syzbot


kernel BUG at fs/inode.c:LINE!
Status: fixed on 2019/04/12 21:13
Reported-by: syzbot+5399ed0832693e29f392@syzkaller.appspotmail.com
Fix commit: 9bf964c9 autofs: simplify parse_options() function call
First crash: 191d, last: 191d

Bisection: the first bad commit could be any of (bisect log):

  cd4f2a664851 lib/genalloc.c: fix allocation of aligned buffer from non-aligned chunk
  df3f18d39e85 fls: change parameter to unsigned int
  9067c8d5a70b lib/find_bit_benchmark.c: align test_find_next_and_bit with others
  c28248294d6d include/linux/printk.h: drop silly "static inline asmlinkage" from dump_stack()
  26e88a473db9 checkpatch: warn on const char foo[] = "bar"; declarations
  e98eceb86c8d drivers/dma-buf/udmabuf.c: convert to use vm_fault_t
  5b6bf71dd716 build_bug.h: remove most of dummy BUILD_BUG_ON stubs for Sparse
  f34c9474a605 fs/epoll: remove max_nests argument from ep_call_nested()
  56f6c16e9c74 build_bug.h: remove negative-array fallback for BUILD_BUG_ON()
  cd2f11e61b44 fs/epoll: simplify ep_send_events_proc() ready-list loop
  74a37b909676 Documentation/process/coding-style.rst: don't use "extern" with function prototypes
  ab1909a85fd1 fs/epoll: drop ovflist branch prediction
  499aeb579641 proc/sysctl: fix return error for proc_doulongvec_minmax()
  b7fa8017e2d8 fs/epoll: robustify ep->mtx held checks
  d877fd0940d6 fs/proc/base.c: slightly faster /proc/*/limits
  f2c378628c9a fs/epoll: reduce the scope of wq lock in epoll_wait()
  860705c8f868 fs-epoll-reduce-the-scope-of-wq-lock-in-epoll_wait-fix
  c62975fb8b24 fs/proc/inode.c: delete unnecessary variable in proc_alloc_inode()
  9460069d503e fs/proc/util.c: include fs/proc/internal.h for name_to_int()
  ea5f967a21f8 fs/epoll: avoid barrier after an epoll_wait(2) timeout
  b61909d2c451 fs-epoll-avoid-barrier-after-an-epoll_wait2-timeout-fix
  c768eca025a8 fs/proc/base.c: use ns_capable instead of capable for timerslack_ns
  81553cde8e95 fs/epoll: rename check_events label to send_events
  b6af7800c71d fs/buffer.c: add debug print for __getblk_gfp() stall problem
  11193e1694b0 mm/page_owner: align with pageblock_nr pages
  349afd96fede fs/epoll: deal with wait_queue only once
  393af37c974b fs-epoll-deal-with-wait_queue-only-once-fix
  c20187bf3233 mm/page_owner: align with pageblock_nr_pages
  20fbef314e7a mm: don't expose page to fast gup before it's ready
  ad4f37b82fbe init/main.c: make "initcall_level_names[]" const char *
  0bcbe611ca3c autofs: improve ioctl sbi checks
  69ab6b147504 mm: fix race between swapoff and mincore
  b783d2617cc2 autofs-improve-ioctl-sbi-checks-fix
  de44564f9f0a mm, swap: fix race between swapoff and some swap operations
  010a80ffc404 mm, swap: fix race between swapoff and some swap operations
  9c82e3b85818 autofs: fix possible inode leak in autofs_fill_super()
  855b7de10b91 mm/page_alloc.c: remove software prefetching in __free_pages_core()
  cd4d5fa95d41 autofs: simplify parse_options() function call
  e8fed6664aa4 memory_hotplug-free-pages-as-higher-order-fix-fix
  f7aa1250f5ba autofs: change catatonic setting to a bit flag
  578f64582207 autofs: add strictexpire mount option
  71e7f022722f memory_hotplug-free-pages-as-higher-order-fix
  8286148bbc1c mm/page_alloc.c: memory hotplug: free pages as higher order
  e5d8e8947b85 hfsplus: return file attributes on statx
  728804fa0331 include/uapi/linux/msdos_fs.h: use MSDOS_NAME for volume label size
  e93a0c0df5f0 include/linux/memory_hotplug.h: remove duplicate declaration of offline_pages()
  3d991a59b7ee ptrace: take into account saved_sigmask in PTRACE_{GET,SET}SIGMASK
  a7b166088b8a mm/mmu_notifier: contextual information for event triggering invalidation v2
  302092c98415 mm-mmu_notifier-use-structure-for-invalidate_range_start-end-calls-v2-checkpatch-fixes
  cdd7a0aa15aa fork: fix some -Wmissing-prototypes warnings
  137d92bd73b1 mm/mmu_notifier: use structure for invalidate_range_start/end calls v2
  b89cf7313cf4 exec: load_script: don't blindly truncate shebang string
  429056415279 mm-mmu_notifier-use-structure-for-invalidate_range_start-end-callback-fix-fix
  ad2539c7ee8f exec: increase BINPRM_BUF_SIZE to 256
  0db734c6271d mm/mmu_notifier: use structure for invalidate_range_start/end callback
  c09b6daf5330 exec: separate MM_ANONPAGES and RLIMIT_STACK accounting
  37ba86cc38a3 hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined
  dc98b12477d0 exec-separate-mm_anonpages-and-rlimit_stack-accounting-fix
  282860544780 exec-separate-mm_anonpages-and-rlimit_stack-accounting-checkpatch-fixes
  b08acb2001e2 mm-kmemleak-little-optimization-while-scanning-fix
  27faeb703e40 bfs: extra sanity checking and static inode bitmap
  79d0fd910ad9 mm, kmemleak: little optimization while scanning
  232619fcc076 lib/ioremap: ensure break-before-make is used for huge p4d mappings
  7a489f5ddefe panic: add options to print system info when panic happens
  784bedb57bef kernel/sysctl: add panic_print into sysctl
  e5dfd59eb5a0 lib/ioremap: ensure phys_addr actually corresponds to a physical address
  5f8d4992524c kernel/kcov.c: mark write_comp_data() as notrace
  7bdcb055b9de x86/pgtable: drop pXd_none() checks from pXd_free_pYd_table()
  0aa19fc12472 arm64: mmu: drop pXd_present() checks from pXd_free_pYd_table()
  7ab8b68af104 scripts/gdb: fix lx-version string output
  b2581b704c88 initramfs: cleanup incomplete rootfs
  ee095458b3ef ioremap: rework pXd_free_pYd_page() API
  ce10bcf4b4e6 mm/page_alloc.c: calculate first_deferred_pfn directly
  efae80911ae5 ipc: allow boot time extension of IPCMNI from 32k to 8M
  ab7db927b364 ipc-allow-boot-time-extension-of-ipcmni-from-32k-to-8m-checkpatch-fixes
  f163b82faef5 mm/filemap.c: remove useless check in pagecache_get_page()
  399e0a806ad8 mm/page_io.c: fix polled swap page in
  d04978ca88ab ipc: conserve sequence numbers in extended IPCMNI mode
  07365469c2a1 Merge branch 'akpm-current/current'

Tree: linux-next
Repro: C syz .config

Sample crash report:

All crashes (2):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro Maintainers
ci-upstream-linux-next-kasan-gce-root 2018/12/16 05:47 linux-next d14b746c def91db3 .config log report syz C linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, viro@zeniv.linux.org.uk
ci-upstream-linux-next-kasan-gce-root 2018/12/16 01:48 linux-next d14b746c def91db3 .config log report linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, viro@zeniv.linux.org.uk