ci2 starts bisection 2023-10-24 11:37:43.142637486 +0000 UTC m=+40643.693519671 bisecting fixing commit since bf4ad6fa4e5332e53913b073d0219319a4091619 building syzkaller on 90c93c40627cb0ac3c2c7cb99d807fd4c137adcb ensuring issue is reproducible on original commit bf4ad6fa4e5332e53913b073d0219319a4091619 testing commit bf4ad6fa4e5332e53913b073d0219319a4091619 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: de2ce2ba202878087d5ec8469e28f59138f3dbe1e60dcd641e7acc4e0b40cc54 run #0: crashed: kernel BUG in ext4_get_group_info run #1: crashed: kernel BUG in ext4_get_group_info run #2: crashed: kernel BUG in ext4_get_group_info run #3: crashed: kernel BUG in ext4_get_group_info run #4: crashed: kernel BUG in ext4_get_group_info run #5: crashed: kernel BUG in ext4_get_group_info run #6: crashed: kernel BUG in ext4_get_group_info run #7: crashed: INFO: rcu detected stall in corrupted run #8: crashed: INFO: rcu detected stall in corrupted run #9: crashed: kernel BUG in ext4_get_group_info run #10: crashed: INFO: rcu detected stall in corrupted run #11: crashed: INFO: rcu detected stall in corrupted run #12: crashed: INFO: rcu detected stall in corrupted run #13: crashed: INFO: rcu detected stall in corrupted run #14: crashed: INFO: rcu detected stall in corrupted run #15: crashed: INFO: rcu detected stall in corrupted run #16: crashed: INFO: rcu detected stall in corrupted run #17: crashed: INFO: rcu detected stall in corrupted run #18: crashed: INFO: rcu detected stall in corrupted run #19: crashed: INFO: rcu detected stall in corrupted representative crash: INFO: rcu detected stall in corrupted, types: [HANG BUG] check whether we can drop unnecessary instrumentation disabling configs for [LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit bf4ad6fa4e5332e53913b073d0219319a4091619 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: c1d4a737d9fab8ee61a6df85dd91fc89a891b711c2bf445b655914462c7c8c98 run #0: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #1: crashed: INFO: rcu detected stall in corrupted run #2: crashed: INFO: rcu detected stall in corrupted run #3: crashed: INFO: rcu detected stall in corrupted run #4: crashed: INFO: rcu detected stall in corrupted run #5: crashed: INFO: rcu detected stall in corrupted run #6: crashed: INFO: rcu detected stall in corrupted run #7: crashed: INFO: rcu detected stall in corrupted run #8: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #9: crashed: kernel BUG in ext4_mb_load_buddy_gfp representative crash: INFO: rcu detected stall in corrupted, types: [HANG BUG] the bug reproduces without the instrumentation disabling configs for [LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed kconfig minimization: base=3820 full=7524 leaves diff=1994 split chunks (needed=false): <1994> split chunk #0 of len 1994 into 5 parts testing without sub-chunk 1/5 disabling configs for [LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit bf4ad6fa4e5332e53913b073d0219319a4091619 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 87c774cf6830dbb325ec814f5cb43e693ae31c16419de16723983be970102270 run #0: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #1: crashed: INFO: rcu detected stall in corrupted run #2: crashed: INFO: rcu detected stall in corrupted run #3: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #4: crashed: INFO: rcu detected stall in corrupted run #5: crashed: INFO: rcu detected stall in corrupted run #6: crashed: INFO: rcu detected stall in corrupted run #7: crashed: INFO: rcu detected stall in corrupted run #8: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #9: crashed: kernel BUG in ext4_mb_load_buddy_gfp representative crash: INFO: rcu detected stall in corrupted, types: [HANG BUG] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit bf4ad6fa4e5332e53913b073d0219319a4091619 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 43c81e7b77da1907f560a481bcebca8050a910cf33ae714ca9931abd5856253b run #0: crashed: INFO: rcu detected stall in corrupted run #1: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #2: crashed: INFO: rcu detected stall in corrupted run #3: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #4: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #5: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #6: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #7: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #8: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #9: crashed: kernel BUG in ext4_mb_load_buddy_gfp representative crash: kernel BUG in ext4_mb_load_buddy_gfp, types: [BUG] the chunk can be dropped testing without sub-chunk 3/5 disabling configs for [LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit bf4ad6fa4e5332e53913b073d0219319a4091619 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 21ad6d82d0b910d8460b3932de8237a7e2acf922ed8854869140f2986729083f run #0: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #1: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #2: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK representative crash: kernel BUG in ext4_mb_load_buddy_gfp, types: [BUG] testing without sub-chunk 4/5 disabling configs for [LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit bf4ad6fa4e5332e53913b073d0219319a4091619 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 6c7150b4bcbc0e66ec616970f960a4bd57ab734c2c39fc2102c452b7916d494c run #0: crashed: INFO: rcu detected stall in corrupted run #1: crashed: INFO: rcu detected stall in corrupted run #2: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #3: crashed: INFO: rcu detected stall in corrupted run #4: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #5: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #6: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #7: crashed: INFO: rcu detected stall in corrupted run #8: crashed: INFO: rcu detected stall in corrupted run #9: crashed: INFO: rcu detected stall in corrupted run #10: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #11: crashed: INFO: rcu detected stall in corrupted run #12: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #13: crashed: INFO: rcu detected stall in corrupted run #14: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #15: crashed: INFO: rcu detected stall in corrupted run #16: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #17: crashed: INFO: rcu detected stall in corrupted run #18: crashed: INFO: rcu detected stall in corrupted run #19: crashed: kernel BUG in ext4_mb_load_buddy_gfp representative crash: INFO: rcu detected stall in corrupted, types: [HANG BUG] the chunk can be dropped testing without sub-chunk 5/5 disabling configs for [LOCKDEP ATOMIC_SLEEP LEAK UBSAN KASAN], they are not needed testing commit bf4ad6fa4e5332e53913b073d0219319a4091619 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 0043ab131363d593a5e19408a2cb2b87354ae0e0b1de793e939524f878769e63 run #0: crashed: INFO: rcu detected stall in corrupted run #1: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #2: crashed: INFO: rcu detected stall in corrupted run #3: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #4: crashed: INFO: rcu detected stall in corrupted run #5: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #6: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #7: crashed: INFO: rcu detected stall in corrupted run #8: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #9: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #10: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #11: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #12: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #13: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #14: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #15: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #16: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #17: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #18: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #19: crashed: kernel BUG in ext4_mb_load_buddy_gfp representative crash: kernel BUG in ext4_mb_load_buddy_gfp, types: [BUG] the chunk can be dropped minimized to 399 configs; suspects: [ATM AX25 BRIDGE BRIDGE_NETFILTER CAN CFG80211 CHECKPOINT_RESTORE DVB_CORE FB FSCACHE HAMRADIO HSR INFINIBAND INFINIBAND_ADDR_TRANS INFINIBAND_USER_ACCESS INPUT_JOYSTICK INPUT_MOUSE IP6_NF_RAW IPV6_MULTIPLE_TABLES IP_NF_RAW IP_SET IP_VS IP_VS_PROTO_AH IP_VS_PROTO_AH_ESP IP_VS_PROTO_ESP IP_VS_PROTO_SCTP IP_VS_RR IP_VS_SED IP_VS_SH IP_VS_TWOS IP_VS_WLC IP_VS_WRR IRQ_BYPASS_MANAGER IRQ_POLL IR_IGORPLUGUSB IR_IGUANA IR_IMON IR_MCEUSB IR_REDRAT3 IR_STREAMZAP IR_TTUSBIR ISDN ISDN_CAPI_MIDDLEWARE JFFS2_CMODE_PRIORITY JFFS2_COMPRESSION_OPTIONS JFFS2_FS JFFS2_FS_POSIX_ACL JFFS2_FS_SECURITY JFFS2_FS_WRITEBUFFER JFFS2_FS_XATTR JFFS2_LZO JFFS2_RTIME JFFS2_RUBIN JFFS2_SUMMARY JFFS2_ZLIB JFS_DEBUG JFS_FS JFS_POSIX_ACL JFS_SECURITY JOYSTICK_IFORCE JOYSTICK_IFORCE_USB JOYSTICK_XPAD JOYSTICK_XPAD_FF JOYSTICK_XPAD_LEDS KARMA_PARTITION KCOV KCOV_ENABLE_COMPARISONS KCOV_INSTRUMENT_ALL KEYS_REQUEST_CACHE KEY_DH_OPERATIONS KEY_NOTIFICATIONS KSM KVM KVM_AMD KVM_ASYNC_PF KVM_COMPAT KVM_GENERIC_DIRTYLOG_READ_PROTECT KVM_MMIO KVM_VFIO KVM_XEN KVM_XFER_TO_GUEST_WORK L2TP L2TP_ETH L2TP_IP L2TP_V3 LAPB LAPBETHER LDM_PARTITION LEDS_TRIGGER_AUDIO LEGACY_PTYS LIBCRC32C LIBNVDIMM LINEAR_RANGES LLC LLC2 LOGIG940_FF LOGIRUMBLEPAD2_FF LOGO LOGO_LINUX_MONO LOGO_LINUX_VGA16 LPC_ICH LRU_GEN LRU_GEN_ENABLED LWTUNNEL LWTUNNEL_BPF LZ4HC_COMPRESS LZ4_COMPRESS MAC80211 MAC80211_DEBUGFS MAC80211_HAS_RC MAC80211_HWSIM MAC80211_MESH MAC80211_RC_DEFAULT_MINSTREL MAC80211_RC_MINSTREL MACSEC MACVLAN MACVTAP MAC_PARTITION MAPPING_DIRTY_HELPERS MD_LINEAR MD_MULTIPATH MD_RAID0 MD_RAID1 MD_RAID10 MD_RAID456 MEDIA_ANALOG_TV_SUPPORT MEDIA_ATTACH