From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id AB134C02193 for ; Tue, 4 Feb 2025 15:34:30 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3A8E36B0099; Tue, 4 Feb 2025 10:34:30 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 358F76B009A; Tue, 4 Feb 2025 10:34:30 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1FA356B009B; Tue, 4 Feb 2025 10:34:30 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 017A96B0099 for ; Tue, 4 Feb 2025 10:34:29 -0500 (EST) Received: from smtpin25.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id A0159140A57 for ; Tue, 4 Feb 2025 15:34:29 +0000 (UTC) X-FDA: 83082659058.25.A2569ED Received: from mail-il1-f208.google.com (mail-il1-f208.google.com [209.85.166.208]) by imf19.hostedemail.com (Postfix) with ESMTP id 9F24C1A0009 for ; Tue, 4 Feb 2025 15:34:27 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none); spf=pass (imf19.hostedemail.com: domain of 3gjOiZwkbALUntufVggZmVkkdY.bjjbgZpnZmXjioZio.Xjh@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.208 as permitted sender) smtp.mailfrom=3gjOiZwkbALUntufVggZmVkkdY.bjjbgZpnZmXjioZio.Xjh@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1738683267; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references; bh=sTyxJH1n+oqeEDYjwt7rZFUHPv1cNoPQYcBLTwj9yNM=; b=sVVscyH9ouYMVu6cBLJPkcbY+WqV6YrpozdTPRoniRKwTp2kLiMXUY+/bYpQCf9JcmVIZD tXHZvjLL5UU0GWqA1AxnVuJaJGW6zuFugyiyqNk6N7kn3d0ct+qXbmnh5Vz10KQV98u0E2 7tQjEo9RMHPFS1gB3KqrupaYS5e2eFw= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1738683267; a=rsa-sha256; cv=none; b=mXAmyWJ2bbAhlhWm+n5E0gFFY9vkjyJHPKDcSgqMcv7t9StggGewhyT8qCZ/hAI1tX3fiF k2IULp9MWpxRxskND4Q+BaRcMKBBUHZyBOf7olNkSVxrGExxvP7VM0nM2UgTQaEvmwYxd6 P9ZqhE0WpZdWa0ey6PdcyqwUtTw1P+o= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none); spf=pass (imf19.hostedemail.com: domain of 3gjOiZwkbALUntufVggZmVkkdY.bjjbgZpnZmXjioZio.Xjh@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.208 as permitted sender) smtp.mailfrom=3gjOiZwkbALUntufVggZmVkkdY.bjjbgZpnZmXjioZio.Xjh@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com Received: by mail-il1-f208.google.com with SMTP id e9e14a558f8ab-3d0225c44e8so64256735ab.0 for ; Tue, 04 Feb 2025 07:34:27 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738683266; x=1739288066; h=to:from:subject:message-id:date:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=sTyxJH1n+oqeEDYjwt7rZFUHPv1cNoPQYcBLTwj9yNM=; b=QrZpr5xfs7J2HPDKWIf3HZDCKEaHrQSGR4Cy+cd9FyampRXRZpFSwutK66d2BlLwwG 7gY2aFpOki8PQYD9jYUzWTb3bHjaZa0w79mWKXD6YwFf0cj8VqLumTlNlM8aHkv8SFrn 6RiA/+7V0W0BQDmqiUrBo2VxKJVFidW8l8cjawWuKAnHOGDkNmMU0k5gfYxwOtJw1nIC ST635Jj8vUpEDhOVTk5p4nEyl5O8kma3W3Ztj+C7Tq5Jbr/DVrHY9bxaN0LT9UH/TdEv 2sSjMAqmT1nFSUDZN6pRafLQIALT2dhm5xw+jUjWRPVUaxHxRKgu0/yuwUV4S6W7Q3Wm 96mQ== X-Forwarded-Encrypted: i=1; AJvYcCWNWv0SVC/8mGhENBpH1CGQm2axHcOQqM7dwtoZHZLegGM7xQn3qf9rmCyha4ON50AdixQkqgm2Ow==@kvack.org X-Gm-Message-State: AOJu0Yyrm3b0rByrMrvbH2k8X+hdM3vWlxsHpwuZLNViNqDAo5R+Xv1n fb74eOEpgHqIjjL+NGUtwnKv8Ay6x5VStoZ4e0shLyuMnPHXBBsWASzF682YJmbeHRzH2WUS1+V UaGlp0Wtp2GiF+zDOj1GWxM1SNEasoybmHLxUWGlBbcxGkbCCZJO7fb4= X-Google-Smtp-Source: AGHT+IE+sxeh4zcmbP0uDKdN/YL35hQL+fHqquCuQWuMS3tm3/AqKWi3uK4P7CEyn51KfuiHrBU//kw8uqzwVHfEtVpnatdlRWgw MIME-Version: 1.0 X-Received: by 2002:a05:6e02:240b:b0:3d0:443d:a5a4 with SMTP id e9e14a558f8ab-3d0443da8bbmr19294865ab.2.1738683266494; Tue, 04 Feb 2025 07:34:26 -0800 (PST) Date: Tue, 04 Feb 2025 07:34:26 -0800 X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <67a23382.050a0220.d7c5a.00bd.GAE@google.com> Subject: [syzbot] [mm?] [bcachefs?] UBSAN: shift-out-of-bounds in shmem_add_to_page_cache From: syzbot To: akpm@linux-foundation.org, hughd@google.com, kent.overstreet@linux.dev, linux-bcachefs@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" X-Stat-Signature: 1zthhka7krygahwq5n67gga3n5s1b3xn X-Rspam-User: X-Rspamd-Queue-Id: 9F24C1A0009 X-Rspamd-Server: rspam03 X-HE-Tag: 1738683267-490673 X-HE-Meta: U2FsdGVkX19miGnQHLh5UXkqMYrOkzPGuBSnf4zx475wyiDtVlNGpptpQ6JISMiJR2w5qCpOn8ah7H4pmhFjxQLfLEin8dK4yK8Zo2tvaqw6CBjSc5bu9YeT7lVIUMOqcKXUnTCpoyBjLNP7b0LnWJ1kiG6ZvZkdyoR/OtMW2LG1PhEOgraVmcOlBA1/bU34nt5vqCuJWMOJX7eck3BIeaUdvYZIeC1/AUED+DinRmhRneZLAqFhpKnKQkcC7RypIVh5L2YPsPf9yPtDszyack+iw1qTCKXGmCgEGzfoqm9wXppGXsaoMiiRFRvywOxZbmiiXBdyeyd1+KPs00uHIt8q2jRT/CSUmGtTWmseM2i23/CQQHWI6rKH46rASXsnnPKfz/kWYiSxfYW79RISAMzWHIj2csKFmINtcIe1nLs8MwEFp1anJQs0ETYeL7O6lgbnFFYkTBlsqBDHHFYwlAPouuUPT2Bxt7RLVvELTG1udGaZ/dGvAm83MTH+mTwTxIxzZTbXthtptTtm26dfLTD0HCzzxqQIRl+rZ+7COTeLrnlKsgxWAw54zMonl1Y35iLCfy9saEVeCvWnXUxzE5+Q6VLsMBPatxaH9evoonUcMgjzErkR9U8fmjzbJQRtkvNf1LLK/T9rom/aYJkf4c8Q1riXKF99bMFKB8xeqfcrDSvHH/wCvywL7yUnv0hlfiGlZKD1D1lyQkGeLwvwduKi6YvfqHU2T0yAoJi5YZmc5FswPJqE67kJtOH9cj+GlMvOmzGP10Kgvs6i803SU1+OdCJ6KWsDzehBz5toH4h1u1AMSlLkaDQqpmqK+0oqoX39MWgk1daC/LuQifEuMrU0Rsn0u8oz02Lm5GqMWhqEk1fHipP6n5t56P1e80x1QlYXyi7T/hq7mMPLESlgm4Uk+gGwVV3i9gboVbIFZ7NXNM9PjwJDTasimyEU1aGHXLH4v5rD28DeS5xA5PO VfT3yj8+ YxPUKV90LXYPPCyWOXl1BroYYH7z5AXQNJ8Utq6MnYYCms2z6JzlyCMWpkaUrq4ySS0F2JyZ3ijTdNhqA9PR9wQCy1XiRcDJBy0RdYwhuc3Xh9YI30hz8XXWm77PNsvYUg1OoWtm8nrNNwXFabr6oa4fMEIt1NivE32HkOpcIcrycXjSCqvnfxMPEvmH11uLFGPbhAYL1DV1JFxmfq416Q6vcKwVB0GNbG0kuAUIGxxWGDmxVoAQn6SZL7l4lMD24cuJyFmZOuIiOpN9FL0blJpFjTai6WY8G1lQcd143Y82p39/ewtIe6xJ2lmK66swDMoJF5Y7cRRApjhUzKAzw/MT64aavvd2AZPGu6GE0tcRwiNO1/DnIsTBI1u5pj+E9VFrCKqKMFyAHwZ5AHRqg3O7O9U8t1BcL04jGEeCG89dyFmFoG9mbdfammsvWX2IY1sI4OuzYpXZ8s2376h1HMgsPtWuHqN6EdMtH0HTNkO2xNweZVV8a2K4tM5egjbpXFVe18G3DKdg2krsaQ/03kgAIGkqyCEUeS9XPqbg8wFaSVeFDpxb4BqGYXhPEBlFN+acVnq9lYaqPy9kEUwcAMRMpBBvze8YkrHgAYQnsA4UdoX5L60J4cnZ/fYC4SJYdQYdzdzE6VjWdGl+O1P5RpnJuPaXenEacCmbwt8IzK9CPZUpMvAVKxA3cSWexXvNqEqBXwiBcNU8PJkMpqdu3g+S3DMhAsSk2vZHSTNyQQ2Q0CXNYgSdmJBS2I35/3j0d9SjKAsLMzDaw/bKrIrkn7R0CiOkeS0Pck7dvglVlzk956iyKBIyemFZlCU/j9qSGLVaHF1h/N9170YYMV5p8Ly5qD3rJEQwZJcdUTMEvU2ayEGMAngj1wCgmNPZkYMQm7ztAWor8pTztAJjvVFtwWQjGxVyhUNu9/AA9RAGPh1RlFd9uNJfuBH+Hy4si4z5Z7QVUuAUOlrRCqEc3VFnFL4wpJXvu 5vw4ROC4 WYYllPdmFcX9Ab/lP3nRpTau5QVgg6pFycOE+mx7Fto/ZVvbLpLUcRZF3S5zfyRmMadJboHH8b3kXXWa7XwObW39kN1H8RhJlDDTwkM7orafj66SbyA9ZitO60auth00VIbQ93GubKX8DIppv9n0hGJWTMQB6AUwt2KswXhde6AQz/OEPptN1H3mYlp99qLelTqRYCmvIz36dfAhsLgEr8dl5eDgqcx96iJjfnHSigDHYUnNPIRZhwDU2lff3BgDLbz1M9mkYnyD4mSzIrkEF4dlOclJJtgh+EJIm4iorlu6bfqAD9QIgs/k6cIHsjCrH61UFrp1emqFmvOBegMlOyIT0XA4VrJbnNJ9gUbzaTQ5mU9gT5WNroNYL1pyWxwTIihritnCIx6Qhl5amuO5XBkj9/gFfCj+5qmSiGot1LyXlJSqvMJv9BihwVpH1zVxWSh3/KMqSLDSOL2dNJXsAVJoyM21ZSQm0VtEgocBSFKJzSh8lG476Q== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Hello, syzbot found the following issue on: HEAD commit: 69e858e0b8b2 Merge tag 'uml-for-linus-6.14-rc1' of git://g.