ci starts bisection 2025-02-24 17:49:11.032519195 +0000 UTC m=+233206.852340820 bisecting cause commit starting from e5d3fd687aac5eceb1721fa92b9f49afcf4c3717 building syzkaller on d34966d146f584d390b49f213d1fccd59548dc6d fetch other tags and check if the commit is present ensuring issue is reproducible on original commit e5d3fd687aac5eceb1721fa92b9f49afcf4c3717 testing commit e5d3fd687aac5eceb1721fa92b9f49afcf4c3717 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: c1234e82a289adbbd0e8dc1be0046da033bb9df1a3d41adb8533bdf53fdb9bbe run #0: crashed: general protection fault in lock_vma_under_rcu run #1: crashed: general protection fault in lock_vma_under_rcu run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: crashed: general protection fault in lock_vma_under_rcu run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: general protection fault in lock_vma_under_rcu, types: [UNKNOWN] check whether we can drop unnecessary instrumentation disabling configs for [BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed testing commit e5d3fd687aac5eceb1721fa92b9f49afcf4c3717 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 0a9b0eccf5ac647924c25e7dd9bf3f8ce8df947d6bdcb0836243aa9709f6f024 run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #8: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #9: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #16: OK run #17: OK run #18: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #19: OK representative crash: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu, types: [UNKNOWN] the bug reproduces without the instrumentation disabling configs for [UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed kconfig minimization: base=4062 full=8265 leaves diff=2121 split chunks (needed=false): <2121> split chunk #0 of len 2121 into 5 parts testing without sub-chunk 1/5 disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed testing commit e5d3fd687aac5eceb1721fa92b9f49afcf4c3717 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 884df907eaa244ee33dc7895464e577b2f629efcfdadb9eae4caf85c9fd911e6 run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #5: OK run #6: OK run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed testing commit e5d3fd687aac5eceb1721fa92b9f49afcf4c3717 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 failed building e5d3fd687aac5eceb1721fa92b9f49afcf4c3717: drivers/gpu/drm/bridge/aux-bridge.c:116: undefined reference to `devm_drm_of_get_bridge' testing without sub-chunk 3/5 disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed testing commit e5d3fd687aac5eceb1721fa92b9f49afcf4c3717 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 50e103bdeb0e54cea469c9a09ec43601a82f0e4358c27fd26e09e7ba162a794b run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #8: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #9: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #10: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #11: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #19: OK representative crash: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 4/5 disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN], they are not needed testing commit e5d3fd687aac5eceb1721fa92b9f49afcf4c3717 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: ed08b14a6d3d3a76a9b50f2404ece4dafd49fb567bb89d4e4954135ae65b9719 run #0: ignore: lost connection to test machine run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK false negative chance: 0.046 testing without sub-chunk 5/5 disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN LOCKDEP], they are not needed testing commit e5d3fd687aac5eceb1721fa92b9f49afcf4c3717 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 75f14d88945d1d0618e082988ffa4c7c351b4dbe16040cc2fec0d9ea2b4bfbd1 run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu, types: [UNKNOWN] the chunk can be dropped minimized to 850 configs; suspects: [6LOWPAN AF_RXRPC ARCH_ENABLE_MEMORY_HOTREMOVE ASUS_WMI ATM AX25 BT BT_BREDR BT_HIDP BXT_WC_PMIC_OPREGION CFG80211 CHARGER_BQ24190 CMA COMMON_CLK DAX DLM DRM DRM_BRIDGE DRM_GM12U320 DRM_GUD DRM_I915 DRM_I915_CAPTURE_ERROR DRM_I915_COMPRESS_ERROR DRM_I915_USERPTR DRM_KMS_HELPER DRM_MIPI_DSI DRM_PANEL DRM_PANEL_BRIDGE DRM_PANEL_EDP DRM_PANEL_ORIENTATION_QUIRKS DRM_SIMPLEDRM DRM_TTM DRM_TTM_HELPER DRM_UDL DRM_VGEM DRM_VIRTIO_GPU DRM_VIRTIO_GPU_KMS DRM_VKMS DRM_VMWGFX DUMMY DVB_AF9013 DVB_AF9033 DVB_AS102 DVB_AS102_FE DVB_B2C2_FLEXCOP DVB_B2C2_FLEXCOP_USB DVB_CORE DVB_DIB3000MB DVB_DIB3000MC