bisecting fixing commit since ddef1e8e3f6eb26034833b7255e3fa584d54a230 building syzkaller on af5c522d02400b35a930d6fbdf286f9ce2afc8ba testing commit ddef1e8e3f6eb26034833b7255e3fa584d54a230 with gcc (GCC) 8.1.0 kernel signature: f6865f8c8bc4702622a83f272b0eb50270ae29abff14321b972ecadf29fb04c7 all runs: crashed: KASAN: use-after-free Read in relay_switch_subbuf testing current HEAD c196b3a9c83ae3491280b739d231d02b3cb9d041 testing commit c196b3a9c83ae3491280b739d231d02b3cb9d041 with gcc (GCC) 8.1.0 kernel signature: dbbe089b55bdd71d238b9631a9f306368e137255b49c06753e3d5812a7a7c360 all runs: OK # git bisect start c196b3a9c83ae3491280b739d231d02b3cb9d041 ddef1e8e3f6eb26034833b7255e3fa584d54a230 Bisecting: 3010 revisions left to test after this (roughly 12 steps) [402f86abf2c3dae913b166c217147f2e4c05eca6] nfc: add missing attribute validation for vendor subcommand testing commit 402f86abf2c3dae913b166c217147f2e4c05eca6 with gcc (GCC) 8.1.0 kernel signature: 3c57494ede78eeae11bb847553b34162325b0e2d2112528a78888566248ee0ef all runs: crashed: KASAN: use-after-free Read in relay_switch_subbuf # git bisect good 402f86abf2c3dae913b166c217147f2e4c05eca6 Bisecting: 1505 revisions left to test after this (roughly 11 steps) [2631d1bd96569d9a000645cc9955f229e0fbde5b] spi: spi-fsl-dspi: Exit the ISR with IRQ_NONE when it's not ours testing commit 2631d1bd96569d9a000645cc9955f229e0fbde5b with gcc (GCC) 8.1.0 kernel signature: 3a35d0dee264007aa314ebad719c6c168cfea09f3dd426a41da2a106f278877a run #0: crashed: KASAN: use-after-free Read in debugfs_remove run #1: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #2: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #3: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #4: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #5: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #6: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #7: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #8: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #9: crashed: KASAN: use-after-free Read in relay_switch_subbuf # git bisect good 2631d1bd96569d9a000645cc9955f229e0fbde5b Bisecting: 752 revisions left to test after this (roughly 10 steps) [e8be86c1d26c1e223c2b25fb33605ed83cf8acf3] serial: 8250_omap: Fix sleeping function called from invalid context during probe testing commit e8be86c1d26c1e223c2b25fb33605ed83cf8acf3 with gcc (GCC) 8.1.0 kernel signature: 114efa0e6a6453aa91d6b2b72b48ebc6988c9e2ee3780158d87f1947bad5c72d run #0: crashed: KASAN: use-after-free Read in debugfs_remove run #1: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #2: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #3: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #4: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #5: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #6: crashed: KASAN: use-after-free Read in debugfs_remove run #7: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #8: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #9: crashed: KASAN: use-after-free Read in relay_switch_subbuf # git bisect good e8be86c1d26c1e223c2b25fb33605ed83cf8acf3 Bisecting: 376 revisions left to test after this (roughly 9 steps) [4d6d4ed1758f311d0f0283ad48b11dbd0445b6f0] fscrypt: return -EXDEV for incompatible rename or link into encrypted dir testing commit 4d6d4ed1758f311d0f0283ad48b11dbd0445b6f0 with gcc (GCC) 8.1.0 kernel signature: db2b4c4b062539ca05de03e79f7258b545766e887144e60913655247683d57ba run #0: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #1: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #2: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #3: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #4: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #5: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #6: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #7: crashed: KASAN: use-after-free Read in debugfs_remove run #8: crashed: KASAN: use-after-free Read in relay_switch_subbuf run #9: crashed: general protection fault in relay_open_buf # git bisect good 4d6d4ed1758f311d0f0283ad48b11dbd0445b6f0 Bisecting: 188 revisions left to test after this (roughly 8 steps) [73ba53619ff810a0b74fbfc8b5f50d662f145e7f] gfs2: check for live vs. read-only file system in gfs2_fitrim testing commit 73ba53619ff810a0b74fbfc8b5f50d662f145e7f with gcc (GCC) 8.1.0 kernel signature: 4e3915ba2b27532c27d410fae09b5115d841d8ea3bf539bc3b1bf30b3b1a9907 run #0: crashed: KASAN: use-after-free Read in disk_unblock_events run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK reproducer seems to be flaky # git bisect good 73ba53619ff810a0b74fbfc8b5f50d662f145e7f Bisecting: 94 revisions left to test after this (roughly 7 steps) [9f687c3b272d4f4782fd7de718177af7455eb356] sctp: change to hold/put transport for proto_unreach_timer testing commit 9f687c3b272d4f4782fd7de718177af7455eb356 with gcc (GCC) 8.1.0 kernel signature: 8ebc3f4d1cf683f1f9078bcb1acabe4022295ee7628ce93a875226d85fb4cc18 run #0: crashed: KASAN: use-after-free Read in disk_unblock_events run #1: crashed: KASAN: use-after-free Read in disk_unblock_events run #2: basic kernel testing failed: failed to copy test binary to VM: failed to run ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/tmp/syz-executor216766667" "root@10.128.1.25:./syz-executor216766667"]: exit status 1 Connection timed out during banner exchange lost connection run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good 9f687c3b272d4f4782fd7de718177af7455eb356 Bisecting: 47 revisions left to test after this (roughly 6 steps) [ba8f2d497d0521ad72ef73f322697f0a09a68133] mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() testing commit ba8f2d497d0521ad72ef73f322697f0a09a68133 with gcc (GCC) 8.1.0 kernel signature: 704d1fd36924d7754d06b966e52a03a6e225787170a1efec8fb636dae1826a8f run #0: crashed: KASAN: use-after-free Read in disk_unblock_events run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good ba8f2d497d0521ad72ef73f322697f0a09a68133 Bisecting: 23 revisions left to test after this (roughly 5 steps) [752eed3e89208a0b585047f36dfb2d5bdf1cb129] batman-adv: set .owner to THIS_MODULE testing commit 752eed3e89208a0b585047f36dfb2d5bdf1cb129 with gcc (GCC) 8.1.0 kernel signature: c6815febb9a41d5bc14d06e5825083b05885b78270688d05563eceb00918d25c run #0: crashed: KASAN: use-after-free Read in disk_unblock_events run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good 752eed3e89208a0b585047f36dfb2d5bdf1cb129 Bisecting: 11 revisions left to test after this (roughly 4 steps) [73419262795afd60235810c5ec5fbbbf0ec72295] can: gs_usb: fix endianess problem with candleLight firmware testing commit 73419262795afd60235810c5ec5fbbbf0ec72295 with gcc (GCC) 8.1.0 kernel signature: 917d06e8c13005c8cf773bda4bdb20f122334bb863bbcca56b9447b8b5aca76f run #0: crashed: KASAN: use-after-free Read in disk_unblock_events run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good 73419262795afd60235810c5ec5fbbbf0ec72295 Bisecting: 5 revisions left to test after this (roughly 3 steps) [121c9f539cc591f20b984d413205ac31e5b2e50e] usb: gadget: Fix memleak in gadgetfs_fill_super testing commit 121c9f539cc591f20b984d413205ac31e5b2e50e with gcc (GCC) 8.1.0 kernel signature: ffe4fd5e925329cddd12143a5a341704b8fb4031badb8c88d643115527315953 run #0: crashed: KASAN: use-after-free Read in disk_unblock_events run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good 121c9f539cc591f20b984d413205ac31e5b2e50e Bisecting: 2 revisions left to test after this (roughly 2 steps) [fdf6268c66e42a86d69fd4dc425dfa50cf524c51] x86/resctrl: Add necessary kernfs_put() calls to prevent refcount leak testing commit fdf6268c66e42a86d69fd4dc425dfa50cf524c51 with gcc (GCC) 8.1.0 kernel signature: a3da557cad5dd5bea8ac9a68ff5387060ed4a8543f87ada1e9b0ce5535300e82 run #0: crashed: KASAN: use-after-free Read in disk_unblock_events run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good fdf6268c66e42a86d69fd4dc425dfa50cf524c51 Bisecting: 0 revisions left to test after this (roughly 1 step) [67d0acfcd00569c22e75bb159d511e4f05071287] USB: core: Fix regression in Hercules audio card testing commit 67d0acfcd00569c22e75bb159d511e4f05071287 with gcc (GCC) 8.1.0 kernel signature: e067536bee0f892025a4485f5f5c21a16c88c89d35155a3a402989bf5cec1b8a run #0: crashed: KASAN: use-after-free Read in disk_unblock_events run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good 67d0acfcd00569c22e75bb159d511e4f05071287 c196b3a9c83ae3491280b739d231d02b3cb9d041 is the first bad commit commit c196b3a9c83ae3491280b739d231d02b3cb9d041 Author: Greg Kroah-Hartman Date: Wed Dec 2 08:34:45 2020 +0100 Linux 4.14.210 Tested-by: Jon Hunter Tested-by: Guenter Roeck Tested-by: Linux Kernel Functional Testing Link: https://lore.kernel.org/r/20201201084644.803812112@linuxfoundation.org Signed-off-by: Greg Kroah-Hartman Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) culprit signature: dbbe089b55bdd71d238b9631a9f306368e137255b49c06753e3d5812a7a7c360 parent signature: e067536bee0f892025a4485f5f5c21a16c88c89d35155a3a402989bf5cec1b8a Reproducer flagged being flaky revisions tested: 14, total time: 3h58m2.863833191s (build: 2h5m42.877898462s, test: 1h50m29.64873616s) first good commit: c196b3a9c83ae3491280b739d231d02b3cb9d041 Linux 4.14.210 recipients (to): ["gregkh@linuxfoundation.org" "jonathanh@nvidia.com" "linux@roeck-us.net" "lkft@linaro.org"] recipients (cc): []