ci starts bisection 2023-01-01 17:16:14.96313899 +0000 UTC m=+162653.823767288
bisecting cause commit starting from c76083fac3bae1a87ae3d005b5cb1cbc761e31d5
building syzkaller on ab32d50881df9f96f2af301aadca62ad00b7e099
ensuring issue is reproducible on original commit c76083fac3bae1a87ae3d005b5cb1cbc761e31d5

testing commit c76083fac3bae1a87ae3d005b5cb1cbc761e31d5 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 99cd32c936139d6c52d75e4d515b0d8766eaaa4843be0bc8ba2bb7cb2382fc70
all runs: crashed: KASAN: null-ptr-deref Write in udf_fiiter_add_entry
testing release v6.1
testing commit 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 677fe8b39cc048f7b392adf2d2998b94488b77ba008a25314659472efbd60969
all runs: OK
# git bisect start c76083fac3bae1a87ae3d005b5cb1cbc761e31d5 830b3c68c1fb1e9176028d02ef86f3cf76aa2476
Bisecting: 8330 revisions left to test after this (roughly 13 steps)
[1ca06f1c1acecbe02124f14a37cce347b8c1a90c] Merge tag 'xtensa-20221213' of https://github.com/jcmvbkbc/linux-xtensa

testing commit 1ca06f1c1acecbe02124f14a37cce347b8c1a90c gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 8d1a8efc723ed9d234ca34a907a40fa0a5211258885c2eabbb4c444e940c756c
all runs: OK
# git bisect good 1ca06f1c1acecbe02124f14a37cce347b8c1a90c
Bisecting: 4144 revisions left to test after this (roughly 12 steps)
[ec9187ecea142593c54cf7a73ef2e1a3d517495a] Merge tag 'i2c-for-6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux

testing commit ec9187ecea142593c54cf7a73ef2e1a3d517495a gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 78c8228f431dd3dd2abb726222926f4dbd52cb91d1d57b9a10566695cdb7717c
all runs: OK
# git bisect good ec9187ecea142593c54cf7a73ef2e1a3d517495a
Bisecting: 2078 revisions left to test after this (roughly 11 steps)
[e79041113b19b8c7b8410d862d4a3630debded58] Merge tag 'phy-for-6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/phy/linux-phy

testing commit e79041113b19b8c7b8410d862d4a3630debded58 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: fdaa54ed18e0cc5f04fa71bea3875359f21886d0d435a74481a1da96150e786c
all runs: OK
# git bisect good e79041113b19b8c7b8410d862d4a3630debded58
Bisecting: 1039 revisions left to test after this (roughly 10 steps)
[e9f669ce91edf531dcb427c5b64c900184a07055] Merge branch 'asahi-soc/for-next' of https://github.com/AsahiLinux/linux.git

testing commit e9f669ce91edf531dcb427c5b64c900184a07055 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
failed to run ["make" "-j" "64" "ARCH=x86_64" "bzImage"]: exit status 2
# git bisect skip e9f669ce91edf531dcb427c5b64c900184a07055
Bisecting: 1039 revisions left to test after this (roughly 10 steps)
[f2208f75e17b9ef311d17dd366fe933bb4259b1c] btrfs: directly pass in fs_info to btrfs_merge_delayed_refs

testing commit f2208f75e17b9ef311d17dd366fe933bb4259b1c gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 268b45e126ff5df13e3538d173734b28da93cfb2468a7991e80b7a54bc38e514
all runs: OK
# git bisect good f2208f75e17b9ef311d17dd366fe933bb4259b1c
Bisecting: 1037 revisions left to test after this (roughly 10 steps)
[1d5166f61adc7be62215211814bd0139e144ba67] Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/amlogic/linux.git

testing commit 1d5166f61adc7be62215211814bd0139e144ba67 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 8a7b60b5066612b162888fe6cb6b3b5e61cc9267d2f61a465abda3984fb6aafa
all runs: OK
# git bisect good 1d5166f61adc7be62215211814bd0139e144ba67
Bisecting: 522 revisions left to test after this (roughly 9 steps)
[3d47812ecb29fca14ed2e2e0412f26c6696bfae7] Merge branch 'msm-next-lumag' of https://gitlab.freedesktop.org/lumag/msm.git

testing commit 3d47812ecb29fca14ed2e2e0412f26c6696bfae7 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 151e71dfe1521960baa668d2b7f0788a82655287bbc03e5133a003e2345edd73
all runs: crashed: KASAN: null-ptr-deref Write in udf_fiiter_add_entry
# git bisect bad 3d47812ecb29fca14ed2e2e0412f26c6696bfae7
Bisecting: 253 revisions left to test after this (roughly 8 steps)
[af8c6a334c2c92075d21ac07c64b49b28e6896e5] Merge branch 'for-next' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git

