ci2 starts bisection 2023-06-25 14:01:42.997567663 +0000 UTC m=+407887.226525917
bisecting fixing commit since 19c0ed55a470d1cd766484abab04871b648560fb
building syzkaller on 4bce1a3e705a8b62de8194bdb28f5eef89c8feec
ensuring issue is reproducible on original commit 19c0ed55a470d1cd766484abab04871b648560fb

testing commit 19c0ed55a470d1cd766484abab04871b648560fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 07b94c83808b1ebb471db3da7d2c598de31d4a637c58e0168b1ad4021bc17063
run #0: crashed: general protection fault in ext4_acquire_dquot
run #1: crashed: general protection fault in ext4_acquire_dquot
run #2: crashed: general protection fault in ext4_acquire_dquot
run #3: crashed: general protection fault in ext4_acquire_dquot
run #4: crashed: general protection fault in ext4_acquire_dquot
run #5: crashed: general protection fault in ext4_acquire_dquot
run #6: crashed: general protection fault in ext4_acquire_dquot
run #7: crashed: general protection fault in ext4_acquire_dquot
run #8: crashed: general protection fault in ext4_release_dquot
run #9: crashed: general protection fault in ext4_acquire_dquot
run #10: crashed: general protection fault in ext4_acquire_dquot
run #11: crashed: general protection fault in ext4_acquire_dquot
run #12: crashed: general protection fault in ext4_acquire_dquot
run #13: crashed: general protection fault in ext4_acquire_dquot
run #14: crashed: general protection fault in ext4_acquire_dquot
run #15: crashed: general protection fault in ext4_acquire_dquot
run #16: crashed: general protection fault in ext4_acquire_dquot
run #17: crashed: general protection fault in ext4_acquire_dquot
run #18: crashed: general protection fault in ext4_acquire_dquot
run #19: crashed: general protection fault in ext4_acquire_dquot
testing current HEAD 565c3abfa1299a4293f21d25d16258659fd200a5
testing commit 565c3abfa1299a4293f21d25d16258659fd200a5 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 9aa3d05d73502665b62546786ef81e05c8fda1f156d10e300f2f2896cadbbb66
all runs: crashed: general protection fault in ext4_acquire_dquot
crash still not fixed/happens on the oldest tested release
revisions tested: 2, total time: 20m35.506587535s (build: 12m52.275036716s, test: 7m2.801872496s)
crash still not fixed on HEAD or HEAD had kernel test errors
commit msg: Merge 5.15.110 into android13-5.15-lts
crash: general protection fault in ext4_acquire_dquot
general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
CPU: 0 PID: 2070 Comm: syz-executor.2 Tainted: G        W         5.15.110-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
RIP: 0010:ext4_acquire_dquot+0xbc/0x360 fs/ext4/super.c:6159
Code: c1 ea 03 80 3c 02 00 0f 85 a3 02 00 00 4e 8b b4 eb 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 49 8d 7e 28 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 72 02 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b
RSP: 0018:ffffc900040b75d0 EFLAGS: 00010206
RAX: dffffc0000000000 RBX: ffff88810ebe2000 RCX: ffffffff81b962a8
RDX: 0000000000000005 RSI: 0000000000000008 RDI: 0000000000000028
RBP: ffffc900040b7600 R08: 0000000000000000 R09: ffff88811c3e2bd7
R10: ffffed102387c57a R11: ffff88812262477c R12: ffff88811c3e2b40
R13: 0000000000000001 R14: 0000000000000000 R15: ffff88811c3e2b40
FS:  00007f6ea50b7700(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f6ea50b7718 CR3: 000000011d24e000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 dqget+0x586/0xf40 fs/quota/dquot.c:914
 __dquot_initialize+0x455/0x14c0 fs/quota/dquot.c:1492
 dquot_initialize fs/quota/dquot.c:1550 [inline]
 dquot_file_open fs/quota/dquot.c:2174 [inline]
 dquot_file_open+0x60/0x80 fs/quota/dquot.c:2168
 ext4_file_open fs/ext4/file.c:883 [inline]
 ext4_file_open+0x2c4/0xa70 fs/ext4/file.c:853
 do_dentry_open+0x451/0x1050 fs/open.c:828
 vfs_open+0x9a/0xc0 fs/open.c:958
 do_open fs/namei.c:3538 [inline]
 path_openat+0x217c/0x4180 fs/namei.c:3672
 do_filp_open+0x1ab/0x3f0 fs/namei.c:3699
 do_sys_openat2+0x135/0x8e0 fs/open.c:1234
 do_sys_open fs/open.c:1250 [inline]
 __do_sys_openat fs/open.c:1266 [inline]
 __se_sys_openat fs/open.c:1261 [inline]
 __x64_sys_openat+0x124/0x200 fs/open.c:1261
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x61/0xcb
RIP: 0033:0x7f6ead946169
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f6ea50b7168 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f6eada66120 RCX: 00007f6ead946169
RDX: 000000000000275a RSI: 0000000020000040 RDI: ffffffffffffff9c
RBP: 00007f6ead9a1ca1 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffdd31f150f R14: 00007f6ea50b7300 R15: 0000000000022000
 </TASK>
Modules linked in:
---[ end trace 0935884273dc0553 ]---
RIP: 0010:ext4_acquire_dquot+0xbc/0x360 fs/ext4/super.c:6159
Code: c1 ea 03 80 3c 02 00 0f 85 a3 02 00 00 4e 8b b4 eb 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 49 8d 7e 28 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 72 02 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b
RSP: 0018:ffffc900040b75d0 EFLAGS: 00010206

RAX: dffffc0000000000 RBX: ffff88810ebe2000 RCX: ffffffff81b962a8
RDX: 0000000000000005 RSI: 0000000000000008 RDI: 0000000000000028
RBP: ffffc900040b7600 R08: 0000000000000000 R09: ffff88811c3e2bd7
R10: ffffed102387c57a R11: ffff88812262477c R12: ffff88811c3e2b40
R13: 0000000000000001 R14: 0000000000000000 R15: ffff88811c3e2b40
FS:  00007f6ea50b7700(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000011d24e000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	c1 ea 03             	shr    $0x3,%edx
   3:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
   7:	0f 85 a3 02 00 00    	jne    0x2b0
   d:	4e 8b b4 eb 80 01 00 	mov    0x180(%rbx,%r13,8),%r14
  14:	00
  15:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  1c:	fc ff df
  1f:	49 8d 7e 28          	lea    0x28(%r14),%rdi
  23:	48 89 fa             	mov    %rdi,%rdx
  26:	48 c1 ea 03          	shr    $0x3,%rdx
* 2a:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1) <-- trapping instruction
  2e:	0f 85 72 02 00 00    	jne    0x2a6
  34:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  3b:	fc ff df
  3e:	4d                   	rex.WRB
  3f:	8b                   	.byte 0x8b