bisecting cause commit starting from 1baf02ec984b88b435e2fa065300179a3f48e7d2 building syzkaller on 98c1bf1cfb0f9530ab2107c29a52ba15fc4fefa3 testing commit 1baf02ec984b88b435e2fa065300179a3f48e7d2 with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in load_elf_binary testing release v5.0 testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 with gcc (GCC) 8.1.0 all runs: OK # git bisect start 1baf02ec984b88b435e2fa065300179a3f48e7d2 v5.0 Bisecting: 8354 revisions left to test after this (roughly 13 steps) [1b37b8c48d2c2d8553f116ec2a75d21056f1fb35] Merge tag 'edac_for_5.1' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bp testing commit 1b37b8c48d2c2d8553f116ec2a75d21056f1fb35 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 1b37b8c48d2c2d8553f116ec2a75d21056f1fb35 Bisecting: 4182 revisions left to test after this (roughly 12 steps) [0bec6219e5a0cf2dd17716949a7592807e10f3d7] Merge tag 'drm-misc-next-2019-03-21' of git://anongit.freedesktop.org/drm/drm-misc into drm-next testing commit 0bec6219e5a0cf2dd17716949a7592807e10f3d7 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 0bec6219e5a0cf2dd17716949a7592807e10f3d7 Bisecting: 2268 revisions left to test after this (roughly 11 steps) [d355bd10d3b25a542cc625d5d7fb6a6f2e58fafa] Merge remote-tracking branch 'drm/drm-next' testing commit d355bd10d3b25a542cc625d5d7fb6a6f2e58fafa with gcc (GCC) 8.1.0 all runs: OK # git bisect good d355bd10d3b25a542cc625d5d7fb6a6f2e58fafa Bisecting: 1127 revisions left to test after this (roughly 10 steps) [cf0b96c786a9668a8a85efa77a10262d32bad3da] Merge remote-tracking branch 'selinux/next' testing commit cf0b96c786a9668a8a85efa77a10262d32bad3da with gcc (GCC) 8.1.0 run #0: basic kernel testing failed: timed out run #1: basic kernel testing failed: timed out run #2: basic kernel testing failed: timed out run #3: basic kernel testing failed: timed out run #4: basic kernel testing failed: timed out run #5: basic kernel testing failed: timed out run #6: basic kernel testing failed: timed out run #7: OK run #8: OK run #9: OK # git bisect skip cf0b96c786a9668a8a85efa77a10262d32bad3da Bisecting: 1127 revisions left to test after this (roughly 10 steps) [1dab3e2be7ff455f12e60aa23d3f5fed943d791a] lib/list_sort: optimize number of calls to comparison function testing commit 1dab3e2be7ff455f12e60aa23d3f5fed943d791a with gcc (GCC) 8.1.0 all runs: OK # git bisect good 1dab3e2be7ff455f12e60aa23d3f5fed943d791a Bisecting: 1050 revisions left to test after this (roughly 10 steps) [956506b17d3aaf7f88dc077e864f7742bceb5ecd] Merge remote-tracking branch 'regulator/for-next' testing commit 956506b17d3aaf7f88dc077e864f7742bceb5ecd with gcc (GCC) 8.1.0 all runs: basic kernel testing failed: timed out # git bisect skip 956506b17d3aaf7f88dc077e864f7742bceb5ecd Bisecting: 1050 revisions left to test after this (roughly 10 steps) [3a23fd0415cbd074b726fe730747d1bb41f8d0d7] Merge branch 'topic/timer-fixes' into for-next testing commit 3a23fd0415cbd074b726fe730747d1bb41f8d0d7 with gcc (GCC) 8.1.0 all runs: basic kernel testing failed: timed out # git bisect skip 3a23fd0415cbd074b726fe730747d1bb41f8d0d7 Bisecting: 1050 revisions left to test after this (roughly 10 steps) [11152496021ea872dac150e0fdad610f6e63773d] staging: erofs: fix error handling when failed to read compresssed data testing commit 11152496021ea872dac150e0fdad610f6e63773d with gcc (GCC) 8.1.0 all runs: basic kernel testing failed: timed out # git bisect skip 11152496021ea872dac150e0fdad610f6e63773d Bisecting: 1050 revisions left to test after this (roughly 10 steps) [daa3f8bbe157b90d1fc5a25ebe66f92b70f68600] dt-bindings: timer: add Tegra210 timer testing commit daa3f8bbe157b90d1fc5a25ebe66f92b70f68600 with gcc (GCC) 8.1.0 run #0: basic kernel testing failed: timed out run #1: basic kernel testing failed: timed out run #2: basic kernel testing failed: timed out run #3: basic kernel testing failed: timed out run #4: basic kernel testing failed: timed out run #5: basic kernel testing failed: timed out run #6: basic kernel testing failed: timed out run #7: OK run #8: OK run #9: OK # git bisect skip daa3f8bbe157b90d1fc5a25ebe66f92b70f68600 Bisecting: 1050 revisions left to test after this (roughly 10 