DVB_EC100 DVB_GP8PSK_FE DVB_RTL2830 DVB_RTL2832 DVB_RTL2832_SDR DVB_TEST_DRIVERS DVB_TTUSB_BUDGET DVB_TTUSB_DEC DVB_USB DVB_USB_A800 DVB_USB_AF9005 DVB_USB_AF9005_REMOTE DVB_USB_AF9015 DVB_USB_AF9035 DVB_USB_ANYSEE DVB_USB_AU6610 DVB_USB_AZ6007 DVB_USB_AZ6027 DVB_USB_CE6230 DVB_USB_CINERGY_T2 DVB_USB_CXUSB DVB_USB_CXUSB_ANALOG DVB_USB_DIB0700 DVB_USB_DIB3000MC DVB_USB_DIBUSB_MB DVB_USB_DIBUSB_MC DVB_USB_DIGITV DVB_USB_DTT200U DVB_USB_DTV5100 DVB_USB_DVBSKY DVB_USB_DW2102 DVB_USB_EC168 DVB_USB_GL861 DVB_USB_GP8PSK DVB_USB_LME2510 DVB_USB_M920X DVB_USB_MXL111SF DVB_USB_NOVA_T_USB2 DVB_USB_OPERA1 DVB_USB_PCTV452E DVB_USB_RTL28XXU DVB_USB_TECHNISAT_USB2 DVB_USB_TTUSB2 DVB_USB_UMT_010 DVB_USB_V2 DVB_USB_VP702X DVB_USB_VP7045 DVB_USB_ZD1301 DVB_VIDTV DVB_ZL10353 ECRYPT_FS ECRYPT_FS_MESSAGING EDAC EFS_FS ENCRYPTED_KEYS EQUALIZER EROFS_FS EROFS_FS_POSIX_ACL EROFS_FS_SECURITY EROFS_FS_XATTR EROFS_FS_ZIP EVM EVM_ADD_XATTRS EVM_ATTR_FSUUID EXFAT_FS EXPORTFS_BLOCK_OPS EXT3_FS EXT3_FS_POSIX_ACL EXT3_FS_SECURITY EXTCON EXTCON_INTEL_CHT_WC EXTCON_PTN5150 EXTCON_USBC_TUSB320 F2FS_CHECK_FS F2FS_FAULT_INJECTION F2FS_FS F2FS_FS_COMPRESSION F2FS_FS_LZ4 F2FS_FS_LZ4HC F2FS_FS_LZO F2FS_FS_LZORLE F2FS_FS_POSIX_ACL F2FS_FS_SECURITY F2FS_FS_XATTR F2FS_FS_ZSTD F2FS_STAT_FS FANOTIFY FANOTIFY_ACCESS_PERMISSIONS FB FB_CFB_COPYAREA FB_CFB_FILLRECT FB_CFB_IMAGEBLIT FB_CORE FB_DEFERRED_IO FB_DEVICE FB_IOMEM_FOPS FB_IOMEM_HELPERS FB_NOTIFY FB_SYSMEM_FOPS FB_SYSMEM_HELPERS FB_SYSMEM_HELPERS_DEFERRED FB_SYS_COPYAREA FB_SYS_FILLRECT FB_SYS_IMAGEBLIT FB_TILEBLITTING FB_VESA FB_VGA16 FB_VIRTUAL FDDI FIREWIRE FIREWIRE_NET FIREWIRE_OHCI FIREWIRE_SBP2 FONT_8x16 FONT_8x8 FONT_SUPPORT FRAMEBUFFER_CONSOLE FRAMEBUFFER_CONSOLE_DETECT_PRIMARY FRAMEBUFFER_CONSOLE_ROTATION FS_DAX FS_DAX_PMD FS_ENCRYPTION FS_ENCRYPTION_ALGS FS_STACK FS_VERITY FS_VERITY_BUILTIN_SIGNATURES FTL FUSE_DAX FUSE_FS FW_LOADER_COMPRESS FW_LOADER_PAGED_BUF FW_LOADER_SYSFS FW_LOADER_USER_HELPER FW_LOADER_USER_HELPER_FALLBACK GACT_PROB GARP GENDWARFKSYMS GENERIC_PHY GENEVE GET_FREE_REGION GFS2_FS GFS2_FS_LOCKING_DLM GNSS GNSS_USB GOOGLE_COREBOOT_TABLE GOOGLE_FIRMWARE GOOGLE_MEMCONSOLE GOOGLE_MEMCONSOLE_COREBOOT GOOGLE_VPD GPIOLIB GPIOLIB_IRQCHIP GPIO_ACPI GPIO_DLN2 GPIO_LJCA GPIO_VIPERBOARD GREENASIA_FF GREYBUS GREYBUS_BRIDGED_PHY GREYBUS_ES2 GREYBUS_HID GREYBUS_USB GTP GUEST_PERF_EVENTS GVE HAMRADIO HARDENED_USERCOPY_DEFAULT_ON HAVE_ARCH_NODE_DEV_GROUP HAVE_ARCH_USERFAULTFD_MINOR HAVE_ARCH_USERFAULTFD_WP HAVE_BOOTMEM_INFO_NODE HAVE_CLK HAVE_CLK_PREPARE HAVE_KVM_CPU_RELAX_INTERCEPT HAVE_KVM_DIRTY_RING HAVE_KVM_DIRTY_RING_ACQ_REL HAVE_KVM_DIRTY_RING_TSO HAVE_KVM_IRQCHIP HAVE_KVM_IRQ_BYPASS HAVE_KVM_IRQ_ROUTING HAVE_KVM_MSI HAVE_KVM_NO_POLL HAVE_KVM_PFNCACHE HAVE_KVM_PM_NOTIFIER HAVE_KVM_READONLY_MEM HAVE_SCHED_AVG_IRQ HDLC HDLC_CISCO HDLC_FR HDLC_PPP HDLC_RAW HDLC_RAW_ETH HDLC_X25 HDMI HFSPLUS_FS HFS_FS HID_ACCUTOUCH HID_ACRUX HID_ACRUX_FF HID_ALPS HID_APPLEIR HID_ASUS HID_AUREAL HID_BATTERY_STRENGTH HID_BETOP_FF HID_BIGBEN_FF HID_CMEDIA HID_CORSAIR HID_COUGAR HID_CP2112 HID_CREATIVE_SB0540 HID_ELAN HID_ELECOM HID_ELO HID_EMS_FF HID_EVISION HID_FT260 HID_GEMBIRD HID_GFRM HID_GLORIOUS HID_GOOGLE_STADIA_FF HID_GREENASIA HID_GT683R HID_HOLTEK HID_ICADE HID_JABRA HID_KEYTOUCH HID_KYE HID_LCPOWER HID_LED HID_LENOVO HID_LETSKETCH HID_LOGITECH_DJ HID_LOGITECH_HIDPP HID_MACALLY HID_MAGICMOUSE HID_MALTRON HID_MAYFLASH HID_MCP2200 HID_MCP2221 HID_MEGAWORLD_FF HID_MULTITOUCH HID_NTI HID_NVIDIA_SHIELD HID_ORTEK HID_PENMOUNT HID_PICOLCD HID_PICOLCD_BACKLIGHT HID_PICOLCD_CIR HID_PICOLCD_FB HID_PICOLCD_LCD HID_PICOLCD_LEDS HID_PLANTRONICS HID_PLAYSTATION HID_PRIMAX HID_PRODIKEYS HID_PXRC HID_RAZER HID_RETRODE HID_RMI HID_ROCCAT HID_SAITEK HID_SEMITEK HID_SENSOR_ACCEL_3D HID_SENSOR_ALS HID_SENSOR_CUSTOM_INTEL_HINGE HID_SENSOR_CUSTOM_SENSOR HID_SENSOR_DEVICE_ROTATION HID_SENSOR_GYRO_3D HID_SENSOR_HUB HID_SENSOR_HUMIDITY HID_SENSOR_IIO_COMMON HID_SENSOR_IIO_TRIGGER HID_SENSOR_INCLINOMETER_3D HID_SENSOR_MAGNETOMETER_3D HID_SENSOR_PRESS HID_SENSOR_PROX HID_SENSOR_TEMP HID_SIGMAMICRO HID_SMARTJOYPLUS HID_SPEEDLINK HID_STEAM HID_STEELSERIES HID_THINGM HID_THRUSTMASTER HID_TIVO HID_TOPRE HID_TWINHAN HID_U2FZERO HID_UCLOGIC HID_UDRAW_PS3 HID_VIEWSONIC HID_VIVALDI HID_VIVALDI_COMMON HID_VRC2 HID_WACOM HID_WALTOP HID_WIIMOTE HID_XIAOMI HID_XINMO HID_ZYDACRON HMM_MIRROR HOLTEK_FF HOTPLUG_PCI_PCIE HPET_MMAP HPET_MMAP_DEFAULT HPFS_FS I2C_ALGOBIT I2C_CHARDEV I2C_CP2615 I2C_DESIGNWARE_CORE I2C_DESIGNWARE_PLATFORM I2C_DIOLAN_U2C I2C_DLN2 I2C_HID_ACPI I2C_HID_CORE