From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-il1-f200.google.com (mail-il1-f200.google.com [209.85.166.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id E13C41C84DE
	for <linux-kernel@vger.kernel.org>; Wed, 19 Nov 2025 08:13:03 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.200
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1763539985; cv=none; b=ZT5mAnivnodJCx5lf6nkin9/7aw0DaO+OEInzigBNobfn23GkJ3DEhMMX1c48e57ZLPwG4s0ntkdOVuxfhBDpenkhiERmoiqVtXnS1nm22mR1ISiMtNTYhkuXZDaqRlUGjwq/1OumjtXH5N2Hela+mF1XfVpnGCbJ8evMo2YXcQ=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1763539985; c=relaxed/simple;
	bh=zfkVOaB0EIOSRJ61P8cOu1y+DlwGIboDDy+OavjLTqM=;
	h=MIME-Version:Date:In-Reply-To:Message-ID:Subject:From:To:
	 Content-Type; b=aDz4NndIQ9inYevvluunHPmN0kwENlsPxaFJHHqZOb2oUiK0kUY9/dLWwMERqFqbS39Ip54dCsowD1MadIS+KkfpLadX4zBYmSRdlI5xEpnzTZshIGHgti4yVXAVgRkg7+233aSF0Efv8y21XYhRi5BSPlVgbTtRUCOgKQ8dy6Q=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; arc=none smtp.client-ip=209.85.166.200
Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com
Received: by mail-il1-f200.google.com with SMTP id e9e14a558f8ab-433312ee468so6228255ab.1
        for <linux-kernel@vger.kernel.org>; Wed, 19 Nov 2025 00:13:03 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1763539983; x=1764144783;
        h=to:from:subject:message-id:in-reply-to:date:mime-version
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=+Tjihbuf2pp6Cuhbm6qzTk8VEj56zyZmDVKuBBnPDlQ=;
        b=rWJozGIwzDVInL9rZWZBTCyesZ3EUe65mOCashJNP1SrmnO3XLCAPyCgV7UiEVuRrj
         UVqKnvm3fHOqQ5Dkn/br73ToXTdk/wx3SOhVk+j/tLDddfJMO8scHIM/rwue+lWJRw08
         a6IYQpA3gL/94g8YUPpzfznyq0q5Tj2GpF9F7uuFQS8xgtmoao9y/k9NlkJ0WRCxc5Hu
         BNS+tyGk2MHvqDgPSRt548ZJ88j7NbjEUb7t3l0MeeciusS/EmEtO/ljYQl7cpEVu4dS
         XMpyVmjiWq0jEtuASIzj6sDLeWO3JdAygtNBbyQwrWTrsFzZ6sd6o3ofvzZNQQYFxVry
         7s9Q==
X-Forwarded-Encrypted: i=1; AJvYcCVuufJPa8zGyDmo7TELvGuC1AorbuvwceWkw5AFlwItF7qqEFp26uKGmOZcl89YHlHrp9WHLKabzcc3bS4=@vger.kernel.org
X-Gm-Message-State: AOJu0YyuMVnDfxNN+o0/N+KLLUGdoB3Go6RG4fIyPziQZs1UDZsHArxA
	ysxEJRvktMN5bo/WGxnGtoQIgMKok/REB9B+UsbF/hv6vP5pn5Nafe5c+FSLkD3MTr4OISbCQXa
	1C3A5xJgwkQ+q0S3mj8D3aAuiWUXsG7iWYdpJ5ZjS1T5C74Iin334Rb5q7K4=
X-Google-Smtp-Source: AGHT+IGvVYw1VqaFWbJRKCU5Kty8GjyeqXzMBqL/4bH7VupJSmvVsq6nuBmM0pIWWkt+Qw3uOcDHOct+AHXGCTKImpM2SSaX1age
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Received: by 2002:a05:6e02:4507:10b0:433:2823:ef9c with SMTP id
 e9e14a558f8ab-435a000e8c2mr11978735ab.0.1763539983135; Wed, 19 Nov 2025
 00:13:03 -0800 (PST)
Date: Wed, 19 Nov 2025 00:13:03 -0800
In-Reply-To: <CADfthj1-m1WoipkSJmZ=1fe23T_7Bn=_n0iLTBHdUwXF-i7YQA@mail.gmail.com>
X-Google-Appengine-App-Id: s~syzkaller
X-Google-Appengine-App-Id-Alias: syzkaller
Message-ID: <691d7c0f.a70a0220.2ea503.0014.GAE@google.com>
Subject: Re: [syzbot] [ext4?] KASAN: use-after-free Read in ext4_find_extent (4)
From: syzbot <syzbot+ee60e584b5c6bb229126@syzkaller.appspotmail.com>
To: albinbabuvarghese20@gmail.com, linux-kernel@vger.kernel.org, 
	syzkaller-bugs@googlegroups.com
Content-Type: text/plain; charset="UTF-8"

