ci2 starts bisection 2022-10-25 14:28:16.597803192 +0000 UTC m=+38110.462325421 bisecting cause commit starting from 337a0a0b63f1c30195733eaacf39e4310a592a68 building syzkaller on 456454209820a5cf121a82aff83aa4d47316cf14 ensuring issue is reproducible on original commit 337a0a0b63f1c30195733eaacf39e4310a592a68 testing commit 337a0a0b63f1c30195733eaacf39e4310a592a68 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 234132fafcc506013616f0382b49749f1d61044ccafe572c7b040e822307a287 run #0: basic kernel testing failed: BUG: program execution failed: executor NUM: exit status NUM run #1: crashed: WARNING in cow_file_range_inline run #2: crashed: WARNING in cow_file_range_inline run #3: crashed: WARNING in cow_file_range_inline run #4: crashed: WARNING in cow_file_range_inline run #5: crashed: WARNING in cow_file_range_inline run #6: crashed: WARNING in cow_file_range_inline run #7: crashed: WARNING in cow_file_range_inline run #8: crashed: WARNING in cow_file_range_inline run #9: crashed: WARNING in cow_file_range_inline run #10: crashed: WARNING in cow_file_range_inline run #11: crashed: WARNING in cow_file_range_inline run #12: crashed: WARNING in cow_file_range_inline run #13: crashed: WARNING in cow_file_range_inline run #14: crashed: WARNING in cow_file_range_inline run #15: crashed: WARNING in cow_file_range_inline run #16: crashed: WARNING in cow_file_range_inline run #17: crashed: WARNING in cow_file_range_inline run #18: crashed: WARNING in cow_file_range_inline run #19: crashed: WARNING in cow_file_range_inline testing release v6.0 testing commit 4fe89d07dcc2804c8b562f6c7896a45643d34b2f gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 50aeeb2706521bad2fcc80343f40ec6473074c7ae94786d6212dc61b6d9008fd all runs: crashed: WARNING in cow_file_range_inline testing release v5.19 testing commit 3d7cb6b04c3f3115719235cc6866b10326de34cd gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c17a466709c95f1644a40c28e6c21fa439ff6a6be3c198bcb294f8793921acc5 all runs: crashed: WARNING in cow_file_range_inline testing release v5.18 testing commit 4b0986a3613c92f4ec1bdc7f60ec66fea135991f gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 08ee9dc348f696ec42dc9fbcd49c7215a66c5ce44a5f06622972a21678764e15 all runs: OK # git bisect start 3d7cb6b04c3f3115719235cc6866b10326de34cd 4b0986a3613c92f4ec1bdc7f60ec66fea135991f Bisecting: 8493 revisions left to test after this (roughly 13 steps) [c011dd537ffe47462051930413fed07dbdc80313] Merge tag 'arm-soc-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc testing commit c011dd537ffe47462051930413fed07dbdc80313 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: dac9f35aba06db2e8798ed9237272fd5573edd46afeb2922cd0b32d4cc114603 all runs: crashed: WARNING in cow_file_range_inline # git bisect bad c011dd537ffe47462051930413fed07dbdc80313 Bisecting: 2961 revisions left to test after this (roughly 12 steps) [7e062cda7d90543ac8c7700fc7c5527d0c0f22ad] Merge tag 'net-next-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next testing commit 7e062cda7d90543ac8c7700fc7c5527d0c0f22ad gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: deb9c6e14961e6fc7fae850fd5335f191d3acd4fe3eb6971a6f6ad88620fc361 all runs: crashed: WARNING in cow_file_range_inline # git bisect bad 7e062cda7d90543ac8c7700fc7c5527d0c0f22ad Bisecting: 2538 revisions left to test after this (roughly 11 steps) [3842007b1a33589d57f67eac479b132b77767514] Merge tag 'zonefs-5.19-rc1-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs testing commit 3842007b1a33589d57f67eac479b132b77767514 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a83a2d3d170975bded1c8685e7ba74637b728d95a0eba98090ee84d617671cef all runs: OK # git bisect good 3842007b1a33589d57f67eac479b132b77767514 Bisecting: 1271 revisions left to