ci2 starts bisection 2023-08-28 18:17:36.549318007 +0000 UTC m=+32176.121844982 bisecting cause commit starting from 0a924817d2ed9396401e0557c6134276d2e26382 building syzkaller on 9da18ae8fa827d046ef8da48cc23c97418553c23 ensuring issue is reproducible on original commit 0a924817d2ed9396401e0557c6134276d2e26382 testing commit 0a924817d2ed9396401e0557c6134276d2e26382 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b8d499c7b87fab7f181490eb5af583e0e5a00514374d7189fb6dacb27a81de7d all runs: crashed: general protection fault in gfs2_rgrp_dump representative crash: general protection fault in gfs2_rgrp_dump, types: [UNKNOWN] check whether we can drop unnecessary instrumentation disabling configs for [LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed testing commit 0a924817d2ed9396401e0557c6134276d2e26382 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 4f4bf93ad665377ec67067039d134d42dc615f6584c398bdf958ac69462ac0d9 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] the bug reproduces without the instrumentation disabling configs for [UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed kconfig minimization: base=3876 full=7553 leaves diff=2002 split chunks (needed=false): <2002> split chunk #0 of len 2002 into 5 parts testing without sub-chunk 1/5 disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN], they are not needed testing commit 0a924817d2ed9396401e0557c6134276d2e26382 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 7e36ade7923f71caec8983a85ff400ade9b8e1d2f1b0929fda3f1f5aae562387 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit 0a924817d2ed9396401e0557c6134276d2e26382 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 7c7b8bfd4f6a4d8b2240aa464e322cc302ecda7d4e9ff9c55d25cbb1b97d3084 all runs: OK false negative chance: 0.000 testing without sub-chunk 3/5 disabling configs for [LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed testing commit 0a924817d2ed9396401e0557c6134276d2e26382 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 17b5fbae69cb77ee7d267caf79f473d79f9befc1a8b13fa1974276198a7b7d27 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 4/5 disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN LOCKDEP], they are not needed testing commit 0a924817d2ed9396401e0557c6134276d2e26382 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: ad32561f95c5878a87d8c9bead2c4b41b7902b1c57198a4e6d539aaa6aa19407 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 5/5 disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN], they are not needed testing commit 0a924817d2ed9396401e0557c6134276d2e26382 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 73cbd3117261ee514f6ce1276788bef580e832d241584ec630ead01ade3e1f66 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] the chunk can be dropped minimized to 401 configs; suspects: [6LOWPAN ARCH_ENABLE_MEMORY_HOTREMOVE ASUS_WMI CMA COMMON_CLK DAX DLM DRM DRM_BRIDGE DRM_CIRRUS_QEMU DRM_DEBUG_MM DRM_DISPLAY_DP_HELPER DRM_DISPLAY_HDCP_HELPER DRM_DISPLAY_HDMI_HELPER DRM_DISPLAY_HELPER DRM_DP_AUX_BUS DRM_DP_AUX_CHARDEV DRM_FBDEV_EMULATION DRM_GEM_SHMEM_HELPER DRM_I915 DRM_I915_CAPTURE_ERROR DRM_I915_COMPRESS_ERROR DRM_I915_USERPTR DRM_KMS_HELPER DRM_MIPI_DSI DRM_PANEL DRM_PANEL_BRIDGE DRM_PANEL_EDP DRM_PANEL_ORIENTATION_QUIRKS DRM_SIMPLEDRM