I2C_HID_OF I2C_LJCA I2C_MUX I2C_MUX_REG I2C_ROBOTFUZZ_OSIF I2C_SI4713 I2C_SLAVE I2C_SLAVE_EEPROM I2C_TINY_USB I2C_VIPERBOARD IEEE802154 IEEE802154_6LOWPAN IEEE802154_ATUSB IEEE802154_DRIVERS IEEE802154_HWSIM IEEE802154_NL802154_EXPERIMENTAL IEEE802154_SOCKET IFB IIO IIO_BUFFER IIO_KFIFO_BUF IIO_TRIGGER IIO_TRIGGERED_BUFFER IKCONFIG IKCONFIG_PROC IMA IMA_APPRAISE IMA_APPRAISE_MODSIG IMA_DEFAULT_HASH_SHA256 IMA_LSM_RULES IMA_MEASURE_ASYMMETRIC_KEYS IMA_NG_TEMPLATE IMA_QUEUE_EARLY_BOOT_KEYS IMA_READ_POLICY IMA_WRITE_POLICY INET6_ESPINTCP INET6_ESP_OFFLOAD INET6_IPCOMP INET6_TUNNEL INET6_XFRM_TUNNEL INET_AH INET_DCCP_DIAG INET_DIAG INET_DIAG_DESTROY INET_ESP INET_ESPINTCP INET_ESP_OFFLOAD INET_IPCOMP INET_MPTCP_DIAG INET_RAW_DIAG INET_SCTP_DIAG INET_TCP_DIAG INET_UDP_DIAG INET_XFRM_TUNNEL INFINIBAND INFINIBAND_ADDR_TRANS INFINIBAND_ADDR_TRANS_CONFIGFS INFINIBAND_IPOIB INFINIBAND_IPOIB_CM INFINIBAND_IPOIB_DEBUG INFINIBAND_ISER INFINIBAND_ON_DEMAND_PAGING INFINIBAND_RTRS INFINIBAND_SRP INFINIBAND_USER_ACCESS INFINIBAND_USER_MAD INFINIBAND_USER_MEM INFINIBAND_VIRT_DMA INPUT_ATI_REMOTE2 INPUT_CM109 INPUT_IMS_PCU INPUT_JOYDEV INPUT_KEYSPAN_REMOTE INPUT_LEDS INPUT_MOUSEDEV INPUT_MOUSEDEV_PSAUX INPUT_POWERMATE INPUT_TABLET INPUT_TOUCHSCREEN INPUT_UINPUT INPUT_YEALINK INTEGRITY INTEGRITY_ASYMMETRIC_KEYS INTEGRITY_AUDIT INTEGRITY_SIGNATURE INTEGRITY_TRUSTED_KEYRING INTEL_CHTWC_INT33FE INTEL_IDMA64 INTEL_IOATDMA INTEL_IOMMU_DEFAULT_ON INTEL_IOMMU_SVM INTEL_ISHTP_ECLITE INTEL_ISH_FIRMWARE_DOWNLOADER INTEL_ISH_HID INTEL_SCU_IPC INTEL_SOC_PMIC_BXTWC INTEL_SOC_PMIC_CHTWC INTERVAL_TREE_SPAN_ITER IOMMUFD IOMMUFD_DRIVER IOMMUFD_DRIVER_CORE IOMMUFD_TEST IO_URING_ZCRX IP6_NF_MATCH_AH IP6_NF_MATCH_EUI64 IP6_NF_MATCH_FRAG IP6_NF_MATCH_HL IP6_NF_MATCH_MH IP6_NF_MATCH_OPTS IP6_NF_MATCH_RPFILTER IP6_NF_MATCH_RT IP6_NF_MATCH_SRH IP6_NF_NAT IP6_NF_RAW IP6_NF_SECURITY IP6_NF_TARGET_HL IP6_NF_TARGET_MASQUERADE IP6_NF_TARGET_NPT IP6_NF_TARGET_SYNPROXY IPV6_FOU IPV6_FOU_TUNNEL IPV6_GRE IPV6_ILA IPV6_MIP6 IPV6_MROUTE IPV6_MROUTE_MULTIPLE_TABLES IPV6_MULTIPLE_TABLES IPV6_OPTIMISTIC_DAD IPV6_PIMSM_V2 IPV6_ROUTER_PREF IPV6_ROUTE_INFO IPV6_RPL_LWTUNNEL IPV6_SEG6_BPF IPV6_SEG6_HMAC IPV6_SEG6_LWTUNNEL IPV6_SIT_6RD IPV6_SUBTREES IPV6_TUNNEL IPV6_VTI IPVLAN IPVLAN_L3S IPVTAP IP_DCCP IP_DCCP_CCID3 IP_DCCP_TFRC_LIB IP_FIB_TRIE_STATS IP_MROUTE_MULTIPLE_TABLES IP_NF_ARPFILTER IP_NF_ARPTABLES IP_NF_ARP_MANGLE IP_NF_MATCH_AH IP_NF_MATCH_ECN IP_NF_MATCH_RPFILTER IP_NF_MATCH_TTL IP_NF_RAW IP_NF_SECURITY IP_NF_TARGET_ECN IP_NF_TARGET_NETMAP IP_NF_TARGET_REDIRECT IP_NF_TARGET_SYNPROXY IP_NF_TARGET_TTL IP_ROUTE_CLASSID IP_SCTP IP_SET IP_SET_BITMAP_IP IP_SET_BITMAP_IPMAC IP_SET_BITMAP_PORT IP_SET_HASH_IP IP_SET_HASH_IPMAC IP_SET_HASH_IPMARK IP_SET_HASH_IPPORT IP_SET_HASH_IPPORTIP IP_SET_HASH_IPPORTNET IP_SET_HASH_MAC IP_SET_HASH_NET IP_SET_HASH_NETIFACE IP_SET_HASH_NETNET IP_SET_HASH_NETPORT IP_SET_HASH_NETPORTNET IP_SET_LIST_SET IRQ_TIME_ACCOUNTING L2TP LAPB LCD_CLASS_DEVICE LEDS_CLASS_MULTICOLOR LIBNVDIMM MAC80211 MAC802154 MEDIA_COMMON_OPTIONS MEDIA_DIGITAL_TV_SUPPORT MEDIA_PLATFORM_SUPPORT MEDIA_RADIO_SUPPORT MEDIA_SDR_SUPPORT MEDIA_SUPPORT MEDIA_TEST_SUPPORT MEDIA_USB_SUPPORT MEMORY_HOTPLUG MEMORY_HOTREMOVE MFD_DLN2 MFD_INTEL_PMC_BXT MFD_MT6360 MFD_MT6370 MFD_RETU MFD_VIPERBOARD MMC MODVERSIONS MPTCP MTD MTD_UBI NETFILTER_ADVANCED NETFILTER_CONNCOUNT NET_ACT_GACT NET_ACT_MIRRED NET_IPGRE NET_IPGRE_DEMUX NFS_V4_1 NFT_COMPAT NFT_COMPAT_ARP NFT_FWD_NETDEV NF_TABLES NF_TABLES_ARP NF_TABLES_NETDEV NLS_CODEPAGE_1250 NLS_CODEPAGE_1251 NLS_CODEPAGE_737 NLS_CODEPAGE_775 NLS_CODEPAGE_850 NLS_CODEPAGE_852 NLS_CODEPAGE_855 NLS_CODEPAGE_857 NLS_CODEPAGE_860 NLS_CODEPAGE_861 NLS_CODEPAGE_862 NLS_CODEPAGE_863 NLS_CODEPAGE_864 NLS_CODEPAGE_865 NLS_CODEPAGE_866 NLS_CODEPAGE_869 NLS_CODEPAGE_874 NLS_CODEPAGE_932 NLS_CODEPAGE_936 NLS_CODEPAGE_949 NLS_CODEPAGE_950 NLS_ISO8859_13 NLS_ISO8859_14 NLS_ISO8859_15 NLS_ISO8859_2 NLS_ISO8859_3 NLS_ISO8859_4 NLS_ISO8859_5 NLS_ISO8859_6 NLS_ISO8859_7 NLS_ISO8859_8 NLS_ISO8859_9 NLS_KOI8_R NLS_KOI8_U NLS_MAC_CELTIC NLS_MAC_CENTEURO NLS_MAC_CROATIAN NLS_MAC_CYRILLIC NLS_MAC_GAELIC NLS_MAC_GREEK NLS_MAC_ICELAND NLS_MAC_INUIT NLS_MAC_ROMAN NLS_MAC_ROMANIAN NLS_MAC_TURKISH NLS_UCS2_UTILS NOZOMI NTFS3_FS NTFS3_FS_POSIX_ACL NTFS3_LZX_XPRESS NULL_TTY NUMA_BALANCING NUMA_BALANCING_DEFAULT_ENABLED NUMA_EMU NUMA_KEEP_MEMINFO NVDIMM_DAX NVDIMM_KEYS NVDIMM_PFN NVIDIA_SHIELD_FF NVME_CORE NVME_FABRICS NVME_FC NVME_MULTIPATH NVME_RDMA NVME_TARGET NVME_TARGET_FC NVME_TARGET_FCLOOP