testing commit af8c6a334c2c92075d21ac07c64b49b28e6896e5 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
failed to run ["make" "-j" "64" "ARCH=x86_64" "bzImage"]: exit status 2
# git bisect skip af8c6a334c2c92075d21ac07c64b49b28e6896e5
Bisecting: 253 revisions left to test after this (roughly 8 steps)
[00841e945654c53409a811ab1ddaa934631ac54c] Merge branch 'renesas-arm-dt-for-v6.2' into renesas-next

testing commit 00841e945654c53409a811ab1ddaa934631ac54c gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: e85f9b18bd0e80d8e7199933c98914052bfe9bb599e51762ea4b3484e00f5151
all runs: boot failed: WARNING in __netif_set_xps_queue
# git bisect skip 00841e945654c53409a811ab1ddaa934631ac54c
Bisecting: 253 revisions left to test after this (roughly 8 steps)
[541022feb2d129ccab5441395b53d97f91d74875] Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid.git

testing commit 541022feb2d129ccab5441395b53d97f91d74875 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 4fed881609dffe343db863d99cf24ebc2c3819c55e1639ebc90795ad4905cc33
all runs: crashed: KASAN: null-ptr-deref Write in udf_fiiter_add_entry
# git bisect bad 541022feb2d129ccab5441395b53d97f91d74875
Bisecting: 201 revisions left to test after this (roughly 8 steps)
[f03da087f4df263c42bf584139e04677125f70fa] Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs.git

testing commit f03da087f4df263c42bf584139e04677125f70fa gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 4bb1eec4ddf648bebd70179d72caf20ff062d93a986e1aff9afdbe2a563fe3b0
all runs: OK
# git bisect good f03da087f4df263c42bf584139e04677125f70fa
Bisecting: 113 revisions left to test after this (roughly 7 steps)
[cd351833db03ef37b142e504a2c545008999337d] Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs.git

testing commit cd351833db03ef37b142e504a2c545008999337d gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 6011188236f519bfb7eb8c171789a3967e926a6d9d66ceae7d8e9df96b2bebc8
all runs: crashed: KASAN: null-ptr-deref Write in udf_fiiter_add_entry
# git bisect bad cd351833db03ef37b142e504a2c545008999337d
Bisecting: 54 revisions left to test after this (roughly 6 steps)
[51381600cca5821b6fc3e0c712ba0c8b84d9359f] Merge branch 'linux-next' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6.git

testing commit 51381600cca5821b6fc3e0c712ba0c8b84d9359f gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 2710a77c381438ae7aa446716b7631fa8a8153b098ba8e1df772af8b29481fac
all runs: crashed: KASAN: null-ptr-deref Write in udf_fiiter_add_entry
# git bisect bad 51381600cca5821b6fc3e0c712ba0c8b84d9359f
Bisecting: 16 revisions left to test after this (roughly 4 steps)
[257447dce9775c5cf8a0b0bdd1d71c88f0793c73] udf: Convert udf_link() to new directory iteration code

testing commit 257447dce9775c5cf8a0b0bdd1d71c88f0793c73 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 145966eea9e7f3a8ef9631266a47a12173cdbf0b8ef5ef3249a96d37b478ca9d
all runs: OK
# git bisect good 257447dce9775c5cf8a0b0bdd1d71c88f0793c73
Bisecting: 7 revisions left to test after this (roughly 3 steps)
[6ffcf3bbe82607d1dff6db692001d01566e66994] udf: Move setting of i_lenExtents into udf_do_extend_file()

testing commit 6ffcf3bbe82607d1dff6db692001d01566e66994 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: ab539e91f8f77e144938c52016fa38b7ffe38c63183971e451a9ddfac069f480
all runs: crashed: KASAN: null-ptr-deref Write in udf_fiiter_add_entry
# git bisect bad 6ffcf3bbe82607d1dff6db692001d01566e66994
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[1801b065f86ce64f7d6892a3192eb1851d0ad7b1] udf: Handle error when expanding directory

testing commit 1801b065f86ce64f7d6892a3192eb1851d0ad7b1 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: b1acba6399d7f7e155922af090be7ca28f1fd495d01e7253ade2c9b9294d01a4
all runs: OK
# git bisect good 1801b065f86ce64f7d6892a3192eb1851d0ad7b1
Bisecting: 1 revision left to test after this (roughly 1 step)
[d8b39db5fab811914969ccdc6e90aa6ab554969d] udf: Handle error when adding extent to a file

