ci starts bisection 2023-01-20 18:58:35.84627395 +0000 UTC m=+99267.451670528 bisecting cause commit starting from 296a7b7eb79246912de31ee799cb85220931231a building syzkaller on 67be1ae742603edad9c97d30b6ed69f9bbe2ffa8 ensuring issue is reproducible on original commit 296a7b7eb79246912de31ee799cb85220931231a testing commit 296a7b7eb79246912de31ee799cb85220931231a gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: cf9f3fa5fccbc20e1ecc69238b20666c69fbf1cced61fa95fe3bf7b116ef0227 all runs: crashed: kernel BUG in set_state_bits testing release v6.0 testing commit 4fe89d07dcc2804c8b562f6c7896a45643d34b2f gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: fb169c858a90a741fdd3043bc0965e7acfeed3af27cdac5b516812565ed095e9 all runs: crashed: kernel BUG in set_state_bits testing release v5.19 testing commit 3d7cb6b04c3f3115719235cc6866b10326de34cd gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c08194be6564a979752d5fd6f6b8c0ba6acdcd64ffed554a604fda871fc40752 all runs: crashed: kernel BUG in set_state_bits testing release v5.18 testing commit 4b0986a3613c92f4ec1bdc7f60ec66fea135991f gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: cdd80f6373f7d8c560e6811abe1eb7dd146567a3641f0f281d4b591910a0a2e3 all runs: crashed: kernel BUG in set_state_bits testing release v5.17 testing commit f443e374ae131c168a065ea1748feac6b2e76613 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1a4ade1b27ebcde6b95d9497987716c04d17b8bcff860d49229a0fa2dfbd57de all runs: OK # git bisect start 4b0986a3613c92f4ec1bdc7f60ec66fea135991f f443e374ae131c168a065ea1748feac6b2e76613 Bisecting: 8498 revisions left to test after this (roughly 13 steps) [25fd2d41b505d0640bdfe67aa77c549de2d3c18a] selftests: kselftest framework: provide "finished" helper testing commit 25fd2d41b505d0640bdfe67aa77c549de2d3c18a gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: bb41bf83fea5cecc2b5855c9e7bc4d633a2a23be9244acee8ad0314c0160f2fb all runs: OK # git bisect good 25fd2d41b505d0640bdfe67aa77c549de2d3c18a Bisecting: 4033 revisions left to test after this (roughly 12 steps) [02e2af20f4f9f2aa0c84e9a30a35c02f0fbb7daa] Merge tag 'char-misc-5.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc testing commit 02e2af20f4f9f2aa0c84e9a30a35c02f0fbb7daa gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: d6c6407cebcea097a3ea71ab6b9884f1a1ab489f0b336cdd6073ac86f0594fff all runs: OK # git bisect good 02e2af20f4f9f2aa0c84e9a30a35c02f0fbb7daa Bisecting: 2017 revisions left to test after this (roughly 11 steps) [887f75cfd0da44c19dda93b2ff9e70ca8792cdc1] drm/amdgpu: Ensure HDA function is suspended before ASIC reset testing commit 887f75cfd0da44c19dda93b2ff9e70ca8792cdc1 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 84e8c505c09f9ed6323f8c8dfdbaf12ffd8b036bddcf04a7a74807c6904861a8 all runs: OK # git bisect good 887f75cfd0da44c19dda93b2ff9e70ca8792cdc1 Bisecting: 1015 revisions left to test after this (roughly 10 steps) [cf424ef014ac30b0da27125dd1fbdf10b0d3a520] Merge tag 'for-5.18/fbdev-2' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev testing commit cf424ef014ac30b0da27125dd1fbdf10b0d3a520 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 4beb457f7111b62ac09cbceb2a58fd87664d80ea7a07eecbd64712b09d4baab1 all runs: crashed: kernel BUG in set_state_bits # git bisect bad cf424ef014ac30b0da27125dd1fbdf10b0d3a520 Bisecting: 479 revisions left to test after this (roughly 9 steps) [d20339fa93e9810fcf87518bdd62e44f62bb64ee] Merge tag 'net-5.18-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit d20339fa93e9810fcf87518bdd62e44f62bb64ee gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8c161e94b29cb37b6ab3c3808e30e9ea311cdb2ac11b9e680e8c231f4f9bd85e all runs: crashed: kernel BUG in set_state_bits # git bisect bad d20339fa93e9810fcf87518bdd62e44f62bb64ee Bisecting: 260 revisions left to test after this (roughly 8 steps) [fa3b895da8e06d6e3dcf3e6941a3fd428343e3d7] Merge tag 'gpio-fixes-for-v5.18-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux testing commit fa3b895da8e06d6e3dcf3e6941a3fd428343e3d7 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: e2174e13e16e8b3f4b816af025c2e3e0871187265df0d39e86c99fa28f53c0b4 all runs: crashed: kernel BUG in set_state_bits # git bisect bad fa3b895da8e06d6e3dcf3e6941a3fd428343e3d7 Bisecting: 130 revisions left to test after this (roughly 7 steps) [98849765a58b56479dbb105565a24417752eff25] Merge tag 'regulator-fix-v5.