bisecting fixing commit since 125222814e7b8f84df767d6ab622aff2a6d2f234
building syzkaller on 8092f30df01f3443831725509ef5a3dae26122c0
testing commit 125222814e7b8f84df767d6ab622aff2a6d2f234 with gcc (GCC) 8.4.1 20210217
kernel signature: 2e962f5d2ee11d6cb4c336cfc8bdfacd058525b68e13c3d41b73a2dd5f645394
run #0: basic kernel testing failed: BUG: program execution failed: executor 0: failed to write control pipe: write |1: broken pipe
run #1: crashed: divide error in do_journal_end
run #2: crashed: divide error in do_journal_end
run #3: crashed: divide error in do_journal_end
run #4: crashed: divide error in do_journal_end
run #5: crashed: divide error in do_journal_end
run #6: crashed: divide error in do_journal_end
run #7: crashed: divide error in do_journal_end
run #8: crashed: divide error in do_journal_end
run #9: crashed: divide error in do_journal_end
run #10: crashed: divide error in do_journal_end
run #11: crashed: divide error in do_journal_end
run #12: crashed: divide error in do_journal_end
run #13: crashed: divide error in do_journal_end
run #14: crashed: divide error in do_journal_end
run #15: crashed: divide error in do_journal_end
run #16: crashed: divide error in do_journal_end
run #17: crashed: divide error in do_journal_end
run #18: crashed: divide error in do_journal_end
run #19: basic kernel testing failed: timed out
testing current HEAD 2965db2e004cf9c92b87c1f559e9812c0ae878c1
testing commit 2965db2e004cf9c92b87c1f559e9812c0ae878c1 with gcc (GCC) 8.4.1 20210217
kernel signature: 6da4a0211ad67a3f1905826e593b4ee88a8fe355fd9daa8a53da5bebe53e9f50
all runs: crashed: divide error in do_journal_end
revisions tested: 2, total time: 23m34.17381616s (build: 16m3.648604016s, test: 7m2.799757322s)
the crash still happens on HEAD
commit msg: Linux 4.19.188
crash: divide error in do_journal_end
REISERFS (device loop1): checking transaction log (loop1)
REISERFS (device loop3): Using rupasov hash to sort names
REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
divide error: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 8480 Comm: syz-executor.3 Not tainted 4.19.188-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:do_journal_end+0x2129/0x4400 fs/reiserfs/journal.c:4204
Code: 95 c6 41 84 f3 0f 85 cf 14 00 00 41 83 e0 07 44 38 c2 40 0f 9e c6 84 d2 0f 95 c2 40 84 d6 0f 85 b6 14 00 00 41 8b 7d 14 31 d2 <48> f7 f7 48 8d 79 18 4a 8d 34 12 48 89 f8 48 c1 e8 03 80 3c 18 00
RSP: 0018:ffff8880ab4b7b08 EFLAGS: 00010246
RAX: 0000000000000005 RBX: dffffc0000000000 RCX: ffff888097f4e400
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffff8880ab4b7c10 R08: 0000000000000007 R09: ffffed1017444552
R10: 0000000000000000 R11: 0000000000000001 R12: ffffc90005c2b048
R13: ffff888081063000 R14: ffff888098fc2d80 R15: 0000000000001000
FS:  0000000001539400(0000) GS:ffff8880ba200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fff2e939c4c CR3: 00000000a9026000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 journal_end_sync+0x117/0x210 fs/reiserfs/journal.c:3534
 reiserfs_sync_fs+0xcc/0xe0 fs/reiserfs/super.c:78
