ci starts bisection 2025-04-06 11:56:26.502129634 +0000 UTC m=+88584.964739027 bisecting cause commit starting from a2cc6ff5ec8f91bc463fd3b0c26b61166a07eb11 building syzkaller on d7ae3a111bd75df44dda69b37da945b50d5133e2 ensuring issue is reproducible on original commit a2cc6ff5ec8f91bc463fd3b0c26b61166a07eb11 testing commit a2cc6ff5ec8f91bc463fd3b0c26b61166a07eb11 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 4f831f2f438083859793d33bc265382f926d425779c685af13eb32cf28da47b7 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio representative crash: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio, types: [UNKNOWN] check whether we can drop unnecessary instrumentation disabling configs for [UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed testing commit a2cc6ff5ec8f91bc463fd3b0c26b61166a07eb11 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: a36db69c52d6f5f0f4e8922e4669191f41640d19849fff2d16cf225e67a70388 run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio run #6: crashed: BUG: unable to handle kernel paging request in workingset_refault run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio run #8: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio run #9: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio representative crash: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio, types: [UNKNOWN] the bug reproduces without the instrumentation disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed kconfig minimization: base=4079 full=8322 leaves diff=2127 split chunks (needed=false): <2127> split chunk #0 of len 2127 into 5 parts testing without sub-chunk 1/5 disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN], they are not needed testing commit a2cc6ff5ec8f91bc463fd3b0c26b61166a07eb11 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 81a73eaf9000954a72d330c4493607b0d696a4538c11be965c060b58eb7858d2 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio representative crash: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit a2cc6ff5ec8f91bc463fd3b0c26b61166a07eb11 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 failed building a2cc6ff5ec8f91bc463fd3b0c26b61166a07eb11: drivers/gpu/drm/bridge/aux-bridge.c:116: undefined reference to `devm_drm_of_get_bridge' testing without sub-chunk 3/5 disabling configs for [BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed testing commit a2cc6ff5ec8f91bc463fd3b0c26b61166a07eb11 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: f80236465258680586fb6e66a0797754c09f4830f1b1133868c37eb34c9b55a9 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio representative crash: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 4/5 disabling configs for [UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed testing commit a2cc6ff5ec8f91bc463fd3b0c26b61166a07eb11 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: eee0960a4ee7c00d130cff7847466904b0d578b442e04edab90d5821b23980f1 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio representative crash: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 5/5 disabling configs for [LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed testing commit a2cc6ff5ec8f91bc463fd3b0c26b61166a07eb11 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 84c4573a0a49a9ebe1675d33714a313954941602ea91526db710616a93ffe373 run #0: crashed: BUG: unable to handle kernel paging request in workingset_refault run #1: crashed: BUG: unable to handle kernel paging request in