ci2 starts bisection 2024-02-08 10:01:30.137819112 +0000 UTC m=+214459.621938702 bisecting cause commit starting from 547ab8fc4cb04a1a6b34377dd8fad34cd2c8a8e3 building syzkaller on 6404acf9ce200d01fcbe0923924c9f6c22c258de ensuring issue is reproducible on original commit 547ab8fc4cb04a1a6b34377dd8fad34cd2c8a8e3 testing commit 547ab8fc4cb04a1a6b34377dd8fad34cd2c8a8e3 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: cb10d0b431215a6312be4cfe3da7f7a660f4c4d3130af139100b39d112d373d7 all runs: crashed: general protection fault in gfs2_rindex_update representative crash: general protection fault in gfs2_rindex_update, types: [UNKNOWN] check whether we can drop unnecessary instrumentation disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit 547ab8fc4cb04a1a6b34377dd8fad34cd2c8a8e3 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b9b516a744cc9409fa47ffe3986f457d5db26b4fb08a04dba600be7e89b734e3 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] the bug reproduces without the instrumentation disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN LOCKDEP], they are not needed kconfig minimization: base=3932 full=7955 leaves diff=2019 split chunks (needed=false): <2019> split chunk #0 of len 2019 into 5 parts testing without sub-chunk 1/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit 547ab8fc4cb04a1a6b34377dd8fad34cd2c8a8e3 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 790bc0e583a3e5b678734540f71f8de1a991d88b38237d040caf1bfba8f1f048 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit 547ab8fc4cb04a1a6b34377dd8fad34cd2c8a8e3 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 61931eae6bb54731e9cf8bf5c5c1f680fd8b4e64426948b46d14e5911005822f all runs: OK false negative chance: 0.000 testing without sub-chunk 3/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit 547ab8fc4cb04a1a6b34377dd8fad34cd2c8a8e3 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 93af52a62361e49a7b4633a263db78dee3ca89aa164913c65ba7781f23ab1af4 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 4/5 disabling configs for [BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed testing commit 547ab8fc4cb04a1a6b34377dd8fad34cd2c8a8e3 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 6ebfa708285153fdc2d6c7fdba2ff134c600afadbe34e83362b7d5f3f0b2e320 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 5/5 disabling configs for [BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed testing commit 547ab8fc4cb04a1a6b34377dd8fad34cd2c8a8e3 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 37bf29084651a185a59cee84478a2728c145012482748b0af353e3e4731caee3 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] the chunk can be dropped minimized to 404 configs; suspects: [6LOWPAN ARCH_ENABLE_MEMORY_HOTREMOVE ASUS_WMI BLK_DEV_ZONED CMA COMMON_CLK DAX DLM DM_ZONED DRAGONRISE_FF DRM DRM_BOCHS DRM_BRIDGE DRM_BUDDY DRM_CIRRUS_QEMU DRM_DEBUG_MM DRM_DISPLAY_DP_HELPER DRM_DISPLAY_HDCP_HELPER DRM_DISPLAY_HDMI_HELPER DRM_DISPLAY_HELPER DRM_DP_AUX_BUS DRM_DP_AUX_CHARDEV DRM_FBDEV_EMULATION DRM_GEM_SHMEM_HELPER DRM_I915 