DRM_TTM DRM_TTM_HELPER DRM_UDL DRM_VGEM DRM_VIRTIO_GPU DRM_VKMS DRM_VMWGFX DRM_VRAM_HELPER DUMMY DVB_AF9013 DVB_AF9033 DVB_AS102 DVB_AS102_FE DVB_B2C2_FLEXCOP DVB_B2C2_FLEXCOP_USB DVB_CORE DVB_DIB3000MB DVB_DIB3000MC DVB_EC100 DVB_GP8PSK_FE DVB_RTL2830 DVB_RTL2832 DVB_RTL2832_SDR DVB_TEST_DRIVERS DVB_TTUSB_BUDGET DVB_TTUSB_DEC DVB_USB DVB_USB_A800 DVB_USB_AF9005 DVB_USB_AF9005_REMOTE DVB_USB_AF9015 DVB_USB_AF9035 DVB_USB_ANYSEE DVB_USB_AU6610 DVB_USB_AZ6007 DVB_USB_AZ6027 DVB_USB_CE6230 DVB_USB_CINERGY_T2 DVB_USB_CXUSB DVB_USB_DIB0700 DVB_USB_DIB3000MC DVB_USB_DIBUSB_MB DVB_USB_DIBUSB_MC DVB_USB_DIGITV DVB_USB_DTT200U DVB_USB_DTV5100 DVB_USB_DVBSKY DVB_USB_DW2102 DVB_USB_EC168 DVB_USB_GL861 DVB_USB_GP8PSK DVB_USB_LME2510 DVB_USB_M920X DVB_USB_MXL111SF DVB_USB_NOVA_T_USB2 DVB_USB_OPERA1 DVB_USB_PCTV452E DVB_USB_RTL28XXU DVB_USB_TECHNISAT_USB2 DVB_USB_TTUSB2 DVB_USB_UMT_010 DVB_USB_V2 DVB_USB_VP702X DVB_USB_VP7045 DVB_USB_ZD1301 DVB_VIDTV DVB_ZL10353 ECRYPT_FS ECRYPT_FS_MESSAGING EDAC EEPROM_93CX6 EFS_FS ENCRYPTED_KEYS EQUALIZER EROFS_FS EROFS_FS_POSIX_ACL EROFS_FS_SECURITY EROFS_FS_XATTR EROFS_FS_ZIP EVM EVM_ADD_XATTRS EVM_ATTR_FSUUID EXFAT_FS EXPORTFS_BLOCK_OPS EXT3_FS EXT3_FS_POSIX_ACL EXT3_FS_SECURITY EXTCON EXTCON_INTEL_CHT_WC F2FS_CHECK_FS F2FS_FAULT_INJECTION F2FS_FS F2FS_FS_COMPRESSION F2FS_FS_LZ4 F2FS_FS_LZ4HC F2FS_FS_LZO F2FS_FS_LZORLE F2FS_FS_POSIX_ACL F2FS_FS_SECURITY F2FS_FS_XATTR F2FS_FS_ZSTD F2FS_STAT_FS FANOTIFY FANOTIFY_ACCESS_PERMISSIONS FB FB_CFB_COPYAREA FB_CFB_FILLRECT FB_CFB_IMAGEBLIT FB_CMDLINE FB_DEFERRED_IO FB_NOTIFY FB_SYS_COPYAREA FB_SYS_FILLRECT FB_SYS_FOPS FB_SYS_IMAGEBLIT FB_TILEBLITTING FB_VESA FB_VGA16 FB_VIRTUAL FDDI FIREWIRE FIREWIRE_NET FIREWIRE_OHCI FIREWIRE_SBP2 FONT_8x16 FONT_8x8 FONT_SUPPORT FORTIFY_SOURCE FRAMEBUFFER_CONSOLE FRAMEBUFFER_CONSOLE_DETECT_PRIMARY FRAMEBUFFER_CONSOLE_ROTATION FRONTSWAP FS_DAX FS_DAX_PMD FS_ENCRYPTION FS_ENCRYPTION_ALGS FS_VERITY FS_VERITY_BUILTIN_SIGNATURES FTL FUSE_DAX FUSE_FS FW_LOADER_COMPRESS FW_LOADER_PAGED_BUF FW_LOADER_SYSFS FW_LOADER_USER_HELPER FW_LOADER_USER_HELPER_FALLBACK GACT_PROB GARP GCC12_NO_ARRAY_BOUNDS GENERIC_PHY GET_FREE_REGION GFS2_FS GFS2_FS_LOCKING_DLM GOOGLE_COREBOOT_TABLE GOOGLE_FIRMWARE GOOGLE_MEMCONSOLE GOOGLE_MEMCONSOLE_COREBOOT GOOGLE_VPD GPIOLIB GPIOLIB_IRQCHIP GPIO_ACPI GPIO_DLN2 GPIO_VIPERBOARD GREENASIA_FF GREYBUS GREYBUS_BRIDGED_PHY GREYBUS_ES2 GREYBUS_HID GREYBUS_USB GTP GUEST_PERF_EVENTS GVE HAVE_ARCH_NODE_DEV_GROUP HAVE_ARCH_USERFAULTFD_MINOR HAVE_ARCH_USERFAULTFD_WP HAVE_BOOTMEM_INFO_NODE HAVE_CLK_PREPARE HAVE_HARDENED_USERCOPY_ALLOCATOR HAVE_KVM_CPU_RELAX_INTERCEPT HAVE_KVM_DIRTY_RING HAVE_KVM_DIRTY_RING_ACQ_REL HAVE_KVM_DIRTY_RING_TSO HAVE_KVM_EVENTFD HAVE_KVM_IRQCHIP HAVE_KVM_IRQFD HAVE_KVM_IRQ_BYPASS HAVE_KVM_IRQ_ROUTING HAVE_KVM_MSI HAVE_KVM_NO_POLL HAVE_KVM_PFNCACHE HAVE_KVM_PM_NOTIFIER HAVE_SCHED_AVG_IRQ HDLC HDLC_CISCO HDLC_FR HDLC_PPP HDLC_RAW HDLC_RAW_ETH HDLC_X25 HDMI HFSPLUS_FS HFS_FS HID_ACCUTOUCH HID_ACRUX HID_ACRUX_FF HID_ALPS HID_APPLEIR HID_ASUS HID_AUREAL HID_BATTERY_STRENGTH HID_BETOP_FF HID_CMEDIA HID_CORSAIR HID_CP2112 HID_ELECOM HID_ELO HID_EMS_FF HID_GEMBIRD HID_GFRM HID_GREENASIA HID_GT683R HID_HOLTEK HID_ICADE HID_KEYTOUCH HID_KYE HID_LCPOWER HID_LED HID_LENOVO HID_LOGITECH_DJ HID_LOGITECH_HIDPP HID_MAGICMOUSE HID_MAYFLASH