bisecting cause commit starting from b3a3cbdec55b090d22a09f75efb7c7d34cb97f25
building syzkaller on 65a7a8540d29e72622fca06522587f7e66539fd3
testing commit b3a3cbdec55b090d22a09f75efb7c7d34cb97f25 with gcc (GCC) 8.1.0
kernel signature: 73a62d84c0740102185e0e590338d08c898ca74031bfaf0536db94adea4c3949
all runs: crashed: UBSAN: shift-out-of-bounds in erofs_fc_fill_super
testing release v5.10
testing commit 2c85ebc57b3e1817b6ce1a6b703928e113a90442 with gcc (GCC) 8.1.0
kernel signature: 395a614079c9030036488f72c030c4708fae86b9aba956ca15d15003efd3a593
all runs: crashed: UBSAN: shift-out-of-bounds in erofs_fc_fill_super
testing release v5.9
testing commit bbf5c979011a099af5dc76498918ed7df445635b with gcc (GCC) 8.1.0
kernel signature: 267e4e72ea6151d6ca484a7d3cc70be89ff7365b860f2a296ca76a677664b0bf
all runs: crashed: UBSAN: shift-out-of-bounds in erofs_fc_fill_super
testing release v5.8
testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.1.0
kernel signature: e1b748eb2406e6b7622d3ac2ddd4d5444e7de9e64fd85ab34f83bf371b1755d5
run #0: crashed: UBSAN: shift-out-of-bounds in erofs_fc_fill_super
run #1: crashed: UBSAN: shift-out-of-bounds in erofs_fc_fill_super
run #2: crashed: UBSAN: shift-out-of-bounds in erofs_fc_fill_super
run #3: crashed: UBSAN: shift-out-of-bounds in erofs_fc_fill_super
run #4: crashed: UBSAN: shift-out-of-bounds in erofs_fc_fill_super
run #5: crashed: UBSAN: shift-out-of-bounds in erofs_fc_fill_super
run #6: crashed: UBSAN: shift-out-of-bounds in erofs_fc_fill_super
run #7: crashed: UBSAN: shift-out-of-bounds in erofs_fc_fill_super
run #8: crashed: UBSAN: shift-out-of-bounds in erofs_fc_fill_super
run #9: boot failed: can't ssh into the instance
testing release v5.7
testing commit 3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162 with gcc (GCC) 8.1.0
kernel signature: 47862bb6707373f5ffcdd61ba6af4294f0c423a6cb2ee4daa5590631048de304
all runs: crashed: UBSAN: shift-out-of-bounds in erofs_fill_super
testing release v5.6
testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.1.0
kernel signature: 61d2f47e590b5f5b9af99913aeee4a183890a5a3a42d33ead5af338d6fce77b0
all runs: crashed: UBSAN: undefined-behaviour in erofs_fill_super
testing release v5.5
testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0
kernel signature: c02e30c85a426c1e8f9c3abeaf54f05a4c728b21f645f4db12a4be37adab4f4f
all runs: crashed: UBSAN: undefined-behaviour in erofs_fill_super
testing release v5.4
testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0
kernel signature: 418d776f3a3a1cc9254eb5d6ca3b32cfdd18be0b9d67b015b468405fb2daecff
all runs: crashed: UBSAN: undefined-behaviour in erofs_fill_super
testing release v5.3
testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0
kernel signature: e249628c1ee34f77f2aa319be282abb58f3d9140778e2d153979f2cd76c9b777
run #0: crashed: UBSAN: undefined-behaviour in erofs_fill_super
run #1: crashed: UBSAN: undefined-behaviour in erofs_fill_super
run #2: crashed: UBSAN: undefined-behaviour in erofs_fill_super
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
reproducer seems to be flaky
testing release v5.2
testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0
kernel signature: a6a68d9583d3a8125b02c95fc9622169e78400904b09f46799b9f3c98b341f31
all runs: OK
# git bisect start 4d856f72c10ecb060868ed10ff1b1453943fc6c8 0ecfebd2b52404ae0c54a878c872bb93363ada36
Bisecting: 7848 revisions left to test after this (roughly 13 steps)
[43c95d3694cc448fdf50bd53b7ff3a5bb4655883] Merge tag 'pinctrl-v5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl

testing commit 43c95d3694cc448fdf50bd53b7ff3a5bb4655883 with gcc (GCC) 8.1.0
kernel signature: 726b3466d490903b8afcb19f34cdf5ad2dbaedcb06f381026b9f861c400e59c1
all runs: OK
# git bisect good 43c95d3694cc448fdf50bd53b7ff3a5bb4655883
Bisecting: 3922 revisions left to test after this (roughly 12 steps)
[0e2a5b5bd9a6aaec85df347dd71432a1d2d10763] Merge branch 'parisc-5.3-2' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux

