ci2 starts bisection 2024-08-10 10:27:46.624695105 +0000 UTC m=+22829.201405374
bisecting fixing commit since d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb
building syzkaller on fb427a0782000106c62de76d251e5a02de5406a9
ensuring issue is reproducible on original commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb

testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 549531106d571d187c1f8f0a5d20bab800ab9c1ba8513fd1eaa9a1f640ca85f0
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
check whether we can drop unnecessary instrumentation
disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed
testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 57341300fe6bfb63f95962a9696308dcf1a77d9c0d0ddb19b4b5393ade81f67d
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
the bug reproduces without the instrumentation
disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN KASAN], they are not needed
kconfig minimization: base=3703 full=7267 leaves diff=1983
split chunks (needed=false): <1983>
split chunk #0 of len 1983 into 5 parts
testing without sub-chunk 1/5
disabling configs for [LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed
testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 71c459b8301971816eb509d73a0179e3f5f78da3209ec6ac0035981d00cf56ea
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
the chunk can be dropped
testing without sub-chunk 2/5
disabling configs for [LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed
testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: f937a9c3eafc889856c281d0dce2332a2529903c3c2d9e88311ca14df6e8370b
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
the chunk can be dropped
testing without sub-chunk 3/5
disabling configs for [LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed
testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 8a9cd80f7d63da6607c986b5047968b7f9f711b93cf21265c26835bfac04d65b
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
the chunk can be dropped
testing without sub-chunk 4/5
disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed
testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 1df2d4316bf9712f5bc15413d770946102973abaeb765957125022e1f2b5130f
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
the chunk can be dropped
testing without sub-chunk 5/5
disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed
testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: a058c6528219034883261b9b3ddf5a8e2e425bdfee21bf59b70c743e1436258c
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
the chunk can be dropped
disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN KASAN LOCKDEP], they are not needed
testing current HEAD 7e89efd3ae1cfa05fe918588a92628b9bbeda4b2
testing commit 7e89efd3ae1cfa05fe918588a92628b9bbeda4b2 gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 87343ee4270b45374557a1aaacadfc01710cc64aed55e485171d5931201f6744
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
crash still not fixed/happens on the oldest tested release
revisions tested: 8, total time: 1h49m54.97467741s (build: 29m3.970755768s, test: 24m52.068704675s)
crash still not fixed or there were kernel test errors
commit msg: Linux 5.15.164
crash: WARNING in free_event
------------[ cut here ]------------
unexpected event refcount: 2; ptr=ffff888100fb1a68
WARNING: CPU: 0 PID: 1512 at kernel/events/core.c:5165 free_event+0x31/0x40 kernel/events/core.c:5165
Modules linked in:
CPU: 0 PID: 1512 Comm: syz-executor.0 Not tainted 5.15.164-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
RIP: 0010:free_event+0x31/0x40 kernel/events/core.c:5165
Code: f0 48 0f b1 97 28 02 00 00 48 83 f8 01 75 05 e9 05 fd ff ff 48 8b b7 28 02 00 00 48 89 fa 48 c7 c7 10 46 31 82 e8 1c d8 83 00 <0f> 0b c3 66 66 2e 0f 1f 84 00 00 00 00 00 90 41 56 41 55 49 c7 c5
RSP: 0018:ffffc9000160fcb8 EFLAGS: 00010286
RAX: 0000000000000000 RBX: dead000000000122 RCX: ffff888237c1b7f8
RDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffff888237c1b7f0
RBP: ffff888100fb1a68 R08: ffffffff827745e8 R09: 0000000000000003
R10: 00000000ffffe000 R11: 3fffffffffffffff R12: ffff888100fb0fd8
R13: ffff88810b4b5d54 R14: ffffc9000160fa00 R15: dead000000000100
FS:  0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f1afbb5dfe8 CR3: 000000010bf68000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 perf_event_release_kernel+0x297/0x330 kernel/events/core.c:5345
 perf_release+0xc/0x10 kernel/events/core.c:5366
 __fput+0x83/0x250 fs/file_table.c:280
 task_work_run+0x54/0x80 kernel/task_work.c:164
 exit_task_work include/linux/task_work.h:32 [inline]
 do_exit+0x38d/0xae0 kernel/exit.c:874
 do_group_exit+0x34/0xb0 kernel/exit.c:996
 get_signal+0xca/0xac0 kernel/signal.c:2889
 arch_do_signal_or_restart+0xf8/0x710 arch/x86/kernel/signal.c:867
 handle_signal_work kernel/entry/common.c:154 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:178 [inline]
 exit_to_user_mode_prepare+0x119/0x190 kernel/entry/common.c:214
 __syscall_exit_to_user_mode_work kernel/entry/common.c:296 [inline]
 syscall_exit_to_user_mode+0x12/0x30 kernel/entry/common.c:307
 ret_from_fork+0x15/0x30 arch/x86/entry/entry_64.S:280
RIP: 0033:0x7f1afbfdace9
Code: Unable to access opcode bytes at RIP 0x7f1afbfdacbf.
RSP: 002b:00007f1afbb5d078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
RAX: 0000000000000000 RBX: 00007f1afc0f9f80 RCX: 00007f1afbfdace9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000200
RBP: 00007f1afc02747a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 0000000000000006 R14: 00007f1afc0f9f80 R15: 00007ffcc6805f18
 </TASK>