bisecting cause commit starting from b253435746d9a4a701b5f09211b9c14d3370d0da
building syzkaller on d4befee155c308c896933484e16a54b9e3290ee8
testing commit b253435746d9a4a701b5f09211b9c14d3370d0da
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 8d71aea137c1a0e6f84fa7c03added0e19ca7ab04ac80cbb44715c3122f56a25
all runs: crashed: UBSAN: shift-out-of-bounds in ntfs_fill_super
testing release v5.17
testing commit f443e374ae131c168a065ea1748feac6b2e76613
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 1b6ade734b172295fff86ceecd99e6fb5aa49760eef23305c1572d348b57aa03
all runs: crashed: UBSAN: shift-out-of-bounds in ntfs_fill_super
testing release v5.16
testing commit df0cc57e057f18e44dac8e6c18aba47ab53202f9
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: ddad0a13180298f5e3282a0d3aec89b5819b91d368c5fbe91bd7d74ee7abc763
all runs: crashed: UBSAN: shift-out-of-bounds in ntfs_fill_super
testing release v5.15
testing commit 8bb7eca972ad531c9b149c0a51ab43a417385813
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: bb6d90cbc10820da2eccfd39bce7a4f6c80441b571aa24f83b9c598671f7fc08
all runs: crashed: UBSAN: shift-out-of-bounds in ntfs_fill_super
testing release v5.14
testing commit 7d2a07b769330c34b4deabeed939325c77a7ec2f
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 21dc36f3cec264ab8d02689d5c370730ce424114c3e9e097992ee84c832c1e9e
all runs: OK
# git bisect start 8bb7eca972ad531c9b149c0a51ab43a417385813 7d2a07b769330c34b4deabeed939325c77a7ec2f
Bisecting: 6693 revisions left to test after this (roughly 13 steps)
[477f70cd2a67904e04c2c2b9bd0fa2e95222f2f6] Merge tag 'drm-next-2021-08-31-1' of git://anongit.freedesktop.org/drm/drm

testing commit 477f70cd2a67904e04c2c2b9bd0fa2e95222f2f6
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 32ef1b259091ae733f6878f50eba8a451a8837a39f4f57a859126e0eb0978680
all runs: OK
# git bisect good 477f70cd2a67904e04c2c2b9bd0fa2e95222f2f6
Bisecting: 3317 revisions left to test after this (roughly 12 steps)
[626bf91a292e2035af5b9d9cce35c5c138dfe06d] Merge tag 'net-5.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

testing commit 626bf91a292e2035af5b9d9cce35c5c138dfe06d
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 5a8e4855f454111b6bafae2c5c79729991a4711f03f4b4c1f15cd4aff85ef5c9
all runs: crashed: UBSAN: shift-out-of-bounds in ntfs_fill_super
# git bisect bad 626bf91a292e2035af5b9d9cce35c5c138dfe06d
Bisecting: 1702 revisions left to test after this (roughly 11 steps)
[23852bec534a1633dc08f4df88b8493ae99953a9] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma

testing commit 23852bec534a1633dc08f4df88b8493ae99953a9
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 5f15b3c9a74673d8ba85d923647cbca5d0c61df7845bb2c841ea7c8f4b7b1ff0
all runs: OK
# git bisect good 23852bec534a1633dc08f4df88b8493ae99953a9
Bisecting: 869 revisions left to test after this (roughly 10 steps)
[55d1308bdff7341b778e5cf36220616a0dd6ab8f] cdrom: update uniform CD-ROM maintainership in MAINTAINERS file

testing commit 55d1308bdff7341b778e5cf36220616a0dd6ab8f
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: b835ec2d170541a28008add253bde8f271fdbe80b3d47b3489cb94b2c21b0d23
all runs: OK
# git bisect good 55d1308bdff7341b778e5cf36220616a0dd6ab8f
Bisecting: 434 revisions left to test after this (roughly 9 steps)
[3754707bcc3e190e5dadc978d172b61e809cb3bd] Revert "memcg: enable accounting for file lock caches"

