ci starts bisection 2025-07-03 00:33:58.181028276 +0000 UTC m=+43658.284550549 bisecting cause commit starting from 50c8770a42faf8b1c7abe93e7c114337f580a97d building syzkaller on 0cd59a8f39893a99b3c21e8be52a1924e565581c ensuring issue is reproducible on original commit 50c8770a42faf8b1c7abe93e7c114337f580a97d testing commit 50c8770a42faf8b1c7abe93e7c114337f580a97d gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: f5b57a683d2df6c5dce22f620d98af3d8c4ef258c9471c20fe250342c298722b run #0: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #1: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #2: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #3: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #4: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #5: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #6: crashed: WARNING: suspicious RCU usage in proc_sys_compare run #7: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #8: crashed: WARNING: suspicious RCU usage in proc_sys_compare run #9: crashed: WARNING in bdev_getblk run #10: crashed: WARNING in bdev_getblk run #11: crashed: kernel BUG in folio_set_bh run #12: crashed: kernel BUG in folio_set_bh run #13: crashed: WARNING: suspicious RCU usage in proc_sys_compare run #14: crashed: WARNING in bdev_getblk run #15: crashed: kernel BUG in folio_set_bh run #16: crashed: WARNING: suspicious RCU usage in proc_sys_compare run #17: crashed: kernel BUG in folio_set_bh run #18: crashed: WARNING in bdev_getblk run #19: crashed: kernel BUG in folio_set_bh representative crash: kernel BUG in folio_set_bh, types: [BUG LOCKDEP WARNING] check whether we can drop unnecessary instrumentation disabling configs for [hang memleak ubsan kasan atomic_sleep], they are not needed testing commit 50c8770a42faf8b1c7abe93e7c114337f580a97d gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 20783ab527424b3963fdb373dfba7d0646314b35f5b3f5573d39ecb40ff816a9 run #0: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #1: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #2: crashed: WARNING in bdev_getblk run #3: crashed: kernel BUG in bdev_getblk run #4: crashed: kernel BUG in bdev_getblk run #5: crashed: kernel BUG in bdev_getblk run #6: crashed: kernel BUG in bdev_getblk run #7: crashed: WARNING in bdev_getblk run #8: crashed: WARNING in bdev_getblk run #9: crashed: kernel BUG in bdev_getblk representative crash: kernel BUG in bdev_getblk, types: [BUG WARNING] the bug reproduces without the instrumentation disabling configs for [hang memleak ubsan kasan atomic_sleep], they are not needed kconfig minimization: base=4095 full=8385 leaves diff=2124 split chunks (needed=false): <2124> split chunk #0 of len 2124 into 5 parts testing without sub-chunk 1/5 disabling configs for [atomic_sleep hang memleak ubsan kasan], they are not needed testing commit 50c8770a42faf8b1c7abe93e7c114337f580a97d gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 520314e871f7bc4ed1b9675b0b3d1e6f27aab213f5ce92067a398b191d53c082 run #0: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #1: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #2: crashed: WARNING in bdev_getblk run #3: crashed: WARNING in bdev_getblk run #4: crashed: WARNING in bdev_getblk run #5: crashed: WARNING in bdev_getblk run #6: crashed: WARNING in bdev_getblk run #7: crashed: kernel BUG in bdev_getblk run #8: crashed: kernel BUG in bdev_getblk run #9: crashed: WARNING in bdev_getblk representative crash: WARNING in bdev_getblk, types: [WARNING] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [hang memleak ubsan kasan atomic_sleep], they are not needed testing commit 50c8770a42faf8b1c7abe93e7c114337f580a97d gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: ab1364cd566984ca5a11bf0fae01c1330a3dcc3e62fb4b9533035d284db54f04 run #0: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #1: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #2: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #3: crashed: kernel BUG in bdev_getblk run #4: crashed: kernel BUG in bdev_getblk run #5: crashed: WARNING in bdev_getblk run #6: crashed: WARNING in bdev_getblk run #7: crashed: kernel BUG in bdev_getblk run #8: crashed: WARNING in bdev_getblk run #9: OK representative crash: kernel BUG in bdev_getblk, types: [BUG WARNING] the chunk can be dropped testing without sub-chunk 3/5 disabling configs for [ubsan kasan atomic_sleep hang memleak], they are not needed testing commit 50c8770a42faf8b1c7abe93e7c114337f580a97d gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: f669b4b3b63081688f35a2bc0d64d77b9ad7f93318758b887f2cb49379868376 run #0: crashed: kernel BUG in bdev_getblk run #1: crashed: WARNING: suspicious RCU usage in proc_sys_compare run #2: crashed: WARNING: suspicious RCU usage in proc_sys_compare run #3: crashed: WARNING in bdev_getblk run #4: crashed: kernel BUG in bdev_getblk run #5: crashed: kernel BUG in bdev_getblk run #6: crashed: WARNING: suspicious RCU usage in proc_sys_compare run #7: crashed: kernel BUG in bdev_getblk run #8: crashed: kernel BUG in bdev_getblk run #9: crashed: kernel BUG in bdev_getblk representative crash: kernel BUG in bdev_getblk, types: [BUG LOCKDEP] the chunk can be dropped testing without sub-chunk 4/5 disabling configs for [hang memleak ubsan kasan atomic_sleep], they are not needed testing commit 50c8770a42faf8b1c7abe93e7c114337f580a97d gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: bd5cc6514136283ddc81e2230ddb94f4677f053187469b2caca15a57d1603273 run #0: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #1: crashed: kernel BUG in bdev_getblk run #2: crashed: kernel BUG in bdev_getblk run #3: crashed: kernel BUG in bdev_getblk run #4: crashed: kernel BUG in bdev_getblk run #5: crashed: kernel BUG in bdev_getblk run #6: crashed: WARNING: suspicious RCU usage in proc_sys_compare run #7: crashed: kernel BUG in bdev_getblk run #8: crashed: kernel BUG in bdev_getblk run #9: crashed: kernel BUG in bdev_getblk representative crash: kernel BUG in bdev_getblk, types: [BUG] the chunk can be dropped testing without sub-chunk 5/5 disabling configs for [atomic_sleep hang memleak ubsan kasan], they are not needed testing commit 50c8770a42faf8b1c7abe93e7c114337f580a97d gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 15d1ca16256f5ac58bdcc16ad1e694306af164ff2ea74371bbde54c336d03c25 run #0: basic kernel testing failed: WARNING: suspicious RCU usage in proc_sys_compare run #1: crashed: kernel BUG in bdev_getblk run #2: crashed: kernel BUG in bdev_getblk run #3: crashed: kernel BUG in bdev_getblk run #4: crashed: kernel BUG in bdev_getblk run #5: crashed: kernel BUG in bdev_getblk run #6: crashed: kernel BUG in bdev_getblk run #7: crashed: kernel BUG in bdev_getblk run #8: crashed: kernel BUG in bdev_getblk run #9: crashed: kernel BUG in bdev_getblk representative crash: kernel BUG in bdev_getblk, types: [BUG] the chunk can be dropped disabling configs for [memleak ubsan kasan atomic_sleep hang], they are not needed picked [v6.15 v6.14 v6.13 v6.11 v6.9 v6.7 v6.5 v6.3 v6.0 v5.17 v5.14 v5.11 v5.8 v5.5 v5.2 v4.20 v4.19] out of 38 release tags testing release v6.15 testing commit 0ff41df1cb268fc69e703a08a57ee14ae967d0ca gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 37e24efb61236bedfa3f9e8084e545cd813d8cc811d08a2278d172d675037fd7 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod representative crash: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod, types: [UNKNOWN] testing release v6.14 testing commit 38fec10eb60d687e30c8c6b5420d86e8149f7557 gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: a2bfec01b070026112663ba7aa361bc02ecd7438fade8ccf1ebe7a429decfa0f all runs: OK false negative chance: 0.000 # git bisect start 0ff41df1cb268fc69e703a08a57ee14ae967d0ca 38fec10eb60d687e30c8c6b5420d86e8149f7557 Bisecting: 8357 revisions left to test after this (roughly 13 steps) [390513642ee6763c7ada07f0a1470474986e6c1c] io_uring: always do atomic put from iowq testing commit 390513642ee6763c7ada07f0a1470474986e6c1c gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 4a4f4f8bed7763e5b0bc67f730609215650e9c7b9baefffa211cc674907db1b4 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod representative crash: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod, types: [UNKNOWN] # git bisect bad 390513642ee6763c7ada07f0a1470474986e6c1c Bisecting: 3789 revisions left to test after this (roughly 12 steps) [9b960d8cd6f712cb2c03e2bdd4d5ca058238037f] Merge tag 'for-6.15/block-20250322' of git://git.kernel.dk/linux testing commit 9b960d8cd6f712cb2c03e2bdd4d5ca058238037f gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 1809ad60ffe5954ac904da535b63960b1b64ec3b2880c27dd50185c1bc543c80 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod representative crash: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod, types: [UNKNOWN] # git bisect bad 9b960d8cd6f712cb2c03e2bdd4d5ca058238037f Bisecting: 1851 revisions left to test after this (roughly 11 steps) [7d20aa5c32ac8bd272b5470ddbd7ac6e0cb35714] Merge tag 'pm-6.