bisecting cause commit starting from 89d69c5d0fbcabd8656459bc8b1a476d6f1efee4 building syzkaller on 6a81331a1d4c744da9204d02ec88d558f7eea9c9 testing commit 89d69c5d0fbcabd8656459bc8b1a476d6f1efee4 with gcc (GCC) 10.2.1 20210217 kernel signature: 0177e20ef49f98b910222caf0f2ea6a0aad1f161df24fde97b3ee2524a81b7c9 all runs: crashed: WARNING: suspicious RCU usage in tcp_bpf_update_proto testing release v5.11 testing commit f40ddce88593482919761f74910f42f4b84c004b with gcc (GCC) 10.2.1 20210217 kernel signature: e99cd9f143ce9d9fcac692e506c1f42fd7bad007e669bcc2d658384620d3ab58 all runs: OK # git bisect start 89d69c5d0fbcabd8656459bc8b1a476d6f1efee4 f40ddce88593482919761f74910f42f4b84c004b Bisecting: 6728 revisions left to test after this (roughly 13 steps) [d99676af540c2dc829999928fb81c58c80a1dce4] Merge tag 'drm-next-2021-02-19' of git://anongit.freedesktop.org/drm/drm testing commit d99676af540c2dc829999928fb81c58c80a1dce4 with gcc (GCC) 10.2.1 20210217 kernel signature: 5ad479128f117a1d38bc7ee59edcdb592a5fda3fb52cbc77b71fa4437ceb8a6d all runs: OK # git bisect good d99676af540c2dc829999928fb81c58c80a1dce4 Bisecting: 3406 revisions left to test after this (roughly 12 steps) [69264b4a43aff7307283e2bae29e9305ab6b7d47] sparc: sparc64_defconfig: remove duplicate CONFIGs testing commit 69264b4a43aff7307283e2bae29e9305ab6b7d47 with gcc (GCC) 10.2.1 20210217 kernel signature: a1348bc0a1ba7d642de4d2f1e3f1999988a91b64ec33b19ebc35d81f7b0e1c83 all runs: OK # git bisect good 69264b4a43aff7307283e2bae29e9305ab6b7d47 Bisecting: 1702 revisions left to test after this (roughly 11 steps) [8fb16e80cb467a6edfec8c83117ea9703279d8db] Merge tag 'mlx5-fixes-2021-03-22' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux testing commit 8fb16e80cb467a6edfec8c83117ea9703279d8db with gcc (GCC) 10.2.1 20210217 kernel signature: df3ca16290a1bafa94ff41a54c77cd26c2f81a9d5b80b171afa65c80f4d0cccd run #0: crashed: WARNING in kvm_wait run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK reproducer seems to be flaky # git bisect bad 8fb16e80cb467a6edfec8c83117ea9703279d8db Bisecting: 840 revisions left to test after this (roughly 10 steps) [efba6d3a7c4bb59f0750609fae0f9644d82304b6] Merge tag 'for-5.12/io_uring-2021-02-25' of git://git.kernel.dk/linux-block testing commit efba6d3a7c4bb59f0750609fae0f9644d82304b6 with gcc (GCC) 10.2.1 20210217 kernel signature: 1a604b170a086d46e97c9175dcded5289763abeefdfcce137430855ef3f8aded run #0: crashed: WARNING in kvm_wait run #1: crashed: WARNING in kvm_wait run #2: crashed: WARNING in kvm_wait run #3: crashed: WARNING in kvm_wait run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect bad efba6d3a7c4bb59f0750609fae0f9644d82304b6 Bisecting: 431 revisions left to test after this (roughly 9 steps) [64427985c76fcb54c783de617edf353009499a03] lib: stackdepot: fix ignoring return value warning testing commit 64427985c76fcb54c783de617edf353009499a03 with gcc (GCC) 10.2.1 20210217 kernel signature: 4aa2cafa150ca6620730abc0228a4654a49904cd49e76f649ed77d95713c0882 run #0: crashed: WARNING in kvm_wait run #1: crashed: WARNING in kvm_wait run #2: crashed: WARNING in kvm_wait run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: boot failed: WARNING in kvm_wait run #19: boot failed: WARNING in kvm_wait # git bisect bad 64427985c76fcb54c783de617edf353009499a03 Bisecting: 233 revisions left to test after this (roughly 8 steps) [6c15f9e805f22566d7547551f359aba04b611f9d] Merge tag 'nds32-for-linux-5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/greentime/linux testing commit 6c15f9e805f22566d7547551f359aba04b611f9d with gcc (GCC) 10.2.1 20210217 kernel signature: f695cd9a2e2f72b477796c8604961fe04f0fccecf755e79a0c24796d8db3bfb7 run #0: crashed: WARNING in kvm_wait run #1: crashed: WARNING in kvm_wait run #2: crashed: WARNING in kvm_wait run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: boot failed: WARNING in kvm_wait run #19: boot failed: WARNING in kvm_wait # git bisect bad 6c15f9e805f22566d7547551f359aba04b611f9d Bisecting: 98 revisions left to test after this (roughly 7 steps) [858bdeb046f6dc7a79039d577d03e4d2b39272b7] kasan: add proper page allocator tests testing commit 858bdeb046f6dc7a79039d577d03e4d2b39272b7 with gcc (GCC) 10.2.1 20210217 kernel signature: 83b4cbad1a954df1c9b1e0639da7970bcfcf29dc12c8b5222c9bc6f4f00f1f11 run #0: crashed: WARNING in kvm_wait run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: crashed: WARNING in kvm_wait run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: boot failed: WARNING in kvm_wait # git bisect bad 858bdeb046f6dc7a79039d577d03e4d2b39272b7 Bisecting: 48 revisions left to test after this (roughly 6 steps) [6986c3e2b19505e9b2112fc2e548e9f99fa3021f] mm: backing-dev: Remove duplicated macro definition testing commit 6986c3e2b19505e9b2112fc2e548e9f99fa3021f with gcc (GCC) 10.2.1 20210217 kernel signature: ead23dc0ef1d34490edd691930b35248945d75ae0f2b85ba64a960430c1e3034 run #0: crashed: WARNING in kvm_wait run #1: crashed: WARNING in kvm_wait run #2: crashed: WARNING in kvm_wait run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: boot failed: WARNING in kvm_wait run #19: boot failed: WARNING in kvm_wait # git bisect bad 6986c3e2b19505e9b2112fc2e548e9f99fa3021f Bisecting: 24 revisions left to test after this (roughly 5 steps) [91f5345afbc6b58d79b5c5d0bc915fa83e9d238e] mm/debug: improve memcg debugging testing commit 91f5345afbc6b58d79b5c5d0bc915fa83e9d238e with gcc (GCC) 10.2.1 20210217 kernel signature: 0f6b9075542b2e0a494699f739d78f5b6871ecbf07e4a3a72c6acc42a3b82a2a run #0: crashed: WARNING in kvm_wait run #1: crashed: WARNING in kvm_wait run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: boot failed: WARNING in kvm_wait # git bisect bad 91f5345afbc6b58d79b5c5d0bc915fa83e9d238e Bisecting: 11 revisions left to test after this (roughly 4 steps) [3d742d4b6ebb3348e1d478047cfb18b9b337b8df] fs: delete repeated words in comments testing commit 3d742d4b6ebb3348e1d478047cfb18b9b337b8df with gcc (GCC) 10.2.1 20210217 kernel signature: ea0aecc35e878b8e592c373576a0af904d7d0e11cd56150f99471684275e1dbb run #0: crashed: WARNING in kvm_wait run #1: crashed: WARNING in kvm_wait run #2: crashed: WARNING in kvm_wait run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: boot failed: WARNING in kvm_wait # git bisect bad 3d742d4b6ebb3348e1d478047cfb18b9b337b8df Bisecting: 5 revisions left to test after this (roughly 3 steps) [6bbf29010fa90a7ff22ff14e2875b4e6dea8d576] ntfs: layout.h: delete duplicated words testing commit 6bbf29010fa90a7ff22ff14e2875b4e6dea8d576 with gcc (GCC) 10.2.1 20210217 kernel signature: be993bc3dd435065146dd639098ff9eba8998ad989c94217f11c49bead9191de run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: boot failed: WARNING in kvm_wait # git bisect good 6bbf29010fa90a7ff22ff14e2875b4e6dea8d576 Bisecting: 2 revisions left to test after this (roughly 2 steps) [95e126d650391696f7ba8d318634cc018df10ef9] ocfs2: clean up some definitions which are not used any more testing commit 95e126d650391696f7ba8d318634cc018df10ef9 with gcc (GCC) 10.2.1 20210217 kernel signature: 628dcd0de4c803b5830b8ef9d8d5ec380055c13b07c8581914db163b94df14ff run #0: crashed: WARNING in kvm_wait run #1: crashed: WARNING in kvm_wait run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect bad 95e126d650391696f7ba8d318634cc018df10ef9 Bisecting: 0 revisions left to test after this (roughly 1 step) [6efb59499aff080e6a9f1485ff968918c30c5b0c] ocfs2: remove redundant conditional before iput testing commit 6efb59499aff080e6a9f1485ff968918c30c5b0c with gcc (GCC) 10.2.1 20210217 kernel signature: d154e8060cdecf4a6dae460e5ea8aed84c8831a3a7f8cc9c1f27dd859a1a899b run #0: crashed: WARNING in kvm_wait run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: boot failed: WARNING in kvm_wait # git bisect bad 6efb59499aff080e6a9f1485ff968918c30c5b0c Bisecting: 0 revisions left to test after this (roughly 0 steps) [4dfe6bd94959222e18d512bdf15f6bf9edb9c27c] ntfs: check for valid standard information attribute testing commit 4dfe6bd94959222e18d512bdf15f6bf9edb9c27c with gcc (GCC) 10.2.1 20210217 kernel signature: 39d7e42bc5b0e0a360a1d76f05e5248773d84b3e57bb00a4f0fc02df887bffc2 run #0: crashed: WARNING in kvm_wait run #1: crashed: WARNING in kvm_wait run #2: crashed: WARNING in kvm_wait run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: boot failed: WARNING in kvm_wait run #19: boot failed: WARNING in kvm_wait # git bisect bad 4dfe6bd94959222e18d512bdf15f6bf9edb9c27c 4dfe6bd94959222e18d512bdf15f6bf9edb9c27c is the first bad commit commit 4dfe6bd94959222e18d512bdf15f6bf9edb9c27c Author: Rustam Kovhaev Date: Wed Feb 24 12:00:30 2021 -0800 ntfs: check for valid standard information attribute Mounting a corrupted filesystem with NTFS resulted in a kernel crash. We should check for valid STANDARD_INFORMATION attribute offset and length before trying to access it Link: https://lkml.kernel.org/r/20210217155930.1506815-1-rkovhaev@gmail.com Link: https://syzkaller.appspot.com/bug?extid=c584225dabdea2f71969 Signed-off-by: Rustam Kovhaev Reported-by: syzbot+c584225dabdea2f71969@syzkaller.appspotmail.com Tested-by: syzbot+c584225dabdea2f71969@syzkaller.appspotmail.com Acked-by: Anton Altaparmakov Cc: Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds fs/ntfs/inode.c | 6 ++++++ 1 file changed, 6 insertions(+) culprit signature: 39d7e42bc5b0e0a360a1d76f05e5248773d84b3e57bb00a4f0fc02df887bffc2 parent signature: be993bc3dd435065146dd639098ff9eba8998ad989c94217f11c49bead9191de Reproducer flagged being flaky revisions tested: 16, total time: 4h23m48.741787982s (build: 1h45m18.577589358s, test: 2h36m41.168378845s) first bad commit: 4dfe6bd94959222e18d512bdf15f6bf9edb9c27c