testing commit 3754707bcc3e190e5dadc978d172b61e809cb3bd
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 2099e879b83f02b4d872645f0cecef9f70981f8a0e0c91403b8c0d987069fdba
all runs: crashed: UBSAN: shift-out-of-bounds in ntfs_fill_super
# git bisect bad 3754707bcc3e190e5dadc978d172b61e809cb3bd
Bisecting: 200 revisions left to test after this (roughly 8 steps)
[e07af2626643293fa16df655979e7963250abc63] Merge tag 'arc-5.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc

testing commit e07af2626643293fa16df655979e7963250abc63
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 32a1492e8a41b88f7b714053400e2bd434ce3826d15f1bfb5ed0e836a57c3a2b
all runs: crashed: UBSAN: shift-out-of-bounds in ntfs_fill_super
# git bisect bad e07af2626643293fa16df655979e7963250abc63
Bisecting: 109 revisions left to test after this (roughly 7 steps)
[f7464060f7ab9a2424428008f0ee9f1e267e410f] Merge git://github.com/Paragon-Software-Group/linux-ntfs3

testing commit f7464060f7ab9a2424428008f0ee9f1e267e410f
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: eb8c58b2345cbff26a01ef311a42c198489ea40cd5e3c309880008e792eafec2
all runs: crashed: UBSAN: shift-out-of-bounds in ntfs_fill_super
# git bisect bad f7464060f7ab9a2424428008f0ee9f1e267e410f
Bisecting: 77 revisions left to test after this (roughly 6 steps)
[9605f75cf36e0bcc0f4ada07b5be712d30107607] f2fs: should put a page beyond EOF when preparing a write

testing commit 9605f75cf36e0bcc0f4ada07b5be712d30107607
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: e657190d31d2f39e96ff8af2ef97a5c39f85b0b924ce209e80cadc914e810248
run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in stack_depot_save
run #1: crashed: BUG: sleeping function called from invalid context in lock_sock_nested
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
reproducer seems to be flaky
# git bisect bad 9605f75cf36e0bcc0f4ada07b5be712d30107607
Bisecting: 22 revisions left to test after this (roughly 5 steps)
[94afd6d6e5253179c9b891d02081cc8355a11768] f2fs: extent cache: support unaligned extent

testing commit 94afd6d6e5253179c9b891d02081cc8355a11768
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: c3962217476e0b55b259a2d9c9d359ba2ac1be7e93c87ee9aace96ba32011824
all runs: OK
# git bisect good 94afd6d6e5253179c9b891d02081cc8355a11768
Bisecting: 11 revisions left to test after this (roughly 4 steps)
[bbe1da7e34ac5a830163bfdfa09cbe3dadfda3ce] f2fs: compress: do sanity check on cluster

testing commit bbe1da7e34ac5a830163bfdfa09cbe3dadfda3ce
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 6b30c1ac82e97d7c472cf8e7d57865e31525a9f7f8bd952128a7deb526b8311a
run #0: basic kernel testing failed: possible deadlock in fs_reclaim_acquire
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
run #10: OK
run #11: OK
run #12: OK
run #13: OK
run #14: OK
run #15: OK
run #16: OK
run #17: OK
run #18: OK
run #19: OK
# git bisect good bbe1da7e34ac5a830163bfdfa09cbe3dadfda3ce
Bisecting: 5 revisions left to test after this (roughly 3 steps)
[ad126ebddecbf696e0cf214ff56c7b170fa9f0f7] f2fs: fix to account missing .skipped_gc_rwsem

testing commit ad126ebddecbf696e0cf214ff56c7b170fa9f0f7
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 5c366755fa818c1de5160fab2389ea154a88d5679fbeba32afae598a79dc5b34
run #0: basic kernel testing failed: possible deadlock in fs_reclaim_acquire
run #1: basic kernel testing failed: possible deadlock in fs_reclaim_acquire
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
run #10: OK
run #11: OK
run #12: OK
run #13: OK
run #14: OK
run #15: OK
run #16: OK
run #17: OK
run #18: OK
run #19: OK
# git bisect good ad126ebddecbf696e0cf214ff56c7b170fa9f0f7
Bisecting: 2 revisions left to test after this (roughly 2 steps)
[dddd3d65293a52c2c3850c19b1e5115712e534d8] f2fs: guarantee to write dirty data when enabling checkpoint back

