bisecting fixing commit since 2f166cdcf8a92fcf85524f2b5526cb28e16f0a60 building syzkaller on abf9ba4fc75d9b29af15625d44dcfc1360fad3b7 testing commit 2f166cdcf8a92fcf85524f2b5526cb28e16f0a60 with gcc (GCC) 8.1.0 kernel signature: a69652abe7699e93d0fc468f0bfa40f74ff991576972f580855d467292bdd9c7 run #0: crashed: KASAN: use-after-free Read in __sock_release run #1: crashed: KASAN: use-after-free Read in __sock_release run #2: crashed: KASAN: use-after-free Read in __sock_release run #3: crashed: KASAN: use-after-free Read in __sock_release run #4: crashed: KASAN: use-after-free Read in __sock_release run #5: crashed: KASAN: use-after-free Read in __sock_release run #6: crashed: general protection fault in __sock_release run #7: crashed: KASAN: use-after-free Read in __sock_release run #8: crashed: KASAN: use-after-free Read in __sock_release run #9: crashed: KASAN: use-after-free Read in __sock_release testing current HEAD bae31eef2a167ef160ab2703b6a2f5bbecd98d92 testing commit bae31eef2a167ef160ab2703b6a2f5bbecd98d92 with gcc (GCC) 8.1.0 kernel signature: fe7bb7ce5693170eefad23cd2f64064b449e173e70c5e15238ff252f1d32a000 all runs: OK # git bisect start bae31eef2a167ef160ab2703b6a2f5bbecd98d92 2f166cdcf8a92fcf85524f2b5526cb28e16f0a60 Bisecting: 169 revisions left to test after this (roughly 7 steps) [293036a0ea49b63a2dc449d41b6f81b3194fffeb] ehci-hcd: Move include to keep CRC stable testing commit 293036a0ea49b63a2dc449d41b6f81b3194fffeb with gcc (GCC) 8.1.0 kernel signature: d05d78ea64a02d17040ad8523f4f1726c54ac1f62f1897ca71891d597b399269 all runs: OK # git bisect bad 293036a0ea49b63a2dc449d41b6f81b3194fffeb Bisecting: 84 revisions left to test after this (roughly 6 steps) [7290cb1a3aa67dcc43fecf66dae64eb2ebad18af] ARM: dts: BCM5301X: Fixed QSPI compatible string testing commit 7290cb1a3aa67dcc43fecf66dae64eb2ebad18af with gcc (GCC) 8.1.0 kernel signature: 874eecf194f13c2387d16d038d3fd31f1c7d131ee8f4e2faf6da7105bca54265 all runs: OK # git bisect bad 7290cb1a3aa67dcc43fecf66dae64eb2ebad18af Bisecting: 42 revisions left to test after this (roughly 5 steps) [6aa022755fa184cde7c1af02f45357d7f483b1f7] uaccess: Add non-pagefault user-space write function testing commit 6aa022755fa184cde7c1af02f45357d7f483b1f7 with gcc (GCC) 8.1.0 kernel signature: abbb7da2ab98b823d33526c19a99b8c591862f48186803a83f6f97ad840c414f all runs: OK # git bisect bad 6aa022755fa184cde7c1af02f45357d7f483b1f7 Bisecting: 20 revisions left to test after this (roughly 4 steps) [9de4fede0b351128162d4e3612b33e34352a66a5] net: hns: Fix memleak in hns_nic_dev_probe testing commit 9de4fede0b351128162d4e3612b33e34352a66a5 with gcc (GCC) 8.1.0 kernel signature: e357f37aa632dfe0a7bf0501236060cbf74690a58836ba187e2a5f1c9f9524f5 all runs: crashed: KASAN: use-after-free Read in __sock_release # git bisect good 9de4fede0b351128162d4e3612b33e34352a66a5 Bisecting: 10 revisions left to test after this (roughly 3 steps) [cfb5e057b7179767d6f3cef3381633417e4e3afb] net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() testing commit cfb5e057b7179767d6f3cef3381633417e4e3afb with gcc (GCC) 8.1.0 kernel signature: 06fad41cd875d065ea085afa49dad8e172c81a6cbd7a21932d0ba8794cca9d7f run #0: crashed: WARNING: ODEBUG bug in get_signal run #1: crashed: KASAN: use-after-free Read in __sock_release run #2: crashed: KASAN: use-after-free Read in __sock_release run #3: crashed: KASAN: use-after-free Read in __sock_release run #4: crashed: KASAN: use-after-free Read in __sock_release run #5: crashed: general protection fault in __sock_release run #6: crashed: KASAN: use-after-free Read in __sock_release run #7: crashed: general protection fault in __sock_release run #8: crashed: KASAN: use-after-free Read in __sock_release run #9: crashed: KASAN: use-after-free Read in __sock_release # git bisect good cfb5e057b7179767d6f3cef3381633417e4e3afb Bisecting: 5 revisions left to test after this (roughly 3 steps) [5ace0847122fb22f18a20fb7809339cb3d789f01] include/linux/log2.h: add missing () around n in roundup_pow_of_two() testing commit 5ace0847122fb22f18a20fb7809339cb3d789f01 with gcc (GCC) 8.1.0 kernel signature: 556869fd3e1c632ea52f51e22643510281bc4a0a1ded1fa2f64b97e39637ca5d all runs: OK # git bisect bad 5ace0847122fb22f18a20fb7809339cb3d789f01 Bisecting: 2 revisions left to test after this (roughly 1 step) [751deef5de35a497a3ea007e0953889ba1123a97] tg3: Fix soft lockup when tg3_reset_task() fails. testing commit 751deef5de35a497a3ea007e0953889ba1123a97 with gcc (GCC) 8.1.0 kernel signature: c5e80462d2ce80fafbc39739025a066f28b30e32e2fd363cd2715d31daf738ea all runs: OK # git bisect bad 751deef5de35a497a3ea007e0953889ba1123a97 Bisecting: 0 revisions left to test after this (roughly 0 steps) [c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888] fix regression in "epoll: Keep a reference on files added to the check list" testing commit c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888 with gcc (GCC) 8.1.0 kernel signature: 1d1d99503b34118ea08015e5ce1cb47a8dfefa28b8fc45cee08dd563ea4f61fd all runs: OK # git bisect bad c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888 c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888 is the first bad commit commit c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888 Author: Al Viro Date: Wed Sep 2 11:30:48 2020 -0400 fix regression in "epoll: Keep a reference on files added to the check list" [ Upstream commit 77f4689de17c0887775bb77896f4cc11a39bf848 ] epoll_loop_check_proc() can run into a file already committed to destruction; we can't grab a reference on those and don't need to add them to the set for reverse path check anyway. Tested-by: Marc Zyngier Fixes: a9ed4a6560b8 ("epoll: Keep a reference on files added to the check list") Signed-off-by: Al Viro Signed-off-by: Sasha Levin fs/eventpoll.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) culprit signature: 1d1d99503b34118ea08015e5ce1cb47a8dfefa28b8fc45cee08dd563ea4f61fd parent signature: 06fad41cd875d065ea085afa49dad8e172c81a6cbd7a21932d0ba8794cca9d7f revisions tested: 10, total time: 2h45m51.262160246s (build: 1h27m37.301511618s, test: 1h16m47.268306251s) first good commit: c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888 fix regression in "epoll: Keep a reference on files added to the check list" recipients (to): ["maz@kernel.org" "sashal@kernel.org" "viro@zeniv.linux.org.uk"] recipients (cc): []