From: syzbot <syzbot+9e90a1c5eedb9dc4c6cc@syzkaller.appspotmail.com>
To: linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [PATCH v3] jfs: UBSAN: shift-out-of-bounds in dbFindBits
Date: Fri, 25 Oct 2024 09:30:29 -0700 [thread overview]
Message-ID: <671bc7a5.050a0220.455e8.0229.GAE@google.com> (raw)
In-Reply-To: <671b3f75.050a0220.2eb763.00d7.GAE@google.com>
For archival purposes, forwarding an incoming command email to
linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com.
***
Subject: [PATCH v3] jfs: UBSAN: shift-out-of-bounds in dbFindBits
Author: zoo868e@gmail.com
The starting bit number of free bits should not be >= 32 as it is
0-indexed.Assert that the number of bits is < 32, or if it is 32, the
input word must be 0.
#syz test
Reported-by: syzbot+9e90a1c5eedb9dc4c6cc@syzkaller.appspotmail.com
Signed-off-by: Matt Jan <zoo868e@gmail.com>
---
Changes in v3: return the result earlier instead of assert
Changes in v2: Test if the patch resolve the issue through syzbot and
reference the reporter.
fs/jfs/jfs_dmap.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/jfs/jfs_dmap.c b/fs/jfs/jfs_dmap.c
index 974ecf5e0d95..346f2617b744 100644
--- a/fs/jfs/jfs_dmap.c
+++ b/fs/jfs/jfs_dmap.c
@@ -3017,6 +3017,9 @@ static int dbFindBits(u32 word, int l2nb)
nb = 1 << l2nb;
assert(nb <= DBWORD);
+ if (nb == DBWORD)
+ return (!!word) << BUDMIN;
+
/* complement the word so we can use a mask (i.e. 0s represent
* free bits) and compute the mask.
*/
--
2.25.1
next prev parent reply other threads:[~2024-10-25 16:30 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-25 6:49 [syzbot] [jfs?] UBSAN: shift-out-of-bounds in dbFindBits (2) syzbot
2024-10-25 15:24 ` [PATCH v2] jfs: UBSAN: shift-out-of-bounds in dbFindBits Matt Jan
2024-10-25 15:39 ` [syzbot] [jfs?] UBSAN: shift-out-of-bounds in dbFindBits (2) syzbot
2024-10-25 16:30 ` syzbot [this message]
2024-10-25 17:00 ` [PATCH v3] jfs: UBSAN: shift-out-of-bounds in dbFindBits Matt Jan
2024-10-25 17:20 ` [syzbot] [jfs?] UBSAN: shift-out-of-bounds in dbFindBits (2) syzbot
2024-10-30 15:15 ` [PATCH v3] jfs: UBSAN: shift-out-of-bounds in dbFindBits Dave Kleikamp
2024-11-01 9:59 ` [PATCH v4] " Matt Jan
2024-11-01 10:20 ` [syzbot] [jfs?] UBSAN: shift-out-of-bounds in dbFindBits (2) syzbot
2024-12-02 20:53 ` [PATCH v4] jfs: UBSAN: shift-out-of-bounds in dbFindBits Dave Kleikamp
2025-09-28 1:00 ` Forwarded: Re: [syzbot] [jfs?] UBSAN: shift-out-of-bounds in dbFindBits (2) syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=671bc7a5.050a0220.455e8.0229.GAE@google.com \
--to=syzbot+9e90a1c5eedb9dc4c6cc@syzkaller.appspotmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.