HID_MULTITOUCH HID_NTI HID_ORTEK HID_PENMOUNT HID_PICOLCD HID_PICOLCD_BACKLIGHT HID_PICOLCD_CIR HID_PICOLCD_FB HID_PICOLCD_LCD HID_PICOLCD_LEDS HID_PLANTRONICS HID_PRIMAX HID_PRODIKEYS HID_RETRODE HID_RMI HID_ROCCAT HID_SAITEK HID_SENSOR_ACCEL_3D HID_SENSOR_ALS HID_SENSOR_CUSTOM_SENSOR HID_SENSOR_DEVICE_ROTATION HID_SENSOR_GYRO_3D HID_SENSOR_HUB HID_SENSOR_HUMIDITY HID_SENSOR_IIO_COMMON HID_SENSOR_IIO_TRIGGER HID_SENSOR_INCLINOMETER_3D HID_SENSOR_MAGNETOMETER_3D HID_SENSOR_PRESS HID_SENSOR_PROX HID_SENSOR_TEMP HID_SPEEDLINK HID_STEELSERIES HID_THINGM HID_TIVO HID_TWINHAN HID_UCLOGIC HID_UDRAW_PS3 HID_WACOM HID_WALTOP HID_WIIMOTE HID_XINMO HID_ZYDACRON HMM_MIRROR HOLTEK_FF HOTPLUG_PCI_PCIE HPET_MMAP HPET_MMAP_DEFAULT HPFS_FS I2C_ALGOBIT I2C_CHARDEV I2C_DESIGNWARE_CORE I2C_DESIGNWARE_PLATFORM I2C_DIOLAN_U2C I2C_DLN2 I2C_MUX I2C_MUX_REG I2C_ROBOTFUZZ_OSIF I2C_SI4713 I2C_SLAVE I2C_SLAVE_EEPROM I2C_TINY_USB I2C_VIPERBOARD IEEE802154 IEEE802154_6LOWPAN IEEE802154_ATUSB IEEE802154_DRIVERS IEEE802154_HWSIM IEEE802154_NL802154_EXPERIMENTAL IEEE802154_SOCKET IFB IIO IIO_BUFFER IIO_KFIFO_BUF IIO_TRIGGER IIO_TRIGGERED_BUFFER IKCONFIG IKCONFIG_PROC IMA IMA_APPRAISE IMA_APPRAISE_MODSIG IMA_DEFAULT_HASH_SHA256 IMA_LSM_RULES IMA_MEASURE_ASYMMETRIC_KEYS IMA_NG_TEMPLATE IMA_QUEUE_EARLY_BOOT_KEYS IMA_READ_POLICY IMA_WRITE_POLICY INET6_ESPINTCP INET6_ESP_OFFLOAD INET6_IPCOMP INET6_TUNNEL INET6_XFRM_TUNNEL INET_AH INET_DCCP_DIAG INET_DIAG INET_DIAG_DESTROY INET_ESP INET_ESPINTCP INET_ESP_OFFLOAD INET_IPCOMP INET_MPTCP_DIAG INET_RAW_DIAG INET_SCTP_DIAG INET_TCP_DIAG INET_UDP_DIAG INET_XFRM_TUNNEL INFINIBAND INFINIBAND_ADDR_TRANS INFINIBAND_ADDR_TRANS_CONFIGFS INFINIBAND_IPOIB INFINIBAND_IPOIB_CM INFINIBAND_IPOIB_DEBUG INFINIBAND_ISER INFINIBAND_ON_DEMAND_PAGING INFINIBAND_RTRS INFINIBAND_SRP INFINIBAND_USER_ACCESS INFINIBAND_USER_MAD INFINIBAND_USER_MEM INIT_STACK_NONE INPUT_ATI_REMOTE2 INPUT_CM109 INPUT_IMS_PCU INPUT_JOYDEV INPUT_KEYSPAN_REMOTE INPUT_LEDS INPUT_MOUSEDEV INPUT_MOUSEDEV_PSAUX INPUT_POWERMATE INPUT_UINPUT INPUT_YEALINK INTEGRITY INTEGRITY_ASYMMETRIC_KEYS INTEGRITY_AUDIT INTEGRITY_SIGNATURE INTEGRITY_TRUSTED_KEYRING INTEL_SOC_PMIC_CHTWC INTERVAL_TREE INTERVAL_TREE_SPAN_ITER IOASID IOMMUFD IOMMUFD_TEST IP6_NF_MATCH_AH IP6_NF_MATCH_EUI64 IP6_NF_MATCH_FRAG IP6_NF_MATCH_HL IP6_NF_MATCH_MH IP6_NF_MATCH_OPTS IP6_NF_MATCH_RPFILTER IP6_NF_MATCH_RT IP6_NF_MATCH_SRH IP6_NF_NAT IP6_NF_RAW IP6_NF_SECURITY IP6_NF_TARGET_HL IP6_NF_TARGET_MASQUERADE IP6_NF_TARGET_NPT IP6_NF_TARGET_SYNPROXY IPV6_FOU IPV6_FOU_TUNNEL IPV6_GRE IPV6_ILA IPV6_MIP6 IPV6_MROUTE IPV6_MROUTE_MULTIPLE_TABLES IPV6_MULTIPLE_TABLES IPV6_OPTIMISTIC_DAD IPV6_PIMSM_V2 IPV6_ROUTER_PREF IPV6_ROUTE_INFO IPV6_RPL_LWTUNNEL IPV6_SEG6_BPF IPV6_SEG6_HMAC IPV6_SEG6_LWTUNNEL IPV6_SIT_6RD IPV6_SUBTREES IPV6_TUNNEL IPV6_VTI IPVLAN IPVLAN_L3S IPVTAP IP_DCCP IP_DCCP_CCID3 IP_DCCP_TFRC_LIB IP_FIB_TRIE_STATS IP_MROUTE_MULTIPLE_TABLES IP_NF_ARPFILTER IP_NF_ARPTABLES IP_NF_ARP_MANGLE IP_NF_MATCH_AH IP_NF_MATCH_ECN IP_NF_MATCH_RPFILTER IP_NF_MATCH_TTL IP_NF_RAW IP_NF_SECURITY IP_NF_TARGET_CLUSTERIP IP_NF_TARGET_ECN IP_NF_TARGET_NETMAP IP_NF_TARGET_REDIRECT IP_NF_TARGET_SYNPROXY IP_NF_TARGET_TTL IP_ROUTE_CLASSID IP_SCTP IP_SET IP_SET_BITMAP_IP IP_SET_BITMAP_IPMAC IP_SET_BITMAP_PORT IP_SET_HASH_IP IP_SET_HASH_IPMAC