bisecting fixing commit since a41ba30d9df20fe141c92aacbb56b6b077f19716 building syzkaller on 4afdfa205b55633e7eb9db03a9d099d7aa324801 testing commit a41ba30d9df20fe141c92aacbb56b6b077f19716 with gcc (GCC) 8.1.0 kernel signature: c51516703309befd553c718993a408440a518a253a4ee76538936ebb7f5612ee all runs: crashed: WARNING in inc_nlink testing current HEAD 458a534cac0c808fce164cc961f8384ffc8c455e testing commit 458a534cac0c808fce164cc961f8384ffc8c455e with gcc (GCC) 8.1.0 kernel signature: 770e00c6a142ded5aa28ef227773564e0364616fd3b678e93e17a71cbabdbb5e all runs: OK # git bisect start 458a534cac0c808fce164cc961f8384ffc8c455e a41ba30d9df20fe141c92aacbb56b6b077f19716 Bisecting: 658 revisions left to test after this (roughly 9 steps) [d939945a2a89ec6a6a31b158ae822f4e502324a8] ARC: entry: fix potential EFA clobber when TIF_SYSCALL_TRACE testing commit d939945a2a89ec6a6a31b158ae822f4e502324a8 with gcc (GCC) 8.1.0 kernel signature: c50958d91c6a4baae3dbb142e9a5f03591232ed4d745f0ed4dab6dc17bf695fe all runs: boot failed: WARNING in kvm_mmu_set_mmio_spte_mask # git bisect skip d939945a2a89ec6a6a31b158ae822f4e502324a8 Bisecting: 658 revisions left to test after this (roughly 9 steps) [b4eba1edf71e3ce882d79fd46d654770a7b277b0] x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. testing commit b4eba1edf71e3ce882d79fd46d654770a7b277b0 with gcc (GCC) 8.1.0 kernel signature: 1ae69d7fb8c29a46272f9f226d1497b0b08835f520470ae6aca82f4534635ad7 all runs: boot failed: WARNING in kvm_mmu_set_mmio_spte_mask # git bisect skip b4eba1edf71e3ce882d79fd46d654770a7b277b0 Bisecting: 658 revisions left to test after this (roughly 9 steps) [06491c36d48e5df27cf1889a582a0c8eb5053a5b] mm/slab: use memzero_explicit() in kzfree() testing commit 06491c36d48e5df27cf1889a582a0c8eb5053a5b with gcc (GCC) 8.1.0 kernel signature: 453149218a132aba4bb38e4b8413aa27ad412e0d7e7d6dfb6122c5fb64cfe712 all runs: boot failed: WARNING in kvm_mmu_set_mmio_spte_mask # git bisect skip 06491c36d48e5df27cf1889a582a0c8eb5053a5b Bisecting: 658 revisions left to test after this (roughly 9 steps) [97efdabe90f035d16d3f79218055e87c76ec02e6] ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb testing commit 97efdabe90f035d16d3f79218055e87c76ec02e6 with gcc (GCC) 8.1.0 kernel signature: 99559095946ea691eee879111bdc9d0a0e8b6f58fca31d1e05ca16fdeec062aa all runs: boot failed: WARNING in kvm_mmu_set_mmio_spte_mask # git bisect skip 97efdabe90f035d16d3f79218055e87c76ec02e6 Bisecting: 658 revisions left to test after this (roughly 9 steps) [92ac080ba3009e4c8f5aecb93cb1f16aa5cb8cb6] USB: serial: option: add Quectel EG95 LTE modem testing commit 92ac080ba3009e4c8f5aecb93cb1f16aa5cb8cb6 with gcc (GCC) 8.1.0 kernel signature: 897d9f982166ead0af5c661d7a4dd97d75ca9b7b4029b19f0691ec983c9733b3 all runs: boot failed: WARNING in kvm_mmu_set_mmio_spte_mask # git bisect skip 92ac080ba3009e4c8f5aecb93cb1f16aa5cb8cb6 Bisecting: 658 revisions left to test after this (roughly 9 steps) [86a92de7833342f34e1cb98429ac100797605f73] ARM: 8992/1: Fix unwind_frame for clang-built kernels testing commit 86a92de7833342f34e1cb98429ac100797605f73 with gcc (GCC) 8.1.0 kernel signature: 4ea1ff028250fba250f1c7590de32aec3cbbd4b3ba309fcd7c21a0a25aa667b0 all runs: OK # git bisect bad 86a92de7833342f34e1cb98429ac100797605f73 Bisecting: 522 revisions left to test after this (roughly 9 