workingset_refault run #2: crashed: BUG: unable to handle kernel paging request in workingset_refault run #3: crashed: BUG: unable to handle kernel paging request in workingset_refault run #4: crashed: BUG: unable to handle kernel paging request in workingset_refault run #5: crashed: BUG: unable to handle kernel paging request in workingset_refault run #6: crashed: BUG: unable to handle kernel paging request in workingset_refault run #7: crashed: BUG: unable to handle kernel paging request in workingset_refault run #8: crashed: BUG: unable to handle kernel paging request in workingset_refault run #9: OK representative crash: BUG: unable to handle kernel paging request in workingset_refault, types: [UNKNOWN] the chunk can be dropped minimized to 426 configs; suspects: [6LOWPAN ARCH_ENABLE_MEMORY_HOTREMOVE ASUS_WMI CHARGER_BQ24190 CMA COMMON_CLK DAX DLM DRM DRM_BRIDGE DRM_DISPLAY_HDMI_HELPER DRM_DISPLAY_HELPER DRM_GEM_SHMEM_HELPER DRM_GM12U320 DRM_GUD DRM_I915 DRM_I915_CAPTURE_ERROR DRM_I915_COMPRESS_ERROR DRM_I915_USERPTR DRM_KMS_HELPER DRM_MIPI_DSI DRM_PANEL DRM_PANEL_BRIDGE DRM_PANEL_EDP DRM_PANEL_ORIENTATION_QUIRKS DRM_SIMPLEDRM DRM_TTM DRM_TTM_HELPER DRM_UDL DRM_VGEM DRM_VIRTIO_GPU DRM_VIRTIO_GPU_KMS DRM_VKMS DRM_VMWGFX DUMMY DVB_AF9013 DVB_AF9033 DVB_AS102 DVB_AS102_FE DVB_B2C2_FLEXCOP DVB_B2C2_FLEXCOP_USB DVB_CORE DVB_DIB3000MB DVB_DIB3000MC DVB_EC100 DVB_GP8PSK_FE DVB_RTL2830 DVB_RTL2832 DVB_RTL2832_SDR DVB_TEST_DRIVERS DVB_TTUSB_BUDGET DVB_TTUSB_DEC DVB_USB DVB_USB_A800 DVB_USB_AF9005 DVB_USB_AF9005_REMOTE DVB_USB_AF9015 DVB_USB_AF9035 DVB_USB_ANYSEE DVB_USB_AU6610 DVB_USB_AZ6007 DVB_USB_AZ6027 DVB_USB_CE6230 DVB_USB_CINERGY_T2 DVB_USB_CXUSB DVB_USB_CXUSB_ANALOG DVB_USB_DIB0700 DVB_USB_DIB3000MC DVB_USB_DIBUSB_MB DVB_USB_DIBUSB_MC DVB_USB_DIGITV DVB_USB_DTT200U DVB_USB_DTV5100 DVB_USB_DVBSKY DVB_USB_DW2102 DVB_USB_EC168 DVB_USB_GL861 DVB_USB_GP8PSK DVB_USB_LME2510 DVB_USB_M920X DVB_USB_MXL111SF DVB_USB_NOVA_T_USB2 DVB_USB_OPERA1 DVB_USB_PCTV452E DVB_USB_RTL28XXU DVB_USB_TECHNISAT_USB2 DVB_USB_TTUSB2 DVB_USB_UMT_010 DVB_USB_V2 DVB_USB_VP702X DVB_USB_VP7045 DVB_USB_ZD1301 DVB_VIDTV DVB_ZL10353 ECRYPT_FS ECRYPT_FS_MESSAGING EDAC EFS_FS ENCRYPTED_KEYS EQUALIZER EROFS_FS EROFS_FS_POSIX_ACL EROFS_FS_SECURITY EROFS_FS_XATTR EROFS_FS_ZIP EVM EVM_ADD_XATTRS EVM_ATTR_FSUUID EXFAT_FS EXPORTFS_BLOCK_OPS EXT3_FS EXT3_FS_POSIX_ACL EXT3_FS_SECURITY EXTCON EXTCON_INTEL_CHT_WC EXTCON_PTN5150 EXTCON_USBC_TUSB320 F2FS_CHECK_FS F2FS_FAULT_INJECTION F2FS_FS F2FS_FS_COMPRESSION F2FS_FS_LZ4 F2FS_FS_LZ4HC F2FS_FS_LZO F2FS_FS_LZORLE F2FS_FS_POSIX_ACL F2FS_FS_SECURITY F2FS_FS_XATTR F2FS_FS_ZSTD F2FS_STAT_FS FANOTIFY FANOTIFY_ACCESS_PERMISSIONS FB FB_CFB_COPYAREA FB_CFB_FILLRECT FB_CFB_IMAGEBLIT FB_CORE FB_DEFERRED_IO FB_DEVICE FB_IOMEM_FOPS FB_IOMEM_HELPERS FB_NOTIFY FB_SYSMEM_FOPS FB_SYSMEM_HELPERS FB_SYSMEM_HELPERS_DEFERRED FB_SYS_COPYAREA FB_SYS_FILLRECT FB_SYS_IMAGEBLIT FB_TILEBLITTING FB_VESA FB_VGA16 FB_VIRTUAL FDDI FIREWIRE FIREWIRE_NET FIREWIRE_OHCI FIREWIRE_SBP2 FONT_8x16 FONT_8x8 FONT_SUPPORT FRAMEBUFFER_CONSOLE FRAMEBUFFER_CONSOLE_DETECT_PRIMARY FRAMEBUFFER_CONSOLE_ROTATION FS_DAX FS_DAX_PMD FS_ENCRYPTION FS_ENCRYPTION_ALGS FS_STACK FS_VERITY FS_VERITY_BUILTIN_SIGNATURES FTL FUSE_DAX FUSE_FS FW_LOADER_COMPRESS FW_LOADER_PAGED_BUF FW_LOADER_SYSFS FW_LOADER_USER_HELPER FW_LOADER_USER_HELPER_FALLBACK GACT_PROB GARP GENDWARFKSYMS GENERIC_PHY GET_FREE_REGION GFS2_FS GFS2_FS_LOCKING_DLM GNSS GNSS_USB GOOGLE_COREBOOT_TABLE GOOGLE_FIRMWARE