testing commit d8b39db5fab811914969ccdc6e90aa6ab554969d gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 2d4c5ed51163342d5268f7db162f5bea079afee2ee0c44d774ccedea8d9c36f5
all runs: OK
# git bisect good d8b39db5fab811914969ccdc6e90aa6ab554969d
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[869e9be21b1c67010d215c83c38b32f6cbd080cc] udf: Allocate name buffer in directory iterator on heap

testing commit 869e9be21b1c67010d215c83c38b32f6cbd080cc gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: f2f9e56b60752f493f6e58d2cca367bfe1ba863fb0505fc93aa662eb3f9fbdb9
all runs: crashed: KASAN: null-ptr-deref Write in udf_fiiter_add_entry
# git bisect bad 869e9be21b1c67010d215c83c38b32f6cbd080cc
869e9be21b1c67010d215c83c38b32f6cbd080cc is the first bad commit
commit 869e9be21b1c67010d215c83c38b32f6cbd080cc
Author: Jan Kara <jack@suse.cz>
Date:   Tue Dec 20 12:38:45 2022 +0100

    udf: Allocate name buffer in directory iterator on heap
    
    Currently we allocate name buffer in directory iterators (struct
    udf_fileident_iter) on stack. These structures are relatively large
    (some 360 bytes on 64-bit architectures). For udf_rename() which needs
    to keep three of these structures in parallel the stack usage becomes
    rather heavy - 1536 bytes in total. Allocate the name buffer in the
    iterator from heap to avoid excessive stack usage.
    
    Link: https://lore.kernel.org/all/202212200558.lK9x1KW0-lkp@intel.com
    Reported-by: kernel test robot <lkp@intel.com>
    Signed-off-by: Jan Kara <jack@suse.cz>

 fs/udf/directory.c | 23 +++++++++++++++--------
 fs/udf/udfdecl.h   |  2 +-
 2 files changed, 16 insertions(+), 9 deletions(-)

culprit signature: f2f9e56b60752f493f6e58d2cca367bfe1ba863fb0505fc93aa662eb3f9fbdb9
parent  signature: 2d4c5ed51163342d5268f7db162f5bea079afee2ee0c44d774ccedea8d9c36f5
revisions tested: 18, total time: 5h51m35.068610347s (build: 3h22m39.888238986s, test: 2h23m54.370391607s)
first bad commit: 869e9be21b1c67010d215c83c38b32f6cbd080cc udf: Allocate name buffer in directory iterator on heap
recipients (to): ["jack@suse.com" "jack@suse.cz" "linux-kernel@vger.kernel.org"]
recipients (cc): ["akpm@linux-foundation.org" "gorcunov@gmail.com" "penberg@cs.helsinki.fi"]
crash: KASAN: null-ptr-deref Write in udf_fiiter_add_entry
RBP: 00007f2dd15731d0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
R13: 00007ffc4af596af R14: 00007f2dd1573300 R15: 0000000000022000
 </TASK>
==================================================================
BUG: KASAN: null-ptr-deref in udf_fiiter_add_entry+0x5be/0xe60 fs/udf/namei.c:316
Write of size 4 at addr 0000000000000000 by task syz-executor.0/5629

CPU: 0 PID: 5629 Comm: syz-executor.0 Not tainted 6.1.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x5b/0x81 lib/dump_stack.c:106
 kasan_report+0xbf/0x1f0 mm/kasan/report.c:517
 check_region_inline mm/kasan/generic.c:183 [inline]
 kasan_check_range+0x141/0x190 mm/kasan/generic.c:189
 memcpy+0x3d/0x60 mm/kasan/shadow.c:66
 udf_fiiter_add_entry+0x5be/0xe60 fs/udf/namei.c:316
 udf_add_nondir+0xd2/0x340 fs/udf/namei.c:349
 lookup_open.isra.0+0xca0/0x1460 fs/namei.c:3413
 open_last_lookups fs/namei.c:3481 [inline]
 path_openat+0x795/0x2290 fs/namei.c:3711
 do_filp_open+0x1a9/0x3e0 fs/namei.c:3741
 do_sys_openat2+0x11e/0x3f0 fs/open.c:1310
 do_sys_open fs/open.c:1326 [inline]
 __do_sys_open fs/open.c:1334 [inline]
 __se_sys_open fs/open.c:1330 [inline]
 __x64_sys_open+0x101/0x1a0 fs/open.c:1330
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f2dd088c0a9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f2dd1573168 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00007f2dd09abf80 RCX: 00007f2dd088c0a9
RDX: 0000000000000000 RSI: 0000000000141043 RDI: 00000000200000c0
RBP: 00007f2dd15731d0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
R13: 00007ffc4af596af R14: 00007f2dd1573300 R15: 0000000000022000
 </TASK>
==================================================================