bisecting fixing commit since ccda4af0f4b92f7b4c308d3acc262f4a7e3affad building syzkaller on 5f5f6d14e80b8bd6b42db961118e902387716bcb testing commit ccda4af0f4b92f7b4c308d3acc262f4a7e3affad with gcc (GCC) 8.1.0 kernel signature: fe59463cc0af424380372b315512b8396b866b14 all runs: crashed: KASAN: null-ptr-deref Read in vb2_vmalloc_put testing current HEAD 3cf2890f29ab6fe491361761df558ef9191cb468 testing commit 3cf2890f29ab6fe491361761df558ef9191cb468 with gcc (GCC) 8.1.0 kernel signature: b722c00a3362f26e870a6fbb72cb8b95a1ac9283 all runs: OK # git bisect start 3cf2890f29ab6fe491361761df558ef9191cb468 ccda4af0f4b92f7b4c308d3acc262f4a7e3affad Bisecting: 44770 revisions left to test after this (roughly 16 steps) [f8b5c72227618780f49e53fb77b0e7ddb2996552] Merge tag 'arc-5.2-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc testing commit f8b5c72227618780f49e53fb77b0e7ddb2996552 with gcc (GCC) 8.1.0 kernel signature: d64669075178cad8e3fe03f385d264fcfa109de1 all runs: OK # git bisect bad f8b5c72227618780f49e53fb77b0e7ddb2996552 Bisecting: 22379 revisions left to test after this (roughly 15 steps) [be37f21a08ce65c7632c7f45e1755a4b07f278a0] Merge tag 'audit-pr-20190305' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit testing commit be37f21a08ce65c7632c7f45e1755a4b07f278a0 with gcc (GCC) 8.1.0 kernel signature: 594ee2fbeaaea2af62cf5a1bc4d1f52464ad0b6a all runs: OK # git bisect bad be37f21a08ce65c7632c7f45e1755a4b07f278a0 Bisecting: 11173 revisions left to test after this (roughly 14 steps) [d36377c6eb071e3d0751e9e0e3c19198c58d9a5d] Merge tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc testing commit d36377c6eb071e3d0751e9e0e3c19198c58d9a5d with gcc (GCC) 8.1.0 kernel signature: de95d30d7df65efaee75e80bbdea0178c406d0f9 all runs: OK # git bisect bad d36377c6eb071e3d0751e9e0e3c19198c58d9a5d Bisecting: 5693 revisions left to test after this (roughly 13 steps) [c40f7d74c741a907cfaeb73a7697081881c497d0] sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c testing commit c40f7d74c741a907cfaeb73a7697081881c497d0 with gcc (GCC) 8.1.0 kernel signature: 3149d7df5fe0b087007c2ab94fd3be2741f6462e all runs: OK # git bisect bad c40f7d74c741a907cfaeb73a7697081881c497d0 Bisecting: 2293 revisions left to test after this (roughly 12 steps) [4971f090aa7f6ce5daa094ce4334f6618f93a7eb] Merge tag 'drm-next-2018-12-14' of git://anongit.freedesktop.org/drm/drm testing commit 4971f090aa7f6ce5daa094ce4334f6618f93a7eb with gcc (GCC) 8.1.0 kernel signature: e4df22f56a91ccc29be398e53e6664a51006efd4 all runs: crashed: KASAN: null-ptr-deref Read in vb2_vmalloc_put # git bisect good 4971f090aa7f6ce5daa094ce4334f6618f93a7eb Bisecting: 1227 revisions left to test after this (roughly 10 steps) [4e4390ad067a61ce4e7607bd0df31f19a4caa36a] Merge tag 'leds-for-4.21-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/j.anaszewski/linux-leds testing commit 4e4390ad067a61ce4e7607bd0df31f19a4caa36a with gcc (GCC) 8.1.0 kernel signature: 18cb0abf4a2df093721ff2d9f970ede7a94f0e86 all runs: OK # git bisect bad 4e4390ad067a61ce4e7607bd0df31f19a4caa36a Bisecting: 647 revisions left to test after this (roughly 9 steps) [996680d461f8f759082e64f2395c1f7c25d9d549] Merge tag 'media/v4.20-7' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media testing commit 996680d461f8f759082e64f2395c1f7c25d9d549 with gcc (GCC) 8.1.0 kernel signature: 3fea4e2b84d67bfec0f8ce67db4dad6944e28c2c all runs: OK # git bisect bad 996680d461f8f759082e64f2395c1f7c25d9d549 Bisecting: 208 revisions left to test after this (roughly 8 steps) [086c25f8fef9ce659fd898670ab7ba3c39552224] media: ov5640: Enhance FPS handling testing commit 086c25f8fef9ce659fd898670ab7ba3c39552224 with gcc (GCC) 8.1.0 kernel signature: 77dea6d1badefb7540edd777275d008c70994558 all runs: OK # git bisect bad 086c25f8fef9ce659fd898670ab7ba3c39552224 Bisecting: 104 revisions left to test after this (roughly 7 steps) [62dcb4f41836bd3c44b5b651bb6df07ea4cb1551] media: vb2: check memory model for VIDIOC_CREATE_BUFS testing commit 62dcb4f41836bd3c44b5b651bb6df07ea4cb1551 with gcc (GCC) 8.1.0 kernel signature: 665c92746947a0e10acfcc32b3ee75aadba3082e run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: boot failed: KASAN: use-after-free Read in dd_has_work # git bisect bad 