GOOGLE_MEMCONSOLE GOOGLE_MEMCONSOLE_COREBOOT GOOGLE_VPD GPIOLIB GPIOLIB_IRQCHIP GPIO_ACPI GPIO_DLN2 GPIO_LJCA GPIO_VIPERBOARD GREENASIA_FF GREYBUS GREYBUS_BRIDGED_PHY GREYBUS_ES2 GREYBUS_HID GREYBUS_USB GTP GUEST_PERF_EVENTS GVE HAVE_ARCH_NODE_DEV_GROUP HAVE_ARCH_USERFAULTFD_MINOR HAVE_ARCH_USERFAULTFD_WP HAVE_BOOTMEM_INFO_NODE HAVE_CLK_PREPARE HAVE_KVM_CPU_RELAX_INTERCEPT HAVE_KVM_DIRTY_RING HAVE_KVM_DIRTY_RING_ACQ_REL HAVE_KVM_DIRTY_RING_TSO HAVE_KVM_IRQCHIP HAVE_KVM_IRQ_BYPASS HAVE_KVM_IRQ_ROUTING HAVE_KVM_MSI HAVE_KVM_NO_POLL HAVE_KVM_PFNCACHE HAVE_KVM_PM_NOTIFIER HAVE_KVM_READONLY_MEM HAVE_SCHED_AVG_IRQ HDLC HDLC_CISCO HDLC_FR HDLC_PPP HDLC_RAW HDLC_RAW_ETH HDLC_X25 HDMI HFSPLUS_FS HFS_FS HID_ACCUTOUCH HID_ACRUX HID_ACRUX_FF HID_ALPS HID_APPLEIR HID_ASUS HID_AUREAL HID_BATTERY_STRENGTH HID_BETOP_FF HID_BIGBEN_FF HID_CMEDIA HID_CORSAIR HID_COUGAR HID_CP2112 HID_CREATIVE_SB0540 HID_ELAN HID_ELECOM HID_ELO HID_EMS_FF HID_EVISION HID_FT260 HID_GEMBIRD HID_GFRM HID_GLORIOUS HID_GOOGLE_STADIA_FF HID_GREENASIA HID_GT683R HID_HOLTEK HID_ICADE HID_JABRA HID_KEYTOUCH HID_KYE HID_LCPOWER HID_LED HID_LENOVO HID_LETSKETCH HID_LOGITECH HID_LOGITECH_DJ HID_LOGITECH_HIDPP HID_MACALLY HID_MAGICMOUSE HID_MALTRON HID_MAYFLASH HID_MCP2200 HID_MCP2221 HID_MEGAWORLD_FF HID_MULTITOUCH HID_NTI HID_ORTEK HID_PENMOUNT HID_PICOLCD HID_PICOLCD_BACKLIGHT HID_PICOLCD_CIR HID_PICOLCD_FB HID_PICOLCD_LCD HID_PICOLCD_LEDS HID_PLANTRONICS HID_PRIMAX HID_PRODIKEYS HID_PXRC HID_RAZER HID_RETRODE HID_RMI HID_ROCCAT HID_SAITEK HID_SEMITEK HID_SENSOR_ACCEL_3D HID_SENSOR_ALS HID_SENSOR_CUSTOM_INTEL_HINGE HID_SENSOR_CUSTOM_SENSOR HID_SENSOR_DEVICE_ROTATION HID_SENSOR_GYRO_3D HID_SENSOR_HUB HID_SENSOR_HUMIDITY HID_SENSOR_IIO_COMMON HID_SENSOR_IIO_TRIGGER HID_SENSOR_INCLINOMETER_3D HID_SENSOR_MAGNETOMETER_3D HID_SENSOR_PRESS HID_SENSOR_PROX HID_SENSOR_TEMP HID_SIGMAMICRO HID_SPEEDLINK HID_STEELSERIES HID_THINGM HID_TIVO HID_TOPRE HID_TWINHAN HID_U2FZERO HID_UCLOGIC HID_UDRAW_PS3 HID_VIEWSONIC HID_VIVALDI HID_VIVALDI_COMMON HID_VRC2 HID_WACOM HID_WALTOP HID_WIIMOTE HID_XIAOMI HID_XINMO HID_ZYDACRON HMM_MIRROR HOLTEK_FF HOTPLUG_PCI_PCIE HPET_MMAP HPET_MMAP_DEFAULT HPFS_FS I2C_ALGOBIT I2C_CHARDEV I2C_CP2615 I2C_DESIGNWARE_CORE I2C_DESIGNWARE_PLATFORM I2C_DIOLAN_U2C I2C_DLN2 I2C_HID_ACPI I2C_HID_CORE I2C_HID_OF I2C_LJCA I2C_MUX I2C_MUX_REG I2C_ROBOTFUZZ_OSIF I2C_SI4713 I2C_SLAVE I2C_SLAVE_EEPROM I2C_TINY_USB I2C_VIPERBOARD IEEE802154 IEEE802154_6LOWPAN IEEE802154_ATUSB IEEE802154_DRIVERS IEEE802154_HWSIM IEEE802154_NL802154_EXPERIMENTAL IEEE802154_SOCKET IFB IIO IIO_BUFFER IIO_KFIFO_BUF IIO_TRIGGER IIO_TRIGGERED_BUFFER IKCONFIG IKCONFIG_PROC IMA IMA_APPRAISE IMA_APPRAISE_MODSIG IMA_DEFAULT_HASH_SHA256 IMA_LSM_RULES IMA_MEASURE_ASYMMETRIC_KEYS IMA_NG_TEMPLATE IMA_QUEUE_EARLY_BOOT_KEYS IMA_READ_POLICY IMA_WRITE_POLICY INET6_ESPINTCP INET6_ESP_OFFLOAD INET6_IPCOMP INET6_TUNNEL INET6_XFRM_TUNNEL INET_AH INET_DCCP_DIAG INET_DIAG INET_DIAG_DESTROY INET_ESP INET_ESPINTCP INET_ESP_OFFLOAD INET_IPCOMP INET_MPTCP_DIAG INET_RAW_DIAG INET_SCTP_DIAG INET_TCP_DIAG INET_UDP_DIAG INET_XFRM_TUNNEL INFINIBAND INFINIBAND_ADDR_TRANS INFINIBAND_ADDR_TRANS_CONFIGFS INFINIBAND_IPOIB INFINIBAND_IPOIB_CM INFINIBAND_IPOIB_DEBUG INFINIBAND_ISER INFINIBAND_ON_DEMAND_PAGING INFINIBAND_RTRS INFINIBAND_SRP INFINIBAND_USER_ACCESS INFINIBAND_USER_MAD INFINIBAND_USER_MEM INPUT_ATI_REMOTE2 INPUT_CM109 INPUT_IMS_PCU INPUT_JOYDEV INPUT_KEYSPAN_REMOTE INPUT_LEDS INPUT_MOUSEDEV INPUT_MOUSEDEV_PSAUX