Hello,

syzbot has tested the proposed patch but the reproducer is still triggering an issue:
kernel panic: KASAN: panic_on_warn set ...

>ffff88806ecb8c00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                            ^
 ffff88806ecb8c80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
 ffff88806ecb8d00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
==================================================================
Kernel panic - not syncing: KASAN: panic_on_warn set ...
CPU: 1 UID: 0 PID: 15465 Comm: syz.0.2193 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Call Trace:
 <TASK>
 dump_stack_lvl+0x99/0x250 lib/dump_stack.c:120
 vpanic+0x237/0x6d0 kernel/panic.c:489
 panic+0xb9/0xc0 kernel/panic.c:626
 check_panic_on_warn+0x89/0xb0 kernel/panic.c:376
 end_report+0x78/0x160 mm/kasan/report.c:227
 kasan_report+0x129/0x150 mm/kasan/report.c:597
 ext4_ext_rm_leaf fs/ext4/extents.c:2630 [inline]
 ext4_ext_remove_space+0x3211/0x42f0 fs/ext4/extents.c:2968
 ext4_ext_truncate+0x17e/0x300 fs/ext4/extents.c:4487
 ext4_truncate+0xb4f/0x12e0 fs/ext4/inode.c:4614
 ext4_truncate_failed_write fs/ext4/truncate.h:22 [inline]
 ext4_write_end+0x76e/0x9f0 fs/ext4/inode.c:1486
 ext4_da_write_end+0x84/0xcf0 fs/ext4/inode.c:3277
 generic_perform_write+0x62a/0x900 mm/filemap.c:4275
 ext4_buffered_write_iter+0xce/0x3a0 fs/ext4/file.c:299
 ext4_file_write_iter+0x298/0x1bc0 fs/ext4/file.c:-1
 new_sync_write fs/read_write.c:593 [inline]
 vfs_write+0x5c9/0xb30 fs/read_write.c:686
 ksys_pwrite64 fs/read_write.c:793 [inline]
 __do_sys_pwrite64 fs/read_write.c:801 [inline]
 __se_sys_pwrite64 fs/read_write.c:798 [inline]
 __x64_sys_pwrite64+0x193/0x220 fs/read_write.c:798
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fd18e38e929
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fd18f1a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
RAX: ffffffffffffffda RBX: 00007fd18e5b5fa0 RCX: 00007fd18e38e929
RDX: 000000000000fdef RSI: 0000200000000140 RDI: 0000000000000004
RBP: 00007fd18e410b39 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000e7c R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fd18e5b5fa0 R15: 00007ffe86830148
 </TASK>
Kernel Offset: disabled
Rebooting in 86400 seconds..


Tested on:

commit:         8b690556 Merge tag 'for-linus' of git://git.kernel.org..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1419e97c580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=6e611fe59206f39f
dashboard link: https://syzkaller.appspot.com/bug?extid=ee60e584b5c6bb229126
compiler:       Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
patch:          https://syzkaller.appspot.com/x/patch.diff?x=1144b212580000