ci starts bisection 2023-06-14 10:55:45.669640714 +0000 UTC m=+67096.005564674 bisecting cause commit starting from f8dba31b0a826e691949cd4fdfa5c30defaac8c5 building syzkaller on a4ae4f428721da42ac15f07d6f3b54584dedee27 ensuring issue is reproducible on original commit f8dba31b0a826e691949cd4fdfa5c30defaac8c5 testing commit f8dba31b0a826e691949cd4fdfa5c30defaac8c5 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 4d3c41a501b55ca89bf786e23727a5f8935f481d907b5498cc95dc82b57bd827 run #0: crashed: general protection fault in hrtimer_try_to_cancel run #1: crashed: BUG: unable to handle kernel paging request in vm_area_dup run #2: crashed: BUG: unable to handle kernel paging request in ipv6_get_lladdr run #3: crashed: BUG: unable to handle kernel paging request in unlink_file_vma run #4: crashed: WARNING: locking bug in corrupted run #5: crashed: general protection fault in cpuacct_account_field run #6: crashed: possible deadlock in console_flush_all run #7: crashed: general protection fault in __free_object run #8: crashed: general protection fault in __fput run #9: crashed: general protection fault in unmap_vmas run #10: crashed: BUG: unable to handle kernel paging request in corrupted run #11: crashed: general protection fault in lookup_object_or_alloc run #12: crashed: general protection fault in debug_check_no_obj_freed run #13: crashed: general protection fault in cpuacct_account_field run #14: crashed: general protection fault in psi_account_irqtime run #15: crashed: general protection fault in cpuacct_account_field run #16: crashed: BUG: unable to handle kernel paging request in lookup_object_or_alloc run #17: crashed: BUG: unable to handle kernel paging request in page_fault_oops run #18: crashed: BUG: unable to handle kernel NULL pointer dereference in __hrtimer_run_queues run #19: crashed: general protection fault in put_prev_entity testing release v6.3 testing commit 457391b0380335d5e9a5babdec90ac53928b23b4 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: b178000ec694a6abfc5111184340f50d3afa7c080f56f94f9d68e9114cc842f9 run #0: crashed: stack segment fault in __stack_depot_save run #1: crashed: general protection fault in rcu_core run #2: crashed: BUG: unable to handle kernel paging request in __key run #3: crashed: general protection fault in __call_rcu_common run #4: crashed: KASAN: unknown-crash Read in page_fault_oops run #5: crashed: general protection fault in get_mem_cgroup_from_objcg run #6: crashed: general protection fault in nf_hook run #7: crashed: general protection fault in corrupted run #8: crashed: WARNING: locking bug in corrupted run #9: OK testing release v6.2 testing commit c9c3395d5e3dcc6daee66c6908354d47bf98cb0c gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: e850f94de1305a6b01eb415a8c7b0576396fea4ae5f15ce90fd625632680c9aa run #0: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #1: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #2: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #3: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #4: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #5: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #6: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #7: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #8: crashed: KASAN: use-after-free Read in leaf_insert_into_buf run #9: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer testing release v6.1 testing commit 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 6cdc49e4f0ce341a575b245f80a1b79d201203e5c79f2b5dc6a7df648362b37f all runs: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer testing release v6.0 testing commit 4fe89d07dcc2804c8b562f6c7896a45643d34b2f gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1ebed86884bce4c61133b7c2a08ceb144ad5646d75dfc023570f49ad007c07ab run #0: crashed: KASAN: use-after-free Read in leaf_insert_into_buf run #1: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #2: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #3: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #4: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #5: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #6: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #7: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #8: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #9: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer testing release v5.19 testing commit 3d7cb6b04c3f3115719235cc6866b10326de34cd gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 695224f7395b6c1624a493dd21a0ec34ba2f9e0eb5b45b1a221113b0b83486a3 all runs: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer testing release v5.18 testing commit 4b0986a3613c92f4ec1bdc7f60ec66fea135991f gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 225697e7ff1fd75818474c9b62c0eb50c162a17ec7191b03f6037003ae6af28f all