From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-oo1-f70.google.com (mail-oo1-f70.google.com [209.85.161.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4024D364950 for ; Fri, 17 Apr 2026 17:36:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.161.70 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776447366; cv=none; b=KH9ka8nG+iSC/kD5YGHJ0BZjc9ECaybew5z0iweH06T0JfN6sEuIY353EMmmAldG5o4M3q4CW+bmbW/4+9Ae1Cp6jeGrmP9Ys3yvu2H3m6YKfbaGCjgbYlDz76sZDsnDbQuTw2d2mMxXt8sd3ROyVhkFBlIjz3V80dJ6jFLwyoE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776447366; c=relaxed/simple; bh=Pl9BO07Ba9/GJ/gX13JZxiqNfOwoPFlj+J4jakYb+lY=; h=MIME-Version:Date:In-Reply-To:Message-ID:Subject:From:To: Content-Type; b=sdiOCSJ+1Fkw3RYFhiHQ/RqW/YiVIM7jbhyLQ7pOSky5AKAGq+4RYNHM+DNJF87XgwB1m+uH9zbndPL4OULvsgrOicuVRo59SYWe3d15jSiglnsLcTki4qTePa1d+t3VFRM5he92IHOAsZXrTzKElER24t6/cU+7xgw4i0jlh5o= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; arc=none smtp.client-ip=209.85.161.70 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com Received: by mail-oo1-f70.google.com with SMTP id 006d021491bc7-672c40f3873so2158958eaf.2 for ; Fri, 17 Apr 2026 10:36:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776447362; x=1777052162; h=to:from:subject:message-id:in-reply-to:date:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ycCBtB5Jkh8ZlznjtkPxEgUDTjuL162WZxHNNV3lEdk=; b=Thu0WrjJ16UkEtuEL/AhD5FPrnv1mFZ4c/FGNXK6ybJbopuSWpa6xiFv1Zl52mFzrg Mp7eISpDHvPTsQMqQjv1dfinWlh0x/n3NHMEavtELu8SL5pXI4a0ZqAVE07LGjFVz7AC ta3cUM+kDIo+2WEyFALSkK4c7cRRSQcp1onDEHAffsokbNLutwWLbCugkBquQXNVv61A 2AM8/l61jX1K12Zpc7Cn3hz1nEHU06tKMOMwlMd5jm71LTWs98Zv3dEcmyaHhJZoMDvJ D8pv4ZRzsV3ppb9XAoiuBhEB1B0PJhUWLd5CAexV6Ytzav3M9c5h4nWRn1/p0uoUATsn X/Lg== X-Gm-Message-State: AOJu0YzRl1MKBoTqIbEYpiuQPwx/4x12xdpbgaowYDnQt7HzVE9VXpZJ LILmw2Oh6QjqExEAPm3md5pt32pN4YNJW2h+Uk5hzmc1DuGU8rke3MEMHFkqRYkz73CfGh2gWF4 scj8GwgDmoMsgG4QsJ05L+5AUONbJl7hbjPAtLtzuE1ZocClGrTkYUOXQvWw= Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Received: by 2002:a05:6820:1793:b0:693:b272:73e9 with SMTP id 006d021491bc7-69462ee4a7dmr2237248eaf.42.1776447362145; Fri, 17 Apr 2026 10:36:02 -0700 (PDT) Date: Fri, 17 Apr 2026 10:36:02 -0700 In-Reply-To: <177644282959.3787227.1651052329897208294@talencesecurity.com> X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <69e26f82.a00a0220.1bd0ca.0014.GAE@google.com> Subject: Re: [syzbot] [jfs?] UBSAN: shift-out-of-bounds in dbAllocAG (3) From: syzbot To: linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com, tristmd@gmail.com Content-Type: text/plain; charset="UTF-8" Hello, syzbot has tested the proposed patch but the reproducer is still triggering an issue: kernel BUG in jfs_evict_inode ------------[ cut here ]------------ kernel BU[ 188.761535][ T6320] kernel BUG at fs/jfs/inode.c:175! Oops: invalid opcode: 0000 [#1] SMP KASAN PTI CPU: 0 UID: 0 PID: 6320 Comm: syz-executor Not tainted syzkaller #0 PREEMPT_{RT,(full)} Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 RIP: 0010:jfs_evict_inode+0x438/0x440 fs/jfs/inode.c:175 Code: fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 23 2f de fe e9 16 fe ff ff e8 19 cb 78 fe 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 RSP: 0018:ffffc90003df7aa0 EFLAGS: 00010293 RAX: ffffffff834a3207 RBX: ffff8880648c2138 RCX: ffff8880277e0000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 R10: dffffc0000000000 R11: ffffffff834a0e30 R12: dffffc0000000000 R13: dffffc0000000000 R14: ffff8880648c1df0 R15: ffff8880648c2138 FS: 0000555561408500(0000) GS:ffff8881263ef000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055e1be8c2e20 CR3: 0000000030240000 CR4: 00000000003526f0 Call Trace: evict+0x61e/0xb10 fs/inode.c:841 dispose_list fs/inode.c:883 [inline] evict_inodes+0x75a/0x7f0 fs/inode.c:937 generic_shutdown_super+0xaa/0x2d0 fs/super.c:632 kill_block_super+0x44/0x90 fs/super.c:1725 deactivate_locked_super+0xbc/0x130 fs/super.c:476 cleanup_mnt+0x437/0x4d0 fs/namespace.c:1312 task_work_run+0x1d9/0x270 kernel/task_work.c:233 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] __exit_to_user_mode_loop kernel/entry/common.c:67 [inline] exit_to_user_mode_loop+0xed/0x480 kernel/entry/common.c:98 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline] syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:238 [inline] syscall_exit_to_user_mode include/linux/entry-common.h:328 [inline] do_syscall_64+0x33e/0xf80 arch/x86/entry/syscall_64.c:100 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f915143b797 Code: a2 c7 05 fc 6d 23 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 RSP: 002b:00007fffebc513b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 RAX: 0000000000000000 RBX: 00007f91514cd33b RCX: 00007f915143b797 RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffebc51470 RBP: 00007fffebc51470 R08: 00007fffebc52470 R09: 00000000ffffffff R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffebc52500 R13: 00007f91514cd33b R14: 000000000002df84 R15: 00007fffebc52540 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:jfs_evict_inode+0x438/0x440 fs/jfs/inode.c:175 Code: fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 23 2f de fe e9 16 fe ff ff e8 19 cb 78 fe 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 RSP: 0018:ffffc90003df7aa0 EFLAGS: 00010293 RAX: ffffffff834a3207 RBX: ffff8880648c2138 RCX: ffff8880277e0000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 R10: dffffc0000000000 R11: ffffffff834a0e30 R12: dffffc0000000000 R13: dffffc0000000000 R14: ffff8880648c1df0 R15: ffff8880648c2138 FS: 0000555561408500(0000) GS:ffff8881263ef000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055e1be8bbbe0 CR3: 0000000030240000 CR4: 00000000003526f0 Tested on: commit: d730905b Merge tag 'mips_7.1' of git://git.kernel.org/.. git tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master console output: https://syzkaller.appspot.com/x/log.txt?x=138e78ce580000 kernel config: https://syzkaller.appspot.com/x/.config?x=9b37958d01fb80f0 dashboard link: https://syzkaller.appspot.com/bug?extid=4b717071f1eecb2972df compiler: Debian clang version 21.1.8 (++20251221033036+2078da43e25a-1~exp1~20251221153213.50), Debian LLD 21.1.8 patch: https://syzkaller.appspot.com/x/patch.diff?x=1393f036580000