MEDIA_CONTROLLER MEDIA_CONTROLLER_DVB MEDIA_CONTROLLER_REQUEST_API MEDIA_DIGITAL_TV_SUPPORT MEDIA_RADIO_SUPPORT MEDIA_SDR_SUPPORT MEDIA_SUPPORT MEDIA_SUPPORT_FILTER MEDIA_TUNER MEDIA_TUNER_MSI001 MEMORY_BALLOON MEMORY_HOTPLUG MEMORY_HOTPLUG_DEFAULT_ONLINE MEMORY_ISOLATION MEMREGION MEMSTICK MEMSTICK_REALTEK_USB MEM_SOFT_DIRTY MFD_CORE MFD_SYSCON MHI_BUS MHI_WWAN_CTRL MHP_MEMMAP_ON_MEMORY MICROCHIP_PHY MINIX_FS MINIX_SUBPARTITION MISC_RTSX MISC_RTSX_USB MISDN MISDN_DSP MISDN_HFCUSB MISDN_L1OIP MKISS MLX4_CORE MLX4_INFINIBAND MMC MMC_REALTEK_USB MMC_USHC MMC_VUB300 MMU_NOTIFIER MODULE_SRCVERSION_ALL MODVERSIONS MOST MOUSE_APPLETOUCH MOUSE_BCM5974 MOUSE_PS2 MOUSE_PS2_ALPS MOUSE_PS2_BYD MOUSE_PS2_CYPRESS MOUSE_PS2_FOCALTECH MOUSE_PS2_LIFEBOOK MOUSE_PS2_LOGIPS2PP MOUSE_PS2_SMBUS MOUSE_PS2_SYNAPTICS MOUSE_PS2_SYNAPTICS_SMBUS MOUSE_PS2_TRACKPOINT MOUSE_SYNAPTICS_USB MPLS MPLS_IPTUNNEL MPLS_ROUTING MPTCP MPTCP_IPV6 MRP MTD MTD_BLKDEVS MTD_BLOCK MTD_BLOCK2MTD MTD_CFI_I1 MTD_CFI_I2 MTD_MAP_BANK_WIDTH_1 MTD_MAP_BANK_WIDTH_2 MTD_MAP_BANK_WIDTH_4 MTD_MTDRAM MTD_PHRAM MTD_SLRAM MUSB_PIO_ONLY ND_BTT ND_CLAIM ND_PFN NETDEVSIM NETFILTER_ADVANCED NETFILTER_FAMILY_ARP NETFILTER_FAMILY_BRIDGE NETFILTER_NETLINK_ACCT NETFILTER_NETLINK_GLUE_CT NETFILTER_NETLINK_OSF NETFILTER_NETLINK_QUEUE NETFILTER_SYNPROXY NETFILTER_XT_CONNMARK NETFILTER_XT_MATCH_BPF NETFILTER_XT_MATCH_CGROUP NETFILTER_XT_MATCH_CLUSTER NETFILTER_XT_MATCH_COMMENT NETFILTER_XT_MATCH_CONNBYTES NETFILTER_XT_MATCH_CONNLABEL NETFILTER_XT_MATCH_CONNLIMIT NETFILTER_XT_MATCH_CONNMARK NETFILTER_XT_MATCH_CPU NETFILTER_XT_MATCH_DCCP NETFILTER_XT_MATCH_DEVGROUP NETFILTER_XT_MATCH_DSCP NETFILTER_XT_MATCH_ECN NETFILTER_XT_MATCH_ESP NETFILTER_XT_MATCH_HASHLIMIT NETFILTER_XT_MATCH_HELPER NETFILTER_XT_MATCH_HL NETFILTER_XT_MATCH_IPCOMP NETFILTER_XT_MATCH_IPRANGE NETFILTER_XT_MATCH_IPVS NETFILTER_XT_MATCH_L2TP NETFILTER_XT_MATCH_LENGTH NETFILTER_XT_MATCH_LIMIT NETFILTER_XT_MATCH_MAC NETFILTER_XT_MATCH_MARK NETFILTER_XT_MATCH_MULTIPORT NETFILTER_XT_MATCH_NFACCT NETFILTER_XT_MATCH_OSF NETFILTER_XT_MATCH_OWNER NETFILTER_XT_MATCH_PHYSDEV NETFILTER_XT_MATCH_PKTTYPE NETFILTER_XT_MATCH_QUOTA NETFILTER_XT_MATCH_RATEEST NETFILTER_XT_MATCH_REALM NETFILTER_XT_MATCH_RECENT NETFILTER_XT_MATCH_SCTP NETFILTER_XT_MATCH_SOCKET NETFILTER_XT_MATCH_STATISTIC NETFILTER_XT_MATCH_STRING NETFILTER_XT_MATCH_TCPMSS NETFILTER_XT_MATCH_TIME NETFILTER_XT_MATCH_U32 NETFILTER_XT_SET NETFILTER_XT_TARGET_AUDIT NETFILTER_XT_TARGET_CHECKSUM NETFILTER_XT_TARGET_CLASSIFY NETFILTER_XT_TARGET_CONNMARK NETFILTER_XT_TARGET_CT NETFILTER_XT_TARGET_DSCP NETFILTER_XT_TARGET_HL NETFILTER_XT_TARGET_HMARK NETFILTER_XT_TARGET_IDLETIMER NETFILTER_XT_TARGET_LED NETFILTER_XT_TARGET_MARK NETFILTER_XT_TARGET_NETMAP NETFILTER_XT_TARGET_NFQUEUE NETFILTER_XT_TARGET_NOTRACK NETFILTER_XT_TARGET_RATEEST NETFILTER_XT_TARGET_REDIRECT NETFILTER_XT_TARGET_TCPOPTSTRIP NETFILTER_XT_TARGET_TEE NETFILTER_XT_TARGET_TPROXY NETFILTER_XT_TARGET_TRACE NETLABEL NETLINK_DIAG NETROM NET_9P_RDMA NET_ACT_BPF NET_ACT_CONNMARK NET_ACT_CSUM NET_ACT_CT NET_ACT_CTINFO NET_ACT_GATE NET_ACT_IFE NET_ACT_IPT NET_ACT_MPLS NET_ACT_NAT NET_ACT_PEDIT NET_ACT_POLICE NET_ACT_SAMPLE NET_ACT_SIMP NET_ACT_SKBEDIT NET_ACT_SKBMOD NET_ACT_TUNNEL_KEY NET_ACT_VLAN NET_CLS_BASIC NET_CLS_BPF NET_CLS_FLOW NET_CLS_FLOWER NET_CLS_FW NET_CLS_MATCHALL NET_CLS_ROUTE4 NET_CLS_RSVP NET_CLS_RSVP6 NET_DEVLINK NET_DROP_MONITOR NET_DSA NET_DSA_TAG_BRCM NET_DSA_TAG_BRCM_COMMON NET_DSA_TAG_BRCM_PREPEND NET_DSA_TAG_MTK NET_DSA_TAG_QCA NET_DSA_TAG_RTL4_A NET_EMATCH_CANID NET_EMATCH_CMP NET_EMATCH_IPSET NET_EMATCH_IPT NET_EMATCH_META NET_EMATCH_NBYTE NET_EMATCH_TEXT NET_EMATCH_U32 NET_FC NET_FOU NET_FOU_IP_TUNNELS NET_IFE NET_IFE_SKBMARK NET_IFE_SKBPRIO NET_IFE_SKBTCINDEX NET_IPGRE NET_IPGRE_BROADCAST NET_IPGRE_DEMUX NET_IPIP NET_IPVTI NET_KEY NET_KEY_MIGRATE NET_L3_MASTER_DEV NET_MPLS_GSO NET_NCSI NET_NSH NET_REDIRECT NET_SCH_ATM NET_SCH_CAKE NET_SCH_CBQ NET_SCH_CBS NET_SCH_CHOKE NET_SCH_CODEL NET_SCH_DRR NET_SCH_DSMARK NET_SCH_ETF NET_SCH_ETS NET_SCH_FQ NET_SCH_FQ_CODEL NET_SCH_FQ_PIE NET_SCH_GRED NET_SCH_HFSC NET_SCH_HHF NET_SCH_HTB NET_SCH_INGRESS NET_SCH_MQPRIO NET_SCH_MULTIQ NET_SCH_NETEM NET_SCH_PIE NET_SCH_PLUG NET_SCH_PRIO NET_SCH_QFQ NET_SCH_RED NET_SCH_SFB NET_SCH_SFQ NET_SCH_SKBPRIO NET_SCH_TAPRIO NET_SCH_TBF NET_SCH_TEQL NET_SOCK_MSG NET_SWITCHDEV NET_TC_SKB_EXT NET_TEAM NET_TEAM_MODE_ACTIVEBACKUP NET_TEAM_MODE_BROADCAST NET_TEAM_MODE_LOADBALANCE NET_TEAM_MODE_RANDOM NET_TEAM_MODE_ROUNDROBIN NET_UDP_TUNNEL NET_VRF NFC NFC_DIGITAL NFC_FDP NFC_HCI NFC_MRVL NFC_MRVL_USB NFC_NCI NFC_NCI_UART NFC_PN533 NFC_PN533_USB NFC_PORT100 NFC_SHDLC NFC_SIM NFC_VIRTUAL_NCI NFSD NFSD_BLOCKLAYOUT NFSD_FLEXFILELAYOUT NFSD_PNFS NFSD_SCSILAYOUT NFSD_V2_ACL NFSD_V3_ACL NFSD_V4 NFSD_V4_2_INTER_SSC NFSD_V4_SECURITY_LABEL NFS_FSCACHE NFS_V4_1 NFS_V4_2 NFS_V4_2_READ_PLUS NFS_V4_2_SSC_HELPER NFS_V4_SECURITY_LABEL