bisecting fixing commit since 2f166cdcf8a92fcf85524f2b5526cb28e16f0a60
building syzkaller on abf9ba4fc75d9b29af15625d44dcfc1360fad3b7
testing commit 2f166cdcf8a92fcf85524f2b5526cb28e16f0a60 with gcc (GCC) 8.1.0
kernel signature: db1a0aa3a5e21bd5a7f999e475c0d7363ac13594e3691356935258bdd3f667a7
run #0: crashed: KASAN: use-after-free Read in seq_release_private
run #1: crashed: KASAN: use-after-free Read in seq_release_private
run #2: crashed: WARNING: ODEBUG bug in get_signal
run #3: crashed: KASAN: use-after-free Read in seq_release_private
run #4: crashed: KASAN: use-after-free Read in seq_release_private
run #5: crashed: KASAN: use-after-free Read in seq_release_private
run #6: crashed: KASAN: use-after-free Read in seq_release_private
run #7: crashed: KASAN: use-after-free Read in seq_release_private
run #8: crashed: KASAN: use-after-free Read in path_put
run #9: crashed: KASAN: use-after-free Read in seq_release_private
testing current HEAD bae31eef2a167ef160ab2703b6a2f5bbecd98d92
testing commit bae31eef2a167ef160ab2703b6a2f5bbecd98d92 with gcc (GCC) 8.1.0
kernel signature: 731da34bbaccecef5cb12ba2c5d029c2d8a02bcb787375f79a4721609126275a
all runs: OK
# git bisect start bae31eef2a167ef160ab2703b6a2f5bbecd98d92 2f166cdcf8a92fcf85524f2b5526cb28e16f0a60
Bisecting: 169 revisions left to test after this (roughly 7 steps)
[293036a0ea49b63a2dc449d41b6f81b3194fffeb] ehci-hcd: Move include to keep CRC stable
testing commit 293036a0ea49b63a2dc449d41b6f81b3194fffeb with gcc (GCC) 8.1.0
kernel signature: 0c1b8d905440fb3826a25432f3e564518b37439a7d6c58243dc825aa332374ff
all runs: OK
# git bisect bad 293036a0ea49b63a2dc449d41b6f81b3194fffeb
Bisecting: 84 revisions left to test after this (roughly 6 steps)
[7290cb1a3aa67dcc43fecf66dae64eb2ebad18af] ARM: dts: BCM5301X: Fixed QSPI compatible string
testing commit 7290cb1a3aa67dcc43fecf66dae64eb2ebad18af with gcc (GCC) 8.1.0
kernel signature: f432f526a8ddaa9da2803cbd737cd047cf4d02f7fa4421b5b61498dd841106c2
all runs: OK
# git bisect bad 7290cb1a3aa67dcc43fecf66dae64eb2ebad18af
Bisecting: 42 revisions left to test after this (roughly 5 steps)
[6aa022755fa184cde7c1af02f45357d7f483b1f7] uaccess: Add non-pagefault user-space write function
testing commit 6aa022755fa184cde7c1af02f45357d7f483b1f7 with gcc (GCC) 8.1.0
kernel signature: 2be7ba146983bd4a59a857e907ea7016a94409db9ba4e6fc9d92a23423fa2e02
all runs: OK
# git bisect bad 6aa022755fa184cde7c1af02f45357d7f483b1f7
Bisecting: 20 revisions left to test after this (roughly 4 steps)
[9de4fede0b351128162d4e3612b33e34352a66a5] net: hns: Fix memleak in hns_nic_dev_probe
testing commit 9de4fede0b351128162d4e3612b33e34352a66a5 with gcc (GCC) 8.1.0
kernel signature: e6d8b606d6893b09972e0c50f6db3759db1bb483cf6282577c55414c92732521
run #0: crashed: KASAN: use-after-free Read in path_put
run #1: crashed: KASAN: use-after-free Read in seq_release_private
run #2: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop
run #3: crashed: KASAN: use-after-free Read in seq_release_private
run #4: crashed: KASAN: use-after-free Read in seq_release_private
run #5: crashed: KASAN: use-after-free Read in seq_release_private
run #6: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop
run #7: crashed: KASAN: use-after-free Read in seq_release_private
run #8: crashed: KASAN: use-after-free Read in seq_release_private
run #9: crashed: KASAN: use-after-free Read in seq_release_private
# git bisect good 9de4fede0b351128162d4e3612b33e34352a66a5
Bisecting: 10 revisions left to test after this (roughly 3 steps)
