ci2 starts bisection 2023-11-06 02:59:28.855057147 +0000 UTC m=+201415.760495983
bisecting cause commit starting from 90b0c2b2edd1adff742c621e246562fbefa11b70
building syzkaller on 500bfdc41735bc8d617cbfd4f1ab6b5980c8f1e5
ensuring issue is reproducible on original commit 90b0c2b2edd1adff742c621e246562fbefa11b70

testing commit 90b0c2b2edd1adff742c621e246562fbefa11b70 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: d3e818f19e46db58ee0f6bc968ce8545ac0d43a802a8ebc6b92335114e1b598b
run #0: crashed: possible deadlock in vm_mmap_pgoff
run #1: crashed: possible deadlock in do_page_mkwrite
run #2: crashed: possible deadlock in vm_mmap_pgoff
run #3: crashed: possible deadlock in vm_mmap_pgoff
run #4: crashed: possible deadlock in vm_mmap_pgoff
run #5: crashed: possible deadlock in vm_mmap_pgoff
run #6: crashed: possible deadlock in vm_mmap_pgoff
run #7: crashed: possible deadlock in vm_mmap_pgoff
run #8: crashed: possible deadlock in vm_mmap_pgoff
run #9: crashed: possible deadlock in vm_mmap_pgoff
run #10: crashed: possible deadlock in vm_mmap_pgoff
run #11: crashed: possible deadlock in vm_mmap_pgoff
run #12: crashed: possible deadlock in vm_mmap_pgoff
run #13: crashed: possible deadlock in vm_mmap_pgoff
run #14: crashed: possible deadlock in vm_mmap_pgoff
run #15: crashed: possible deadlock in reiserfs_dirty_inode
run #16: crashed: possible deadlock in vm_mmap_pgoff
run #17: crashed: possible deadlock in vm_mmap_pgoff
run #18: crashed: possible deadlock in vm_mmap_pgoff
run #19: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in vm_mmap_pgoff, types: [LOCKDEP]
check whether we can drop unnecessary instrumentation
disabling configs for [HANG LEAK UBSAN BUG KASAN ATOMIC_SLEEP], they are not needed
testing commit 90b0c2b2edd1adff742c621e246562fbefa11b70 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 7c0e67cc239f6657f079120377e70931e82033b7b8588620f6e0341c6bbaa2f5
all runs: OK
false negative chance: 0.000
kconfig minimization: base=3930 full=7655 leaves diff=1998
split chunks (needed=false): <1998>
split chunk #0 of len 1998 into 5 parts
testing without sub-chunk 1/5
testing commit 90b0c2b2edd1adff742c621e246562fbefa11b70 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: d56a92f1332f0492493eab6173f66ea31790fd193728608ab5eebe2b07a94cdc
all runs: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in vm_mmap_pgoff, types: [LOCKDEP]
the chunk can be dropped
testing without sub-chunk 2/5
testing commit 90b0c2b2edd1adff742c621e246562fbefa11b70 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 036c53c87ef2d9e33cbd1d0964cef23902937fd410e5782de08683a1a4585890
run #0: crashed: possible deadlock in vm_mmap_pgoff
run #1: crashed: possible deadlock in vm_mmap_pgoff
run #2: crashed: possible deadlock in reiserfs_dirty_inode
run #3: crashed: possible deadlock in vm_mmap_pgoff
run #4: crashed: possible deadlock in vm_mmap_pgoff
run #5: crashed: possible deadlock in vm_mmap_pgoff
run #6: crashed: possible deadlock in vm_mmap_pgoff
run #7: crashed: possible deadlock in vm_mmap_pgoff
run #8: crashed: possible deadlock in vm_mmap_pgoff
run #9: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in vm_mmap_pgoff, types: [LOCKDEP]
the chunk can be dropped
testing without sub-chunk 3/5
testing commit 90b0c2b2edd1adff742c621e246562fbefa11b70 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 05e617909abb7a63632642f210f881028d0a7ecdd04da275c03fded64c9f8c36
run #0: crashed: possible deadlock in reiserfs_dirty_inode
run #1: crashed: possible deadlock in vm_mmap_pgoff
run #2: crashed: possible deadlock in vm_mmap_pgoff