NFT_BRIDGE_META NFT_BRIDGE_REJECT NFT_COMPAT NFT_CONNLIMIT NFT_CT NFT_DUP_IPV4 NFT_DUP_IPV6 NFT_DUP_NETDEV NFT_FIB NFT_FIB_INET NFT_FIB_IPV4 NFT_FIB_IPV6 NFT_FIB_NETDEV NFT_FLOW_OFFLOAD NFT_HASH NFT_LIMIT NFT_LOG NFT_MASQ NFT_NAT NFT_NUMGEN NFT_OSF NFT_QUEUE NFT_QUOTA NFT_REDIR NFT_REJECT NFT_REJECT_INET NFT_REJECT_IPV4 NFT_REJECT_IPV6 NFT_REJECT_NETDEV NFT_SOCKET NFT_SYNPROXY NFT_TPROXY NFT_TUNNEL NFT_XFRM NF_CONNTRACK_AMANDA NF_CONNTRACK_BRIDGE NF_CONNTRACK_BROADCAST NF_CONNTRACK_EVENTS NF_CONNTRACK_H323 NF_CONNTRACK_LABELS NF_CONNTRACK_MARK NF_CONNTRACK_NETBIOS_NS NF_CONNTRACK_PPTP NF_CONNTRACK_SANE NF_CONNTRACK_SNMP NF_CONNTRACK_TFTP NF_CONNTRACK_TIMEOUT NF_CONNTRACK_TIMESTAMP NF_CONNTRACK_ZONES NF_CT_NETLINK_HELPER NF_CT_NETLINK_TIMEOUT NF_CT_PROTO_DCCP NF_CT_PROTO_GRE NF_CT_PROTO_SCTP NF_CT_PROTO_UDPLITE NF_DUP_IPV4 NF_DUP_IPV6 NF_DUP_NETDEV NF_FLOW_TABLE NF_FLOW_TABLE_INET NF_NAT_AMANDA NF_NAT_H323 NF_NAT_PPTP NF_NAT_REDIRECT NF_NAT_SNMP_BASIC NF_NAT_TFTP NF_SOCKET_IPV4 NF_TABLES NF_TABLES_BRIDGE NF_TABLES_INET NF_TABLES_IPV4 NF_TABLES_IPV6 NF_TABLES_NETDEV PARTITION_ADVANCED PSAMPLE RC_CORE RC_DEVICES RFKILL SPI USB_GADGET USB_MUSB_HDRC VIDEO_DEV WAN WATCH_QUEUE WIRELESS WLAN WWAN X25 X86_X32_ABI] disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP LEAK UBSAN], they are not needed determining the merge base between bf4ad6fa4e5332e53913b073d0219319a4091619 and d88520ad73b79e71e3ddf08de335b8520ae41c5c 830b3c68c1fb1e9176028d02ef86f3cf76aa2476/Linux 6.1 is a merge base, check if it has the bug testing commit 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: ba89524428834949532e20fdb233fd0a41d8348c7342626d1575538163deecb9 run #0: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #1: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #2: crashed: INFO: rcu detected stall in corrupted run #3: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #4: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #5: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #6: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #7: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #8: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #9: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #10: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #11: crashed: kernel BUG in ext4_mb_release_group_pa run #12: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #13: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #14: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #15: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #16: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #17: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #18: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #19: OK representative crash: kernel BUG in ext4_mb_load_buddy_gfp, types: [BUG] testing current HEAD d88520ad73b79e71e3ddf08de335b8520ae41c5c testing commit d88520ad73b79e71e3ddf08de335b8520ae41c5c gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b0cd36cea3d6a030680aa3b5e71f58f541ea61deffa9954589b2bd0cd63f14ed all runs: OK false negative chance: 0.000 # git bisect start d88520ad73b79e71e3ddf08de335b8520ae41c5c 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 Bisecting: 40155 revisions left to test after this (roughly 15 steps) [b68ee1c6131c540a62ecd443be89c406401df091] Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi determine whether the revision contains the guilty commit revision 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 crashed and is reachable testing commit b68ee1c6131c540a62ecd443be89c406401df091 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 2f8535fbf11199887f43f89d562eb8b671f77d50fb824d0ff77154fd9ed73435 run #0: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #1: crashed: kernel BUG in ext4_mb_find_by_goal run #2: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #3: crashed: kernel BUG in ext4_mb_find_by_goal run #4: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #5: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #6: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #7: crashed: kernel BUG in ext4_mb_find_by_goal run #8: crashed: kernel BUG in ext4_mb_find_by_goal run #9: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #10: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #11: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #12: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #13: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #14: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #15: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #16: crashed: kernel BUG in ext4_mb_find_by_goal run #17: OK run #18: OK run #19: OK representative crash: kernel BUG in ext4_mb_load_buddy_gfp, types: [BUG] # git bisect good b68ee1c6131c540a62ecd443be89c406401df091 Bisecting: 20030 revisions left to test after this (roughly 14 