bisecting fixing commit since 84920cc7fbe10e838689e8e1437dfd18d6e54a2c building syzkaller on 6c70a1c220c1011a5b0d6e612dcb67d6dc36e80a testing commit 84920cc7fbe10e838689e8e1437dfd18d6e54a2c with gcc (GCC) 8.1.0 kernel signature: c5673bf6a9e2369211a7c80ac63af1ce570946a301473721eb35f24699b5b2bf all runs: crashed: kernel BUG at arch/x86/mm/physaddr.c:LINE! testing current HEAD 3fc898571b974f9a05e4e5c1fe17b18548207091 testing commit 3fc898571b974f9a05e4e5c1fe17b18548207091 with gcc (GCC) 8.1.0 kernel signature: 1f296de930ff76a807d0deb4eb7246b0e2c76b593c088c6e3aa2adea9f282e6e all runs: OK # git bisect start 3fc898571b974f9a05e4e5c1fe17b18548207091 84920cc7fbe10e838689e8e1437dfd18d6e54a2c Bisecting: 195 revisions left to test after this (roughly 8 steps) [4276e29974f39507c6b7cc926e6457210f1421b6] platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA testing commit 4276e29974f39507c6b7cc926e6457210f1421b6 with gcc (GCC) 8.1.0 kernel signature: 3f39d70c6d2abccd4db1a8e6f45f74726bbc7a22143dc7629fdb0b34b1e6c56d all runs: OK # git bisect bad 4276e29974f39507c6b7cc926e6457210f1421b6 Bisecting: 97 revisions left to test after this (roughly 7 steps) [2afbedce318458d6eed6f0cf6cf0857215f3c3af] hinic: fix a bug of ndo_stop testing commit 2afbedce318458d6eed6f0cf6cf0857215f3c3af with gcc (GCC) 8.1.0 kernel signature: 431c90a0d95dacab7c14ac590c1d024d3809f9dd4d75b7a9fbfeb90026220dd7 all runs: OK # git bisect bad 2afbedce318458d6eed6f0cf6cf0857215f3c3af Bisecting: 48 revisions left to test after this (roughly 6 steps) [79949e8b03885bea15ab45286d819cc862cc7bf3] bnxt_en: Improve AER slot reset. testing commit 79949e8b03885bea15ab45286d819cc862cc7bf3 with gcc (GCC) 8.1.0 kernel signature: c1137fe34ff9081b3acc662866ddc4aa8c041e56f341d1422ae4fe3e2017ce65 all runs: OK # git bisect bad 79949e8b03885bea15ab45286d819cc862cc7bf3 Bisecting: 24 revisions left to test after this (roughly 5 steps) [ccc4433062ce800ec03f573c156b893148fcf2c6] lib: devres: add a helper function for ioremap_uc testing commit ccc4433062ce800ec03f573c156b893148fcf2c6 with gcc (GCC) 8.1.0 kernel signature: fe02a196b99870240745960193f7f56bfdce7fdf7182be38cdc01c484304e25f all runs: crashed: kernel BUG at arch/x86/mm/physaddr.c:LINE! # git bisect good ccc4433062ce800ec03f573c156b893148fcf2c6 Bisecting: 12 revisions left to test after this (roughly 4 steps) [a3da2984a40b2628d43a0b380e9b24d6fb74a76e] vt: fix unicode console freeing with a common interface testing commit a3da2984a40b2628d43a0b380e9b24d6fb74a76e with gcc (GCC) 8.1.0 kernel signature: fc4bdc5acb522d7a7e6c208d4e7babcb9941eea2693476d6362d2b366dc39c0e all runs: OK # git bisect bad a3da2984a40b2628d43a0b380e9b24d6fb74a76e Bisecting: 5 revisions left to test after this (roughly 3 steps) [2f83c2cce5fb07752b8eb0bcbae704c42566bb44] mac80211: add ieee80211_is_any_nullfunc() testing commit 2f83c2cce5fb07752b8eb0bcbae704c42566bb44 with gcc (GCC) 8.1.0 kernel signature: 392ea237868869099fabc8f786044e6e3ec3a40380fa959ff7991932a6ce2429 all runs: crashed: kernel BUG at arch/x86/mm/physaddr.c:LINE! # git bisect good 2f83c2cce5fb07752b8eb0bcbae704c42566bb44 Bisecting: 2 revisions left to test after this (roughly 2 steps) [033c4ea49a4ba7a2b13aabf3ec755557924a9cda] Linux 4.19.122 testing commit 033c4ea49a4ba7a2b13aabf3ec755557924a9cda with gcc (GCC) 8.1.0 kernel signature: a5deb785eceaa3bc000672f27213988bbcf3f869bd0f6f70317d9893c94d02cc all runs: crashed: kernel BUG at arch/x86/mm/physaddr.c:LINE! # git bisect good 033c4ea49a4ba7a2b13aabf3ec755557924a9cda Bisecting: 0 revisions left to test after this (roughly 1 step) [84a50dc4710fe40c2190ed74dc4eaa0241ef8c7a] tracing/kprobes: Fix a double initialization typo testing commit 84a50dc4710fe40c2190ed74dc4eaa0241ef8c7a with gcc (GCC) 8.1.0 kernel signature: ad0fcf2dacb0fc40a5ded21bbf7a480b0bd807b876f8e8d0c3fc38b428cb55cc all runs: crashed: kernel BUG at arch/x86/mm/physaddr.c:LINE! # git bisect good 84a50dc4710fe40c2190ed74dc4eaa0241ef8c7a a3da2984a40b2628d43a0b380e9b24d6fb74a76e is the first bad commit commit a3da2984a40b2628d43a0b380e9b24d6fb74a76e Author: Nicolas Pitre Date: Sat May 2 11:01:07 2020 -0400 vt: fix unicode console freeing with a common interface [ Upstream commit 57d38f26d81e4275748b69372f31df545dcd9b71 ] By directly using kfree() in different places we risk missing one if it is switched to using vfree(), especially if the corresponding vmalloc() is hidden away within a common abstraction. Oh wait, that's exactly what happened here. So let's fix this by creating a common abstraction for the free case as well. Signed-off-by: Nicolas Pitre Reported-by: syzbot+0bfda3ade1ee9288a1be@syzkaller.appspotmail.com Fixes: 9a98e7a80f95 ("vt: don't use kmalloc() for the unicode screen buffer") Cc: Reviewed-by: Sam Ravnborg Link: https://lore.kernel.org/r/nycvar.YSQ.7.76.2005021043110.2671@knanqh.ubzr Signed-off-by: Greg Kroah-Hartman Signed-off-by: Sasha Levin drivers/tty/vt/vt.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) culprit signature: fc4bdc5acb522d7a7e6c208d4e7babcb9941eea2693476d6362d2b366dc39c0e parent signature: ad0fcf2dacb0fc40a5ded21bbf7a480b0bd807b876f8e8d0c3fc38b428cb55cc revisions tested: 10, total time: 2h36m36.42738974s (build: 1h29m25.640233862s, test: 1h5m35.538270726s) first good commit: a3da2984a40b2628d43a0b380e9b24d6fb74a76e vt: fix unicode console freeing with a common interface cc: ["gregkh@linuxfoundation.org" "nico@fluxnic.net" "sam@ravnborg.org" "sashal@kernel.org"]