run #3: crashed: possible deadlock in vm_mmap_pgoff
run #4: crashed: possible deadlock in vm_mmap_pgoff
run #5: crashed: possible deadlock in vm_mmap_pgoff
run #6: crashed: possible deadlock in vm_mmap_pgoff
run #7: crashed: possible deadlock in vm_mmap_pgoff
run #8: crashed: possible deadlock in vm_mmap_pgoff
run #9: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in reiserfs_dirty_inode, types: [LOCKDEP]
the chunk can be dropped
testing without sub-chunk 4/5
testing commit 90b0c2b2edd1adff742c621e246562fbefa11b70 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 62594351a312c2a12d1c2baee12721c19b8d303752e82c35a4200c386a411910
all runs: OK
false negative chance: 0.000
testing without sub-chunk 5/5
testing commit 90b0c2b2edd1adff742c621e246562fbefa11b70 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 81c2c78a307e6f245bf76358eabb6559eb0633a9a9668f2208aed84b4dc7a71d
all runs: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in vm_mmap_pgoff, types: [LOCKDEP]
the chunk can be dropped
minimized to 400 configs; suspects: [AF_RXRPC ARCH_ENABLE_MEMORY_HOTREMOVE ATM AX25 CFG80211 CMA DAX DLM DVB_CORE ENCRYPTED_KEYS EXTCON GENEVE GPIOLIB HAMRADIO HAVE_CLK HID_SENSOR_HUB HID_SMARTJOYPLUS HID_THRUSTMASTER IIO INFINIBAND INFINIBAND_ADDR_TRANS INFINIBAND_IPOIB INFINIBAND_USER_ACCESS INFINIBAND_VIRT_DMA INPUT_TABLET INPUT_TOUCHSCREEN IP_SCTP L2TP LIBNVDIMM MEDIA_COMMON_OPTIONS MEDIA_DIGITAL_TV_SUPPORT MEDIA_RADIO_SUPPORT MEDIA_SDR_SUPPORT MEDIA_SUPPORT MEDIA_USB_SUPPORT MEMORY_HOTPLUG MEMORY_HOTREMOVE MFD_DLN2 MFD_RETU MMC MTD MTD_UBI NETFILTER_CONNCOUNT NET_IPGRE NET_IPGRE_DEMUX NFS_V4_1 NF_TPROXY_IPV6 NILFS2_FS NLMON NLS_CODEPAGE_1250 NLS_CODEPAGE_1251 NLS_CODEPAGE_737 NLS_CODEPAGE_775 NLS_CODEPAGE_850 NLS_CODEPAGE_852 NLS_CODEPAGE_855 NLS_CODEPAGE_857 NLS_CODEPAGE_860 NLS_CODEPAGE_861 NLS_CODEPAGE_862 NLS_CODEPAGE_863 NLS_CODEPAGE_864 NLS_CODEPAGE_865 NLS_CODEPAGE_866 NLS_CODEPAGE_869 NLS_CODEPAGE_874 NLS_CODEPAGE_932 NLS_CODEPAGE_936 NLS_CODEPAGE_949 NLS_CODEPAGE_950 NLS_ISO8859_13 NLS_ISO8859_14 NLS_ISO8859_15 NLS_ISO8859_2 NLS_ISO8859_3 NLS_ISO8859_4 NLS_ISO8859_5 NLS_ISO8859_6 NLS_ISO8859_7 NLS_ISO8859_8 NLS_ISO8859_9 NLS_KOI8_R NLS_KOI8_U NLS_MAC_CELTIC NLS_MAC_CENTEURO NLS_MAC_CROATIAN NLS_MAC_CYRILLIC NLS_MAC_GAELIC NLS_MAC_GREEK NLS_MAC_ICELAND NLS_MAC_INUIT NLS_MAC_ROMAN NLS_MAC_ROMANIAN NLS_MAC_TURKISH NLS_UCS2_UTILS NOP_USB_XCEIV NOZOMI NTFS3_FS NTFS3_FS_POSIX_ACL NTFS3_LZX_XPRESS NTFS_FS NTFS_RW NULL_TTY NUMA_BALANCING NUMA_BALANCING_DEFAULT_ENABLED NUMA_EMU NUMA_KEEP_MEMINFO NVDIMM_DAX NVDIMM_KEYS NVDIMM_PFN NVME_CORE NVME_FABRICS NVME_FC NVME_MULTIPATH NVME_RDMA NVME_TARGET NVME_TARGET_FC NVME_TARGET_FCLOOP NVME_TARGET_LOOP NVME_TARGET_RDMA NVME_TARGET_TCP NVME_TCP N_GSM N_HDLC OCFS2_DEBUG_FS OCFS2_FS OCFS2_FS_O2CB OCFS2_FS_STATS OCFS2_FS_USERSPACE_CLUSTER OF_GPIO OF_PMEM OMFS_FS OPENVSWITCH OPENVSWITCH_GENEVE OPENVSWITCH_GRE OPENVSWITCH_VXLAN ORANGEFS_FS OSF_PARTITION OVERLAY_FS OVERLAY_FS_DEBUG OVERLAY_FS_INDEX OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW OVERLAY_FS_REDIRECT_DIR PACKET_DIAG PADATA PAGE_IDLE_FLAG PAGE_POOL PAGE_REPORTING PAHOLE_HAS_BTF_TAG PAHOLE_HAS_LANG_EXCLUDE PAHOLE_HAS_SPLIT_BTF PARPORT PARPORT_NOT_PC PARTITION_ADVANCED PCCARD PCCARD_NONSTATIC PCIEAER PCI_ENDPOINT PCI_IOV PCMCIA PCMCIA_LOAD_CIS PERCPU_STATS PERSISTENT_KEYRINGS PHONET PHYLINK PHY_CPCAP_USB PHY_QCOM_USB_HS PHY_QCOM_USB_HSIC PHY_SAMSUNG_USB2 PHY_TUSB1210 PKCS7_TEST_KEY PKCS8_PRIVATE_KEY_PARSER PM_CLK PNFS_BLOCK PNFS_FILE_LAYOUT PNFS_FLEXFILE_LAYOUT PPP PPPOATM PPPOE PPPOE_HASH_BITS_4 PPPOL2TP PPP_ASYNC PPP_BSDCOMP