bisecting cause commit starting from 05a59d79793d482f628a31753c671f2e92178a21 building syzkaller on 764067f3e1106ab958069c12c978aac62592f5ef testing commit 05a59d79793d482f628a31753c671f2e92178a21 with gcc (GCC) 10.2.1 20210217 kernel signature: 121fcb66a73ac0ad57d56c478074555611785c354770ead8e663769e35d59998 all runs: crashed: WARNING: ODEBUG bug in ext4_fill_super testing release v5.11 testing commit f40ddce88593482919761f74910f42f4b84c004b with gcc (GCC) 10.2.1 20210217 kernel signature: 3bfbab9f0a8303761ae0d95c8d56f283777f4c3e904a51928b2768ada02d137a all runs: crashed: WARNING: ODEBUG bug in ext4_fill_super testing release v5.10 testing commit 2c85ebc57b3e1817b6ce1a6b703928e113a90442 with gcc (GCC) 10.2.1 20210217 kernel signature: e2b5661c7d7314adf71dacf9480eb6b4b24eb0afc4e008ee717f3b3f34d3c8fe all runs: OK # git bisect start f40ddce88593482919761f74910f42f4b84c004b 2c85ebc57b3e1817b6ce1a6b703928e113a90442 Bisecting: 7761 revisions left to test after this (roughly 13 steps) [538fcf57aaee6ad78a05f52b69a99baa22b33418] Merge branches 'acpi-scan', 'acpi-pnp' and 'acpi-sleep' testing commit 538fcf57aaee6ad78a05f52b69a99baa22b33418 with gcc (GCC) 10.2.1 20210217 kernel signature: 76428d363818c59372d96c76030473fb779d457bc026d0ca4cbfa6d3e068ce5c all runs: OK # git bisect good 538fcf57aaee6ad78a05f52b69a99baa22b33418 Bisecting: 3868 revisions left to test after this (roughly 12 steps) [d64c6f96ba86bd8b97ed8d6762a8c8cc1770d214] Merge tag 'net-5.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit d64c6f96ba86bd8b97ed8d6762a8c8cc1770d214 with gcc (GCC) 10.2.1 20210217 kernel signature: 37242182b28fb030c970a59747b671d013656c94f11093846a66e63d50816fc4 all runs: OK # git bisect good d64c6f96ba86bd8b97ed8d6762a8c8cc1770d214 Bisecting: 1934 revisions left to test after this (roughly 11 steps) [70b6ff35d62050d1573876cc0e1e078acd3e6008] cfg80211/mac80211: fix kernel-doc for SAR APIs testing commit 70b6ff35d62050d1573876cc0e1e078acd3e6008 with gcc (GCC) 10.2.1 20210217 kernel signature: c83abbc33a7184d622dc77341186402604ae3454c22106e52b7f6d0626fb8a37 all runs: OK # git bisect good 70b6ff35d62050d1573876cc0e1e078acd3e6008 Bisecting: 965 revisions left to test after this (roughly 10 steps) [17b6c49da37f5d57d76bf352d32b0ac498e7c133] Merge tag 'x86_urgent_for_v5.11_rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit 17b6c49da37f5d57d76bf352d32b0ac498e7c133 with gcc (GCC) 10.2.1 20210217 kernel signature: 432e4065daf446a567bba4b75e3dfb2d823a602fce6ad174a851afd76c621047 all runs: crashed: WARNING: ODEBUG bug in ext4_fill_super # git bisect bad 17b6c49da37f5d57d76bf352d32b0ac498e7c133 Bisecting: 464 revisions left to test after this (roughly 9 steps) [e8c13a6bc8ebbef7bd099ec1061633d1c9c94d5b] Merge tag 'net-5.11-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit e8c13a6bc8ebbef7bd099ec1061633d1c9c94d5b with gcc (GCC) 10.2.1 20210217 kernel signature: f2fa90021ee45c7c6f646fc64151757134bfbec66dc5a12c0e822fbaffbc324d all runs: OK # git bisect good e8c13a6bc8ebbef7bd099ec1061633d1c9c94d5b Bisecting: 233 revisions left to test after this (roughly 8 steps) [06ee38dc2aab3b5a09feb74128cf7326a490b788] Merge tag 'amd-drm-fixes-5.11-2021-01-21' of https://gitlab.freedesktop.org/agd5f/linux into drm-fixes testing commit 06ee38dc2aab3b5a09feb74128cf7326a490b788 with gcc (GCC) 10.2.1 20210217 kernel signature: 9157170442a0f8372579e7edd840e0a3d28a6e6cd738cd9d2735dee7ce9de373 run #0: crashed: WARNING: ODEBUG bug in ext4_fill_super run #1: crashed: WARNING: ODEBUG bug in ext4_fill_super run #2: crashed: WARNING: ODEBUG bug in ext4_fill_super run #3: crashed: WARNING: ODEBUG bug in ext4_fill_super run #4: crashed: WARNING: ODEBUG bug in ext4_fill_super run #5: crashed: WARNING: ODEBUG bug in ext4_fill_super run #6: crashed: WARNING: ODEBUG bug in ext4_fill_super run #7: crashed: WARNING: ODEBUG bug in ext4_fill_super run #8: crashed: WARNING: ODEBUG bug in ext4_fill_super run #9: OK # git bisect bad 06ee38dc2aab3b5a09feb74128cf7326a490b788 Bisecting: 118 revisions left to test after this (roughly 7 steps) [0bc9bc1d8b2fa0d5a7e2132e89c540099ea63172] Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 testing commit 0bc9bc1d8b2fa0d5a7e2132e89c540099ea63172 with gcc (GCC) 10.2.1 20210217 kernel signature: 3ceb79ab4c019545c9a43f42d5b2352f99586afc160dcec1dc2573fba04a2ff5 all runs: crashed: WARNING: ODEBUG bug in ext4_fill_super # git bisect bad 0bc9bc1d8b2fa0d5a7e2132e89c540099ea63172 Bisecting: 53 revisions left to test after this (roughly 6 steps) [584265dfec70e78ce2085b82ed389f27e06fbca0] Merge branch '04.01-ampere-lite' of git://github.com/skeggsb/linux into topic/nouveau-ampere-modeset testing commit 584265dfec70e78ce2085b82ed389f27e06fbca0 with gcc (GCC) 10.2.1 20210217 kernel signature: e2fffbfb6b1bb3f78abec3e5ad1a9d7e7f2eda66be930ffcae583df87457634b all runs: OK # git bisect good 584265dfec70e78ce2085b82ed389f27e06fbca0 Bisecting: 27 revisions left to test after this (roughly 5 steps) [f288c895622f881324cf71ef9eec3af60ac8a197] Merge tag 'mips_fixes_5.11.1' of git://git.kernel.org/pub/scm/linux/kernel/git/mips/linux testing commit f288c895622f881324cf71ef9eec3af60ac8a197 with gcc (GCC) 10.2.1 20210217 kernel signature: dadceace624ee3980fdf25b95b0a3807468e38953a7da824794f6fc05686b249 all runs: OK # git bisect good f288c895622f881324cf71ef9eec3af60ac8a197 Bisecting: 12 revisions left to test after this (roughly 4 steps) [7cd3c41261889e3ee899cd5b1583178f5fbac55e] Merge tag '5.11-rc3-smb3' of git://git.samba.org/sfrench/cifs-2.6 testing commit 7cd3c41261889e3ee899cd5b1583178f5fbac55e with gcc (GCC) 10.2.1 20210217 kernel signature: b69ce8a299c598a3d049fca3f07b466e8b0e6083d104999f083c902b39da89c1 all runs: OK # git bisect good 7cd3c41261889e3ee899cd5b1583178f5fbac55e Bisecting: 6 revisions left to test after this (roughly 3 steps) [dfd56c2c0c0dbb11be939b804ddc8d5395ab3432] ext4: fix superblock checksum failure when setting password salt testing commit dfd56c2c0c0dbb11be939b804ddc8d5395ab3432 with gcc (GCC) 10.2.1 20210217 kernel signature: 42bfd4100e893379ab4985b8a64a5944a3bf5c28a03a5a989cc132288ebd3641 all runs: crashed: WARNING: ODEBUG bug in ext4_fill_super # git bisect bad dfd56c2c0c0dbb11be939b804ddc8d5395ab3432 Bisecting: 2 revisions left to test after this (roughly 2 steps) [05c2c00f3769abb9e323fcaca70d2de0b48af7ba] ext4: protect superblock modifications with a buffer lock testing commit 05c2c00f3769abb9e323fcaca70d2de0b48af7ba with gcc (GCC) 10.2.1 20210217 kernel signature: 10e2bd04dae5056a7a2067b56141fd43cd9116613407b9f6fbfc51ecc805ec00 all runs: OK # git bisect good 05c2c00f3769abb9e323fcaca70d2de0b48af7ba Bisecting: 0 revisions left to test after this (roughly 1 step) [e92ad03fa53498f12b3f5ecb8822adc3bf815b28] ext4: use sbi instead of EXT4_SB(sb) in ext4_update_super() testing commit e92ad03fa53498f12b3f5ecb8822adc3bf815b28 with gcc (GCC) 10.2.1 20210217 kernel signature: bf522868e974ff9314a827c4628bc0955c378537e8f47bcfd7ad2c66ad303cf4 all runs: crashed: WARNING: ODEBUG bug in ext4_fill_super # git bisect bad e92ad03fa53498f12b3f5ecb8822adc3bf815b28 Bisecting: 0 revisions left to test after this (roughly 0 steps) [2d01ddc86606564fb08c56e3bc93a0693895f710] ext4: save error info to sb through journal if available testing commit 2d01ddc86606564fb08c56e3bc93a0693895f710 with gcc (GCC) 10.2.1 20210217 kernel signature: e4cab06ee315eaa1dcc60ccfd762d4cc3e8ffaea724353f58fe8a6ac346eecf1 all runs: crashed: WARNING: ODEBUG bug in ext4_fill_super # git bisect bad 2d01ddc86606564fb08c56e3bc93a0693895f710 2d01ddc86606564fb08c56e3bc93a0693895f710 is the first bad commit commit 2d01ddc86606564fb08c56e3bc93a0693895f710 Author: Jan Kara Date: Wed Dec 16 11:18:40 2020 +0100 ext4: save error info to sb through journal if available If journalling is still working at the moment we get to writing error information to the superblock we cannot write directly to the superblock as such write could race with journalled update of the superblock and cause journal checksum failures, writing inconsistent information to the journal or other problems. We cannot journal the superblock directly from the error handling functions as we are running in uncertain context and could deadlock so just punt journalled superblock update to a workqueue. Signed-off-by: Jan Kara Link: https://lore.kernel.org/r/20201216101844.22917-5-jack@suse.cz Signed-off-by: Theodore Ts'o fs/ext4/super.c | 101 +++++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 75 insertions(+), 26 deletions(-) culprit signature: e4cab06ee315eaa1dcc60ccfd762d4cc3e8ffaea724353f58fe8a6ac346eecf1 parent signature: 10e2bd04dae5056a7a2067b56141fd43cd9116613407b9f6fbfc51ecc805ec00 revisions tested: 17, total time: 4h1m34.007197888s (build: 1h53m50.029495929s, test: 2h6m15.083171961s) first bad commit: 2d01ddc86606564fb08c56e3bc93a0693895f710 ext4: save error info to sb through journal if available recipients (to): ["adilger.kernel@dilger.ca" "jack@suse.cz" "linux-ext4@vger.kernel.org" "tytso@mit.edu" "tytso@mit.edu"] recipients (cc): ["linux-kernel@vger.kernel.org"] crash: WARNING: ODEBUG bug in ext4_fill_super ------------[ cut here ]------------ ODEBUG: free active (active state 0) object type: timer_list hint: print_daily_error_info+0x0/0x430 fs/ext4/super.c:1334 WARNING: CPU: 1 PID: 20645 at lib/debugobjects.c:505 debug_print_object+0x194/0x2b0 lib/debugobjects.c:505 Modules linked in: CPU: 1 PID: 20645 Comm: syz-executor.1 Not tainted 5.10.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:debug_print_object+0x194/0x2b0 lib/debugobjects.c:505 Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 e3 00 00 00 48 8b 14 dd c0 54 60 8b 4c 89 ee 48 c7 c7 80 ac fe 88 e8 83 45 a6 04 <0f> 0b 83 05 ef 5c 77 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3 RSP: 0018:ffffc9000947f990 EFLAGS: 00010282 RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000 RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffff5200128ff24 RBP: 0000000000000003 R08: 0000000000000001 R09: ffff8880b9f2011b R10: ffffed10173e4023 R11: 0000000000000001 R12: ffffffff88acd4a0 R13: ffffffff88feb200 R14: ffffffff815aa6a0 R15: dffffc0000000000 FS: 00007f1778753700(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000970004 CR3: 0000000011e19000 CR4: 0000000000350ee0 Call Trace: __debug_check_no_obj_freed lib/debugobjects.c:987 [inline] debug_check_no_obj_freed+0x309/0x430 lib/debugobjects.c:1018 slab_free_hook mm/slub.c:1536 [inline] slab_free_freelist_hook+0x107/0x150 mm/slub.c:1577 slab_free mm/slub.c:3142 [inline] kfree+0xdb/0x400 mm/slub.c:4124 ext4_fill_super+0x7bf/0xc000 fs/ext4/super.c:5181 mount_bdev+0x2cb/0x3b0 fs/super.c:1419 legacy_get_tree+0xfe/0x200 fs/fs_context.c:592 vfs_get_tree+0x7f/0x330 fs/super.c:1549 do_new_mount fs/namespace.c:2875 [inline] path_mount+0x7dd/0x1b60 fs/namespace.c:3205 do_mount fs/namespace.c:3218 [inline] __do_sys_mount fs/namespace.c:3426 [inline] __se_sys_mount fs/namespace.c:3403 [inline] __x64_sys_mount+0x1f5/0x260 fs/namespace.c:3403 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x46748a Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f1778752fa8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5