bisecting fixing commit since abb3438d69fb6dd5baa4ae23eafbf5b87945eff1 building syzkaller on 344da168cb738076d82a75e1a7a1f5177df8dbc7 testing commit abb3438d69fb6dd5baa4ae23eafbf5b87945eff1 with gcc (GCC) 8.1.0 kernel signature: 6845d65ef40ab6490f9748381abf608591ef46c418fd20c45c9e252089c9b304 run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_alloc_anon_key run #1: crashed: BUG: unable to handle kernel paging request in afs_proc_cell_setup run #2: crashed: WARNING: ODEBUG bug in __do_softirq run #3: crashed: WARNING in __proc_create run #4: crashed: general protection fault in afs_proc_cell_setup run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_manage_cell run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #8: crashed: general protection fault in afs_proc_cell_setup run #9: crashed: INFO: task hung in synchronize_rcu testing current HEAD 521b619acdc8f1f5acdac15b84f81fd9515b2aff testing commit 521b619acdc8f1f5acdac15b84f81fd9515b2aff with gcc (GCC) 8.1.0 kernel signature: eb8fdeae9a33d60f50ca83ef3537b2a8eea08d93ae6343464c9a5730e59541e4 all runs: OK # git bisect start 521b619acdc8f1f5acdac15b84f81fd9515b2aff abb3438d69fb6dd5baa4ae23eafbf5b87945eff1 Bisecting: 8442 revisions left to test after this (roughly 13 steps) [93b694d096cc10994c817730d4d50288f9ae3d66] Merge tag 'drm-next-2020-10-15' of git://anongit.freedesktop.org/drm/drm testing commit 93b694d096cc10994c817730d4d50288f9ae3d66 with gcc (GCC) 8.1.0 kernel signature: c0a81819f93cef9005a6940474b25b956fab15366429308c759ba3b67e817ab0 run #0: crashed: WARNING: ODEBUG bug in __do_softirq run #1: crashed: BUG: unable to handle kernel paging request in afs_proc_cell_remove run #2: crashed: BUG: unable to handle kernel paging request in afs_proc_cell_remove run #3: crashed: WARNING in __proc_create run #4: crashed: kernel BUG at fs/afs/cell.c:LINE! run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_put_cell run #6: crashed: WARNING in __xlate_proc_name run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #8: crashed: BUG: unable to handle kernel paging request in afs_proc_cell_remove run #9: crashed: general protection fault in afs_proc_cell_setup # git bisect good 93b694d096cc10994c817730d4d50288f9ae3d66 Bisecting: 4243 revisions left to test after this (roughly 12 steps) [847d4287a0c6709fd1ce24002b96d404a6da8b5b] Merge tag 's390-5.10-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux testing commit 847d4287a0c6709fd1ce24002b96d404a6da8b5b with gcc (GCC) 8.1.0 kernel signature: 42ce29bf87ccae9df0b7be5c51837ef1b21ab662f5d26770118e05aaa408e3ba run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_manage_cell run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_proc_cell_remove run #3: crashed: WARNING: ODEBUG bug in __do_softirq run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #5: crashed: general protection fault in afs_proc_cell_remove run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_manage_cell run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_proc_cell_remove run #8: crashed: BUG: Dentry still in use [unmount of afs afs] run #9: crashed: general protection fault in afs_proc_cell_setup # git bisect good 847d4287a0c6709fd1ce24002b96d404a6da8b5b Bisecting: 2062 revisions left to test after this (roughly 11 steps) [f9a705ad1c077ec2872c641f0db9c0d5b4a097bb] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm testing commit f9a705ad1c077ec2872c641f0db9c0d5b4a097bb with gcc (GCC) 8.1.0 kernel signature: 948b487667ee35ba085b07b49885c43f67438e04871ae6abdba2a65b63f2a8a0 all runs: OK # git bisect bad f9a705ad1c077ec2872c641f0db9c0d5b4a097bb Bisecting: 1091 revisions left to test after this (roughly 10 steps) [38525c6919e2f6b27c1855905f342a0def3cbdcf] Merge tag 'for-v5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supply testing commit 38525c6919e2f6b27c1855905f342a0def3cbdcf with gcc (GCC) 8.1.0 kernel signature: 4c657f4b90dd1b176b11d04a1b967a8d66e5d6885cbc38b6aa43836bf345fa54 all runs: OK # git bisect bad 