runs: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer testing release v5.17 testing commit f443e374ae131c168a065ea1748feac6b2e76613 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 099196d6222de0a395c6b5a7c6197d5e9219901d73cf26518cfffcebfed5bded run #0: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #1: crashed: KASAN: use-after-free Read in leaf_insert_into_buf run #2: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #3: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #4: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #5: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #6: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #7: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #8: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #9: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer testing release v5.16 testing commit df0cc57e057f18e44dac8e6c18aba47ab53202f9 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a2778a2b2bbc1ecddd02e594f15d8c0858f8650c731f996eab515e920e0aea4e all runs: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer testing release v5.15 testing commit 8bb7eca972ad531c9b149c0a51ab43a417385813 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 9fe65d9b1fe69b6fb6d0d1d5f703898e920a1964caa356b3705d7b5b44178c20 run #0: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #1: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #2: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #3: crashed: KASAN: use-after-free Read in leaf_insert_into_buf run #4: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #5: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #6: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #7: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #8: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #9: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer testing release v5.14 testing commit 7d2a07b769330c34b4deabeed939325c77a7ec2f gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 811ffe2e3d43dd288f8ea75154433d11035f9e8ff7a574fc92f6d1ea8de56568 run #0: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #1: crashed: KASAN: use-after-free Read in leaf_insert_into_buf run #2: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #3: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #4: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #5: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #6: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #7: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #8: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #9: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer testing release v5.13 testing commit 62fb9874f5da54fdb243003b386128037319b219 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: aa80bee9c04b7531890d620be71b829e527d75fb77508d21aa938f8a4214b760 all runs: OK # git bisect start 7d2a07b769330c34b4deabeed939325c77a7ec2f 62fb9874f5da54fdb243003b386128037319b219 Bisecting: 7914 revisions left to test after this (roughly 13 steps) [406254918b232db198ed60f5bf1f8b84d96bca00] Merge tag 'perf-tools-for-v5.14-2021-07-01' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux testing commit 406254918b232db198ed60f5bf1f8b84d96bca00 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1c83f3c8b090a4702817c527e741a35506bc06911c71962d4c5fcef577de2fd3 run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in stack_depot_save run #1: basic kernel testing failed: possible deadlock in fs_reclaim_acquire run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good 406254918b232db198ed60f5bf1f8b84d96bca00 Bisecting: 3969 revisions left to test after this (roughly 12 steps) [4ea90317956718e0648e1f87e56530db809a5a04] Merge tag 'for-linus-5.14-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip testing commit 4ea90317956718e0648e1f87e56530db809a5a04 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 0bdd3fa3a7ea6703470a4be2ce6fc9387824c70453e5f9069a32557144b6906a run #0: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #1: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #2: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #3: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #4: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #5: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #6: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #7: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #8: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #9: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) # git bisect skip 4ea90317956718e0648e1f87e56530db809a5a04 Bisecting: 3969 revisions left to test after this (roughly 12 steps) [c1b8ac969febc8f413c4d71f0eefe2e107610449] pwm: tegra: Drop an if block with an always false condition testing commit c1b8ac969febc8f413c4d71f0eefe2e107610449 