IP_SET_HASH_IPMARK IP_SET_HASH_IPPORT IP_SET_HASH_IPPORTIP IP_SET_HASH_IPPORTNET IP_SET_HASH_MAC IP_SET_HASH_NET IP_SET_HASH_NETIFACE IP_SET_HASH_NETNET IP_SET_HASH_NETPORT IP_SET_HASH_NETPORTNET IP_SET_LIST_SET IP_VS IP_VS_DH IP_VS_FO IP_VS_FTP IP_VS_IPV6 IP_VS_LBLC IP_VS_LBLCR IP_VS_LC IP_VS_MH IP_VS_NFCT IP_VS_NQ IP_VS_OVF IP_VS_PE_SIP IP_VS_PROTO_TCP IP_VS_PROTO_UDP IRQ_TIME_ACCOUNTING LAPB LCD_CLASS_DEVICE MAC802154 MEDIA_DIGITAL_TV_SUPPORT MEDIA_RADIO_SUPPORT MEDIA_SDR_SUPPORT MEDIA_SUPPORT MEDIA_TEST_SUPPORT MEDIA_USB_SUPPORT MEMORY_HOTPLUG MEMORY_HOTREMOVE MFD_DLN2 MFD_VIPERBOARD MPTCP MTD NETFILTER_ADVANCED NET_ACT_GACT NET_ACT_MIRRED NET_IPGRE_DEMUX NFT_FWD_NETDEV NF_TABLES NF_TABLES_NETDEV RADIO_ADAPTERS RADIO_SI4713 RAS RC_CORE RFKILL SECURITY_APPARMOR SND SOUND STAGING TRANSPARENT_HUGEPAGE VIDEO_DEV VIRTIO_FS WAN ZONE_DEVICE] disabling configs for [BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed picked [%!d(string=v6.1) %!d(string=v6.0) %!d(string=v5.19) %!d(string=v5.17) %!d(string=v5.15) %!d(string=v5.13) %!d(string=v5.11) %!d(string=v5.9) %!d(string=v5.6) %!d(string=v5.3) %!d(string=v5.0) %!d(string=v4.19)] out of %!d(MISSING) release tags testing release v6.1 testing commit 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: db4ade7f58368e12c4e0ff931449cdeb7957801a9cd907ab3266f6a34d865840 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] testing release v6.0 testing commit 4fe89d07dcc2804c8b562f6c7896a45643d34b2f gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: d031e0301fc7842e67a426baeda4d3c8d2ff37f332487b796f27859753fc399d all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] testing release v5.19 testing commit 3d7cb6b04c3f3115719235cc6866b10326de34cd gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: ce664541fed0853d1aeeeba4a54e12f5fbe109a4c62606decb1dd5b682d212c7 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] testing release v5.17 testing commit f443e374ae131c168a065ea1748feac6b2e76613 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 1b5a60e3a1d690d91cee8e4a97562cf6f96735a35741cb4fb4852c4514fba497 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] testing release v5.15 testing commit 8bb7eca972ad531c9b149c0a51ab43a417385813 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b8182a83644c74e75925501c4e316bccbf848689ec596e9d25e3af31a42da974 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] testing release v5.13 testing commit 62fb9874f5da54fdb243003b386128037319b219 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 804ac5bb1f26a8de45b04a2c832d1e5cec417f168821cfa823cec71d2f983db7 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] testing release v5.11 testing commit f40ddce88593482919761f74910f42f4b84c004b gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: a49624a303ec1bc6a38dfbad74c40d7941f495a151c360145a37e9d78db0909c all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] testing release v5.9 testing commit bbf5c979011a099af5dc76498918ed7df445635b gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 57ce7aad781c08c27d79595b39da2050c49641d35960031d1e485d1269de2539 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] testing release v5.6 testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: b33d3855dc114d2c4effeb6a3f1ad45aa2888950e7b9b6bf43431bdc29adc45e all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: f3c32160bf38cf9d8afb5bcf8ea6d953357d6d4cf29ef57e1da7a930a486fd57 all runs: boot failed: can't ssh into the instance unable to determine the verdict: 0 good runs (wanted 5), for bad wanted 5 in total, got 0 testing release v5.0 testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 9da9b231fd3e8a9908cf1ce4441f216d374011f90a0d8c9edb1c689dbf53a622 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] testing release v4.19 testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: ba609e20c5d350dc71f1fcfde2e1d22b2e77aceab1b32d452176952a05559ab6 all runs: OK false negative chance: 0.000 # git bisect start 1c163f4c7b3f621efff9b28a47abb36f7378d783 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d Bisecting: 14459 revisions left to test after this (roughly 14 steps) [77f06aacac23b19bab9d8da588d02cd0758eb4d6] Merge branch 'aquantia-usb' testing commit 77f06aacac23b19bab9d8da588d02cd0758eb4d6 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 8bfcd2d7cb9d51d748046d7a9a5e695e4976b5a8c505ae921019d200aec43b7b all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] # git bisect bad 77f06aacac23b19bab9d8da588d02cd0758eb4d6 Bisecting: 7186 revisions left to test after this (roughly 13 steps) [c7a2c49ea6c9eebbe44ff2c08b663b2905ee2c13] Merge tag 'nfs-for-4.20-1' of git://git.linux-nfs.org/projects/trondmy/linux-nfs testing commit c7a2c49ea6c9eebbe44ff2c08b663b2905ee2c13 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 952bc11ac0bdb4b586d807420d33dfba3711a1b4cc5c4b6764455e0dd178da47 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] # git bisect bad c7a2c49ea6c9eebbe44ff2c08b663b2905ee2c13 Bisecting: 3026 revisions left to test after this (roughly 12 steps) [50b825d7e87f4cff7070df6eb26390152bb29537] Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next testing commit 50b825d7e87f4cff7070df6eb26390152bb29537 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: b1131e799ef698615d83523e02728ae9396a23cebeeadce32c0ed588a112251d all runs: OK false negative chance: 0.000 # git bisect good 50b825d7e87f4cff7070df6eb26390152bb29537 Bisecting: 1518 revisions left to test after this (roughly 11 steps) [24ed334f33666f2ae929ccc08f72e7e72e353c64] Merge branch 'next-loadpin' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security testing commit 24ed334f33666f2ae929ccc08f72e7e72e353c64 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: cab9686742fccc85c930be2d711562516b325949f2f6bc93829f06addaedf5e0 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] # git bisect bad 24ed334f33666f2ae929ccc08f72e7e72e353c64 Bisecting: 812 revisions left to test after this (roughly 10 steps) [a41efc2a0f68cea26665ab9e6d991c9bf33b3f59] Merge tag 'dmaengine-4.20-rc1' of git://git.infradead.org/users/vkoul/slave-dma testing commit a41efc2a0f68cea26665ab9e6d991c9bf33b3f59 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: affe62f547925c739dc408194940086bf3e79a4394daf0a8d98a16ce87ad7ab7 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] # git bisect bad a41efc2a0f68cea26665ab9e6d991c9bf33b3f59 Bisecting: 319 revisions left to test after this (roughly 9 steps) [d6edff78fe9e34dbea1bec7dc26cfce92c6d96d5] Merge tag 'f2fs-for-4.