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator testing commit 98849765a58b56479dbb105565a24417752eff25 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 3fc766fa92c3e85cd59138e4ead5e65f1120844c02652802e2488e6a305da059 all runs: crashed: kernel BUG in set_state_bits # git bisect bad 98849765a58b56479dbb105565a24417752eff25 Bisecting: 68 revisions left to test after this (roughly 6 steps) [b423e54ba965b4469b48e46fd16941f1e1701697] myri10ge: fix an incorrect free for skb in myri10ge_sw_tso testing commit b423e54ba965b4469b48e46fd16941f1e1701697 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 337480a8cd92fe29242912470ab46d3388f60059691c9bdb30c59be65b3dd56a all runs: OK # git bisect good b423e54ba965b4469b48e46fd16941f1e1701697 Bisecting: 31 revisions left to test after this (roughly 5 steps) [42e7a03d3badebd4e70aea5362d6914dfc7c220b] Merge tag 'hyperv-fixes-signed-20220407' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux testing commit 42e7a03d3badebd4e70aea5362d6914dfc7c220b gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 143a835f69973086d684d2551386a00ccf6e7069907b1ffbee553466c3b418f4 all runs: crashed: kernel BUG in set_state_bits # git bisect bad 42e7a03d3badebd4e70aea5362d6914dfc7c220b Bisecting: 20 revisions left to test after this (roughly 4 steps) [3e732ebf7316ac83e8562db7e64cc68aec390a18] Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost testing commit 3e732ebf7316ac83e8562db7e64cc68aec390a18 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 42eb65926f9f0aae3a17866e241e0ca08b9e805b2966b71ea003ce3ab3a3c6a1 all runs: crashed: kernel BUG in set_state_bits # git bisect bad 3e732ebf7316ac83e8562db7e64cc68aec390a18 Bisecting: 7 revisions left to test after this (roughly 3 steps) [60021bd754c6ca0addc6817994f20290a321d8d6] btrfs: prevent subvol with swapfile from being deleted testing commit 60021bd754c6ca0addc6817994f20290a321d8d6 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 10086dae126361bac240edfcb8a8205c36f1b36128692439010b59e7f6733bcb all runs: crashed: kernel BUG in set_state_bits # git bisect bad 60021bd754c6ca0addc6817994f20290a321d8d6 Bisecting: 3 revisions left to test after this (roughly 2 steps) [bbac58698a55cc0a6f0c0d69a6dcd3f9f3134c11] btrfs: remove device item and update super block in the same transaction testing commit bbac58698a55cc0a6f0c0d69a6dcd3f9f3134c11 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 0d1b8e8fc3f9b87d07b62b992001c4ccbecfb29406af5e7683adb1c4d8273662 all runs: OK # git bisect good bbac58698a55cc0a6f0c0d69a6dcd3f9f3134c11 Bisecting: 1 revision left to test after this (roughly 1 step) [75a36a7d3ea904cef2e5b56af0c58cc60dcf947a] btrfs: avoid defragging extents whose next extents are not targets testing commit 75a36a7d3ea904cef2e5b56af0c58cc60dcf947a gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: e4e0fa640b0707187f56cd32fded74e2fbd53065e4e002091005968810d04c13 all runs: crashed: kernel BUG in set_state_bits # git bisect bad 75a36a7d3ea904cef2e5b56af0c58cc60dcf947a Bisecting: 0 revisions left to test after this (roughly 0 steps) [05fd9564e9faf0f23b4676385e27d9405cef6637] btrfs: fix fallocate to use file_modified to update permissions consistently testing commit 05fd9564e9faf0f23b4676385e27d9405cef6637 gcc compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 2efa346514f46fbd23e4ce2fe7a46a5b816b40f54681e1d3e0bbd3e89eb3290b all runs: crashed: kernel BUG in set_state_bits # git bisect bad 05fd9564e9faf0f23b4676385e27d9405cef6637 05fd9564e9faf0f23b4676385e27d9405cef6637 is the first bad commit commit 05fd9564e9faf0f23b4676385e27d9405cef6637 Author: Darrick J. Wong Date: Mon Mar 14 10:55:32 2022 -0700 btrfs: fix fallocate to use file_modified to update permissions consistently Since the initial introduction of (posix) fallocate back at the turn of the century, it has been possible to use this syscall to change the user-visible contents of files. This can happen by extending the file size during a preallocation, or through any of the newer modes (punch, zero range). Because the call can be used to change file contents, we should treat it like we do any other modification to a file -- update the mtime, and drop set[ug]id privileges/capabilities. The VFS function file_modified() does all this for us if pass it a locked inode, so let's make fallocate drop permissions correctly. Reviewed-by: Filipe Manana Signed-off-by: Darrick J. Wong Signed-off-by: David Sterba fs/btrfs/file.