PPP_DEFLATE PPP_FILTER PPP_MPPE PPP_MULTILINK PPP_SYNC_TTY PPTP PREEMPT PREEMPT_NOTIFIERS PRISM2_USB PROC_CHILDREN PSI PSTORE PSTORE_COMPRESS QCOM_QMI_HELPERS QNX4FS_FS QNX6FS_FS QRTR QRTR_TUN R8712U RADIO_ADAPTERS RADIO_SHARK RADIO_SHARK2 RADIO_TEA575X RAID_ATTRS RC_ATI_REMOTE RC_CORE RC_DEVICES RDMA_RXE RDMA_SIW RDS RDS_RDMA RDS_TCP READ_ONLY_THP_FOR_FS REALTEK_AUTOPM REED_SOLOMON REED_SOLOMON_DEC8 REGMAP REGMAP_I2C REGMAP_IRQ REGMAP_MMIO REGULATOR REGULATOR_TWL4030 REISERFS_FS REISERFS_FS_POSIX_ACL REISERFS_FS_SECURITY REISERFS_FS_XATTR REISERFS_PROC_INFO RESET_CONTROLLER RFKILL RFKILL_INPUT RFKILL_LEDS RMI4_2D_SENSOR RMI4_CORE RMI4_F03 RMI4_F03_SERIO RMI4_F11 RMI4_F12 RMI4_F30 ROMFS_BACKED_BY_BOTH ROMFS_FS ROMFS_ON_BLOCK ROMFS_ON_MTD ROSE RTC_DRV_HID_SENSOR_TIME RXKAD SCHED_CORE SCSI_FC_ATTRS SCSI_HPSA SCSI_ISCSI_ATTRS SCSI_LOGGING SCSI_NETLINK SCSI_SAS_ATA SCSI_SAS_ATTRS SCSI_SAS_LIBSAS SCSI_SCAN_ASYNC SCSI_SRP_ATTRS SCTP_COOKIE_HMAC_MD5 SCTP_COOKIE_HMAC_SHA1 SCTP_DEFAULT_COOKIE_HMAC_MD5 SECONDARY_TRUSTED_KEYRING SECURITY_INFINIBAND SECURITY_NETWORK_XFRM SECURITY_SMACK_NETFILTER SERIAL_DEV_BUS SERIAL_DEV_CTRL_TTYPORT SERIAL_MCTRL_GPIO SGI_PARTITION SIGNATURE SIGNED_PE_FILE_VERIFICATION SLHC SLIP SLIP_COMPRESSED SLIP_MODE_SLIP6 SLIP_SMART SMARTJOYPLUS_FF SMBFS SMC SMC_DIAG SMSC_PHY SMS_SIANO_MDTV SMS_SIANO_RC SMS_USB_DRV SND SND_ALOOP SND_BCD2000 SND_CTL_FAST_LOOKUP SND_CTL_LED SND_DEBUG SND_DMA_SGBUF SND_DRIVERS SND_DUMMY SND_DYNAMIC_MINORS SND_HDA SND_HDA_CODEC_ANALOG SND_HDA_CODEC_CA0110 SND_HDA_CODEC_CA0132 SND_HDA_CODEC_CIRRUS SND_HDA_CODEC_CMEDIA SND_HDA_CODEC_CONEXANT SND_HDA_CODEC_HDMI SND_HDA_CODEC_REALTEK SND_HDA_CODEC_SI3054 SND_HDA_CODEC_SIGMATEL SND_HDA_CODEC_VIA SND_HDA_COMPONENT SND_HDA_CORE SND_HDA_GENERIC SND_HDA_GENERIC_LEDS SND_HDA_HWDEP SND_HDA_I915 SND_HDA_INPUT_BEEP SND_HDA_INTEL SND_HDA_PATCH_LOADER SND_HDA_RECONFIG SND_HRTIMER SND_HWDEP SND_INTEL_DSP_CONFIG SND_INTEL_NHLT SND_INTEL_SOUNDWIRE_ACPI SND_JACK SND_JACK_INPUT_DEV SND_MIXER_OSS SND_OSSEMUL SND_PCI SND_PCM SND_PCMCIA SND_PCM_OSS SND_PCM_OSS_PLUGINS SND_PCM_TIMER SND_PCM_XRUN_DEBUG SND_PROC_FS SND_RAWMIDI SND_SEQUENCER SND_SEQUENCER_OSS SND_SEQ_DEVICE SND_SEQ_DUMMY SND_SEQ_HRTIMER_DEFAULT SND_SEQ_MIDI SND_SEQ_MIDI_EVENT SND_SEQ_VIRMIDI SND_SUPPORT_OLD_API SND_TIMER SND_USB SND_USB_6FIRE SND_USB_AUDIO SND_USB_AUDIO_USE_MEDIA_CONTROLLER SND_USB_CAIAQ SND_USB_CAIAQ_INPUT SND_USB_HIFACE SND_USB_LINE6 SND_USB_POD SND_USB_PODHD SND_USB_TONEPORT SND_USB_UA101 SND_USB_US122L SND_USB_USX2Y SND_USB_VARIAX SND_VERBOSE_PROCFS SND_VIRMIDI SND_VIRTIO SND_VMASTER SND_X86 SOCK_VALIDATE_XMIT SOLARIS_X86_PARTITION SONY_FF SOUND SOUND_OSS_CORE SOUND_OSS_CORE_PRECLAIM SPI SPI_DLN2 SPI_DYNAMIC SPI_MASTER SQUASHFS SQUASHFS_4K_DEVBLK_SIZE SQUASHFS_COMPILE_DECOMP_SINGLE SQUASHFS_DECOMP_SINGLE SQUASHFS_FILE_DIRECT SQUASHFS_LZ4 SQUASHFS_LZO SQUASHFS_XATTR SQUASHFS_XZ SQUASHFS_ZLIB SQUASHFS_ZSTD SSB SSB_PCIHOST_POSSIBLE SSB_PCMCIAHOST_POSSIBLE SSB_SDIOHOST_POSSIBLE STAGING STP STREAM_PARSER SUNRPC_BACKCHANNEL SUN_PARTITION SW_SYNC SYSFB SYSV68_PARTITION SYSV_FS TABLET_USB_ACECAD TABLET_USB_AIPTEK TABLET_USB_HANWANG TABLET_USB_KBTAB TABLET_USB_PEGASUS TAHVO_USB TAHVO_USB_HOST_BY_DEFAULT TASKS_TRACE_RCU TCG_CRB TCG_TIS TCG_TIS_CORE TCG_TPM TCP_CONG_BBR TCP_CONG_BIC TCP_CONG_CDG TCP_CONG_DCTCP TCP_CONG_HSTCP TCP_CONG_HTCP TCP_CONG_HYBLA TCP_CONG_ILLINOIS TCP_CONG_LP TCP_CONG_NV TCP_CONG_SCALABLE TCP_CONG_VEGAS TCP_CONG_VENO TCP_CONG_WESTWOOD TCP_CONG_YEAH TCP_SIGPOOL TEXTSEARCH TEXTSEARCH_BM TEXTSEARCH_FSM TEXTSEARCH_KMP THERMAL_NETLINK THP_SWAP THRUSTMASTER_FF TIPC