62dcb4f41836bd3c44b5b651bb6df07ea4cb1551 Bisecting: 51 revisions left to test after this (roughly 6 steps) [bedfcd467c33976c4a25ccafb3c6a61f88fc5511] media: ov772x: support log_status ioctl and event interface testing commit bedfcd467c33976c4a25ccafb3c6a61f88fc5511 with gcc (GCC) 8.1.0 kernel signature: c2f58e0fa33c3772d381b5eb2430f3617f269137 all runs: crashed: KASAN: null-ptr-deref Read in vb2_vmalloc_put # git bisect good bedfcd467c33976c4a25ccafb3c6a61f88fc5511 Bisecting: 25 revisions left to test after this (roughly 5 steps) [3431ebe5a6c0ec665f25464183c7a810e483dee8] media: imx-pxp: Improve pxp_soft_reset() error message testing commit 3431ebe5a6c0ec665f25464183c7a810e483dee8 with gcc (GCC) 8.1.0 kernel signature: 7bca45bd8bdec57b832098163ffeec8d73a6a381 all runs: crashed: KASAN: null-ptr-deref Read in vb2_vmalloc_put # git bisect good 3431ebe5a6c0ec665f25464183c7a810e483dee8 Bisecting: 12 revisions left to test after this (roughly 4 steps) [7f02ac77c768ba2bcdd0ce719c1fca0870ffe2fb] media: cec: report Vendor ID after initialization testing commit 7f02ac77c768ba2bcdd0ce719c1fca0870ffe2fb with gcc (GCC) 8.1.0 kernel signature: adea076ac41a2bb38dc1dd35c34b9db02774ca0e all runs: crashed: KASAN: null-ptr-deref Read in vb2_vmalloc_put # git bisect good 7f02ac77c768ba2bcdd0ce719c1fca0870ffe2fb Bisecting: 6 revisions left to test after this (roughly 3 steps) [da411ab10cc13dde4673608142cbd8c290505235] media: vimc: constify structures stored in fields of v4l2_subdev_ops structure testing commit da411ab10cc13dde4673608142cbd8c290505235 with gcc (GCC) 8.1.0 kernel signature: eb23e795173d11c28bdc8a62c6275583fd3d8218 all runs: crashed: KASAN: null-ptr-deref Read in vb2_vmalloc_put # git bisect good da411ab10cc13dde4673608142cbd8c290505235 Bisecting: 3 revisions left to test after this (roughly 2 steps) [be773a176cbba68e9b2b6b669e5efe966844adba] media: rockchip/rga: constify video_device structure testing commit be773a176cbba68e9b2b6b669e5efe966844adba with gcc (GCC) 8.1.0 kernel signature: 4a8272dfc9b2e7e4058ef2fd003307beb6c440a6 all runs: crashed: KASAN: null-ptr-deref Read in vb2_vmalloc_put # git bisect good be773a176cbba68e9b2b6b669e5efe966844adba Bisecting: 1 revision left to test after this (roughly 1 step) [52117be68b82ee05c96da0a7beec319906ccf6cc] media: vim2m: use cancel_delayed_work_sync instead of flush_schedule_work testing commit 52117be68b82ee05c96da0a7beec319906ccf6cc with gcc (GCC) 8.1.0 kernel signature: 7c6106b17635b2cfd28cafc2994fa283ec45b582 all runs: crashed: KASAN: null-ptr-deref Read in vb2_vmalloc_put # git bisect good 52117be68b82ee05c96da0a7beec319906ccf6cc Bisecting: 0 revisions left to test after this (roughly 0 steps) [2912289a518077ddb8214e05336700148e97e235] media: adv*/tc358743/ths8200: fill in min width/height/pixelclock testing commit 2912289a518077ddb8214e05336700148e97e235 with gcc (GCC) 8.1.0 kernel signature: 1b0da85b5a049006f425b4a5d9e5b2236749179d all runs: crashed: KASAN: null-ptr-deref Read in vb2_vmalloc_put # git bisect good 2912289a518077ddb8214e05336700148e97e235 62dcb4f41836bd3c44b5b651bb6df07ea4cb1551 is the first bad commit commit 62dcb4f41836bd3c44b5b651bb6df07ea4cb1551 Author: Hans Verkuil Date: Thu Nov 8 07:23:37 2018 -0500 media: vb2: check memory model for VIDIOC_CREATE_BUFS vb2_core_create_bufs did not check if the memory model for newly added buffers is the same as for already existing buffers. It should return an error if they aren't the same. Signed-off-by: Hans Verkuil Reported-by: syzbot+e1fb118a2ebb88031d21@syzkaller.appspotmail.com Cc: # for v4.16 and up Signed-off-by: Mauro Carvalho Chehab drivers/media/common/videobuf2/videobuf2-core.c | 3 +++ 1 file changed, 3 insertions(+) kernel signature: 665c92746947a0e10acfcc32b3ee75aadba3082e previous signature: 1b0da85b5a049006f425b4a5d9e5b2236749179d revisions tested: 18, total time: 3h48m15.273958986s (build: 1h39m8.781779993s, test: 2h7m2.329402718s) first good commit: 62dcb4f41836bd3c44b5b651bb6df07ea4cb1551 media: vb2: check memory model for VIDIOC_CREATE_BUFS cc: ["hverkuil-cisco@xs4all.nl" "kyungmin.park@samsung.com" "linux-kernel@vger.kernel.org" "linux-media@vger.kernel.org" "m.szyprowski@samsung.com" "mchehab+samsung@kernel.org" "mchehab@kernel.org" "pawel@osciak.com" "tfiga@chromium.org"]