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm testing commit 7d20aa5c32ac8bd272b5470ddbd7ac6e0cb35714 gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 0741bca8cfeef0518d257e286ca7f665aa9f952e91eda1719322ce938904c0b7 all runs: boot failed: BUG: unable to handle kernel NULL pointer dereference in msix_capability_init unable to determine the verdict: 0 good runs (wanted 5), for bad wanted 5 in total, got 0 # git bisect skip 7d20aa5c32ac8bd272b5470ddbd7ac6e0cb35714 Bisecting: 1851 revisions left to test after this (roughly 11 steps) [43a2930348040b3a7ad3b809e211dea233267f28] ASoC: rockchip: Convert to RUNTIME_PM_OPS() & co testing commit 43a2930348040b3a7ad3b809e211dea233267f28 gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 916a042c0513e5e12ce19b29bffa2015b6d64de94a792c9d7004e03da304ed6c all runs: OK false negative chance: 0.000 # git bisect good 43a2930348040b3a7ad3b809e211dea233267f28 Bisecting: 1720 revisions left to test after this (roughly 11 steps) [27bd3ce4038baad9976d287ce883df1674f3220e] Merge tag 'm68k-for-v6.15-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k testing commit 27bd3ce4038baad9976d287ce883df1674f3220e gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: a179a4d7dbc2fa7dad55b0f64277c46d042c137d7103ab3a4b715e229a6360ec all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod representative crash: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod, types: [UNKNOWN] # git bisect bad 27bd3ce4038baad9976d287ce883df1674f3220e Bisecting: 733 revisions left to test after this (roughly 10 steps) [32b22538bea83bd48f00ab1403e5a4dbce41f0d0] Merge tag 'sched-core-2025-03-22' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit 32b22538bea83bd48f00ab1403e5a4dbce41f0d0 gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 51c1c42326a0bdac11f05d7cad77fc68d373be5a79f3cae02f5d5c399b124e06 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod representative crash: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod, types: [UNKNOWN] # git bisect bad 32b22538bea83bd48f00ab1403e5a4dbce41f0d0 Bisecting: 376 revisions left to test after this (roughly 9 steps) [05b00ffd7a0bf31f45b63242f30b3a8a0008fa78] Merge tag 'slab-for-6.15' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab testing commit 05b00ffd7a0bf31f45b63242f30b3a8a0008fa78 gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 1b9e95450a28339e8a38e9f88d7d9a89d1b713318c63e0165faeace8b6e2db09 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod representative crash: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod, types: [UNKNOWN] # git bisect bad 05b00ffd7a0bf31f45b63242f30b3a8a0008fa78 Bisecting: 196 revisions left to test after this (roughly 8 steps) [aaca83f7b13fbe54c853f63eca9e849e6b441459] Merge tag 'vfs-6.15-rc1.sysv' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs testing commit aaca83f7b13fbe54c853f63eca9e849e6b441459 gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: c011762a436e511db615c0e46197b45352a49749c9275488d0a3df523fe258be all runs: OK false negative chance: 0.000 # git bisect good aaca83f7b13fbe54c853f63eca9e849e6b441459 Bisecting: 96 revisions left to test after this (roughly 7 steps) [912b82dc0b27abc407c831e74fbcbdebfe19997b] Merge tag 'vfs-6.15-rc1.file' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs testing commit 912b82dc0b27abc407c831e74fbcbdebfe19997b gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 2f8fafe9b767e3ddb58327072e3e5f84cad6715f1568f56a6af16ba977f36f21 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod representative crash: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod, types: [UNKNOWN] # git bisect bad 912b82dc0b27abc407c831e74fbcbdebfe19997b Bisecting: 41 revisions left to test after this (roughly 6 steps) [e63046adefc03800f1af76476701606bb148b49c] Merge tag 'vfs-6.15-rc1.ceph' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs testing commit e63046adefc03800f1af76476701606bb148b49c gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 911cea7e1cd9ad16ad0514d064012b3fd894b69d3039550ccfcecd1ae9abc116 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod representative crash: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod, types: [UNKNOWN] # git bisect bad e63046adefc03800f1af76476701606bb148b49c Bisecting: 29 revisions left to test after this (roughly 5 steps) [130e696aa68b0e0c13f790898529b2cc1a5f8f8e] Merge tag 'vfs-6.15-rc1.mount.namespace' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs testing commit 130e696aa68b0e0c13f790898529b2cc1a5f8f8e gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 5cfc10373558a55563c51ca5db9847b0bc51d5ae9560f91bb11d7a27b5ff0f38 all runs: OK false negative chance: 0.000 # git bisect good 130e696aa68b0e0c13f790898529b2cc1a5f8f8e Bisecting: 14 revisions left to test after this (roughly 4 steps) [9dcef93363e7f7b925b3adc4a3171bd00250c8dd] fs: Remove page_mkwrite_check_truncate() testing commit 9dcef93363e7f7b925b3adc4a3171bd00250c8dd gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 9d2babcd1aabf23fac4ae00bce50e9936e484f626e923f3ef564c24d461e19f2 all runs: OK false negative chance: 0.000 # git bisect good 9dcef93363e7f7b925b3adc4a3171bd00250c8dd Bisecting: 6 revisions left to test after this (roughly 3 steps) [425fbcd62d2e1330e64d8d3bf89e554830ba997f] bdev: use bdev_io_min() for statx block size testing commit 425fbcd62d2e1330e64d8d3bf89e554830ba997f gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 342d49b76695d34ee858ac6ffaa8e25342af7c786f4b05866e648cf0099cb075 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod representative crash: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod, types: [UNKNOWN] # git bisect bad 425fbcd62d2e1330e64d8d3bf89e554830ba997f Bisecting: 3 revisions left to test after this (roughly 2 steps) [8b45a4f4133d30b1d50cc7161265cf78ad9b5807] fs/mpage: use blocks_per_folio instead of blocks_per_page testing commit 8b45a4f4133d30b1d50cc7161265cf78ad9b5807 gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 3794efb5205890a8a9cfb1acba890494019cf5f48c8e78823852026327e07783 all runs: OK false negative chance: 0.000 # git bisect good 8b45a4f4133d30b1d50cc7161265cf78ad9b5807 Bisecting: 1 revision left to test after this (roughly 1 step) [3c20917120ce61f2a123ca0810293872f4c6b5a4] block/bdev: enable large folio support for large logical block sizes testing commit 3c20917120ce61f2a123ca0810293872f4c6b5a4 gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 6c26161fa1e5d53bee595fec75418f27a1a59cf007b6a080056e980bdc391573 all runs: OK false negative chance: 0.000 # git bisect good 3c20917120ce61f2a123ca0810293872f4c6b5a4 Bisecting: 0 revisions left to test after this (roughly 0 steps) [47dd67532303803a87f43195e088b3b4bcf0454d] block/bdev: lift block size restrictions to 64k testing commit 47dd67532303803a87f43195e088b3b4bcf0454d gcc compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7 kernel signature: 1341af3a57d527ff9e7b8aed865572ffd39ebe351537eb9ce4eb97b4fa90c1c0 run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in create_empty_buffers run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in create_empty_buffers run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod run #8: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod run #9: crashed: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod representative crash: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod, types: [UNKNOWN] # git bisect bad 47dd67532303803a87f43195e088b3b4bcf0454d 47dd67532303803a87f43195e088b3b4bcf0454d is the first bad commit commit 47dd67532303803a87f43195e088b3b4bcf0454d Author: Luis Chamberlain Date: Fri Feb 21 14:38:22 2025 -0800 block/bdev: lift block size restrictions to 64k We now can support blocksizes larger than PAGE_SIZE, so in theory we should be able to lift the restriction up to the max supported page cache order. However bound ourselves to what we can currently validate and test. Through blktests and fstest we can validate up to 64k today. Reviewed-by: Hannes Reinecke Reviewed-by: "Matthew Wilcox (Oracle)" Signed-off-by: Luis Chamberlain Link: https://lore.kernel.org/r/20250221223823.1680616-8-mcgrof@kernel.org Signed-off-by: Christian Brauner block/bdev.c | 3 +-- include/linux/blkdev.h | 8 +++++++- 2 files changed, 8 insertions(+), 3 