INPUT_POWERMATE INPUT_UINPUT INPUT_YEALINK INTEGRITY INTEGRITY_ASYMMETRIC_KEYS INTEGRITY_AUDIT INTEGRITY_SIGNATURE INTEGRITY_TRUSTED_KEYRING INTEL_CHTWC_INT33FE INTEL_IDMA64 INTEL_IOATDMA INTEL_IOMMU_DEFAULT_ON INTEL_IOMMU_SVM INTEL_ISHTP_ECLITE INTEL_ISH_FIRMWARE_DOWNLOADER INTEL_ISH_HID INTEL_SOC_PMIC_CHTWC INTERVAL_TREE_SPAN_ITER IOMMUFD IOMMUFD_DRIVER IOMMUFD_DRIVER_CORE IOMMUFD_TEST IO_URING_ZCRX IP6_NF_MATCH_AH IP6_NF_MATCH_EUI64 IP6_NF_MATCH_FRAG IP6_NF_MATCH_HL IP6_NF_MATCH_MH IP6_NF_MATCH_OPTS IP6_NF_MATCH_RPFILTER IP6_NF_MATCH_RT IP6_NF_MATCH_SRH IP6_NF_NAT IP6_NF_RAW IP6_NF_SECURITY IP6_NF_TARGET_HL IP6_NF_TARGET_MASQUERADE IP6_NF_TARGET_NPT IP6_NF_TARGET_SYNPROXY IPV6_FOU IPV6_FOU_TUNNEL IPV6_GRE IPV6_ILA IPV6_MIP6 IPV6_MROUTE IPV6_MROUTE_MULTIPLE_TABLES IPV6_MULTIPLE_TABLES IPV6_OPTIMISTIC_DAD IPV6_PIMSM_V2 IPV6_ROUTER_PREF IPV6_ROUTE_INFO IPV6_RPL_LWTUNNEL IPV6_SEG6_BPF IPV6_SEG6_HMAC IPV6_SEG6_LWTUNNEL IPV6_SIT_6RD IPV6_SUBTREES IPV6_TUNNEL IPV6_VTI IPVLAN IPVLAN_L3S IPVTAP IP_DCCP IP_DCCP_CCID3 IP_DCCP_TFRC_LIB IP_FIB_TRIE_STATS IP_MROUTE_MULTIPLE_TABLES IP_NF_ARPFILTER IP_NF_ARPTABLES IP_NF_ARP_MANGLE IP_NF_MATCH_AH IP_NF_MATCH_ECN IP_NF_MATCH_RPFILTER IP_NF_MATCH_TTL IP_NF_RAW IP_NF_SECURITY IP_NF_TARGET_ECN IP_NF_TARGET_NETMAP IP_NF_TARGET_REDIRECT IP_NF_TARGET_SYNPROXY IP_NF_TARGET_TTL IP_ROUTE_CLASSID IP_SCTP IP_SET IP_SET_BITMAP_IP IP_SET_BITMAP_IPMAC IP_SET_BITMAP_PORT IP_SET_HASH_IP IP_SET_HASH_IPMAC IP_SET_HASH_IPMARK IP_SET_HASH_IPPORT IP_SET_HASH_IPPORTIP IP_SET_HASH_IPPORTNET IP_SET_HASH_MAC IP_SET_HASH_NET IP_SET_HASH_NETIFACE IP_SET_HASH_NETNET IP_SET_HASH_NETPORT IP_SET_HASH_NETPORTNET IP_SET_LIST_SET IRQ_TIME_ACCOUNTING LAPB LCD_CLASS_DEVICE LEDS_CLASS_MULTICOLOR MAC802154 MEDIA_DIGITAL_TV_SUPPORT MEDIA_RADIO_SUPPORT MEDIA_SDR_SUPPORT MEDIA_SUPPORT MEDIA_TEST_SUPPORT MEDIA_USB_SUPPORT MEMORY_HOTPLUG MEMORY_HOTREMOVE MFD_DLN2 MFD_VIPERBOARD MODVERSIONS MPTCP MTD NETFILTER_ADVANCED NET_ACT_GACT NET_ACT_MIRRED NET_IPGRE_DEMUX NFT_COMPAT NFT_COMPAT_ARP NFT_FWD_NETDEV NF_TABLES NF_TABLES_ARP NF_TABLES_NETDEV PAGE_POOL RADIO_ADAPTERS RADIO_SI4713 RAS RC_CORE REGULATOR RFKILL SND SOUND STAGING TRANSPARENT_HUGEPAGE TYPEC TYPEC_MUX_PI3USB30532 USB_LJCA USB_ROLES_INTEL_XHCI USB_ROLE_SWITCH VIDEO_DEV VIRTIO_FS WAN ZONE_DEVICE] disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed picked [v6.14 v6.13 v6.12 v6.10 v6.8 v6.6 v6.4 v6.2 v5.19 v5.16 v5.13 v5.10 v5.7 v5.4 v5.1 v4.19] out of 37 release tags testing release v6.14 testing commit 38fec10eb60d687e30c8c6b5420d86e8149f7557 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 1ead9a6bb461ec6251512aae7436810fd61bf190d1f14ea15f878d1bb65f6a81 all runs: crashed: BUG: unable to handle kernel paging request in workingset_refault representative crash: BUG: unable to handle kernel paging request in workingset_refault, types: [UNKNOWN] testing release v6.13 testing commit ffd294d346d185b70e28b1a28abe367bbfe53c04 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 6bcd0fb4e23d3de157dabf1c6fb4c3823eb501d778635d459d34fca65b4d260f all runs: crashed: BUG: unable to handle kernel paging request in workingset_refault representative crash: BUG: unable to handle kernel paging request in workingset_refault, types: [UNKNOWN] testing release v6.12 testing commit adc218676eef25575469234709c2d87185ca223a gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 5bc7f89ac8dfe8305531f3e5fe121d9a7da6eea43be18ff5e1df9855bf935925 all runs: crashed: BUG: unable to