ci2 starts bisection 2024-03-01 10:21:02.495683931 +0000 UTC m=+123863.389602799
bisecting fixing commit since d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb
building syzkaller on fb427a0782000106c62de76d251e5a02de5406a9
ensuring issue is reproducible on original commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb

testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 549531106d571d187c1f8f0a5d20bab800ab9c1ba8513fd1eaa9a1f640ca85f0
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
check whether we can drop unnecessary instrumentation
disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed
testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 57341300fe6bfb63f95962a9696308dcf1a77d9c0d0ddb19b4b5393ade81f67d
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
the bug reproduces without the instrumentation
disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed
kconfig minimization: base=3703 full=7267 leaves diff=1983
split chunks (needed=false): <1983>
split chunk #0 of len 1983 into 5 parts
testing without sub-chunk 1/5
disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN KASAN], they are not needed
testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 71c459b8301971816eb509d73a0179e3f5f78da3209ec6ac0035981d00cf56ea
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
the chunk can be dropped
testing without sub-chunk 2/5
disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN KASAN LOCKDEP], they are not needed
testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: f937a9c3eafc889856c281d0dce2332a2529903c3c2d9e88311ca14df6e8370b
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
the chunk can be dropped
testing without sub-chunk 3/5
disabling configs for [HANG LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed
testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 8a9cd80f7d63da6607c986b5047968b7f9f711b93cf21265c26835bfac04d65b
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
the chunk can be dropped
testing without sub-chunk 4/5
disabling configs for [HANG LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed
testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 1df2d4316bf9712f5bc15413d770946102973abaeb765957125022e1f2b5130f
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
the chunk can be dropped
testing without sub-chunk 5/5
disabling configs for [LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed
testing commit d93fa2c78854d25ed4b67ac87f1c3c264d8b27fb gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: a058c6528219034883261b9b3ddf5a8e2e425bdfee21bf59b70c743e1436258c
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
the chunk can be dropped
disabling configs for [HANG LEAK UBSAN KASAN LOCKDEP ATOMIC_SLEEP], they are not needed
testing current HEAD 458ce51d0356ee60c93f9f807d9827cf2a41643d
testing commit 458ce51d0356ee60c93f9f807d9827cf2a41643d gcc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 6888b7d60095b7dd07b06597527667f6c373f69490bce2f4ca63891f7f3438b7
all runs: crashed: WARNING in free_event
representative crash: WARNING in free_event, types: [WARNING]
crash still not fixed/happens on the oldest tested release
revisions tested: 8, total time: 42m49.291418229s (build: 18m47.454637103s, test: 22m20.428635494s)
crash still not fixed or there were kernel test errors
commit msg: Linux 5.15.149
crash: WARNING in free_event
------------[ cut here ]------------
unexpected event refcount: 2; ptr=ffff88810b5d1a68
WARNING: CPU: 1 PID: 1527 at kernel/events/core.c:5165 free_event+0x31/0x40 kernel/events/core.c:5165
Modules linked in:
CPU: 1 PID: 1527 Comm: syz-executor.0 Not tainted 5.15.149-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
RIP: 0010:free_event+0x31/0x40 kernel/events/core.c:5165
Code: f0 48 0f b1 97 28 02 00 00 48 83 f8 01 75 05 e9 05 fd ff ff 48 8b b7 28 02 00 00 48 89 fa 48 c7 c7 50 01 31 82 e8 aa a9 83 00 <0f> 0b c3 66 66 2e 0f 1f 84 00 00 00 00 00 90 41 56 41 55 49 c7 c5
RSP: 0018:ffffc9000165fcb8 EFLAGS: 00010286
RAX: 0000000000000000 RBX: dead000000000122 RCX: 00000000ffffdfff
RDX: 00000000ffffffea RSI: 00000000ffffdfff RDI: 0000000000000001
RBP: ffff88810b5d1a68 R08: ffffffff827745e8 R09: 0000000000000003
R10: 00000000ffffe000 R11: 3fffffffffffffff R12: ffff88810b5d0fd8
R13: ffff8881009eed54 R14: ffffc9000165fa00 R15: dead000000000100
FS:  0000000000000000(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fff80ce8ec8 CR3: 0000000002621000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 perf_event_release_kernel+0x25f/0x2f0 kernel/events/core.c:5332
 perf_release+0xc/0x10 kernel/events/core.c:5353
 __fput+0x83/0x250 fs/file_table.c:280
 task_work_run+0x54/0x80 kernel/task_work.c:164
 exit_task_work include/linux/task_work.h:32 [inline]
 do_exit+0x38d/0xae0 kernel/exit.c:872
 do_group_exit+0x34/0xb0 kernel/exit.c:994
 get_signal+0xca/0xac0 kernel/signal.c:2889
 arch_do_signal_or_restart+0xf8/0x710 arch/x86/kernel/signal.c:867
 handle_signal_work kernel/entry/common.c:148 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:172 [inline]
 exit_to_user_mode_prepare+0x116/0x190 kernel/entry/common.c:208
 __syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
 syscall_exit_to_user_mode+0x12/0x30 kernel/entry/common.c:301
 ret_from_fork+0x15/0x30 arch/x86/entry/entry_64.S:291
RIP: 0033:0x7fdfb34dbce9
Code: Unable to access opcode bytes at RIP 0x7fdfb34dbcbf.
RSP: 002b:00007fdfb305e078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
RAX: 0000000000000000 RBX: 00007fdfb35faf80 RCX: 00007fdfb34dbce9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000200
RBP: 00007fdfb352847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 0000000000000006 R14: 00007fdfb35faf80 R15: 00007fff80cea458
 </TASK>