steps) [e6bddf6c67f9a3abf6f1ef75e52bc1cd228dfe4d] drm/amd/display: add pipe lock during stream update testing commit e6bddf6c67f9a3abf6f1ef75e52bc1cd228dfe4d with gcc (GCC) 8.1.0 all runs: OK # git bisect good e6bddf6c67f9a3abf6f1ef75e52bc1cd228dfe4d Bisecting: 943 revisions left to test after this (roughly 10 steps) [c5acb6fbe734df6603e1ffc73c26bb3df8713ff2] Merge remote-tracking branch 'devicetree/for-next' testing commit c5acb6fbe734df6603e1ffc73c26bb3df8713ff2 with gcc (GCC) 8.1.0 all runs: OK # git bisect good c5acb6fbe734df6603e1ffc73c26bb3df8713ff2 Bisecting: 443 revisions left to test after this (roughly 9 steps) [65d34eed9ccbe4f50b5946fa1af5b1f05d5f9e69] Merge remote-tracking branch 'staging/staging-next' testing commit 65d34eed9ccbe4f50b5946fa1af5b1f05d5f9e69 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 65d34eed9ccbe4f50b5946fa1af5b1f05d5f9e69 Bisecting: 223 revisions left to test after this (roughly 8 steps) [73ef9c17860e70637064cf1ddbdf6745f13190e5] Merge remote-tracking branch 'pwm/for-next' testing commit 73ef9c17860e70637064cf1ddbdf6745f13190e5 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 73ef9c17860e70637064cf1ddbdf6745f13190e5 Bisecting: 106 revisions left to test after this (roughly 7 steps) [81fb73c0087a341073b0aea9ddea547403585ef7] Merge remote-tracking branch 'nvdimm/libnvdimm-for-next' testing commit 81fb73c0087a341073b0aea9ddea547403585ef7 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 81fb73c0087a341073b0aea9ddea547403585ef7 Bisecting: 49 revisions left to test after this (roughly 6 steps) [2ed3a066995eb988c511dbac853da7d191d29b50] Merge remote-tracking branch 'devfreq/for-next' testing commit 2ed3a066995eb988c511dbac853da7d191d29b50 with gcc (GCC) 8.1.0 all runs: basic kernel testing failed: timed out # git bisect skip 2ed3a066995eb988c511dbac853da7d191d29b50 Bisecting: 49 revisions left to test after this (roughly 6 steps) [a538aabd7240ec015f21237790e2851358de5f80] NTB: perf: Fix support for hardware that doesn't have port numbers testing commit a538aabd7240ec015f21237790e2851358de5f80 with gcc (GCC) 8.1.0 all runs: OK # git bisect good a538aabd7240ec015f21237790e2851358de5f80 Bisecting: 49 revisions left to test after this (roughly 6 steps) [fe71dd3997e95d3fcad0f06657eece0e6bbf7afb] kernel/pid.c: convert struct pid:count to refcount_t testing commit fe71dd3997e95d3fcad0f06657eece0e6bbf7afb with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in load_elf_binary # git bisect bad fe71dd3997e95d3fcad0f06657eece0e6bbf7afb Bisecting: 10 revisions left to test after this (roughly 4 steps) [9e0e54675f8b333a6f9134f10c773e9c957d532d] fs/binfmt_elf.c: remove unneeded initialization of mm->start_stack testing commit 9e0e54675f8b333a6f9134f10c773e9c957d532d with gcc (GCC) 8.1.0 all runs: OK # git bisect good 9e0e54675f8b333a6f9134f10c773e9c957d532d Bisecting: 5 revisions left to test after this (roughly 3 steps) [6874f98d9a1e23af4167eb4040754643643cb457] autofs: update autofs.txt for strictexpire mount option testing commit 6874f98d9a1e23af4167eb4040754643643cb457 with gcc (GCC) 8.1.0 run #0: crashed: general protection fault in load_elf_binary run #1: basic kernel testing failed: timed out run #2: basic kernel testing failed: timed out run #3: basic kernel testing failed: timed out run #4: basic kernel testing failed: timed out run #5: basic kernel testing failed: timed out run #6: basic kernel testing failed: timed out run #7: basic kernel testing failed: timed out run #8: basic kernel testing failed: timed out run #9: crashed: general protection fault in load_elf_binary # git bisect bad 6874f98d9a1e23af4167eb4040754643643cb457 Bisecting: 2 revisions left to test after this (roughly 1 step) [44e63c4a026325d2e085e46502121ea533a6e315] fs/binfmt_elf.c: free PT_INTERP filename ASAP testing commit 44e63c4a026325d2e085e46502121ea533a6e315 with gcc (GCC) 8.1.0 run #0: crashed: general protection fault in load_elf_binary run #1: basic kernel testing failed: timed out run #2: basic kernel testing failed: timed out run #3: basic kernel testing failed: timed out run #4: basic kernel testing failed: timed out run #5: basic kernel testing failed: timed out run #6: basic kernel testing failed: timed out run #7: basic kernel testing failed: timed out run #8: basic kernel testing failed: timed out run #9: basic kernel testing failed: timed out # git bisect bad 44e63c4a026325d2e085e46502121ea533a6e315 Bisecting: 0 revisions left to test after this (roughly 0 steps) [b6d20697ae591cd76d4db22828bbee733ee3eddc] fs/binfmt_elf.c: make scope of "pos" variable smaller testing commit b6d20697ae591cd76d4db22828bbee733ee3eddc with gcc (GCC) 8.1.0 all runs: OK # git bisect good b6d20697ae591cd76d4db22828bbee733ee3eddc 44e63c4a026325d2e085e46502121ea533a6e315 is the first bad commit commit 44e63c4a026325d2e085e46502121ea533a6e315 Author: Alexey Dobriyan Date: Fri Mar 29 10:02:05 2019 +1100 fs/binfmt_elf.c: free PT_INTERP filename ASAP There is no reason for PT_INTERP filename to linger till the end of the whole loading process. Link: http://lkml.kernel.org/r/20190314204953.GD18143@avx2 Signed-off-by: Alexey Dobriyan Reviewed-by: Andrew Morton Signed-off-by: Andrew Morton Signed-off-by: Stephen Rothwell :040000 040000 511b4e87903a8a26e4c15c991df126d9ad554693 b9e27b1abccb2651b8539d9a457e1ebd9617e316 M fs revisions tested: 23, total time: 6h8m11.509724222s (build: 2h33m5.227608165s, test: 3h23m19.035021078s) first bad commit: 44e63c4a026325d2e085e46502121ea533a6e315 fs/binfmt_elf.c: free PT_INTERP filename ASAP cc: ["adobriyan@gmail.com" "akpm@linux-foundation.org" "linux-fsdevel@vger.kernel.org" "linux-kernel@vger.kernel.org" "sfr@canb.auug.org.au" "viro@zeniv.linux.org.uk"] crash: general protection fault in load_elf_binary kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 7042 Comm: syz-executor.2 Not tainted 5.1.0-rc2+ #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:allow_write_access include/linux/fs.h:2871 [inline] RIP: 0010:load_elf_binary+0xfc7/0x5420 fs/binfmt_elf.c:1179 Code: 00 00 48 8b bd a0 fe ff ff e8 95 2d e0 ff 48 8b 85 f8 fe ff ff 48 8d 78 20 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 98 3f 00 00 4c 8b b5 f8 fe ff ff be 04 00 00 00 RSP: 0018:ffff88808cdffbe0 EFLAGS: 00010207 RAX: dffffc0000000000 RBX: ffff88808f825a40 RCX: ffff8880909528c0 RDX: 0000000000000003 RSI: ffffffff8819f3c0 RDI: 000000000000001e RBP: ffff88808cdffd78 R08: ffffed1015d65bc8 R09: ffffed1015d65bc7 R10: ffffed1015d65bc7 R11: ffff8880aeb2de3b R12: ffff8880a8164340 R13: 00000000fffffffe R14: fffffffffffffffe R15: ffff888090ec1780 FS: 00007ff4fd1c6700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000004dda08 CR3: 000000008fd2c000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: search_binary_handler+0x130/0x640 fs/exec.c:1656 exec_binprm fs/exec.c:1698 [inline] __do_execve_file.isra.33+0x1306/0x20e0 fs/exec.c:1818 do_execveat_common fs/exec.c:1865 [inline] do_execve fs/exec.c:1882 [inline] __do_sys_execve fs/exec.c:1958 [inline] __se_sys_execve fs/exec.c:1953 [inline] __x64_sys_execve+0x8a/0xb0 fs/exec.c:1953 do_syscall_64+0xd6/0x4e0 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x458209 Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ff4fd1c5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000003b RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458209 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180 RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff4fd1c66d4 R13: 00000000004be764 R14: 00000000004cf458 R15: 00000000ffffffff Modules linked in: ---[ end trace 1319941b5f5e827d ]--- RIP: 0010:allow_write_access include/linux/fs.h:2871 [inline] RIP: 0010:load_elf_binary+0xfc7/0x5420 fs/binfmt_elf.c:1179 Code: 00 00 48 8b bd a0 fe ff ff e8 95 2d e0 ff 48 8b 85 f8 fe ff ff 48 8d 78 20 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 98 3f 00 00 4c 8b b5 f8 fe ff ff be 04 00 00 00 RSP: 0018:ffff88808cdffbe0 EFLAGS: 00010207 RAX: dffffc0000000000 RBX: ffff88808f825a40 RCX: ffff8880909528c0 RDX: 0000000000000003 RSI: ffffffff8819f3c0 RDI: 000000000000001e RBP: ffff88808cdffd78 R08: ffffed1015d65bc8 R09: ffffed1015d65bc7 R10: ffffed1015d65bc7 R11: ffff8880aeb2de3b R12: ffff8880a8164340 R13: 00000000fffffffe R14: fffffffffffffffe R15: ffff888090ec1780 FS: 00007ff4fd1c6700(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000070d1c8 CR3: 000000008fd2c000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400