testing commit dddd3d65293a52c2c3850c19b1e5115712e534d8
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: e271eda1e9e522070f767f3d1dbd1f233b95ec9a2fb152b651b2aa35c8068817
run #0: crashed: BUG: sleeping function called from invalid context in lock_sock_nested
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
run #10: OK
run #11: OK
run #12: OK
run #13: OK
run #14: OK
run #15: OK
run #16: OK
run #17: OK
run #18: OK
run #19: OK
# git bisect bad dddd3d65293a52c2c3850c19b1e5115712e534d8
Bisecting: 0 revisions left to test after this (roughly 1 step)
[c8dc3047c48540183744f959412d44b08c5435e1] f2fs: fix to unmap pages from userspace process in punch_hole()

testing commit c8dc3047c48540183744f959412d44b08c5435e1
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: ec11f434a03a1deac524982100279a20b251478efe2a53a179a47c9f69269938
run #0: basic kernel testing failed: possible deadlock in fs_reclaim_acquire
run #1: crashed: BUG: sleeping function called from invalid context in lock_sock_nested
run #2: crashed: BUG: sleeping function called from invalid context in lock_sock_nested
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
run #10: OK
run #11: OK
run #12: OK
run #13: OK
run #14: OK
run #15: OK
run #16: OK
run #17: OK
run #18: OK
run #19: OK
# git bisect bad c8dc3047c48540183744f959412d44b08c5435e1
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[adf9ea89c719c1d23794e363f631e376b3ff8cbc] f2fs: fix unexpected ENOENT comes from f2fs_map_blocks()

testing commit adf9ea89c719c1d23794e363f631e376b3ff8cbc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: c19b0b3b05ef098bb4c6be408c678eace06c4286bb23df36263765537beba511
run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in stack_depot_save
run #1: basic kernel testing failed: BUG: sleeping function called from invalid context in stack_depot_save
run #2: crashed: BUG: sleeping function called from invalid context in lock_sock_nested
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
run #10: OK
run #11: OK
run #12: OK
run #13: OK
run #14: OK
run #15: OK
run #16: OK
run #17: OK
run #18: OK
run #19: OK
# git bisect bad adf9ea89c719c1d23794e363f631e376b3ff8cbc
adf9ea89c719c1d23794e363f631e376b3ff8cbc is the first bad commit
commit adf9ea89c719c1d23794e363f631e376b3ff8cbc
Author: Chao Yu <chao@kernel.org>
Date:   Thu Aug 26 10:03:15 2021 +0800

    f2fs: fix unexpected ENOENT comes from f2fs_map_blocks()
    
    In below path, it will return ENOENT if filesystem is shutdown:
    
    - f2fs_map_blocks
     - f2fs_get_dnode_of_data
      - f2fs_get_node_page
       - __get_node_page
        - read_node_page
         - is_sbi_flag_set(sbi, SBI_IS_SHUTDOWN)
           return -ENOENT
     - force return value from ENOENT to 0
    
    It should be fine for read case, since it indicates a hole condition,
    and caller could use .m_next_pgofs to skip the hole and continue the
    lookup.
    
    However it may cause confusing for write case, since leaving a hole
    there, and said nothing was wrong doesn't help.
    
    There is at least one case from dax_iomap_actor() will complain that,
    so fix this in prior to supporting dax in f2fs.
    
    xfstest generic/388 reports below warning:
    
    ubuntu godown: xfstests-induced forced shutdown of /mnt/scratch_f2fs:
    ------------[ cut here ]------------
    WARNING: CPU: 0 PID: 485833 at fs/dax.c:1127 dax_iomap_actor+0x339/0x370
    Call Trace:
     iomap_apply+0x1c4/0x7b0
     ? dax_iomap_rw+0x1c0/0x1c0
     dax_iomap_rw+0xad/0x1c0
     ? dax_iomap_rw+0x1c0/0x1c0
     f2fs_file_write_iter+0x5ab/0x970 [f2fs]
     do_iter_readv_writev+0x273/0x2e0
     do_iter_write+0xab/0x1f0
     vfs_iter_write+0x21/0x40
     iter_file_splice_write+0x287/0x540
     do_splice+0x37c/0xa60
     __x64_sys_splice+0x15f/0x3a0
     do_syscall_64+0x3b/0x90
     entry_SYSCALL_64_after_hwframe+0x44/0xae
    
