ci2 starts bisection 2023-06-10 22:00:00.352224459 +0000 UTC m=+41375.801556314
bisecting cause commit starting from 64569520920a3ca5d456ddd9f4f95fc6ea9b8b45
building syzkaller on 49519f067f7fc9bfbf869e6851a4d398a9f7863f
ensuring issue is reproducible on original commit 64569520920a3ca5d456ddd9f4f95fc6ea9b8b45

testing commit 64569520920a3ca5d456ddd9f4f95fc6ea9b8b45 gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 8be90bfd07fe1664c63be9bacc91a987f6b92e104e88e7943c29e49d16adb52c
all runs: crashed: kernel BUG in flush_journal_list
testing release v6.3
testing commit 457391b0380335d5e9a5babdec90ac53928b23b4 gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 518603916be21cee46e21e8f122c49d4689fa001ada870a75415431f872c109f
all runs: OK
# git bisect start 64569520920a3ca5d456ddd9f4f95fc6ea9b8b45 457391b0380335d5e9a5babdec90ac53928b23b4
Bisecting: 7503 revisions left to test after this (roughly 13 steps)
[6e98b09da931a00bf4e0477d0fa52748bf28fcce] Merge tag 'net-next-6.4' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next

testing commit 6e98b09da931a00bf4e0477d0fa52748bf28fcce gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: a0f7789c27f9ae39f9c6edc5bedca74cdc3b9a6322f35fdb76ed9df2687c2154
all runs: crashed: kernel BUG in flush_journal_list
# git bisect bad 6e98b09da931a00bf4e0477d0fa52748bf28fcce
Bisecting: 3926 revisions left to test after this (roughly 12 steps)
[088e0c188513b58a0056a488cf5b7df094a8a48a] Merge tag 'platform-drivers-x86-v6.4-1' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86

testing commit 088e0c188513b58a0056a488cf5b7df094a8a48a gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 8e0f53f39f7c90ab119bfde2440471ddde5737bcb166e51feb2bd259c55a02fe
all runs: crashed: kernel BUG in flush_journal_list
# git bisect bad 088e0c188513b58a0056a488cf5b7df094a8a48a
Bisecting: 2178 revisions left to test after this (roughly 11 steps)
[736b378b29d89c8c3567fa4b2e948be5568aebb8] Merge tag 'slab-for-6.4' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab

testing commit 736b378b29d89c8c3567fa4b2e948be5568aebb8 gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: fbb0ff6bfd3f5bd8e83faaf7d889697ee5cc482f2422119eb9662aff48a7cac5
all runs: crashed: kernel BUG in flush_journal_list
# git bisect bad 736b378b29d89c8c3567fa4b2e948be5568aebb8
Bisecting: 932 revisions left to test after this (roughly 10 steps)
[b8a4346d25024e00714fb6ceb0709075827f335d] Merge tag 'mvebu-dt64-6.4-1' of git://git.kernel.org/pub/scm/linux/kernel/git/gclement/mvebu into soc/dt

testing commit b8a4346d25024e00714fb6ceb0709075827f335d gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 5cf4779ebbd9547fa852ef20da513f72483f3b3e15e8cdc9734fe3a8869138c3
all runs: OK
# git bisect good b8a4346d25024e00714fb6ceb0709075827f335d
Bisecting: 464 revisions left to test after this (roughly 9 steps)
[e94ee641f9cef2502adfe5e0c264b271420c7ab5] Merge tag 'edac_updates_for_v6.4' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras

testing commit e94ee641f9cef2502adfe5e0c264b271420c7ab5 gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 65e1a3e31c1cf3e3dc3bc0f838e0ea88a9ef5ebaafa33e11f9a51c3f00090add
all runs: crashed: kernel BUG in flush_journal_list
# git bisect bad e94ee641f9cef2502adfe5e0c264b271420c7ab5
Bisecting: 207 revisions left to test after this (roughly 8 steps)
[5dfb75e842e0ef59fc7bf307e5c52eab215bdb4c] Merge tag 'rcu.6.4.april5.2023.3' of git://git.kernel.org/pub/scm/linux/kernel/git/jfern/linux

testing commit 5dfb75e842e0ef59fc7bf307e5c52eab215bdb4c gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 481f39fadde60aca3948b16aeacbb49adc54a531d915f31779a5d1e2f6addc51
all runs: crashed: kernel BUG in flush_journal_list
# git bisect bad 5dfb75e842e0ef59fc7bf307e5c52eab215bdb4c
Bisecting: 134 revisions left to test after this (roughly 7 steps)
[406037351e08dea03735178bf11046da85f00125] Merge tag 'lkmm.2023.04.07a' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu

testing commit 406037351e08dea03735178bf11046da85f00125 gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 2e31d0b4758b82c0aa5f5f0833852c3a2a188c6f8aabdb5b7a7c14458e25779f
all runs: crashed: kernel BUG in flush_journal_list
# git bisect bad 406037351e08dea03735178bf11046da85f00125
Bisecting: 48 revisions left to test after this (roughly 6 steps)
[08e30833f86ba25945e416b9f372791aacfef153] Merge tag 'lsm-pr-20230420' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm

testing commit 08e30833f86ba25945e416b9f372791aacfef153 gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 167caa3eadf89fd1b4114212980b50bc2c95d69488a0b29e7934116a7c2d8704
all runs: crashed: kernel BUG in flush_journal_list
# git bisect bad 08e30833f86ba25945e416b9f372791aacfef153
Bisecting: 42 revisions left to test after this (roughly 5 steps)
[a5624566431de76b17862383d9ae254d9606cba9] Merge branch 'x86-rep-insns': x86 user copy clarifications

testing commit a5624566431de76b17862383d9ae254d9606cba9 gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 50eeb7c28e1340ba5380323d4e74c92dfbf7557941db3f330ec08aeea1cf1f24
all runs: OK
# git bisect good a5624566431de76b17862383d9ae254d9606cba9
Bisecting: 21 revisions left to test after this (roughly 5 steps)
[e261301c851aee401cfc63179ca4d3facd2f098b] lsm: move the remaining LSM hook comments to security/security.c

testing commit e261301c851aee401cfc63179ca4d3facd2f098b gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: c1765b0741a72d77939da1cbbfc934d5dbd55256e8481bd84ea78815d5441303
all runs: OK
# git bisect good e261301c851aee401cfc63179ca4d3facd2f098b
Bisecting: 10 revisions left to test after this (roughly 4 steps)
[d82dcd9e21b77d338dc4875f3d4111f0db314a7c] reiserfs: Add security prefix to xattr name in reiserfs_security_write()

testing commit d82dcd9e21b77d338dc4875f3d4111f0db314a7c gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: db6ad70da5753775088875b8cc8537353ac75bbe66eeedbbf6aa673e25858533
all runs: crashed: kernel BUG in flush_journal_list
# git bisect bad d82dcd9e21b77d338dc4875f3d4111f0db314a7c
Bisecting: 5 revisions left to test after this (roughly 3 steps)
[42994ee3cd7298b27698daa6848ed7168e72d056] security: Introduce LSM_ORDER_LAST and set it for the integrity LSM

testing commit 42994ee3cd7298b27698daa6848ed7168e72d056 gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 5403a5a034672223850ba8576f1d0fa949b4f486767d44519d2b200baa589c36
all runs: OK
# git bisect good 42994ee3cd7298b27698daa6848ed7168e72d056
Bisecting: 2 revisions left to test after this (roughly 2 steps)
[52ca4b6435a493e47aaa98e7345e19e1e8710b13] reiserfs: Switch to security_inode_init_security()

testing commit 52ca4b6435a493e47aaa98e7345e19e1e8710b13 gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: fcf6e3416c8437cd5143b2bdc012ad0ad7727b7427a186c6e1aa46d8b8ac81fe
all runs: OK
# git bisect good 52ca4b6435a493e47aaa98e7345e19e1e8710b13
Bisecting: 0 revisions left to test after this (roughly 1 step)
[0d57b970df352517a75f4533820c49de360c4123] security: Remove security_old_inode_init_security()

testing commit 0d57b970df352517a75f4533820c49de360c4123 gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 0db4ef5b8ba2c70a52164366c744113a3b4372fbaf6c9cfcb4491400e2223818
all runs: OK
# git bisect good 0d57b970df352517a75f4533820c49de360c4123
d82dcd9e21b77d338dc4875f3d4111f0db314a7c is the first bad commit
commit d82dcd9e21b77d338dc4875f3d4111f0db314a7c
Author: Roberto Sassu <roberto.sassu@huawei.com>
Date:   Fri Mar 31 14:32:18 2023 +0200

    reiserfs: Add security prefix to xattr name in reiserfs_security_write()
    
    Reiserfs sets a security xattr at inode creation time in two stages: first,
    it calls reiserfs_security_init() to obtain the xattr from active LSMs;
    then, it calls reiserfs_security_write() to actually write that xattr.
    
    Unfortunately, it seems there is a wrong expectation that LSMs provide the
    full xattr name in the form 'security.<suffix>'. However, LSMs always
    provided just the suffix, causing reiserfs to not write the xattr at all
    (if the suffix is shorter than the prefix), or to write an xattr with the
    wrong name.
    
    Add a temporary buffer in reiserfs_security_write(), and write to it the
    full xattr name, before passing it to reiserfs_xattr_set_handle().
    
    Also replace the name length check with a check that the full xattr name is
    not larger than XATTR_NAME_MAX.
    
