bisecting cause commit starting from c6dd78fcb8eefa15dd861889e0f59d301cb5230c building syzkaller on 1656845f45f284c574eb4f8bfe85dd7916a47a3a testing commit c6dd78fcb8eefa15dd861889e0f59d301cb5230c with gcc (GCC) 8.1.0 all runs: crashed: memory leak in policydb_read testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 all runs: crashed: memory leak in policydb_read testing release v5.1 testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0 all runs: crashed: memory leak in policydb_read testing release v5.0 testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 with gcc (GCC) 8.1.0 all runs: crashed: memory leak in policydb_read testing release v4.20 testing commit 8fe28cb58bcb235034b64cbbb7550a8a43fd88be with gcc (GCC) 8.1.0 all runs: crashed: memory leak in policydb_read testing release v4.19 testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d with gcc (GCC) 8.1.0 all runs: crashed: memory leak in policydb_read testing release v4.18 testing commit 94710cac0ef4ee177a63b5227664b38c95bbf703 with gcc (GCC) 8.1.0 all runs: crashed: memory leak in corrupted testing release v4.17 testing commit 29dcea88779c856c7dc92040a0c01233263101d4 with gcc (GCC) 8.1.0 all runs: crashed: memory leak in corrupted testing release v4.16 testing commit 0adb32858b0bddf4ada5f364a84ed60b196dbcda with gcc (GCC) 8.1.0 all runs: crashed: memory leak in policydb_read testing release v4.15 testing commit d8a5b80568a9cb66810e75b182018e9edb68e8ff with gcc (GCC) 8.1.0 all runs: crashed: memory leak in policydb_read testing release v4.14 testing commit bebc6082da0a9f5d47a1ea2edc099bf671058bd4 with gcc (GCC) 8.1.0 all runs: OK # git bisect start v4.15 v4.14 Bisecting: 8497 revisions left to test after this (roughly 13 steps) [5d352e69c60e54b5f04d6e337a1d2bf0dbf3d94a] Merge tag 'media/v4.15-1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media testing commit 5d352e69c60e54b5f04d6e337a1d2bf0dbf3d94a with gcc (GCC) 8.1.0 all runs: OK # git bisect good 5d352e69c60e54b5f04d6e337a1d2bf0dbf3d94a Bisecting: 3900 revisions left to test after this (roughly 12 steps) [f6705bf959efac87bca76d40050d342f1d212587] Merge tag 'drm-for-v4.15-amd-dc' of git://people.freedesktop.org/~airlied/linux testing commit f6705bf959efac87bca76d40050d342f1d212587 with gcc (GCC) 8.1.0 all runs: OK # git bisect good f6705bf959efac87bca76d40050d342f1d212587 Bisecting: 1936 revisions left to test after this (roughly 11 steps) [4066aa72f9f2886105c6f747d7f9bd4f14f53c12] Merge tag 'drm-fixes-for-v4.15-rc3' of git://people.freedesktop.org/~airlied/linux testing commit 4066aa72f9f2886105c6f747d7f9bd4f14f53c12 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 4066aa72f9f2886105c6f747d7f9bd4f14f53c12 Bisecting: 983 revisions left to test after this (roughly 10 steps) [fd84b751ddb7dab7a8c22826e7bff85f3ff3f9a6] Merge tag 'drm-fixes-for-v4.15-rc6' of git://people.freedesktop.org/~airlied/linux testing commit fd84b751ddb7dab7a8c22826e7bff85f3ff3f9a6 with gcc (GCC) 8.1.0 all runs: OK # git bisect good fd84b751ddb7dab7a8c22826e7bff85f3ff3f9a6 Bisecting: 491 revisions left to test after this (roughly 9 steps) [0f908ccbeca99ddf0ad60afa710e72aded4a5ea7] tools/objtool/Makefile: don't assume sync-check.sh is executable testing commit 0f908ccbeca99ddf0ad60afa710e72aded4a5ea7 with gcc (GCC) 8.1.0 all runs: crashed: memory leak in policydb_read # git bisect bad 0f908ccbeca99ddf0ad60afa710e72aded4a5ea7 Bisecting: 250 revisions left to test after this (roughly 8 steps) [5866bec2f47fe0da5fd4c503adbd4ad65182eafe] Merge tag 'drm-fixes-for-v4.15-rc7' of git://people.freedesktop.org/~airlied/linux testing