bisecting cause commit starting from 9e0babf2c06c73cda2c0cd37a1653d823adb40ec building syzkaller on 442206d76b974cca2d83ec763d4cf5ee829eb7d6 testing commit 9e0babf2c06c73cda2c0cd37a1653d823adb40ec with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in do_move_mount testing release v5.1 testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0 all runs: OK # git bisect start 9e0babf2c06c73cda2c0cd37a1653d823adb40ec v5.1 Bisecting: 7757 revisions left to test after this (roughly 13 steps) [f4d9a23d3dad0252f375901bf4ff6523a2c97241] sparc64: simplify reduce_memory() function testing commit f4d9a23d3dad0252f375901bf4ff6523a2c97241 with gcc (GCC) 8.1.0 all runs: OK # git bisect good f4d9a23d3dad0252f375901bf4ff6523a2c97241 Bisecting: 3871 revisions left to test after this (roughly 12 steps) [318222a35bfb0ae9b5ff3e359a583463e6cfcd94] Merge branch 'akpm' (patches from Andrew) testing commit 318222a35bfb0ae9b5ff3e359a583463e6cfcd94 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 318222a35bfb0ae9b5ff3e359a583463e6cfcd94 Bisecting: 1993 revisions left to test after this (roughly 11 steps) [4489da7183099f569a7d3dd819c975073c04bc72] Merge tag 'nds32-for-linus-5.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/greentime/linux testing commit 4489da7183099f569a7d3dd819c975073c04bc72 with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in do_move_mount # git bisect bad 4489da7183099f569a7d3dd819c975073c04bc72 Bisecting: 1041 revisions left to test after this (roughly 10 steps) [22c58fd70ca48a29505922b1563826593b08cc00] Merge tag 'armsoc-soc' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc testing commit 22c58fd70ca48a29505922b1563826593b08cc00 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 22c58fd70ca48a29505922b1563826593b08cc00 Bisecting: 520 revisions left to test after this (roughly 9 steps) [fbadd4d12234fe8468843c3e24d83019cdbbea77] Merge tag 'qcom-dts-for-5.2' of git://git.kernel.org/pub/scm/linux/kernel/git/agross/linux into arm/dt testing commit fbadd4d12234fe8468843c3e24d83019cdbbea77 with gcc (GCC) 8.1.0 all runs: OK # git bisect good fbadd4d12234fe8468843c3e24d83019cdbbea77 Bisecting: 256 revisions left to test after this (roughly 8 steps) [d396360acdf7e57edcd9e2d080343b0353d65d63] Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit d396360acdf7e57edcd9e2d080343b0353d65d63 with gcc (GCC) 8.1.0 all runs: OK # git bisect good d396360acdf7e57edcd9e2d080343b0353d65d63 Bisecting: 122 revisions left to test after this (roughly 7 steps) [227747fb9eab37aaeb360aeba795362c01889427] Merge tag 'afs-fixes-20190516' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs testing commit 227747fb9eab37aaeb360aeba795362c01889427 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 227747fb9eab37aaeb360aeba795362c01889427 Bisecting: 77 revisions left to test after this (roughly 6 steps) [815d469d8c9a3360ee0a8b7857dd95352a6c7bde] Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux testing commit 815d469d8c9a3360ee0a8b7857dd95352a6c7bde with gcc (GCC) 8.1.0 all runs: OK # git bisect good 815d469d8c9a3360ee0a8b7857dd95352a6c7bde Bisecting: 38 revisions left to test after this (roughly 5 steps) [32fd90c407680935f84fb3ffc60fb3e020257d38] nvme: change locking for the per-subsystem controller list testing commit 32fd90c407680935f84fb3ffc60fb3e020257d38 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 32fd90c407680935f84fb3ffc60fb3e020257d38 Bisecting: 23 revisions left to test after this (roughly 4 steps) [bf8a9a4755737f6630756f0d87bea9b38f0ed369] Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs testing commit bf8a9a4755737f6630756f0d87bea9b38f0ed369 with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in do_move_mount # git bisect bad bf8a9a4755737f6630756f0d87bea9b38f0ed369 Bisecting: 8 revisions left to test after this (roughly 3 steps) [fdb288a679cdf6a71f3c1ae6f348ba4dae742681] io_uring: use wait_event_interruptible for cq_wait conditional wait testing commit fdb288a679cdf6a71f3c1ae6f348ba4dae742681 with gcc (GCC) 8.1.0 all runs: OK # git bisect good fdb288a679cdf6a71f3c1ae6f348ba4dae742681 Bisecting: 4 revisions left to test after this (roughly 2 steps) [1718de78e6235c04ecb7f87a6875fdf90aafe382] Merge tag 'for-5.2/block-post-20190516' of git://git.kernel.dk/linux-block testing commit 1718de78e6235c04ecb7f87a6875fdf90aafe382 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 1718de78e6235c04ecb7f87a6875fdf90aafe382 Bisecting: 2 revisions left to test after this (roughly 1 step) [9c8ad7a2ff0bfe58f019ec0abc1fb965114dde7d] uapi, x86: Fix the syscall numbering of the mount API syscalls [ver #2] testing commit 9c8ad7a2ff0bfe58f019ec0abc1fb965114dde7d