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f13f6772ae969dd94f0f5418bd48adb8d8c24435e55296dd3db04c9c7b23f43f all runs: OK # git bisect good c1b8ac969febc8f413c4d71f0eefe2e107610449 Bisecting: 3937 revisions left to test after this (roughly 12 steps) [b5e6d1261e2090df1325e762669c8eab6d4fb2fb] Merge tag 'hwlock-v5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/andersson/remoteproc testing commit b5e6d1261e2090df1325e762669c8eab6d4fb2fb gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 50eba7b7a973bdd338f1bccc4487fda704e1c6ce67c00e0f3c56d7a805db734f run #0: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #1: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #2: boot failed: possible deadlock in fs_reclaim_acquire run #3: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #4: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #5: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #6: boot failed: possible deadlock in get_page_from_freelist run #7: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #8: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #9: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) # git bisect skip b5e6d1261e2090df1325e762669c8eab6d4fb2fb Bisecting: 3937 revisions left to test after this (roughly 12 steps) [5a4e0f58e2d959e2de0f0f1ddaa169e60711d2f0] s390/ipl: use register pair instead of register asm testing commit 5a4e0f58e2d959e2de0f0f1ddaa169e60711d2f0 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 210324028c401c4483152f068a45c06beffe9980f1a1b48365d7730621b1ade8 all runs: OK # git bisect good 5a4e0f58e2d959e2de0f0f1ddaa169e60711d2f0 Bisecting: 3929 revisions left to test after this (roughly 12 steps) [2de7e4f67599affc97132bd07e30e3bd59d0b777] ixgbevf: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops testing commit 2de7e4f67599affc97132bd07e30e3bd59d0b777 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f0c111f286ef1f7bab214bb84c77f2795f32bee66dbc3537d20ef3f0f2fb39fc all runs: OK # git bisect good 2de7e4f67599affc97132bd07e30e3bd59d0b777 Bisecting: 3847 revisions left to test after this (roughly 12 steps) [d0fe3f47ef09bf5a74f7d20e129b2d15b4a824d0] Merge tag 'rproc-v5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/andersson/remoteproc testing commit d0fe3f47ef09bf5a74f7d20e129b2d15b4a824d0 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 50eba7b7a973bdd338f1bccc4487fda704e1c6ce67c00e0f3c56d7a805db734f run #0: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #1: boot failed: possible deadlock in fs_reclaim_acquire run #2: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #3: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #4: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #5: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #6: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #7: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #8: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #9: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) # git bisect skip d0fe3f47ef09bf5a74f7d20e129b2d15b4a824d0 Bisecting: 3847 revisions left to test after this (roughly 12 steps) [8b95a7d90ce8160ac5cffd5bace6e2eba01a871e] ARM: 9087/1: kprobes: test-thumb: fix for LLVM_IAS=1 testing commit 8b95a7d90ce8160ac5cffd5bace6e2eba01a871e gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 7415173c7f1e4a5e6c64696735c714b85ed79ea8f801342e0f3ed698c2ef807e all runs: OK # git bisect good 8b95a7d90ce8160ac5cffd5bace6e2eba01a871e Bisecting: 3843 revisions left to test after this (roughly 12 steps) [ec03554f980f917e0491aa8532aabedc9c080639] usb: host: xhci-tegra: Add missing of_node_put() in tegra_xusb_probe() testing commit ec03554f980f917e0491aa8532aabedc9c080639 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 2809fe57c5c4b2ceb46783145a550c980866ec16629e6f7c98ce7c8c39c1aa80 all runs: OK # git bisect good ec03554f980f917e0491aa8532aabedc9c080639 Bisecting: 3759 revisions left to test after this (roughly 12 steps) [1423e2660cf134a8f21f2451865a04792013e49e] Merge tag 'x86-fpu-2021-07-07' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit 1423e2660cf134a8f21f2451865a04792013e49e gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 079181f745a64542c107e98709a0c2ee36e0c716f708d36636155fb88fa54189 run #0: boot failed: possible deadlock in get_page_from_freelist run #1: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #2: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #3: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #4: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #5: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #6: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #7: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #8: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #9: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) # git bisect skip 1423e2660cf134a8f21f2451865a04792013e49e Bisecting: 3759 revisions left to test after this (roughly 12 steps) [50ac7479846053ca8054be833c1594e64de496bb] ice: Prevent probing virtual functions testing commit 50ac7479846053ca8054be833c1594e64de496bb gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1397f85b36d93ae452e2587da594f7a694437dd6b589683f82370a528fbfcbd0 all runs: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer # git bisect bad 50ac7479846053ca8054be833c1594e64de496bb Bisecting: 3373 revisions left to test after this (roughly 12 steps) [a16d8644bad461bb073b92e812080ea6715ddf2b] Merge tag 'staging-5.