DRM_I915_CAPTURE_ERROR DRM_I915_COMPRESS_ERROR DRM_I915_USERPTR DRM_KMS_HELPER DRM_MIPI_DSI DRM_PANEL DRM_PANEL_BRIDGE DRM_PANEL_EDP DRM_PANEL_ORIENTATION_QUIRKS DRM_SIMPLEDRM DRM_TTM DRM_TTM_HELPER DRM_UDL DRM_VGEM DRM_VIRTIO_GPU DRM_VIRTIO_GPU_KMS DRM_VKMS DRM_VMWGFX DRM_VRAM_HELPER DUMMY DVB_AF9013 DVB_AF9033 DVB_AS102 DVB_AS102_FE DVB_B2C2_FLEXCOP DVB_B2C2_FLEXCOP_USB DVB_CORE DVB_DIB3000MB DVB_DIB3000MC DVB_EC100 DVB_GP8PSK_FE DVB_RTL2830 DVB_RTL2832 DVB_RTL2832_SDR DVB_TEST_DRIVERS DVB_TTUSB_BUDGET DVB_TTUSB_DEC DVB_USB DVB_USB_A800 DVB_USB_AF9005 DVB_USB_AF9005_REMOTE DVB_USB_AF9015 DVB_USB_AF9035 DVB_USB_ANYSEE DVB_USB_AU6610 DVB_USB_AZ6007 DVB_USB_AZ6027 DVB_USB_CE6230 DVB_USB_CINERGY_T2 DVB_USB_CXUSB DVB_USB_DIB0700 DVB_USB_DIB3000MC DVB_USB_DIBUSB_MB DVB_USB_DIBUSB_MC DVB_USB_DIGITV DVB_USB_DTT200U DVB_USB_DTV5100 DVB_USB_DVBSKY DVB_USB_DW2102 DVB_USB_EC168 DVB_USB_GL861 DVB_USB_GP8PSK DVB_USB_LME2510 DVB_USB_M920X DVB_USB_MXL111SF DVB_USB_NOVA_T_USB2 DVB_USB_OPERA1 DVB_USB_PCTV452E DVB_USB_RTL28XXU DVB_USB_TECHNISAT_USB2 DVB_USB_TTUSB2 DVB_USB_UMT_010 DVB_USB_V2 DVB_USB_VP702X DVB_USB_VP7045 DVB_USB_ZD1301 DVB_VIDTV DVB_ZL10353 ECRYPT_FS ECRYPT_FS_MESSAGING EDAC EEPROM_93CX6 EFS_FS ENCRYPTED_KEYS EQUALIZER EROFS_FS EROFS_FS_POSIX_ACL EROFS_FS_SECURITY EROFS_FS_XATTR EROFS_FS_ZIP EVM EVM_ADD_XATTRS EVM_ATTR_FSUUID EVM_EXTRA_SMACK_XATTRS EXFAT_FS EXPORTFS_BLOCK_OPS EXT3_FS EXT3_FS_POSIX_ACL EXT3_FS_SECURITY EXTCON EXTCON_INTEL_CHT_WC F2FS_CHECK_FS F2FS_FAULT_INJECTION F2FS_FS F2FS_FS_COMPRESSION F2FS_FS_LZ4 F2FS_FS_LZ4HC F2FS_FS_LZO F2FS_FS_LZORLE F2FS_FS_POSIX_ACL F2FS_FS_SECURITY F2FS_FS_XATTR F2FS_FS_ZSTD F2FS_STAT_FS FANOTIFY FANOTIFY_ACCESS_PERMISSIONS FB FB_CFB_COPYAREA FB_CFB_FILLRECT FB_CFB_IMAGEBLIT FB_CORE FB_DEFERRED_IO FB_IOMEM_FOPS FB_IOMEM_HELPERS FB_NOTIFY FB_SYSMEM_FOPS FB_SYSMEM_HELPERS FB_SYSMEM_HELPERS_DEFERRED FB_SYS_COPYAREA FB_SYS_FILLRECT FB_SYS_IMAGEBLIT FB_TILEBLITTING FB_VESA FB_VGA16 FB_VIRTUAL FDDI FIREWIRE FIREWIRE_NET FIREWIRE_OHCI FIREWIRE_SBP2 FONT_8x16 FONT_8x8 FONT_SUPPORT FRAMEBUFFER_CONSOLE FRAMEBUFFER_CONSOLE_DETECT_PRIMARY FRAMEBUFFER_CONSOLE_ROTATION FS_DAX FS_DAX_PMD FS_ENCRYPTION FS_ENCRYPTION_ALGS FS_STACK FS_VERITY FS_VERITY_BUILTIN_SIGNATURES FTL FUSE_DAX FUSE_FS FW_LOADER_COMPRESS FW_LOADER_PAGED_BUF FW_LOADER_SYSFS FW_LOADER_USER_HELPER FW_LOADER_USER_HELPER_FALLBACK GACT_PROB GARP GCC_NO_STRINGOP_OVERFLOW GENERIC_PHY GET_FREE_REGION GFS2_FS GFS2_FS_LOCKING_DLM GOOGLE_COREBOOT_TABLE GOOGLE_FIRMWARE GOOGLE_MEMCONSOLE GOOGLE_MEMCONSOLE_COREBOOT GOOGLE_VPD GPIOLIB GPIOLIB_IRQCHIP GPIO_ACPI GPIO_DLN2 GPIO_VIPERBOARD GREENASIA_FF GREYBUS GREYBUS_BRIDGED_PHY GREYBUS_ES2 GREYBUS_HID GREYBUS_USB GTP GUEST_PERF_EVENTS GVE HAVE_ARCH_NODE_DEV_GROUP HAVE_ARCH_USERFAULTFD_MINOR HAVE_ARCH_USERFAULTFD_WP HAVE_BOOTMEM_INFO_NODE HAVE_CLK_PREPARE HAVE_KVM_CPU_RELAX_INTERCEPT HAVE_KVM_DIRTY_RING HAVE_KVM_DIRTY_RING_ACQ_REL HAVE_KVM_DIRTY_RING_TSO HAVE_KVM_IRQCHIP HAVE_KVM_IRQ_BYPASS HAVE_KVM_IRQ_ROUTING HAVE_KVM_MSI HAVE_KVM_NO_POLL HAVE_KVM_PFNCACHE HAVE_KVM_PM_NOTIFIER HAVE_SCHED_AVG_IRQ HDLC