38525c6919e2f6b27c1855905f342a0def3cbdcf Bisecting: 533 revisions left to test after this (roughly 9 steps) [a1e16bc7d5f7ca3599d8a7f061841c93a563665e] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma testing commit a1e16bc7d5f7ca3599d8a7f061841c93a563665e with gcc (GCC) 8.1.0 kernel signature: a16d55a309aabb5b193ef9eda7bfcbe497f4c2b47aa7f07d4d6393741d404690 all runs: OK # git bisect bad a1e16bc7d5f7ca3599d8a7f061841c93a563665e Bisecting: 279 revisions left to test after this (roughly 8 steps) [5a77b6a0131f7197e1a037f65fc7cbabcb4fe680] Merge tag 'thermal-v5.10-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/thermal/linux testing commit 5a77b6a0131f7197e1a037f65fc7cbabcb4fe680 with gcc (GCC) 8.1.0 kernel signature: 41281eb7172921fb3f28a16a5d8ef9c0d47d26b3a067f3f278f1e721fc67603d all runs: OK # git bisect bad 5a77b6a0131f7197e1a037f65fc7cbabcb4fe680 Bisecting: 168 revisions left to test after this (roughly 7 steps) [93f3d8f54a22eaa5ae4ec269615729c4f9b1cf1e] Merge tag 'trace-v5.10-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace testing commit 93f3d8f54a22eaa5ae4ec269615729c4f9b1cf1e with gcc (GCC) 8.1.0 kernel signature: 3d7cf95214d42c62ea79951ab1dc189d054e813507721d6af8fcc441da761cdd run #0: crashed: WARNING: ODEBUG bug in __do_softirq run #1: crashed: WARNING in __proc_create run #2: crashed: general protection fault in afs_deactivate_cell run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #4: crashed: kernel BUG at fs/afs/cell.c:LINE! run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #6: crashed: WARNING: proc registration bug in afs_manage_cell run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_manage_cell run #8: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #9: crashed: WARNING: ODEBUG bug in __do_softirq # git bisect good 93f3d8f54a22eaa5ae4ec269615729c4f9b1cf1e Bisecting: 92 revisions left to test after this (roughly 6 steps) [54a4c789ca8091ab8fcd70285caeee2c5bc62997] Merge tag 'docs/v5.10-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media testing commit 54a4c789ca8091ab8fcd70285caeee2c5bc62997 with gcc (GCC) 8.1.0 kernel signature: 18e741dcc3aab43b094a855648aa260650c177685a2da312220314d7d448bea2 run #0: crashed: BUG: unable to handle kernel paging request in afs_proc_cell_remove run #1: crashed: general protection fault in afs_deactivate_cell run #2: crashed: general protection fault in afs_proc_cell_setup run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_manage_cell run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #5: crashed: WARNING: ODEBUG bug in __do_softirq run #6: crashed: WARNING in __proc_create run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #8: crashed: BUG: Dentry still in use [unmount of afs afs] run #9: crashed: WARNING: ODEBUG bug in __do_softirq # git bisect good 54a4c789ca8091ab8fcd70285caeee2c5bc62997 Bisecting: 46 revisions left to test after this (roughly 6 steps) [86f33603f8c51537265ff7ac0320638fd2cbdb1b] f2fs: handle errors of f2fs_get_meta_page_nofail testing commit 86f33603f8c51537265ff7ac0320638fd2cbdb1b with gcc (GCC) 8.1.0 kernel signature: 6d1cac24c238196057321b68585febed6d33acac6addda8b97baf2ed6ac3e6a3 run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #1: crashed: general protection fault in afs_dns_query run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_put_cell run #3: crashed: WARNING in __proc_create run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_proc_cell_remove run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #6: crashed: WARNING in __proc_create run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #8: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_alloc_anon_key run #9: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_manage_cell # git bisect good 86f33603f8c51537265ff7ac0320638fd2cbdb1b Bisecting: 19 revisions left to test after this (roughly 5 steps) [071a0578b0ce0b0e543d1e38ee6926b9cc21c198] Merge tag 'ovl-update-5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs testing commit 071a0578b0ce0b0e543d1e38ee6926b9cc21c198 with gcc (GCC) 8.1.0 kernel signature: 9f2481235104bfa0ab55e71ab370eda630a3a93861abc718c363d4c9d7799e62 all runs: OK # git bisect bad 071a0578b0ce0b0e543d1e38ee6926b9cc21c198 Bisecting: 13 revisions left to test after this (roughly 4 steps) [fad70111d57e0b728b587eabc6f9f9b5240faa17] Merge tag 'afs-fixes-20201016' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs testing commit fad70111d57e0b728b587eabc6f9f9b5240faa17 with gcc (GCC) 8.1.0 kernel signature: c923124facd850e8fa9c8ef3059d3434070a2b27f88946c810ef39f90908fcb5 all runs: OK # git bisect bad fad70111d57e0b728b587eabc6f9f9b5240faa17 Bisecting: 6 revisions left to test after this (roughly 3 steps) [7530d3eb3dcf1a30750e8e7f1f88b782b96b72b8] afs: Don't assert on unpurgeable server records testing commit 7530d3eb3dcf1a30750e8e7f1f88b782b96b72b8 with gcc (GCC) 8.1.0 kernel signature: 5bb50d298fb701d2410ffec46937ce4fedcf0aca584cb46e66e345c082f71aaf all runs: OK # git bisect bad 7530d3eb3dcf1a30750e8e7f1f88b782b96b72b8 Bisecting: 2 revisions left to test after this (roughly 2 steps) [286377f6bdf71568a4cf07104fe44006ae0dba6d] afs: Fix cell purging with aliases testing commit 286377f6bdf71568a4cf07104fe44006ae0dba6d with gcc (GCC) 8.1.0 kernel signature: 1f502faebe6bd87448667a22d13a7c816d9320f87ad1e74bbee269c0c2f91d83 all runs: crashed: INFO: task hung in synchronize_rcu # git bisect good 286377f6bdf71568a4cf07104fe44006ae0dba6d Bisecting: 0 revisions left to test after this (roughly 1 step) [dca54a7bbb8ca9148ae10d60c66c926e222a9c4b] afs: Add tracing for cell refcount and active user count testing commit dca54a7bbb8ca9148ae10d60c66c926e222a9c4b with gcc (GCC) 8.1.0 kernel signature: cacfd3d721b5e4d93d28e7ded926110d1ca1d138e321e2bb8fb234b4722abc22 all runs: OK # git bisect bad dca54a7bbb8ca9148ae10d60c66c926e222a9c4b Bisecting: 0 revisions left to test after this (roughly 0 steps) [1d0e850a49a5b56f8f3cb51e74a11e2fedb96be6] afs: Fix cell removal testing commit 1d0e850a49a5b56f8f3cb51e74a11e2fedb96be6 with gcc (GCC) 8.1.0 kernel signature: 27fcc1fbbf549525b2dcf49efc6205ff41566b2b3cbc5cc5293d6cc87e748359 all runs: OK # git bisect bad 1d0e850a49a5b56f8f3cb51e74a11e2fedb96be6 1d0e850a49a5b56f8f3cb51e74a11e2fedb96be6 is the first bad commit commit 1d0e850a49a5b56f8f3cb51e74a11e2fedb96be6 Author: David Howells Date: Fri Oct 16 13:21:14 2020 +0100 afs: Fix cell removal Fix cell removal by inserting a more final state than AFS_CELL_FAILED that indicates that the cell has been unpublished in case the manager is already requeued and will go through again. The new AFS_CELL_REMOVED state will just immediately leave the manager function. Going through a second time in the AFS_CELL_FAILED state will cause it to try to remove the cell again, potentially leading to the proc list being removed. Fixes: 989782dcdc91 ("afs: Overhaul cell database management") Reported-by: syzbot+b994ecf2b023f14832c1@syzkaller.appspotmail.com Reported-by: syzbot+0e0db88e1eb44a91ae8d@syzkaller.appspotmail.com Reported-by: syzbot+2d0585e5efcd43d113c2@syzkaller.appspotmail.com Reported-by: syzbot+1ecc2f9d3387f1d79d42@syzkaller.appspotmail.com Reported-by: syzbot+18d51774588492bf3f69@syzkaller.appspotmail.com Reported-by: syzbot+a5e4946b04d6ca8fa5f3@syzkaller.appspotmail.com Suggested-by: Hillf Danton Signed-off-by: David Howells cc: Hillf Danton fs/afs/cell.c | 16 ++++++++++------ fs/afs/internal.h | 1 + 2 files changed, 11 insertions(+), 6 deletions(-) culprit signature: 27fcc1fbbf549525b2dcf49efc6205ff41566b2b3cbc5cc5293d6cc87e748359 parent signature: 1f502faebe6bd87448667a22d13a7c816d9320f87ad1e74bbee269c0c2f91d83 revisions tested: 17, total time: 3h46m5.853476272s (build: 1h20m1.204689837s, test: 2h24m22.518530593s) first good commit: 1d0e850a49a5b56f8f3cb51e74a11e2fedb96be6 afs: Fix cell removal recipients (to): ["dhowells@redhat.com" "dhowells@redhat.com" "linux-afs@lists.infradead.org"] recipients (cc): ["linux-kernel@vger.kernel.org"]