handle kernel paging request in workingset_refault representative crash: BUG: unable to handle kernel paging request in workingset_refault, types: [UNKNOWN] testing release v6.10 testing commit 0c3836482481200ead7b416ca80c68a29cfdaabd gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 7fe2b2f4392f9ad0c5c48d0180565fe9ee6a29cb98cc26140e5c8d351d1720e8 all runs: OK false negative chance: 0.000 # git bisect start adc218676eef25575469234709c2d87185ca223a 0c3836482481200ead7b416ca80c68a29cfdaabd Bisecting: 14868 revisions left to test after this (roughly 14 steps) [703896be3015db7f8fd8822b18909a5914209a70] Merge tag 'sound-6.11-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound testing commit 703896be3015db7f8fd8822b18909a5914209a70 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 680d32ed3e5c69fe9d4fe5908022ef043c55bfd64f803e52ffd39a9fce372936 all runs: OK false negative chance: 0.000 # git bisect good 703896be3015db7f8fd8822b18909a5914209a70 Bisecting: 7452 revisions left to test after this (roughly 13 steps) [726e2d0cf2bbc14e3bf38491cddda1a56fe18663] Merge tag 'dma-mapping-6.12-2024-09-19' of git://git.infradead.org/users/hch/dma-mapping testing commit 726e2d0cf2bbc14e3bf38491cddda1a56fe18663 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 498df7c98b1af4bff239e27f72aceef05b5e099b2baf202ebdc0913221595621 all runs: OK false negative chance: 0.000 # git bisect good 726e2d0cf2bbc14e3bf38491cddda1a56fe18663 Bisecting: 3724 revisions left to test after this (roughly 12 steps) [4965ddb166992557a25848049f1a70e56050eb7a] Merge tag 'usb-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb testing commit 4965ddb166992557a25848049f1a70e56050eb7a gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 0e2b56cd5ed279552d583fea321ec2285a482f72fe7455aabfcd1a597e227543 run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio run #1: crashed: BUG: unable to handle kernel paging request in workingset_refault run #2: crashed: BUG: unable to handle kernel paging request in workingset_refault run #3: crashed: BUG: unable to handle kernel paging request in workingset_refault run #4: crashed: BUG: unable to handle kernel paging request in workingset_refault run #5: crashed: BUG: unable to handle kernel paging request in workingset_refault run #6: crashed: BUG: unable to handle kernel paging request in workingset_refault run #7: crashed: BUG: unable to handle kernel paging request in workingset_refault run #8: crashed: BUG: unable to handle kernel paging request in workingset_refault run #9: crashed: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio representative crash: BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio, types: [UNKNOWN] # git bisect bad 4965ddb166992557a25848049f1a70e56050eb7a Bisecting: 1866 revisions left to test after this (roughly 11 steps) [18ba6034468e7949a9e2c2cf28e2e123b4fe7a50] Merge tag 'nfsd-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux testing commit 18ba6034468e7949a9e2c2cf28e2e123b4fe7a50 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 2da72e0133aa391f5465c7b8fb37581d92c1abe30349d4dff29158bc63970f26 all runs: crashed: BUG: unable to handle kernel paging request in workingset_refault representative crash: BUG: unable to handle kernel paging request in workingset_refault, types: [UNKNOWN] # git bisect bad 18ba6034468e7949a9e2c2cf28e2e123b4fe7a50 Bisecting: 946 revisions left to test after this (roughly 10 steps) [1ec6d097897a35dfb55c4c31fc8633cf5be46497] Merge tag 