steps) [9070577ae9d6065e447d422bdf85a09f89eaa9e8] Merge tag 'pci-v6.5-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci determine whether the revision contains the guilty commit revision 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 crashed and is reachable testing commit 9070577ae9d6065e447d422bdf85a09f89eaa9e8 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: aad589530d327924d16b7f828ce114f71383a1382104ed6583fa38f9fa36fd94 all runs: OK false negative chance: 0.000 # git bisect bad 9070577ae9d6065e447d422bdf85a09f89eaa9e8 Bisecting: 10067 revisions left to test after this (roughly 13 steps) [bfd019d10fdabf70f9b01264aea6d6c7595f9226] Merge branch 'crypto-splice-net-make-af_alg-handle-sendmsg-msg_splice_pages' determine whether the revision contains the guilty commit revision 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 crashed and is reachable testing commit bfd019d10fdabf70f9b01264aea6d6c7595f9226 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 3cfd2fa61e3b640ecbb5898b15c0367ce1ae1699d900bc8f99e0d795769981ef all runs: OK false negative chance: 0.000 # git bisect bad bfd019d10fdabf70f9b01264aea6d6c7595f9226 Bisecting: 5032 revisions left to test after this (roughly 12 steps) [245f0922689364b21163af4937a05ea0ba576fae] mm: hwpoison: coredump: support recovery from dump_user_range() determine whether the revision contains the guilty commit revision 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 crashed and is reachable testing commit 245f0922689364b21163af4937a05ea0ba576fae gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: c063eab7446dd76c67903becbfed613bc8266d8a8c3b712764024749c32d5a81 run #0: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #1: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #2: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #3: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #4: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #5: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #6: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #7: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #8: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #9: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #10: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #11: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #12: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #13: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #14: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #15: crashed: kernel BUG in ext4_mb_find_by_goal run #16: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #17: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #18: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #19: crashed: kernel BUG in ext4_mb_find_by_goal representative crash: kernel BUG in ext4_mb_load_buddy_gfp, types: [BUG] # git bisect good 245f0922689364b21163af4937a05ea0ba576fae Bisecting: 2534 revisions left to test after this (roughly 11 steps) [78b421b6a7c6dbb6a213877c742af52330f5026d] Merge tag 'linux-watchdog-6.4-rc1' of git://www.linux-watchdog.org/linux-watchdog determine whether the revision contains the guilty commit revision 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 crashed and is reachable testing commit 78b421b6a7c6dbb6a213877c742af52330f5026d gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 48bdb9d3951712ad25ae6590692b16c4a75cb015e31a9c2d3ebd112a50ff9bd6 run #0: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #1: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #2: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #3: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #4: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #5: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #6: crashed: kernel BUG in ext4_mb_find_by_goal run #7: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #8: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #9: crashed: kernel BUG in ext4_mb_find_by_goal run #10: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #11: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #12: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #13: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #14: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #15: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #16: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #17: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #18: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #19: crashed: kernel BUG in ext4_mb_load_buddy_gfp representative crash: kernel BUG in ext4_mb_load_buddy_gfp, types: [BUG] # git bisect good 78b421b6a7c6dbb6a213877c742af52330f5026d Bisecting: 1266 revisions left to test after this (roughly 10 steps) [4927cb98f0eeaa5dbeac882e8372f4b16dc62624] Merge tag 'powerpc-6.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux determine whether the revision contains the guilty commit revision 245f0922689364b21163af4937a05ea0ba576fae crashed and is reachable testing commit 4927cb98f0eeaa5dbeac882e8372f4b16dc62624 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 72780ad18cf665c1d81181c69ced72fe023bddcd5e3eb3ad0ac3e16c5791ae0e all runs: OK false negative chance: 0.000 # git bisect bad 4927cb98f0eeaa5dbeac882e8372f4b16dc62624 Bisecting: 559 revisions left to test after this (roughly 9 steps) [f085df1be60abf670315c11036261cfaec16b2eb] Merge tag 'perf-tools-for-v6.4-3-2023-05-06' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux determine whether the revision contains the guilty commit revision b68ee1c6131c540a62ecd443be89c406401df091 crashed and is reachable testing commit f085df1be60abf670315c11036261cfaec16b2eb gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 1d07a9e8111110f54e494bcffa9fe9226ba5227c1f4e16e0266542fb2cd8c8d5 run #0: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #1: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #2: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #3: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #4: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #5: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #6: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #7: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #8: crashed: kernel BUG in ext4_mb_find_by_goal run #9: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #10: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #11: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #12: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #13: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #14: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #15: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #16: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #17: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #18: crashed: kernel BUG in ext4_mb_find_by_goal run #19: crashed: kernel BUG in ext4_mb_load_buddy_gfp representative crash: kernel BUG in ext4_mb_load_buddy_gfp, types: [BUG] # git bisect good f085df1be60abf670315c11036261cfaec16b2eb Bisecting: 320 revisions left to test after this (roughly 8 steps) [b802651bb6c90e53b30205b2a4358433e3be57c8] Merge tag 'media/v6.4-3' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media determine whether the revision contains the guilty commit revision 78b421b6a7c6dbb6a213877c742af52330f5026d crashed and is reachable testing commit b802651bb6c90e53b30205b2a4358433e3be57c8 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: ec48fe8a62d7d8a0b729c267b80a2ea76bf374d6a5e9fd8709011d35d069021b run #0: infra problem: create image operation failed: &{Code:ZONE_RESOURCE_POOL_EXHAUSTED_WITH_DETAILS ErrorDetails:[0xc000ca2eb0 0xc000ca2fa0 0xc000ca3040] Location: Message:The zone 'projects/syzkaller/zones/us-central1-c' does not have enough resources available to fulfill the request. '(resource type:compute)'. ForceSendFields:[] NullFields:[]}. run #1: infra problem: create image operation failed: &{Code:ZONE_RESOURCE_POOL_EXHAUSTED_WITH_DETAILS ErrorDetails:[0xc00ad59720 0xc00ad59810 0xc00ad598b0] Location: Message:The zone 'projects/syzkaller/zones/us-central1-c' does not have enough resources available to fulfill the request. '(resource type:compute)'. ForceSendFields:[] NullFields:[]}. run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK false negative chance: 0.000 # git bisect bad b802651bb6c90e53b30205b2a4358433e3be57c8 Bisecting: 120 revisions left to test after this (roughly 7 steps) [df8c2d13e227e4670ebe777970f89db7802b1f56] Merge tag 'vfs/v6.4-rc1/pipe' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs determine whether the revision contains the guilty commit revision 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 crashed and is reachable testing commit df8c2d13e227e4670ebe777970f89db7802b1f56 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: cec5f619c96bcf82d5435129fb2c39b5aa7e557e7cec00db9b5c94535c446c60 run #0: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #1: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #2: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #3: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #4: crashed: kernel BUG in ext4_mb_find_by_goal run #5: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #6: crashed: kernel BUG in ext4_mb_find_by_goal run #7: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #8: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #9: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #10: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #11: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #12: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #13: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #14: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #15: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #16: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #17: OK run #18: OK run #19: OK representative crash: kernel BUG in ext4_mb_load_buddy_gfp, types: [BUG] # git bisect good df8c2d13e227e4670ebe777970f89db7802b1f56 Bisecting: 60 revisions left to test after this (roughly 6 steps) [bb7c241fae6228e89c0286ffd6f249b3b0dea225] Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 determine whether the revision contains the guilty commit revision b68ee1c6131c540a62ecd443be89c406401df091 crashed and is reachable testing commit bb7c241fae6228e89c0286ffd6f249b3b0dea225 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 3ecd1bff854abe9b8d675db789e53df4a017bbaf0ca468903c5eb1c92b88e58b all runs: OK false negative chance: 0.000 # git bisect bad bb7c241fae6228e89c0286ffd6f249b3b0dea225 Bisecting: 36 revisions left to test after this (roughly 5 steps) [046206bad0f6a886e1f890c5fcb106d596971c95] Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi determine whether the revision contains the guilty commit revision 78b421b6a7c6dbb6a213877c742af52330f5026d crashed and is reachable testing commit 046206bad0f6a886e1f890c5fcb106d596971c95 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 608bb77e7a2bbe4b96afc5c00470738147c3f00b727f4c95e00604c67ce9c503 run #0: crashed: kernel BUG in ext4_mb_find_by_goal run #1: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #2: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #3: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #4: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #5: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #6: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #7: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #8: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #9: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #10: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #11: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #12: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #13: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #14: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #15: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #16: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #17: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #18: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #19: crashed: kernel BUG in ext4_mb_load_buddy_gfp representative crash: kernel BUG in ext4_mb_find_by_goal, types: [BUG] # git bisect good 046206bad0f6a886e1f890c5fcb106d596971c95 Bisecting: 18 revisions left to test after this (roughly 4 steps) [c8902258b2b8ecaa1b8d88c312853c5b14c2553d] fbdev: modedb: Add 1920x1080 at 60 Hz video mode determine whether the revision contains the guilty commit revision 78b421b6a7c6dbb6a213877c742af52330f5026d crashed and is reachable testing commit c8902258b2b8ecaa1b8d88c312853c5b14c2553d gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: f57c8ded27b970a8690144b322fdb0706150434edf2297cc73d39057e1666dc9 run #0: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #1: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #2: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #3: crashed: kernel BUG in ext4_mb_find_by_goal run #4: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #5: crashed: kernel BUG in ext4_mb_find_by_goal run #6: crashed: kernel BUG in ext4_mb_find_by_goal run #7: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #8: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #9: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #10: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #11: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #12: crashed: kernel BUG in ext4_mb_find_by_goal run #13: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #14: boot failed: can't ssh into the instance run #15: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #16: boot failed: can't ssh into the instance run #17: OK run #18: OK run #19: OK representative crash: kernel BUG in ext4_mb_load_buddy_gfp, types: [BUG] # git bisect good c8902258b2b8ecaa1b8d88c312853c5b14c2553d Bisecting: 9 revisions left to test after this (roughly 3 steps) [fa83c34e3e56b3c672af38059e066242655271b1] ext4: check iomap type only if ext4_iomap_begin() does not fail determine whether the revision contains the guilty commit revision 78b421b6a7c6dbb6a213877c742af52330f5026d crashed and is reachable testing commit fa83c34e3e56b3c672af38059e066242655271b1 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: f24eec178f95f38bbc81702eb1d81476f073cccf54171718617ac348364d8aed all runs: OK false negative chance: 0.000 # git bisect bad fa83c34e3e56b3c672af38059e066242655271b1 Bisecting: 4 revisions left to test after this (roughly 2 steps) [463808f237cf73e98a1a45ff7460c2406a150a0b] ext4: remove a BUG_ON in ext4_mb_release_group_pa() determine whether the revision contains