ci2 starts bisection 2022-11-04 06:26:02.691434573 +0000 UTC m=+34504.047862472 bisecting cause commit starting from f2f32f8af2b0ca9d619e5183eae3eed431793baf building syzkaller on 6d752409f178135881da3510c910bb11ae1f1381 ensuring issue is reproducible on original commit f2f32f8af2b0ca9d619e5183eae3eed431793baf testing commit f2f32f8af2b0ca9d619e5183eae3eed431793baf gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: aed5b57b9b7fe6113328ed6695636c450f40663d06834f8b4de06b9605b62cfb all runs: crashed: WARNING in kernfs_find_and_get_node_by_id testing release v6.0 testing commit 4fe89d07dcc2804c8b562f6c7896a45643d34b2f gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 965a1db1d896a61a4842d89bf079d6f5266d20e1e93a946fd3a0fad0583f7a30 all runs: OK # git bisect start f2f32f8af2b0ca9d619e5183eae3eed431793baf 4fe89d07dcc2804c8b562f6c7896a45643d34b2f Bisecting: 6665 revisions left to test after this (roughly 13 steps) [513389809e138ae903b6ef43c1d5d2ffaf4dca17] Merge tag 'for-6.1/block-2022-10-03' of git://git.kernel.dk/linux testing commit 513389809e138ae903b6ef43c1d5d2ffaf4dca17 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 4020c89dad17ac48b1caab7f62e8e81799877f0239358d10b028f3d9365c0ffa all runs: OK # git bisect good 513389809e138ae903b6ef43c1d5d2ffaf4dca17 Bisecting: 3331 revisions left to test after this (roughly 12 steps) [f23cdfcd04f7c044ee47dac04484b8d289088776] Merge tag 'iommu-updates-v6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu testing commit f23cdfcd04f7c044ee47dac04484b8d289088776 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 867f8d5fa1c9127f064bead77236986121cd8ca304a2cca8781729f0f2f28aa6 all runs: boot failed: WARNING in cpumask_next_wrap # git bisect skip f23cdfcd04f7c044ee47dac04484b8d289088776 Bisecting: 3331 revisions left to test after this (roughly 12 steps) [6a43cd02ddbc597dc9a1f82c1e433f871a2f6f06] spi: intel: Fix the offset to get the 64K erase opcode testing commit 6a43cd02ddbc597dc9a1f82c1e433f871a2f6f06 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: b718d9c83d98ae6fa4dc74edef8bc9ea6781e2b1336d485a0a3eee08342d900b all runs: OK # git bisect good 6a43cd02ddbc597dc9a1f82c1e433f871a2f6f06 Bisecting: 3325 revisions left to test after this (roughly 12 steps) [ee879be38bc87f8cedc79ae2742958db6533ca59] dyndbg: fix static_branch manipulation testing commit ee879be38bc87f8cedc79ae2742958db6533ca59 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: e8526f4b7bed052361d6e5fb50a300e7f41b488ca132c967ce12de87a9f73b0e all runs: crashed: WARNING in kernfs_find_and_get_node_by_id # git bisect bad ee879be38bc87f8cedc79ae2742958db6533ca59 Bisecting: 7 revisions left to test after this (roughly 3 steps) [c25491747b21536bd56dccb82a109754bbc8d52c] kernfs: Add KERNFS_REMOVING flags testing commit c25491747b21536bd56dccb82a109754bbc8d52c gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5108740847dce0779139c320697c3c96bd7a8161d203f67aae80e5095b069b9b all runs: crashed: WARNING in kernfs_find_and_get_node_by_id # git bisect bad c25491747b21536bd56dccb82a109754bbc8d52c Bisecting: 3 revisions left to test after this (roughly 2 steps) [b52c2379c38ffa49cbf10e30abc9dc4f9c051d41] kernfs: Drop unnecessary "mutex" local variable initialization testing commit b52c2379c38ffa49cbf10e30abc9dc4f9c051d41 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 6ac011f5ed2d403efe7a623c8dfa6583098dea5337d841d11578369045f550b6 all runs: OK # git bisect good b52c2379c38ffa49cbf10e30abc9dc4f9c051d41 Bisecting: 1 revision left to test after this (roughly 1 step) [bdb2fd7fc56e197a63c0b0e7e07d25d5e20e7c72] kernfs: Skip kernfs_drain_open_files() more aggressively testing commit bdb2fd7fc56e197a63c0b0e7e07d25d5e20e7c72 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 131c028028b150487be296316173991d61ac80e8ccf5a88d5d260162bc4619a7 all runs: OK # git bisect good bdb2fd7fc56e197a63c0b0e7e07d25d5e20e7c72 Bisecting: 0 revisions left to test after this (roughly 0 steps) [2d7f9f8c1815707e9ddb454648a523efc67a04d3] kernfs: Improve kernfs_drain() and always call on removal testing commit 2d7f9f8c1815707e9ddb454648a523efc67a04d3 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 3f009d8a04dac022d024bda7ed60fc04eaa10d7d31051f4f4c28c866cd8731fb run #0: basic kernel testing failed: BUG: program execution failed: executor NUM: failed to write control pipe: write |NUM: broken pipe run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good 2d7f9f8c1815707e9ddb454648a523efc67a04d3 c25491747b21536bd56dccb82a109754bbc8d52c is the first bad commit commit c25491747b21536bd56dccb82a109754bbc8d52c Author: Tejun Heo Date: Sat Aug 27 19:04:37 2022 -1000 kernfs: Add KERNFS_REMOVING flags KERNFS_ACTIVATED tracks whether a given node has ever been activated. As a node was only deactivated on removal, this was used for 1. Drain optimization (removed by the previous patch). 2. To hide !activated nodes 3. To avoid double activations 4. Reject adding children to a node being removed 5. Skip activaing a node which is being removed. We want to decouple deactivation from removal so that nodes can be deactivated and hidden dynamically, which makes KERNFS_ACTIVATED useless for all of the above purposes. #1 is already gone. #2 and #3 can instead test whether the node is currently active. A new flag KERNFS_REMOVING is added to explicitly mark nodes which are being removed for #4 and #5. While this leaves KERNFS_ACTIVATED with no users, leave it be as it will be used in a following patch. Cc: Chengming Zhou Tested-by: Chengming Zhou Reviewed-by: Chengming Zhou Signed-off-by: Tejun Heo Link: https://lore.kernel.org/r/20220828050440.734579-7-tj@kernel.org Signed-off-by: Greg Kroah-Hartman fs/kernfs/dir.c | 21 +++++++-------------- include/linux/kernfs.h | 1 + 2 files changed, 8 insertions(+), 14 deletions(-) culprit signature: 5108740847dce0779139c320697c3c96bd7a8161d203f67aae80e5095b069b9b parent signature: 3f009d8a04dac022d024bda7ed60fc04eaa10d7d31051f4f4c28c866cd8731fb revisions tested: 10, total time: 3h21m25.926610817s (build: 2h7m6.058243896s, test: 1h13m5.943556931s) first bad commit: c25491747b21536bd56dccb82a109754bbc8d52c kernfs: Add KERNFS_REMOVING flags recipients (to): ["gregkh@linuxfoundation.org" "tj@kernel.org" "zhouchengming@bytedance.com"] recipients (cc): [] crash: WARNING in kernfs_find_and_get_node_by_id ------------[ cut here ]------------ WARNING: CPU: 1 PID: 4154 at fs/kernfs/dir.c:36 kernfs_find_and_get_node_by_id+0x15b/0x1d0 fs/kernfs/dir.c:716 Modules linked in: CPU: 1 PID: 4154 Comm: syz-executor.0 Not tainted 6.0.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022 RIP: 0010:kernfs_active fs/kernfs/dir.c:36 [inline] RIP: 0010:kernfs_find_and_get_node_by_id+0x15b/0x1d0 fs/kernfs/dir.c:708 Code: 0e 4c 89 f3 74 0d bb 00 00 00 00 85 c0 75 ea eb 02 31 db 48 c7 c7 c0 23 c5 8b e8 70 41 46 07 48 89 d8 5b 41 5c 41 5e 41 5f c3 <0f> 0b e9 78 ff ff ff 48 c7 c1 d4 f1 f6 8c 80 e1 07 80 c1 03 38 c1 RSP: 0018:ffffc9000432fba0 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff88813fe48248 RCX: 0000000000000000 RDX: dffffc0000000000 RSI: ffffffff898d27c0 RDI: ffffffff89eaf300 RBP: dffffc0000000000 R08: dffffc0000000000 R09: fffff52000865f64 R10: fffff52000865f65 R11: 1ffff92000865f64 R12: dffffc0000000000 R13: 0000000000000002 R14: ffff88813fe48570 R15: 0000000000000005 FS: 00007f1509667700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f7b3f6bf300 CR3: 000000007204a000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __kernfs_fh_to_dentry fs/kernfs/mount.c:102 [inline] kernfs_fh_to_dentry+0xf1/0x170 fs/kernfs/mount.c:128 exportfs_decode_fh_raw+0x121/0x4e0 fs/exportfs/expfs.c:436 exportfs_decode_fh+0x5/0x30 fs/exportfs/expfs.c:576 do_handle_to_path fs/fhandle.c:152 [inline] handle_to_path fs/fhandle.c:207 [inline] do_handle_open+0x316/0x7c0 fs/fhandle.c:223 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f150888b5a9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f1509667168 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 RAX: ffffffffffffffda RBX: 00007f15089abf80 RCX: 00007f150888b5a9 RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000005 RBP: 00007f15088e67b0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fffbb4dacaf R14: 00007f1509667300 R15: 0000000000022000