's390-6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux testing commit 1ec6d097897a35dfb55c4c31fc8633cf5be46497 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b13892982c79fd0e686110596ff1b690a37625d650cb378678222edff16916be all runs: OK false negative chance: 0.000 # git bisect good 1ec6d097897a35dfb55c4c31fc8633cf5be46497 Bisecting: 532 revisions left to test after this (roughly 9 steps) [673a5009cf2f020dac440cd79e70c4c8b8e20d08] perf: Fix topology_sibling_cpumask check warning on ARM testing commit 673a5009cf2f020dac440cd79e70c4c8b8e20d08 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: ede97d39e8acf188926e1563c67c19060558293d6b14fda4758a653f37575114 all runs: crashed: BUG: unable to handle kernel paging request in workingset_refault representative crash: BUG: unable to handle kernel paging request in workingset_refault, types: [UNKNOWN] # git bisect bad 673a5009cf2f020dac440cd79e70c4c8b8e20d08 Bisecting: 206 revisions left to test after this (roughly 8 steps) [b0222d1d9e6f8551a056b89b0bff38f515f3c9b5] bpftool: Fix handling enum64 in btf dump sorting testing commit b0222d1d9e6f8551a056b89b0bff38f515f3c9b5 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 58a47cc39a6ccb21149c0ab364b721e3c049e6405ce856e67ef4f9cb41b28172 all runs: OK false negative chance: 0.000 # git bisect good b0222d1d9e6f8551a056b89b0bff38f515f3c9b5 Bisecting: 103 revisions left to test after this (roughly 7 steps) [fdaedba2f96f6755f505c454ca7408930f4fe1bf] sched_ext: Rename scx_kfunc_set_sleepable to unlocked and relocate testing commit fdaedba2f96f6755f505c454ca7408930f4fe1bf gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: f6b35625b30a6798d9a23ea7470fef72e812d288c0432cf4b947af2a9e8c8240 all runs: OK false negative chance: 0.000 # git bisect good fdaedba2f96f6755f505c454ca7408930f4fe1bf Bisecting: 51 revisions left to test after this (roughly 6 steps) [d4deb82423416e3ace7889816eea630af81fe702] lib/buildid: take into account e_phoff when fetching program headers testing commit d4deb82423416e3ace7889816eea630af81fe702 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: e8c92e95b0e848bbb78642544023e5e6bdb4fe5c48da198e932429e642e9d715 all runs: OK false negative chance: 0.000 # git bisect good d4deb82423416e3ace7889816eea630af81fe702 Bisecting: 25 revisions left to test after this (roughly 5 steps) [b073b82d4d3cee703d17e099c7e739082f15bd2e] selftests/bpf: Rename ARG_PTR_TO_LONG test description testing commit b073b82d4d3cee703d17e099c7e739082f15bd2e gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 165bd2d5b2e429c04b3cdf985d5827ecf6a7840b2570f9a2d4fd742022be83ce all runs: crashed: BUG: unable to handle kernel paging request in workingset_refault representative crash: BUG: unable to handle kernel paging request in workingset_refault, types: [UNKNOWN] # git bisect bad b073b82d4d3cee703d17e099c7e739082f15bd2e Bisecting: 12 revisions left to test after this (roughly 4 steps) [2bea33f907a0185b3341075d764ab5f45334e0cc] Merge branch 'bpf-add-percpu-map-value-size-check' testing commit 2bea33f907a0185b3341075d764ab5f45334e0cc gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 951a0f5cc264352e3b3386a83e18771feffd6924575536af30491020cbd709a2 all runs: crashed: BUG: unable to handle kernel paging request in workingset_refault representative crash: BUG: unable to handle kernel paging request in workingset_refault, types: [UNKNOWN] # git bisect bad 2bea33f907a0185b3341075d764ab5f45334e0cc Bisecting: 6 revisions left to test