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) culprit signature: 2efa346514f46fbd23e4ce2fe7a46a5b816b40f54681e1d3e0bbd3e89eb3290b parent signature: 0d1b8e8fc3f9b87d07b62b992001c4ccbecfb29406af5e7683adb1c4d8273662 revisions tested: 19, total time: 4h41m40.903359991s (build: 3h12m49.715664788s, test: 1h24m50.741220811s) first bad commit: 05fd9564e9faf0f23b4676385e27d9405cef6637 btrfs: fix fallocate to use file_modified to update permissions consistently recipients (to): ["djwong@kernel.org" "dsterba@suse.com" "fdmanana@suse.com"] recipients (cc): [] crash: kernel BUG in set_state_bits RBP: 00007f6724ddc1d0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00007ffefede3c4f R14: 00007f6724ddc300 R15: 0000000000022000 ------------[ cut here ]------------ kernel BUG at fs/btrfs/extent_io.c:938! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 4179 Comm: syz-executor.0 Not tainted 5.17.0-rc8-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 RIP: 0010:set_state_bits+0x2ab/0x380 fs/btrfs/extent_io.c:938 Code: 2b 3b 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 c1 00 00 00 4d 01 7c 24 18 8b 43 7c e9 75 fe ff ff <0f> 0b 4c 89 ef e8 9b b7 9d fe e9 56 fe ff ff 48 89 d7 48 89 14 24 RSP: 0018:ffffc9000251f778 EFLAGS: 00010282 RAX: 00000000fffffff4 RBX: ffff8880153ab0c8 RCX: 0000000000000000 RDX: 0000000000000038 RSI: 0000000000000000 RDI: ffff888011041640 RBP: ffff888018dc2a80 R08: 0000000000000a20 R09: ffffffff8b4c9553 R10: fffffbfff16992aa R11: 0000000000000001 R12: 0000000000000fff R13: ffff8880153ab144 R14: 0000000000001000 R15: 0000000000000000 FS: 00007f6724ddc700(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055fc9cec1228 CR3: 00000000196d4000 CR4: 0000000000350ef0 Call Trace: insert_state+0x83/0x390 fs/btrfs/extent_io.c:571 set_extent_bit+0x75b/0xe70 fs/btrfs/extent_io.c:1021 set_record_extent_bits+0x19/0x20 fs/btrfs/extent_io.c:1421 qgroup_reserve_data+0x1c2/0x8b0 fs/btrfs/qgroup.c:3693 btrfs_qgroup_reserve_data+0x18/0x70 fs/btrfs/qgroup.c:3736 btrfs_check_data_free_space+0xcd/0x200 fs/btrfs/delalloc-space.c:145 btrfs_buffered_write+0x44f/0xe10 fs/btrfs/file.c:1700 btrfs_direct_write fs/btrfs/file.c:2016 [inline] btrfs_do_write_iter+0xa9d/0x1200 fs/btrfs/file.c:2097 call_write_iter include/linux/fs.h:2074 [inline] new_sync_write+0x368/0x600 fs/read_write.c:504 vfs_write+0x609/0x900 fs/read_write.c:591 ksys_write+0xf4/0x1d0 fs/read_write.c:644 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f6725a6a0d9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f6724ddc168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007f6725b89f80 RCX: 00007f6725a6a0d9 RDX: 0000000000000049 RSI: 0000000020000180 RDI: 0000000000000005 RBP: 00007f6724ddc1d0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00007ffefede3c4f R14: 00007f6724ddc300 R15: 0000000000022000 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:set_state_bits+0x2ab/0x380 fs/btrfs/extent_io.c:938 Code: 2b 3b 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 c1 00 00 00 4d 01 7c 24 18 8b 43 7c e9 75 fe ff ff <0f> 0b 4c 89 ef e8 9b b7 9d fe e9 56 fe ff ff 48 89 d7 48 89 14 24 RSP: 0018:ffffc9000251f778 EFLAGS: 00010282 RAX: 00000000fffffff4 RBX: ffff8880153ab0c8 RCX: 0000000000000000 RDX: 0000000000000038 RSI: 0000000000000000 RDI: ffff888011041640 RBP: ffff888018dc2a80 R08: 0000000000000a20 R09: ffffffff8b4c9553 R10: fffffbfff16992aa R11: 0000000000000001 R12: 0000000000000fff R13: ffff8880153ab144 R14: 0000000000001000 R15: 0000000000000000 FS: 00007f6724ddc700(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055fc9cec1228 CR3: 00000000196d4000 CR4: 0000000000350ef0