NVME_TARGET_LOOP NVME_TARGET_RDMA NVME_TARGET_TCP NVME_TCP N_GSM N_HDLC OCFS2_DEBUG_FS OCFS2_FS OCFS2_FS_O2CB OCFS2_FS_STATS OCFS2_FS_USERSPACE_CLUSTER OF_GPIO OF_PMEM OMFS_FS OPENVSWITCH OPENVSWITCH_GENEVE OPENVSWITCH_GRE OPENVSWITCH_VXLAN ORANGEFS_FS OSF_PARTITION OVERLAY_FS OVERLAY_FS_DEBUG OVERLAY_FS_INDEX OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW OVERLAY_FS_REDIRECT_DIR PACKET_DIAG PAGE_IDLE_FLAG PAGE_POOL PAGE_REPORTING PAHOLE_HAS_BTF_TAG PAHOLE_HAS_LANG_EXCLUDE PAHOLE_HAS_SPLIT_BTF PARPORT PARPORT_NOT_PC PARTITION_ADVANCED PCCARD PCCARD_NONSTATIC PCIEAER PCI_ENDPOINT PCI_IOV PCMCIA PCMCIA_LOAD_CIS PERCPU_STATS PERSISTENT_KEYRINGS PHONET PHYLINK PHY_CPCAP_USB PHY_QCOM_USB_HS PHY_QCOM_USB_HSIC PHY_SAMSUNG_USB2 PHY_TUSB1210 PKCS7_TEST_KEY PKCS8_PRIVATE_KEY_PARSER PLAYSTATION_FF PLFXLC PMIC_OPREGION PM_CLK PNFS_BLOCK PNFS_FILE_LAYOUT PNFS_FLEXFILE_LAYOUT PPP PPPOATM PPPOE PPPOE_HASH_BITS_1 PPPOL2TP PPP_ASYNC PPP_BSDCOMP PPP_DEFLATE PPP_FILTER PPP_MPPE PPP_MULTILINK PPP_SYNC_TTY PPTP PREEMPT PREEMPT_NOTIFIERS PROC_CHILDREN PSAMPLE PSI PSTORE PSTORE_COMPRESS QCOM_QMI_HELPERS QNX4FS_FS QNX6FS_FS QRTR QRTR_TUN RADIO_ADAPTERS RADIO_SHARK RADIO_SHARK2 RADIO_SI4713 RADIO_TEA575X RAID6_PQ RAID_ATTRS RAS RC_ATI_REMOTE RC_CORE RC_DEVICES RC_XBOX_DVD RDMA_RXE RDMA_SIW RDS RDS_RDMA RDS_TCP READ_ONLY_THP_FOR_FS REALTEK_AUTOPM REED_SOLOMON REED_SOLOMON_DEC8 REGMAP REGMAP_I2C REGMAP_IRQ REGMAP_MMIO REGMAP_SPI REGULATOR REGULATOR_FIXED_VOLTAGE REGULATOR_TWL4030 RESET_CONTROLLER RFKILL RFKILL_INPUT RFKILL_LEDS RMI4_2D_SENSOR RMI4_CORE RMI4_F03 RMI4_F03_SERIO RMI4_F11 RMI4_F12 RMI4_F30 RMI4_F3A ROMFS_BACKED_BY_BOTH ROMFS_FS ROMFS_ON_BLOCK ROMFS_ON_MTD ROSE RTC_DRV_HID_SENSOR_TIME RXKAD SCHED_CORE SCREEN_INFO SCSI_FC_ATTRS SCSI_HPSA SCSI_ISCSI_ATTRS SCSI_LOGGING SCSI_NETLINK SCSI_SAS_ATA SCSI_SAS_ATTRS SCSI_SAS_LIBSAS SCSI_SCAN_ASYNC SCSI_SRP_ATTRS SCTP_COOKIE_HMAC_MD5 SCTP_COOKIE_HMAC_SHA1 SCTP_DEFAULT_COOKIE_HMAC_MD5 SECONDARY_TRUSTED_KEYRING SECURITY_INFINIBAND SECURITY_NETWORK_XFRM SENSORS_AQUACOMPUTER_D5NEXT SENSORS_CORSAIR_CPRO SENSORS_CORSAIR_PSU SENSORS_GIGABYTE_WATERFORCE SENSORS_NZXT_KRAKEN2 SENSORS_NZXT_SMART2 SENSORS_POWERZ SERIAL_DEV_BUS SERIAL_DEV_CTRL_TTYPORT SERIAL_MCTRL_GPIO SGI_PARTITION SIGNATURE SIGNED_PE_FILE_VERIFICATION SKB_DECRYPTED SLHC SLIP SLIP_COMPRESSED SLIP_MODE_SLIP6 SLIP_SMART SMARTJOYPLUS_FF SMBFS SMB_SERVER SMC SMC_DIAG SMSC_PHY SMS_SDIO_DRV SMS_SIANO_DEBUGFS SMS_SIANO_MDTV SMS_SIANO_RC SMS_USB_DRV SND SND_ALOOP SND_BCD2000 SND_CTL_FAST_LOOKUP SND_CTL_LED SND_DEBUG SND_DMA_SGBUF SND_DRIVERS SND_DUMMY SND_DYNAMIC_MINORS SND_HDA SND_HDA_CODEC_ANALOG SND_HDA_CODEC_CA0110 SND_HDA_CODEC_CA0132 SND_HDA_CODEC_CIRRUS SND_HDA_CODEC_CMEDIA SND_HDA_CODEC_CONEXANT SND_HDA_CODEC_HDMI SND_HDA_CODEC_REALTEK SND_HDA_CODEC_SI3054 SND_HDA_CODEC_SIGMATEL SND_HDA_CODEC_VIA SND_HDA_COMPONENT SND_HDA_CORE SND_HDA_GENERIC SND_HDA_GENERIC_LEDS SND_HDA_HWDEP SND_HDA_I915 SND_HDA_INPUT_BEEP SND_HDA_INTEL SND_HDA_PATCH_LOADER SND_HDA_RECONFIG SND_HDA_SCODEC_COMPONENT SND_HRTIMER SND_HWDEP SND_INTEL_DSP_CONFIG SND_INTEL_NHLT SND_INTEL_SOUNDWIRE_ACPI SND_JACK SND_JACK_INPUT_DEV SND_MIXER_OSS SND_OSSEMUL SND_PCI SND_PCM SND_PCMCIA SND_PCM_ELD SND_PCM_OSS SND_PCM_OSS_PLUGINS SND_PCM_TIMER SND_PCM_XRUN_DEBUG SND_PROC_FS SND_RAWMIDI SND_SEQUENCER SND_SEQUENCER_OSS SND_SEQ_DEVICE SND_SEQ_DUMMY SND_SEQ_HRTIMER_DEFAULT SND_SEQ_MIDI SND_SEQ_MIDI_EVENT SND_SEQ_VIRMIDI SND_SOC SND_SOC_I2C_AND_SPI SND_SOC_SDCA_OPTIONAL SND_SUPPORT_OLD_API SND_TIMER SND_UMP SND_UMP_LEGACY_RAWMIDI SND_USB SND_USB_6FIRE SND_USB_AUDIO SND_USB_AUDIO_MIDI_V2 SND_USB_AUDIO_USE_MEDIA_CONTROLLER SND_USB_CAIAQ SND_USB_CAIAQ_INPUT SND_USB_HIFACE SND_USB_LINE6 SND_USB_POD SND_USB_PODHD SND_USB_TONEPORT SND_USB_UA101 SND_USB_US122L SND_USB_USX2Y SND_USB_VARIAX SND_VERBOSE_PROCFS SND_VIRMIDI SND_VIRTIO SND_VMASTER SND_X86 SOCK_VALIDATE_XMIT SOLARIS_X86_PARTITION SONY_FF SOUND SOUNDWIRE SOUND_OSS_CORE SOUND_OSS_CORE_PRECLAIM SPI SPI_DLN2 SPI_DYNAMIC SPI_LJCA SPI_MASTER SQUASHFS SQUASHFS_4K_DEVBLK_SIZE SQUASHFS_COMPILE_DECOMP_MULTI SQUASHFS_DECOMP_MULTI SQUASHFS_FILE_DIRECT SQUASHFS_LZ4 SQUASHFS_LZO SQUASHFS_XATTR SQUASHFS_XZ SQUASHFS_ZLIB SQUASHFS_ZSTD SSB SSB_PCIHOST_POSSIBLE SSB_PCMCIAHOST_POSSIBLE SSB_SDIOHOST_POSSIBLE STAGING STEAM_FF STP STREAM_PARSER SUNRPC_BACKCHANNEL SUN_PARTITION SW_SYNC SYSFB SYSV68_PARTITION SYSV_FS TABLET_USB_ACECAD TABLET_USB_AIPTEK TABLET_USB_HANWANG TABLET_USB_KBTAB TABLET_USB_PEGASUS TAHVO_USB TAHVO_USB_HOST_BY_DEFAULT TCG_CRB TCG_TIS TCG_TIS_CORE TCG_TPM