commit 5866bec2f47fe0da5fd4c503adbd4ad65182eafe with gcc (GCC) 8.1.0 all runs: OK # git bisect good 5866bec2f47fe0da5fd4c503adbd4ad65182eafe Bisecting: 142 revisions left to test after this (roughly 7 steps) [44596f86826df00ab3ab1086b25f3cdcc11156a1] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma testing commit 44596f86826df00ab3ab1086b25f3cdcc11156a1 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 44596f86826df00ab3ab1086b25f3cdcc11156a1 Bisecting: 71 revisions left to test after this (roughly 6 steps) [195e2addbce09e5afbc766efc1e6567c9ce840d3] SolutionEngine771x: fix Ether platform data testing commit 195e2addbce09e5afbc766efc1e6567c9ce840d3 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 195e2addbce09e5afbc766efc1e6567c9ce840d3 Bisecting: 39 revisions left to test after this (roughly 5 steps) [5f615b97cdea733c955e152774e1501107564fbd] Merge tag 'sound-4.15-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound testing commit 5f615b97cdea733c955e152774e1501107564fbd with gcc (GCC) 8.1.0 all runs: OK # git bisect good 5f615b97cdea733c955e152774e1501107564fbd Bisecting: 18 revisions left to test after this (roughly 4 steps) [6ade262b77f4285f7ba9216d5831093d7766304a] Merge tag 'wireless-drivers-for-davem-2018-01-09' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers testing commit 6ade262b77f4285f7ba9216d5831093d7766304a with gcc (GCC) 8.1.0 all runs: OK # git bisect good 6ade262b77f4285f7ba9216d5831093d7766304a Bisecting: 8 revisions left to test after this (roughly 3 steps) [cbd0a6a2cc4327681edc61f6f47f47e276ea81d6] Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs testing commit cbd0a6a2cc4327681edc61f6f47f47e276ea81d6 with gcc (GCC) 8.1.0 all runs: OK # git bisect good cbd0a6a2cc4327681edc61f6f47f47e276ea81d6 Bisecting: 3 revisions left to test after this (roughly 2 steps) [1545dec46db3858bbce84c2065b579e2925706ab] Merge tag 'ceph-for-4.15-rc8' of git://github.com/ceph/ceph-client testing commit 1545dec46db3858bbce84c2065b579e2925706ab with gcc (GCC) 8.1.0 all runs: OK # git bisect good 1545dec46db3858bbce84c2065b579e2925706ab Bisecting: 1 revision left to test after this (roughly 1 step) [d9570ee3bd1d4f20ce63485f5ef05663866fe6c0] kmemleak: allow to coexist with fault injection testing commit d9570ee3bd1d4f20ce63485f5ef05663866fe6c0 with gcc (GCC) 8.1.0 all runs: crashed: memory leak in policydb_read # git bisect bad d9570ee3bd1d4f20ce63485f5ef05663866fe6c0 Bisecting: 0 revisions left to test after this (roughly 0 steps) [bed6760cf2c40778a58f2e399c8947b3b3c55518] MAINTAINERS, nilfs2: change project home URLs testing commit bed6760cf2c40778a58f2e399c8947b3b3c55518 with gcc (GCC) 8.1.0 all runs: OK # git bisect good bed6760cf2c40778a58f2e399c8947b3b3c55518 d9570ee3bd1d4f20ce63485f5ef05663866fe6c0 is the first bad commit commit d9570ee3bd1d4f20ce63485f5ef05663866fe6c0 Author: Dmitry Vyukov Date: Fri Jan 12 16:53:10 2018 -0800 kmemleak: allow to coexist with fault injection kmemleak does one slab allocation per user allocation. So if slab fault injection is enabled to any degree, kmemleak instantly fails to allocate and turns itself off. However, it's useful to use kmemleak with fault injection to find leaks on error paths. On the other hand, checking kmemleak itself is not so useful because (1) it's a debugging tool and (2) it has a very regular allocation pattern (basically a single allocation site, so it either works or not). Turn off fault injection for kmemleak allocations. Link: http://lkml.kernel.org/r/20180109192243.19316-1-dvyukov@google.com Signed-off-by: Dmitry Vyukov Cc: Catalin