bisecting fixing commit since 5b7a52cd2eef952cee8a72512ef370bcdef46636 building syzkaller on 8b3eaf58f88f0e0a776866110d9baf8367dde8f0 testing commit 5b7a52cd2eef952cee8a72512ef370bcdef46636 with gcc (GCC) 8.1.0 kernel signature: 7c01d0d3e103ffba5a10c9d74f418e509df37f5993cf3f333c43fba4005f58a6 all runs: crashed: WARNING in unlock_new_inode testing current HEAD 87335852c5d9ec629f80bb2257b9a9945962b719 testing commit 87335852c5d9ec629f80bb2257b9a9945962b719 with gcc (GCC) 8.1.0 kernel signature: afc0c6689486ef9f9fa2dccd3ebb419da96faec72fccd0c6bd8381aff0977d53 all runs: OK # git bisect start 87335852c5d9ec629f80bb2257b9a9945962b719 5b7a52cd2eef952cee8a72512ef370bcdef46636 Bisecting: 266 revisions left to test after this (roughly 8 steps) [3350eb1fe8eb06d72baa326a0327ddcda94ae9a2] btrfs: send, recompute reference path after orphanization of a directory testing commit 3350eb1fe8eb06d72baa326a0327ddcda94ae9a2 with gcc (GCC) 8.1.0 kernel signature: e0b585bc8e63b832ce59f4d3b2030abb4229a0b8cb5cdd33be2c3419671fbbf7 all runs: OK # git bisect bad 3350eb1fe8eb06d72baa326a0327ddcda94ae9a2 Bisecting: 132 revisions left to test after this (roughly 7 steps) [94ae143ca57be1174bbd256a74bb2a1142f5d260] NTB: hw: amd: fix an issue about leak system resources testing commit 94ae143ca57be1174bbd256a74bb2a1142f5d260 with gcc (GCC) 8.1.0 kernel signature: 721088a76041ad4202aebf3443b371843573d3210b771ea9e6ba4c6f9a158150 all runs: crashed: WARNING in unlock_new_inode # git bisect good 94ae143ca57be1174bbd256a74bb2a1142f5d260 Bisecting: 66 revisions left to test after this (roughly 6 steps) [d9cef8ed2bedbea1a6e533c9e555c2f5c8f884c0] tipc: fix memory leak caused by tipc_buf_append() testing commit d9cef8ed2bedbea1a6e533c9e555c2f5c8f884c0 with gcc (GCC) 8.1.0 kernel signature: f29838687b70e30d3e861bc3d9550095dcad8e2faf29669ce291fbed870983d4 all runs: OK # git bisect bad d9cef8ed2bedbea1a6e533c9e555c2f5c8f884c0 Bisecting: 32 revisions left to test after this (roughly 5 steps) [795d57a558d106b8a5bc2bd7aeaf707d9a099244] ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() testing commit 795d57a558d106b8a5bc2bd7aeaf707d9a099244 with gcc (GCC) 8.1.0 kernel signature: d9ff4074c62cece1e970d99044bfb27001fd9611bfad0a07f1730096c6662a09 run #0: crashed: WARNING in unlock_new_inode run #1: crashed: WARNING in unlock_new_inode run #2: crashed: WARNING in unlock_new_inode run #3: crashed: WARNING in corrupted run #4: crashed: WARNING in unlock_new_inode run #5: crashed: WARNING in unlock_new_inode run #6: crashed: WARNING in unlock_new_inode run #7: crashed: WARNING in unlock_new_inode run #8: crashed: WARNING in unlock_new_inode run #9: crashed: WARNING in unlock_new_inode # git bisect good 795d57a558d106b8a5bc2bd7aeaf707d9a099244 Bisecting: 16 revisions left to test after this (roughly 4 steps) [64bd7b8b9062ee0a0c5f98a63507e010ee9fc53a] brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach testing commit 64bd7b8b9062ee0a0c5f98a63507e010ee9fc53a with gcc (GCC) 8.1.0 kernel signature: 54f8f05208a102e26016097ea449a53f840547a5cf1c4fc900ee0830da1fb05c all runs: OK # git bisect bad 64bd7b8b9062ee0a0c5f98a63507e010ee9fc53a