bisecting fixing commit since 2f166cdcf8a92fcf85524f2b5526cb28e16f0a60 building syzkaller on abf9ba4fc75d9b29af15625d44dcfc1360fad3b7 testing commit 2f166cdcf8a92fcf85524f2b5526cb28e16f0a60 with gcc (GCC) 8.1.0 kernel signature: 72b29773bff4ce6cf17829a83d1552fb5c16fea6f507b74a0a91aab6383a7dd6 run #0: crashed: general protection fault in locks_remove_file run #1: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #2: crashed: KASAN: use-after-free Read in v4l2_fh_del run #3: crashed: general protection fault in locks_remove_file run #4: crashed: general protection fault in locks_remove_file run #5: crashed: general protection fault in locks_remove_file run #6: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #7: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #8: crashed: general protection fault in locks_remove_file run #9: crashed: general protection fault in locks_remove_file testing current HEAD bae31eef2a167ef160ab2703b6a2f5bbecd98d92 testing commit bae31eef2a167ef160ab2703b6a2f5bbecd98d92 with gcc (GCC) 8.1.0 kernel signature: 2db616c04601b94fa5888205c07d439d9b9f3b509a4b838a969bd6dbab1ccb36 all runs: OK # git bisect start bae31eef2a167ef160ab2703b6a2f5bbecd98d92 2f166cdcf8a92fcf85524f2b5526cb28e16f0a60 Bisecting: 169 revisions left to test after this (roughly 7 steps) [293036a0ea49b63a2dc449d41b6f81b3194fffeb] ehci-hcd: Move include to keep CRC stable testing commit 293036a0ea49b63a2dc449d41b6f81b3194fffeb with gcc (GCC) 8.1.0 kernel signature: 8dbaab99bad72291a65440cc5bc4cfe22406afb8bca411522d16aa0738085ebc all runs: OK # git bisect bad 293036a0ea49b63a2dc449d41b6f81b3194fffeb Bisecting: 84 revisions left to test after this (roughly 6 steps) [7290cb1a3aa67dcc43fecf66dae64eb2ebad18af] ARM: dts: BCM5301X: Fixed QSPI compatible string testing commit 7290cb1a3aa67dcc43fecf66dae64eb2ebad18af with gcc (GCC) 8.1.0 kernel signature: c3bb91ff08e577987b6cfaaa7983236fa29186712ebddf692d07295b6ca4472e all runs: OK # git bisect bad 7290cb1a3aa67dcc43fecf66dae64eb2ebad18af Bisecting: 42 revisions left to test after this (roughly 5 steps) [6aa022755fa184cde7c1af02f45357d7f483b1f7] uaccess: Add non-pagefault user-space write function testing commit 6aa022755fa184cde7c1af02f45357d7f483b1f7 with gcc (GCC) 8.1.0 kernel signature: 72817105d79b72c410873efeec376f4417140568f020fe3a11270f6b85cc18ec all runs: OK # git bisect bad 6aa022755fa184cde7c1af02f45357d7f483b1f7 Bisecting: 20 revisions left to test after this (roughly 4 steps) [9de4fede0b351128162d4e3612b33e34352a66a5] net: hns: Fix memleak in hns_nic_dev_probe testing commit 9de4fede0b351128162d4e3612b33e34352a66a5 with gcc (GCC) 8.1.0 kernel signature: 24b5d8da627846aca73781c4a9e25174395d9f3efcdc1349825353be6d04479c run #0: crashed: general protection fault in locks_remove_file run #1: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #2: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #3: crashed: general protection fault in locks_remove_file run #4: crashed: general protection fault in locks_remove_file run #5: crashed: WARNING: ODEBUG bug in get_signal run #6: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #7: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #8: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #9: crashed: general protection fault in locks_remove_file # git bisect good 9de4fede0b351128162d4e3612b33e34352a66a5 Bisecting: 10 revisions left to test after this (roughly 3 steps) [cfb5e057b7179767d6f3cef3381633417e4e3afb] net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() testing commit cfb5e057b7179767d6f3cef3381633417e4e3afb with gcc (GCC) 8.1.0 kernel signature: 721ea53e25ad3faaf8a8391f07242bd825ccf1505416914677e3894a1c984f78 run #0: crashed: general protection fault in locks_remove_file run #1: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #2: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #3: crashed: general protection fault in locks_remove_file run #4: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #5: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #6: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #7: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #8: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #9: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop # git bisect good cfb5e057b7179767d6f3cef3381633417e4e3afb Bisecting: 5 revisions left to test after this (roughly 3 steps) [5ace0847122fb22f18a20fb7809339cb3d789f01] include/linux/log2.h: add missing () around n in roundup_pow_of_two() testing commit 5ace0847122fb22f18a20fb7809339cb3d789f01 with gcc (GCC) 8.1.0 kernel signature: bb3839ccf791b0d928e7a21c2277cfd3c30591d2d71641626fa7734aea199c0d all runs: OK # git bisect bad 5ace0847122fb22f18a20fb7809339cb3d789f01 Bisecting: 2 revisions left to test after this (roughly 1 step) [751deef5de35a497a3ea007e0953889ba1123a97] tg3: Fix soft lockup when tg3_reset_task() fails. testing commit 751deef5de35a497a3ea007e0953889ba1123a97 with gcc (GCC) 8.1.0 kernel signature: 20e94779499540e1e514a9777c613f2db97a570f20ce9d8b6e2a5e196b8f55bd all runs: OK # git bisect bad 751deef5de35a497a3ea007e0953889ba1123a97 Bisecting: 0 revisions left to test after this (roughly 0 steps) [c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888] fix regression in "epoll: Keep a reference on files added to the check list" testing commit c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888 with gcc (GCC) 8.1.0 kernel signature: 27f699dd9a9fadd077988a2d072b376539ca8f156af8816219cd16fe1d48f690 all runs: OK # git bisect bad c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888 c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888 is the first bad commit commit c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888 Author: Al Viro Date: Wed Sep 2 11:30:48 2020 -0400 fix regression in "epoll: Keep a reference on files added to the check list" [ Upstream commit 77f4689de17c0887775bb77896f4cc11a39bf848 ] epoll_loop_check_proc() can run into a file already committed to destruction; we can't grab a reference on those and don't need to add them to the set for reverse path check anyway. Tested-by: Marc Zyngier Fixes: a9ed4a6560b8 ("epoll: Keep a reference on files added to the check list") Signed-off-by: Al Viro Signed-off-by: Sasha Levin fs/eventpoll.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) culprit signature: 27f699dd9a9fadd077988a2d072b376539ca8f156af8816219cd16fe1d48f690 parent signature: 721ea53e25ad3faaf8a8391f07242bd825ccf1505416914677e3894a1c984f78 revisions tested: 10, total time: 2h49m24.923263159s (build: 1h26m32.687873454s, test: 1h21m30.405178445s) first good commit: c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888 fix regression in "epoll: Keep a reference on files added to the check list" recipients (to): ["maz@kernel.org" "sashal@kernel.org" "viro@zeniv.linux.org.uk"] recipients (cc): []