testing commit 0e2a5b5bd9a6aaec85df347dd71432a1d2d10763 with gcc (GCC) 8.1.0
kernel signature: 76357932e55f5b9dba3a2a0b6f12f82e98725a20cc18060a9b10805dcc1b1d03
all runs: OK
# git bisect good 0e2a5b5bd9a6aaec85df347dd71432a1d2d10763
Bisecting: 1961 revisions left to test after this (roughly 11 steps)
[12a6d2940b5f02b4b9f71ce098e3bb02bc24a9ea] perf record: Fix module size on s390

testing commit 12a6d2940b5f02b4b9f71ce098e3bb02bc24a9ea with gcc (GCC) 8.1.0
kernel signature: 3af4942db809ae915d57759b3b344452007e9d1da955c01f6b683c00c30e1ded
all runs: OK
# git bisect good 12a6d2940b5f02b4b9f71ce098e3bb02bc24a9ea
Bisecting: 984 revisions left to test after this (roughly 10 steps)
[85d8d3b172eb37b23dcdbe9fa7a85e343642bfea] Merge tag 'hyperv-fixes-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux

testing commit 85d8d3b172eb37b23dcdbe9fa7a85e343642bfea with gcc (GCC) 8.1.0
kernel signature: 248f522eb2dd031c1f16f50b97d0305fff660dad84ebd710f1f46ee59a6b5a79
all runs: OK
# git bisect good 85d8d3b172eb37b23dcdbe9fa7a85e343642bfea
Bisecting: 496 revisions left to test after this (roughly 9 steps)
[6525771f58cbc6ab97b5cff9069865cde8283346] Merge tag 'arc-5.3-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc

testing commit 6525771f58cbc6ab97b5cff9069865cde8283346 with gcc (GCC) 8.1.0
kernel signature: e107e8518b1c9d8995e9260c947ba20c8b4097954f5492b7f22173d170f9da2f
all runs: OK
# git bisect good 6525771f58cbc6ab97b5cff9069865cde8283346
Bisecting: 251 revisions left to test after this (roughly 8 steps)
[345464fb760d1b772e891538b498e111c588b692] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

testing commit 345464fb760d1b772e891538b498e111c588b692 with gcc (GCC) 8.1.0
kernel signature: f30bb61fde4c01f7e7d75bb7b396c46eca9a74b25327c39add84442d5efef1e6
all runs: OK
# git bisect good 345464fb760d1b772e891538b498e111c588b692
Bisecting: 126 revisions left to test after this (roughly 7 steps)
[840ce8f8073edb3ff3d2c2c7a6ef211f4176961c] Merge tag 'pinctrl-v5.3-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl

testing commit 840ce8f8073edb3ff3d2c2c7a6ef211f4176961c with gcc (GCC) 8.1.0
kernel signature: e049499f56f567883a41f9de95f971fbca624387eeab6d102e879dfe8097a667
all runs: OK
# git bisect good 840ce8f8073edb3ff3d2c2c7a6ef211f4176961c
Bisecting: 63 revisions left to test after this (roughly 6 steps)
[c3dc1fa72249e4472b90ecef4dbafe25f0f07889] net: hns3: fix spelling mistake "undeflow" -> "underflow"

testing commit c3dc1fa72249e4472b90ecef4dbafe25f0f07889 with gcc (GCC) 8.1.0
kernel signature: 36df9dea186e973a175b473ef073050a364f4386c248af99d13ab97b59e363b6
all runs: OK
# git bisect good c3dc1fa72249e4472b90ecef4dbafe25f0f07889
Bisecting: 30 revisions left to test after this (roughly 5 steps)
[1c4c5e2528af0c803fb1171632074f4070229a75] Merge tag 'mmc-v5.3-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc

testing commit 1c4c5e2528af0c803fb1171632074f4070229a75 with gcc (GCC) 8.1.0
kernel signature: 956ea49440006ff1e1e0b571b2e099f196fb9fef63e34c7587e6517c5ef9bfbb
all runs: OK
# git bisect good 1c4c5e2528af0c803fb1171632074f4070229a75
Bisecting: 14 revisions left to test after this (roughly 4 steps)
[ae3b06ed55b1554e9a91bf959c6b0b5e212e7f4d] Merge branch 'sctp_do_bind-leak'

testing commit ae3b06ed55b1554e9a91bf959c6b0b5e212e7f4d with gcc (GCC) 8.1.0
kernel signature: eb77906604f78ad318403e236416d1ff84840f9534fc6d9f07b0e16671a9c86b
all runs: OK
# git bisect good ae3b06ed55b1554e9a91bf959c6b0b5e212e7f4d
Bisecting: 8 revisions left to test after this (roughly 3 steps)
[a9c20bb0206ae9384bd470a6832dd8913730add9] Merge tag 'kvm-s390-master-5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux into kvm-master

