ci starts bisection 2024-05-24 23:28:06.836327967 +0000 UTC m=+40.337343632
bisecting cause commit starting from 8f6a15f095a63a83b096d9b29aaff4f0fbe6f6e6
building syzkaller on 8f98448ed32de3ed37dd5bed05414b81e16e7437
ensuring issue is reproducible on original commit 8f6a15f095a63a83b096d9b29aaff4f0fbe6f6e6

testing commit 8f6a15f095a63a83b096d9b29aaff4f0fbe6f6e6 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 7cb106a06e808c42b3f0eb932611dcaa83eefe2756bc4ee5ad8b3928566ac08c
all runs: crashed: WARNING in ext4_xattr_inode_lookup_create
representative crash: WARNING in ext4_xattr_inode_lookup_create, types: [WARNING]
check whether we can drop unnecessary instrumentation
disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN KASAN], they are not needed
testing commit 8f6a15f095a63a83b096d9b29aaff4f0fbe6f6e6 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: d8b32c64964a9143f45bb780133074fd24ddbfc720d9312be75b473a1922ce0d
all runs: crashed: WARNING in ext4_xattr_inode_lookup_create
representative crash: WARNING in ext4_xattr_inode_lookup_create, types: [WARNING]
the bug reproduces without the instrumentation
disabling configs for [HANG LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed
kconfig minimization: base=3971 full=8032 leaves diff=2025
split chunks (needed=false): <2025>
split chunk #0 of len 2025 into 5 parts
testing without sub-chunk 1/5
disabling configs for [HANG LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed
testing commit 8f6a15f095a63a83b096d9b29aaff4f0fbe6f6e6 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: c13e9f72a3a21c70e64660842c7d7e20922b881ea95c3b015d7b51e057a5339e
all runs: crashed: WARNING in ext4_xattr_inode_lookup_create
representative crash: WARNING in ext4_xattr_inode_lookup_create, types: [WARNING]
the chunk can be dropped
testing without sub-chunk 2/5
disabling configs for [HANG LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed
testing commit 8f6a15f095a63a83b096d9b29aaff4f0fbe6f6e6 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: e149d086dbb8ac1c50ff3c61ef227713ddcdc9f33e19a1392addb577bd07cb33
all runs: crashed: WARNING in ext4_xattr_inode_lookup_create
representative crash: WARNING in ext4_xattr_inode_lookup_create, types: [WARNING]
the chunk can be dropped
testing without sub-chunk 3/5
disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed
testing commit 8f6a15f095a63a83b096d9b29aaff4f0fbe6f6e6 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: c29cbb2c3e143f4a874b494a16249f8496e6442507ae5b70c38e2b2165102cfb
all runs: crashed: WARNING in ext4_xattr_inode_lookup_create
representative crash: WARNING in ext4_xattr_inode_lookup_create, types: [WARNING]
the chunk can be dropped
testing without sub-chunk 4/5
disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN KASAN], they are not needed
testing commit 8f6a15f095a63a83b096d9b29aaff4f0fbe6f6e6 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: c08723e6b1b6d4afe72b2fb8bb425f9c2ce49a4cc8d74b82a2b1242ece9dff26
all runs: crashed: WARNING in ext4_xattr_inode_lookup_create
representative crash: WARNING in ext4_xattr_inode_lookup_create, types: [WARNING]
the chunk can be dropped
testing without sub-chunk 5/5
disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN KASAN LOCKDEP], they are not needed
testing commit 8f6a15f095a63a83b096d9b29aaff4f0fbe6f6e6 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 274d6e316806b5a28b716889bdf27b6b7d0ad3e829dea9224f664d9ae48ec3e1
all runs: crashed: WARNING in ext4_xattr_inode_lookup_create
representative crash: WARNING in ext4_xattr_inode_lookup_create, types: [WARNING]
the chunk can be dropped