    ubuntu godown: xfstests-induced forced shutdown of /mnt/scratch_f2fs:
    ------------[ cut here ]------------
    RIP: 0010:dax_iomap_pte_fault.isra.0+0x72e/0x14a0
    Call Trace:
     dax_iomap_fault+0x44/0x70
     f2fs_dax_huge_fault+0x155/0x400 [f2fs]
     f2fs_dax_fault+0x18/0x30 [f2fs]
     __do_fault+0x4e/0x120
     do_fault+0x3cf/0x7a0
     __handle_mm_fault+0xa8c/0xf20
     ? find_held_lock+0x39/0xd0
     handle_mm_fault+0x1b6/0x480
     do_user_addr_fault+0x320/0xcd0
     ? rcu_read_lock_sched_held+0x67/0xc0
     exc_page_fault+0x77/0x3f0
     ? asm_exc_page_fault+0x8/0x30
     asm_exc_page_fault+0x1e/0x30
    
    Fixes: 83a3bfdb5a8a ("f2fs: indicate shutdown f2fs to allow unmount successfully")
    Signed-off-by: Chao Yu <chao@kernel.org>
    Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>

 fs/f2fs/data.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

culprit signature: c19b0b3b05ef098bb4c6be408c678eace06c4286bb23df36263765537beba511
parent  signature: 5c366755fa818c1de5160fab2389ea154a88d5679fbeba32afae598a79dc5b34
Reproducer flagged being flaky
revisions tested: 19, total time: 3h51m1.569759526s (build: 1h55m14.407606629s, test: 1h53m55.738082678s)
first bad commit: adf9ea89c719c1d23794e363f631e376b3ff8cbc f2fs: fix unexpected ENOENT comes from f2fs_map_blocks()
recipients (to): ["chao@kernel.org" "chao@kernel.org" "jaegeuk@kernel.org" "jaegeuk@kernel.org" "linux-f2fs-devel@lists.sourceforge.net"]
recipients (cc): ["linux-kernel@vger.kernel.org"]
crash: BUG: sleeping function called from invalid context in lock_sock_nested
BUG: sleeping function called from invalid context at net/core/sock.c:3100
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 5716, name: syz-executor.0
1 lock held by syz-executor.0/5716:
 #0: ffffffff8c202d40 (hci_sk_list.lock){++++}-{2:2}, at: hci_sock_dev_event+0x374/0x5c0 net/bluetooth/hci_sock.c:763
Preemption disabled at:
[<0000000000000000>] 0x0
CPU: 1 PID: 5716 Comm: syz-executor.0 Not tainted 5.14.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x57/0x7d lib/dump_stack.c:105
 ___might_sleep.cold+0x1f1/0x237 kernel/sched/core.c:9154
 lock_sock_nested+0x1e/0xf0 net/core/sock.c:3100
 lock_sock include/net/sock.h:1610 [inline]
 hci_sock_dev_event+0x3ea/0x5c0 net/bluetooth/hci_sock.c:765
 hci_unregister_dev+0x29b/0xfb0 net/bluetooth/hci_core.c:4033
 vhci_release+0x62/0xd0 drivers/bluetooth/hci_vhci.c:340
 __fput+0x209/0x870 fs/file_table.c:280
 task_work_run+0xc0/0x160 kernel/task_work.c:164
 exit_task_work include/linux/task_work.h:32 [inline]
 do_exit+0x9fe/0x24e0 kernel/exit.c:825
 do_group_exit+0xe7/0x290 kernel/exit.c:922
 __do_sys_exit_group kernel/exit.c:933 [inline]
 __se_sys_exit_group kernel/exit.c:931 [inline]
 __x64_sys_exit_group+0x35/0x40 kernel/exit.c:931
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7fb4530010e9
Code: Unable to access opcode bytes at RIP 0x7fb4530010bf.
RSP: 002b:00007ffeed45fdd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 00007ffeed4605b8 RCX: 00007fb4530010e9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043
RBP: 0000000000000000 R08: 0000000000000025 R09: 00007ffeed4605b8
R10: 0000000000000200 R11: 0000000000000246 R12: 00007fb45305a318
R13: 0000000000000010 R14: 0000000000000000 R15: 0000000000000000

======================================================