after this (roughly 3 steps) [d4dd9775ec242425576af93daadb80a34083a53c] bpf: wire up sleepable bpf_get_stack() and bpf_get_task_stack() helpers testing commit d4dd9775ec242425576af93daadb80a34083a53c gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 525d5a2b464c0ee3f65edf0e2c074446b006dfb799a1bca5adaceda1f7666919 all runs: crashed: BUG: unable to handle kernel paging request in workingset_refault representative crash: BUG: unable to handle kernel paging request in workingset_refault, types: [UNKNOWN] # git bisect bad d4dd9775ec242425576af93daadb80a34083a53c Bisecting: 2 revisions left to test after this (roughly 2 steps) [ad41251c290dfe3c01472c94d2439a59de23fe97] lib/buildid: implement sleepable build_id_parse() API testing commit ad41251c290dfe3c01472c94d2439a59de23fe97 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: a6f6e82983d24db5c3490f29d738511ab6684fcdbee7d99f7da095eb93b082a1 all runs: crashed: BUG: unable to handle kernel paging request in workingset_refault representative crash: BUG: unable to handle kernel paging request in workingset_refault, types: [UNKNOWN] # git bisect bad ad41251c290dfe3c01472c94d2439a59de23fe97 Bisecting: 0 revisions left to test after this (roughly 1 step) [45b8fc3096542a53bfd245a9ad8ef870384b4897] lib/buildid: rename build_id_parse() into build_id_parse_nofault() testing commit 45b8fc3096542a53bfd245a9ad8ef870384b4897 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: c2eb1cc788d53b8d92e9cb5cad1c5810442f6481f770ada286b008db16356d1f run #0: ignore: lost connection to test machine run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK false negative chance: 0.000 # git bisect good 45b8fc3096542a53bfd245a9ad8ef870384b4897 ad41251c290dfe3c01472c94d2439a59de23fe97 is the first bad commit commit ad41251c290dfe3c01472c94d2439a59de23fe97 Author: Andrii Nakryiko Date: Thu Aug 29 10:42:28 2024 -0700 lib/buildid: implement sleepable build_id_parse() API Extend freader with a flag specifying whether it's OK to cause page fault to fetch file data that is not already physically present in memory. With this, it's now easy to wait for data if the caller is running in sleepable (faultable) context. We utilize read_cache_folio() to bring the desired folio into page cache, after which the rest of the logic works just the same at folio level. Suggested-by: Omar Sandoval Cc: Shakeel Butt Cc: Johannes Weiner Reviewed-by: Eduard Zingerman Reviewed-by: Shakeel Butt Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240829174232.3133883-7-andrii@kernel.org Signed-off-by: Alexei Starovoitov lib/buildid.c | 54 +++++++++++++++++++++++++++++++++++------------------- 1 file changed, 35 insertions(+), 19 deletions(-) accumulated error probability: 0.00 culprit signature: a6f6e82983d24db5c3490f29d738511ab6684fcdbee7d99f7da095eb93b082a1 parent signature: c2eb1cc788d53b8d92e9cb5cad1c5810442f6481f770ada286b008db16356d1f revisions tested: 24, total time: 11h11m40.892823837s (build: 6h36m39.102871643s, test: 3h59m32.895915653s) first bad commit: ad41251c290dfe3c01472c94d2439a59de23fe97 lib/buildid: implement sleepable build_id_parse() API recipients (to): ["andrii@kernel.org" "ast@kernel.org" "eddyz87@gmail.com" "shakeel.butt@linux.dev"] recipients (cc): [] crash: BUG: unable to handle kernel paging request in workingset_refault BUG: unable to handle page fault for address: 0000000000004b80 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 800000010b39f067 P4D 800000010b39f067 PUD 0 Oops: Oops: 0000 [#1] PREEMPT SMP PTI CPU: 1 UID: 0 PID: 5818 Comm: syz.5.327 Not tainted 6.11.