bisecting fixing commit since 87335852c5d9ec629f80bb2257b9a9945962b719
building syzkaller on e34b696c0d7c04dbc824dee8b5123969bbca19b7
testing commit 87335852c5d9ec629f80bb2257b9a9945962b719 with gcc (GCC) 8.1.0
kernel signature: 172b09bff5b9878ae373c41d4326ada5f17ed7003776ff6197201f7c53b73b1c
all runs: crashed: divide error in squashfs_readpage
testing current HEAD 2d2791fce891fc20709232d49a6bae075b9a77f8
testing commit 2d2791fce891fc20709232d49a6bae075b9a77f8 with gcc (GCC) 8.1.0
kernel signature: 387136ba69b254e9ff66c43a95737d2ab8486c8ba0036960c0d58497f2e12c39
all runs: crashed: divide error in squashfs_readpage
revisions tested: 2, total time: 22m2.229480349s (build: 16m7.18132962s, test: 5m24.716198997s)
the crash still happens on HEAD
commit msg: Linux 4.14.217
crash: divide error in squashfs_readpage
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
divide error: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
ieee80211 phy7: mac80211_hwsim_config (freq=2412(2412 - 0)/noht idle=0 ps=0 smps=static)
CPU: 0 PID: 9110 Comm: syz-executor.0 Not tainted 4.14.217-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8881d08a4040 task.stack: ffff8881e61e0000
RIP: 0010:fill_meta_index fs/squashfs/file.c:256 [inline]
RIP: 0010:read_blocklist fs/squashfs/file.c:345 [inline]
RIP: 0010:squashfs_readpage+0x7f4/0x21c0 fs/squashfs/file.c:482
RSP: 0018:ffff8881e61e7638 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 00000000ffffffff RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881ca7ee4c8
ieee80211 phy7: mac80211_hwsim_config (freq=2412(2412 - 0)/noht idle=0 ps=0 smps=static)
RBP: ffff8881e61e7830 R08: ffffea00071c6410 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881ca7ee4c0
R13: 00000000000000de R14: 0000000000000099 R15: ffff8881ca7ee4f8
FS:  00007f7af2f34700(0000) GS:ffff8881f6400000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffc14bc9f8c CR3: 00000001ed256006 CR4: 00000000001606f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
ieee80211 phy7: mac80211_hwsim_bss_info_changed(changed=0x40000 vif->addr=02:00:00:00:07:00)
ieee80211 phy7:   TX Power: 20 dBm
 read_pages mm/readahead.c:131 [inline]
 __do_page_cache_readahead+0x679/0x950 mm/readahead.c:199
 ra_submit mm/internal.h:66 [inline]
 ondemand_readahead+0x42b/0xbc0 mm/readahead.c:486
 page_cache_sync_readahead+0x85/0xf0 mm/readahead.c:518
ieee80211 phy7: mac80211_hwsim_bss_info_changed(changed=0x4000 vif->addr=02:00:00:00:07:00)
 generic_file_buffered_read mm/filemap.c:2003 [inline]
 generic_file_read_iter+0xe53/0x1f30 mm/filemap.c:2273
 call_read_iter include/linux/fs.h:1772 [inline]
 new_sync_read fs/read_write.c:401 [inline]
 __vfs_read+0x410/0x840 fs/read_write.c:413
ieee80211 phy7: mac80211_hwsim_conf_tx (queue=0 txop=0 cw_min=15 cw_max=1023 aifs=2)
 vfs_read+0xf9/0x300 fs/read_write.c:447
 kernel_read+0x90/0x130 fs/read_write.c:426
 prepare_binprm+0x5b5/0x800 fs/exec.c:1581
ieee80211 phy7: mac80211_hwsim_conf_tx (queue=1 txop=0 cw_min=15 cw_max=1023 aifs=2)
 do_execveat_common.isra.14+0xd9e/0x1d70 fs/exec.c:1798
 do_execveat fs/exec.c:1871 [inline]
 SYSC_execveat fs/exec.c:1952 [inline]
 SyS_execveat+0x46/0x60 fs/exec.c:1944
 do_syscall_64+0x1c7/0x5b0 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x45deb9
RSP: 002b:00007f7af2f33c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
RAX: ffffffffffffffda RBX: 0000000000002dc0 RCX: 000000000045deb9
RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005
RBP: 000000000118bf70 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c
ieee80211 phy7: mac80211_hwsim_conf_tx (queue=2 txop=0 cw_min=15 cw_max=1023 aifs=2)
R13: 00007ffe833cd2ef R14: 00007f7af2f349c0 R15: 000000000118bf2c
Code: 49 8b 47 c8 31 d2 48 63 8d 2c fe ff ff 
ieee80211 phy7: mac80211_hwsim_conf_tx (queue=3 txop=0 cw_min=15 cw_max=1023 aifs=2)
48 89 85 90 fe ff ff 48 63 85 78 fe ff ff 48 89 ce 48 c1 e1 0b c1 e6 0b 89 b5 60 fe ff ff <48> f7 f1 85 
ieee80211 phy7: mac80211_hwsim_bss_info_changed(changed=0x2000 vif->addr=02:00:00:00:07:00)
c0 48 89 85 68 fe ff ff 89 85 8c fe ff ff 0f 
ieee80211 phy7: mac80211_hwsim_bss_info_changed(changed=0x8bfe vif->addr=02:00:00:00:07:00)
8e c3 
RIP: fill_meta_index fs/squashfs/file.c:256 [inline] RSP: ffff8881e61e7638
RIP: read_blocklist fs/squashfs/file.c:345 [inline] RSP: ffff8881e61e7638
RIP: squashfs_readpage+0x7f4/0x21c0 fs/squashfs/file.c:482 RSP: ffff8881e61e7638
ieee80211 phy8: Selected rate control algorithm 'minstrel_ht'
ieee80211 phy7: mac80211_hwsim_bss_info_changed: BSSID changed: 50:50:50:50:50:50
ieee80211 phy8: hwaddr 02:00:00:00:08:00 registered
ieee80211 phy7:   BCN EN: 1 (BI=100)
ieee80211 phy9: Selected rate control algorithm 'minstrel_ht'
ieee80211 phy7:   ERP_CTS_PROT: 0
ieee80211 phy9: hwaddr 02:00:00:00:09:00 registered
ieee80211 phy7:   ERP_PREAMBLE: 0
ieee80211 phy8: mac80211_hwsim_start
ieee80211 phy7:   ERP_SLOT: 0
ieee80211 phy8: mac80211_hwsim_add_interface (type=1 mac_addr=02:00:00:00:08:00)
ieee80211 phy7:   HT: op_mode=0xb
ieee80211 phy8: mac80211_hwsim_bss_info_changed(changed=0xe vif->addr=02:00:00:00:08:00)
ieee80211 phy7:   BASIC_RATES: 0x1
ieee80211 phy8:   ERP_CTS_PROT: 0
---[ end trace d22cbbf9556d410e ]---
ieee80211 phy8:   ERP_PREAMBLE: 0