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs testing commit d6edff78fe9e34dbea1bec7dc26cfce92c6d96d5 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: cd5e8f7e2eb4fba6396de4aa364712eaa93f0f6156d7d2cba8e249ebf00798c2 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] # git bisect bad d6edff78fe9e34dbea1bec7dc26cfce92c6d96d5 Bisecting: 212 revisions left to test after this (roughly 8 steps) [44adbac8f7217040be97928cd19998259d9d4418] Merge branch 'work.tty-ioctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs testing commit 44adbac8f7217040be97928cd19998259d9d4418 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 7131bd6cdef0b66bd80f53f62f4baa35f9ff8678eda682222a332fc5394779c4 all runs: OK false negative chance: 0.000 # git bisect good 44adbac8f7217040be97928cd19998259d9d4418 Bisecting: 103 revisions left to test after this (roughly 7 steps) [e1cbbf4067820ea4df534dd96f51c8f67854dcad] Merge tag 'for-linus-4.20-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux testing commit e1cbbf4067820ea4df534dd96f51c8f67854dcad gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: d7f6bb760103ecef6a7d9b125fd1392aa7296679ac81daf5d3f42855b07aa7b5 all runs: OK false negative chance: 0.000 # git bisect good e1cbbf4067820ea4df534dd96f51c8f67854dcad Bisecting: 51 revisions left to test after this (roughly 6 steps) [4c58ed076875f36dae0f240da1e25e99e5d4afb8] f2fs: fix to account IO correctly testing commit 4c58ed076875f36dae0f240da1e25e99e5d4afb8 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: b80b28571ad24772299354f01b5ce867905d3eafbbda016b81da6792bf7c4bf6 all runs: OK false negative chance: 0.000 # git bisect good 4c58ed076875f36dae0f240da1e25e99e5d4afb8 Bisecting: 30 revisions left to test after this (roughly 5 steps) [96987eea537d6ccd98704a71958f9ba02da80843] xfs: cancel COW blocks before swapext testing commit 96987eea537d6ccd98704a71958f9ba02da80843 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 733583ed9cb4d2812244523da5b37434f739c9841f235fe4fde86dc71269c21c all runs: OK false negative chance: 0.000 # git bisect good 96987eea537d6ccd98704a71958f9ba02da80843 Bisecting: 15 revisions left to test after this (roughly 4 steps) [c3abc29e54a14953ddb26feeb62dd02d57925e52] gfs2: Remove unnecessary gfs2_rlist_alloc parameter testing commit c3abc29e54a14953ddb26feeb62dd02d57925e52 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: ef415e41b8393324d189e3c2fe6f4cc5a463846d0bda2dce56838fd12e11e62d all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] # git bisect bad c3abc29e54a14953ddb26feeb62dd02d57925e52 Bisecting: 7 revisions left to test after this (roughly 3 steps) [6ddc5c3ddf256a7a0906732681a337f0452ac67a] gfs2: getlabel support testing commit 6ddc5c3ddf256a7a0906732681a337f0452ac67a gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 52176c4b7b2050ca3ac3985ba9a109cc91c825961379d4fb67472248baaf8837 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] # git bisect bad 6ddc5c3ddf256a7a0906732681a337f0452ac67a Bisecting: 3 revisions left to test after this (roughly 2 steps) [b524abcc01483b2ac093cc6a8a2a7375558d2b64] gfs2: slow the deluge of io error messages testing commit b524abcc01483b2ac093cc6a8a2a7375558d2b64 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 1c8a1e05052e325043b0d40913c554d2c52bfc1755c7f803b3fa1dfe383a8ebe all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] # git