    Cc: stable@vger.kernel.org # v2.6.x
    Fixes: 57fe60df6241 ("reiserfs: add atomic addition of selinux attributes during inode creation")
    Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
    Signed-off-by: Paul Moore <paul@paul-moore.com>

 fs/reiserfs/xattr_security.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

culprit signature: db6ad70da5753775088875b8cc8537353ac75bbe66eeedbbf6aa673e25858533
parent  signature: 0db4ef5b8ba2c70a52164366c744113a3b4372fbaf6c9cfcb4491400e2223818
revisions tested: 16, total time: 7h2m59.192179774s (build: 4h52m5.27270146s, test: 2h9m9.735536126s)
first bad commit: d82dcd9e21b77d338dc4875f3d4111f0db314a7c reiserfs: Add security prefix to xattr name in reiserfs_security_write()
recipients (to): ["paul@paul-moore.com" "roberto.sassu@huawei.com"]
recipients (cc): []
crash: kernel BUG in flush_journal_list
------------[ cut here ]------------
kernel BUG at fs/reiserfs/journal.c:1452!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 5337 Comm: syz-executor.0 Not tainted 6.3.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
RIP: 0010:flush_journal_list+0xda8/0x19c0 fs/reiserfs/journal.c:1452
Code: bd fb ff e8 6a aa bc ff 48 8b 3c 24 48 c7 c6 e0 e9 fb 89 48 c7 c2 99 93 7e 8b 48 c7 c1 00 ea fb 89 e8 9c bd fb ff 0f 0b 0f 0b <0f> 0b 0f 0b 0f 0b 0f 0b 0f 0b 89 d9 80 e1 07 80 c1 03 38 c1 7c 96
RSP: 0018:ffffc900043a7700 EFLAGS: 00010202
RAX: 0000000000000001 RBX: ffff888028782808 RCX: ffffffff82074efc
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffc900045710e8
RBP: 1ffff1100df20e91 R08: dffffc0000000000 R09: ffffed100df20e92
R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88806f907488
R13: ffff88806f9074e8 R14: 1ffff920008ae21d R15: ffffc900045710d8
FS:  000055555690d400(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffc400d0f98 CR3: 000000007b7cf000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 flush_older_journal_lists fs/reiserfs/journal.c:1318 [inline]
 flush_journal_list+0xe2d/0x19c0 fs/reiserfs/journal.c:1575
 do_journal_end+0x3391/0x4280 fs/reiserfs/journal.c:4303
 do_journal_release+0x3eb/0x440 fs/reiserfs/journal.c:1940
 journal_release+0xb/0x10 fs/reiserfs/journal.c:1971
 reiserfs_put_super+0x208/0x460 fs/reiserfs/super.c:616
 generic_shutdown_super+0x113/0x2d0 fs/super.c:491
 kill_block_super+0x79/0xc0 fs/super.c:1398
 deactivate_locked_super+0x75/0xd0 fs/super.c:331
 cleanup_mnt+0x358/0x3e0 fs/namespace.c:1177
 task_work_run+0x20a/0x290 kernel/task_work.c:179
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0xd9/0x100 kernel/entry/common.c:171
 exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:203
 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]
 syscall_exit_to_user_mode+0x64/0x2e0 kernel/entry/common.c:296
 do_syscall_64+0x4d/0xc0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f11a128d5d7
Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffc400d16d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f11a128d5d7
RDX: 00007ffc400d17a9 RSI: 000000000000000a RDI: 00007ffc400d17a0
RBP: 00007ffc400d17a0 R08: 00000000ffffffff R09: 00007ffc400d1570
R10: 000055555690e893 R11: 0000000000000246 R12: 00007f11a12e6cdc
R13: 00007ffc400d2860 R14: 000055555690e810 R15: 00007ffc400d28a0
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:flush_journal_list+0xda8/0x19c0 fs/reiserfs/journal.c:1452
Code: bd fb ff e8 6a aa bc ff 48 8b 3c 24 48 c7 c6 e0 e9 fb 89 48 c7 c2 99 93 7e 8b 48 c7 c1 00 ea fb 89 e8 9c bd fb ff 0f 0b 0f 0b <0f> 0b 0f 0b 0f 0b 0f 0b 0f 0b 89 d9 80 e1 07 80 c1 03 38 c1 7c 96
RSP: 0018:ffffc900043a7700 EFLAGS: 00010202
RAX: 0000000000000001 RBX: ffff888028782808 RCX: ffffffff82074efc
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffc900045710e8
RBP: 1ffff1100df20e91 R08: dffffc0000000000 R09: ffffed100df20e92
R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88806f907488
R13: ffff88806f9074e8 R14: 1ffff920008ae21d R15: ffffc900045710d8
FS:  000055555690d400(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f1bab6a3290 CR3: 000000007b7cf000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400