test after this (roughly 10 steps) [53a332f222c015cb82349fd4f6b58cb14f574e8d] Merge branch 'net-phy-add-comments-for-lan8742-phy-support' testing commit 53a332f222c015cb82349fd4f6b58cb14f574e8d gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 29a8e8cc82ea201fa4edd43c15d832e98559835b4a8a230a5c0dd0887009f1e7 all runs: OK # git bisect good 53a332f222c015cb82349fd4f6b58cb14f574e8d Bisecting: 579 revisions left to test after this (roughly 9 steps) [1ef0736c0711e2633a59b540931406de626f2836] Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next testing commit 1ef0736c0711e2633a59b540931406de626f2836 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 failed to run ["make" "-j" "32" "ARCH=x86_64" "CC=clang" "bzImage"]: exit status 2 # git bisect skip 1ef0736c0711e2633a59b540931406de626f2836 Bisecting: 579 revisions left to test after this (roughly 9 steps) [0e05744beda4ae2d65100ed217e4bd50130b4078] net: ethernet: mtk_eth_soc: rely on txd_size in mtk_tx_alloc/mtk_tx_clean testing commit 0e05744beda4ae2d65100ed217e4bd50130b4078 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f9be0aa7ebfe3a399b8511548b4d344068685dad83d14d78f2e51519f12ad53a all runs: OK # git bisect good 0e05744beda4ae2d65100ed217e4bd50130b4078 Bisecting: 378 revisions left to test after this (roughly 9 steps) [537e62c865dcb9b91d07ed83f8615b71fa0b51bb] Merge tag 'printk-for-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/printk/linux testing commit 537e62c865dcb9b91d07ed83f8615b71fa0b51bb gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: fb0a1031e3bf9198570072c27a3305f11375efe627073c60ff207a0b00935e9b all runs: crashed: WARNING in cow_file_range_inline # git bisect bad 537e62c865dcb9b91d07ed83f8615b71fa0b51bb Bisecting: 182 revisions left to test after this (roughly 8 steps) [fea3043314f30a87ca04fd1219661810600e256f] Merge tag 'ext4_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 testing commit fea3043314f30a87ca04fd1219661810600e256f gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 2078d9c15b2630fb12278cc000ec4ce00e9838e297a867c32cd53aee46907f14 all runs: crashed: WARNING in cow_file_range_inline # git bisect bad fea3043314f30a87ca04fd1219661810600e256f Bisecting: 103 revisions left to test after this (roughly 7 steps) [7aab8b32825eecd36ce8eef72dffd331724185da] btrfs: move btrfs_readpage to extent_io.c testing commit 7aab8b32825eecd36ce8eef72dffd331724185da gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 479455c174156138b5b2d645538685a3865d3ee7f69e1726f85356050a693a0e all runs: crashed: WARNING in cow_file_range_inline # git bisect bad 7aab8b32825eecd36ce8eef72dffd331724185da Bisecting: 51 revisions left to test after this (roughly 6 steps) [59094403444089343dd21ac32b30a936518b7e1a] btrfs: avoid blocking nowait dio when locking file range testing commit 59094403444089343dd21ac32b30a936518b7e1a gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: aff3c49e4c2e45e910b6e4914be2467f155c2a560db176043c2bddf244a35e3b all runs: crashed: WARNING in cow_file_range_inline # git bisect bad 59094403444089343dd21ac32b30a936518b7e1a Bisecting: 24 revisions left to test after this (roughly 5 steps) [18f80f1fa4d41af09fc2739bb15d6a98a6feed2f] btrfs: use btrfs_for_each_slot in can_rmdir testing commit 18f80f1fa4d41af09fc2739bb15d6a98a6feed2f gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: b8f2e26867edba57cab8f1c15166ab11244a3bed3186c9bc47cc6b7c170468e2 all runs: OK # git bisect good 18f80f1fa4d41af09fc2739bb15d6a98a6feed2f Bisecting: 12 revisions left to test after this (roughly 4 steps) [3538d68dbd97a2f5599bf39aeee47f027417fc39] btrfs: reserve correct number of items for inode creation testing commit 3538d68dbd97a2f5599bf39aeee47f027417fc39 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5d24f338de499352374ae3cc1288bd854572fd1d133d112da9c0d6c6c45a03e4 