bisecting fixing commit since cbfa1702aaf69b2311ea1b35e04f113c48368c67 building syzkaller on 9602ddf403bdf3cfd87efef14becc76f9a38b81d testing commit cbfa1702aaf69b2311ea1b35e04f113c48368c67 with gcc (GCC) 8.4.1 20210217 kernel signature: d4136580249b7b3b0e45013dc5337a0a018fb3822630604956040da7fdfd7532 run #0: crashed: KASAN: use-after-free Read in ntfs_iget run #1: crashed: KASAN: use-after-free Read in ntfs_iget run #2: crashed: KASAN: use-after-free Read in ntfs_iget run #3: crashed: KASAN: use-after-free Read in ntfs_iget run #4: crashed: KASAN: use-after-free Read in ntfs_iget run #5: crashed: KASAN: use-after-free Read in ntfs_iget run #6: crashed: KASAN: use-after-free Read in ntfs_iget run #7: crashed: KASAN: use-after-free Read in ntfs_iget run #8: crashed: KASAN: use-after-free Read in ntfs_iget run #9: crashed: KASAN: use-after-free Read in ntfs_iget run #10: crashed: KASAN: use-after-free Read in ntfs_iget run #11: crashed: KASAN: use-after-free Read in ntfs_iget run #12: crashed: KASAN: use-after-free Read in ntfs_iget run #13: crashed: KASAN: use-after-free Read in ntfs_iget run #14: crashed: KASAN: use-after-free Read in ntfs_iget run #15: crashed: KASAN: use-after-free Read in ntfs_iget run #16: crashed: KASAN: use-after-free Read in ntfs_iget run #17: crashed: KASAN: out-of-bounds Read in ntfs_iget run #18: crashed: KASAN: use-after-free Read in ntfs_iget run #19: crashed: KASAN: use-after-free Read in ntfs_iget testing current HEAD cb83ddcd5332fcc3efd52ba994976efc4dd6061e testing commit cb83ddcd5332fcc3efd52ba994976efc4dd6061e with gcc (GCC) 8.4.1 20210217 kernel signature: 7b9e8630a8c24aa0cf28da0d9c35f4e16bf9c927aa285120a617c2c0f4a1c6ae all runs: OK # git bisect start cb83ddcd5332fcc3efd52ba994976efc4dd6061e cbfa1702aaf69b2311ea1b35e04f113c48368c67 Bisecting: 956 revisions left to test after this (roughly 10 steps) [47cbf4cc32db62f053c4cd04fc6ee39a0218139e] Linux 4.14.211 testing commit 47cbf4cc32db62f053c4cd04fc6ee39a0218139e with gcc (GCC) 8.4.1 20210217 kernel signature: 541e7f14e1fa77c03bfb888cd3b3c51c350173fc8b77228e22762545783a4081 run #0: crashed: KASAN: use-after-free Read in ntfs_iget run #1: crashed: KASAN: out-of-bounds Read in ntfs_iget run #2: crashed: KASAN: use-after-free Read in ntfs_iget run #3: crashed: KASAN: use-after-free Read in ntfs_iget run #4: crashed: KASAN: use-after-free Read in ntfs_iget run #5: crashed: KASAN: use-after-free Read in ntfs_iget run #6: crashed: KASAN: use-after-free Read in ntfs_iget run #7: crashed: KASAN: use-after-free Read in ntfs_iget run #8: crashed: KASAN: use-after-free Read in ntfs_iget run #9: crashed: KASAN: use-after-free Read in ntfs_iget # git bisect good 47cbf4cc32db62f053c4cd04fc6ee39a0218139e Bisecting: 478 revisions left to test after this (roughly 9 steps) [7e27ef3c7cc6c230c391f68fe881ec39d76d1c72] futex: Replace pointless printk in fixup_owner() testing commit 7e27ef3c7cc6c230c391f68fe881ec39d76d1c72 with gcc (GCC) 8.4.1 20210217 kernel