steps) [c24d430285c5e668e9688d3e2c7c990aea8ea61f] mld: fix memory leak in ipv6_mc_destroy_dev() testing commit c24d430285c5e668e9688d3e2c7c990aea8ea61f with gcc (GCC) 8.1.0 kernel signature: 66815329bda51d44c7b9e09fe2b85b919f657e2fc5d0fa47f11acea1d4f4d3cf all runs: boot failed: WARNING in kvm_mmu_set_mmio_spte_mask # git bisect skip c24d430285c5e668e9688d3e2c7c990aea8ea61f Bisecting: 522 revisions left to test after this (roughly 9 steps) [cf2c621c8d5e643eee02eea1d753a8743b742184] llc: make sure applications use ARPHRD_ETHER testing commit cf2c621c8d5e643eee02eea1d753a8743b742184 with gcc (GCC) 8.1.0 kernel signature: 716a0f01930aaaafe7c54771dbcba2527d7338b2deacde2ecda59b7c070cdf90 all runs: boot failed: WARNING in kvm_mmu_set_mmio_spte_mask # git bisect skip cf2c621c8d5e643eee02eea1d753a8743b742184 Bisecting: 522 revisions left to test after this (roughly 9 steps) [a0d55c3985c213a374cf0c2081509af9d2e34bc2] arm64: dts: rockchip: swap interrupts interrupt-names rk3399 gpu node testing commit a0d55c3985c213a374cf0c2081509af9d2e34bc2 with gcc (GCC) 8.1.0 kernel signature: 1950d0eb9774ceae98e4f50035833d2b42d47b14f2d9f320b3dce0f10cce1bf6 run #0: crashed: WARNING in inc_nlink run #1: crashed: WARNING in inc_nlink run #2: crashed: WARNING in inc_nlink run #3: crashed: WARNING in inc_nlink run #4: crashed: WARNING in corrupted run #5: crashed: WARNING in inc_nlink run #6: crashed: WARNING in inc_nlink run #7: crashed: WARNING in inc_nlink run #8: crashed: WARNING in inc_nlink run #9: crashed: WARNING in inc_nlink # git bisect good a0d55c3985c213a374cf0c2081509af9d2e34bc2 Bisecting: 485 revisions left to test after this (roughly 9 steps) [1e865dd2d489ce2659484aa133189b05130eb13e] RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() testing commit 1e865dd2d489ce2659484aa133189b05130eb13e with gcc (GCC) 8.1.0 kernel signature: b6c19111475566507ef8896fbfb5a73faa6cd0396f2fb72d83103743a1ac77eb all runs: boot failed: WARNING in kvm_mmu_set_mmio_spte_mask # git bisect skip 1e865dd2d489ce2659484aa133189b05130eb13e Bisecting: 485 revisions left to test after this (roughly 9 steps) [7f15121bd7ef35c57558d317123aabffc501d434] usb: gadget: net2280: fix memory leak on probe error handling paths testing commit 7f15121bd7ef35c57558d317123aabffc501d434 with gcc (GCC) 8.1.0 kernel signature: 417c1d1ddbd1503ef89e498bb9f3b6c9f1c53bd58fbb7be45cb8de0bd3c0af71 run #0: crashed: WARNING in inc_nlink run #1: crashed: WARNING in inc_nlink run #2: crashed: WARNING in inc_nlink run #3: crashed: WARNING in inc_nlink run #4: crashed: WARNING in inc_nlink run #5: crashed: WARNING in corrupted run #6: crashed: WARNING in inc_nlink run #7: crashed: WARNING in inc_nlink run #8: crashed: WARNING in inc_nlink run #9: crashed: WARNING in inc_nlink # git bisect good 7f15121bd7ef35c57558d317123aabffc501d434 Bisecting: 43 revisions left to test after this (roughly 6 steps) [75f8b5a67b62b40d6308f3f2998de2cfa264f212] Smack: prevent underflow in smk_set_cipso() testing commit 75f8b5a67b62b40d6308f3f2998de2cfa264f212 with gcc (GCC) 8.1.0 kernel signature: 6198ddcfdd943242859984612ca714c406949994c380695dfbe51d9faca7be6d all runs: crashed: WARNING in inc_nlink # git bisect good 75f8b5a67b62b40d6308f3f2998de2cfa264f212 Bisecting: 21 revisions left to test after this (roughly 5 steps) [beafe1d05798982ae21db383884611bb389a1639] drivers/net/wan/lapbether: Added needed_headroom