From nobody Sat Feb 7 17:55:34 2026 Received: from mail-oo1-f70.google.com (mail-oo1-f70.google.com [209.85.161.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C794333D4E3 for ; Wed, 21 Jan 2026 05:15:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.161.70 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1768972523; cv=none; b=eSK8+19XNOXJdEeM3NFDD3NizKyRvDffSqSIjdpe85nlYo8ImMb7aufHqh0LJathp1aDQtFdiXqBOULp4OerSiPa/kBwjpOJQeypBm6LpMzc9XKsxOYz2H3zf3hRTqtSds6+OjEm2cHv1LzhSSUtUoqWS0dLjMcEZgOE45dgaa0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1768972523; c=relaxed/simple; bh=4jlqdxbHCOSodc+vZxreH2Aah3l1XBIlkapuHnwfvXQ=; h=MIME-Version:Date:In-Reply-To:Message-ID:Subject:From:To: Content-Type; b=q/Z2gmh39cD0wYrC07FhZ36kvvE3sc+rAMnyKHGFK/+UZ1FNh3mkE9174gJ4YJrfiSXennsgEP71LW2S+rA0phGkaJUxgVHuS4PbBzpqFkd5IsYPsiC7cwXjUNaSMElHJ+ovaMK1iBXkQ9eco5B3FoglUrqU4il3F4+0R7fmL6s= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; arc=none smtp.client-ip=209.85.161.70 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com Received: by mail-oo1-f70.google.com with SMTP id 006d021491bc7-66108d1cd11so15976237eaf.2 for ; Tue, 20 Jan 2026 21:15:20 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768972519; x=1769577319; h=to:from:subject:message-id:in-reply-to:date:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=pCw3Pj4hrp/GJU6mlzZsHnLr87XoNEXua/A4W8WA9mo=; b=wf31sSFZso3/cvhIoe/iJzGdSrlNORmFKAPlOW2eKuz58JY+9ZD3s6SdsBiFcT/x1w GFhauDfj4YQjNijysd6oBNj/LBwKwgEDhO+kYFiagB3bHuT/8le0u+F1SQXrSKZaknb+ SUmNCToQEgb0T3Egu256KdH78Olp6JuuQXwQpItaqR/cGbPNlqIrgha7yzxkleH4uFVU GSz4E1NzqvZWFv6CgZhjlegUISBz9Ya2JsGbwsYh7n4CZOXeXyzDyxxCeP00tlhAnFwk /Iu0cudbNDsGRr5bDbJDMFioLuoaC2U3RKK0vVGxpVAbKVD8yEzxnTDxDWF4PdRuk5vd 7KLg== X-Gm-Message-State: AOJu0YwoNHelcCfQpx6DB2xgn9ioztlgNzUyxl1cbYWRW7721L3Lq6J0 XB6jn/CuXGi3eCIh9a1JabqmUthwlhDXke66yi17oV/XvPhvjZXWWMdY0jGWDRBj51goON+n5fh kfPjluwoETBMSYNytQhRQQ+M0X457mMYYVTvwzRbb4II2nhXZYnZW4iN+Sf8= Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Received: by 2002:a05:6820:1786:b0:65f:54c7:3c5f with SMTP id 006d021491bc7-6611796e3bfmr7033546eaf.24.1768972519565; Tue, 20 Jan 2026 21:15:19 -0800 (PST) Date: Tue, 20 Jan 2026 21:15:19 -0800 In-Reply-To: <696ea368.a70a0220.34546f.04b7.GAE@google.com> X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <697060e7.a00a0220.3ad28e.4e2b.GAE@google.com> Subject: Forwarded: [PATCH] hfsplus: add debug printk to show uninitialized values in case_fold From: syzbot To: linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" For archival purposes, forwarding an incoming command email to linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com. *** Subject: [PATCH] hfsplus: add debug printk to show uninitialized values in = case_fold Author: kartikey406@gmail.com #syz test: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git= master This is a debug patch to demonstrate the uninit-value bug reported by syzbot. Added printk in case_fold() to show what uninitialized values are being read from the unicode array and used as array indices. This patch intentionally does NOT include the fix (no initialization of tmp variable) to demonstrate the bug behavior. Link: https://syzkaller.appspot.com/bug?extid=3Dd80abb5b890d39261e72 Signed-off-by: Deepanshu Kartikey --- fs/hfsplus/unicode.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/fs/hfsplus/unicode.c b/fs/hfsplus/unicode.c index d3a142f4518b..418806c27943 100644 --- a/fs/hfsplus/unicode.c +++ b/fs/hfsplus/unicode.c @@ -11,7 +11,6 @@ =20 #include #include - #include =20 #include "hfsplus_fs.h" @@ -22,12 +21,18 @@ static inline u16 case_fold(u16 c) { u16 tmp; - + pr_alert("CASE_FOLD: Input c=3D0x%04x, c>>8=3D0x%02x (this is array index= !)\n", c, c >> 8); tmp =3D hfsplus_case_fold_table[c >> 8]; - if (tmp) + pr_alert("CASE_FOLD: table[0x%02x]=3D0x%04x\n", c >> 8, tmp); + + if (tmp) { + pr_alert("CASE_FOLD: Second lookup: table[0x%04x + 0x%02x]\n",tmp, c & 0= xff); tmp =3D hfsplus_case_fold_table[tmp + (c & 0xff)]; - else + } else { tmp =3D c; + } + pr_alert("CASE_FOLD: Final result=3D0x%04x\n", tmp); + return tmp; } =20 --=20 2.43.0