HDLC_CISCO HDLC_FR HDLC_PPP HDLC_RAW HDLC_RAW_ETH HDLC_X25 HDMI HFSPLUS_FS HFS_FS HID_ACCUTOUCH HID_ACRUX HID_ACRUX_FF HID_ALPS HID_APPLEIR HID_ASUS HID_AUREAL HID_BATTERY_STRENGTH HID_BETOP_FF HID_CMEDIA HID_CORSAIR HID_CP2112 HID_DRAGONRISE HID_ELECOM HID_ELO HID_EMS_FF HID_GEMBIRD HID_GFRM HID_GREENASIA HID_GT683R HID_HOLTEK HID_ICADE HID_KEYTOUCH HID_KYE HID_LCPOWER HID_LED HID_LENOVO HID_LOGITECH_DJ HID_LOGITECH_HIDPP HID_MAGICMOUSE HID_MAYFLASH HID_MULTITOUCH HID_NTI HID_ORTEK HID_PENMOUNT HID_PICOLCD HID_PICOLCD_BACKLIGHT HID_PICOLCD_CIR HID_PICOLCD_FB HID_PICOLCD_LCD HID_PICOLCD_LEDS HID_PLANTRONICS HID_PRIMAX HID_PRODIKEYS HID_RETRODE HID_RMI HID_ROCCAT HID_SAITEK HID_SENSOR_ACCEL_3D HID_SENSOR_ALS HID_SENSOR_CUSTOM_SENSOR HID_SENSOR_DEVICE_ROTATION HID_SENSOR_GYRO_3D HID_SENSOR_HUB HID_SENSOR_HUMIDITY HID_SENSOR_IIO_COMMON HID_SENSOR_IIO_TRIGGER HID_SENSOR_INCLINOMETER_3D HID_SENSOR_MAGNETOMETER_3D HID_SENSOR_PRESS HID_SENSOR_PROX HID_SENSOR_TEMP HID_SPEEDLINK HID_STEELSERIES HID_THINGM HID_TIVO HID_TWINHAN HID_UCLOGIC HID_UDRAW_PS3 HID_WACOM HID_WALTOP HID_WIIMOTE HID_XINMO HID_ZYDACRON HMM_MIRROR HOLTEK_FF HOTPLUG_PCI_PCIE HPET_MMAP HPET_MMAP_DEFAULT HPFS_FS I2C_ALGOBIT I2C_CHARDEV I2C_DESIGNWARE_CORE I2C_DESIGNWARE_PLATFORM I2C_DIOLAN_U2C I2C_DLN2 I2C_MUX I2C_MUX_REG I2C_ROBOTFUZZ_OSIF I2C_SI4713 I2C_SLAVE I2C_SLAVE_EEPROM I2C_TINY_USB I2C_VIPERBOARD IEEE802154 IEEE802154_6LOWPAN IEEE802154_ATUSB IEEE802154_DRIVERS IEEE802154_HWSIM IEEE802154_NL802154_EXPERIMENTAL IEEE802154_SOCKET IFB IIO IIO_BUFFER IIO_KFIFO_BUF IIO_TRIGGER IIO_TRIGGERED_BUFFER IKCONFIG IKCONFIG_PROC IMA IMA_APPRAISE IMA_APPRAISE_MODSIG IMA_DEFAULT_HASH_SHA256 IMA_LSM_RULES IMA_MEASURE_ASYMMETRIC_KEYS IMA_NG_TEMPLATE IMA_QUEUE_EARLY_BOOT_KEYS IMA_READ_POLICY IMA_WRITE_POLICY INET6_ESPINTCP INET6_ESP_OFFLOAD INET6_IPCOMP INET6_TUNNEL INET6_XFRM_TUNNEL INET_AH INET_DCCP_DIAG INET_DIAG INET_DIAG_DESTROY INET_ESP INET_ESPINTCP INET_ESP_OFFLOAD INET_IPCOMP INET_MPTCP_DIAG INET_RAW_DIAG INET_SCTP_DIAG INET_TCP_DIAG INET_UDP_DIAG INET_XFRM_TUNNEL INFINIBAND INFINIBAND_ADDR_TRANS INFINIBAND_ADDR_TRANS_CONFIGFS INFINIBAND_IPOIB INFINIBAND_IPOIB_CM INFINIBAND_IPOIB_DEBUG INFINIBAND_ISER INFINIBAND_ON_DEMAND_PAGING INFINIBAND_RTRS INFINIBAND_SRP INFINIBAND_USER_ACCESS INFINIBAND_USER_MAD INFINIBAND_USER_MEM INPUT_ATI_REMOTE2 INPUT_CM109 INPUT_IMS_PCU INPUT_JOYDEV INPUT_KEYSPAN_REMOTE INPUT_LEDS INPUT_MOUSEDEV INPUT_MOUSEDEV_PSAUX INPUT_POWERMATE INPUT_UINPUT INPUT_YEALINK INTEGRITY INTEGRITY_ASYMMETRIC_KEYS INTEGRITY_AUDIT INTEGRITY_SIGNATURE INTEGRITY_TRUSTED_KEYRING INTEL_IDMA64 INTEL_IOATDMA INTEL_IOMMU_DEFAULT_ON INTEL_IOMMU_SVM INTEL_ISH_HID INTEL_SOC_PMIC_CHTWC INTERVAL_TREE INTERVAL_TREE_SPAN_ITER IOMMUFD IOMMUFD_DRIVER IOMMUFD_TEST IOMMU_MM_DATA IOMMU_SVA IP6_NF_MATCH_AH IP6_NF_MATCH_EUI64 IP6_NF_MATCH_FRAG IP6_NF_MATCH_HL IP6_NF_MATCH_MH IP6_NF_MATCH_OPTS IP6_NF_MATCH_RPFILTER IP6_NF_MATCH_RT IP6_NF_MATCH_SRH IP6_NF_NAT IP6_NF_RAW IP6_NF_SECURITY IP6_NF_TARGET_HL IP6_NF_TARGET_MASQUERADE IP6_NF_TARGET_NPT IP6_NF_TARGET_SYNPROXY IPV6_FOU IPV6_FOU_TUNNEL