TIPC_CRYPTO TIPC_DIAG TIPC_MEDIA_IB TIPC_MEDIA_UDP TLS TLS_TOE TMPFS_QUOTA TOUCHSCREEN_SUR40 TOUCHSCREEN_USB_3M TOUCHSCREEN_USB_COMPOSITE TOUCHSCREEN_USB_DMC_TSC10 TOUCHSCREEN_USB_E2I TOUCHSCREEN_USB_EASYTOUCH TOUCHSCREEN_USB_EGALAX TOUCHSCREEN_USB_ELO TOUCHSCREEN_USB_ETT_TC45USB TOUCHSCREEN_USB_ETURBO TOUCHSCREEN_USB_GENERAL_TOUCH TOUCHSCREEN_USB_GOTOP TOUCHSCREEN_USB_GUNZE TOUCHSCREEN_USB_IDEALTEK TOUCHSCREEN_USB_IRTOUCH TOUCHSCREEN_USB_ITM TOUCHSCREEN_USB_JASTEC TOUCHSCREEN_USB_NEXIO TOUCHSCREEN_USB_PANJIT TOUCHSCREEN_USB_ZYTRONIC TRANSPARENT_HUGEPAGE TRANSPARENT_HUGEPAGE_MADVISE TTPCI_EEPROM TTY_PRINTK TUN_VNET_CROSS_LE TWL4030_CORE TYPEC TYPEC_FUSB302 TYPEC_TCPCI TYPEC_TCPM TYPEC_TPS6598X TYPEC_UCSI UBIFS_ATIME_SUPPORT UBIFS_FS UBIFS_FS_ADVANCED_COMPR UBIFS_FS_LZO UBIFS_FS_SECURITY UBIFS_FS_XATTR UBIFS_FS_ZLIB UBIFS_FS_ZSTD UCSI_ACPI UDF_FS UDMABUF UFS_FS UFS_FS_WRITE UHID ULTRIX_PARTITION UNICODE UNIXWARE_DISKLABEL UNIX_DIAG USB4 USB4_NET USBIP_CORE USBIP_HOST USBIP_VHCI_HCD USBIP_VUDC USBPCWATCHDOG USB_ACM USB_ADUTUX USB_AIRSPY USB_ALI_M5632 USB_AN2720 USB_APPLEDISPLAY USB_ARMLINUX USB_BDC_UDC USB_BELKIN USB_C67X00_HCD USB_CATC USB_CDC_PHONET USB_CHAOSKEY USB_CHIPIDEA USB_CHIPIDEA_HOST USB_CHIPIDEA_NPCM USB_CHIPIDEA_PCI USB_CHIPIDEA_UDC USB_CONFIGFS USB_CONFIGFS_ACM USB_CONFIGFS_ECM USB_CONFIGFS_ECM_SUBSET USB_CONFIGFS_EEM USB_DWC2 USB_GADGET USB_MUSB_HDRC USB_NET_CDC_SUBSET USB_ROLE_SWITCH USB_STORAGE_REALTEK USB_ULPI_BUS USB_USBNET VIDEO_DEV VXLAN WIRELESS WLAN ZONE_DEVICE]
picked [v6.6 v6.5 v6.4 v6.2 v6.0 v5.18 v5.16 v5.14 v5.11 v5.8 v5.5 v5.2 v4.20 v4.19] out of 29 release tags
testing release v6.6
testing commit ffc253263a1375a65fa6c9f62a893e9767fbebfa gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 101fe2c87fd776497f4f727349780f024e25c02d4c603d6cfada986d0c7a2315
run #0: crashed: possible deadlock in vm_mmap_pgoff
run #1: crashed: possible deadlock in reiserfs_dirty_inode
run #2: crashed: possible deadlock in vm_mmap_pgoff
run #3: crashed: possible deadlock in reiserfs_dirty_inode
run #4: crashed: possible deadlock in vm_mmap_pgoff
run #5: crashed: possible deadlock in vm_mmap_pgoff
run #6: crashed: possible deadlock in vm_mmap_pgoff
run #7: crashed: possible deadlock in vm_mmap_pgoff
run #8: crashed: possible deadlock in vm_mmap_pgoff
run #9: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in vm_mmap_pgoff, types: [LOCKDEP]
testing release v6.5
testing commit 2dde18cd1d8fac735875f2e4987f11817cc0bc2c gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 96fb190d3c74dcdeec44258533beddd6d125d1f0c8170b2c16d1eb783a3d76b0
all runs: crashed: UBSAN: array-index-out-of-bounds in do_journal_end
representative crash: UBSAN: array-index-out-of-bounds in do_journal_end, types: [UBSAN]
testing release v6.4
testing commit 6995e2de6891c724bfeb2db33d7b87775f913ad1 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 03e8980cc6a71aecd1520c850e3ddbf8faf40fe22f0d01d3332bc056c0773281
all runs: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in vm_mmap_pgoff, types: [LOCKDEP]
testing release v6.2
testing commit c9c3395d5e3dcc6daee66c6908354d47bf98cb0c gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: fc7b086910f51aff2489902a8abbf102262a6b8b8049986a77435fdb24644502
all runs: OK
false negative chance: 0.000
# git bisect start 6995e2de6891c724bfeb2db33d7b87775f913ad1 c9c3395d5e3dcc6daee66c6908354d47bf98cb0c
Bisecting: 15817 revisions left to test after this (roughly 14 steps)
[ce7928f7cf988e3f20ec3cca050838b266e9ef14] Merge tag 'wireless-next-2023-03-30' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless-next