disabling configs for [LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed
picked [v6.9 v6.8 v6.7 v6.5 v6.3 v6.1 v5.19 v5.17 v5.14 v5.11 v5.8 v5.5 v5.2 v4.20 v4.19] out of 32 release tags
testing release v6.9
testing commit a38297e3fb012ddfa7ce0321a7e5a8daeb1872b6 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 03ac63f9a6a180b7843454816e7ce12d3bd3780d3d488f4556146bc013a4566b
all runs: crashed: WARNING in ext4_xattr_set_entry
representative crash: WARNING in ext4_xattr_set_entry, types: [WARNING]
testing release v6.8
testing commit e8f897f4afef0031fe618a8e94127a0934896aba gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 3cfa7d4f0977097b1fdd2d00490792ea77d64a3a4d3462b37ebe3fa6dd8aee91
all runs: crashed: WARNING in ext4_xattr_set_entry
representative crash: WARNING in ext4_xattr_set_entry, types: [WARNING]
testing release v6.7
testing commit 0dd3ee31125508cd67f7e7172247f05b7fd1753a gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 941b96c3a3f94566dbf67b6839801cacde27f90ea360e1cb744e147d763735d0
all runs: crashed: WARNING in ext4_xattr_set_entry
representative crash: WARNING in ext4_xattr_set_entry, types: [WARNING]
testing release v6.5
testing commit 2dde18cd1d8fac735875f2e4987f11817cc0bc2c gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: ef8de5d80111460ef0d931e661e5ea0d15927bd220bcf47deb42c6646a48d456
all runs: crashed: WARNING in ext4_xattr_set_entry
representative crash: WARNING in ext4_xattr_set_entry, types: [WARNING]
testing release v6.3
testing commit 457391b0380335d5e9a5babdec90ac53928b23b4 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: d4893ff1e5264e8a899a4a937ebb13f6311242807b55d7991f2801dd39d2e82e
all runs: crashed: WARNING in ext4_xattr_set_entry
representative crash: WARNING in ext4_xattr_set_entry, types: [WARNING]
testing release v6.1
testing commit 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: c44ed0022942368a503d9b16b52a354db2dcd01fa10b2da72f10c8c833a55fa6
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry
representative crash: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry, types: [UNKNOWN]
testing release v5.19
testing commit 3d7cb6b04c3f3115719235cc6866b10326de34cd gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 204c1f7d90f6f84fe48eacc6d829fc76f046b96d55696edfda204a34c33b90d4
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry
representative crash: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry, types: [UNKNOWN]
testing release v5.17
testing commit f443e374ae131c168a065ea1748feac6b2e76613 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 1bcbf2283febaebe9389c07c158bed93956d0103640522ab68693a62a6febcd4
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry
representative crash: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry, types: [UNKNOWN]
testing release v5.14
testing commit 7d2a07b769330c34b4deabeed939325c77a7ec2f gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 8afda2f87c07ef25850be46620a37b705c0c57394dde8d48cea8afd697b76e00
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry
representative crash: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry, types: [UNKNOWN]
testing release v5.11
testing commit f40ddce88593482919761f74910f42f4b84c004b gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: de2a5bbe18f5ded6f74d4d88594beeeff95ceab482964f33664e6595f0af21fb
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry
representative crash: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry, types: [UNKNOWN]
testing release v5.8
testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c gcc
compiler: gcc (GCC) 8.4.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 4fc7e38dd25a799cc56263d9201e04981803c7400437124cca90f06e64274e37
