ci2 starts bisection 2024-12-11 19:49:09.666863115 +0000 UTC m=+30247.214312232
bisecting fixing commit since cd94fe67fd3323953016b8193f5be75982da96c8
building syzkaller on 6654cf89a7909afd314ad8abd502bc0dd024112a
ensuring issue is reproducible on original commit cd94fe67fd3323953016b8193f5be75982da96c8

testing commit cd94fe67fd3323953016b8193f5be75982da96c8 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: b587c3a56d92ad86cf14573b23df3c05d539b75c845dc4d9392a8a745695806c
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
run #10: crashed: KASAN: use-after-free Read in ext4_find_extent
run #11: crashed: KASAN: use-after-free Read in ext4_find_extent
run #12: crashed: kernel BUG in ext4_writepages
run #13: crashed: KASAN: use-after-free Read in ext4_find_extent
run #14: crashed: KASAN: use-after-free Read in ext4_find_extent
run #15: crashed: KASAN: use-after-free Read in ext4_find_extent
run #16: crashed: KASAN: use-after-free Read in ext4_find_extent
run #17: crashed: KASAN: use-after-free Read in ext4_find_extent
run #18: crashed: KASAN: use-after-free Read in ext4_find_extent
run #19: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
check whether we can drop unnecessary instrumentation
disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed
testing commit cd94fe67fd3323953016b8193f5be75982da96c8 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 2e1fadc9725f818eb414d56f9763bbefae466a414d860113b49d8bfc2547c3e2
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: invalid opcode in ext4_writepages
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: invalid opcode in ext4_writepages
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
the bug reproduces without the instrumentation
disabling configs for [LEAK UBSAN BUG LOCKDEP ATOMIC_SLEEP HANG], they are not needed
kconfig minimization: base=5179 full=6487 leaves diff=250
split chunks (needed=false): <250>
split chunk #0 of len 250 into 5 parts
testing without sub-chunk 1/5
disabling configs for [HANG LEAK UBSAN BUG LOCKDEP ATOMIC_SLEEP], they are not needed
testing commit cd94fe67fd3323953016b8193f5be75982da96c8 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: cc84288502fc141739856d7378483c7ff1e57c161b70a2cbd4f25ee76170663b
run #0: crashed: go runtime error
run #1: crashed: invalid opcode in ext4_writepages
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: invalid opcode in ext4_writepages
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN UNKNOWN]
the chunk can be dropped
testing without sub-chunk 2/5
disabling configs for [HANG LEAK UBSAN BUG LOCKDEP ATOMIC_SLEEP], they are not needed
testing commit cd94fe67fd3323953016b8193f5be75982da96c8 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: efe5d84355b49cba82b8fc77f79d92742eb50ee67c0f8f0fce9e093667674e2f
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: invalid opcode in ext4_writepages
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: invalid opcode in ext4_writepages
run #8: crashed: KASAN: slab-out-of-bounds Read in ext4_find_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
the chunk can be dropped
testing without sub-chunk 3/5
disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed
testing commit cd94fe67fd3323953016b8193f5be75982da96c8 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 50741fe673845b632d2fb46a686205f6088f592e528fa3108f46ad57f6f0817e
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: invalid opcode in ext4_writepages
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
the chunk can be dropped
testing without sub-chunk 4/5
disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed
testing commit cd94fe67fd3323953016b8193f5be75982da96c8 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: e5991c318f2b65b22235edd1219d4831e47c9d34f90ca85b915a6b8488e8350c
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: invalid opcode in ext4_writepages
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
the chunk can be dropped
testing without sub-chunk 5/5
disabling configs for [HANG LEAK UBSAN BUG LOCKDEP ATOMIC_SLEEP], they are not needed
testing commit cd94fe67fd3323953016b8193f5be75982da96c8 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
failed building cd94fe67fd3323953016b8193f5be75982da96c8: net/socket.c:1225: undefined reference to `wext_handle_ioctl'
net/socket.c:3420: undefined reference to `compat_wext_handle_ioctl'
net/core/net-procfs.c:329: undefined reference to `wext_proc_init'
net/core/net-procfs.c:345: undefined reference to `wext_proc_exit'
minimized to 50 configs; suspects: [HID_ZEROPLUS USB_NET_CDC_MBIM USB_NET_CDC_SUBSET USB_NET_CDC_SUBSET_ENABLE USB_NET_DM9601 USB_NET_GL620A USB_NET_MCS7830 USB_NET_NET1080 USB_NET_PLUSB USB_NET_RNDIS_HOST USB_NET_SMSC75XX USB_NET_SMSC95XX USB_NET_SR9700 USB_NET_SR9800 USB_NET_ZAURUS USB_OHCI_HCD USB_OHCI_HCD_PCI USB_OHCI_HCD_PLATFORM USB_OTG USB_OTG_FSM USB_PRINTER USB_SERIAL_GENERIC USB_SERIAL_PL2303 USB_STORAGE_ALAUDA USB_STORAGE_CYPRESS_ATACB USB_STORAGE_DATAFAB USB_STORAGE_FREECOM USB_STORAGE_ISD200 USB_STORAGE_JUMPSHOT USB_STORAGE_KARMA USB_STORAGE_ONETOUCH USB_STORAGE_SDDR09 USB_STORAGE_SDDR55 USB_STORAGE_USBAT USB_TRANCEVIBRATOR USB_U_AUDIO USB_U_ETHER USB_U_SERIAL USB_WDM WLAN WLAN_VENDOR_ATH WLAN_VENDOR_ATMEL WLAN_VENDOR_BROADCOM WLAN_VENDOR_INTERSIL WLAN_VENDOR_MARVELL WLAN_VENDOR_MEDIATEK WLAN_VENDOR_MICROCHIP WLAN_VENDOR_PURELIFI WLAN_VENDOR_RALINK WLAN_VENDOR_REALTEK WLAN_VENDOR_RSI WLAN_VENDOR_SILABS WLAN_VENDOR_ZYDAS X86_X32_ABI ZEROPLUS_FF]
disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG LOCKDEP], they are not needed
testing current HEAD e318dc4c06a51c7f4daa694f7141a913e2781bef
testing commit e318dc4c06a51c7f4daa694f7141a913e2781bef gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 318e9bf905d4417bd6d290ced58b74f0513bf4911b66fb4153f0f55e79810b68
all runs: OK
false negative chance: 0.000
# git bisect start e318dc4c06a51c7f4daa694f7141a913e2781bef cd94fe67fd3323953016b8193f5be75982da96c8
Bisecting: 8174 revisions left to test after this (roughly 13 steps)
[279f1cc5626156fc344a645cbc3cba2ec8ecba66] drm/bridge: sii902x: Fix audio codec unregistration