testing commit ce7928f7cf988e3f20ec3cca050838b266e9ef14 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 16fb1a4ded752b1a1198d1cd3eef611f7467f30ec2a78eee89ff8deecac205dd
all runs: OK
false negative chance: 0.000
# git bisect good ce7928f7cf988e3f20ec3cca050838b266e9ef14
Bisecting: 7904 revisions left to test after this (roughly 13 steps)
[34b62f186db9614e55d021f8c58d22fc44c57911] Merge tag 'pci-v6.4-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci

testing commit 34b62f186db9614e55d021f8c58d22fc44c57911 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: a2079f55628007451bb2a16c0eb7496aff124322e22e499a2dfc7ee9a04a7655
run #0: crashed: possible deadlock in vm_mmap_pgoff
run #1: crashed: possible deadlock in vm_mmap_pgoff
run #2: crashed: possible deadlock in reiserfs_dirty_inode
run #3: crashed: possible deadlock in vm_mmap_pgoff
run #4: crashed: possible deadlock in vm_mmap_pgoff
run #5: crashed: possible deadlock in vm_mmap_pgoff
run #6: crashed: possible deadlock in vm_mmap_pgoff
run #7: crashed: possible deadlock in vm_mmap_pgoff
run #8: crashed: possible deadlock in vm_mmap_pgoff
run #9: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in vm_mmap_pgoff, types: [LOCKDEP]
# git bisect bad 34b62f186db9614e55d021f8c58d22fc44c57911
Bisecting: 3798 revisions left to test after this (roughly 12 steps)
[c8cc58e289ed3b5bc50258f52776cf3dfa3bad66] Merge tag 'drm-next-2023-04-24' of git://anongit.freedesktop.org/drm/drm

