ci starts bisection 2023-03-14 19:36:30.26723269 +0000 UTC m=+39949.293936306 bisecting cause commit starting from fc89d7fb499b0162e081f434d45e8d1b47e82ece building syzkaller on 0d5c4377b3122ec946edab50132de6cdde9eac4d ensuring issue is reproducible on original commit fc89d7fb499b0162e081f434d45e8d1b47e82ece testing commit fc89d7fb499b0162e081f434d45e8d1b47e82ece gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 11f3eab98e83f8a04256eb7b716d69cc9407c877947e6f49e221e2fc919140f9 all runs: crashed: WARNING in copy_page_from_iter testing release v6.2 testing commit c9c3395d5e3dcc6daee66c6908354d47bf98cb0c gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 9edf31deb16380c0992e07ac34ac70c8946337db69efb698fa225d31c90e9035 all runs: crashed: WARNING in copy_page_from_iter testing release v6.1 testing commit 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c448eccb8ae6780b6cf4b592b3b4dab3e32937dd2845df92de20abde3d6df104 all runs: OK # git bisect start c9c3395d5e3dcc6daee66c6908354d47bf98cb0c 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 Bisecting: 9429 revisions left to test after this (roughly 13 steps) [1ca06f1c1acecbe02124f14a37cce347b8c1a90c] Merge tag 'xtensa-20221213' of https://github.com/jcmvbkbc/linux-xtensa testing commit 1ca06f1c1acecbe02124f14a37cce347b8c1a90c gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a446f36bc369678e73f48f654897579f7b2aeada4672cd95177e0773c3d30227 all runs: crashed: WARNING in copy_page_from_iter # git bisect bad 1ca06f1c1acecbe02124f14a37cce347b8c1a90c Bisecting: 3754 revisions left to test after this (roughly 12 steps) [8715c6d3100fc7c6edddf29af4a399a1c12d028c] Merge tag 'for-6.2/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm testing commit 8715c6d3100fc7c6edddf29af4a399a1c12d028c gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: eab39fcfdf72294bb7ad23f2f4a9240c9d42e0d7c99f37c044b3f6c63e7b7daf run #0: crashed: WARNING in copy_page_from_iter run #1: crashed: WARNING in copy_page_from_iter run #2: crashed: WARNING in copy_page_from_iter run #3: crashed: WARNING in copy_page_from_iter run #4: crashed: WARNING in copy_page_from_iter run #5: crashed: WARNING in copy_page_from_iter run #6: crashed: WARNING in copy_page_from_iter run #7: crashed: WARNING in copy_page_from_iter run #8: crashed: WARNING in copy_page_from_iter run #9: boot failed: can't ssh into the instance # git bisect bad 8715c6d3100fc7c6edddf29af4a399a1c12d028c Bisecting: 1840 revisions left to test after this (roughly 11 steps) [f10bc40168032962ebee26894bdbdc972cde35bf] Merge tag 'core-debugobjects-2022-12-10' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit f10bc40168032962ebee26894bdbdc972cde35bf gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1904bbb194baded84f5fe621185b247aad3b239360a9b8c0f52415a5c688209e all runs: OK # git bisect good f10bc40168032962ebee26894bdbdc972cde35bf Bisecting: 918 revisions left to test after this (roughly 10 steps) [cf619f891971bfac659ac64968f8c35db605c884] Merge tag 'fs.ovl.setgid.v6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping testing commit cf619f891971bfac659ac64968f8c35db605c884 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: adeff0af004fb85b4ed129c8e2fa3c78b08ba0b8ec00ad5622a024bb41f08713 all runs: crashed: WARNING in copy_page_from_iter # git bisect bad cf619f891971bfac659ac64968f8c35db605c884 Bisecting: 459 revisions left to test after this (roughly 9 steps) [a89ef2aa552db985e0ee8cb458846298c007704c] Merge tag 'x86_tdx_for_6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit a89ef2aa552db985e0ee8cb458846298c007704c gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c7e4b71b9d0a8cf3fe3154f775d9d87fb66284519fd4cefd1b52503ba72b3867 all runs: OK # git bisect good a89ef2aa552db985e0ee8cb458846298c007704c Bisecting: 238 revisions left to test after this (roughly 8 steps) [96f42635684739cb563aa48d92d0d16b8dc9bda8] Merge tag 'rust-6.2' of https://github.com/Rust-for-Linux/linux testing commit 96f42635684739cb563aa48d92d0d16b8dc9bda8 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: d08a31126e2f4c8fbd2f3911d6758c47e9f17c1a278af9484cd0fd35a1634edc all runs: OK # git bisect good 96f42635684739cb563aa48d92d0d16b8dc9bda8 Bisecting: 83 revisions left to test after this (roughly 7 steps) [8702f2c611bf124c48b21b5c57bfc156cd11f4ca] Merge tag 'mm-nonmm-stable-2022-12-12' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm testing commit 8702f2c611bf124c48b21b5c57bfc156cd11f4ca gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8bb16fe9f66d63bac67e224ae07afc0b8fdeb375941112ea1894a2db64896c8f all runs: OK # git bisect good 8702f2c611bf124c48b21b5c57bfc156cd11f4ca Bisecting: 44 revisions left to test after this (roughly 5 steps) [bd90741318ee0a48244e8e4b9364023d730a80a9] Merge tag 'pull-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs testing commit bd90741318ee0a48244e8e4b9364023d730a80a9 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 34bfa767aa18779e460efb562884b3d3310512293a4dd554efaf11104ee47022 all runs: crashed: WARNING in copy_page_from_iter # git bisect bad bd90741318ee0a48244e8e4b9364023d730a80a9 Bisecting: 20 revisions left to test after this (roughly 4 steps) [268369b171ff1be6a68ae8f33d0602c6bea48d2e] Merge tag 'pull-alpha' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs testing commit 268369b171ff1be6a68ae8f33d0602c6bea48d2e gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: ce8ace2f7b15b64587abbbe7d489cff681e7b164368a388552fc0af7153927d8 all runs: OK # git bisect good 268369b171ff1be6a68ae8f33d0602c6bea48d2e Bisecting: 10 revisions left to test after this (roughly 3 steps) [fc02f33787d8dd227b54f263eba983d5b249c032] [xen] fix "direction" argument of iov_iter_kvec() testing commit fc02f33787d8dd227b54f263eba983d5b249c032 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 7c6cc971162a86625fbbf179d826dd6c463464aba9e6d54a91f1c89015c0fb70 all runs: OK # git bisect good fc02f33787d8dd227b54f263eba983d5b249c032 Bisecting: 5 revisions left to test after this (roughly 3 steps) [13c574fec815f449fa812df60844bbb4b1548d19] Merge tag 'pull-namespace' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs testing commit 13c574fec815f449fa812df60844bbb4b1548d19 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5159866e6c10a5e0f84ea8fc4245bb2dab1cffc9202420b3fc23d8ffc2d025f2 all runs: crashed: WARNING in copy_page_from_iter # git bisect bad 13c574fec815f449fa812df60844bbb4b1548d19 Bisecting: 2 revisions left to test after this (roughly 1 step) [de4eda9de2d957ef2d6a8365a01e26a435e958cb] use less confusing names for iov_iter direction initializers testing commit de4eda9de2d957ef2d6a8365a01e26a435e958cb gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 400b4d033973cab6aac1b419966fa9f33a812a2d158e8b80af861d1d203c616d all runs: crashed: WARNING in copy_page_from_iter # git bisect bad de4eda9de2d957ef2d6a8365a01e26a435e958cb Bisecting: 0 revisions left to test after this (roughly 0 steps) [a41dad905e5a388f88435a517de102e9b2c8e43d] iov_iter: saner checks for attempt to copy to/from