syzbot

 sign-in | mailing list | source | docs
🐞 Open [724]
🐞 Fixed [73]
🐞 Invalid [917]
Missing Backports [119]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

UBSAN: shift-out-of-bounds in parse_options

Status: upstream: reported C repro on 2023/11/19 20:08
Bug presence: origin:lts-only
[Documentation on labels]
Reported-by: syzbot+de6af439f087e7e7b142@syzkaller.appspotmail.com
First crash: 597d, last: 1d08h
Bug presence (2)
Date Name Commit Repro Result
2023/11/19 linux-5.15.y (ToT) 80529b4968a8 C [report] UBSAN: shift-out-of-bounds in parse_options
2023/11/19 upstream (ToT) 037266a5f723 C Didn't crash
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-5-15 UBSAN: shift-out-of-bounds in parse_options ext4 origin:lts -1 C error 537 2d15h 913d 0/2 upstream: reported C repro on 2023/01/08 05:56
linux-6.1 UBSAN: shift-out-of-bounds in parse_options origin:lts-only -1 C inconclusive 136 5d02h 329d 0/3 upstream: reported C repro on 2024/08/13 23:52
android-6-1 UBSAN: shift-out-of-bounds in parse_options origin:lts -1 C 270 2d08h 326d 0/2 upstream: reported C repro on 2024/08/17 08:59
Last patch testing requests (3)
Created Duration User Patch Repo Result
2024/12/22 19:55 11m retest repro linux-5.15.y report log
2024/12/22 19:55 9m retest repro linux-5.15.y report log
2024/12/22 19:55 11m retest repro linux-5.15.y report log
Fix bisection attempts (3)
Created Duration User Patch Repo Result
2024/02/27 12:08 6h19m fix candidate upstream OK (1) job log
2024/01/22 16:01 12h12m fix candidate upstream error job log
2023/12/14 01:21 12h00m fix candidate upstream error job log

Sample crash report:
loop0: detected capacity change from 0 to 512
EXT4-fs (loop0): Mount option "nouser_xattr" will be removed by 3.5
Contact linux-ext4@vger.kernel.org if you think we should keep it.
================================================================================
UBSAN: shift-out-of-bounds in fs/ext4/super.c:2494:15
shift exponent 1919383155 is too large for 32-bit type 'int'
CPU: 1 PID: 3698 Comm: syz-executor195 Not tainted 5.15.138-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106
 ubsan_epilogue lib/ubsan.c:151 [inline]
 __ubsan_handle_shift_out_of_bounds+0x3bf/0x420 lib/ubsan.c:321
 parse_options+0x324d/0x32b0 fs/ext4/super.c:2494
 ext4_fill_super+0x236e/0xa110 fs/ext4/super.c:4168
 mount_bdev+0x2c9/0x3f0 fs/super.c:1387
 legacy_get_tree+0xeb/0x180 fs/fs_context.c:611
 vfs_get_tree+0x88/0x270 fs/super.c:1517
 do_new_mount+0x28b/0xae0 fs/namespace.c:2994
 do_mount fs/namespace.c:3337 [inline]
 __do_sys_mount fs/namespace.c:3545 [inline]
 __se_sys_mount+0x2d5/0x3c0 fs/namespace.c:3522
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x61/0xcb
RIP: 0033:0x7f48459ca0aa
Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f4845985088 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f48459ca0aa
RDX: 0000000020000040 RSI: 0000000020000500 RDI: 00007f48459850a0
RBP: 00007f48459850a0 R08: 00007f48459850e0 R09: 00007f48459850e0
R10: 0000000000004500 R11: 0000000000000206 R12: 00007f48459850e0
R13: 0000000000004500 R14: 0000000000000003 R15: 0000000000040000
 </TASK>
================================================================================

Crashes (324):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/11/19 20:07 linux-5.15.y 80529b4968a8 cb976f63 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/05/10 07:08 linux-5.15.y 3b8db0e4f263 77908e5f .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/01/29 22:00 linux-5.15.y 003148680b79 136953f1 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/10/21 07:21 linux-5.15.y 584a40a22cb9 cd6fc0a3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/07/13 03:16 linux-5.15.y f45bea23c39c eaeb5c15 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/30 14:02 linux-5.15.y 3dea0e7f549e fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/06/30 02:30 linux-5.15.y 3dea0e7f549e fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/06/29 03:02 linux-5.15.y 3dea0e7f549e fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/06/08 07:42 linux-5.15.y 1c700860e8bc 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/06/07 12:31 linux-5.15.y 1c700860e8bc 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/06/01 15:03 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/06/01 02:24 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2025/07/08 03:06 linux-5.15.y 3dea0e7f549e 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/07 15:31 linux-5.15.y 3dea0e7f549e 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/07 12:22 linux-5.15.y 3dea0e7f549e 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/05 03:08 linux-5.15.y 3dea0e7f549e d869b261 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/07/04 06:06 linux-5.15.y 3dea0e7f549e 76ad128c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/30 03:55 linux-5.15.y 3dea0e7f549e fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/29 04:29 linux-5.15.y 3dea0e7f549e fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/28 17:29 linux-5.15.y 3dea0e7f549e fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/24 15:57 linux-5.15.y 1c700860e8bc e2f27c35 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/23 15:44 linux-5.15.y 1c700860e8bc d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/19 15:07 linux-5.15.y 1c700860e8bc ed3e87f7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/18 07:14 linux-5.15.y 1c700860e8bc e77fae15 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/15 13:27 linux-5.15.y 1c700860e8bc 5f4b362d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/15 03:52 linux-5.15.y 1c700860e8bc 5f4b362d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/13 21:39 linux-5.15.y 1c700860e8bc 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/13 04:25 linux-5.15.y 1c700860e8bc 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/13 00:28 linux-5.15.y 1c700860e8bc 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/10 10:45 linux-5.15.y 1c700860e8bc 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/10 08:20 linux-5.15.y 1c700860e8bc 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/09 04:21 linux-5.15.y 1c700860e8bc 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/08 22:14 linux-5.15.y 1c700860e8bc 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/08 19:07 linux-5.15.y 1c700860e8bc 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/07 00:13 linux-5.15.y 1c700860e8bc 9fa58bba .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/02 10:10 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/02 00:22 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/01 20:17 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/01 17:33 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/06/01 10:42 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/05/31 16:44 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/05/30 16:46 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/05/30 00:35 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/05/27 16:45 linux-5.15.y 98f47d0e9b8c 874a1386 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/05/21 10:11 linux-5.15.y a68c15152131 b47f9e02 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/05/19 02:47 linux-5.15.y a68c15152131 f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/05/18 16:00 linux-5.15.y a68c15152131 f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/05/18 05:37 linux-5.15.y 3b8db0e4f263 f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/05/17 20:27 linux-5.15.y 3b8db0e4f263 f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/05/17 17:27 linux-5.15.y 3b8db0e4f263 f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2025/05/16 11:04 linux-5.15.y 3b8db0e4f263 cfde8269 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
* Struck through repros no longer work on HEAD.