signature: 4f45f6fb126815824d739bc9a11e7cc21e4d7e26d26cb7889e12734d910d08d5 run #0: crashed: KASAN: use-after-free Read in ntfs_iget run #1: crashed: KASAN: use-after-free Read in ntfs_iget run #2: crashed: KASAN: use-after-free Read in ntfs_iget run #3: crashed: KASAN: use-after-free Read in ntfs_iget run #4: crashed: KASAN: use-after-free Read in ntfs_iget run #5: crashed: KASAN: use-after-free Read in ntfs_iget run #6: crashed: KASAN: out-of-bounds Read in ntfs_iget run #7: crashed: KASAN: use-after-free Read in ntfs_iget run #8: crashed: KASAN: use-after-free Read in ntfs_iget run #9: crashed: KASAN: use-after-free Read in ntfs_iget # git bisect good 7e27ef3c7cc6c230c391f68fe881ec39d76d1c72 Bisecting: 239 revisions left to test after this (roughly 8 steps) [78c9fad3fdde75cbfe0fd4f3c8bb410e25d529a7] perf tools: Fix DSO filtering when not finding a map for a sampled address testing commit 78c9fad3fdde75cbfe0fd4f3c8bb410e25d529a7 with gcc (GCC) 8.4.1 20210217 kernel signature: 21f495994d1f6b1076960b022d580debe14130774968717d6144882e22713a54 all runs: OK # git bisect bad 78c9fad3fdde75cbfe0fd4f3c8bb410e25d529a7 Bisecting: 119 revisions left to test after this (roughly 7 steps) [c7559fe4df16c31d1126ba74e6c79bd6f4917f20] netfilter: xt_recent: Fix attempt to update deleted entry testing commit c7559fe4df16c31d1126ba74e6c79bd6f4917f20 with gcc (GCC) 8.4.1 20210217 kernel signature: 75d6bfca5cdabbc6b789de27b380d0e700b45cf2949bf519edd55e0b40e1f137 all runs: crashed: KASAN: use-after-free Read in ntfs_iget # git bisect good c7559fe4df16c31d1126ba74e6c79bd6f4917f20 Bisecting: 59 revisions left to test after this (roughly 6 steps) [474ac57c26f7d67c36b349f3bb2f76e9eacaec9f] ath9k: fix data bus crash when setting nf_override via debugfs testing commit 474ac57c26f7d67c36b349f3bb2f76e9eacaec9f with gcc (GCC) 8.4.1 20210217 kernel signature: 22b5ec84da2a55266d3ce94d68e3fe74bd2c243b4e7681a4ca692525ea2627f8 all runs: OK # git bisect bad 474ac57c26f7d67c36b349f3bb2f76e9eacaec9f Bisecting: 29 revisions left to test after this (roughly 5 steps) [afd4a33779bd37cf8b566ef1fbbbac06366c61f6] usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable testing commit afd4a33779bd37cf8b566ef1fbbbac06366c61f6 with gcc (GCC) 8.4.1 20210217 kernel signature: b21a42aeb143e2cb630cecf27475077e8e432279337aed4c3516db9324749605 all runs: crashed: KASAN: use-after-free Read in ntfs_iget # git bisect good afd4a33779bd37cf8b566ef1fbbbac06366c61f6 Bisecting: 14 revisions left to test after this (roughly 4 steps) [8b59142d738ae3672c40f2c962524518639558ff] ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa testing commit 8b59142d738ae3672c40f2c962524518639558ff with gcc (GCC) 8.4.1 20210217 kernel signature: ac4418c6f4051eada7e5b7dcac2258d23395a4fb8aca7a82561129bb5fced43a all runs: OK # git bisect bad 8b59142d738ae3672c40f2c962524518639558ff Bisecting: 7 revisions left to test after this (roughly 3 steps) [a0a4e00a41d58a856d486e8bc8b97c319a6ea4fb] kdb: Make memory