determine whether the revision contains the guilty commit
checking the merge base b1644a0031cfb3ca2cbd84c92f771f8ebb62302d
no existing result, test the revision
testing commit b1644a0031cfb3ca2cbd84c92f771f8ebb62302d gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: c7d076bc03aabaee55910b9988fd1ec15de48867ec9d6aabe83dd7d6effa10c7
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
testing commit 279f1cc5626156fc344a645cbc3cba2ec8ecba66 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 236edef5d73b62479e461e35197764555b091de6985296dfbc2b6e10ca602cb4
run #0: crashed: invalid opcode in ext4_writepages
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: invalid opcode in ext4_writepages
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good 279f1cc5626156fc344a645cbc3cba2ec8ecba66
Bisecting: 4089 revisions left to test after this (roughly 12 steps)
[d7c248ca93cf05c588cf6a473503523fd65cd65e] Input: qt1050 - handle CHIP_ID reading error

determine whether the revision contains the guilty commit
revision b1644a0031cfb3ca2cbd84c92f771f8ebb62302d crashed and is reachable
testing commit d7c248ca93cf05c588cf6a473503523fd65cd65e gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: f11d130f0118afcac513524653a82c26aa513acd630b07c3a7c615fc784badbc
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: slab-out-of-bounds Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good d7c248ca93cf05c588cf6a473503523fd65cd65e
Bisecting: 2045 revisions left to test after this (roughly 11 steps)
[11ceb17e6f07cc30410f3a6276cddda248a9b863] clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D

determine whether the revision contains the guilty commit
revision b1644a0031cfb3ca2cbd84c92f771f8ebb62302d crashed and is reachable
testing commit 11ceb17e6f07cc30410f3a6276cddda248a9b863 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 71d42c2c00cd9aad1d91f548dfefe2587dc0c6b23ead72667738d75c2ce49cb4
run #0: ignore: lost connection to test machine
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
false negative chance: 0.000
# git bisect bad 11ceb17e6f07cc30410f3a6276cddda248a9b863
Bisecting: 1021 revisions left to test after this (roughly 10 steps)
[11800db8e31c01f6c060933cd062d79e225b9620] KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE

determine whether the revision contains the guilty commit
revision b1644a0031cfb3ca2cbd84c92f771f8ebb62302d crashed and is reachable
testing commit 11800db8e31c01f6c060933cd062d79e225b9620 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 98f3a2d164406b54489fc997309ae6ba06b37a2b01e8c7995382298c8f7ef6b3
all runs: OK
false negative chance: 0.000
# git bisect bad 11800db8e31c01f6c060933cd062d79e225b9620
Bisecting: 510 revisions left to test after this (roughly 9 steps)
[dc2ab133cf63bbaf214691f075bef40ad129d2c6] drm/i915: Add a function to mmap framebuffer obj

determine whether the revision contains the guilty commit
revision 279f1cc5626156fc344a645cbc3cba2ec8ecba66 crashed and is reachable
testing commit dc2ab133cf63bbaf214691f075bef40ad129d2c6 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 1d9f765930f17b38c50858c81d9ec4b8ba627d89a0665cdc5bc6b03970b9cc1a
run #0: crashed: invalid opcode in ext4_writepages
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: slab-out-of-bounds Read in ext4_find_extent
run #7: crashed: KASAN: slab-out-of-bounds Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good dc2ab133cf63bbaf214691f075bef40ad129d2c6
Bisecting: 255 revisions left to test after this (roughly 8 steps)
[46573864e83ca270bbd10dcedebb4f8726241074] ice: Pull out next_to_clean bump out of ice_put_rx_buf()

determine whether the revision contains the guilty commit
revision b1644a0031cfb3ca2cbd84c92f771f8ebb62302d crashed and is reachable
testing commit 46573864e83ca270bbd10dcedebb4f8726241074 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 1aaee09b973306084d89ed58973e3ec4bc56f7086d98874269294bc6be2c4863
run #0: ignore: lost connection to test machine
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
false negative chance: 0.000
# git bisect bad 46573864e83ca270bbd10dcedebb4f8726241074
Bisecting: 127 revisions left to test after this (roughly 7 steps)
[6e8c5fd9ff7e85dd1b800cd1a1db1f4a7d6438c3] wifi: cw1200: Avoid processing an invalid TIM IE

determine whether the revision contains the guilty commit
revision 279f1cc5626156fc344a645cbc3cba2ec8ecba66 crashed and is reachable
testing commit 6e8c5fd9ff7e85dd1b800cd1a1db1f4a7d6438c3 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 5631e3708ca73e1deb5a0f15fd08cbd0293ba3150d76c7325898da4fa0305c67
all runs: OK
false negative chance: 0.000
# git bisect bad 6e8c5fd9ff7e85dd1b800cd1a1db1f4a7d6438c3
Bisecting: 63 revisions left to test after this (roughly 6 steps)
[1a426b3aa397f3e91e4b249a28391500475ce309] squashfs: squashfs_read_data need to check if the length is 0

determine whether the revision contains the guilty commit
revision 279f1cc5626156fc344a645cbc3cba2ec8ecba66 crashed and is reachable
testing commit 1a426b3aa397f3e91e4b249a28391500475ce309 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 8ab59782b7766a9d57c65908c737c2afb5ae850036e07986afb914b6ea78d8a9
run #0: crashed: invalid opcode in ext4_writepages
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: slab-out-of-bounds Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good 1a426b3aa397f3e91e4b249a28391500475ce309
Bisecting: 31 revisions left to test after this (roughly 5 steps)
[9367bad8dbdb1fdd3f96979d73ca07a6ead2c018] net/mlx5e: Correctly report errors for ethtool rx flows

determine whether the revision contains the guilty commit
revision 1a426b3aa397f3e91e4b249a28391500475ce309 crashed and is reachable
testing commit 9367bad8dbdb1fdd3f96979d73ca07a6ead2c018 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 1dce412ef298c8f2c6feecb7049ee580237ca84f109d447a5a0208897a235a10
all runs: OK
false negative chance: 0.000
# git bisect bad 9367bad8dbdb1fdd3f96979d73ca07a6ead2c018
Bisecting: 15 revisions left to test after this (roughly 4 steps)
[d9a429fec74efed5d1d4bd3aeb0710ca35f2c64f] bpf: Replace bpf_lpm_trie_key 0-length array with flexible array

