bisecting fixing commit since 0c88e405c97ed1828443b67891e6d4bb6e56cd4e
building syzkaller on 1a1f4bd8c48f86af4bc94a2e3a86fc0de9c52c93
testing commit 0c88e405c97ed1828443b67891e6d4bb6e56cd4e with gcc (GCC) 8.4.1 20210217
kernel signature: a708a6b5634e1e57735a9b102c83a5fe10387733dca655e4d73eeef8ab54347c
run #0: crashed: kernel BUG in submit_bh_wbc
run #1: crashed: kernel BUG in submit_bh_wbc
run #2: crashed: kernel BUG in submit_bh_wbc
run #3: crashed: general protection fault in bdevname
run #4: crashed: general protection fault in bdevname
run #5: crashed: kernel BUG in submit_bh_wbc
run #6: crashed: general protection fault in bdevname
run #7: crashed: kernel BUG in submit_bh_wbc
run #8: crashed: kernel BUG in submit_bh_wbc
run #9: crashed: general protection fault in bdevname
run #10: crashed: kernel BUG in submit_bh_wbc
run #11: crashed: kernel BUG in submit_bh_wbc
run #12: crashed: kernel BUG in submit_bh_wbc
run #13: crashed: kernel BUG in submit_bh_wbc
run #14: crashed: kernel BUG in submit_bh_wbc
run #15: crashed: kernel BUG in submit_bh_wbc
run #16: crashed: kernel BUG in submit_bh_wbc
run #17: crashed: general protection fault in bdevname
run #18: crashed: kernel BUG in submit_bh_wbc
run #19: crashed: kernel BUG in submit_bh_wbc
testing current HEAD 2d19be4653f5e74ed95560b69f94eb6791d49af3
testing commit 2d19be4653f5e74ed95560b69f94eb6791d49af3 with gcc (GCC) 8.4.1 20210217
kernel signature: 96c8f883f955feb0734187c686cf3c59b2d1794656f72a75a0584d607672d3a2
run #0: crashed: kernel BUG in submit_bh_wbc
run #1: crashed: kernel BUG in submit_bh_wbc
run #2: crashed: kernel BUG in submit_bh_wbc
run #3: crashed: general protection fault in bdevname
run #4: crashed: kernel BUG in submit_bh_wbc
run #5: crashed: kernel BUG in submit_bh_wbc
run #6: crashed: kernel BUG in submit_bh_wbc
run #7: crashed: kernel BUG in submit_bh_wbc
run #8: crashed: kernel BUG in submit_bh_wbc
run #9: crashed: kernel BUG in submit_bh_wbc
revisions tested: 2, total time: 23m43.709281659s (build: 15m40.282164293s, test: 7m4.839623682s)
the crash still happens on HEAD
commit msg: Linux 4.19.177
crash: kernel BUG in submit_bh_wbc
EXT4-fs (loop5): mount failed
EXT4-fs error (device loop4): ext4_fill_super:4446: inode #2: comm syz-executor.4: iget: root inode unallocated
EXT4-fs (loop4): get root inode failed
EXT4-fs (loop4): mount failed
------------[ cut here ]------------
kernel BUG at fs/buffer.c:3049!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 9608 Comm: kmmpd-loop4 Not tainted 4.19.177-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:submit_bh_wbc+0x4e5/0x6f0 fs/buffer.c:3049
Code: 33 45 89 65 10 4c 89 ef e8 08 06 91 01 31 c0 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 f0 80 63 01 f7 e9 c1 fb ff ff 0f 0b <0f> 0b 0f 0b 0f 0b 0f 0b 0f 0b e8 bc 11 ea ff eb c6 e8 15 11 ea ff
RSP: 0018:ffff8881c8cf7d58 EFLAGS: 00010246
RAX: 0000000000000005 RBX: ffff8881cacb03f0 RCX: 0000000000000000
RDX: 1ffff1103959607e RSI: 0000000000003800 RDI: 0000000000000001
RBP: ffff8881c8cf7da0 R08: 0000000000000000 R09: ffffed103959608a
R10: ffffed103959608a R11: ffff8881cacb0453 R12: 0000000000003800
R13: ffff8881d9b28e00 R14: ffff8881c8737000 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8881f6500000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000556237d9ac00 CR3: 000000000986d004 CR4: 00000000001606e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 submit_bh+0xe/0x10 fs/buffer.c:3096
 write_mmp_block+0x1ac/0x2a0 fs/ext4/mmp.c:55
 kmmpd+0x657/0x9e0 fs/ext4/mmp.c:246
 kthread+0x347/0x410 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
Modules linked in:
EXT4-fs error (device loop3): ext4_fill_super:4446: inode #2: comm syz-executor.3: iget: root inode unallocated
EXT4-fs (loop3): get root inode failed
---[ end trace 6d894ab1a5090d3b ]---
EXT4-fs (loop3): mount failed
RIP: 0010:submit_bh_wbc+0x4e5/0x6f0 fs/buffer.c:3049
Code: 33 45 89 65 10 4c 89 ef e8 08 06 91 01 31 c0 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 f0 80 63 01 f7 e9 c1 fb ff ff 0f 0b <0f> 0b 0f 0b 0f 0b 0f 0b 0f 0b e8 bc 11 ea ff eb c6 e8 15 11 ea ff
RSP: 0018:ffff8881c8cf7d58 EFLAGS: 00010246
RAX: 0000000000000005 RBX: ffff8881cacb03f0 RCX: 0000000000000000
RDX: 1ffff1103959607e RSI: 0000000000003800 RDI: 0000000000000001
RBP: ffff8881c8cf7da0 R08: 0000000000000000 R09: ffffed103959608a
R10: ffffed103959608a R11: ffff8881cacb0453 R12: 0000000000003800
R13: ffff8881d9b28e00 R14: ffff8881c8737000 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8881f6400000(0000) knlGS:0000000000000000
EXT4-fs error (device loop3): ext4_fill_super:4446: inode #2: comm syz-executor.3: iget: root inode unallocated
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
EXT4-fs (loop3): get root inode failed
CR2: 000000000055c000 CR3: 000000000986d001 CR4: 00000000001606f0
EXT4-fs (loop3): mount failed
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400