ci starts bisection 2022-07-27 01:12:44.082084781 +0000 UTC m=+29732.398981625 bisecting cause commit starting from 5de64d44968e4ae66ebdb0a2d08b443f189d3651 building syzkaller on 279b89c29bd55ecac1ffa2787a4f8757b1f66fd7 testing commit 5de64d44968e4ae66ebdb0a2d08b443f189d3651 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 7623e514485f3809b7eee94a2bc217c09ed1a865deee4b22de3ad17a089665a8 run #0: crashed: WARNING in tcp_retransmit_timer run #1: crashed: WARNING in tcp_retransmit_timer run #2: crashed: WARNING in tcp_retransmit_timer run #3: crashed: WARNING in tcp_retransmit_timer run #4: crashed: WARNING in tcp_retransmit_timer run #5: crashed: WARNING in tcp_retransmit_timer run #6: crashed: WARNING in tcp_retransmit_timer run #7: crashed: WARNING in tcp_retransmit_timer run #8: crashed: WARNING in tcp_retransmit_timer run #9: crashed: WARNING in tcp_retransmit_timer run #10: crashed: WARNING in tcp_retransmit_timer run #11: crashed: WARNING in tcp_retransmit_timer run #12: crashed: WARNING in tcp_retransmit_timer run #13: crashed: WARNING in tcp_retransmit_timer run #14: crashed: WARNING in tcp_retransmit_timer run #15: crashed: WARNING in tcp_retransmit_timer run #16: crashed: SYZFATAL: executor failed NUM times: executor NUM: exit status NUM run #17: crashed: WARNING in tcp_retransmit_timer run #18: crashed: WARNING in tcp_retransmit_timer run #19: crashed: WARNING in tcp_retransmit_timer testing release v5.18 testing commit 4b0986a3613c92f4ec1bdc7f60ec66fea135991f compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 30d0b8a9930dc0288baf96f82ed12f6e34bb519d53cfa6f108a76e7f4b631fa7 all runs: crashed: WARNING in tcp_retransmit_timer testing release v5.17 testing commit f443e374ae131c168a065ea1748feac6b2e76613 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 9893f1734f623daf379ce3575f945ebc0f84468fefd01f6b0287a15d7c7105eb all runs: OK # git bisect start 4b0986a3613c92f4ec1bdc7f60ec66fea135991f f443e374ae131c168a065ea1748feac6b2e76613 Bisecting: 8498 revisions left to test after this (roughly 13 steps) [25fd2d41b505d0640bdfe67aa77c549de2d3c18a] selftests: kselftest framework: provide "finished" helper testing commit 25fd2d41b505d0640bdfe67aa77c549de2d3c18a compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: dd70c5bb092e92e016478f5c39d67d2f89e20328f941886c273479386c2124f2 all runs: OK # git bisect good 25fd2d41b505d0640bdfe67aa77c549de2d3c18a Bisecting: 4033 revisions left to test after this (roughly 12 steps) [02e2af20f4f9f2aa0c84e9a30a35c02f0fbb7daa] Merge tag 'char-misc-5.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc testing commit 02e2af20f4f9f2aa0c84e9a30a35c02f0fbb7daa compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5c7f8c1ff9ca90a90c716ba935f7f8234003f874bbdf5e8588f55527276b80d7 all runs: OK # git bisect good 02e2af20f4f9f2aa0c84e9a30a35c02f0fbb7daa Bisecting: 2017 revisions left to test after this (roughly 11 steps) [887f75cfd0da44c19dda93b2ff9e70ca8792cdc1] drm/amdgpu: Ensure HDA function is suspended before ASIC reset testing commit 887f75cfd0da44c19dda93b2ff9e70ca8792cdc1 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 7c7bcb44824a7820d1c9aa34fce03337d1e74153ac6e246057fb117767f3ab15 all runs: crashed: WARNING in tcp_retransmit_timer # git bisect bad 887f75cfd0da44c19dda93b2ff9e70ca8792cdc1 Bisecting: 895 revisions left to test after this (roughly 10 steps) [95124339875c8d9c092eb2fa3993e4751e1be48d] Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux testing commit 95124339875c8d9c092eb2fa3993e4751e1be48d compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5fd3cb5758183c355b5d6b411e4e5046472d234f8ee93cc785d50ae9f645613d