determine whether the revision contains the guilty commit
revision b1644a0031cfb3ca2cbd84c92f771f8ebb62302d crashed and is reachable
testing commit d9a429fec74efed5d1d4bd3aeb0710ca35f2c64f gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 2dff57b00f9aa817d404ef58652813713c65e7a5efc1c36e985e562b2b83bbad
all runs: OK
false negative chance: 0.000
# git bisect bad d9a429fec74efed5d1d4bd3aeb0710ca35f2c64f
Bisecting: 7 revisions left to test after this (roughly 3 steps)
[d54c019bd90c54f0193ab641f00d99c24f877a52] wifi: mac80211: fix and simplify unencrypted drop check for mesh

determine whether the revision contains the guilty commit
revision 279f1cc5626156fc344a645cbc3cba2ec8ecba66 crashed and is reachable
testing commit d54c019bd90c54f0193ab641f00d99c24f877a52 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 81d6a341836c7f0e15cdd9e20f5bd0a2fbb4d160b296db2c213aef25a8012cf6
all runs: OK
false negative chance: 0.000
# git bisect bad d54c019bd90c54f0193ab641f00d99c24f877a52
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[863ca59e21eb262f78e1dd3f626e6ebe448501a1] quota: Detect loops in quota tree

determine whether the revision contains the guilty commit
revision b1644a0031cfb3ca2cbd84c92f771f8ebb62302d crashed and is reachable
testing commit 863ca59e21eb262f78e1dd3f626e6ebe448501a1 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 3244858456cf74ef8e6a06970d8f12e21e0469fe3f2e4d440d0f70f3dea5e19e
all runs: OK
false negative chance: 0.000
# git bisect bad 863ca59e21eb262f78e1dd3f626e6ebe448501a1
Bisecting: 1 revision left to test after this (roughly 1 step)
[73852fe765f31e51b7d293ba96b5ea6bda429411] reiserfs: fix uninit-value in comp_keys

determine whether the revision contains the guilty commit
revision d7c248ca93cf05c588cf6a473503523fd65cd65e crashed and is reachable
testing commit 73852fe765f31e51b7d293ba96b5ea6bda429411 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: d05bd3ecc324366e16d6369acb3688eaa3d8da0add7ce06a41e4add8b0a0d801
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: invalid opcode in ext4_writepages
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: invalid opcode in ext4_writepages
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: invalid opcode in ext4_writepages
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN UNKNOWN]
# git bisect good 73852fe765f31e51b7d293ba96b5ea6bda429411
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[f2a3618e0f6742d79f47d090d7474f217c9192ba] erofs: avoid debugging output for (de)compressed data

determine whether the revision contains the guilty commit
revision dc2ab133cf63bbaf214691f075bef40ad129d2c6 crashed and is reachable
testing commit f2a3618e0f6742d79f47d090d7474f217c9192ba gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: c21ec4257be2d19b155e686463702855c66854e2fa2b5974446dfb5fb7c419b2
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: invalid opcode in ext4_writepages
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good f2a3618e0f6742d79f47d090d7474f217c9192ba
863ca59e21eb262f78e1dd3f626e6ebe448501a1 is the first bad commit
commit 863ca59e21eb262f78e1dd3f626e6ebe448501a1
Author: Jan Kara <jack@suse.cz>
Date:   Wed Feb 7 19:12:15 2024 +0100

    quota: Detect loops in quota tree
    
    [ Upstream commit a898cb621ac589b0b9e959309689a027e765aa12 ]
    
    Syzbot has found that when it creates corrupted quota files where the
    quota tree contains a loop, we will deadlock when tryling to insert a
    dquot. Add loop detection into functions traversing the quota tree.
    
    Signed-off-by: Jan Kara <jack@suse.cz>
    Signed-off-by: Sasha Levin <sashal@kernel.org>

 fs/quota/quota_tree.c | 128 +++++++++++++++++++++++++++++++++++++-------------
 fs/quota/quota_v2.c   |  15 +++---
 2 files changed, 105 insertions(+), 38 deletions(-)

accumulated error probability: 0.00
culprit signature: 3244858456cf74ef8e6a06970d8f12e21e0469fe3f2e4d440d0f70f3dea5e19e
parent  signature: c21ec4257be2d19b155e686463702855c66854e2fa2b5974446dfb5fb7c419b2
revisions tested: 22, total time: 5h41m50.355343428s (build: 2h28m54.596625478s, test: 3h0m3.244415131s)
first good commit: 863ca59e21eb262f78e1dd3f626e6ebe448501a1 quota: Detect loops in quota tree
recipients (to): ["jack@suse.cz" "sashal@kernel.org"]
recipients (cc): []