allocations more robust testing commit a0a4e00a41d58a856d486e8bc8b97c319a6ea4fb with gcc (GCC) 8.4.1 20210217 kernel signature: e2c429a223204a9925653e44d39360390231cbae5350b7be305d874c03c4207a all runs: OK # git bisect bad a0a4e00a41d58a856d486e8bc8b97c319a6ea4fb Bisecting: 3 revisions left to test after this (roughly 2 steps) [f885d30f4b08d514203f008c8c4d0df05744c830] NET: usb: qmi_wwan: Adding support for Cinterion MV31 testing commit f885d30f4b08d514203f008c8c4d0df05744c830 with gcc (GCC) 8.4.1 20210217 kernel signature: f7d648af812d7a91251410ac238701c27eb85ee67923b09488d9669a63219022 all runs: OK # git bisect bad f885d30f4b08d514203f008c8c4d0df05744c830 Bisecting: 0 revisions left to test after this (roughly 1 step) [c11e6ca7a84e92b4933bd2c29ade08c18a47a430] arm64: tegra: Add power-domain for Tegra210 HDA testing commit c11e6ca7a84e92b4933bd2c29ade08c18a47a430 with gcc (GCC) 8.4.1 20210217 kernel signature: f7d648af812d7a91251410ac238701c27eb85ee67923b09488d9669a63219022 all runs: OK # git bisect bad c11e6ca7a84e92b4933bd2c29ade08c18a47a430 Bisecting: 0 revisions left to test after this (roughly 0 steps) [49ee014a2070b209fd73ad96a7a36193dcdd149c] ntfs: check for valid standard information attribute testing commit 49ee014a2070b209fd73ad96a7a36193dcdd149c with gcc (GCC) 8.4.1 20210217 kernel signature: f7d648af812d7a91251410ac238701c27eb85ee67923b09488d9669a63219022 all runs: OK # git bisect bad 49ee014a2070b209fd73ad96a7a36193dcdd149c 49ee014a2070b209fd73ad96a7a36193dcdd149c is the first bad commit commit 49ee014a2070b209fd73ad96a7a36193dcdd149c Author: Rustam Kovhaev Date: Wed Feb 24 12:00:30 2021 -0800 ntfs: check for valid standard information attribute commit 4dfe6bd94959222e18d512bdf15f6bf9edb9c27c upstream. Mounting a corrupted filesystem with NTFS resulted in a kernel crash. We should check for valid STANDARD_INFORMATION attribute offset and length before trying to access it Link: https://lkml.kernel.org/r/20210217155930.1506815-1-rkovhaev@gmail.com Link: https://syzkaller.appspot.com/bug?extid=c584225dabdea2f71969 Signed-off-by: Rustam Kovhaev Reported-by: syzbot+c584225dabdea2f71969@syzkaller.appspotmail.com Tested-by: syzbot+c584225dabdea2f71969@syzkaller.appspotmail.com Acked-by: Anton Altaparmakov Cc: Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman fs/ntfs/inode.c | 6 ++++++ 1 file changed, 6 insertions(+) culprit signature: f7d648af812d7a91251410ac238701c27eb85ee67923b09488d9669a63219022 parent signature: b21a42aeb143e2cb630cecf27475077e8e432279337aed4c3516db9324749605 revisions tested: 13, total time: 3h21m4.546323808s (build: 1h37m3.121450188s, test: 1h42m49.455168656s) first good commit: 49ee014a2070b209fd73ad96a7a36193dcdd149c ntfs: check for valid standard information attribute recipients (to): ["akpm@linux-foundation.org" "anton@tuxera.com" "gregkh@linuxfoundation.org" "rkovhaev@gmail.com" "syzbot+c584225dabdea2f71969@syzkaller.appspotmail.com" "torvalds@linux-foundation.org"] recipients (cc): []