Re: UBSAN: shift-out-of-bounds in ext4_fill_super

From: Dmitry Vyukov
Date: Thu Dec 10 2020 - 08:58:18 EST

On Thu, Dec 10, 2020 at 9:09 AM Dmitry Vyukov <dvyukov@xxxxxxxxxx> wrote:
>
> On Thu, Dec 10, 2020 at 4:50 AM syzbot
> <syzbot+345b75652b1d24227443@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> >
> > Hello,
> >
> > syzbot tried to test the proposed patch but the build/boot failed:
> >
> > failed to checkout kernel repo git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git on commit e360ba58d067a30a4e3e7d55ebdd919885a058d6: failed to run ["git" "fetch" "--tags" "d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8"]: exit status 1
> > From git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
> > * [new branch] bisect-test-ext4-035 -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/bisect-test-ext4-035
> > * [new branch] bisect-test-generic-307 -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/bisect-test-generic-307
> > * [new branch] dev -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/dev
> > * [new branch] ext4-3.18 -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/ext4-3.18
> > * [new branch] ext4-4.1 -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/ext4-4.1
> > * [new branch] ext4-4.4 -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/ext4-4.4
> > * [new branch] ext4-4.9 -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/ext4-4.9
> > * [new branch] ext4-dax -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/ext4-dax
> > * [new branch] ext4-tools -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/ext4-tools
> > * [new branch] fix-bz-206443 -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/fix-bz-206443
> > * [new branch] for-stable -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/for-stable
> > * [new branch] fsverity -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/fsverity
> > * [new branch] lazy_journal -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/lazy_journal
> > * [new branch] master -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/master
> > * [new branch] origin -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/origin
> > * [new branch] pu -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/pu
> > * [new branch] test -> d06f7b29746c7f0a52f349ff7fbf2a3f22d27cf8/test
> > * [new tag] ext4-for-linus-5.8-rc1-2 -> ext4-for-linus-5.8-rc1-2
> > ! [rejected] ext4_for_linus -> ext4_for_linus (would clobber existing tag)
>
> Interesting. First time I see this. Should syzkaller use 'git fetch
> --tags --force"?...
> StackOverflow suggests it should help:
> https://stackoverflow.com/questions/58031165/how-to-get-rid-of-would-clobber-existing-tag


I've added --force to fetches:
https://github.com/google/syzkaller/commit/9a72bc3440b65a01187ba4277b49d6bd821079cd
and it should be deployed by now. Let's try again:

#syz test git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git
e360ba58d067a30a4e3e7d55ebdd919885a058d6

Attachment: patch
Description: Binary data