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry
representative crash: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry, types: [UNKNOWN]
testing release v5.5
testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 gcc
compiler: gcc version 8.4.1 20210217 (GCC)
kernel signature: 5f5c33a401eba578bdca852986d88e2ff5c3ee57246c9623b73a7cd3e3441a86
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry
representative crash: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry, types: [UNKNOWN]
testing release v5.2
testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 gcc
compiler: gcc version 8.4.1 20210217 (GCC)
kernel signature: 0401944aa8ac8e8850e8d2e21db58c978cf25e0ca06933a9689fb49a5e2e3c0c
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry
representative crash: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry, types: [UNKNOWN]
testing release v4.20
testing commit 8fe28cb58bcb235034b64cbbb7550a8a43fd88be gcc
compiler: gcc version 8.4.1 20210217 (GCC)
kernel signature: fd22a0ed21f1b8751630601e5a22c6f196e4f7d122ff7bb0596baa21b9a52845
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry
representative crash: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry, types: [UNKNOWN]
testing release v4.19
testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d gcc
compiler: gcc version 8.4.1 20210217 (GCC)
kernel signature: 2c406dbee881881e5cf7d0896097c7dea3fdb9e37ff8bdd637861bc28a9037f1
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry
representative crash: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry, types: [UNKNOWN]
crash still not fixed/happens on the oldest tested release
revisions tested: 22, total time: 10h43m2.464684823s (build: 4h28m37.294866694s, test: 1h54m33.9538559s)
oldest tested release already had the bug or it had kernel test errors
commit msg: Linux 4.19
crash: BUG: unable to handle kernel NULL pointer dereference in ext4_xattr_set_entry
Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
syz-executor.0 (1141) used greatest stack depth: 11440 bytes left
EXT4-fs (loop0): mounted filesystem without journal. Opts: user_xattr,nombcache,noblock_validity,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,usrquota,noauto_da_alloc,,errors=continue
BUG: unable to handle kernel NULL pointer dereference at 0000000000000058
PGD 800000022ec90067 P4D 800000022ec90067 PUD 0 
Oops: 0000 [#1] SMP PTI
CPU: 0 PID: 1612 Comm: syz-executor Not tainted 4.19.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
RIP: 0010:ext4_xattr_inode_create fs/ext4/xattr.c:1431 [inline]
RIP: 0010:ext4_xattr_inode_lookup_create fs/ext4/xattr.c:1535 [inline]
RIP: 0010:ext4_xattr_set_entry+0x805/0x10b0 fs/ext4/xattr.c:1663
Code: b8 88 07 00 00 e8 2b 10 e3 ff 49 8b 55 28 4c 8d 4d c8 31 c9 89 45 cc 49 8b 45 40 48 8b bd 68 ff ff ff 48 8b 52 68 44 8d 40 01 <48> 8b 72 58 6a 00 ba 80 81 00 00 6a 00 6a 00 68 00 00 20 00 e8 02
RSP: 0018:ffffc90002313928 EFLAGS: 00010246
RAX: 000000000000000c RBX: ffffc90002313b90 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
RBP: ffffc90002313a18 R08: 000000000000000d R09: ffffc900023139e0
R10: ffffffff81e4d300 R11: ffffffff81e4d700 R12: ffff880230f46420
R13: ffff88022ffbddd0 R14: 0000000000000000 R15: 0000000000000000
FS:  00007f3f979b1480(0000) GS:ffff880237a00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000058 CR3: 0000000230ade000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 ext4_xattr_block_set+0x27a/0xde0 fs/ext4/xattr.c:1960
 ext4_xattr_move_to_block fs/ext4/xattr.c:2611 [inline]
 ext4_xattr_make_inode_space fs/ext4/xattr.c:2678 [inline]
 ext4_expand_extra_isize_ea+0x3df/0x830 fs/ext4/xattr.c:2766
 __ext4_expand_extra_isize.isra.14+0x71/0x90 fs/ext4/inode.c:5873
 ext4_try_to_expand_extra_isize fs/ext4/inode.c:5917 [inline]
 ext4_mark_inode_dirty+0x177/0x1f0 fs/ext4/inode.c:5993
 ext4_dirty_inode+0x48/0x70 fs/ext4/inode.c:6027
 __mark_inode_dirty+0x89/0x480 fs/fs-writeback.c:2129
 mark_inode_dirty_sync include/linux/fs.h:2075 [inline]
 iput fs/inode.c:1570 [inline]
 iput+0x59/0x240 fs/inode.c:1559
 dentry_unlink_inode+0xab/0xe0 fs/dcache.c:374
 __dentry_kill+0xde/0x180 fs/dcache.c:566
 shrink_dentry_list+0xe1/0x230 fs/dcache.c:1079
 shrink_dcache_parent+0x87/0x90 fs/dcache.c:1490
 do_one_tree+0xd/0x40 fs/dcache.c:1526
 shrink_dcache_for_umount+0x28/0x80 fs/dcache.c:1543
 generic_shutdown_super+0x1a/0x100 fs/super.c:441
 kill_block_super+0x22/0x50 fs/super.c:1185
 deactivate_locked_super+0x30/0x70 fs/super.c:329
 deactivate_super fs/super.c:360 [inline]
 deactivate_super+0x4c/0x50 fs/super.c:356
 cleanup_mnt+0x3a/0x70 fs/namespace.c:1098
 __cleanup_mnt+0xd/0x10 fs/namespace.c:1105
 task_work_run+0x8f/0xb0 kernel/task_work.c:113
 tracehook_notify_resume include/linux/tracehook.h:193 [inline]
 exit_to_usermode_loop+0xd4/0xe0 arch/x86/entry/common.c:166
 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:268 [inline]
 do_syscall_64+0x17a/0x180 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x7f3f96b3b217
Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
RSP: 002b:00007ffd82145328 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f3f96b3b217
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd821453e0
RBP: 00007ffd821453e0 R08: 0000000000000000 R09: 0000000000000000
R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd821464a0
R13: 00007f3f96b85336 R14: 000000000000b443 R15: 0000000000000005
Modules linked in:
CR2: 0000000000000058
---[ end trace 041aa697ecbfae54 ]---
RIP: 0010:ext4_xattr_inode_create fs/ext4/xattr.c:1431 [inline]
RIP: 0010:ext4_xattr_inode_lookup_create fs/ext4/xattr.c:1535 [inline]
RIP: 0010:ext4_xattr_set_entry+0x805/0x10b0 fs/ext4/xattr.c:1663
Code: b8 88 07 00 00 e8 2b 10 e3 ff 49 8b 55 28 4c 8d 4d c8 31 c9 89 45 cc 49 8b 45 40 48 8b bd 68 ff ff ff 48 8b 52 68 44 8d 40 01 <48> 8b 72 58 6a 00 ba 80 81 00 00 6a 00 6a 00 68 00 00 20 00 e8 02
RSP: 0018:ffffc90002313928 EFLAGS: 00010246
RAX: 000000000000000c RBX: ffffc90002313b90 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
RBP: ffffc90002313a18 R08: 000000000000000d R09: ffffc900023139e0
R10: ffffffff81e4d300 R11: ffffffff81e4d700 R12: ffff880230f46420
R13: ffff88022ffbddd0 R14: 0000000000000000 R15: 0000000000000000
FS:  00007f3f979b1480(0000) GS:ffff880237a00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000058 CR3: 0000000230ade000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	b8 88 07 00 00       	mov    $0x788,%eax
   5:	e8 2b 10 e3 ff       	call   0xffe31035
   a:	49 8b 55 28          	mov    0x28(%r13),%rdx
   e:	4c 8d 4d c8          	lea    -0x38(%rbp),%r9
  12:	31 c9                	xor    %ecx,%ecx
  14:	89 45 cc             	mov    %eax,-0x34(%rbp)
  17:	49 8b 45 40          	mov    0x40(%r13),%rax
  1b:	48 8b bd 68 ff ff ff 	mov    -0x98(%rbp),%rdi
  22:	48 8b 52 68          	mov    0x68(%rdx),%rdx
  26:	44 8d 40 01          	lea    0x1(%rax),%r8d
* 2a:	48 8b 72 58          	mov    0x58(%rdx),%rsi <-- trapping instruction
  2e:	6a 00                	push   $0x0
  30:	ba 80 81 00 00       	mov    $0x8180,%edx
  35:	6a 00                	push   $0x0
  37:	6a 00                	push   $0x0
  39:	68 00 00 20 00       	push   $0x200000
  3e:	e8                   	.byte 0xe8
  3f:	02                   	.byte 0x2