 __sync_filesystem fs/sync.c:39 [inline]
 sync_filesystem fs/sync.c:67 [inline]
 sync_filesystem+0x165/0x1f0 fs/sync.c:48
 generic_shutdown_super+0x69/0x330 fs/super.c:442
 kill_block_super+0x96/0xe0 fs/super.c:1185
 reiserfs_kill_sb+0x171/0x1d0 fs/reiserfs/super.c:570
 deactivate_locked_super+0x77/0xd0 fs/super.c:329
 deactivate_super fs/super.c:360 [inline]
 deactivate_super+0x13f/0x160 fs/super.c:356
 cleanup_mnt+0xa3/0x130 fs/namespace.c:1098
 __cleanup_mnt+0xd/0x10 fs/namespace.c:1105
 task_work_run+0x108/0x180 kernel/task_work.c:113
 tracehook_notify_resume include/linux/tracehook.h:193 [inline]
 exit_to_usermode_loop+0x185/0x1e0 arch/x86/entry/common.c:167
 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:271 [inline]
 do_syscall_64+0x413/0x4e0 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x4678b7
Code: ff d0 48 89 c7 b8 3c 00 00 00 0f 05 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff2e939c28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000004678b7
RDX: 00007fff2e939cf9 RSI: 0000000000000002 RDI: 00007fff2e939cf0
REISERFS (device loop4): Using rupasov hash to sort names
RBP: 00007fff2e939cf0 R08: 00000000ffffffff R09: 00007fff2e939ac0
R10: 000000000153a8e3 R11: 0000000000000246 R12: 00000000004bebb2
R13: 00007fff2e93adc0 R14: 000000000153a810 R15: 00007fff2e93ae00
Modules linked in:
---[ end trace 169f3e46581abfe8 ]---
REISERFS (device loop2): Using rupasov hash to sort names
RIP: 0010:do_journal_end+0x2129/0x4400 fs/reiserfs/journal.c:4204
REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
Code: 95 c6 41 84 f3 0f 85 cf 14 00 00 41 83 e0 07 44 38 c2 40 0f 9e c6 84 d2 0f 95 c2 40 84 d6 0f 85 b6 14 00 00 41 8b 7d 14 31 d2 <48> f7 f7 48 8d 79 18 4a 8d 34 12 48 89 f8 48 c1 e8 03 80 3c 18 00
REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
RSP: 0018:ffff8880ab4b7b08 EFLAGS: 00010246
divide error: 0000 [#2] PREEMPT SMP KASAN
CPU: 0 PID: 8474 Comm: syz-executor.4 Tainted: G      D           4.19.188-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:do_journal_end+0x2129/0x4400 fs/reiserfs/journal.c:4204
Code: 95 c6 41 84 f3 0f 85 cf 14 00 00 41 83 e0 07 44 38 c2 40 0f 9e c6 84 d2 0f 95 c2 40 84 d6 0f 85 b6 14 00 00 41 8b 7d 14 31 d2 <48> f7 f7 48 8d 79 18 4a 8d 34 12 48 89 f8 48 c1 e8 03 80 3c 18 00
RSP: 0018:ffff8880924a7b08 EFLAGS: 00010246
RAX: 0000000000000005 RBX: dffffc0000000000 RCX: ffff8880b458e080
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffff8880924a7c10 R08: 0000000000000007 R09: ffffed1015c1e4a5
R10: 0000000000000000 R11: 0000000000000001 R12: ffffc90005ffe048
R13: ffff88807e41d000 R14: ffff8880b3df6440 R15: 0000000000001000
FS:  0000000001c8f400(0000) GS:ffff8880ba200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fff72d72ff4 CR3: 00000000ab30e000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 journal_end_sync+0x117/0x210 fs/reiserfs/journal.c:3534
 reiserfs_sync_fs+0xcc/0xe0 fs/reiserfs/super.c:78
 __sync_filesystem fs/sync.c:39 [inline]
 sync_filesystem fs/sync.c:67 [inline]
 sync_filesystem+0x165/0x1f0 fs/sync.c:48
 generic_shutdown_super+0x69/0x330 fs/super.c:442