IPV6_GRE IPV6_ILA IPV6_MIP6 IPV6_MROUTE IPV6_MROUTE_MULTIPLE_TABLES IPV6_MULTIPLE_TABLES IPV6_OPTIMISTIC_DAD IPV6_PIMSM_V2 IPV6_ROUTER_PREF IPV6_ROUTE_INFO IPV6_RPL_LWTUNNEL IPV6_SEG6_BPF IPV6_SEG6_HMAC IPV6_SEG6_LWTUNNEL IPV6_SIT_6RD IPV6_SUBTREES IPV6_TUNNEL IPV6_VTI IPVLAN IPVLAN_L3S IPVTAP IP_DCCP IP_DCCP_CCID3 IP_DCCP_TFRC_LIB IP_FIB_TRIE_STATS IP_MROUTE_MULTIPLE_TABLES IP_NF_ARPFILTER IP_NF_ARPTABLES IP_NF_ARP_MANGLE IP_NF_MATCH_AH IP_NF_MATCH_ECN IP_NF_MATCH_RPFILTER IP_NF_MATCH_TTL IP_NF_RAW IP_NF_SECURITY IP_NF_TARGET_ECN IP_NF_TARGET_NETMAP IP_NF_TARGET_REDIRECT IP_NF_TARGET_SYNPROXY IP_NF_TARGET_TTL IP_ROUTE_CLASSID IP_SCTP IP_SET IP_SET_BITMAP_IP IP_SET_BITMAP_IPMAC IP_SET_BITMAP_PORT IP_SET_HASH_IP IP_SET_HASH_IPMAC IP_SET_HASH_IPMARK IP_SET_HASH_IPPORT IP_SET_HASH_IPPORTIP IP_SET_HASH_IPPORTNET IP_SET_HASH_MAC IP_SET_HASH_NET IP_SET_HASH_NETIFACE IP_SET_HASH_NETNET IP_SET_HASH_NETPORT IP_SET_HASH_NETPORTNET IP_SET_LIST_SET IP_VS IP_VS_DH IP_VS_FO IP_VS_FTP IP_VS_IPV6 IP_VS_LBLC IP_VS_PROTO_TCP IRQ_TIME_ACCOUNTING LAPB LCD_CLASS_DEVICE MAC802154 MEDIA_DIGITAL_TV_SUPPORT MEDIA_RADIO_SUPPORT MEDIA_SDR_SUPPORT MEDIA_SUPPORT MEDIA_TEST_SUPPORT MEDIA_USB_SUPPORT MEMORY_HOTPLUG MEMORY_HOTREMOVE MFD_DLN2 MFD_VIPERBOARD MPTCP MTD NETFILTER_ADVANCED NET_ACT_GACT NET_ACT_MIRRED NET_IPGRE_DEMUX NFT_FWD_NETDEV NF_TABLES NF_TABLES_NETDEV RADIO_ADAPTERS RADIO_SI4713 RAS RC_CORE RFKILL SND SOUND STAGING TRANSPARENT_HUGEPAGE VIDEO_DEV VIRTIO_FS WAN ZONE_DEVICE] disabling configs for [UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed picked [v6.7 v6.6 v6.5 v6.3 v6.1 v5.19 v5.17 v5.15 v5.12 v5.9 v5.6 v5.3 v5.0 v4.19] out of 30 release tags testing release v6.7 testing commit 0dd3ee31125508cd67f7e7172247f05b7fd1753a gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 0db26820ed13797f1384b5a97b8c3beded699260de632b20e0b9b1bb93283d85 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] testing release v6.6 testing commit ffc253263a1375a65fa6c9f62a893e9767fbebfa gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 99140c9f26b7072edc118c7675756c3b0e28922dda52d4d0f1c3e92fb330948a all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] testing release v6.5 testing commit 2dde18cd1d8fac735875f2e4987f11817cc0bc2c gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: bede86c6f17b6239581e7bd1a872d86c72733a82007c651caa1ef19e1cc79408 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] testing release v6.3 testing commit 457391b0380335d5e9a5babdec90ac53928b23b4 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 9bc1e0d84b3de4caeb9ff227faf6fee1e3704611e28d5a31c3f612ee78f609a7 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] testing release v6.1 testing commit 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 5a2f0db47cb56218d53609be4733159f5d203d665be80ab95b5e654a830f84d4 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] testing release v5.19 testing commit 3d7cb6b04c3f3115719235cc6866b10326de34cd gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 635a7e8e614e8305fb1a02ea53b8e71d76b779dc706a037a02c2e1da821afba8 