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 RIP: 0010:mem_cgroup_lruvec include/linux/memcontrol.h:732 [inline] RIP: 0010:lru_gen_test_recent mm/workingset.c:274 [inline] RIP: 0010:lru_gen_refault mm/workingset.c:293 [inline] RIP: 0010:workingset_refault+0x11b/0x9d0 mm/workingset.c:548 Code: fc 00 00 00 48 8b 9c 00 d0 aa 87 83 89 c8 c1 e8 08 0f b7 f8 e8 66 92 0b 00 0f 1f 44 00 00 48 85 c0 75 07 48 8b 05 ed 9e 5e 02 <48> 63 8b 80 4b 00 00 48 8b ac c8 10 0c 00 00 48 83 c5 48 41 83 e4 RSP: 0018:ffffc90004273bb8 EFLAGS: 00010286 RAX: ffff888102fb9000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000002 RSI: 0000000000000002 RDI: ffffffff836170c0 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000155 R13: 0000000000000000 R14: 00000000000002ab R15: 0000000000000000 FS: 00007f0b8b26d6c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000004b80 CR3: 000000010e3a4000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: filemap_add_folio+0xa7/0x1e0 mm/filemap.c:985 do_read_cache_folio+0x89/0x2d0 mm/filemap.c:3756 freader_get_folio+0xea/0x280 lib/buildid.c:72 freader_fetch+0x64/0x170 lib/buildid.c:115 __build_id_parse+0xe0/0x2b0 lib/buildid.c:316 do_procmap_query fs/proc/task_mmu.c:534 [inline] procfs_procmap_ioctl+0x4a0/0x870 fs/proc/task_mmu.c:628 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl+0x6e/0xc0 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0x8d/0x170 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f0b8a38d169 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f0b8b26d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f0b8a5a6080 RCX: 00007f0b8a38d169 RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000003 RBP: 00007f0b8a40e2a0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f0b8a5a6080 R15: 00007ffd7ad8e498 Modules linked in: CR2: 0000000000004b80 ---[ end trace 0000000000000000 ]--- RIP: 0010:mem_cgroup_lruvec include/linux/memcontrol.h:732 [inline] RIP: 0010:lru_gen_test_recent mm/workingset.c:274 [inline] RIP: 0010:lru_gen_refault mm/workingset.c:293 [inline] RIP: 0010:workingset_refault+0x11b/0x9d0 mm/workingset.c:548 Code: fc 00 00 00 48 8b 9c 00 d0 aa 87 83 89 c8 c1 e8 08 0f b7 f8 e8 66 92 0b 00 0f 1f 44 00 00 48 85 c0 75 07 48 8b 05 ed 9e 5e 02 <48> 63 8b 80 4b 00 00 48 8b ac c8 10 0c 00 00 48 83 c5 48 41 83 e4 RSP: 0018:ffffc90004273bb8 EFLAGS: 00010286 RAX: ffff888102fb9000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000002 RSI: 0000000000000002 RDI: ffffffff836170c0 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000155 R13: 0000000000000000 R14: 00000000000002ab R15: 0000000000000000 FS: 00007f0b8b26d6c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000004b80 CR3: 000000010e3a4000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: fc cld 1: 00 00 add %al,(%rax) 3: 00 48 8b add %cl,-0x75(%rax) 6: 9c pushf 7: 00 d0 add %dl,%al 9: aa stos %al,%es:(%rdi) a: 87 83 89 c8 c1 e8 xchg %eax,-0x173e3777(%rbx) 10: 08 0f or %cl,(%rdi) 12: b7 f8 mov $0xf8,%bh 14: e8 66 92 0b 00 call 0xb927f 19: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) 1e: 48 85 c0 test %rax,%rax 21: 75 07 jne 0x2a 23: 48 8b 05 ed 9e 5e 02 mov 0x25e9eed(%rip),%rax # 0x25e9f17 * 2a: 48 63 8b 80 4b 00 00 movslq 0x4b80(%rbx),%rcx <-- trapping instruction 31: 48 8b ac c8 10 0c 00 mov 0xc10(%rax,%rcx,8),%rbp 38: 00 39: 48 83 c5 48 add $0x48,%rbp 3d: 41 rex.B 3e: 83 .byte 0x83 3f: e4 .byte 0xe4