From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 24152C021A6 for ; Sat, 15 Feb 2025 11:59:22 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 413C6280006; Sat, 15 Feb 2025 06:59:22 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 3C328280005; Sat, 15 Feb 2025 06:59:22 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 28AA4280006; Sat, 15 Feb 2025 06:59:22 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 0B88C280005 for ; Sat, 15 Feb 2025 06:59:22 -0500 (EST) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 993451419E3 for ; Sat, 15 Feb 2025 11:59:21 +0000 (UTC) X-FDA: 83122033722.15.1F24115 Received: from mail-il1-f208.google.com (mail-il1-f208.google.com [209.85.166.208]) by imf15.hostedemail.com (Postfix) with ESMTP id 00E4FA0002 for ; Sat, 15 Feb 2025 11:59:19 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none); spf=pass (imf15.hostedemail.com: domain of 3l4GwZwkbAKASYZKALLERAPPID.GOOGLEUSERCONTENT.COM@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.208 as permitted sender) smtp.mailfrom=3l4GwZwkbAKASYZKALLERAPPID.GOOGLEUSERCONTENT.COM@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739620760; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references; bh=HEqF9Rnv35V7b/ZktEidU0uHrbWzqMGbHv1UsAi/LY4=; b=4cN0Cpv1LQHuw4r0IHSI9Au2Lggsd3w/m1Zpgp6Nd+rHfJYek2Z9djTm5RBdqw2f+nwj5w iLyAcz9SXwV44/dzRffqWlJ2bLwxiuAnHMlDpJ8rkY1+404TXkMDOwZ3KI2flv3b0tSrPZ 1weMzbRjktWg5c9Nnu1/P7YnSE+k3ks= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none); spf=pass (imf15.hostedemail.com: domain of 3l4GwZwkbAKASYZKALLERAPPID.GOOGLEUSERCONTENT.COM@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.208 as permitted sender) smtp.mailfrom=3l4GwZwkbAKASYZKALLERAPPID.GOOGLEUSERCONTENT.COM@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739620760; a=rsa-sha256; cv=none; b=CIF4IvCReHBjzG4oMOc9MJT5jRZ2oNYLjLA1MZXJ/SFuvBRwos36vSaEfrpHLgV4nrweEw ns5Fgvlrc463So8UMbjXEI3j5wfXjvJlwvdWQoOmIYRXRopjeu3vPaYvP/uW4ZcoK7gwWD llc8VcSs3ifyza5WcXJ//JSdGy+/maw= Received: by mail-il1-f208.google.com with SMTP id e9e14a558f8ab-3d18700311dso20361095ab.0 for ; Sat, 15 Feb 2025 03:59:19 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739620759; x=1740225559; h=to:from:subject:message-id:in-reply-to:date:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=HEqF9Rnv35V7b/ZktEidU0uHrbWzqMGbHv1UsAi/LY4=; b=Qn4r/R9ZmX3/hzLEbVXiWnbDrUcZ5BE7qQ6KXwD83EsC6xzv2Dpdt4YnZFczKXcpmY Zz4uKEztIA8GcZez8nHwoslMwG5YGX8f9hDzEZ0a56kyyZ/TATzFbIhE3MlwXTwWLbpK Ww1tvQi1yvqpnRy0QmwmxvYA+paFS6Ze0qJDykfbbYGHoRvWWkQuguqIh1o8+ph3Pc8R T1+34rGavXBqU+maWYawwSRsu75Hgiwgc9IKLWw0QeTDv6+L7UpjqjwamsvKjE8JIl+A 7HQr9OAIZHC46TZ6Z5yvFCztym32bZz7/EOshNmvHi/MHlrjLJWDpvIOA4BrAMdmRtRL /Peg== X-Forwarded-Encrypted: i=1; AJvYcCU+PR3fkjfG0qE3OR9kbChCk7C57zl4A8TUVBWNM/UtDGxd7XJ+WAb3fBZ+r/IfyoQdl1YZSLErpg==@kvack.org X-Gm-Message-State: AOJu0YzrEzJD1DBOY0Jlp1fukeCg02Dh3mF9lk54pKSpJZjknpOQ5yFT 4TtnDz19gHQ3YiDKAlPb3XdKA5otWI9RhD33GX9xL0OgwtdkvGdyKxp6Sw8OeVhULQ9wzWhQ9KE