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging testing commit a16d8644bad461bb073b92e812080ea6715ddf2b gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 10584ec19390e054648f9aec118731ac5639703aa3932b2c3d505d4009526d24 run #0: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #1: boot failed: possible deadlock in get_page_from_freelist run #2: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #3: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #4: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #5: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #6: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #7: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #8: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #9: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) # git bisect skip a16d8644bad461bb073b92e812080ea6715ddf2b Bisecting: 3373 revisions left to test after this (roughly 12 steps) [62d7ecaf56bacf0c4248d640ac11cb632b01361b] staging: greybus: spi: add blank line after variable declaration testing commit 62d7ecaf56bacf0c4248d640ac11cb632b01361b gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: d85b4c0d9e13a06b72ffd523c518418f4af0b275b86d27f20e089cc5892c4eba all runs: OK # git bisect good 62d7ecaf56bacf0c4248d640ac11cb632b01361b Bisecting: 3143 revisions left to test after this (roughly 12 steps) [c932ed0adb09a7fa6d6649ee04dd78c83ab07ada] Merge tag 'tty-5.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty testing commit c932ed0adb09a7fa6d6649ee04dd78c83ab07ada gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 7321d9667ac34835ec5a36bb58bf5af385cab5952fce461e19ea7ac7508ef791 run #0: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #1: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #2: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #3: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #4: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #5: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #6: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #7: boot failed: possible deadlock in get_page_from_freelist run #8: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #9: boot failed: BUG: sleeping function called from invalid context in stack_depot_save # git bisect skip c932ed0adb09a7fa6d6649ee04dd78c83ab07ada Bisecting: 3143 revisions left to test after this (roughly 12 steps) [de5540965853e514a85d3b775e9049deb85a2ff3] Merge tag 'rtc-5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux testing commit de5540965853e514a85d3b775e9049deb85a2ff3 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: bbf1fe47f4ae6d78af23d61a967d69329713b14df9424ca2418f9df5b2f93dee run #0: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #1: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #2: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #3: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #4: boot failed: BUG: sleeping function called from invalid context in stack_depot_save run #5: boot failed: possible deadlock in fs_reclaim_acquire run #6: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #7: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #8: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) run #9: boot failed: possible deadlock in fs_reclaim_acquire # git bisect skip de5540965853e514a85d3b775e9049deb85a2ff3 Bisecting: 3143 revisions left to test after this (roughly 12 steps) [e5e0280db792953ee7acbdbf01179d53187a6083] scsi: lpfc: Update lpfc version to 12.8.0.10 testing commit e5e0280db792953ee7acbdbf01179d53187a6083 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 91a3ad48f89984e73b63f58b83aa8a6357e2239a7a4724015216364b6d7aae0e all runs: OK # git bisect good e5e0280db792953ee7acbdbf01179d53187a6083 Bisecting: 3143 revisions left to test after this (roughly 12 steps) [991468dcf198bb87f24da330676724a704912b47] io_uring: explicitly catch any illegal async queue attempt testing commit 991468dcf198bb87f24da330676724a704912b47 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c856543f41562e3fc206b3451716206abcddc1ffb6ecc43e53bd9d70e1706539 all runs: OK # git bisect good 991468dcf198bb87f24da330676724a704912b47 Bisecting: 571 revisions left to test after this (roughly 9 steps) [8b54874ef1617185048029a3083d510569e93751] net/mlx5: Fix flow table chaining