[cfb5e057b7179767d6f3cef3381633417e4e3afb] net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init()
testing commit cfb5e057b7179767d6f3cef3381633417e4e3afb with gcc (GCC) 8.1.0
kernel signature: 7c1ca4c186294f3d2ec14a5a5d0d47d5d25889172cc4cac65c3b711d045f79b7
run #0: crashed: KASAN: use-after-free Read in seq_release_private
run #1: crashed: KASAN: use-after-free Read in seq_release_private
run #2: crashed: general protection fault in locks_remove_file
run #3: crashed: KASAN: use-after-free Read in seq_release_private
run #4: crashed: KASAN: use-after-free Read in seq_release_private
run #5: crashed: KASAN: use-after-free Read in seq_release_private
run #6: crashed: general protection fault in locks_remove_file
run #7: crashed: general protection fault in locks_remove_file
run #8: crashed: general protection fault in __fput
run #9: crashed: general protection fault in locks_remove_file
# git bisect good cfb5e057b7179767d6f3cef3381633417e4e3afb
Bisecting: 5 revisions left to test after this (roughly 3 steps)
[5ace0847122fb22f18a20fb7809339cb3d789f01] include/linux/log2.h: add missing () around n in roundup_pow_of_two()
testing commit 5ace0847122fb22f18a20fb7809339cb3d789f01 with gcc (GCC) 8.1.0
kernel signature: 975de32b26b486a3ea80bf802ec1853b3730162b816204abf53c73c1507dbe5f
all runs: OK
# git bisect bad 5ace0847122fb22f18a20fb7809339cb3d789f01
Bisecting: 2 revisions left to test after this (roughly 1 step)
[751deef5de35a497a3ea007e0953889ba1123a97] tg3: Fix soft lockup when tg3_reset_task() fails.
testing commit 751deef5de35a497a3ea007e0953889ba1123a97 with gcc (GCC) 8.1.0
kernel signature: 93822b5c84dc9d1daf9bc6ff5a5579614dd092a0b2c6c0331a21d6333383b02e
all runs: OK
# git bisect bad 751deef5de35a497a3ea007e0953889ba1123a97
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888] fix regression in "epoll: Keep a reference on files added to the check list"
testing commit c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888 with gcc (GCC) 8.1.0
kernel signature: 50a13d44ce4a4f3c97e8c9be0cd4cd5094f5e04312f49f9b23483e9ee0365e17
all runs: OK
# git bisect bad c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888
c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888 is the first bad commit
commit c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888
Author: Al Viro <viro@zeniv.linux.org.uk>
Date:   Wed Sep 2 11:30:48 2020 -0400

    fix regression in "epoll: Keep a reference on files added to the check list"
    
    [ Upstream commit 77f4689de17c0887775bb77896f4cc11a39bf848 ]
    
    epoll_loop_check_proc() can run into a file already committed to destruction;
    we can't grab a reference on those and don't need to add them to the set for
    reverse path check anyway.
    
    Tested-by: Marc Zyngier <maz@kernel.org>
    Fixes: a9ed4a6560b8 ("epoll: Keep a reference on files added to the check list")
    Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
    Signed-off-by: Sasha Levin <sashal@kernel.org>

 fs/eventpoll.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
culprit signature: 50a13d44ce4a4f3c97e8c9be0cd4cd5094f5e04312f49f9b23483e9ee0365e17
parent  signature: 7c1ca4c186294f3d2ec14a5a5d0d47d5d25889172cc4cac65c3b711d045f79b7
revisions tested: 10, total time: 2h48m30.828830022s (build: 1h29m28.919836332s, test: 1h17m37.641205842s)
first good commit: c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888 fix regression in "epoll: Keep a reference on files added to the check list"
recipients (to): ["maz@kernel.org" "sashal@kernel.org" "viro@zeniv.linux.org.uk"]
recipients (cc): []