QCGo3L0uY5OM7CkaOemOouB/B8m313nBr6lVzGTZJXsEuMvHiUGlHEGo= X-Google-Smtp-Source: AGHT+IFZheIveKLyGgDKIJIEP68U47rNgLUeluZuVvNUXC6l6zWEC3koLzK3Wy1ZEgpxGuDHni5VQ+UPmFWedFUlFSYOaYRnVEIG MIME-Version: 1.0 X-Received: by 2002:a05:6e02:2610:b0:3d1:78f1:8a86 with SMTP id e9e14a558f8ab-3d2809471f1mr22898045ab.15.1739620759104; Sat, 15 Feb 2025 03:59:19 -0800 (PST) Date: Sat, 15 Feb 2025 03:59:19 -0800 In-Reply-To: <67a4eae3.050a0220.65602.0002.GAE@google.com> X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <67b08197.050a0220.6f0b7.0003.GAE@google.com> Subject: Re: [syzbot] [mm?] [bcachefs?] UBSAN: shift-out-of-bounds in xas_reload From: syzbot To: akpm@linux-foundation.org, hughd@google.com, kent.overstreet@linux.dev, linux-bcachefs@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" X-Rspam-User: X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 00E4FA0002 X-Stat-Signature: zhknbzry8795em91wsubh9uugcu8wg61 X-HE-Tag: 1739620759-477020 X-HE-Meta: U2FsdGVkX1+Fl7awht1pVu4mAdmlxqqGzJGSoX1LJ9w9wSWF5ACeVRQx8AIa7NmjXM6Jo5ei/JOOtJpeerDYd9Zk5mDQ9H7CfK4CUJvTd5sL+toF6JEFioHyTM/wzJv6BNM4Ue0Wz6GGDOPLN0BtYg0QsAqnNuS+D9XuGmpHyd/Y/ZTxPNUZqElOl+b2bgdYj3ueTrtseWj+l7KdJJ+zoJsX6PgkZO3X2m2GVtqrmra2SghWW5KQ36033iaNxZG9Yu04tenTZZQ4Qj/dyqfl+D4yIZVVni/10qYOVNGFHDSt8MDTeLgbgWfy6xV0PgJBk3NN+QQYizwIsfinGAJrXBzViLpb/y4RatBK/CqVxcKjyJgWGRjp22+F+42IQDkIGnKSQWIEkNRQwOM48kJSSYkQhy82dDIt4jPZA+5Fcg546w+f+caFtMhn33qBEHrPHNvYg+ISJazquPl66j7p8gHaoKo7EfV/RPDKkVXWk0+aeAtoOUHX9ohfGSB6OZinxXhYbLtOZd7teSTCwPgwJZe+mmdWLoBHLJ22pLrSWUP13o73fCB3a119Jj69nTGqQaM/W4XqluHavXC0EEP2a+Xrh6RsHPIpby/6e1XjdBglgN7Vu3uQF1C0zsDlJgTtOopr4Xg+nXyjRq+QAwMvYSO50xJQrIyl23/SpQFC4wD3v+tlZyZFbuDEhfJLWhi/QMqxNtb4s+/AyNRlKgIrkHFriaYTCKHLrKhOXfvk3X2MBYhOfkr9fJi80HsECr3jk5q8RNQJdjWOYBn7I0fVbPeZ0RS96rla47LsaviP2aaRD3Q1qaES0zLfmJAPzVoNCb85LtLKfsyKENc8hG+yJljcQhlfp3IgJuIsnhrDR6S9nVwsXb2YjXeUBPsLaMX8+3zsVtvOA6i03iyM+DajT5MfJQWIMCM1RR+RqrZMjEpKIPaX23KlIq4njBqJ8gemU09/sL3+3o+LRq3z77V Pjwq4sAp 7oYGzshhh5HDhT9CgspoqxMnnR9z47kp7dTOLmf0On1Vv5AAzC0z/+4rzP/M+PasAliUc1IGfFR55d8lxzOoHh/XOfqlnf338hz3yGNlkch5c6evV2aEIKr4DSUy9qRBLiTXKHNx4bUjHUSogPClwVmAEbupAAnCkzdqgzhL5BFdGlhpoE106WVZhSb5gW4HFnUzxIyICjrGdHuyiNI5KPMx+tm6kWFVq4hxyUSvTtEtyOMwmQ9UU3cl2CP5Tv00lN1Fsj9flsZUoaBEgBJunfayMpoK3kyHiE917o5D24mo8tLCbPElfkv1xo0vn4fhr9KJeTFRPocu/7iAansxCtDkCwJV4Kuz81WP4crB1HopP9P4f8bBFg247SZZFWTf6HjSggNaguXyQjWIUntpdLRP08+yff+xophxwPy1LMpA2u5C3xPnCJSLSeasmZA/eeitWJkbZQrO34pxEbUUmj7wVOFRDZynklFcZGTZn7jRiV14dq2rXsfv4nxBjQjOsT8p+7vkQIevi7Wt5mtzGP6n0CFf+zqGaHtxMhFdYrl8N+u4KzfSdwHn7rKT364E46e3xqRlGyJs8c4MpPFeNltCUZY2X9pBZpf6u7wDsqeqmQQz44InqlXAxZ1fcUm+I+xb+/rXVf1igbvRQo6SvXmS1GlCa29DYqaG0EzcU4QhekbULxrknuw1Lm9bBLzFEygb6ut13sldYxxT1r0sHaRGWfY5Bygzi6ay3cauaRF19TEmfBiH9ehbWZgWZzU9yV0Ks68v4fGnZbLksCA7Y3o+c68GWlAi4i7mlutI+UBsJ7aNr3CaCc6BinRvAgFJj4Wal0UaPP/3gkPfS89dX0NC879FOdpajMs1rq3zqqWOUJX876cMIFYzkMmnQFzwcruTwrR5I0LI5FayXtiaY2bFci1Jqzqoo6st8dsWK5LrqrBJwfPHKEh9EB2OTWd8d0Xhf9FxRLpchXqhgBaIQll9IU0c3 g+7RlauR JIN8hvkI8T8OUFmKnObQZYFEdOhRjnFnw55PV7EraCndrpiUp7G4sj4dRHGxG0J+IOjRBHpf9aEqsPHs5fTxx+fdx9L27jRpr8A5X41AicrfoJlTfSsvJqF0hhB1r3Zu9xoTOt4qV1G8D3/KWcJhC47hefUDtAbDih7O4C6w5y3nqXKMQvDzTcVZjKGypeYkYp7XrNo9HHM1KxjQ1rGvqq9uyhvoGBkH X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: syzbot has found a reproducer for the following issue on: HEAD commit: 04f41cbf03ec Merge tag 'sched_ext-for-6.14-rc2-fixes' of g.