testing commit c8cc58e289ed3b5bc50258f52776cf3dfa3bad66 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 076f09cf55a3298bf70fcb3734f4fa907b0c382af1aa3ab62c4c550fda5649f5
all runs: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in vm_mmap_pgoff, types: [LOCKDEP]
# git bisect bad c8cc58e289ed3b5bc50258f52776cf3dfa3bad66
Bisecting: 1641 revisions left to test after this (roughly 11 steps)
[d53c3eaaef6a05fec04e8b5990d97d7216eb5e42] Merge tag 'soc-dt-6.4' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc

testing commit d53c3eaaef6a05fec04e8b5990d97d7216eb5e42 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 4597153e76dc384661f71da36df147dd2d1052aeea8d16eabf81476a4d1dcd8e
all runs: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in vm_mmap_pgoff, types: [LOCKDEP]
# git bisect bad d53c3eaaef6a05fec04e8b5990d97d7216eb5e42
Bisecting: 1232 revisions left to test after this (roughly 10 steps)
[e94ee641f9cef2502adfe5e0c264b271420c7ab5] Merge tag 'edac_updates_for_v6.4' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras

testing commit e94ee641f9cef2502adfe5e0c264b271420c7ab5 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: db8b4759ab0935cc8aad3c4aea3391c899c37edffabd0ee7772c1e6742d46b85
all runs: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in vm_mmap_pgoff, types: [LOCKDEP]
# git bisect bad e94ee641f9cef2502adfe5e0c264b271420c7ab5
Bisecting: 613 revisions left to test after this (roughly 9 steps)
[40aacb3183ff74e15940189ff9a998a93b5ca76f] Merge tag 'loongarch-fixes-6.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson

testing commit 40aacb3183ff74e15940189ff9a998a93b5ca76f gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 02e327d9bc6ee5f17ae88d21a4edf43d2561906dd5e8a6b48da28b115a21449a
all runs: OK
false negative chance: 0.000
# git bisect good 40aacb3183ff74e15940189ff9a998a93b5ca76f
Bisecting: 309 revisions left to test after this (roughly 8 steps)
[60eb45074234b90333b6241b4fd8d196aa2dfd98] Merge tag 'lkmm-scripting.2023.04.07a' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu

testing commit 60eb45074234b90333b6241b4fd8d196aa2dfd98 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: f837194d712bb696934f1443aaff3d5c065053a4012eca86b1f07809a69cfa5c
run #0: crashed: possible deadlock in reiserfs_dirty_inode
run #1: crashed: possible deadlock in vm_mmap_pgoff
run #2: crashed: possible deadlock in vm_mmap_pgoff
run #3: crashed: possible deadlock in vm_mmap_pgoff
run #4: crashed: possible deadlock in vm_mmap_pgoff
run #5: crashed: possible deadlock in vm_mmap_pgoff
run #6: crashed: possible deadlock in vm_mmap_pgoff
run #7: crashed: possible deadlock in vm_mmap_pgoff
run #8: crashed: possible deadlock in vm_mmap_pgoff
run #9: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in reiserfs_dirty_inode, types: [LOCKDEP]
# git bisect bad 60eb45074234b90333b6241b4fd8d196aa2dfd98
Bisecting: 151 revisions left to test after this (roughly 7 steps)
[567671281a751b80918a4531c4ba84b90a2a42c0] KEYS: X.509: Parse Key Usage

testing commit 567671281a751b80918a4531c4ba84b90a2a42c0 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 8ddde92a02a24b98ae47a18a6a76fe2d23cbb79d1e099a4da3e909928780956e
all runs: OK
false negative chance: 0.000
# git bisect good 567671281a751b80918a4531c4ba84b90a2a42c0
Bisecting: 75 revisions left to test after this (roughly 6 steps)
[08e30833f86ba25945e416b9f372791aacfef153] Merge tag 'lsm-pr-20230420' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm

testing commit 08e30833f86ba25945e416b9f372791aacfef153 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: b0a4278de59be39dde61a124641e2688332b8761c207346a2cf8e792c9e481ee
run #0: crashed: possible deadlock in vm_mmap_pgoff
run #1: crashed: possible deadlock in vm_mmap_pgoff
run #2: crashed: possible deadlock in vm_mmap_pgoff
run #3: crashed: possible deadlock in vm_mmap_pgoff
run #4: crashed: possible deadlock in vm_mmap_pgoff
run #5: crashed: possible deadlock in do_page_mkwrite
run #6: crashed: possible deadlock in vm_mmap_pgoff
run #7: crashed: possible deadlock in vm_mmap_pgoff
run #8: crashed: possible deadlock in vm_mmap_pgoff
run #9: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in vm_mmap_pgoff, types: [LOCKDEP]
# git bisect bad 08e30833f86ba25945e416b9f372791aacfef153
Bisecting: 42 revisions left to test after this (roughly 5 steps)
[a5624566431de76b17862383d9ae254d9606cba9] Merge branch 'x86-rep-insns': x86 user copy clarifications

testing commit a5624566431de76b17862383d9ae254d9606cba9 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 337576ecff6fcd0adec7cae3b5764247a54c491840846050c1349adac257460c
all runs: OK
false negative chance: 0.000
# git bisect good a5624566431de76b17862383d9ae254d9606cba9
Bisecting: 21 revisions left to test after this (roughly 5 steps)
[e261301c851aee401cfc63179ca4d3facd2f098b] lsm: move the remaining LSM hook comments to security/security.c