iterator testing commit a41dad905e5a388f88435a517de102e9b2c8e43d gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: d6142b800ab4b3ba314845e708e0b3b6358e44ec16a57a1ee9272bf42571d64e all runs: crashed: WARNING in copy_page_from_iter # git bisect bad a41dad905e5a388f88435a517de102e9b2c8e43d a41dad905e5a388f88435a517de102e9b2c8e43d is the first bad commit commit a41dad905e5a388f88435a517de102e9b2c8e43d Author: Al Viro Date: Thu Sep 15 20:11:15 2022 -0400 iov_iter: saner checks for attempt to copy to/from iterator instead of "don't do it to ITER_PIPE" check for ->data_source being false on copying from iterator. Check for !->data_source for copying to iterator, while we are at it. Signed-off-by: Al Viro lib/iov_iter.c | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) culprit signature: d6142b800ab4b3ba314845e708e0b3b6358e44ec16a57a1ee9272bf42571d64e parent signature: 7c6cc971162a86625fbbf179d826dd6c463464aba9e6d54a91f1c89015c0fb70 revisions tested: 16, total time: 4h11m35.813134032s (build: 2h31m11.849357935s, test: 1h37m40.785855353s) first bad commit: a41dad905e5a388f88435a517de102e9b2c8e43d iov_iter: saner checks for attempt to copy to/from iterator recipients (to): ["viro@zeniv.linux.org.uk"] recipients (cc): [] crash: WARNING in copy_page_from_iter ------------[ cut here ]------------ WARNING: CPU: 0 PID: 4167 at lib/iov_iter.c:629 _copy_from_iter+0x251/0xe80 lib/iov_iter.c:633 Modules linked in: CPU: 0 PID: 4167 Comm: syz-executor.0 Not tainted 6.1.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 RIP: 0010:_copy_from_iter+0x251/0xe80 lib/iov_iter.c:629 Code: e0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 be 79 02 00 00 48 c7 c7 c0 8f c1 89 4c 89 04 24 e8 b8 e9 f3 fd 4c 8b 04 24 e9 88 fe ff ff <0f> 0b 45 31 e4 eb 94 84 c0 0f 85 36 02 00 00 48 8d 43 18 48 89 c2 RSP: 0018:ffffc900032b76c0 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffffc900032b78b8 RCX: ffffc900032b7801 RDX: 0000000000000002 RSI: 0000000000000021 RDI: ffffc900032b78ba RBP: ffffc900032b78b8 R08: ffff88806bcd0000 R09: ffff888016d66170 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000021 R13: 0000000000000021 R14: 1ffff92000656edf R15: 0000000000000000 FS: 00007fdba9133700(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055abfb87b300 CR3: 0000000072911000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: copy_page_from_iter lib/iov_iter.c:754 [inline] copy_page_from_iter+0x78/0xb0 lib/iov_iter.c:743 bio_copy_from_iter block/blk-map.c:54 [inline] bio_copy_user_iov block/blk-map.c:209 [inline] blk_rq_map_user_iov+0x731/0x12c0 block/blk-map.c:658 blk_rq_map_user block/blk-map.c:688 [inline] blk_rq_map_user_io+0x199/0x1e0 block/blk-map.c:721 sg_start_req drivers/scsi/sg.c:1807 [inline] sg_common_write.constprop.0+0xca3/0x1ab0 drivers/scsi/sg.c:803 sg_new_write.isra.0+0x429/0x6e0 drivers/scsi/sg.c:770 sg_ioctl_common drivers/scsi/sg.c:935 [inline] sg_ioctl+0x83e/0x2470 drivers/scsi/sg.c:1159 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:870 [inline] __se_sys_ioctl fs/ioctl.c:856 [inline] __x64_sys_ioctl+0x123/0x190 fs/ioctl.c:856 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fdba848c0f9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fdba9133168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007fdba85abf80 RCX: 00007fdba848c0f9 RDX: 0000000020000180 RSI: 0000000000002285 RDI: 0000000000000003 RBP: 00007fdba84e7b39 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd9956a8bf R14: 00007fdba9133300 R15: 0000000000022000