ntfs: check for valid standard information attribute recipients (to): ["akpm@linux-foundation.org" "anton@tuxera.com" "rkovhaev@gmail.com" "syzbot+c584225dabdea2f71969@syzkaller.appspotmail.com" "torvalds@linux-foundation.org"] recipients (cc): [] crash: WARNING in kvm_wait ------------[ cut here ]------------ raw_local_irq_restore() called with IRQs enabled WARNING: CPU: 1 PID: 28400 at kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0x1d/0x20 kernel/locking/irqflag-debug.c:10 Modules linked in: CPU: 1 PID: 28400 Comm: systemd-udevd Not tainted 5.11.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:warn_bogus_irq_restore+0x1d/0x20 kernel/locking/irqflag-debug.c:10 Code: 24 48 c7 c7 a0 6d 89 88 e8 9c 91 c1 ff 80 3d 24 7b e7 03 00 74 01 c3 48 c7 c7 c0 e6 8a 88 c6 05 13 7b e7 03 01 e8 91 90 c1 ff <0f> 0b c3 48 39 77 10 0f 84 97 00 00 00 66 f7 47 22 f0 ff 74 4b 48 RSP: 0018:ffffc90009c47820 EFLAGS: 00010286 RAX: 0000000000000000 RBX: ffff88801a8c4dc8 RCX: 0000000000000000 RDX: 0000000000000002 RSI: ffffffff88de22c0 RDI: fffff52001388ef6 RBP: 0000000000000200 R08: 0000000000000001 R09: ffff8880b9f301a7 R10: ffffed10173e6034 R11: 0000000000000001 R12: 0000000000000003 R13: ffffed10035189b9 R14: 0000000000000001 R15: ffff8880b9f35f00 FS: 00007f03432eb8c0(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f92f5276718 CR3: 0000000040ec1000 CR4: 00000000001506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: kvm_wait arch/x86/kernel/kvm.c:860 [inline] kvm_wait+0xc9/0xe0 arch/x86/kernel/kvm.c:837 pv_wait arch/x86/include/asm/paravirt.h:564 [inline] pv_wait_head_or_lock kernel/locking/qspinlock_paravirt.h:470 [inline] __pv_queued_spin_lock_slowpath+0x8b8/0xb40 kernel/locking/qspinlock.c:508 pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:554 [inline] queued_spin_lock_slowpath arch/x86/include/asm/qspinlock.h:51 [inline] queued_spin_lock include/asm-generic/qspinlock.h:85 [inline] do_raw_spin_lock+0x200/0x2b0 kernel/locking/spinlock_debug.c:113 spin_lock include/linux/spinlock.h:354 [inline] lockref_get_not_dead+0xb/0x60 lib/lockref.c:211 __legitimize_path+0x69/0x160 fs/namei.c:667 legitimize_path fs/namei.c:677 [inline] try_to_unlazy+0xd5/0x2b0 fs/namei.c:746 may_lookup fs/namei.c:1653 [inline] link_path_walk.part.0+0x5a0/0x9b0 fs/namei.c:2208 link_path_walk fs/namei.c:2191 [inline] path_openat+0x202/0x22b0 fs/namei.c:3494 do_filp_open+0x16d/0x390 fs/namei.c:3525 do_sys_openat2+0x11e/0x360 fs/open.c:1187 do_sys_open fs/open.c:1203 [inline] __do_sys_open fs/open.c:1211 [inline] __se_sys_open fs/open.c:1207 [inline] __x64_sys_open+0xfd/0x1a0 fs/open.c:1207 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f034215d6f0 Code: 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d 19 30 2c 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 fe 9d 01 00 48 89 04 24 RSP: 002b:00007ffe9afb4ca8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 000055d76b80efe0 RCX: 00007f034215d6f0 RDX: 00000000000001b6 RSI: 0000000000080000 RDI: 00007ffe9afb4e50 RBP: 0000000000000008 R08: 0000000000000008 R09: 0000000000000001 R10: 0000000000080000 R11: 0000000000000246 R12: 000055d76a6ab68a R13: 0000000000000001 R14: 000055d76b80dab0 R15: 00007ffe9afb4ed0