testing commit e261301c851aee401cfc63179ca4d3facd2f098b gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 5ef850445172a858bb4fd6226fec3d15e6dc889d275856b2a081e391d59fac89
all runs: OK
false negative chance: 0.000
# git bisect good e261301c851aee401cfc63179ca4d3facd2f098b
Bisecting: 10 revisions left to test after this (roughly 4 steps)
[d82dcd9e21b77d338dc4875f3d4111f0db314a7c] reiserfs: Add security prefix to xattr name in reiserfs_security_write()

testing commit d82dcd9e21b77d338dc4875f3d4111f0db314a7c gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 3c8fff5c1c094c4b702547b8475891724f209942e7289ad6eadbf05dc409f6b6
all runs: crashed: possible deadlock in vm_mmap_pgoff
representative crash: possible deadlock in vm_mmap_pgoff, types: [LOCKDEP]
# git bisect bad d82dcd9e21b77d338dc4875f3d4111f0db314a7c
Bisecting: 5 revisions left to test after this (roughly 3 steps)
[42994ee3cd7298b27698daa6848ed7168e72d056] security: Introduce LSM_ORDER_LAST and set it for the integrity LSM

testing commit 42994ee3cd7298b27698daa6848ed7168e72d056 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: e0d91d10694726e298a19371e3a4acc2f4cc701ce1fe47a36776eb07c15ad554
all runs: OK
false negative chance: 0.000
# git bisect good 42994ee3cd7298b27698daa6848ed7168e72d056
Bisecting: 2 revisions left to test after this (roughly 2 steps)
[52ca4b6435a493e47aaa98e7345e19e1e8710b13] reiserfs: Switch to security_inode_init_security()

testing commit 52ca4b6435a493e47aaa98e7345e19e1e8710b13 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 2d45592cc4e762fcdd53b276037125e8ad50b2197922a3d28aa48dd2224d5fe5
all runs: OK
false negative chance: 0.000
# git bisect good 52ca4b6435a493e47aaa98e7345e19e1e8710b13
Bisecting: 0 revisions left to test after this (roughly 1 step)
[0d57b970df352517a75f4533820c49de360c4123] security: Remove security_old_inode_init_security()

testing commit 0d57b970df352517a75f4533820c49de360c4123 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 73d9b5fb3f85d856ae9ff1cfc6cb6528e36ec199c82d4ec87c3c4156c5afd530
all runs: OK
false negative chance: 0.000
# git bisect good 0d57b970df352517a75f4533820c49de360c4123
d82dcd9e21b77d338dc4875f3d4111f0db314a7c is the first bad commit
commit d82dcd9e21b77d338dc4875f3d4111f0db314a7c
Author: Roberto Sassu <roberto.sassu@huawei.com>
Date:   Fri Mar 31 14:32:18 2023 +0200

    reiserfs: Add security prefix to xattr name in reiserfs_security_write()
    
    Reiserfs sets a security xattr at inode creation time in two stages: first,
    it calls reiserfs_security_init() to obtain the xattr from active LSMs;
    then, it calls reiserfs_security_write() to actually write that xattr.
    
    Unfortunately, it seems there is a wrong expectation that LSMs provide the
    full xattr name in the form 'security.<suffix>'. However, LSMs always
    provided just the suffix, causing reiserfs to not write the xattr at all
    (if the suffix is shorter than the prefix), or to write an xattr with the
    wrong name.
    
    Add a temporary buffer in reiserfs_security_write(), and write to it the
    full xattr name, before passing it to reiserfs_xattr_set_handle().
    
    Also replace the name length check with a check that the full xattr name is
    not larger than XATTR_NAME_MAX.
    
    Cc: stable@vger.kernel.org # v2.6.x
    Fixes: 57fe60df6241 ("reiserfs: add atomic addition of selinux attributes during inode creation")
    Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
    Signed-off-by: Paul Moore <paul@paul-moore.com>

 fs/reiserfs/xattr_security.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

accumulated error probability: 0.00
culprit signature: 3c8fff5c1c094c4b702547b8475891724f209942e7289ad6eadbf05dc409f6b6
parent  signature: 73d9b5fb3f85d856ae9ff1cfc6cb6528e36ec199c82d4ec87c3c4156c5afd530
revisions tested: 26, total time: 5h33m47.677707639s (build: 2h16m54.871431102s, test: 3h4m23.755865529s)
first bad commit: d82dcd9e21b77d338dc4875f3d4111f0db314a7c reiserfs: Add security prefix to xattr name in reiserfs_security_write()
recipients (to): ["paul@paul-moore.com" "roberto.sassu@huawei.com"]
recipients (cc): []
crash: possible deadlock in vm_mmap_pgoff
======================================================
WARNING: possible circular locking dependency detected
6.3.0-rc1-syzkaller #0 Not tainted
------------------------------------------------------
syz-executor.0/2641 is trying to acquire lock:
ffff88807d997090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x70/0xc0 fs/reiserfs/lock.c:27

but task is already holding lock:
ffff8880116f1398 (&mm->mmap_lock){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline]
ffff8880116f1398 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x180/0x290 mm/util.c:540