testing commit 8b54874ef1617185048029a3083d510569e93751 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 3222d4cdebfabec89b05b6b4c8f549aa76514d00cf09199fb294152166dbfe90 all runs: OK # git bisect good 8b54874ef1617185048029a3083d510569e93751 Bisecting: 282 revisions left to test after this (roughly 8 steps) [cade08a57244497216c46df5e9cbe8f18e143519] Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mattst88/alpha testing commit cade08a57244497216c46df5e9cbe8f18e143519 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 4d4f676e2a0ccddde5864f1893ec8316ea55c3412eb8dd14d67e98c078bd7207 run #0: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #1: crashed: KASAN: use-after-free Read in leaf_insert_into_buf run #2: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #3: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #4: crashed: KASAN: use-after-free Read in leaf_insert_into_buf run #5: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #6: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #7: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #8: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #9: crashed: KASAN: use-after-free Read in leaf_insert_into_buf # git bisect bad cade08a57244497216c46df5e9cbe8f18e143519 Bisecting: 143 revisions left to test after this (roughly 7 steps) [593311e85b26ecc6e4d45b6fb81b942b6672df09] writeback, cgroup: do not reparent dax inodes testing commit 593311e85b26ecc6e4d45b6fb81b942b6672df09 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 322f6ac729f359b6658a8017ca875f744403f87b458284db016b078d445db40b all runs: OK # git bisect good 593311e85b26ecc6e4d45b6fb81b942b6672df09 Bisecting: 71 revisions left to test after this (roughly 6 steps) [82d712f6d147a2fb9998d0ede483949e80fed759] Merge branch 'for-5.14-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq testing commit 82d712f6d147a2fb9998d0ede483949e80fed759 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 6b70307d567d9e7fbf021632ac5d2099d85d28850c3d0aa84c321f43f6a85fcc all runs: OK # git bisect good 82d712f6d147a2fb9998d0ede483949e80fed759 Bisecting: 35 revisions left to test after this (roughly 5 steps) [4010a528219e01dd02e768b22168f7f0e78365ce] Merge tag 'fixes_for_v5.14-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs testing commit 4010a528219e01dd02e768b22168f7f0e78365ce gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f52b4ca8848f96a26d6b6e05ad5032bd2eaaca095e29aaca29177e86e3d048d0 run #0: crashed: KASAN: out-of-bounds Read in leaf_insert_into_buf run #1: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #2: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #3: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #4: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #5: crashed: KASAN: use-after-free Read in leaf_insert_into_buf run #6: crashed: KASAN: use-after-free Read in leaf_insert_into_buf run #7: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #8: crashed: KASAN: use-after-free Read in leaf_insert_into_buf run #9: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer # git bisect bad 4010a528219e01dd02e768b22168f7f0e78365ce Bisecting: 18 revisions left to test after this (roughly 4 steps) [2b2c66f607d00d17f879c0d946d44340bfbdc501] platform/x86: gigabyte-wmi: add support for B550 Aorus Elite V2 testing commit 2b2c66f607d00d17f879c0d946d44340bfbdc501 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8a4346afe5fdd5d177e6e1e017cb2935555ef06611f9a78cff0173d731e2a05f run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in stack_depot_save run #1: basic kernel testing failed: BUG: sleeping function called from invalid context in stack_depot_save run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good 2b2c66f607d00d17f879c0d946d44340bfbdc501 Bisecting: 9 revisions left to test after this (roughly 3 steps) [dc6afef7e14252c5ca5b8a8444946cb4b75b0aa0] RDMA/irdma: Change returned type of irdma_setup_virt_qp to void testing commit dc6afef7e14252c5ca5b8a8444946cb4b75b0aa0 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5f986490478bdf4eafd78d3405aaf02e6788c650cc59edc0abe0fcdc529e3b74 all runs: OK # git bisect good dc6afef7e14252c5ca5b8a8444946cb4b75b0aa0 Bisecting: 4 revisions left to test after this (roughly 2 steps) [25905f602fdb0cfa147017056636768a7aa1ff6f] dmaengine: idxd: Change license on idxd.h to LGPL testing commit 25905f602fdb0cfa147017056636768a7aa1ff6f gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: e51de6645c63665756012708a5dcf5c1fbe39fc4f98032396e4cbc1309f9443e all runs: OK # git bisect good 25905f602fdb0cfa147017056636768a7aa1ff6f Bisecting: 1 revision left to test after this (roughly 1 step) [13d257503c0930010ef9eed78b689cec417ab741] reiserfs: check directory items on read from disk testing commit 13d257503c0930010ef9eed78b689cec417ab741 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: fc456e669984fb9704d9e1d3cb7be68af3b83de4bb55124257ae28bb39a14dc7 run #0: basic kernel testing failed: possible deadlock in fs_reclaim_acquire run #1: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #2: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #3: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #4: crashed: KASAN: use-after-free Read in leaf_insert_into_buf run #5: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #6: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #7: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #8: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer run #9: crashed: KASAN: out-of-bounds Read in leaf_paste_in_buffer # git bisect bad 13d257503c0930010ef9eed78b689cec417ab741 Bisecting: 1 revision left to test after this (roughly 1 step) [2acf15b94d5b8ea8392c4b6753a6ffac3135cd78] reiserfs: add check for root_inode in reiserfs_fill_super testing commit 2acf15b94d5b8ea8392c4b6753a6ffac3135cd78 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 6d0d5f26a4c0e15188c923383ecfb873ae57ca6a79f592493d6e9ca507949985 run #0: crashed: possible deadlock in fs_reclaim_acquire run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK reproducer seems to be flaky # git bisect bad 2acf15b94d5b8ea8392c4b6753a6ffac3135cd78 2acf15b94d5b8ea8392c4b6753a6ffac3135cd78 is the first bad commit commit 2acf15b94d5b8ea8392c4b6753a6ffac3135cd78 Author: Yu Kuai Date: Fri Jul 2 12:07:43 2021 +0800 reiserfs: add check for root_inode in reiserfs_fill_super Our syzcaller report a NULL pointer dereference: BUG: kernel NULL pointer dereference, address: 0000000000000000 PGD 116e95067 P4D 116e95067 PUD 1080b5067 PMD 0 Oops: 0010 [#1] SMP KASAN CPU: 7 PID: 592 Comm: a.out Not tainted 5.13.0-next-20210629-dirty #67 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-p4 RIP: 0010:0x0 Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. RSP: 0018:ffff888114e779b8 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 1ffff110229cef39 RCX: ffffffffaa67e1aa RDX: 0000000000000000 RSI: ffff88810a58ee00 RDI: ffff8881233180b0 RBP: ffffffffac38e9c0 R08: ffffffffaa67e17e R09: 0000000000000001 R10: ffffffffb91c5557 R11: fffffbfff7238aaa R12: ffff88810a58ee00 R13: ffff888114e77aa0 R14: 0000000000000000 R15: ffff8881233180b0 FS: 00007f946163c480(0000) GS:ffff88839f1c0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 00000001099c1000 CR4: 00000000000006e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __lookup_slow+0x116/0x2d0 ? page_put_link+0x120/0x120 ? __d_lookup+0xfc/0x320 ? d_lookup+0x49/0x90 lookup_one_len+0x13c/0x170 ? __lookup_slow+0x2d0/0x2d0 ? reiserfs_schedule_old_flush+0x31/0x130 reiserfs_lookup_privroot+0x64/0x150 reiserfs_fill_super+0x158c/0x1b90 ? finish_unfinished+0xb10/0xb10 ? bprintf+0xe0/0xe0 ? __mutex_lock_slowpath+0x30/0x30 ? __kasan_check_write+0x20/0x30 ? up_write+0x51/0xb0 ? set_blocksize+0x9f/0x1f0 mount_bdev+0x27c/0x2d0 ? finish_unfinished+0xb10/0xb10 ? reiserfs_kill_sb+0x120/0x120 get_super_block+0x19/0x30 legacy_get_tree+0x76/0xf0 vfs_get_tree+0x49/0x160 ? capable+0x1d/0x30 path_mount+0xacc/0x1380 ? putname+0x97/0xd0 ? finish_automount+0x450/0x450 ? kmem_cache_free+0xf8/0x5a0 ? putname+0x97/0xd0 do_mount+0xe2/0x110 ? path_mount+0x1380/0x1380 ? copy_mount_options+0x69/0x140 __x64_sys_mount+0xf0/0x190 do_syscall_64+0x35/0x80 entry_SYSCALL_64_after_hwframe+0x44/0xae This is because 'root_inode' is initialized with wrong mode, and it's i_op is set to 'reiserfs_special_inode_operations'. Thus add check for 'root_inode' to fix the problem. Link: https://lore.kernel.org/r/20210702040743.1918552-1-yukuai3@huawei.com Signed-off-by: Yu Kuai Signed-off-by: Jan Kara fs/reiserfs/super.c | 8 ++++++++ 1 file changed, 8 insertions(+) parent commit e73f0f0ee7541171d89f2e2491130c7771ba58d3 wasn't tested testing commit e73f0f0ee7541171d89f2e2491130c7771ba58d3 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8a4346afe5fdd5d177e6e1e017cb2935555ef06611f9a78cff0173d731e2a05f culprit signature: 6d0d5f26a4c0e15188c923383ecfb873ae57ca6a79f592493d6e9ca507949985 parent signature: 8a4346afe5fdd5d177e6e1e017cb2935555ef06611f9a78cff0173d731e2a05f Reproducer flagged being flaky revisions tested: 39, total time: 11h22m19.609568421s (build: 6h32m57.298257516s, test: 4h41m21.959025552s) first bad commit: 2acf15b94d5b8ea8392c4b6753a6ffac3135cd78 reiserfs: add check for root_inode in reiserfs_fill_super recipients (to): ["jack@suse.cz" "yukuai3@huawei.com"] recipients (cc): [] crash: possible deadlock in fs_reclaim_acquire loop0: detected capacity change from 0 to 8192 REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal REISERFS (device loop0): using ordered data mode reiserfs: using flush barriers REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 ====================================================== WARNING: possible circular locking dependency detected 5.14.0-rc1-syzkaller #0 Not tainted ------------------------------------------------------ syz-executor.0/5846 is trying to acquire lock: ffffffff8ae94a20 (fs_reclaim){+.