bisect bad b524abcc01483b2ac093cc6a8a2a7375558d2b64 Bisecting: 0 revisions left to test after this (roughly 1 step) [4f36cb36c9d14340bb200d2ad9117b03ce992cfe] gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated testing commit 4f36cb36c9d14340bb200d2ad9117b03ce992cfe gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 1b240f3f14846348e5d424d8ac205f787d96a8c36b58be20d11e9beef887141a all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] # git bisect bad 4f36cb36c9d14340bb200d2ad9117b03ce992cfe Bisecting: 0 revisions left to test after this (roughly 0 steps) [72244b6bc752b5c496f09de9a13c18adc314a53c] gfs2: improve debug information when lvb mismatches are found testing commit 72244b6bc752b5c496f09de9a13c18adc314a53c gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 07192798308a0e953610682c00b5c1bc25e53df14b4ba0899bba9812cfdf7c7c all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump, types: [UNKNOWN] # git bisect bad 72244b6bc752b5c496f09de9a13c18adc314a53c 72244b6bc752b5c496f09de9a13c18adc314a53c is the first bad commit commit 72244b6bc752b5c496f09de9a13c18adc314a53c Author: Bob Peterson Date: Wed Aug 15 12:09:49 2018 -0500 gfs2: improve debug information when lvb mismatches are found Before this patch, gfs2_rgrp_bh_get would check for lvb mismatches, but it wouldn't tell you what was actually wrong. This patch adds more information to help us debug it. It also makes rgrp consistency checks dump any bad rgrps, and the rgrp dump code dump any lvbs as well as the rgrp itself. Signed-off-by: Bob Peterson Acked-by: Steven Whitehouse fs/gfs2/rgrp.c | 41 ++++++++++++++++++++++++++++++++++++----- fs/gfs2/util.c | 3 +++ 2 files changed, 39 insertions(+), 5 deletions(-) accumulated error probability: 0.00 parent commit 050cdc6c9501abcd64720b8cc3e7941efee9547d wasn't tested testing commit 050cdc6c9501abcd64720b8cc3e7941efee9547d gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 26ec95c8b7d7886f80731c473763cd24dab572f33ba6b15e933e1a34f31e95cd culprit signature: 07192798308a0e953610682c00b5c1bc25e53df14b4ba0899bba9812cfdf7c7c parent signature: 26ec95c8b7d7886f80731c473763cd24dab572f33ba6b15e933e1a34f31e95cd revisions tested: 34, total time: 6h27m32.73929752s (build: 2h40m5.226087561s, test: 3h39m48.088232919s) first bad commit: 72244b6bc752b5c496f09de9a13c18adc314a53c gfs2: improve debug information when lvb mismatches are found recipients (to): ["rpeterso@redhat.com" "swhiteho@redhat.com"] recipients (cc): [] crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rgrp_dump IPVS: ftp: loaded support on port[0] = 21 gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" gfs2: fsid=syz:syz: Now mounting FS... gfs2: fsid=syz:syz.s: first mount done, others may mount BUG: unable to handle kernel NULL pointer dereference at 00000000000000f8 PGD 22d8f4067 P4D 22d8f4067 PUD 22b0d8067 PMD 0 Oops: 0000 [#1] SMP CPU: 1 PID: 2922 Comm: syz-executor.0 Not tainted 4.19.