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&mm->mmap_lock){++++}-{3:3}:
       lock_acquire+0x23e/0x630 kernel/locking/lockdep.c:5669
       __might_fault+0xa6/0x100 mm/memory.c:5625
       reiserfs_ioctl+0xec/0x2c0 fs/reiserfs/ioctl.c:96
       vfs_ioctl fs/ioctl.c:51 [inline]
       __do_sys_ioctl fs/ioctl.c:870 [inline]
       __se_sys_ioctl+0xa7/0xf0 fs/ioctl.c:856
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x41/0x90 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x63/0xcd

-> #0 (&sbi->lock){+.+.}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3098 [inline]
       check_prevs_add kernel/locking/lockdep.c:3217 [inline]
       validate_chain+0x166b/0x58e0 kernel/locking/lockdep.c:3832
       __lock_acquire+0x125b/0x1f80 kernel/locking/lockdep.c:5056
       lock_acquire+0x23e/0x630 kernel/locking/lockdep.c:5669
       __mutex_lock_common+0x1d8/0x2530 kernel/locking/mutex.c:603
       __mutex_lock kernel/locking/mutex.c:747 [inline]
       mutex_lock_nested+0x1b/0x20 kernel/locking/mutex.c:799
       reiserfs_write_lock+0x70/0xc0 fs/reiserfs/lock.c:27
       reiserfs_dirty_inode+0xdc/0x1f0 fs/reiserfs/super.c:704
       __mark_inode_dirty+0x279/0xc70 fs/fs-writeback.c:2421
       generic_update_time fs/inode.c:1860 [inline]
       inode_update_time fs/inode.c:1873 [inline]
       touch_atime+0x328/0x500 fs/inode.c:1945
       file_accessed include/linux/fs.h:2181 [inline]
       generic_file_mmap+0xa2/0xf0 mm/filemap.c:3603
       call_mmap include/linux/fs.h:1856 [inline]
       mmap_region+0x9de/0x1940 mm/mmap.c:2574
       do_mmap+0x6b2/0xb80 mm/mmap.c:1364
       vm_mmap_pgoff+0x1bb/0x290 mm/util.c:542
       ksys_mmap_pgoff+0x42c/0x5d0 mm/mmap.c:1410
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x41/0x90 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x63/0xcd

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&mm->mmap_lock);
                               lock(&sbi->lock);
                               lock(&mm->mmap_lock);
  lock(&sbi->lock);

 *** DEADLOCK ***

2 locks held by syz-executor.0/2641:
 #0: ffff8880116f1398 (&mm->mmap_lock){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline]
 #0: ffff8880116f1398 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x180/0x290 mm/util.c:540
 #1: ffff88807c548448 (sb_writers#14){.+.+}-{0:0}, at: file_accessed include/linux/fs.h:2181 [inline]
 #1: ffff88807c548448 (sb_writers#14){.+.+}-{0:0}, at: generic_file_mmap+0xa2/0xf0 mm/filemap.c:3603

stack backtrace:
CPU: 1 PID: 2641 Comm: syz-executor.0 Not tainted 6.3.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x167/0x220 lib/dump_stack.c:106
 check_noncircular+0x2fe/0x3b0 kernel/locking/lockdep.c:2178
 check_prev_add kernel/locking/lockdep.c:3098 [inline]
 check_prevs_add kernel/locking/lockdep.c:3217 [inline]
 validate_chain+0x166b/0x58e0 kernel/locking/lockdep.c:3832
 __lock_acquire+0x125b/0x1f80 kernel/locking/lockdep.c:5056
 lock_acquire+0x23e/0x630 kernel/locking/lockdep.c:5669
 __mutex_lock_common+0x1d8/0x2530 kernel/locking/mutex.c:603
 __mutex_lock kernel/locking/mutex.c:747 [inline]
 mutex_lock_nested+0x1b/0x20 kernel/locking/mutex.c:799
 reiserfs_write_lock+0x70/0xc0 fs/reiserfs/lock.c:27
 reiserfs_dirty_inode+0xdc/0x1f0 fs/reiserfs/super.c:704
 __mark_inode_dirty+0x279/0xc70 fs/fs-writeback.c:2421
 generic_update_time fs/inode.c:1860 [inline]
 inode_update_time fs/inode.c:1873 [inline]
 touch_atime+0x328/0x500 fs/inode.c:1945
 file_accessed include/linux/fs.h:2181 [inline]
 generic_file_mmap+0xa2/0xf0 mm/filemap.c:3603
 call_mmap include/linux/fs.h:1856 [inline]
 mmap_region+0x9de/0x1940 mm/mmap.c:2574
 do_mmap+0x6b2/0xb80 mm/mmap.c:1364
 vm_mmap_pgoff+0x1bb/0x290 mm/util.c:542
 ksys_mmap_pgoff+0x42c/0x5d0 mm/mmap.c:1410
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0x90 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f52bfe7cae9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f52c0c770c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 00007f52bff9c050 RCX: 00007f52bfe7cae9
RDX: 0000000000000002 RSI: 0000000000b36000 RDI: 0000000020000000
RBP: 00007f52bfec847a R08: 0000000000000004 R09: 0000000000000000
R10: 0000000000028011 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000006e R14: 00007f52bff9c050 R15: 00007ffcec4bac38
 </TASK>