 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/07/12 09:09 linux-5.15.y 2f693b607545 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/08/23 23:43 linux-5.15.y c79648372d02 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/08/05 04:01 linux-5.15.y c79648372d02 f5bcc8dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/08/04 10:58 linux-5.15.y c79648372d02 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/08/04 01:47 linux-5.15.y c79648372d02 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/08/03 19:44 linux-5.15.y c79648372d02 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/08/03 18:43 linux-5.15.y c79648372d02 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/08/03 04:12 linux-5.15.y c79648372d02 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/08/01 04:35 linux-5.15.y c79648372d02 0c075d67 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/30 23:18 linux-5.15.y c79648372d02 f8f2b4da .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/26 17:42 linux-5.15.y c79648372d02 fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/22 09:38 linux-5.15.y c79648372d02 1555463b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/21 17:24 linux-5.15.y c79648372d02 56d87229 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/21 07:47 linux-5.15.y c79648372d02 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/20 22:03 linux-5.15.y c79648372d02 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/19 19:51 linux-5.15.y c79648372d02 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/17 02:18 linux-5.15.y 89950c454265 44f8051e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/14 07:10 linux-5.15.y 2f693b607545 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/13 15:19 linux-5.15.y 2f693b607545 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/13 00:40 linux-5.15.y 2f693b607545 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/12 19:50 linux-5.15.y 2f693b607545 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/12 12:49 linux-5.15.y 2f693b607545 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/11 15:50 linux-5.15.y 2f693b607545 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/10 00:40 linux-5.15.y 3dea0e7f549e f4e5e155 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/08 03:06 linux-5.15.y 3dea0e7f549e 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/07 15:31 linux-5.15.y 3dea0e7f549e 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/07 12:22 linux-5.15.y 3dea0e7f549e 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/05 03:08 linux-5.15.y 3dea0e7f549e d869b261 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
* Struck through repros no longer work on HEAD.