ci2 starts bisection 2024-05-17 17:59:46.594160756 +0000 UTC m=+21765.541705710
bisecting fixing commit since f2295faba5e8249ae4082791bfc1664c88fff83a
building syzkaller on 0b6a67ac4b0dc26f43030c5edd01c9175f13b784
ensuring issue is reproducible on original commit f2295faba5e8249ae4082791bfc1664c88fff83a

testing commit f2295faba5e8249ae4082791bfc1664c88fff83a gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: a6dfddb633d2448de88045ff2473a11eb3cbb6b4bbc2080531f4b285820d5aa7
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: out-of-bounds Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_ext_insert_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
run #10: crashed: KASAN: use-after-free Read in ext4_find_extent
run #11: crashed: KASAN: use-after-free Read in ext4_find_extent
run #12: crashed: KASAN: use-after-free Read in ext4_find_extent
run #13: crashed: KASAN: use-after-free Read in ext4_find_extent
run #14: crashed: KASAN: use-after-free Read in ext4_find_extent
run #15: crashed: KASAN: use-after-free Read in ext4_find_extent
run #16: crashed: KASAN: use-after-free Read in ext4_ext_insert_extent
run #17: crashed: KASAN: use-after-free Read in ext4_find_extent
run #18: crashed: KASAN: use-after-free Read in ext4_find_extent
run #19: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
check whether we can drop unnecessary instrumentation
disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed
testing commit f2295faba5e8249ae4082791bfc1664c88fff83a gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 66267c4a9cb1b127e462a138c4c8dc712a6fd0eab8e125cf87c00bb6839d8fbf
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
the bug reproduces without the instrumentation
disabling configs for [UBSAN BUG LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed
kconfig minimization: base=3820 full=7527 leaves diff=1997
split chunks (needed=false): <1997>
split chunk #0 of len 1997 into 5 parts
testing without sub-chunk 1/5
disabling configs for [BUG LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed
testing commit f2295faba5e8249ae4082791bfc1664c88fff83a gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 3370e6102a24574fee169879e32280ce23d2ab9f354e32c7a5f2420499fff192
run #0: crashed: panic: runtime error: invalid memory address or nil pointer dereference
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
the chunk can be dropped
testing without sub-chunk 2/5
disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG LOCKDEP], they are not needed
testing commit f2295faba5e8249ae4082791bfc1664c88fff83a gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 6c1500d50432aaac31fc4670ba69f7d0d7992f559c196f41631dec1c37479108
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: out-of-bounds Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: out-of-bounds Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
the chunk can be dropped
testing without sub-chunk 3/5
disabling configs for [LEAK UBSAN BUG LOCKDEP ATOMIC_SLEEP HANG], they are not needed
testing commit f2295faba5e8249ae4082791bfc1664c88fff83a gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 00dec0107ad5d6ac5415157f6ea00d06e5d6f488f2767063da868739f38b2222
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
the chunk can be dropped
testing without sub-chunk 4/5
disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed
testing commit f2295faba5e8249ae4082791bfc1664c88fff83a gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 44665589febdc2d3443f6b8cb239275a7d22aba8e8481de8b5bddb0bc39f71ad
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
the chunk can be dropped
testing without sub-chunk 5/5
disabling configs for [HANG LEAK UBSAN BUG LOCKDEP ATOMIC_SLEEP], they are not needed
testing commit f2295faba5e8249ae4082791bfc1664c88fff83a gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 83fe6a60ed9a38ef4bb981f161b8df2948b1c470df170438fdd3407dea2940f7
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
the chunk can be dropped
disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed
determining the merge base between f2295faba5e8249ae4082791bfc1664c88fff83a and ff2632d7d08edc11e8bd0629e9fcfebab25c78b4
830b3c68c1fb1e9176028d02ef86f3cf76aa2476/Linux 6.1 is a merge base, check if it has the bug
testing commit 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 3cd40d788b52a07ead38e615d6863a712a9d14e306d707e30b53c4a622c8e732
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
testing current HEAD ff2632d7d08edc11e8bd0629e9fcfebab25c78b4
testing commit ff2632d7d08edc11e8bd0629e9fcfebab25c78b4 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 50ae945bd4c58b539167e4bc02123d1d2733bab072c65505cbc2fa5a143730a3
all runs: OK
false negative chance: 0.000
# git bisect start ff2632d7d08edc11e8bd0629e9fcfebab25c78b4 830b3c68c1fb1e9176028d02ef86f3cf76aa2476
Bisecting: 68398 revisions left to test after this (roughly 16 steps)
[53ea7f624fb91074c2f9458832ed74975ee5d64c] Merge tag 'xfs-6.6-merge-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux