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 RIP: 0010:gfs2_rgrp_dump+0xb/0x140 fs/gfs2/rgrp.c:2260 Code: 83 bf 68 04 00 00 00 74 12 55 48 81 c7 58 04 00 00 48 89 e5 e8 96 6d fe ff 5d c3 c3 0f 1f 00 55 48 89 e5 41 56 41 55 41 54 53 <48> 8b 9e f8 00 00 00 48 85 db 0f 84 e1 00 00 00 8b 43 78 48 c7 c6 RSP: 0018:ffffc90001387948 EFLAGS: 00010246 RAX: 0000000000000808 RBX: ffff8802303110c0 RCX: ffffffff82827951 RDX: ffffffff82457040 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffffc90001387968 R08: 0000000000000332 R09: ffff8802374036c0 R10: 0000000000001000 R11: 0000000000001000 R12: ffff8802284a8000 R13: ffffffff82457040 R14: ffffffff82827951 R15: 0000000000000332 FS: 00007ff49843c6c0(0000) GS:ffff880237b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000000f8 CR3: 000000022da32000 CR4: 00000000003406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: gfs2_consist_rgrpd_i+0x28/0x50 fs/gfs2/util.c:186 compute_bitstructs fs/gfs2/rgrp.c:818 [inline] read_rindex_entry+0x41a/0x450 fs/gfs2/rgrp.c:919 gfs2_ri_update+0x1f/0xb0 fs/gfs2/rgrp.c:996 gfs2_rindex_update+0x13d/0x150 fs/gfs2/rgrp.c:1042 init_inodes+0x691/0x7c0 fs/gfs2/ops_fstype.c:815 fill_super+0x84e/0xb10 fs/gfs2/ops_fstype.c:1149 gfs2_mount+0x22a/0x249 fs/gfs2/ops_fstype.c:1302 mount_fs+0x34/0x10f fs/super.c:1261 vfs_kern_mount.part.11+0x58/0x160 fs/namespace.c:961 vfs_kern_mount fs/namespace.c:951 [inline] do_new_mount fs/namespace.c:2457 [inline] do_mount+0x20e/0xdc0 fs/namespace.c:2787 ksys_mount+0xb1/0xd0 fs/namespace.c:3003 __do_sys_mount fs/namespace.c:3017 [inline] __se_sys_mount fs/namespace.c:3014 [inline] __x64_sys_mount+0x20/0x30 fs/namespace.c:3014 do_syscall_64+0x63/0x150 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7ff4988baf5a Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ff49843bee8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00007ff49843bf80 RCX: 00007ff4988baf5a RDX: 00000000200124c0 RSI: 0000000020000000 RDI: 00007ff49843bf40 RBP: 00000000200124c0 R08: 00007ff49843bf80 R09: 0000000000000002 R10: 0000000000000002 R11: 0000000000000246 R12: 0000000020000000 R13: 00007ff49843bf40 R14: 0000000000012517 R15: 0000000020000100 Modules linked in: CR2: 00000000000000f8 ---[ end trace ca79a58fa27f3344 ]--- RIP: 0010:gfs2_rgrp_dump+0xb/0x140 fs/gfs2/rgrp.c:2260 Code: 83 bf 68 04 00 00 00 74 12 55 48 81 c7 58 04 00 00 48 89 e5 e8 96 6d fe ff 5d c3 c3 0f 1f 00 55 48 89 e5 41 56 41 55 41 54 53 <48> 8b 9e f8 00 00 00 48 85 db 0f 84 e1 00 00 00 8b 43 78 48 c7 c6 RSP: 0018:ffffc90001387948 EFLAGS: 00010246 RAX: 0000000000000808 RBX: ffff8802303110c0 RCX: ffffffff82827951 RDX: ffffffff82457040 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffffc90001387968 R08: 0000000000000332 R09: ffff8802374036c0 R10: 0000000000001000 R11: 0000000000001000 R12: ffff8802284a8000 R13: ffffffff82457040 R14: ffffffff82827951 R15: 0000000000000332 FS: 00007ff49843c6c0(0000) GS:ffff880237b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000000f8 CR3: 000000022da32000 CR4: 00000000003406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 83 bf 68 04 00 00 00 cmpl $0x0,0x468(%rdi) 7: 74 12 je 0x1b 9: 55 push %rbp a: 48 81 c7 58 04 00 00 add $0x458,%rdi 11: 48 89 e5 mov %rsp,%rbp 14: e8 96 6d fe ff call 0xfffe6daf 19: 5d pop %rbp 1a: c3 ret 1b: c3 ret 1c: 0f 1f 00 nopl (%rax) 1f: 55 push %rbp 20: 48 89 e5 mov %rsp,%rbp 23: 41 56 push %r14 25: 41 55 push %r13 27: 41 54 push %r12 29: 53 push %rbx * 2a: 48 8b 9e f8 00 00 00 mov 0xf8(%rsi),%rbx <-- trapping instruction 31: 48 85 db test %rbx,%rbx 34: 0f 84 e1 00 00 00 je 0x11b 3a: 8b 43 78 mov 0x78(%rbx),%eax 3d: 48 rex.W 3e: c7 .byte 0xc7 3f: c6 .byte 0xc6