 kill_block_super+0x96/0xe0 fs/super.c:1185
 reiserfs_kill_sb+0x171/0x1d0 fs/reiserfs/super.c:570
RAX: 0000000000000005 RBX: dffffc0000000000 RCX: ffff888097f4e400
 deactivate_locked_super+0x77/0xd0 fs/super.c:329
 deactivate_super fs/super.c:360 [inline]
 deactivate_super+0x13f/0x160 fs/super.c:356
 cleanup_mnt+0xa3/0x130 fs/namespace.c:1098
 __cleanup_mnt+0xd/0x10 fs/namespace.c:1105
 task_work_run+0x108/0x180 kernel/task_work.c:113
 tracehook_notify_resume include/linux/tracehook.h:193 [inline]
 exit_to_usermode_loop+0x185/0x1e0 arch/x86/entry/common.c:167
 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:271 [inline]
 do_syscall_64+0x413/0x4e0 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RIP: 0033:0x4678b7
Code: ff d0 48 89 c7 b8 3c 00 00 00 0f 05 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff72d73748 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000004678b7
RDX: 00007fff72d73819 RSI: 0000000000000002 RDI: 00007fff72d73810
RBP: 00007fff72d73810 R08: 00000000ffffffff R09: 00007fff72d735e0
R10: 0000000001c908e3 R11: 0000000000000246 R12: 00000000004bebb2
R13: 00007fff72d748e0 R14: 0000000001c90810 R15: 00007fff72d74920
Modules linked in:
---[ end trace 169f3e46581abfe9 ]---
RBP: ffff8880ab4b7c10 R08: 0000000000000007 R09: ffffed1017444552
divide error: 0000 [#3] PREEMPT SMP KASAN
REISERFS (device loop5): Using rupasov hash to sort names
CPU: 0 PID: 8478 Comm: syz-executor.2 Tainted: G      D           4.19.188-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:do_journal_end+0x2129/0x4400 fs/reiserfs/journal.c:4204
R10: 0000000000000000 R11: 0000000000000001 R12: ffffc90005c2b048
Code: 95 c6 41 84 f3 0f 85 cf 14 00 00 41 83 e0 07 44 38 c2 40 0f 9e c6 84 d2 0f 95 c2 40 84 d6 0f 85 b6 14 00 00 41 8b 7d 14 31 d2 <48> f7 f7 48 8d 79 18 4a 8d 34 12 48 89 f8 48 c1 e8 03 80 3c 18 00
RSP: 0018:ffff8880a9537b08 EFLAGS: 00010246
RAX: 0000000000000005 RBX: dffffc0000000000 RCX: ffff8880b4fc8500
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffff8880a9537c10 R08: 0000000000000007 R09: ffffed1015c1e565
R10: 0000000000000000 R11: 0000000000000001 R12: ffffc90005d4c048
R13: ffff88807fe4f000 R14: ffff88808d49c1c0 R15: 0000000000001000
FS:  0000000001891400(0000) GS:ffff8880ba200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffedcdd5da8 CR3: 00000000a921c000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 journal_end_sync+0x117/0x210 fs/reiserfs/journal.c:3534
 reiserfs_sync_fs+0xcc/0xe0 fs/reiserfs/super.c:78
 __sync_filesystem fs/sync.c:39 [inline]
 sync_filesystem fs/sync.c:67 [inline]
 sync_filesystem+0x165/0x1f0 fs/sync.c:48
 generic_shutdown_super+0x69/0x330 fs/super.c:442
REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
 kill_block_super+0x96/0xe0 fs/super.c:1185
 reiserfs_kill_sb+0x171/0x1d0 fs/reiserfs/super.c:570
 deactivate_locked_super+0x77/0xd0 fs/super.c:329
 deactivate_super fs/super.c:360 [inline]
 deactivate_super+0x13f/0x160 fs/super.c:356
 cleanup_mnt+0xa3/0x130 fs/namespace.c:1098
 __cleanup_mnt+0xd/0x10 fs/namespace.c:1105
 task_work_run+0x108/0x180 kernel/task_work.c:113
 tracehook_notify_resume include/linux/tracehook.h:193 [inline]
 exit_to_usermode_loop+0x185/0x1e0 arch/x86/entry/common.c:167
 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:271 [inline]
 do_syscall_64+0x413/0x4e0 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
R13: ffff888081063000 R14: ffff888098fc2d80 R15: 0000000000001000
RIP: 0033:0x4678b7
Code: ff d0 48 89 c7 b8 3c 00 00 00 0f 05 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffedcdd64e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000004678b7
RDX: 00007ffedcdd65b9 RSI: 0000000000000002 RDI: 00007ffedcdd65b0
RBP: 00007ffedcdd65b0 R08: 00000000ffffffff R09: 00007ffedcdd6380
FS:  0000000001539400(0000) GS:ffff8880ba300000(0000) knlGS:0000000000000000
R10: 00000000018928e3 R11: 0000000000000246 R12: 00000000004bebb2
R13: 00007ffedcdd7680 R14: 0000000001892810 R15: 00007ffedcdd76c0
Modules linked in:
divide error: 0000 [#4] PREEMPT SMP KASAN
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CPU: 0 PID: 8479 Comm: syz-executor.5 Tainted: G      D           4.19.188-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:do_journal_end+0x2129/0x4400 fs/reiserfs/journal.c:4204
Code: 95 c6 41 84 f3 0f 85 cf 14 00 00 41 83 e0 07 44 38 c2 40 0f 9e c6 84 d2 0f 95 c2 40 84 d6 0f 85 b6 14 00 00 41 8b 7d 14 31 d2 <48> f7 f7 48 8d 79 18 4a 8d 34 12 48 89 f8 48 c1 e8 03 80 3c 18 00
CR2: 00007f7c9243c000 CR3: 00000000a9026000 CR4: 00000000001406e0
RSP: 0018:ffff8880a9d27b08 EFLAGS: 00010246
RAX: 0000000000000005 RBX: dffffc0000000000 RCX: ffff8880ab870380
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffff8880a9d27c10 R08: 0000000000000007 R09: ffffed1016a8027d
R10: 0000000000000000 R11: 0000000000000001 R12: ffffc90005ed1048
R13: ffff88807ff54000 R14: ffff888096e283c0 R15: 0000000000001000
FS:  0000000001d71400(0000) GS:ffff8880ba200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000001d7a848 CR3: 00000000a9427000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 journal_end_sync+0x117/0x210 fs/reiserfs/journal.c:3534
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
 reiserfs_sync_fs+0xcc/0xe0 fs/reiserfs/super.c:78
 __sync_filesystem fs/sync.c:39 [inline]
 sync_filesystem fs/sync.c:67 [inline]
 sync_filesystem+0x165/0x1f0 fs/sync.c:48
 generic_shutdown_super+0x69/0x330 fs/super.c:442
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
 kill_block_super+0x96/0xe0 fs/super.c:1185
 reiserfs_kill_sb+0x171/0x1d0 fs/reiserfs/super.c:570
 deactivate_locked_super+0x77/0xd0 fs/super.c:329
 deactivate_super fs/super.c:360 [inline]
 deactivate_super+0x13f/0x160 fs/super.c:356
 cleanup_mnt+0xa3/0x130 fs/namespace.c:1098
 __cleanup_mnt+0xd/0x10 fs/namespace.c:1105
RIP: 0010:do_journal_end+0x2129/0x4400 fs/reiserfs/journal.c:4204
 task_work_run+0x108/0x180 kernel/task_work.c:113
 tracehook_notify_resume include/linux/tracehook.h:193 [inline]
 exit_to_usermode_loop+0x185/0x1e0 arch/x86/entry/common.c:167
 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:271 [inline]
 do_syscall_64+0x413/0x4e0 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe