ci2 starts bisection 2023-05-25 12:16:06.099591246 +0000 UTC m=+6940.495801768
bisecting fixing commit since 42616e0f09fb4e9a6c59892a227f7bdefbd2d6d3
building syzkaller on 4fc6d98dc6e07cb8bfec99a0e049b31083fa09d1
ensuring issue is reproducible on original commit 42616e0f09fb4e9a6c59892a227f7bdefbd2d6d3

testing commit 42616e0f09fb4e9a6c59892a227f7bdefbd2d6d3 gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: fddc58ff75e0a6af2b4ebcf815748b216f76c2f748b0c2e6e4ffda88cb06c789
run #0: infra problem: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc004634190] Location: Message:Quota 'T2A_CPUS' exceeded.  Limit: 80.0 in region us-central1. ForceSendFields:[] NullFields:[]}.
run #1: infra problem: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc00033e550] Location: Message:Quota 'T2A_CPUS' exceeded.  Limit: 80.0 in region us-central1. ForceSendFields:[] NullFields:[]}.
run #2: infra problem: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc0007b46e0] Location: Message:Quota 'T2A_CPUS' exceeded.  Limit: 80.0 in region us-central1. ForceSendFields:[] NullFields:[]}.
run #3: infra problem: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc0007b4af0] Location: Message:Quota 'T2A_CPUS' exceeded.  Limit: 80.0 in region us-central1. ForceSendFields:[] NullFields:[]}.
run #4: crashed: KASAN: out-of-bounds Write in end_buffer_read_sync
run #5: crashed: INFO: rcu detected stall in corrupted
run #6: crashed: INFO: rcu detected stall in corrupted
run #7: crashed: INFO: rcu detected stall in corrupted
run #8: crashed: INFO: rcu detected stall in corrupted
run #9: crashed: INFO: rcu detected stall in corrupted
run #10: crashed: INFO: rcu detected stall in corrupted
run #11: crashed: INFO: rcu detected stall in corrupted
run #12: crashed: INFO: rcu detected stall in corrupted
run #13: crashed: INFO: rcu detected stall in corrupted
run #14: crashed: INFO: rcu detected stall in corrupted
run #15: crashed: UBSAN: array-index-out-of-bounds in find_lock_entries
run #16: crashed: INFO: task hung in __filemap_get_folio
run #17: crashed: INFO: task hung in __filemap_get_folio
run #18: crashed: UBSAN: array-index-out-of-bounds in find_lock_entries
run #19: crashed: INFO: task hung in __filemap_get_folio
testing current HEAD a343b0dd87b42ba9d508fbf7d0c06f744c2e0954
testing commit a343b0dd87b42ba9d508fbf7d0c06f744c2e0954 gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 32a53c24c4d94471dcb27c868122d3f99a1ade55fc66b5cb90ae61099e990b36
run #0: crashed: INFO: rcu detected stall in corrupted
run #1: crashed: INFO: rcu detected stall in corrupted
run #2: crashed: UBSAN: array-index-out-of-bounds in find_lock_entries
run #3: crashed: UBSAN: array-index-out-of-bounds in find_lock_entries
run #4: crashed: UBSAN: array-index-out-of-bounds in find_lock_entries
run #5: crashed: INFO: task hung in __filemap_get_folio
run #6: crashed: INFO: task hung in __filemap_get_folio
run #7: crashed: INFO: task hung in __filemap_get_folio
run #8: crashed: UBSAN: array-index-out-of-bounds in find_lock_entries
run #9: OK
crash still not fixed/happens on the oldest tested release
revisions tested: 2, total time: 1h8m36.127522074s (build: 48m59.513860997s, test: 19m3.89744623s)
crash still not fixed on HEAD or HEAD had kernel test errors
commit msg: Linux 6.1.30
crash: UBSAN: array-index-out-of-bounds in find_lock_entries
loop0: detected capacity change from 0 to 4096
================================================================================
UBSAN: array-index-out-of-bounds in ./include/linux/pagevec.h:129:2
index 255 is out of range for type 'struct folio *[15]'
CPU: 1 PID: 31469 Comm: syz-executor177 Not tainted 6.1.30-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
Call trace:
 dump_backtrace+0x100/0x150 arch/arm64/kernel/stacktrace.c:158
 show_stack+0x18/0x24 arch/arm64/kernel/stacktrace.c:165
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x90/0xc8 lib/dump_stack.c:106
 dump_stack+0x18/0x58 lib/dump_stack.c:113
 ubsan_epilogue lib/ubsan.c:151 [inline]
 __ubsan_handle_out_of_bounds+0xf0/0x114 lib/ubsan.c:282
 folio_batch_add include/linux/pagevec.h:129 [inline]
 find_lock_entries+0x554/0x728 mm/filemap.c:2110
 truncate_inode_pages_range+0x198/0xbd0 mm/truncate.c:364
 truncate_inode_pages mm/truncate.c:452 [inline]
 truncate_inode_pages_final+0x7c/0xa8 mm/truncate.c:487
 ntfs_evict_inode+0x1c/0xac fs/ntfs3/inode.c:1754
 evict+0x220/0x584 fs/inode.c:664
 iput_final fs/inode.c:1747 [inline]
 iput+0x640/0x708 fs/inode.c:1773
 ntfs_fill_super+0x2ad0/0x32c8 fs/ntfs3/super.c:1190
 get_tree_bdev+0x318/0x4d8 fs/super.c:1346
 ntfs_fs_get_tree+0x18/0x24 fs/ntfs3/super.c:1359
 vfs_get_tree+0x88/0x224 fs/super.c:1553
 do_new_mount+0x1a4/0x6fc fs/namespace.c:3040
 path_mount+0x4f8/0xa50 fs/namespace.c:3370
 do_mount fs/namespace.c:3383 [inline]
 __do_sys_mount fs/namespace.c:3591 [inline]
 __se_sys_mount fs/namespace.c:3568 [inline]
 __arm64_sys_mount+0x3a0/0x44c fs/namespace.c:3568
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x7c/0x258 arch/arm64/kernel/syscall.c:52
 0x0
 do_el0_svc+0x54/0x178 arch/arm64/kernel/syscall.c:206
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
================================================================================