TCP_CONG_BBR TCP_CONG_BIC TCP_CONG_CDG TCP_CONG_DCTCP TCP_CONG_HSTCP TCP_CONG_HTCP TCP_CONG_HYBLA TCP_CONG_ILLINOIS TCP_CONG_LP TCP_CONG_NV TCP_CONG_SCALABLE TCP_CONG_VEGAS TCP_CONG_VENO TCP_CONG_WESTWOOD TCP_CONG_YEAH TEE TEXTSEARCH TEXTSEARCH_BM TEXTSEARCH_FSM TEXTSEARCH_KMP THP_SWAP THRUSTMASTER_FF TIPC TIPC_CRYPTO TIPC_DIAG TIPC_MEDIA_IB TIPC_MEDIA_UDP TLS TLS_TOE TMPFS_QUOTA TOUCHSCREEN_SUR40 TOUCHSCREEN_USB_3M TOUCHSCREEN_USB_COMPOSITE TOUCHSCREEN_USB_DMC_TSC10 TOUCHSCREEN_USB_E2I TOUCHSCREEN_USB_EASYTOUCH TOUCHSCREEN_USB_EGALAX TOUCHSCREEN_USB_ELO TOUCHSCREEN_USB_ETT_TC45USB TOUCHSCREEN_USB_ETURBO TOUCHSCREEN_USB_GENERAL_TOUCH TOUCHSCREEN_USB_GOTOP TOUCHSCREEN_USB_GUNZE TOUCHSCREEN_USB_IDEALTEK TOUCHSCREEN_USB_IRTOUCH TOUCHSCREEN_USB_ITM TOUCHSCREEN_USB_JASTEC TOUCHSCREEN_USB_NEXIO TOUCHSCREEN_USB_PANJIT TOUCHSCREEN_USB_ZYTRONIC TRANSPARENT_HUGEPAGE TRANSPARENT_HUGEPAGE_MADVISE TTPCI_EEPROM TTY_PRINTK TUN_VNET_CROSS_LE TWL4030_CORE TYPEC TYPEC_ANX7411 TYPEC_DP_ALTMODE TYPEC_FUSB302 TYPEC_HD3SS3220 TYPEC_MT6360 TYPEC_MUX_FSA4480 TYPEC_MUX_GPIO_SBU TYPEC_MUX_INTEL_PMC TYPEC_MUX_NB7VPQ904M TYPEC_MUX_PI3USB30532 TYPEC_MUX_PTN36502 TYPEC_MUX_WCD939X_USBSS TYPEC_NVIDIA_ALTMODE TYPEC_RT1711H TYPEC_RT1719 TYPEC_STUSB160X TYPEC_TCPCI TYPEC_TCPCI_MAXIM TYPEC_TCPCI_MT6370 TYPEC_TCPM TYPEC_TPS6598X TYPEC_UCSI TYPEC_WCOVE TYPEC_WUSB3801 UBIFS_ATIME_SUPPORT UBIFS_FS UBIFS_FS_ADVANCED_COMPR UBIFS_FS_LZO UBIFS_FS_SECURITY UBIFS_FS_XATTR UBIFS_FS_ZLIB UBIFS_FS_ZSTD UCSI_ACPI UCSI_CCG UCSI_STM32G0 UDF_FS UDMABUF UFS_FS UFS_FS_WRITE UHID ULTRIX_PARTITION UNICODE UNIXWARE_DISKLABEL UNIX_DIAG USB4 USB4_NET USBIP_CORE USBIP_HOST USBIP_VHCI_HCD USBIP_VUDC USBPCWATCHDOG USB_ACM USB_ADUTUX USB_AIRSPY USB_ALI_M5632 USB_AN2720 USB_APPLEDISPLAY USB_ARMLINUX USB_BDC_UDC USB_BELKIN USB_C67X00_HCD USB_CATC USB_CDC_PHONET USB_CDNS2_UDC USB_CDNS3 USB_CDNS3_GADGET USB_CDNS3_HOST USB_CDNS3_PCI_WRAP USB_CDNS_SUPPORT USB_DWC2 USB_GADGET USB_LJCA USB_MUSB_HDRC USB_NET_CDC_SUBSET USB_ROLES_INTEL_XHCI USB_ROLE_SWITCH USB_STORAGE_REALTEK USB_ULPI_BUS USB_USBNET VIDEO_DEV VIRTIO_FS VXLAN WAN WIRELESS WLAN WLAN_VENDOR_PURELIFI ZONE_DEVICE] disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed picked [v6.13 v6.12 v6.11 v6.9 v6.7 v6.5 v6.3 v6.1 v5.18 v5.15 v5.12 v5.9 v5.6 v5.3 v5.0 v4.19] out of 36 release tags testing release v6.13 testing commit ffd294d346d185b70e28b1a28abe367bbfe53c04 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 3406f13ad290deda99488fef29520fcc293665227da3b4e2aa00028000070fd6 run #0: basic kernel testing failed: lost connection to test machine run #1: ignore: lost connection to test machine run #2: ignore: lost connection to test machine run #3: ignore: lost connection to test machine run #4: ignore: lost connection to test machine run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK false negative chance: 0.002 # git bisect start e5d3fd687aac5eceb1721fa92b9f49afcf4c3717 ffd294d346d185b70e28b1a28abe367bbfe53c04 Bisecting: 7522 revisions left to test after this (roughly 13 steps) [647d69605c70368d54fc012fce8a43e8e5955b04] Merge tag 'pci-v6.14-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci testing commit 647d69605c70368d54fc012fce8a43e8e5955b04 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 58b1e357379bb1fecb29b2a3c9d5eac3051ae71c8b069f95fd3d2c8bf92c3b36 all runs: OK false negative chance: 0.000 # git bisect good 647d69605c70368d54fc012fce8a43e8e5955b04 Bisecting: 3780 revisions left to test after this (roughly 12 steps) [f0fdccc06649ac0c473dfe530bb50bc1ac214276] Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/khilman/linux-omap.git testing commit f0fdccc06649ac0c473dfe530bb50bc1ac214276 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 8cc0edad3e788b2681b2e53a03a6c5dad74e079c28602b52ecd56e80aa56843f run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #8: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #9: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #10: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #11: OK run #12: OK run #13: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu, types: [UNKNOWN] # git bisect bad f0fdccc06649ac0c473dfe530bb50bc1ac214276 Bisecting: 1867 revisions left to test after this (roughly 11 steps) [7c775c6056d07eb777f37c7ac1340115b27dc9f8] Merge tag 'dmaengine-6.