determine whether the revision contains the guilty commit
revision 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 crashed and is reachable
testing commit 53ea7f624fb91074c2f9458832ed74975ee5d64c gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 7d04a9929ad31ec0ff12428ce4e2389a4aead84f6cebc2296e74385ffd2cbac3
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good 53ea7f624fb91074c2f9458832ed74975ee5d64c
Bisecting: 34193 revisions left to test after this (roughly 15 steps)
[c4101e55974cc7d835fbd2d8e01553a3f61e9e75] Merge tag 'soc-dt-6.8' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc

determine whether the revision contains the guilty commit
revision 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 crashed and is reachable
testing commit c4101e55974cc7d835fbd2d8e01553a3f61e9e75 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: f05bab44afade9d786f65f0e6a3df0e19b80722ec31cb9710b846e7462d12662
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: invalid opcode in ext4_split_extent_at
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good c4101e55974cc7d835fbd2d8e01553a3f61e9e75
Bisecting: 17468 revisions left to test after this (roughly 14 steps)
[e5e038b7ae9da96b93974bf072ca1876899a01a3] Merge tag 'fs_for_v6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs

determine whether the revision contains the guilty commit
revision 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 crashed and is reachable
testing commit e5e038b7ae9da96b93974bf072ca1876899a01a3 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: b71b9245d0a4c730c20a96af63bfef657f0d6f9f38e24ec4dd437cfcbd7724a1
all runs: OK
false negative chance: 0.000
# git bisect bad e5e038b7ae9da96b93974bf072ca1876899a01a3
Bisecting: 8350 revisions left to test after this (roughly 13 steps)
[809be620dc070c02a6e0daee0dcb0479c6296891] Merge tag 'usb-6.8-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb

determine whether the revision contains the guilty commit
revision 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 crashed and is reachable
testing commit 809be620dc070c02a6e0daee0dcb0479c6296891 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 39af522459f0cfd86d94c9fcae22e40ea4f99afae65a6a1fc8bac04b10c02f3d
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good 809be620dc070c02a6e0daee0dcb0479c6296891
Bisecting: 4227 revisions left to test after this (roughly 12 steps)
[35d4aeea10558d12022d752b20be371aced557da] Merge tag 'zonefs-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs

determine whether the revision contains the guilty commit
revision 809be620dc070c02a6e0daee0dcb0479c6296891 crashed and is reachable
testing commit 35d4aeea10558d12022d752b20be371aced557da gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: db8b8a9832ad4b00a7257b60e8e6629ae368c762586fad9fc7988eea5e1cb706
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good 35d4aeea10558d12022d752b20be371aced557da
Bisecting: 2134 revisions left to test after this (roughly 11 steps)
[19cfdc0d57696c92523da8eb26c0f3e092400bee] Merge branch 'hns3-fixes'

determine whether the revision contains the guilty commit
revision 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 crashed and is reachable
testing commit 19cfdc0d57696c92523da8eb26c0f3e092400bee gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 4696f2b94c355307c7c84ba15d17b6e4d41695da56416144f6d0087952ddcbfd
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: OK
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good 19cfdc0d57696c92523da8eb26c0f3e092400bee
Bisecting: 1056 revisions left to test after this (roughly 10 steps)
[61387b8dcf1dc0f30cf690956a48768a3fce1810] Merge tag 'for-6.9/dm-vdo' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm

determine whether the revision contains the guilty commit
revision c4101e55974cc7d835fbd2d8e01553a3f61e9e75 crashed and is reachable
testing commit 61387b8dcf1dc0f30cf690956a48768a3fce1810 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: ccf959368770ee986b7e5538488f09824b61cf8ec3ab235e4e1f202a6bc9b53c
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good 61387b8dcf1dc0f30cf690956a48768a3fce1810
Bisecting: 494 revisions left to test after this (roughly 9 steps)
[15223fdbdf4f75102c5507f764bda0fdcdf726ae] Merge tag 'hwmon-for-v6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging

determine whether the revision contains the guilty commit
revision 35d4aeea10558d12022d752b20be371aced557da crashed and is reachable
testing commit 15223fdbdf4f75102c5507f764bda0fdcdf726ae gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 5c386939894d2328e23e72a543e9e7cb201c62b4267855087ba2d55324831068
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good 15223fdbdf4f75102c5507f764bda0fdcdf726ae
Bisecting: 235 revisions left to test after this (roughly 8 steps)
[279d44ceb8a495d287ec563964f2ed04b0d53b0e] Merge tag '6.9-rc-smb3-client-fixes-part1' of git://git.samba.org/sfrench/cifs-2.6

determine whether the revision contains the guilty commit
revision 809be620dc070c02a6e0daee0dcb0479c6296891 crashed and is reachable
testing commit 279d44ceb8a495d287ec563964f2ed04b0d53b0e gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 83eb561c09a4512e142dbcbbcc5cce2d70c5e6a8339577a44d28cfeebf0ca845
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_ext_insert_extent
run #3: crashed: KASAN: use-after-free Read in ext4_find_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_ext_insert_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good 279d44ceb8a495d287ec563964f2ed04b0d53b0e
Bisecting: 117 revisions left to test after this (roughly 7 steps)
[802f91f7b1d535ac975e2d696bf5b5dea82816e7] xfs: fold xfs_bmbt_init_common into xfs_bmbt_init_cursor

determine whether the revision contains the guilty commit
revision 53ea7f624fb91074c2f9458832ed74975ee5d64c crashed and is reachable
testing commit 802f91f7b1d535ac975e2d696bf5b5dea82816e7 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: ce4b30d41728bf283fed869ad2f4b3c1029188499a2e3624dd356236cecc8401
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good 802f91f7b1d535ac975e2d696bf5b5dea82816e7
Bisecting: 59 revisions left to test after this (roughly 6 steps)
[b8102b61f7b8929ad8043e4574a1e26276398041] xfs: move symlink target write function to libxfs

determine whether the revision contains the guilty commit
revision 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 crashed and is reachable
testing commit b8102b61f7b8929ad8043e4574a1e26276398041 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 8c08d63b913392e1765d35c36ad3d0854ba82f3725b0dc38c9258a40d02ea5c0
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good b8102b61f7b8929ad8043e4574a1e26276398041
Bisecting: 26 revisions left to test after this (roughly 5 steps)
[1715f710e787493f3631d5890c86c9bdb30a36d8] Merge tag 'fsnotify_for_v6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs

determine whether the revision contains the guilty commit
revision 809be620dc070c02a6e0daee0dcb0479c6296891 crashed and is reachable
testing commit 1715f710e787493f3631d5890c86c9bdb30a36d8 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: aaf7e39b4f73fcd59fdd2962c0198ac60f9165ba5044dc62118409814697e6ad
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good 1715f710e787493f3631d5890c86c9bdb30a36d8
Bisecting: 13 revisions left to test after this (roughly 4 steps)
[d0aa72604fbd80c8aabb46eda00535ed35570f1f] quota: Fix potential NULL pointer dereference

determine whether the revision contains the guilty commit
revision 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 crashed and is reachable
testing commit d0aa72604fbd80c8aabb46eda00535ed35570f1f gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 529cb56ec4913657e32dc6540e7795a1b71561f87735e74b46861fc7dc197361
all runs: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good d0aa72604fbd80c8aabb46eda00535ed35570f1f
Bisecting: 6 revisions left to test after this (roughly 3 steps)
[7a8e72c16e734f2ccdfe8d86bcd2e176aa5e978a] udf: convert novrs to an option flag

determine whether the revision contains the guilty commit
revision 53ea7f624fb91074c2f9458832ed74975ee5d64c crashed and is reachable
testing commit 7a8e72c16e734f2ccdfe8d86bcd2e176aa5e978a gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 3860edba34f17b358c1d007052faec390969ff163a5492d9c8ee700aaa8fda0d
all runs: OK
false negative chance: 0.000
# git bisect bad 7a8e72c16e734f2ccdfe8d86bcd2e176aa5e978a
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[179b8c97ebf63429589f5afeba59a181fe70603e] quota: Fix rcu annotations of inode dquot pointers

determine whether the revision contains the guilty commit
revision 53ea7f624fb91074c2f9458832ed74975ee5d64c crashed and is reachable
testing commit 179b8c97ebf63429589f5afeba59a181fe70603e gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: ef6c60c9b4faa3411916291a47d5800d2acc1f50b744185c0e81d5e6b47d627f
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_ext_insert_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good 179b8c97ebf63429589f5afeba59a181fe70603e
Bisecting: 1 revision left to test after this (roughly 1 step)
[a898cb621ac589b0b9e959309689a027e765aa12] quota: Detect loops in quota tree

determine whether the revision contains the guilty commit
revision d0aa72604fbd80c8aabb46eda00535ed35570f1f crashed and is reachable
testing commit a898cb621ac589b0b9e959309689a027e765aa12 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: a104df28fb92a05b107ff2ef53a0b9d6b5409b0b797737b4436bfdb35f7d2a4b
all runs: OK
false negative chance: 0.000
# git bisect bad a898cb621ac589b0b9e959309689a027e765aa12
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[ccb49011bb2ebfd66164dbf68c5bff48917bb5ef] quota: Properly annotate i_dquot arrays with __rcu

determine whether the revision contains the guilty commit
revision 53ea7f624fb91074c2f9458832ed74975ee5d64c crashed and is reachable
testing commit ccb49011bb2ebfd66164dbf68c5bff48917bb5ef gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 62ddbd7db84b349f5ca85820b32708a89676af41d2f7c0ef77b167203e67a038
run #0: crashed: KASAN: use-after-free Read in ext4_find_extent
run #1: crashed: KASAN: use-after-free Read in ext4_find_extent
run #2: crashed: KASAN: use-after-free Read in ext4_find_extent
run #3: crashed: KASAN: use-after-free Read in ext4_ext_insert_extent
run #4: crashed: KASAN: use-after-free Read in ext4_find_extent
run #5: crashed: KASAN: use-after-free Read in ext4_find_extent
run #6: crashed: KASAN: use-after-free Read in ext4_find_extent
run #7: crashed: KASAN: use-after-free Read in ext4_find_extent
run #8: crashed: KASAN: use-after-free Read in ext4_find_extent
run #9: crashed: KASAN: use-after-free Read in ext4_find_extent
representative crash: KASAN: use-after-free Read in ext4_find_extent, types: [KASAN]
# git bisect good ccb49011bb2ebfd66164dbf68c5bff48917bb5ef
a898cb621ac589b0b9e959309689a027e765aa12 is the first bad commit
commit a898cb621ac589b0b9e959309689a027e765aa12
Author: Jan Kara <jack@suse.cz>
Date:   Wed Feb 7 19:12:15 2024 +0100

    quota: Detect loops in quota tree
    
    Syzbot has found that when it creates corrupted quota files where the
    quota tree contains a loop, we will deadlock when tryling to insert a
    dquot. Add loop detection into functions traversing the quota tree.
    
    Signed-off-by: Jan Kara <jack@suse.cz>

 fs/quota/quota_tree.c | 128 +++++++++++++++++++++++++++++++++++++-------------
 fs/quota/quota_v2.c   |  15 +++---
 2 files changed, 105 insertions(+), 38 deletions(-)

accumulated error probability: 0.00
culprit signature: a104df28fb92a05b107ff2ef53a0b9d6b5409b0b797737b4436bfdb35f7d2a4b
parent  signature: 62ddbd7db84b349f5ca85820b32708a89676af41d2f7c0ef77b167203e67a038
revisions tested: 26, total time: 4h15m2.954353611s (build: 1h21m57.884245737s, test: 2h42m53.906438127s)
first good commit: a898cb621ac589b0b9e959309689a027e765aa12 quota: Detect loops in quota tree
recipients (to): ["jack@suse.cz"]
recipients (cc): []