all runs: OK false negative chance: 0.000 # git bisect start 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 3d7cb6b04c3f3115719235cc6866b10326de34cd Bisecting: 15849 revisions left to test after this (roughly 14 steps) [26f6a2aefd3167a06ac0e9de1fb09b8900878eea] Merge patch series "can: gs_usb: hardware timestamp support" testing commit 26f6a2aefd3167a06ac0e9de1fb09b8900878eea gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 766eb9007f2b9247edf2d399af4f8416214f05332f75a6c8683469d1ea6677ab all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] # git bisect bad 26f6a2aefd3167a06ac0e9de1fb09b8900878eea Bisecting: 7909 revisions left to test after this (roughly 13 steps) [228dfe98a313f6b6bff5da8b2c5e650e297ebf1a] Merge tag 'char-misc-6.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc testing commit 228dfe98a313f6b6bff5da8b2c5e650e297ebf1a gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 9bc163987ddfa64254e1935b34caf6411c55eab7d0981ad1e73e40113b9d9d95 all runs: OK false negative chance: 0.000 # git bisect good 228dfe98a313f6b6bff5da8b2c5e650e297ebf1a Bisecting: 3859 revisions left to test after this (roughly 12 steps) [668c3c237f5ddc2889879b08f26d2374231f3287] Merge tag 'sound-6.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound testing commit 668c3c237f5ddc2889879b08f26d2374231f3287 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 8651e518adc65cad3a5f48f06bbbc7384f46ff25dc1189a4736f922ad373707e all runs: OK false negative chance: 0.000 # git bisect good 668c3c237f5ddc2889879b08f26d2374231f3287 Bisecting: 1912 revisions left to test after this (roughly 11 steps) [7ebfc85e2cd7b08f518b526173e9a33b56b3913b] Merge tag 'net-6.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit 7ebfc85e2cd7b08f518b526173e9a33b56b3913b gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 4a3afc3925b9e945f1e32fc0b673dee5bf31ace023fb85a7e3fb34f82643df9e all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] # git bisect bad 7ebfc85e2cd7b08f518b526173e9a33b56b3913b Bisecting: 945 revisions left to test after this (roughly 10 steps) [607ca0f742b7d990b6efb3c3e7a52830f7e96419] Merge tag 'tty-6.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty testing commit 607ca0f742b7d990b6efb3c3e7a52830f7e96419 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 267f8019c7fead107a06b55bb89b0ddb3267fa72f1754a1a953dc514803a7b2a all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] # git bisect bad 607ca0f742b7d990b6efb3c3e7a52830f7e96419 Bisecting: 505 revisions left to test after this (roughly 9 steps) [cae4199f9319f42534ee2e2e4aadf183b9bb7f73] Merge tag 'powerpc-6.0-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux testing commit cae4199f9319f42534ee2e2e4aadf183b9bb7f73 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 2d87d8bb88463ba9b491764f04b75af2656168b84d16882213e0b97dcea9f1a5 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] # git bisect bad cae4199f9319f42534ee2e2e4aadf183b9bb7f73 Bisecting: 245 revisions left to test after this (roughly 8 steps) [c42b729ef6bfc72fed56f81f589a39298b9d12c8] Merge