with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in do_move_mount # git bisect bad 9c8ad7a2ff0bfe58f019ec0abc1fb965114dde7d Bisecting: 0 revisions left to test after this (roughly 0 steps) [1cdc415f10831c18912943017d06b2be948c67b4] uapi, fsopen: use square brackets around "fscontext" [ver #2] testing commit 1cdc415f10831c18912943017d06b2be948c67b4 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 1cdc415f10831c18912943017d06b2be948c67b4 9c8ad7a2ff0bfe58f019ec0abc1fb965114dde7d is the first bad commit commit 9c8ad7a2ff0bfe58f019ec0abc1fb965114dde7d Author: David Howells Date: Thu May 16 12:52:27 2019 +0100 uapi, x86: Fix the syscall numbering of the mount API syscalls [ver #2] Fix the syscall numbering of the mount API syscalls so that the numbers match between i386 and x86_64 and that they're in the common numbering scheme space. Fixes: a07b20004793 ("vfs: syscall: Add open_tree(2) to reference or clone a mount") Fixes: 2db154b3ea8e ("vfs: syscall: Add move_mount(2) to move mounts around") Fixes: 24dcb3d90a1f ("vfs: syscall: Add fsopen() to prepare for superblock creation") Fixes: ecdab150fddb ("vfs: syscall: Add fsconfig() for configuring and managing a context") Fixes: 93766fbd2696 ("vfs: syscall: Add fsmount() to create a mount for a superblock") Fixes: cf3cba4a429b ("vfs: syscall: Add fspick() to select a superblock for reconfiguration") Reported-by: Arnd Bergmann Signed-off-by: David Howells Reviewed-by: Arnd Bergmann Signed-off-by: Al Viro :040000 040000 31ed689f1b143c8216f3f9356682cc73b47da320 0d339e04fa9a857fb19df4c06195073f8eb67173 M arch revisions tested: 16, total time: 4h16m16.917629375s (build: 1h28m33.405183271s, test: 2h43m4.22628023s) first bad commit: 9c8ad7a2ff0bfe58f019ec0abc1fb965114dde7d uapi, x86: Fix the syscall numbering of the mount API syscalls [ver #2] cc: ["arnd@arndb.de" "axboe@kernel.dk" "bp@alien8.de" "catalin.marinas@arm.com" "christian@brauner.io" "dhowells@redhat.com" "geert@linux-m68k.org" "hare@suse.com" "heiko.carstens@de.ibm.com" "hpa@zytor.com" "linux-kernel@vger.kernel.org" "luto@kernel.org" "mingo@redhat.com" "tglx@linutronix.de" "viro@zeniv.linux.org.uk" "x86@kernel.org"] crash: general protection fault in do_move_mount kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 7444 Comm: syz-executor.0 Not tainted 5.1.0+ #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:do_move_mount.isra.59+0x7e5/0x14f0 fs/namespace.c:2602 Code: 48 83 bd 68 ff ff ff 00 0f 84 63 f9 ff ff 48 8b b5 68 ff ff ff 48 ba 00 00 00 00 00 fc ff df 48 8d 7e 48 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 28 09 00 00 48 8b b5 68 ff ff ff 48 83 7e 48 00 RSP: 0018:ffff888085f8fd60 EFLAGS: 00010206 RAX: ffff8880a0fc1420 RBX: 1ffff11010bf1fb3 RCX: 0000000000000006 RDX: dffffc0000000000 RSI: ffffffffffffffea RDI: 0000000000000032 RBP: ffff888085f8fe20 R08: 1ffff110153036be R09: ffffed1015d66bdf R10: ffff8880a470e680 R11: ffff8880a9ff5a00 R12: ffff888085f8fea8 R13: dffffc0000000000 R14: ffff8880a9ff5a20 R15: ffff888085f8fe70 FS: 00007f432ba90700(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000100 CR3: 0000000085d0e000 CR4: 00000000001406f0 Call Trace: __do_sys_move_mount fs/namespace.c:3524 [inline] __se_sys_move_mount fs/namespace.c:3483 [inline] __x64_sys_move_mount+0x277/0x340 fs/namespace.c:3483 do_syscall_64+0xd0/0x520 arch/x86/entry/common.c:298 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4592c9 Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f432ba8fc78 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004592c9 RDX: ffffffffffffff9c RSI: 0000000020000040 RDI: 0000000000000003 RBP: 000000000075c070 R08: 0000000000000066 R09: 0000000000000000 R10: 0000000020000100 R11: 0000000000000246 R12: 00007f432ba906d4 R13: 00000000004c5706 R14: 00000000004d9ba8 R15: 00000000ffffffff Modules linked in: ---[ end trace e5469a8172e1249d ]--- RIP: 0010:do_move_mount.isra.59+0x7e5/0x14f0 fs/namespace.c:2602 Code: 48 83 bd 68 ff ff ff 00 0f 84 63 f9 ff ff 48 8b b5 68 ff ff ff 48 ba 00 00 00 00 00 fc ff df 48 8d 7e 48 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 28 09 00 00 48 8b b5 68 ff ff ff 48 83 7e 48 00 RSP: 0018:ffff888085f8fd60 EFLAGS: 00010206 RAX: ffff8880a0fc1420 RBX: 1ffff11010bf1fb3 RCX: 0000000000000006 RDX: dffffc0000000000 RSI: ffffffffffffffea RDI: 0000000000000032 RBP: ffff888085f8fe20 R08: 1ffff110153036be R09: ffffed1015d66bdf R10: ffff8880a470e680 R11: ffff8880a9ff5a00 R12: ffff888085f8fea8 R13: dffffc0000000000 R14: ffff8880a9ff5a20 R15: ffff888085f8fe70 FS: 00007f432ba90700(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f1456c90000 CR3: 0000000085d0e000 CR4: 00000000001406f0