ci starts bisection 2023-06-07 16:03:47.085537704 +0000 UTC m=+23939.373964580 bisecting fixing commit since 62bad54b26db8bc98e28749cd76b2d890edb4258 building syzkaller on f325deb023e4e2fb9197004be1b3da738680429c ensuring issue is reproducible on original commit 62bad54b26db8bc98e28749cd76b2d890edb4258 testing commit 62bad54b26db8bc98e28749cd76b2d890edb4258 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a9eb696341ad09c819340b1c2025c531465f4299704242e3675632b900bdce85 run #0: crashed: KASAN: use-after-free Read in sysv_new_block run #1: crashed: KASAN: use-after-free Read in sysv_new_block run #2: crashed: KASAN: use-after-free Read in sysv_new_block run #3: crashed: KASAN: null-ptr-deref Write in get_block run #4: crashed: KASAN: use-after-free Read in sysv_new_block run #5: crashed: KASAN: use-after-free Read in sysv_new_block run #6: crashed: KASAN: use-after-free Read in sysv_new_block run #7: crashed: KASAN: use-after-free Read in sysv_new_block run #8: crashed: KASAN: null-ptr-deref Write in get_block run #9: crashed: KASAN: use-after-free Read in sysv_new_block run #10: crashed: KASAN: use-after-free Read in sysv_new_block run #11: crashed: KASAN: null-ptr-deref Write in get_block run #12: crashed: KASAN: use-after-free Read in sysv_new_block run #13: crashed: KASAN: use-after-free Read in sysv_new_block run #14: crashed: KASAN: use-after-free Read in sysv_new_block run #15: crashed: KASAN: use-after-free Read in sysv_new_block run #16: crashed: KASAN: use-after-free Read in sysv_new_block run #17: crashed: KASAN: use-after-free Read in sysv_new_block run #18: crashed: KASAN: use-after-free Read in sysv_new_block run #19: crashed: KASAN: use-after-free Read in sysv_new_block testing current HEAD a4d7d701121981e3c3fe69ade376fe9f26324161 testing commit a4d7d701121981e3c3fe69ade376fe9f26324161 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5bf4eadbc2b2a5b3d34a71224b2337314d9de58c880b07c10eb1acf3e42496ea run #0: crashed: KASAN: null-ptr-deref Write in get_block run #1: crashed: KASAN: use-after-free Read in sysv_new_block run #2: crashed: KASAN: use-after-free Read in sysv_new_block run #3: crashed: KASAN: use-after-free Read in sysv_new_block run #4: crashed: KASAN: use-after-free Read in sysv_new_block run #5: crashed: KASAN: use-after-free Read in sysv_new_block run #6: crashed: KASAN: null-ptr-deref Write in get_block run #7: crashed: KASAN: use-after-free Read in sysv_new_block run #8: crashed: KASAN: use-after-free Read in sysv_new_block run #9: crashed: KASAN: null-ptr-deref Write in get_block crash still not fixed/happens on the oldest tested release revisions tested: 2, total time: 57m27.461309588s (build: 40m41.272202522s, test: 15m42.823017428s) crash still not fixed on HEAD or HEAD had kernel test errors commit msg: Merge tag 'spi-fix-v6.4-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi crash: KASAN: null-ptr-deref Write in get_block VFS: Found a Xenix FS (block size = 512) on device loop0 sysv_free_block: flc_count > flc_size sysv_free_block: flc_count > flc_size sysv_free_block: flc_count > flc_size sysv_free_block: flc_count > flc_size sysv_free_block: flc_count > flc_size sysv_free_block: flc_count > flc_size sysv_free_block: flc_count > flc_size sysv_free_block: flc_count > flc_size sysv_free_block: flc_count > flc_size sysv_free_block: flc_count > flc_size ================================================================== BUG: KASAN: null-ptr-deref in instrument_atomic_read_write include/linux/instrumented.h:96 [inline] BUG: KASAN: null-ptr-deref in test_and_set_bit_lock include/asm-generic/bitops/instrumented-lock.h:57 [inline] BUG: KASAN: null-ptr-deref in trylock_buffer include/linux/buffer_head.h:399 [inline] BUG: KASAN: null-ptr-deref in lock_buffer include/linux/buffer_head.h:405 [inline] BUG: KASAN: null-ptr-deref in alloc_branch fs/sysv/itree.c:148 [inline] BUG: KASAN: null-ptr-deref in get_block+0x57a/0x1230 fs/sysv/itree.c:251 Write of size 8 at addr 0000000000000000 by task syz-executor.0/14800 CPU: 0 PID: 14800 Comm: syz-executor.0 Not tainted 6.4.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x167/0x220 lib/dump_stack.c:106 print_report+0xe6/0x540 mm/kasan/report.c:465 kasan_report+0x176/0x1b0 mm/kasan/report.c:572 kasan_check_range+0x283/0x290 mm/kasan/generic.c:187 instrument_atomic_read_write include/linux/instrumented.h:96 [inline] test_and_set_bit_lock include/asm-generic/bitops/instrumented-lock.h:57 [inline] trylock_buffer include/linux/buffer_head.h:399 [inline] lock_buffer include/linux/buffer_head.h:405 [inline] alloc_branch fs/sysv/itree.c:148 [inline] get_block+0x57a/0x1230 fs/sysv/itree.c:251 __block_write_begin_int+0x393/0x1250 fs/buffer.c:2064 __block_write_begin fs/buffer.c:2114 [inline] block_write_begin+0x72/0x150 fs/buffer.c:2175 sysv_write_begin+0x29/0x50 fs/sysv/itree.c:485 generic_perform_write+0x2f5/0x540 mm/filemap.c:3923 __generic_file_write_iter+0x143/0x340 mm/filemap.c:4051 generic_file_write_iter+0x9d/0x230 mm/filemap.c:4083 call_write_iter include/linux/fs.h:1868 [inline] new_sync_write fs/read_write.c:491 [inline] vfs_write+0x719/0x8f0 fs/read_write.c:584 ksys_write+0x163/0x250 fs/read_write.c:637 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f022148c0f9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f02222b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007f02215abf80 RCX: 00007f022148c0f9 RDX: 00000000fffffd5e RSI: 000000002000ad00 RDI: 0000000000000004 RBP: 00007f02214e7b39 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffed64ca26f R14: 00007f02222b2300 R15: 0000000000022000 ==================================================================