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/dmaengine testing commit 7c775c6056d07eb777f37c7ac1340115b27dc9f8 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: d624cd590d04fd642a9e71658a4bf3c148c01ad3e1745b84dccad297170b7b2e all runs: OK false negative chance: 0.000 # git bisect good 7c775c6056d07eb777f37c7ac1340115b27dc9f8 Bisecting: 933 revisions left to test after this (roughly 10 steps) [b0ea1944966adace1c72870ad89e3a3d10518c19] mm/page_vma_mapped: device-exclusive entries are not migration entries testing commit b0ea1944966adace1c72870ad89e3a3d10518c19 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 34d8127200be9ea340231d3075742b5d2cc30ba65a1c3818f335f540158538c6 all runs: OK false negative chance: 0.000 # git bisect good b0ea1944966adace1c72870ad89e3a3d10518c19 Bisecting: 466 revisions left to test after this (roughly 9 steps) [c717450f40f5633c32fdf759e150b9bdf1939738] Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git testing commit c717450f40f5633c32fdf759e150b9bdf1939738 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 22ed1788aff058261f339e6181de8c1b33f163dd2edb426bf22f82a850da4a03 all runs: OK false negative chance: 0.000 # git bisect good c717450f40f5633c32fdf759e150b9bdf1939738 Bisecting: 297 revisions left to test after this (roughly 8 steps) [ea5bf3ba15ab648c9628683fc336b4aa05865a01] foo testing commit ea5bf3ba15ab648c9628683fc336b4aa05865a01 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 0fd48cd223c89fb225b3f148645750316591ba42cd6d6ad8cfb7095e30b47e79 run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu, types: [UNKNOWN] # git bisect bad ea5bf3ba15ab648c9628683fc336b4aa05865a01 Bisecting: 84 revisions left to test after this (roughly 6 steps) [a54fc22524c9483a736cb4ad11a1e5bdc1b44e27] mm/damon/sysfs-schemes: add files for setting damos_filter->sz_range testing commit a54fc22524c9483a736cb4ad11a1e5bdc1b44e27 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 748457ada91f4066aa3ee0f3bc058b0a72d9658ef766feed6fc4f9ae89c0323b all runs: OK false negative chance: 0.000 # git bisect good a54fc22524c9483a736cb4ad11a1e5bdc1b44e27 Bisecting: 42 revisions left to test after this (roughly 5 steps) [e9c6f03a4398c94539bed68f1b57a79f48b86753] mm: mark vma as detached until it's added into vma tree testing commit e9c6f03a4398c94539bed68f1b57a79f48b86753 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 3eb84330a7dc68e61e9bd6e8c9cad4d6f988c229dde2111f8a13ddc68e34b6eb all runs: OK false negative chance: 0.000 # git bisect good e9c6f03a4398c94539bed68f1b57a79f48b86753 Bisecting: 21 revisions left to test after this (roughly 5 steps) [a870212e322853ec90777a109066e7ed5ffe08cc] ucount: use RCU for ucounts lookups testing commit a870212e322853ec90777a109066e7ed5ffe08cc gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 075b458a0dc48bfe4ab24911509b430b08add328e9737551e3fcc98e047501dd all runs: OK false negative chance: 0.000 # git bisect good a870212e322853ec90777a109066e7ed5ffe08cc Bisecting: 10 revisions left to test after this (roughly 4 steps) [3e43bec869a873421d41ca3efd38a1e11614a52d] mm/debug: print vm_refcnt state when dumping the vma testing commit 3e43bec869a873421d41ca3efd38a1e11614a52d gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 491005be0ad0c903492ed7d07a9af6a586ca6bd44df71d737eae0605181219fa run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #8: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #9: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #10: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #11: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #12: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu, types: [UNKNOWN] # git bisect bad 3e43bec869a873421d41ca3efd38a1e11614a52d Bisecting: 5 revisions left to test after this (roughly 3 steps) [098d7ca51b2122f43fa3d031daa61c131536be04] mm: move mmap_init_lock() out of the header file testing commit 098d7ca51b2122f43fa3d031daa61c131536be04 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 2a18677be43c49dfd0a983a51ba0e3b50464f7e5947963fe52dcb20e6c5d3ab8 all runs: OK false negative chance: 0.000 # git bisect good 098d7ca51b2122f43fa3d031daa61c131536be04 Bisecting: 2 revisions left to test after this (roughly 2 steps) [f3049126510ea3165bd6d5332003c7bce1b5df27] refcount: introduce __refcount_{add|inc}_not_zero_limited_acquire testing commit f3049126510ea3165bd6d5332003c7bce1b5df27 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 04a670bd2c78680a124bcbd66de543fcff63d14ac7243870011964217d4074c7 all runs: OK false negative chance: 0.000 # git bisect good f3049126510ea3165bd6d5332003c7bce1b5df27 Bisecting: 0 revisions left to test after this (roughly 1 step) [e2cd7c499e5ba887fcc1a4483b7dc0eb5baaad02] mm: move lesser used vma_area_struct