bisecting fixing commit since f6d5cb9e2c06f7d583dd9f4f7cca21d13d78c32a building syzkaller on d5a3ae1f760e7cb2cd5a721d9645ae22eae114fe testing commit f6d5cb9e2c06f7d583dd9f4f7cca21d13d78c32a with gcc (GCC) 8.1.0 kernel signature: 7071266c1d539e0ab53d47df896ae1f167f7b62f97ef6e2d00090e3142b9a1cf run #0: crashed: KASAN: use-after-free Read in dget_parent run #1: crashed: KASAN: use-after-free Write in ex_handler_refcount run #2: crashed: KASAN: use-after-free Write in ex_handler_refcount run #3: crashed: KASAN: use-after-free Write in ex_handler_refcount run #4: crashed: KASAN: use-after-free Read in __fsnotify_parent run #5: crashed: KASAN: use-after-free Write in ex_handler_refcount run #6: crashed: KASAN: use-after-free Write in ex_handler_refcount run #7: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #8: crashed: KASAN: use-after-free Write in ex_handler_refcount run #9: crashed: KASAN: use-after-free Read in eventfd_release testing current HEAD 10ad6cfd57360760116cde00a8ef756e121367a9 testing commit 10ad6cfd57360760116cde00a8ef756e121367a9 with gcc (GCC) 8.1.0 kernel signature: 2026f38831378527bf7d9c734bae63699a0d36917bdce4fb1ce9bd44f5a102ce all runs: OK # git bisect start 10ad6cfd57360760116cde00a8ef756e121367a9 f6d5cb9e2c06f7d583dd9f4f7cca21d13d78c32a Bisecting: 194 revisions left to test after this (roughly 8 steps) [c0a7b7fe0e0f7baa7c1779e401d293d176307c51] ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO testing commit c0a7b7fe0e0f7baa7c1779e401d293d176307c51 with gcc (GCC) 8.1.0 kernel signature: ade5f9d2a77fadf8f6cd7834a9d65314d96c7d61f707e708de4d7448601fc923 all runs: OK # git bisect bad c0a7b7fe0e0f7baa7c1779e401d293d176307c51 Bisecting: 96 revisions left to test after this (roughly 7 steps) [567e1a915e8f0897972d190fd7a7ef8e9a35954c] usb: host: xhci: fix ep context print mismatch in debugfs testing commit 567e1a915e8f0897972d190fd7a7ef8e9a35954c with gcc (GCC) 8.1.0 kernel signature: 36b640fb33a05fbc23aa8b6c43636517c8ecb59caa5f226a6832f2974d89042c run #0: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #1: crashed: WARNING: ODEBUG bug in get_signal run #2: crashed: WARNING: ODEBUG bug in get_signal run #3: crashed: KASAN: use-after-free Write in ex_handler_refcount run #4: crashed: KASAN: use-after-free Read in eventfd_release run #5: crashed: KASAN: use-after-free Write in ex_handler_refcount run #6: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #7: crashed: KASAN: use-after-free Read in __fsnotify_parent run #8: crashed: WARNING: ODEBUG bug in get_signal run #9: crashed: WARNING: ODEBUG bug in get_signal # git bisect good 567e1a915e8f0897972d190fd7a7ef8e9a35954c Bisecting: 48 revisions left to test after this (roughly 6 steps) [04b3604008265fb84f8fc7d7646ee652b4546834] MIPS: mm: BMIPS5000 has inclusive physical caches testing commit 04b3604008265fb84f8fc7d7646ee652b4546834 with gcc (GCC) 8.1.0 kernel signature: 73ffe0186525c3083afb333073bbe78a4ae4139ffe2d2abc1669218362d75502 run #0: crashed: KASAN: use-after-free Write in ex_handler_refcount run #1: crashed: KASAN: use-after-free Write in ex_handler_refcount run #2: crashed: KASAN: use-after-free Write in ex_handler_refcount run #3: crashed: KASAN: use-after-free Write in ex_handler_refcount run #4: crashed: KASAN: use-after-free Write in ex_handler_refcount run #5: crashed: KASAN: use-after-free Write in ex_handler_refcount run #6: crashed: KASAN: use-after-free Write in ex_handler_refcount run #7: crashed: KASAN: use-after-free Write in ex_handler_refcount run #8: crashed: KASAN: use-after-free Read in eventfd_release run #9: crashed: KASAN: use-after-free Read in eventfd_release # git bisect good 04b3604008265fb84f8fc7d7646ee652b4546834 Bisecting: 24 revisions left to test after this (roughly 5 steps) [ab2413892e2d26015eae2f279f30935846ca24aa] xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files testing commit ab2413892e2d26015eae2f279f30935846ca24aa with gcc (GCC) 8.1.0 kernel signature: 396f6e112e23fa4d2745bc7654de0d58e06ff772de051794bdda106d222463f5 all runs: OK # git bisect bad ab2413892e2d26015eae2f279f30935846ca24aa Bisecting: 11 revisions left to test after this (roughly 4 steps) [8674defc50ba2026203a99d2ce11d01ebffb03bc] bnxt_en: Check for zero dir entries in NVRAM. testing commit 8674defc50ba2026203a99d2ce11d01ebffb03bc with gcc (GCC) 8.1.0 kernel signature: a4a95ea65436a547f0596fd8b550f5b0f42d59bf72ada102b5f06b1ee38d3f17 run #0: crashed: KASAN: use-after-free Read in eventfd_release run #1: crashed: WARNING: ODEBUG bug in get_signal run #2: crashed: KASAN: use-after-free Write in ex_handler_refcount run #3: crashed: KASAN: use-after-free Write in ex_handler_refcount run #4: crashed: WARNING: ODEBUG bug in get_signal run #5: crashed: KASAN: use-after-free Write in ex_handler_refcount run #6: crashed: KASAN: use-after-free Write in ex_handler_refcount run #7: crashed: KASAN: use-after-free Write in ex_handler_refcount run #8: crashed: KASAN: use-after-free Write in ex_handler_refcount run #9: crashed: KASAN: use-after-free Read in eventfd_release # git bisect good 8674defc50ba2026203a99d2ce11d01ebffb03bc Bisecting: 5 revisions left to test after this (roughly 3 steps) [9ad2f018636c6741c41867f14d49d9441b50930d] netfilter: nfnetlink: nfnetlink_unicast() reports EAGAIN instead of ENOBUFS testing commit 9ad2f018636c6741c41867f14d49d9441b50930d with gcc (GCC) 8.1.0 kernel signature: da973dc8594674e48509e44df55f664346d61ea7268f0e2dacfd483b55c71748 run #0: crashed: KASAN: use-after-free Write in ex_handler_refcount run #1: crashed: KASAN: use-after-free Write in ex_handler_refcount run #2: crashed: KASAN: use-after-free Write in ex_handler_refcount run #3: crashed: WARNING: ODEBUG bug in get_signal run #4: crashed: KASAN: use-after-free Write in ex_handler_refcount run #5: crashed: KASAN: use-after-free Write in ex_handler_refcount run #6: crashed: KASAN: use-after-free Write in ex_handler_refcount run #7: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #8: crashed: WARNING: ODEBUG bug in exit_to_usermode_loop run #9: crashed: WARNING: ODEBUG bug in get_signal # git bisect good 9ad2f018636c6741c41867f14d49d9441b50930d Bisecting: 2 revisions left to test after this (roughly 2 steps) [f00d82c3fb4368afb41cba89b287801a7888627c] net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() testing commit f00d82c3fb4368afb41cba89b287801a7888627c with gcc (GCC) 8.1.0 kernel signature: e081e2291422fe69fd9644b3fa1c16b8c6ddf41cf45133b434bc78595f739851 run #0: crashed: WARNING: ODEBUG bug in get_signal run #1: crashed: KASAN: use-after-free Write in ex_handler_refcount run #2: crashed: KASAN: use-after-free Write in ex_handler_refcount run #3: crashed: WARNING: ODEBUG bug in get_signal run #4: crashed: KASAN: use-after-free Write in ex_handler_refcount run #5: crashed: KASAN: use-after-free Read in eventfd_release run #6: crashed: KASAN: use-after-free Write in ex_handler_refcount run #7: crashed: KASAN: use-after-free Read in eventfd_release run #8: crashed: KASAN: use-after-free Write in ex_handler_refcount run #9: crashed: KASAN: use-after-free Read in eventfd_release # git bisect good f00d82c3fb4368afb41cba89b287801a7888627c Bisecting: 0 revisions left to test after this (roughly 1 step) [2a7241fe4d340bce8c13854976f0eabf2a72d4eb] net: gemini: Fix another missing clk_disable_unprepare() in probe testing commit 2a7241fe4d340bce8c13854976f0eabf2a72d4eb with gcc (GCC) 8.1.0 kernel signature: 8338cc4d735a7353418138c14cf31dc6db13d6c5d8359f294b20c38165e346b5 all runs: OK # git bisect bad 2a7241fe4d340bce8c13854976f0eabf2a72d4eb Bisecting: 0 revisions left to test after this (roughly 0 steps) [37d933e8b41b83bb8278815e366aec5a542b7e31] fix regression in "epoll: Keep a reference on files added to the check list" testing commit 37d933e8b41b83bb8278815e366aec5a542b7e31 with gcc (GCC) 8.1.0 kernel signature: 6cca1239e0ca928fb5946eb93acd703de8165129cb7d5b934a142507d0dca57f all runs: OK # git bisect bad 37d933e8b41b83bb8278815e366aec5a542b7e31 37d933e8b41b83bb8278815e366aec5a542b7e31 is the first bad commit commit 37d933e8b41b83bb8278815e366aec5a542b7e31 Author: Al Viro Date: Wed Sep 2 11:30:48 2020 -0400 fix regression in "epoll: Keep a reference on files added to the check list" [ Upstream commit 77f4689de17c0887775bb77896f4cc11a39bf848 ] epoll_loop_check_proc() can run into a file already committed to destruction; we can't grab a reference on those and don't need to add them to the set for reverse path check anyway. Tested-by: Marc Zyngier Fixes: a9ed4a6560b8 ("epoll: Keep a reference on files added to the check list") Signed-off-by: Al Viro Signed-off-by: Sasha Levin fs/eventpoll.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) culprit signature: 6cca1239e0ca928fb5946eb93acd703de8165129cb7d5b934a142507d0dca57f parent signature: e081e2291422fe69fd9644b3fa1c16b8c6ddf41cf45133b434bc78595f739851 revisions tested: 11, total time: 2h50m14.97257874s (build: 1h41m13.887449772s, test: 1h7m48.073399087s) first good commit: 37d933e8b41b83bb8278815e366aec5a542b7e31 fix regression in "epoll: Keep a reference on files added to the check list" recipients (to): ["maz@kernel.org" "sashal@kernel.org" "viro@zeniv.linux.org.uk"] recipients (cc): []