Bisecting: 7 revisions left to test after this (roughly 3 steps) [5b014df0885dfd7696492e7af736f88f7aca8d19] rtl8xxxu: prevent potential memory leak testing commit 5b014df0885dfd7696492e7af736f88f7aca8d19 with gcc (GCC) 8.1.0 kernel signature: ca55e8ed6f2d76825fd899bfb367b8329e15e5ac2988dd886d8fbd8e1a37cc6d all runs: OK # git bisect bad 5b014df0885dfd7696492e7af736f88f7aca8d19 Bisecting: 3 revisions left to test after this (roughly 2 steps) [be0083640e7d3f01996d5ab9d43b5de9741af051] usb: ohci: Default to per-port over-current protection testing commit be0083640e7d3f01996d5ab9d43b5de9741af051 with gcc (GCC) 8.1.0 kernel signature: 85bf8b4f94e21b4ec91f16facf40497f5e8121f08d8f225d6f79e14b20e62206 all runs: OK # git bisect bad be0083640e7d3f01996d5ab9d43b5de9741af051 Bisecting: 1 revision left to test after this (roughly 1 step) [a8ca9f684674f73f43793d7410897a8707f8a81e] reiserfs: only call unlock_new_inode() if I_NEW testing commit a8ca9f684674f73f43793d7410897a8707f8a81e with gcc (GCC) 8.1.0 kernel signature: 7a7958c68f23a67024c54e09002b9a84362627ba87559f26eae00997d2839097 all runs: OK # git bisect bad a8ca9f684674f73f43793d7410897a8707f8a81e Bisecting: 0 revisions left to test after this (roughly 0 steps) [19ca26aac2093293a1a3f7677247298b87c0776e] misc: rtsx: Fix memory leak in rtsx_pci_probe testing commit 19ca26aac2093293a1a3f7677247298b87c0776e with gcc (GCC) 8.1.0 kernel signature: d9ff4074c62cece1e970d99044bfb27001fd9611bfad0a07f1730096c6662a09 all runs: crashed: WARNING in unlock_new_inode # git bisect good 19ca26aac2093293a1a3f7677247298b87c0776e a8ca9f684674f73f43793d7410897a8707f8a81e is the first bad commit commit a8ca9f684674f73f43793d7410897a8707f8a81e Author: Eric Biggers Date: Sun Jun 28 00:00:57 2020 -0700 reiserfs: only call unlock_new_inode() if I_NEW [ Upstream commit 8859bf2b1278d064a139e3031451524a49a56bd0 ] unlock_new_inode() is only meant to be called after a new inode has already been inserted into the hash table. But reiserfs_new_inode() can call it even before it has inserted the inode, triggering the WARNING in unlock_new_inode(). Fix this by only calling unlock_new_inode() if the inode has the I_NEW flag set, indicating that it's in the table. This addresses the syzbot report "WARNING in unlock_new_inode" (https://syzkaller.appspot.com/bug?extid=187510916eb6a14598f7). Link: https://lore.kernel.org/r/20200628070057.820213-1-ebiggers@kernel.org Reported-by: syzbot+187510916eb6a14598f7@syzkaller.appspotmail.com Signed-off-by: Eric Biggers Signed-off-by: Jan Kara Signed-off-by: Sasha Levin fs/reiserfs/inode.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) culprit signature: 7a7958c68f23a67024c54e09002b9a84362627ba87559f26eae00997d2839097 parent signature: d9ff4074c62cece1e970d99044bfb27001fd9611bfad0a07f1730096c6662a09 revisions tested: 11, total time: 2h51m35.102596178s (build: 1h31m59.962042769s, test: 1h18m1.635838998s) first good commit: a8ca9f684674f73f43793d7410897a8707f8a81e reiserfs: only call unlock_new_inode() if I_NEW recipients (to): ["ebiggers@google.com" "jack@suse.cz" "sashal@kernel.org"] recipients (cc): []