and a skb->len check testing commit beafe1d05798982ae21db383884611bb389a1639 with gcc (GCC) 8.1.0 kernel signature: a4ba876692a1f2d66eb40b019e9845221333a209c1213d74cb726ee2c3fee580 all runs: crashed: WARNING in inc_nlink # git bisect good beafe1d05798982ae21db383884611bb389a1639 Bisecting: 10 revisions left to test after this (roughly 4 steps) [a2c4136587cf19066758091eb60694a8f5120897] crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified testing commit a2c4136587cf19066758091eb60694a8f5120897 with gcc (GCC) 8.1.0 kernel signature: 6d42441b1c9ee7f562a850938f7728b806c92039a5f687dc58e7cbd320e0ef1a all runs: crashed: WARNING in inc_nlink # git bisect good a2c4136587cf19066758091eb60694a8f5120897 Bisecting: 4 revisions left to test after this (roughly 3 steps) [f337f8a302f715ba280477ecf2cdaeae0d86b45e] 9p: Fix memory leak in v9fs_mount testing commit f337f8a302f715ba280477ecf2cdaeae0d86b45e with gcc (GCC) 8.1.0 kernel signature: 79c16d205091b52bc76f5b81ccf949ac5d012656608c7f2d0bb081b7a3074f16 all runs: OK # git bisect bad f337f8a302f715ba280477ecf2cdaeae0d86b45e Bisecting: 2 revisions left to test after this (roughly 2 steps) [12490f06ef084bc34f5e5dbda104aa034e376f2e] fs/minix: don't allow getting deleted inodes testing commit 12490f06ef084bc34f5e5dbda104aa034e376f2e with gcc (GCC) 8.1.0 kernel signature: c9bfc9c6d2dea64501b87785e75aba99ccd881cd07a8b47ce5a0cf72cb30ad4b all runs: OK # git bisect bad 12490f06ef084bc34f5e5dbda104aa034e376f2e Bisecting: 0 revisions left to test after this (roughly 1 step) [3c775629a5ffe3f6305f9a4f53d8167f629435ad] fs/minix: check return value of sb_getblk() testing commit 3c775629a5ffe3f6305f9a4f53d8167f629435ad with gcc (GCC) 8.1.0 kernel signature: dc4792aa28087b5c436939dc50e7345df2c46d79e2b0d261e73e0c73243c35d2 all runs: crashed: WARNING in inc_nlink # git bisect good 3c775629a5ffe3f6305f9a4f53d8167f629435ad 12490f06ef084bc34f5e5dbda104aa034e376f2e is the first bad commit commit 12490f06ef084bc34f5e5dbda104aa034e376f2e Author: Eric Biggers Date: Tue Aug 11 18:35:27 2020 -0700 fs/minix: don't allow getting deleted inodes commit facb03dddec04e4aac1bb2139accdceb04deb1f3 upstream. If an inode has no links, we need to mark it bad rather than allowing it to be accessed. This avoids WARNINGs in inc_nlink() and drop_nlink() when doing directory operations on a fuzzed filesystem. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Reported-by: syzbot+a9ac3de1b5de5fb10efc@syzkaller.appspotmail.com Reported-by: syzbot+df958cf5688a96ad3287@syzkaller.appspotmail.com Signed-off-by: Eric Biggers Signed-off-by: Andrew Morton Cc: Alexander Viro Cc: Qiujun Huang Cc: Link: http://lkml.kernel.org/r/20200628060846.682158-3-ebiggers@kernel.org Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman fs/minix/inode.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) culprit signature: c9bfc9c6d2dea64501b87785e75aba99ccd881cd07a8b47ce5a0cf72cb30ad4b parent signature: dc4792aa28087b5c436939dc50e7345df2c46d79e2b0d261e73e0c73243c35d2 revisions tested: 19, total time: 5h56m41.593723528s (build: 3h27m35.717292608s, test: 2h26m22.832918667s) first good commit: 12490f06ef084bc34f5e5dbda104aa034e376f2e fs/minix: don't allow getting deleted inodes recipients (to): ["akpm@linux-foundation.org" "ebiggers@google.com" "gregkh@linuxfoundation.org" "torvalds@linux-foundation.org"] recipients (cc): []