all runs: OK # git bisect good 95124339875c8d9c092eb2fa3993e4751e1be48d Bisecting: 456 revisions left to test after this (roughly 9 steps) [6a34fdcca452457a530980be2561dab06da3627f] Merge tag 'rtc-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux testing commit 6a34fdcca452457a530980be2561dab06da3627f compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a7f0f897c6545bbb3b30c62242cf9764ffeb67a4ab4434982facee98f35e4b9f all runs: OK # git bisect good 6a34fdcca452457a530980be2561dab06da3627f Bisecting: 220 revisions left to test after this (roughly 8 steps) [8467b0ed6ce37f7e3f87aa3826627dc9cc55ecb2] Merge tag 'for-5.18/drivers-2022-04-01' of git://git.kernel.dk/linux-block testing commit 8467b0ed6ce37f7e3f87aa3826627dc9cc55ecb2 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5629bdd4c5c252f2a6db2a605d5f3b8bfcc3d871eeb823180d35817cbea1d730 run #0: crashed: WARNING in tcp_retransmit_timer run #1: crashed: WARNING in tcp_retransmit_timer run #2: crashed: WARNING in tcp_retransmit_timer run #3: crashed: WARNING in tcp_retransmit_timer run #4: crashed: WARNING in tcp_retransmit_timer run #5: crashed: WARNING in tcp_retransmit_timer run #6: crashed: WARNING in tcp_retransmit_timer run #7: crashed: WARNING in tcp_retransmit_timer run #8: crashed: WARNING in tcp_retransmit_timer run #9: OK # git bisect bad 8467b0ed6ce37f7e3f87aa3826627dc9cc55ecb2 Bisecting: 119 revisions left to test after this (roughly 7 steps) [9ae24d5aa001622035270de8f46c0634e6c6d55a] Merge tag 's390-5.18-2' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux testing commit 9ae24d5aa001622035270de8f46c0634e6c6d55a compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 7f03bd5fc131ed9d02fcd2470a502db03f63abfa61f63bc39230460e2b9bc24c all runs: OK # git bisect good 9ae24d5aa001622035270de8f46c0634e6c6d55a Bisecting: 57 revisions left to test after this (roughly 6 steps) [9a005bea4f59b603c413ac1df19cda37aa3aa486] Merge tag '5.18-smb3-fixes-part2' of git://git.samba.org/sfrench/cifs-2.6 testing commit 9a005bea4f59b603c413ac1df19cda37aa3aa486 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f220193fcc781d107d7dd45ede92e25cb5320882774ba77fc90cd24d8d9348e0 all runs: OK # git bisect good 9a005bea4f59b603c413ac1df19cda37aa3aa486 Bisecting: 25 revisions left to test after this (roughly 5 steps) [3b1509f275ce13865c28ce254c36dc7c915808eb] Merge tag 'for-5.18/io_uring-2022-04-01' of git://git.kernel.dk/linux-block testing commit 3b1509f275ce13865c28ce254c36dc7c915808eb compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5beb547533a1eda07b1c0ad5debec8df60af969b4099efd9a4710990a7f36be4 all runs: OK # git bisect good 3b1509f275ce13865c28ce254c36dc7c915808eb Bisecting: 12 revisions left to test after this (roughly 4 steps) [f941c51eeac7ebe0f8ec30943bf78e7f60aad039] loop: fix ioctl calls using compat_loop_info testing commit f941c51eeac7ebe0f8ec30943bf78e7f60aad039 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 9845b871274f44ce074d958ae1a46d6f81e6c3f030ecc5486138c207a7978da9 all runs: OK # git bisect good f941c51eeac7ebe0f8ec30943bf78e7f60aad039 Bisecting: 6 revisions left to test after this (roughly 3 steps) [8d7829ebc1e48208b3c02c2a10c5f8856246033c] blk-wbt: remove wbt_track stub testing commit 8d7829ebc1e48208b3c02c2a10c5f8856246033c compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 875da8b5fc42c11d144deead9739fc686df21b4862a99e3d4a1127c0e507b15e all runs: OK # git bisect good 8d7829ebc1e48208b3c02c2a10c5f8856246033c Bisecting: 3 revisions left to test after this (roughly 2 steps) [6d35d04a9e18990040e87d2bbf72689252669d54] nbd: fix possible overflow on 'first_minor' in nbd_dev_add() testing commit 6d35d04a9e18990040e87d2bbf72689252669d54 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: fefe90a949f489b08863dc83c7d243fdb99a3d721db7e8887c34915187cabbab all runs: OK # git bisect good 6d35d04a9e18990040e87d2bbf72689252669d54 Bisecting: 1 revision left to test after this (roughly 1 step) [2651ee5ae43241831ca63d7158bb2b151a6a0e1f] drbd: remove check of list iterator against head past the loop body testing commit 2651ee5ae43241831ca63d7158bb2b151a6a0e1f compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 401d5eae1c1e9abf0fc00738151765c017f7d71c6c43997fdc39fbbf0b8ca5ce all runs: OK # git bisect good 2651ee5ae43241831ca63d7158bb2b151a6a0e1f Bisecting: 0 revisions left to test after this (roughly 0 steps) [d589ae0d44607a0af65b83113e4cfba1a8af7eb3] Merge tag 'for-5.18/block-2022-04-01' of git://git.kernel.dk/linux-block testing commit d589ae0d44607a0af65b83113e4cfba1a8af7eb3 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5baef3d6c334f44a0a39dfd741b190a46b6cc9eca48ecd6fd3b506ee4f4ccf4b run #0: crashed: WARNING in tcp_retransmit_timer run #1: crashed: WARNING in tcp_retransmit_timer run #2: crashed: WARNING in tcp_retransmit_timer run #3: crashed: WARNING in tcp_retransmit_timer run #4: crashed: WARNING in tcp_retransmit_timer run #5: crashed: WARNING in tcp_retransmit_timer run #6: crashed: WARNING in tcp_retransmit_timer run #7: crashed: WARNING in tcp_retransmit_timer run #8: crashed: WARNING in tcp_retransmit_timer run #9: OK # git bisect bad d589ae0d44607a0af65b83113e4cfba1a8af7eb3 d589ae0d44607a0af65b83113e4cfba1a8af7eb3 is the first bad commit commit d589ae0d44607a0af65b83113e4cfba1a8af7eb3 Merge: 3b1509f275ce 8d7829ebc1e4 Author: Linus Torvalds Date: Fri Apr 1 16:20:00 2022 -0700 Merge tag 'for-5.18/block-2022-04-01' of git://git.kernel.dk/linux-block Pull block fixes from Jens Axboe: "Either fixes or a few additions that got missed in the initial merge window pull. In detail: - List iterator fix to avoid leaking value post loop (Jakob) - One-off fix in minor count (Christophe) - Fix for a regression in how io priority setting works for an exiting task (Jiri) - Fix a regression in this merge window with blkg_free() being called in an inappropriate context (Ming) - Misc fixes (Ming, Tom)" * tag 'for-5.18/block-2022-04-01' of git://git.kernel.dk/linux-block: blk-wbt: remove wbt_track stub block: use dedicated list iterator variable block: Fix the maximum minor value is blk_alloc_ext_minor() block: restore the old set_task_ioprio() behaviour wrt PF_EXITING block: avoid calling blkg_free() in atomic context lib/sbitmap: allocate sb->map via kvzalloc_node block/blk-cgroup.c | 32 ++++++++++++++++++++++---------- block/blk-ioc.c | 3 +-- block/blk-mq.c | 25 ++++++++++++++++--------- block/blk-wbt.h | 3 --- block/genhd.c | 2 +- include/linux/blk-cgroup.h | 5 ++++- include/linux/sbitmap.h | 2 +- lib/sbitmap.c | 2 +- 8 files changed, 46 insertions(+), 28 deletions(-) revisions tested: 17, total time: 4h10m32.906787616s (build: 2h0m19.535491366s, test: 2h8m18.623106214s) first bad commit: d589ae0d44607a0af65b83113e4cfba1a8af7eb3 Merge tag 'for-5.18/block-2022-04-01' of git://git.kernel.dk/linux-block recipients (to): ["torvalds@linux-foundation.org"] recipients (cc): [] crash: WARNING in tcp_retransmit_timer ------------[ cut here ]------------ WARNING: CPU: 0 PID: 0 at net/ipv4/tcp_timer.c:472 tcp_write_timeout net/ipv4/tcp_timer.c:242 [inline] WARNING: CPU: 0 PID: 0 at net/ipv4/tcp_timer.c:472 tcp_retransmit_timer+0x1636/0x3110 net/ipv4/tcp_timer.c:512 Modules linked in: CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.17.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 RIP: 0010:tcp_retransmit_timer+0x1636/0x3110 net/ipv4/tcp_timer.c:472 Code: 48 89 fa 48 c1 ea 03 0f b6 04 02 48 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 9a 13 00 00 41 0f b6 91 89 06 00 00 e9 ce f3 ff ff <0f> 0b e9 9b ed ff ff 4c 8b 84 24 88 00 00 00 4d 85 c0 0f 84 0e f4 RSP: 0018:ffffc90000007ba0 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 1ffff92000000f7d RCX: ffff888077bde94c RDX: 1ffff1100ef7bc51 RSI: ffffffff88eba280 RDI: ffff888077bde288 RBP: ffff888077bde030 R08: 0000000000000001 R09: ffffffff8f7289c7 R10: 0000000000000001 R11: 0000000000000000 R12: ffff888077bde130 R13: ffff88801ca79b80 R14: 0000000000000000 R15: ffff888077bde000 FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000206a4000 CR3: 00000000721cd000 CR4: 0000000000350ef0 Call Trace: tcp_write_timer_handler+0x4d5/0x970 net/ipv4/tcp_timer.c:622 tcp_write_timer+0x79/0x1b0 net/ipv4/tcp_timer.c:642 call_timer_fn+0x163/0x4a0 kernel/time/timer.c:1421 expire_timers kernel/time/timer.c:1466 [inline] __run_timers.part.0+0x52e/0x8a0 kernel/time/timer.c:1734 __run_timers kernel/time/timer.c:1715 [inline] run_timer_softirq+0x9c/0x190 kernel/time/timer.c:1747 __do_softirq+0x29b/0x9c2 kernel/softirq.c:558 invoke_softirq kernel/softirq.c:432 [inline] __irq_exit_rcu+0x123/0x180 kernel/softirq.c:637 irq_exit_rcu+0x5/0x20 kernel/softirq.c:649 sysvec_apic_timer_interrupt+0x93/0xc0 arch/x86/kernel/apic/apic.c:1097 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:645 RIP: 0010:native_save_fl arch/x86/include/asm/irqflags.h:29 [inline] RIP: 0010:arch_local_save_flags arch/x86/include/asm/irqflags.h:70 [inline] RIP: 0010:arch_irqs_disabled arch/x86/include/asm/irqflags.h:130 [inline] RIP: 0010:acpi_safe_halt drivers/acpi/processor_idle.c:116 [inline] RIP: 0010:acpi_idle_do_entry+0x15e/0x1c0 drivers/acpi/processor_idle.c:556 Code: 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 75 6a 48 8b 45 00 a8 08 75 c9 e8 4d 25 d5 f8 eb 07 0f 00 2d a4 54 b0 00 fb f4 <9c> 58 fa f6 c4 02 74 b1 5d e9 24 24 d5 f8 48 89 ef 5d e9 ab f9 ff RSP: 0018:ffffffff8ac07d88 EFLAGS: 00000206 RAX: 00000000000a00cf RBX: ffff888016321865 RCX: 1ffffffff19920b1 RDX: 0000000000000000 RSI: ffffffff88eb9fa0 RDI: ffffffff89433be0 RBP: ffffffff8acbb4c0 R08: 0000000000000001 R09: 0000000000000001 R10: fffffbfff1597698 R11: 0000000000000001 R12: 0000000000000001 R13: ffff888016321864 R14: ffffffff8b951120 R15: ffff88801867c004 acpi_idle_enter+0x2c0/0x4b0 drivers/acpi/processor_idle.c:692 cpuidle_enter_state+0x152/0xb40 drivers/cpuidle/cpuidle.c:237 cpuidle_enter+0x45/0xa0 drivers/cpuidle/cpuidle.c:351 call_cpuidle kernel/sched/idle.c:155 [inline] cpuidle_idle_call kernel/sched/idle.c:236 [inline] do_idle+0x3e8/0x590 kernel/sched/idle.c:303 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:400 start_kernel+0x343/0x361 init/main.c:1140 secondary_startup_64_no_verify+0xc3/0xcb ---------------- Code disassembly (best guess): 0: 00 00 add %al,(%rax) 2: 00 00 add %al,(%rax) 4: 00 fc add %bh,%ah 6: ff (bad) 7: df 48 c1 fisttps -0x3f(%rax) a: ea (bad) b: 03 80 3c 02 00 75 add 0x7500023c(%rax),%eax 11: 6a 48 pushq $0x48 13: 8b 45 00 mov 0x0(%rbp),%eax 16: a8 08 test $0x8,%al 18: 75 c9 jne 0xffffffe3 1a: e8 4d 25 d5 f8 callq 0xf8d5256c 1f: eb 07 jmp 0x28 21: 0f 00 2d a4 54 b0 00 verw 0xb054a4(%rip) # 0xb054cc 28: fb sti 29: f4 hlt * 2a: 9c pushfq <-- trapping instruction 2b: 58 pop %rax 2c: fa cli 2d: f6 c4 02 test $0x2,%ah 30: 74 b1 je 0xffffffe3 32: 5d pop %rbp 33: e9 24 24 d5 f8 jmpq 0xf8d5245c 38: 48 89 ef mov %rbp,%rdi 3b: 5d pop %rbp 3c: e9 .byte 0xe9 3d: ab stos %eax,%es:(%rdi) 3e: f9 stc 3f: ff .byte 0xff