testing commit a9c20bb0206ae9384bd470a6832dd8913730add9 with gcc (GCC) 8.1.0
kernel signature: 20e4e4e2e0866c2f1413b9ef3b79bd2b57c7cae775e33e07110cbf84ebc52aee
all runs: OK
# git bisect good a9c20bb0206ae9384bd470a6832dd8913730add9
Bisecting: 4 revisions left to test after this (roughly 2 steps)
[b03c036e6f96340dd311817c7b964dad183c4141] Merge tag 'riscv/for-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux

testing commit b03c036e6f96340dd311817c7b964dad183c4141 with gcc (GCC) 8.1.0
kernel signature: 32db768746c61a4cbc029b5224c3d75c28dcd2bd8790da28cea4c79fce241bee
all runs: OK
# git bisect good b03c036e6f96340dd311817c7b964dad183c4141
Bisecting: 2 revisions left to test after this (roughly 1 step)
[1f9c632cde0c3d781463a88ce430a8dd4a7c1a0e] Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost

testing commit 1f9c632cde0c3d781463a88ce430a8dd4a7c1a0e with gcc (GCC) 8.1.0
kernel signature: 159c80295c1e1d164ffa919b3d65b2b8ba40595c47615a6e8768bb086b441cfc
all runs: OK
# git bisect good 1f9c632cde0c3d781463a88ce430a8dd4a7c1a0e
Bisecting: 0 revisions left to test after this (roughly 1 step)
[72dbcf72156641fde4d8ea401e977341bfd35a05] Revert "ext4: make __ext4_get_inode_loc plug"

testing commit 72dbcf72156641fde4d8ea401e977341bfd35a05 with gcc (GCC) 8.1.0
kernel signature: 600041348bc1e9677912e2b9ca9c2829c06fede2167e29a7cf37cf3fb67b9a48
all runs: OK
# git bisect good 72dbcf72156641fde4d8ea401e977341bfd35a05
4d856f72c10ecb060868ed10ff1b1453943fc6c8 is the first bad commit
commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date:   Sun Sep 15 14:19:32 2019 -0700

    Linux 5.3

 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

culprit signature: e249628c1ee34f77f2aa319be282abb58f3d9140778e2d153979f2cd76c9b777
parent  signature: 600041348bc1e9677912e2b9ca9c2829c06fede2167e29a7cf37cf3fb67b9a48
Reproducer flagged being flaky
revisions tested: 24, total time: 4h56m57.326433253s (build: 2h5m33.293315789s, test: 2h48m46.138347621s)
first bad commit: 4d856f72c10ecb060868ed10ff1b1453943fc6c8 Linux 5.3
recipients (to): ["linux-kbuild@vger.kernel.org" "michal.lkml@markovi.net" "torvalds@linux-foundation.org" "yamada.masahiro@socionext.com"]
recipients (cc): ["linux-kernel@vger.kernel.org"]
crash: UBSAN: undefined-behaviour in erofs_fill_super
erofs: read_super, device -> /dev/loop4
erofs: options -> 
================================================================================
UBSAN: Undefined behaviour in drivers/staging/erofs/super.c:118:3
shift exponent 59 is too large for 32-bit type 'int'
CPU: 0 PID: 30053 Comm: syz-executor.4 Not tainted 5.3.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x86/0xca lib/dump_stack.c:113
 ubsan_epilogue+0xd/0x3a lib/ubsan.c:158
 __ubsan_handle_shift_out_of_bounds.cold.14+0x21/0x68 lib/ubsan.c:404
 superblock_read drivers/staging/erofs/super.c:118 [inline]
 erofs_read_super drivers/staging/erofs/super.c:393 [inline]
 erofs_fill_super+0x2bb/0x10e0 drivers/staging/erofs/super.c:540
 mount_bdev+0x26f/0x330 fs/super.c:1283
 erofs_mount+0x6a/0x90 drivers/staging/erofs/super.c:553
 legacy_get_tree+0x105/0x200 fs/fs_context.c:661
 vfs_get_tree+0x86/0x3c0 fs/super.c:1413
 do_new_mount fs/namespace.c:2791 [inline]
 do_mount+0x11da/0x1b90 fs/namespace.c:3111
 ksys_mount+0xba/0xe0 fs/namespace.c:3320
 __do_sys_mount fs/namespace.c:3334 [inline]
 __se_sys_mount fs/namespace.c:3331 [inline]
 __x64_sys_mount+0xb9/0x150 fs/namespace.c:3331
 do_syscall_64+0x96/0x450 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x460c6a
Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
RSP: 002b:00007fa25b0a0a78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007fa25b0a0b10 RCX: 0000000000460c6a
RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fa25b0a0ad0
RBP: 00007fa25b0a0ad0 R08: 00007fa25b0a0b10 R09: 0000000020000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020000000
R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040
================================================================================
erofs: blksize 134217728 isn't supported on this platform