deletions(-) accumulated error probability: 0.00 culprit signature: 1341af3a57d527ff9e7b8aed865572ffd39ebe351537eb9ce4eb97b4fa90c1c0 parent signature: 6c26161fa1e5d53bee595fec75418f27a1a59cf007b6a080056e980bdc391573 revisions tested: 25, total time: 7h31m52.938514275s (build: 3h4m22.420437299s, test: 3h52m39.125319252s) first bad commit: 47dd67532303803a87f43195e088b3b4bcf0454d block/bdev: lift block size restrictions to 64k recipients (to): ["brauner@kernel.org" "hare@suse.de" "mcgrof@kernel.org" "willy@infradead.org"] recipients (cc): [] crash: BUG: unable to handle kernel NULL pointer dereference in guard_bio_eod BUG: kernel NULL pointer dereference, address: 0000000000000008 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: Oops: 0000 [#1] PREEMPT SMP PTI CPU: 1 UID: 0 PID: 4657 Comm: udevd Not tainted 6.14.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 RIP: 0010:bdev_nr_sectors include/linux/blkdev.h:814 [inline] RIP: 0010:guard_bio_eod+0x8/0x30 block/bio.c:694 Code: 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 8b 47 08 <48> 8b 70 08 48 85 f6 74 11 48 2b 77 20 76 0b 8b 47 28 c1 e8 09 48 RSP: 0018:ffffc90001faf8e8 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffffc90001faf980 RCX: 8e2ea21b9a34d900 RDX: 0000000000000000 RSI: ffffea000417df00 RDI: ffff88810e2d50c0 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000004 R10: ffffc90001faf980 R11: ffffffff81487480 R12: ffff88810e2d50c0 R13: 0000000000000000 R14: ffffea000417df00 R15: 0000000000000000 FS: 00007f32bd4ce880(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000008 CR3: 0000000107fec000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: mpage_bio_submit_read fs/mpage.c:74 [inline] do_mpage_readpage+0x532/0x670 fs/mpage.c:-1 mpage_readahead+0xe1/0x1a0 fs/mpage.c:371 read_pages+0x8b/0x170 mm/readahead.c:161 page_cache_ra_unbounded+0x1ac/0x230 mm/readahead.c:298 do_page_cache_ra mm/readahead.c:328 [inline] force_page_cache_ra mm/readahead.c:357 [inline] page_cache_sync_ra+0xff/0x340 mm/readahead.c:585 filemap_get_pages+0x163/0x850 mm/filemap.c:2580 filemap_read+0xea/0x500 mm/filemap.c:2691 blkdev_read_iter+0xe6/0x130 block/fops.c:796 new_sync_read fs/read_write.c:484 [inline] vfs_read+0x29a/0x370 fs/read_write.c:565 ksys_read+0x75/0xf0 fs/read_write.c:708 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf6/0x210 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f32bd5bc407 Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff RSP: 002b:00007fffff73a940 EFLAGS: 00000202 ORIG_RAX: 0000000000000000 RAX: ffffffffffffffda RBX: 00007f32bd4ce880 RCX: 00007f32bd5bc407 RDX: 0000000000000200 RSI: 00007f32bcb84000 RDI: 0000000000000009 RBP: 000055fb71572c60 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 R13: 0000000000000000 R14: 000055fb71573b08 R15: 00007f32bdd1239c Modules linked in: CR2: 0000000000000008 ---[ end trace 0000000000000000 ]--- RIP: 0010:bdev_nr_sectors include/linux/blkdev.h:814 [inline] RIP: 0010:guard_bio_eod+0x8/0x30 block/bio.c:694 Code: 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 8b 47 08 <48> 8b 70 08 48 85 f6 74 11 48 2b 77 20 76 0b 8b 47 28 c1 e8 09 48 RSP: 0018:ffffc90001faf8e8 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffffc90001faf980 RCX: 8e2ea21b9a34d900 RDX: 0000000000000000 RSI: ffffea000417df00 RDI: ffff88810e2d50c0 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000004 R10: ffffc90001faf980 R11: ffffffff81487480 R12: ffff88810e2d50c0 R13: 0000000000000000 R14: ffffea000417df00 R15: 0000000000000000 FS: 00007f32bd4ce880(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000008 CR3: 0000000107fec000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 41 5d pop %r13 2: 41 5e pop %r14 4: 41 5f pop %r15 6: 5d pop %rbp 7: c3 ret 8: cc int3 9: cc int3 a: cc int3 b: cc int3 c: cc int3 d: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) 12: 90 nop 13: 90 nop 14: 90 nop 15: 90 nop 16: 90 nop 17: 90 nop 18: 90 nop 19: 90 nop 1a: 90 nop 1b: 90 nop 1c: 90 nop 1d: 90 nop 1e: 90 nop 1f: 90 nop 20: 90 nop 21: 90 nop 22: 66 0f 1f 00 nopw (%rax) 26: 48 8b 47 08 mov 0x8(%rdi),%rax * 2a: 48 8b 70 08 mov 0x8(%rax),%rsi <-- trapping instruction 2e: 48 85 f6 test %rsi,%rsi 31: 74 11 je 0x44 33: 48 2b 77 20 sub 0x20(%rdi),%rsi 37: 76 0b jbe 0x44 39: 8b 47 28 mov 0x28(%rdi),%eax 3c: c1 e8 09 shr $0x9,%eax 3f: 48 rex.W