tag 'gfs2-v5.19-rc4-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2 testing commit c42b729ef6bfc72fed56f81f589a39298b9d12c8 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 61fe31073ce0830bbde166ba72b9b2d6f37fdd952fa92e35a808b12af38d8a7b all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] # git bisect bad c42b729ef6bfc72fed56f81f589a39298b9d12c8 Bisecting: 130 revisions left to test after this (roughly 7 steps) [c10100a416c16b598bf5155e759307b34dac0d7d] Merge branches 'arm/exynos', 'arm/mediatek', 'arm/msm', 'arm/smmu', 'virtio', 'x86/vt-d', 'x86/amd' and 'core' into next testing commit c10100a416c16b598bf5155e759307b34dac0d7d gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: c5c4bd12f6b549027073089033e8903ac63eb3434a293599d7ea1885fcc8958f all runs: OK false negative chance: 0.000 # git bisect good c10100a416c16b598bf5155e759307b34dac0d7d Bisecting: 71 revisions left to test after this (roughly 6 steps) [1d239c1eb873c7d6c6cbc80d68330c939fd86136] Merge tag 'iommu-updates-v5.20-or-v6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu testing commit 1d239c1eb873c7d6c6cbc80d68330c939fd86136 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 5f0d4304ce96190b64c602b4868e73763e7624650cbe11da0e64ed62e6d584fb all runs: OK false negative chance: 0.000 # git bisect good 1d239c1eb873c7d6c6cbc80d68330c939fd86136 Bisecting: 35 revisions left to test after this (roughly 5 steps) [159bf19270e80b5bc4b13aa88072dcb390b4d297] dma-mapping: add flags to dma_map_ops to indicate PCI P2PDMA support testing commit 159bf19270e80b5bc4b13aa88072dcb390b4d297 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 6bad1f50564f011aa16e71db038b01f5ad441db1f01966802029a28c1478b61f all runs: OK false negative chance: 0.000 # git bisect good 159bf19270e80b5bc4b13aa88072dcb390b4d297 Bisecting: 14 revisions left to test after this (roughly 4 steps) [20cf903a0c407cef19300e5c85a03c82593bde36] Merge tag 'for-6.0/dm-changes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm testing commit 20cf903a0c407cef19300e5c85a03c82593bde36 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 75bc88a13d8de4f292d18860d9e4db58556d69ffb737fb9eadf70618385cf690 all runs: OK false negative chance: 0.000 # git bisect good 20cf903a0c407cef19300e5c85a03c82593bde36 Bisecting: 7 revisions left to test after this (roughly 3 steps) [0befb8511e6a91716980c40c552acc5eec963cbd] gfs2: do_promote glock holder stealing fix testing commit 0befb8511e6a91716980c40c552acc5eec963cbd gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 0e6afb13e68c373af1147a5925ff0b2695c2ab6eaa8cf95cb51418e75abd6a91 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] # git bisect bad 0befb8511e6a91716980c40c552acc5eec963cbd Bisecting: 3 revisions left to test after this (roughly 2 steps) [de3f906f0af0c3f5d862b07df4d020c9322cd9c3] gfs2: Revert 'Fix "truncate in progress" hang' testing commit de3f906f0af0c3f5d862b07df4d020c9322cd9c3 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 1c1c26cd3918e8f89d3507289af0b0a049d585e37a80eaf2460668db6b480273 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update representative crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update, types: [UNKNOWN] # git bisect bad de3f906f0af0c3f5d862b07df4d020c9322cd9c3 Bisecting: 0 revisions left to test after this (roughly 1 step) [53d69132958f7e144973d02ad0f0798386219efd] gfs2: Instantiate glocks ouside of glock state engine testing commit 53d69132958f7e144973d02ad0f0798386219efd gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 79aac413f65a0043434050f2f5ae329814fb462d40ab26ac5a775f937842c423 all runs: OK false negative chance: 0.000 # git bisect good 53d69132958f7e144973d02ad0f0798386219efd de3f906f0af0c3f5d862b07df4d020c9322cd9c3 is the first bad commit commit de3f906f0af0c3f5d862b07df4d020c9322cd9c3 Author: Andreas Gruenbacher Date: Thu Jun 2 15:15:02 2022 -0500 gfs2: Revert 'Fix "truncate in progress" hang' Now that interrupted truncates are completed in the context of the process taking the glock, there is no need for the glock state engine to delegate that task to gfs2_quotad or for quotad to perform those truncates anymore. Get rid of the obsolete associated infrastructure. Reverts commit 813e0c46c9e2 ("GFS2: Fix "truncate in progress" hang"). Signed-off-by: Andreas Gruenbacher Signed-off-by: Bob Peterson fs/gfs2/glock.c | 41 +++++------------------------------------ fs/gfs2/glock.h | 2 -- fs/gfs2/glops.c | 11 ++--------- fs/gfs2/incore.h | 3 --- fs/gfs2/main.c | 1 - fs/gfs2/ops_fstype.c | 2 -- fs/gfs2/quota.c | 28 +--------------------------- 7 files changed, 8 insertions(+), 80 deletions(-) accumulated error probability: 0.00 culprit signature: 1c1c26cd3918e8f89d3507289af0b0a049d585e37a80eaf2460668db6b480273 parent signature: 79aac413f65a0043434050f2f5ae329814fb462d40ab26ac5a775f937842c423 revisions tested: 27, total time: 4h54m57.12082696s (build: 2h34m49.240125781s, test: 2h10m13.768388744s) first bad commit: de3f906f0af0c3f5d862b07df4d020c9322cd9c3 gfs2: Revert 'Fix "truncate in progress" hang' recipients (to): ["agruenba@redhat.com" "rpeterso@redhat.com"] recipients (cc): [] crash: BUG: unable to handle kernel NULL pointer dereference in gfs2_rindex_update loop0: detected capacity change from 0 to 32768 gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" gfs2: fsid=syz:syz: Now mounting FS (format 1801)... gfs2: fsid=syz:syz.0: journal 0 mapped with 20 extents in 0ms BUG: kernel NULL pointer dereference, address: 00000000000004b0 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 80000001093b1067 P4D 80000001093b1067 PUD 10b3c6067 PMD 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 0 PID: 1864 Comm: syz-executor.0 Not tainted 5.19.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 RIP: 0010:gfs2_rindex_update+0x25/0x170 fs/gfs2/rgrp.c:1037 Code: 00 0f 1f 40 00 66 0f 1f 00 55 41 57 41 56 41 54 53 48 83 ec 40 65 48 8b 04 25 28 00 00 00 48 89 44 24 38 4c 8b b7 40 07 00 00 <49> 8b 9e b0 04 00 00 48 c7 44 24 30 00 00 00 00 48 c7 44 24 28 00 RSP: 0018:ffffc900015eb900 EFLAGS: 00010286 RAX: d73d6c35aa846700 RBX: ffff88817a882550 RCX: ffff888100a6e0e8 RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffff888102290000 RBP: ffffc900015ebb70 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffff888102290000 R13: 0000000000000000 R14: 0000000000000000 R15: 00000000ffffff01 FS: 00007f3c682fc6c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000004b0 CR3: 00000001062a8000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: punch_hole+0x5d3/0x1610 fs/gfs2/bmap.c:1797 gfs2_truncatei_resume+0x13/0x30 fs/gfs2/bmap.c:2155 gfs2_instantiate+0x6c/0xa0 fs/gfs2/glock.c:510 gfs2_glock_holder_ready fs/gfs2/glock.c:1291 [inline] gfs2_glock_wait+0x7f/0xa0 fs/gfs2/glock.c:1311 gfs2_glock_nq_init fs/gfs2/glock.h:263 [inline] init_statfs fs/gfs2/ops_fstype.c:690 [inline] init_journal+0x822/0xd20 fs/gfs2/ops_fstype.c:813 init_inodes+0x57/0x140 fs/gfs2/ops_fstype.c:882 gfs2_fill_super+0xb82/0xcb0 fs/gfs2/ops_fstype.c:1240 get_tree_bdev+0x1cc/0x250 fs/super.c:1292 gfs2_get_tree+0x20/0x90 fs/gfs2/ops_fstype.c:1323 vfs_get_tree+0x26/0x90 fs/super.c:1497 do_new_mount+0x153/0x390 fs/namespace.c:3040 do_mount fs/namespace.c:3383 [inline] __do_sys_mount fs/namespace.c:3591 [inline] __se_sys_mount+0x14b/0x1b0 fs/namespace.c:3568 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x48/0x90 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x46/0xb0 RIP: 0033:0x7f3c6767f4aa Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f3c682fbef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00007f3c682fbf80 RCX: 00007f3c6767f4aa RDX: 0000000020000040 RSI: 0000000020000100 RDI: 00007f3c682fbf40 RBP: 0000000020000040 R08: 00007f3c682fbf80 R09: 0000000000008c1b R10: 0000000000008c1b R11: 0000000000000246 R12: 0000000020000100 R13: 00007f3c682fbf40 R14: 0000000000012789 R15: 0000000020000140 Modules linked in: CR2: 00000000000004b0 ---[ end trace 0000000000000000 ]--- RIP: 0010:gfs2_rindex_update+0x25/0x170 fs/gfs2/rgrp.c:1037 Code: 00 0f 1f 40 00 66 0f 1f 00 55 41 57 41 56 41 54 53 48 83 ec 40 65 48 8b 04 25 28 00 00 00 48 89 44 24 38 4c 8b b7 40 07 00 00 <49> 8b 9e b0 04 00 00 48 c7 44 24 30 00 00 00 00 48 c7 44 24 28 00 RSP: 0018:ffffc900015eb900 EFLAGS: 00010286 RAX: d73d6c35aa846700 RBX: ffff88817a882550 RCX: ffff888100a6e0e8 RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffff888102290000 RBP: ffffc900015ebb70 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffff888102290000 R13: 0000000000000000 R14: 0000000000000000 R15: 00000000ffffff01 FS: 00007f3c682fc6c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000004b0 CR3: 00000001062a8000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess), 1 bytes skipped: 0: 0f 1f 40 00 nopl 0x0(%rax) 4: 66 0f 1f 00 nopw (%rax) 8: 55 push %rbp 9: 41 57 push %r15 b: 41 56 push %r14 d: 41 54 push %r12 f: 53 push %rbx 10: 48 83 ec 40 sub $0x40,%rsp 14: 65 48 8b 04 25 28 00 mov %gs:0x28,%rax 1b: 00 00 1d: 48 89 44 24 38 mov %rax,0x38(%rsp) 22: 4c 8b b7 40 07 00 00 mov 0x740(%rdi),%r14 * 29: 49 8b 9e b0 04 00 00 mov 0x4b0(%r14),%rbx <-- trapping instruction 30: 48 c7 44 24 30 00 00 movq $0x0,0x30(%rsp) 37: 00 00 39: 48 rex.W 3a: c7 .byte 0xc7 3b: 44 24 28 rex.R and $0x28,%al