+.}-{0:0}, at: fs_reclaim_acquire+0xf7/0x160 mm/page_alloc.c:4574 but task is already holding lock: ffff8880b9c31640 (lock#2){-.-.}-{2:2}, at: __alloc_pages_bulk+0x4ad/0x1870 mm/page_alloc.c:5279 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (lock#2){-.-.}-{2:2}: local_lock_acquire include/linux/local_lock_internal.h:42 [inline] free_unref_page+0x1bf/0x690 mm/page_alloc.c:3427 mm_free_pgd kernel/fork.c:636 [inline] __mmdrop+0xb9/0x350 kernel/fork.c:687 mmdrop include/linux/sched/mm.h:49 [inline] finish_task_switch.isra.0+0x792/0xb40 kernel/sched/core.c:4582 context_switch kernel/sched/core.c:4686 [inline] __schedule+0xb07/0x5910 kernel/sched/core.c:5940 preempt_schedule_irq+0x4e/0x90 kernel/sched/core.c:6328 irqentry_exit+0x31/0x80 kernel/entry/common.c:427 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638 lock_acquire+0x1ef/0x510 kernel/locking/lockdep.c:5593 __fs_reclaim_acquire mm/page_alloc.c:4552 [inline] fs_reclaim_acquire+0x117/0x160 mm/page_alloc.c:4566 might_alloc include/linux/sched/mm.h:198 [inline] slab_pre_alloc_hook mm/slab.h:485 [inline] slab_alloc_node mm/slub.c:2902 [inline] slab_alloc mm/slub.c:2989 [inline] kmem_cache_alloc+0x3e/0x3a0 mm/slub.c:2994 kmem_cache_zalloc include/linux/slab.h:711 [inline] lsm_file_alloc security/security.c:571 [inline] security_file_alloc+0x25/0x120 security/security.c:1514 __alloc_file+0xb6/0x240 fs/file_table.c:106 alloc_empty_file+0x3c/0xf0 fs/file_table.c:150 path_openat+0xda/0x22c0 fs/namei.c:3493 do_filp_open+0x199/0x3d0 fs/namei.c:3534 do_sys_openat2+0x11e/0x360 fs/open.c:1204 do_sys_open fs/open.c:1220 [inline] __do_sys_openat fs/open.c:1236 [inline] __se_sys_openat fs/open.c:1231 [inline] __x64_sys_openat+0x11b/0x1d0 fs/open.c:1231 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae -> #0 (fs_reclaim){+.+.}-{0:0}: check_prev_add kernel/locking/lockdep.c:3051 [inline] check_prevs_add kernel/locking/lockdep.c:3174 [inline] validate_chain kernel/locking/lockdep.c:3789 [inline] __lock_acquire+0x2985/0x5410 kernel/locking/lockdep.c:5015 lock_acquire kernel/locking/lockdep.c:5625 [inline] lock_acquire+0x1ab/0x510 kernel/locking/lockdep.c:5590 __fs_reclaim_acquire mm/page_alloc.c:4552 [inline] fs_reclaim_acquire+0x117/0x160 mm/page_alloc.c:4566 prepare_alloc_pages+0x15c/0x580 mm/page_alloc.c:5164 __alloc_pages+0x12f/0x500 mm/page_alloc.c:5363 stack_depot_save+0x39d/0x4e0 lib/stackdepot.c:303 save_stack+0x131/0x1a0 mm/page_owner.c:120 __set_page_owner+0x2e/0x250 mm/page_owner.c:181 prep_new_page mm/page_alloc.c:2433 [inline] __alloc_pages_bulk+0x8b9/0x1870 mm/page_alloc.c:5301 alloc_pages_bulk_array_node include/linux/gfp.h:557 [inline] vm_area_alloc_pages mm/vmalloc.c:2793 [inline] __vmalloc_area_node mm/vmalloc.c:2863 [inline] __vmalloc_node_range+0x2f6/0x7e0 mm/vmalloc.c:2966 __vmalloc_node mm/vmalloc.c:3015 [inline] vzalloc+0x62/0x80 mm/vmalloc.c:3085 allocate_cnodes fs/reiserfs/journal.c:351 [inline] journal_init+0x16e1/0x5e10 fs/reiserfs/journal.c:2861 reiserfs_fill_super+0x9c5/0x2680 fs/reiserfs/super.c:2032 mount_bdev+0x2cb/0x3b0 fs/super.c:1368 legacy_get_tree+0xfa/0x1f0 fs/fs_context.c:592 vfs_get_tree+0x7f/0x2c0 fs/super.c:1498 do_new_mount fs/namespace.c:2905 [inline] path_mount+0x7f3/0x1a40 fs/namespace.c:3235 do_mount fs/namespace.c:3248 [inline] __do_sys_mount fs/namespace.c:3456 [inline] __se_sys_mount fs/namespace.c:3433 [inline] __x64_sys_mount+0x1f5/0x260 fs/namespace.c:3433 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(lock#2); lock(fs_reclaim); lock(lock#2); lock(fs_reclaim); *** DEADLOCK *** 2 locks held by syz-executor.0/5846: #0: ffff88801f88c0e0 (&type->s_umount_key#25/1){+.+.}-{3:3}, at: alloc_super+0x192/0xa00 fs/super.c:229 #1: ffff8880b9c31640 (lock#2){-.-.}-{2:2}, at: __alloc_pages_bulk+0x4ad/0x1870 mm/page_alloc.c:5279 stack backtrace: CPU: 0 PID: 5846 Comm: syz-executor.0 Not tainted 5.14.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x57/0x7d lib/dump_stack.c:105 check_noncircular+0x25f/0x2e0 kernel/locking/lockdep.c:2131 check_prev_add kernel/locking/lockdep.c:3051 [inline] check_prevs_add kernel/locking/lockdep.c:3174 [inline] validate_chain kernel/locking/lockdep.c:3789 [inline] __lock_acquire+0x2985/0x5410 kernel/locking/lockdep.c:5015 lock_acquire kernel/locking/lockdep.c:5625 [inline] lock_acquire+0x1ab/0x510 kernel/locking/lockdep.c:5590 __fs_reclaim_acquire mm/page_alloc.c:4552 [inline] fs_reclaim_acquire+0x117/0x160 mm/page_alloc.c:4566 prepare_alloc_pages+0x15c/0x580 mm/page_alloc.c:5164 __alloc_pages+0x12f/0x500 mm/page_alloc.c:5363 stack_depot_save+0x39d/0x4e0 lib/stackdepot.c:303 save_stack+0x131/0x1a0 mm/page_owner.c:120 __set_page_owner+0x2e/0x250 mm/page_owner.c:181 prep_new_page mm/page_alloc.c:2433 [inline] __alloc_pages_bulk+0x8b9/0x1870 mm/page_alloc.c:5301 alloc_pages_bulk_array_node include/linux/gfp.h:557 [inline] vm_area_alloc_pages mm/vmalloc.c:2793 [inline] __vmalloc_area_node mm/vmalloc.c:2863 [inline] __vmalloc_node_range+0x2f6/0x7e0 mm/vmalloc.c:2966 __vmalloc_node mm/vmalloc.c:3015 [inline] vzalloc+0x62/0x80 mm/vmalloc.c:3085 allocate_cnodes fs/reiserfs/journal.c:351 [inline] journal_init+0x16e1/0x5e10 fs/reiserfs/journal.c:2861 reiserfs_fill_super+0x9c5/0x2680 fs/reiserfs/super.c:2032 mount_bdev+0x2cb/0x3b0 fs/super.c:1368 legacy_get_tree+0xfa/0x1f0 fs/fs_context.c:592 vfs_get_tree+0x7f/0x2c0 fs/super.c:1498 do_new_mount fs/namespace.c:2905 [inline] path_mount+0x7f3/0x1a40 fs/namespace.c:3235 do_mount fs/namespace.c:3248 [inline] __do_sys_mount fs/namespace.c:3456 [inline] __se_sys_mount fs/namespace.c:3433 [inline] __x64_sys_mount+0x1f5/0x260 fs/namespace.c:3433 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f92d8e0769a Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f92d8177f88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000000010f7 RCX: 00007f92d8e0769a RDX: 0000000020001100 RSI: 0000000020000040 RDI: 00007f92d8177fe0 RBP: 00007f92d8178020 R08: 00007f92d8178020 R09: 0000000000000080 R10: 0000000000000080 R11: 0000000000000246 R12: 0000000020001100 R13: 0000000020000040 R14: 00007f92d8177fe0 R15: 00000000200000c0 BUG: sleeping function called from invalid context at mm/page_alloc.c:5167 in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 5846, name: syz-executor.0 INFO: lockdep is turned off. irq event stamp: 21286 hardirqs last enabled at (21285): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline] hardirqs last enabled at (21285): [] _raw_spin_unlock_irqrestore+0x50/0x70 kernel/locking/spinlock.c:191 hardirqs last disabled at (21286): [] __alloc_pages_bulk+0x1017/0x1870 mm/page_alloc.c:5279 softirqs last enabled at (21260): [] invoke_softirq kernel/softirq.c:432 [inline] softirqs last enabled at (21260): [] __irq_exit_rcu+0x16e/0x1c0 kernel/softirq.c:636 softirqs last disabled at (21135): [] invoke_softirq kernel/softirq.c:432 [inline] softirqs last disabled at (21135): [] __irq_exit_rcu+0x16e/0x1c0 kernel/softirq.c:636 CPU: 0 PID: 5846 Comm: syz-executor.0 Not tainted 5.14.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x57/0x7d lib/dump_stack.c:105 ___might_sleep.cold+0x1f1/0x237 kernel/sched/core.c:9154 prepare_alloc_pages+0x3da/0x580 mm/page_alloc.c:5167 __alloc_pages+0x12f/0x500 mm/page_alloc.c:5363 stack_depot_save+0x39d/0x4e0 lib/stackdepot.c:303 save_stack+0x131/0x1a0 mm/page_owner.c:120 __set_page_owner+0x2e/0x250 mm/page_owner.c:181 prep_new_page mm/page_alloc.c:2433 [inline] __alloc_pages_bulk+0x8b9/0x1870 mm/page_alloc.c:5301 alloc_pages_bulk_array_node include/linux/gfp.h:557 [inline] vm_area_alloc_pages mm/vmalloc.c:2793 [inline] __vmalloc_area_node mm/vmalloc.c:2863 [inline] __vmalloc_node_range+0x2f6/0x7e0 mm/vmalloc.c:2966 __vmalloc_node mm/vmalloc.c:3015 [inline] vzalloc+0x62/0x80 mm/vmalloc.c:3085 allocate_cnodes fs/reiserfs/journal.c:351 [inline] journal_init+0x16e1/0x5e10 fs/reiserfs/journal.c:2861 reiserfs_fill_super+0x9c5/0x2680 fs/reiserfs/super.c:2032 mount_bdev+0x2cb/0x3b0 fs/super.c:1368 legacy_get_tree+0xfa/0x1f0 fs/fs_context.c:592 vfs_get_tree+0x7f/0x2c0 fs/super.c:1498 do_new_mount fs/namespace.c:2905 [inline] path_mount+0x7f3/0x1a40 fs/namespace.c:3235 do_mount fs/namespace.c:3248 [inline] __do_sys_mount fs/namespace.c:3456 [inline] __se_sys_mount fs/namespace.c:3433 [inline] __x64_sys_mount+0x1f5/0x260 fs/namespace.c:3433 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f92d8e0769a Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f92d8177f88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000000010f7 RCX: 00007f92d8e0769a RDX: 0000000020001100 RSI: 0000000020000040 RDI: 00007f92d8177fe0 RBP: 00007f92d8178020 R08: 00007f92d8178020 R09: 0000000000000080 R10: 0000000000000080 R11: 0000000000000246 R12: 0000000020001100 R13: 0000000020000040 R14: 00007f92d8177fe0 R15: 00000000200000c0 REISERFS (device loop0): checking transaction log (loop0) REISERFS (device loop0): Using r5 hash to sort names REISERFS (device loop0): using 3.5.x disk format REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2 REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? REISERFS (device loop0): Remounting filesystem read-only REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 1 0x0 SD] stat data REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2 REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? REISERFS error (device loop0): zam-7001 reiserfs_find_entry: io error REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2 REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 1 0x0 SD] stat data REISERFS warning (device loop0): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount.