bisecting fixing commit since f6d5cb9e2c06f7d583dd9f4f7cca21d13d78c32a building syzkaller on d5a3ae1f760e7cb2cd5a721d9645ae22eae114fe testing commit f6d5cb9e2c06f7d583dd9f4f7cca21d13d78c32a with gcc (GCC) 8.1.0 kernel signature: f9174e0675b9f25f6437c041227a98d8f54bc2c7fb5387906983a1c2086594f7 run #0: crashed: KASAN: use-after-free Read in locks_remove_file run #1: crashed: KASAN: use-after-free Read in __sock_release run #2: crashed: KASAN: use-after-free Read in __sock_release run #3: crashed: KASAN: use-after-free Read in __sock_release run #4: crashed: KASAN: use-after-free Read in __sock_release run #5: crashed: KASAN: use-after-free Read in locks_remove_file run #6: crashed: KASAN: use-after-free Read in __fput run #7: crashed: general protection fault in __sock_release run #8: crashed: KASAN: use-after-free Read in __sock_release run #9: crashed: KASAN: use-after-free Read in __sock_release testing current HEAD b09c34517e1ac4018e3bb75ed5c8610a8a1f486b testing commit b09c34517e1ac4018e3bb75ed5c8610a8a1f486b with gcc (GCC) 8.1.0 kernel signature: 0e253189110f7617cc21bbd77152cd6411090de5f170d68b7ae9e9761b9bdec9 all runs: OK # git bisect start b09c34517e1ac4018e3bb75ed5c8610a8a1f486b f6d5cb9e2c06f7d583dd9f4f7cca21d13d78c32a Bisecting: 316 revisions left to test after this (roughly 8 steps) [61279a7b3e337b8c8605987591964db4a2b3eb91] SUNRPC: stop printk reading past end of string testing commit 61279a7b3e337b8c8605987591964db4a2b3eb91 with gcc (GCC) 8.1.0 kernel signature: 9305f439e8205f8da9e8678840b27e8fb457a2cc35b19699a2304583535d6a70 all runs: OK # git bisect bad 61279a7b3e337b8c8605987591964db4a2b3eb91 Bisecting: 158 revisions left to test after this (roughly 7 steps) [9895dfea9610ae54be8890b98eb17fd7f1496c75] bnxt_en: Fix PCI AER error recovery flow testing commit 9895dfea9610ae54be8890b98eb17fd7f1496c75 with gcc (GCC) 8.1.0 kernel signature: df539513f8f630712f78e388af335885cf110df32f8d798d0096c8e393029da4 run #0: crashed: KASAN: use-after-free Write in __sock_release run #1: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #2: crashed: KASAN: use-after-free Read in locks_remove_file run #3: crashed: KASAN: use-after-free Read in __sock_release run #4: crashed: KASAN: use-after-free in locks_remove_file run #5: crashed: KASAN: use-after-free Read in locks_remove_file run #6: crashed: KASAN: use-after-free Read in locks_remove_file run #7: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #8: crashed: KASAN: use-after-free Read in __sock_release run #9: crashed: KASAN: use-after-free Read in locks_remove_file # git bisect good 9895dfea9610ae54be8890b98eb17fd7f1496c75 Bisecting: 79 revisions left to test after this (roughly 6 steps) [d2dd6d5a77c5dbee03a5ffe75811f6e906599df4] arm64: dts: ns2: Fixed QSPI compatible string testing commit d2dd6d5a77c5dbee03a5ffe75811f6e906599df4 with gcc (GCC) 8.1.0 kernel signature: a2db4c0684959d3bd34161d868a42cfd704fcc158715b8fd7b75a66642bec942 all runs: OK # git bisect bad d2dd6d5a77c5dbee03a5ffe75811f6e906599df4 Bisecting: 39 revisions left to test after this (roughly 5 steps) [b0a689f84d53a8b923302cfab10527ada27d962c] affs: fix basic permission bits to actually work testing commit b0a689f84d53a8b923302cfab10527ada27d962c with gcc (GCC) 8.1.0 kernel signature: 3e8034de328d19bb34c72509c0235c5c61f5a5accef83be4015dffb2eb1cd4b5 all runs: OK # git bisect bad b0a689f84d53a8b923302cfab10527ada27d962c Bisecting: 19 revisions left to test after this (roughly 4 steps) [884fee7632168ab59ed49a26de430fa3ed5c6a86] xfs: don't update mtime on COW faults testing commit 884fee7632168ab59ed49a26de430fa3ed5c6a86 with gcc (GCC) 8.1.0 kernel signature: 57a4f964f58d6bac7edf25648bba371c053fc728c5c3c5718acc5055508cdc5f all runs: OK # git bisect bad 884fee7632168ab59ed49a26de430fa3ed5c6a86 Bisecting: 9 revisions left to test after this (roughly 3 steps) [37d933e8b41b83bb8278815e366aec5a542b7e31] fix regression in "epoll: Keep a reference on files added to the check list" testing commit 37d933e8b41b83bb8278815e366aec5a542b7e31 with gcc (GCC) 8.1.0 kernel signature: dec653cb541911e1e257450605208eee7e85de339967240fbf2af1214dcb1a64 all runs: OK # git bisect bad 37d933e8b41b83bb8278815e366aec5a542b7e31 Bisecting: 4 revisions left to test after this (roughly 2 steps) [0430561c8e0f4b497b29a169445e2477c607e27b] selftests/bpf: Fix massive output from test_maps testing commit 0430561c8e0f4b497b29a169445e2477c607e27b with gcc (GCC) 8.1.0 kernel signature: 9afac609a92b43a1a9c4155476008fe5234e71ee6fa1be19e1c79fdbf2a6a04a run #0: crashed: KASAN: use-after-free Read in __sock_release run #1: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #2: crashed: general protection fault in __sock_release run #3: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #4: crashed: KASAN: use-after-free Read in __sock_release run #5: crashed: KASAN: use-after-free Read in __sock_release run #6: crashed: KASAN: use-after-free Read in __sock_release run #7: crashed: general protection fault in __sock_release run #8: crashed: WARNING: ODEBUG bug in get_signal run #9: crashed: KASAN: use-after-free Read in locks_remove_file # git bisect good 0430561c8e0f4b497b29a169445e2477c607e27b Bisecting: 2 revisions left to test after this (roughly 1 step) [dff6a2c2828bce13f32c62029def97195f8830f6] nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()' testing commit dff6a2c2828bce13f32c62029def97195f8830f6 with gcc (GCC) 8.1.0 kernel signature: 7277dbec044be47e9b03f498eb00a6cea9f4330abe4e82227328c74244c92fb4 run #0: crashed: KASAN: use-after-free Read in __sock_release run #1: crashed: general protection fault in __sock_release run #2: crashed: KASAN: use-after-free Read in locks_remove_file run #3: crashed: KASAN: use-after-free Read in __sock_release run #4: crashed: KASAN: use-after-free Read in locks_remove_file run #5: crashed: KASAN: use-after-free Write in __sock_release run #6: crashed: KASAN: use-after-free Read in locks_remove_file run #7: crashed: KASAN: use-after-free Read in __sock_release run #8: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #9: crashed: KASAN: use-after-free Read in locks_remove_file # git bisect good dff6a2c2828bce13f32c62029def97195f8830f6 Bisecting: 0 revisions left to test after this (roughly 1 step) [f00d82c3fb4368afb41cba89b287801a7888627c] net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() testing commit f00d82c3fb4368afb41cba89b287801a7888627c with gcc (GCC) 8.1.0 kernel signature: 763b7bf8c99cb5e25bb5ef9eb581d9ecd05989468d5c6ac82ec833fbd89972e9 run #0: crashed: KASAN: use-after-free Read in locks_remove_file run #1: crashed: KASAN: use-after-free Read in __sock_release run #2: crashed: kernel BUG at fs/inode.c:LINE! run #3: crashed: KASAN: use-after-free Read in __sock_release run #4: crashed: KASAN: use-after-free Read in locks_remove_file run #5: crashed: KASAN: use-after-free Read in locks_remove_file run #6: crashed: KASAN: use-after-free Read in __fput run #7: crashed: KASAN: use-after-free Read in __sock_release run #8: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #9: crashed: kernel BUG at fs/inode.c:LINE! # git bisect good f00d82c3fb4368afb41cba89b287801a7888627c 37d933e8b41b83bb8278815e366aec5a542b7e31 is the first bad commit commit 37d933e8b41b83bb8278815e366aec5a542b7e31 Author: Al Viro Date: Wed Sep 2 11:30:48 2020 -0400 fix regression in "epoll: Keep a reference on files added to the check list" [ Upstream commit 77f4689de17c0887775bb77896f4cc11a39bf848 ] epoll_loop_check_proc() can run into a file already committed to destruction; we can't grab a reference on those and don't need to add them to the set for reverse path check anyway. Tested-by: Marc Zyngier Fixes: a9ed4a6560b8 ("epoll: Keep a reference on files added to the check list") Signed-off-by: Al Viro Signed-off-by: Sasha Levin fs/eventpoll.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) culprit signature: dec653cb541911e1e257450605208eee7e85de339967240fbf2af1214dcb1a64 parent signature: 763b7bf8c99cb5e25bb5ef9eb581d9ecd05989468d5c6ac82ec833fbd89972e9 revisions tested: 11, total time: 3h6m39.845284998s (build: 1h40m22.315934526s, test: 1h24m50.794101254s) first good commit: 37d933e8b41b83bb8278815e366aec5a542b7e31 fix regression in "epoll: Keep a reference on files added to the check list" recipients (to): ["maz@kernel.org" "sashal@kernel.org" "viro@zeniv.linux.org.uk"] recipients (cc): []