all runs: OK # git bisect good 3538d68dbd97a2f5599bf39aeee47f027417fc39 Bisecting: 5 revisions left to test after this (roughly 3 steps) [bd6526d0df0f6be6426118f5f67f24273377a567] btrfs: lock the inode first before flushing range when punching hole testing commit bd6526d0df0f6be6426118f5f67f24273377a567 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 0ec08f4b453413d33ae43d129456c8dadc196e43d340861e455418703ecce829 all runs: crashed: WARNING in cow_file_range_inline # git bisect bad bd6526d0df0f6be6426118f5f67f24273377a567 Bisecting: 3 revisions left to test after this (roughly 2 steps) [47e1d1c7bb35ccf1d327ddcfaf59b268c8770159] btrfs: only reserve the needed data space amount during fallocate testing commit 47e1d1c7bb35ccf1d327ddcfaf59b268c8770159 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f9f4eb9fd4142e204d64e704d08cf0363da3b7f9893149bccfaa85ae20744b70 all runs: crashed: WARNING in cow_file_range_inline # git bisect bad 47e1d1c7bb35ccf1d327ddcfaf59b268c8770159 Bisecting: 0 revisions left to test after this (roughly 1 step) [6c3636ebe39270b85ba8ad75435be4f563d9b1b7] btrfs: restore inode creation before xattr setting testing commit 6c3636ebe39270b85ba8ad75435be4f563d9b1b7 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 54ffb7c997d33bf1447a7c587d0f3898c20dd9e9bebc37081390f47295b1c971 all runs: crashed: WARNING in cow_file_range_inline # git bisect bad 6c3636ebe39270b85ba8ad75435be4f563d9b1b7 Bisecting: 0 revisions left to test after this (roughly 0 steps) [caae78e032343df525b8d05c58b462827f10b2a3] btrfs: move common inode creation code into btrfs_create_new_inode() testing commit caae78e032343df525b8d05c58b462827f10b2a3 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a71dc522ab774d4ff88925faf100e0a7de449a684ec9089a7bb38682337cb0d5 run #0: basic kernel testing failed: BUG: program execution failed: executor NUM: exit status NUM run #1: crashed: WARNING in cow_file_range_inline run #2: crashed: WARNING in cow_file_range_inline run #3: crashed: WARNING in cow_file_range_inline run #4: crashed: WARNING in cow_file_range_inline run #5: crashed: WARNING in cow_file_range_inline run #6: crashed: WARNING in cow_file_range_inline run #7: crashed: WARNING in cow_file_range_inline run #8: crashed: WARNING in cow_file_range_inline run #9: crashed: WARNING in cow_file_range_inline # git bisect bad caae78e032343df525b8d05c58b462827f10b2a3 caae78e032343df525b8d05c58b462827f10b2a3 is the first bad commit commit caae78e032343df525b8d05c58b462827f10b2a3 Author: Omar Sandoval Date: Mon Mar 14 18:12:35 2022 -0700 btrfs: move common inode creation code into btrfs_create_new_inode() All of our inode creation code paths duplicate the calls to btrfs_init_inode_security() and btrfs_add_link(). Subvolume creation additionally duplicates property inheritance and the call to btrfs_set_inode_index(). Fix this by moving the common code into btrfs_create_new_inode(). This accomplishes a few things at once: 1. It reduces code duplication. 2. It allows us to set up the inode completely before inserting the inode item, removing calls to btrfs_update_inode(). 3. It fixes a leak of an inode on disk in some error cases. For example, in btrfs_create(), if btrfs_new_inode() succeeds, then we have inserted an inode item and its inode ref. However, if something after that fails (e.g., btrfs_init_inode_security()), then we end the transaction and then decrement the link count on the inode. If the transaction is committed and the system crashes before the failed inode is deleted, then we leak that inode on disk. Instead, this refactoring aborts the transaction when we can't recover more gracefully. 4. It exposes various ways that subvolume creation diverges from mkdir in terms of inheriting flags, properties, permissions, and POSIX ACLs, a lot of which appears to be accidental. This patch explicitly does _not_ change the existing non-standard behavior, but it makes those differences more clear in the code and documents them so that we can discuss whether they should be changed. Reviewed-by: Sweet Tea Dorminy Signed-off-by: Omar Sandoval Signed-off-by: David Sterba fs/btrfs/ctree.h | 6 +- fs/btrfs/inode.c | 401 ++++++++++++++++++++++--------------------------------- fs/btrfs/ioctl.c | 45 +------ fs/btrfs/props.c | 40 +----- fs/btrfs/props.h | 4 - 5 files changed, 170 insertions(+), 326 deletions(-) culprit signature: a71dc522ab774d4ff88925faf100e0a7de449a684ec9089a7bb38682337cb0d5 parent signature: 5d24f338de499352374ae3cc1288bd854572fd1d133d112da9c0d6c6c45a03e4 revisions tested: 19, total time: 6h14m55.501719696s (build: 4h14m50.678616017s, test: 1h57m32.587197684s) first bad commit: caae78e032343df525b8d05c58b462827f10b2a3 btrfs: move common inode creation code into btrfs_create_new_inode() recipients (to): ["dsterba@suse.com" "osandov@fb.com" "sweettea-kernel@dorminy.me"] recipients (cc): [] crash: WARNING in cow_file_range_inline R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 R13: 00007ffd6c12f65f R14: 00007fb4959f5300 R15: 0000000000022000 ------------[ cut here ]------------ WARNING: CPU: 0 PID: 5881 at fs/btrfs/inode.c:424 cow_file_range_inline+0x6da/0x810 fs/btrfs/inode.c:424 Modules linked in: CPU: 0 PID: 5881 Comm: syz-executor.0 Not tainted 5.18.0-rc7-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022 RIP: 0010:cow_file_range_inline+0x6da/0x810 fs/btrfs/inode.c:424 Code: 89 ba 9e 01 00 00 e8 af 7f dd 05 8b 44 24 10 48 8b 5c 24 18 e9 71 fd ff ff 48 c7 c7 00 09 b8 89 44 89 e6 31 c0 e8 46 1b 18 fe <0f> 0b 4c 8b 74 24 28 4c 89 f7 48 c7 c6 c0 30 b8 89 ba a8 01 00 00 RSP: 0018:ffffc90004c8ed80 EFLAGS: 00010246 RAX: 16b805a2ac591100 RBX: 1ffff1100e046706 RCX: 0000000000000001 RDX: 0000000000000001 RSI: 0000000000000004 RDI: 0000000000000001 RBP: ffffc90004c8eeb0 R08: dffffc0000000000 R09: ffffed1017384f24 R10: ffffed1017384f24 R11: 1ffff11017384f23 R12: 00000000fffffff4 R13: 1ffff92000991dbc R14: ffff888070233830 R15: 00000000fffffff4 FS: 00007fb4959f5700(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005569a8b0b668 CR3: 0000000072d59000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: cow_file_range+0x3df/0xba0 fs/btrfs/inode.c:1155 btrfs_run_delalloc_range+0x4b2/0x1090 fs/btrfs/inode.c:2027 writepage_delalloc+0x249/0x4f0 fs/btrfs/extent_io.c:3814 __extent_writepage+0x497/0xe90 fs/btrfs/extent_io.c:4109 extent_write_cache_pages+0xabb/0x1290 fs/btrfs/extent_io.c:5059 extent_writepages+0x1c3/0x590 fs/btrfs/extent_io.c:5206 do_writepages+0x33e/0x5c0 mm/page-writeback.c:2352 filemap_fdatawrite_wbc+0xdb/0x130 mm/filemap.c:388 __filemap_fdatawrite_range mm/filemap.c:421 [inline] filemap_fdatawrite_range+0x162/0x1e0 mm/filemap.c:439 btrfs_fdatawrite_range fs/btrfs/file.c:3872 [inline] start_ordered_ops fs/btrfs/file.c:2156 [inline] btrfs_sync_file+0x2c0/0xd30 fs/btrfs/file.c:2232 generic_write_sync include/linux/fs.h:2732 [inline] btrfs_do_write_iter+0x82f/0xcc0 fs/btrfs/file.c:2105 call_write_iter include/linux/fs.h:2050 [inline] new_sync_write fs/read_write.c:504 [inline] vfs_write+0x861/0xb90 fs/read_write.c:591 ksys_write+0x11d/0x200 fs/read_write.c:644 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7fb49488b5f9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fb4959f5168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007fb4949abf80 RCX: 00007fb49488b5f9 RDX: 0000000000000001 RSI: 0000000020003180 RDI: 0000000000000006 RBP: 00007fb4959f51d0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 R13: 00007ffd6c12f65f R14: 00007fb4959f5300 R15: 0000000000022000