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=145b6d18580000 kernel config: https://syzkaller.appspot.com/x/.config?x=d033b14aeef39158 dashboard link: https://syzkaller.appspot.com/bug?extid=07392c132f11b1758ac3 compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=160983df980000 Downloadable assets: disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/7feb34a89c2a/non_bootable_disk-69e858e0.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/a53b888c1f3f/vmlinux-69e858e0.xz kernel image: https://storage.googleapis.com/syzbot-assets/6b5e17edafc0/bzImage-69e858e0.xz mounted in repro: https://storage.googleapis.com/syzbot-assets/dfc78a0e5edb/mount_0.gz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+07392c132f11b1758ac3@syzkaller.appspotmail.com ------------[ cut here ]------------ UBSAN: shift-out-of-bounds in lib/xarray.c:196:22 shift exponent 66 is too large for 64-bit type 'unsigned long' CPU: 0 UID: 0 PID: 5744 Comm: syz.3.50 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 ubsan_epilogue lib/ubsan.c:231 [inline] __ubsan_handle_shift_out_of_bounds+0x3c8/0x420 lib/ubsan.c:468 xas_start+0x772/0x7b0 lib/xarray.c:196 xas_find_conflict+0x14b/0xd20 lib/xarray.c:1430 shmem_add_to_page_cache+0x81e/0xcc0 mm/shmem.c:889 shmem_alloc_and_add_folio+0x968/0x1090 mm/shmem.c:1928 shmem_get_folio_gfp+0x621/0x1840 mm/shmem.c:2522 shmem_get_folio mm/shmem.c:2628 [inline] shmem_write_begin+0x165/0x350 mm/shmem.c:3278 generic_perform_write+0x346/0x990 mm/filemap.c:4189 shmem_file_write_iter+0xf9/0x120 mm/shmem.c:3454 new_sync_write fs/read_write.c:586 [inline] vfs_write+0xacf/0xd10 fs/read_write.c:679 ksys_write+0x18f/0x2b0 fs/read_write.c:731 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f17fe98b85f Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 RSP: 002b:00007f17ff803df0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 0000000001000000 RCX: 00007f17fe98b85f RDX: 0000000001000000 RSI: 00007f17f5600000 RDI: 0000000000000003 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000005939 R10: 0000000020005b42 R11: 0000000000000293 R12: 0000000000000003 R13: 00007f17ff803ef0 R14: 00007f17ff803eb0 R15: 00007f17f5600000 ---[ end trace ]--- --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. If the report is already addressed, let syzbot know by replying with: #syz fix: exact-commit-title If you want syzbot to run the reproducer, reply with: #syz test: git://repo/address.git branch-or-commit-hash If you attach or paste a git patch, syzbot will apply it before testing. If you want to overwrite report's subsystems, reply with: #syz set subsystems: new-subsystem (See the list of subsystem names on the web dashboard) If the report is a duplicate of another one, reply with: #syz dup: exact-subject-of-another-report If you want to undo deduplication, reply with: #syz undup