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=16c799a4580000 kernel config: https://syzkaller.appspot.com/x/.config?x=c776e555cfbdb82d dashboard link: https://syzkaller.appspot.com/bug?extid=8ae0902c29b15a27a4ee compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15b8e098580000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14ece7df980000 Downloadable assets: disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/7feb34a89c2a/non_bootable_disk-04f41cbf.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/04aaec67f85e/vmlinux-04f41cbf.xz kernel image: https://storage.googleapis.com/syzbot-assets/0b8db5fac3a6/bzImage-04f41cbf.xz mounted in repro: https://storage.googleapis.com/syzbot-assets/84576e830d0a/mount_0.gz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+8ae0902c29b15a27a4ee@syzkaller.appspotmail.com UBSAN: shift-out-of-bounds in ./include/linux/xarray.h:1604:27 shift exponent 128 is too large for 64-bit type 'unsigned long' CPU: 0 UID: 0 PID: 5383 Comm: syz-executor156 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 ubsan_epilogue lib/ubsan.c:231 [inline] __ubsan_handle_shift_out_of_bounds+0x3c8/0x420 lib/ubsan.c:468 xas_reload+0x434/0x470 include/linux/xarray.h:1604 find_get_entry mm/filemap.c:2032 [inline] find_lock_entries+0x2d4/0xbb0 mm/filemap.c:2119 shmem_undo_range+0x2d4/0x1820 mm/shmem.c:1094 shmem_truncate_range mm/shmem.c:1224 [inline] shmem_evict_inode+0x29b/0xa80 mm/shmem.c:1352 evict+0x4e8/0x9a0 fs/inode.c:796 __dentry_kill+0x20d/0x630 fs/dcache.c:643 dput+0x19f/0x2b0 fs/dcache.c:885 __fput+0x60b/0x9f0 fs/file_table.c:472 __do_sys_close fs/open.c:1580 [inline] __se_sys_close fs/open.c:1565 [inline] __x64_sys_close+0x7f/0x110 fs/open.c:1565 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f519f1cefca Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 83 83 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 e3 83 02 00 8b 44 24 RSP: 002b:00007f519e977fc0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: ffffffffffffffda RBX: 00007f519e977ff0 RCX: 00007f519f1cefca RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 00007f519f25c480 R08: 0000000000000000 R09: 0000000000005931 R10: 0000000000000000 R11: 0000000000000293 R12: 00007f519f25c48c R13: 00007f519e978030 R14: 0000000000000003 R15: 00007ffe2518a5c8 ---[ end trace ]--- --- If you want syzbot to run the reproducer, reply with: #syz test: git://repo/address.git branch-or-commit-hash If you attach or paste a git patch, syzbot will apply it before testing.