the guilty commit revision 78b421b6a7c6dbb6a213877c742af52330f5026d crashed and is reachable testing commit 463808f237cf73e98a1a45ff7460c2406a150a0b gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b192d0b633e201670a8c707f0e5eb64e914a5234e04819bf003c7dcb0e46ac0e all runs: OK false negative chance: 0.000 # git bisect bad 463808f237cf73e98a1a45ff7460c2406a150a0b Bisecting: 1 revision left to test after this (roughly 1 step) [949f95ff39bf188e594e7ecd8e29b82eb108f5bf] ext4: fix lockdep warning when enabling MMP determine whether the revision contains the guilty commit revision b68ee1c6131c540a62ecd443be89c406401df091 crashed and is reachable testing commit 949f95ff39bf188e594e7ecd8e29b82eb108f5bf gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 9b97069c8bf2d93d181329dd9f2fd3f9704141f1daa097ce6d3a3335ab689477 run #0: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #1: crashed: kernel BUG in ext4_mb_find_by_goal run #2: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #3: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #4: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #5: crashed: kernel BUG in ext4_mb_find_by_goal run #6: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #7: crashed: kernel BUG in ext4_mb_find_by_goal run #8: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #9: crashed: kernel BUG in ext4_mb_find_by_goal run #10: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #11: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #12: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #13: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #14: crashed: kernel BUG in ext4_mb_load_buddy_gfp run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: kernel BUG in ext4_mb_load_buddy_gfp, types: [BUG] # git bisect good 949f95ff39bf188e594e7ecd8e29b82eb108f5bf Bisecting: 0 revisions left to test after this (roughly 0 steps) [5354b2af34064a4579be8bc0e2f15a7b70f14b5f] ext4: allow ext4_get_group_info() to fail determine whether the revision contains the guilty commit revision 78b421b6a7c6dbb6a213877c742af52330f5026d crashed and is reachable testing commit 5354b2af34064a4579be8bc0e2f15a7b70f14b5f gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: cb2c2753e2a94ed45540dc857c2a5d70d3de3c1afdf3afbf534b09a37a9ae0ba all runs: OK false negative chance: 0.000 # git bisect bad 5354b2af34064a4579be8bc0e2f15a7b70f14b5f 5354b2af34064a4579be8bc0e2f15a7b70f14b5f is the first bad commit commit 5354b2af34064a4579be8bc0e2f15a7b70f14b5f Author: Theodore Ts'o Date: Sat Apr 29 00:06:28 2023 -0400 ext4: allow ext4_get_group_info() to fail Previously, ext4_get_group_info() would treat an invalid group number as BUG(), since in theory it should never happen. However, if a malicious attaker (or fuzzer) modifies the superblock via the block device while it is the file system is mounted, it is possible for s_first_data_block to get set to a very large number. In that case, when calculating the block group of some block number (such as the starting block of a preallocation region), could result in an underflow and very large block group number. Then the BUG_ON check in ext4_get_group_info() would fire, resutling in a denial of service attack that can be triggered by root or someone with write access to the block device. For a quality of implementation perspective, it's best that even if the system administrator does something that they shouldn't, that it will not trigger a BUG. So instead of BUG'ing, ext4_get_group_info() will call ext4_error and return NULL. We also add fallback code in all of the callers of ext4_get_group_info() that it might NULL. Also, since ext4_get_group_info() was already borderline to be an inline function, un-inline it. The results in a next reduction of the compiled text size of ext4 by roughly 2k. Cc: stable@kernel.org Link: https://lore.kernel.org/r/20230430154311.579720-2-tytso@mit.edu Reported-by: syzbot+e2efa3efc15a1c9e95c3@syzkaller.appspotmail.com Link: https://syzkaller.appspot.com/bug?id=69b28112e098b070f639efb356393af3ffec4220 Signed-off-by: Theodore Ts'o Reviewed-by: Jan Kara fs/ext4/balloc.c | 18 +++++++++++++++- fs/ext4/ext4.h | 15 ++----------- fs/ext4/ialloc.c | 12 +++++++---- fs/ext4/mballoc.c | 64 +++++++++++++++++++++++++++++++++++++++++++++---------- fs/ext4/super.c | 2 ++ 5 files changed, 82 insertions(+), 29 deletions(-) accumulated error probability: 0.00 culprit signature: cb2c2753e2a94ed45540dc857c2a5d70d3de3c1afdf3afbf534b09a37a9ae0ba parent signature: 9b97069c8bf2d93d181329dd9f2fd3f9704141f1daa097ce6d3a3335ab689477 reproducer is flaky (0.81 repro chance estimate) revisions tested: 25, total time: 5h52m55.440375518s (build: 1h47m41.071020281s, test: 3h56m5.248349416s) first good commit: 5354b2af34064a4579be8bc0e2f15a7b70f14b5f ext4: allow ext4_get_group_info() to fail recipients (to): ["jack@suse.cz" "tytso@mit.edu"] recipients (cc): []