members into the last cacheline testing commit e2cd7c499e5ba887fcc1a4483b7dc0eb5baaad02 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 258934ff3597a03972a0a2a989a5dc0159d1ff0e9463e8756a0bfc93a4bcf0aa run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #8: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #9: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #10: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #11: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #12: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #13: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu, types: [UNKNOWN] # git bisect bad e2cd7c499e5ba887fcc1a4483b7dc0eb5baaad02 Bisecting: 0 revisions left to test after this (roughly 0 steps) [0670f2f4d6ff1cd6aa351389130ba7bbafb02320] mm: replace vm_lock and detached flag with a reference count testing commit 0670f2f4d6ff1cd6aa351389130ba7bbafb02320 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 155f88d3db3e5804e0fa6b28b7c927628ede8c08ac16f28ce49b94786d4b9c0b run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #8: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #9: crashed: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu, types: [UNKNOWN] # git bisect bad 0670f2f4d6ff1cd6aa351389130ba7bbafb02320 0670f2f4d6ff1cd6aa351389130ba7bbafb02320 is the first bad commit commit 0670f2f4d6ff1cd6aa351389130ba7bbafb02320 Author: Suren Baghdasaryan Date: Thu Feb 13 14:46:49 2025 -0800 mm: replace vm_lock and detached flag with a reference count rw_semaphore is a sizable structure of 40 bytes and consumes considerable space for each vm_area_struct. However vma_lock has two important specifics which can be used to replace rw_semaphore with a simpler structure: 1. Readers never wait. They try to take the vma_lock and fall back to mmap_lock if that fails. 2. Only one writer at a time will ever try to write-lock a vma_lock because writers first take mmap_lock in write mode. Because of these requirements, full rw_semaphore functionality is not needed and we can replace rw_semaphore and the vma->detached flag with a refcount (vm_refcnt). When vma is in detached state, vm_refcnt is 0 and only a call to vma_mark_attached() can take it out of this state. Note that unlike before, now we enforce both vma_mark_attached() and vma_mark_detached() to be done only after vma has been write-locked. vma_mark_attached() changes vm_refcnt to 1 to indicate that it has been attached to the vma tree. When a reader takes read lock, it increments vm_refcnt, unless the top usable bit of vm_refcnt (0x40000000) is set, indicating presence of a writer. When writer takes write lock, it sets the top usable bit to indicate its presence. If there are readers, writer will wait using newly introduced mm->vma_writer_wait. Since all writers take mmap_lock in write mode first, there can be only one writer at a time. The last reader to release the lock will signal the writer to wake up. refcount might overflow if there are many competing readers, in which case read-locking will fail. Readers are expected to handle such failures. In summary: 1. all readers increment the vm_refcnt; 2. writer sets top usable (writer) bit of vm_refcnt; 3. readers cannot increment the vm_refcnt if the writer bit is set; 4. in the presence of readers, writer must wait for the vm_refcnt to drop to 1 (plus the VMA_LOCK_OFFSET writer bit), indicating an attached vma with no readers; 5. vm_refcnt overflow is handled by the readers. While this vm_lock replacement does not yet result in a smaller vm_area_struct (it stays at 256 bytes due to cacheline alignment), it allows for further size optimization by structure member regrouping to bring the size of vm_area_struct below 192 bytes. Link: https://lkml.kernel.org/r/20250213224655.1680278-13-surenb@google.com Signed-off-by: Suren Baghdasaryan Suggested-by: Peter Zijlstra Suggested-by: Matthew Wilcox Tested-by: Shivank Garg Link: https://lkml.kernel.org/r/5e19ec93-8307-47c2-bb13-3ddf7150624e@amd.com Cc: Christian Brauner Cc: David Hildenbrand Cc: David Howells Cc: Davidlohr Bueso Cc: Hillf Danton Cc: Hugh Dickens Cc: Jann Horn Cc: Johannes Weiner Cc: Jonathan Corbet Cc: Klara Modin Cc: Liam R. Howlett Cc: Lokesh Gidra Cc: Lorenzo Stoakes Cc: Mateusz Guzik Cc: Mel Gorman Cc: Michal Hocko Cc: Minchan Kim Cc: Oleg Nesterov Cc: Pasha Tatashin Cc: "Paul E . McKenney" Cc: Peter Xu Cc: Shakeel Butt Cc: Sourav Panda Cc: Vlastimil Babka Cc: Wei Yang Cc: Will Deacon Signed-off-by: Andrew Morton include/linux/mm.h | 128 ++++++++++++++++++++++++++------------- include/linux/mm_types.h | 22 +++---- kernel/fork.c | 13 ++-- mm/init-mm.c | 1 + mm/memory.c | 91 +++++++++++++++++++++++++--- tools/testing/vma/linux/atomic.h | 5 ++ tools/testing/vma/vma_internal.h | 63 +++++++++---------- 7 files changed, 218 insertions(+), 105 deletions(-) accumulated error probability: 0.00 culprit signature: 155f88d3db3e5804e0fa6b28b7c927628ede8c08ac16f28ce49b94786d4b9c0b parent signature: 04a670bd2c78680a124bcbd66de543fcff63d14ac7243870011964217d4074c7 reproducer is flaky (0.35 repro chance estimate) revisions tested: 21, total time: 8h33m40.953210922s (build: 4h34m51.520211688s, test: 3h33m3.162056898s) first bad commit: 0670f2f4d6ff1cd6aa351389130ba7bbafb02320 mm: replace vm_lock and detached flag with a reference count recipients (to): ["akpm@linux-foundation.org" "shivankg@amd.com" "surenb@google.com"] recipients (cc): [] crash: BUG: unable to handle kernel NULL pointer dereference in lock_vma_under_rcu BUG: kernel NULL pointer dereference, address: 0000000000000005 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 80000001063aa067 P4D 80000001063aa067 PUD 0 Oops: Oops: 0000 [#1] PREEMPT SMP PTI CPU: 1 UID: 0 PID: 11215 Comm: syz.7.1072 Not tainted 6.14.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 RIP: 0010:vma_refcount_put include/linux/mm.h:727 [inline] RIP: 0010:vma_end_read include/linux/mm.h:823 [inline] RIP: 0010:lock_vma_under_rcu+0x180/0x270 mm/memory.c:6454 Code: 28 49 8b 4d 10 8b 89 20 02 00 00 39 c8 0f 84 b0 00 00 00 49 81 fd 01 f0 ff ff 0f 82 8d 00 00 00 49 83 fd f5 0f 85 a1 00 00 00 <48> 8b 1c 25 05 00 00 00 48 8b b4 24 80 00 00 00 bf bd 00 00 00 e8 RSP: 0000:ffffc90003fbfe78 EFLAGS: 00010246 RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffff88810f931280 RDX: ffff8881166fc800 RSI: 0000400000ffffff RDI: ffff888114fc4cc0 RBP: 0000000000000006 R08: ffffffffffffff00 R09: 00007fea3897efff R10: 0000000000000000 R11: ffff8881166fc80c R12: ffffc90003fbfe78 R13: ffff888114fc4c00 R14: ffffffff814b9e8f R15: 0000400000002fc0 FS: 000055556af0c500(0000) GS:ffff88813bb00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000005 CR3: 00000001164bc000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: do_user_addr_fault arch/x86/mm/fault.c:1328 [inline] handle_page_fault arch/x86/mm/fault.c:1480 [inline] exc_page_fault+0x153/0x6d0 arch/x86/mm/fault.c:1538 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623 RIP: 0033:0x7fea38754ed8 Code: fc 89 37 c3 c5 fa 6f 06 c5 fa 6f 4c 16 f0 c5 fa 7f 07 c5 fa 7f 4c 17 f0 c3 66 0f 1f 84 00 00 00 00 00 48 8b 4c 16 f8 48 8b 36 <48> 89 37 48 89 4c 17 f8 c3 c5 fe 6f 54 16 e0 c5 fe 6f 5c 16 c0 c5 RSP: 002b:00007ffe607d2fa8 EFLAGS: 00010246 RAX: 0000400000002fc0 RBX: 0000000000000004 RCX: 0031313230386c6e RDX: 0000000000000008 RSI: 0031313230386c6e RDI: 0000400000002fc0 RBP: 0000000000000000 R08: 00007fea38600000 R09: 0000000000000001 R10: 0000000000000001 R11: 0000000000000009 R12: 00007fea389a5fac R13: 00007fea389a5fa0 R14: fffffffffffffffe R15: 0000000000000006 Modules linked in: CR2: 0000000000000005 ---[ end trace 0000000000000000 ]--- RIP: 0010:vma_refcount_put include/linux/mm.h:727 [inline] RIP: 0010:vma_end_read include/linux/mm.h:823 [inline] RIP: 0010:lock_vma_under_rcu+0x180/0x270 mm/memory.c:6454 Code: 28 49 8b 4d 10 8b 89 20 02 00 00 39 c8 0f 84 b0 00 00 00 49 81 fd 01 f0 ff ff 0f 82 8d 00 00 00 49 83 fd f5 0f 85 a1 00 00 00 <48> 8b 1c 25 05 00 00 00 48 8b b4 24 80 00 00 00 bf bd 00 00 00 e8 RSP: 0000:ffffc90003fbfe78 EFLAGS: 00010246 RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffff88810f931280 RDX: ffff8881166fc800 RSI: 0000400000ffffff RDI: ffff888114fc4cc0 RBP: 0000000000000006 R08: ffffffffffffff00 R09: 00007fea3897efff R10: 0000000000000000 R11: ffff8881166fc80c R12: ffffc90003fbfe78 R13: ffff888114fc4c00 R14: ffffffff814b9e8f R15: 0000400000002fc0 FS: 000055556af0c500(0000) GS:ffff88813bb00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000005 CR3: 00000001164bc000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess), 1 bytes skipped: 0: 49 8b 4d 10 mov 0x10(%r13),%rcx 4: 8b 89 20 02 00 00 mov 0x220(%rcx),%ecx a: 39 c8 cmp %ecx,%eax c: 0f 84 b0 00 00 00 je 0xc2 12: 49 81 fd 01 f0 ff ff cmp $0xfffffffffffff001,%r13 19: 0f 82 8d 00 00 00 jb 0xac 1f: 49 83 fd f5 cmp $0xfffffffffffffff5,%r13 23: 0f 85 a1 00 00 00 jne 0xca * 29: 48 8b 1c 25 05 00 00 mov 0x5,%rbx <-- trapping instruction 30: 00 31: 48 8b b4 24 80 00 00 mov 0x80(%rsp),%rsi 38: 00 39: bf bd 00 00 00 mov $0xbd,%edi 3e: e8 .byte 0xe8