Marinas Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds :040000 040000 9bc1b719e63cfdbb3803d16f1cc64a3c0df5afae e7ec596685a9592aed2ad259812d0208ba528bfe M mm revisions tested: 25, total time: 3h51m57.738703612s (build: 1h44m57.105207315s, test: 1h59m44.269095863s) first bad commit: d9570ee3bd1d4f20ce63485f5ef05663866fe6c0 kmemleak: allow to coexist with fault injection cc: ["akpm@linux-foundation.org" "catalin.marinas@arm.com" "dvyukov@google.com" "torvalds@linux-foundation.org"] crash: memory leak in policydb_read BUG: memory leak unreferenced object 0xffff880117fc3b40 (size 64): comm "syz-executor.7", pid 6083, jiffies 4294949027 (age 14.150s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000009ece7274>] kmemleak_alloc_recursive /./include/linux/kmemleak.h:55 [inline] [<000000009ece7274>] slab_post_alloc_hook /mm/slab.h:440 [inline] [<000000009ece7274>] slab_alloc /mm/slab.c:3382 [inline] [<000000009ece7274>] kmem_cache_alloc_trace+0x134/0x240 /mm/slab.c:3608 [<0000000033783b37>] kmalloc /./include/linux/slab.h:499 [inline] [<0000000033783b37>] kzalloc /./include/linux/slab.h:688 [inline] [<0000000033783b37>] roles_init /security/selinux/ss/policydb.c:191 [inline] [<0000000033783b37>] policydb_init /security/selinux/ss/policydb.c:297 [inline] [<0000000033783b37>] policydb_read+0xd9/0xab0 /security/selinux/ss/policydb.c:2287 [<00000000bd53d928>] security_load_policy+0x110/0x540 /security/selinux/ss/services.c:2109 [<0000000085e4cea3>] sel_write_load+0xc2/0x770 /security/selinux/selinuxfs.c:503 [<0000000007825a48>] __vfs_write+0x23/0x140 /fs/read_write.c:480 [<00000000b123f482>] vfs_write+0xa6/0x1a0 /fs/read_write.c:544 [<000000001f6744df>] SYSC_write /fs/read_write.c:589 [inline] [<000000001f6744df>] SyS_write+0x41/0xa0 /fs/read_write.c:581 [<000000001c491cd5>] entry_SYSCALL_64_fastpath+0x1e/0x81 [<000000002b9cf1f7>] 0xffffffffffffffff BUG: memory leak unreferenced object 0xffff88010db62c40 (size 32): comm "syz-executor.7", pid 6083, jiffies 4294949027 (age 14.150s) hex dump (first 32 bytes): 6f 62 6a 65 63 74 5f 72 00 00 00 00 00 00 00 00 object_r........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000006ea28202>] kmemleak_alloc_recursive /./include/linux/kmemleak.h:55 [inline] [<000000006ea28202>] slab_post_alloc_hook /mm/slab.h:440 [inline] [<000000006ea28202>] slab_alloc /mm/slab.c:3382 [inline] [<000000006ea28202>] __do_kmalloc /mm/slab.c:3706 [inline] [<000000006ea28202>] __kmalloc_track_caller+0x143/0x260 /mm/slab.c:3723 [<00000000bc0dbe2a>] kstrdup+0x2c/0x60 /mm/util.c:56 [<00000000349e2cbf>] roles_init /security/selinux/ss/policydb.c:201 [inline] [<00000000349e2cbf>] policydb_init /security/selinux/ss/policydb.c:297 [inline] [<00000000349e2cbf>] policydb_read+0x136/0xab0 /security/selinux/ss/policydb.c:2287 [<00000000bd53d928>] security_load_policy+0x110/0x540 /security/selinux/ss/services.c:2109 [<0000000085e4cea3>] sel_write_load+0xc2/0x770 /security/selinux/selinuxfs.c:503 [<0000000007825a48>] __vfs_write+0x23/0x140 /fs/read_write.c:480 [<00000000b123f482>] vfs_write+0xa6/0x1a0 /fs/read_write.c:544 [<000000001f6744df>] SYSC_write /fs/read_write.c:589 [inline] [<000000001f6744df>] SyS_write+0x41/0xa0 /fs/read_write.c:581 [<000000001c491cd5>] entry_SYSCALL_64_fastpath+0x1e/0x81 [<000000002b9cf1f7>] 0xffffffffffffffff BUG: memory leak unreferenced object 0xffff8801246c4c00 (size 64): comm "syz-executor.7", pid 6086, jiffies 4294949028 (age 14.140s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000009ece7274>] kmemleak_alloc_recursive /./include/linux/kmemleak.h:55 [inline] [<000000009ece7274>] slab_post_alloc_hook /mm/slab.h:440 [inline] [<000000009ece7274>] slab_alloc /mm/slab.c:3382 [inline] [<000000009ece7274>] kmem_cache_alloc_trace+0x134/0x240 /mm/slab.c:3608 [<0000000033783b37>] kmalloc /./include/linux/slab.h:499 [inline] [<0000000033783b37>] kzalloc /./include/linux/slab.h:688 [inline] [<0000000033783b37>] roles_init /security/selinux/ss/policydb.c:191 [inline] [<0000000033783b37>] policydb_init /security/selinux/ss/policydb.c:297 [inline] [<0000000033783b37>] policydb_read+0xd9/0xab0 /security/selinux/ss/policydb.c:2287 [<00000000bd53d928>] security_load_policy+0x110/0x540 /security/selinux/ss/services.c:2109 [<0000000085e4cea3>] sel_write_load+0xc2/0x770 /security/selinux/selinuxfs.c:503 [<0000000007825a48>] __vfs_write+0x23/0x140 /fs/read_write.c:480 [<00000000b123f482>] vfs_write+0xa6/0x1a0 /fs/read_write.c:544 [<000000001f6744df>] SYSC_write /fs/read_write.c:589 [inline] [<000000001f6744df>] SyS_write+0x41/0xa0 /fs/read_write.c:581 [<000000001c491cd5>] entry_SYSCALL_64_fastpath+0x1e/0x81 [<000000002b9cf1f7>] 0xffffffffffffffff BUG: memory leak unreferenced object 0xffff88010db62e40 (size 32): comm "syz-executor.7", pid 6086, jiffies 4294949028 (age 14.140s) hex dump (first 32 bytes): 6f 62 6a 65 63 74 5f 72 00 00 00 00 00 00 00 00 object_r........ 70 12 7b 81 ff ff ff ff 50 12 7b 81 ff ff ff ff p.{.....P.{..... backtrace: [<000000006ea28202>] kmemleak_alloc_recursive /./include/linux/kmemleak.h:55 [inline] [<000000006ea28202>] slab_post_alloc_hook /mm/slab.h:440 [inline] [<000000006ea28202>] slab_alloc /mm/slab.c:3382 [inline] [<000000006ea28202>] __do_kmalloc /mm/slab.c:3706 [inline] [<000000006ea28202>] __kmalloc_track_caller+0x143/0x260 /mm/slab.c:3723 [<00000000bc0dbe2a>] kstrdup+0x2c/0x60 /mm/util.c:56 [<00000000349e2cbf>] roles_init /security/selinux/ss/policydb.c:201 [inline] [<00000000349e2cbf>] policydb_init /security/selinux/ss/policydb.c:297 [inline] [<00000000349e2cbf>] policydb_read+0x136/0xab0 /security/selinux/ss/policydb.c:2287 [<00000000bd53d928>] security_load_policy+0x110/0x540 /security/selinux/ss/services.c:2109 [<0000000085e4cea3>] sel_write_load+0xc2/0x770 /security/selinux/selinuxfs.c:503 [<0000000007825a48>] __vfs_write+0x23/0x140 /fs/read_write.c:480 [<00000000b123f482>] vfs_write+0xa6/0x1a0 /fs/read_write.c:544 [<000000001f6744df>] SYSC_write /fs/read_write.c:589 [inline] [<000000001f6744df>] SyS_write+0x41/0xa0 /fs/read_write.c:581 [<000000001c491cd5>] entry_SYSCALL_64_fastpath+0x1e/0x81 [<000000002b9cf1f7>] 0xffffffffffffffff BUG: memory leak unreferenced object 0xffff880113b63e80 (size 64): comm "syz-executor.7", pid 6089, jiffies 4294949028 (age 14.140s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000009ece7274>] kmemleak_alloc_recursive /./include/linux/kmemleak.h:55 [inline] [<000000009ece7274>] slab_post_alloc_hook /mm/slab.h:440 [inline] [<000000009ece7274>] slab_alloc /mm/slab.c:3382 [inline] [<000000009ece7274>] kmem_cache_alloc_trace+0x134/0x240 /mm/slab.c:3608 [<0000000033783b37>] kmalloc /./include/linux/slab.h:499 [inline] [<0000000033783b37>] kzalloc /./include/linux/slab.h:688 [inline] [<0000000033783b37>] roles_init /security/selinux/ss/policydb.c:191 [inline] [<0000000033783b37>] policydb_init /security/selinux/ss/policydb.c:297 [inline] [<0000000033783b37>] policydb_read+0xd9/0xab0 /security/selinux/ss/policydb.c:2287 [<00000000bd53d928>] security_load_policy+0x110/0x540 /security/selinux/ss/services.c:2109 [<0000000085e4cea3>] sel_write_load+0xc2/0x770 /security/selinux/selinuxfs.c:503 [<0000000007825a48>] __vfs_write+0x23/0x140 /fs/read_write.c:480 [<00000000b123f482>] vfs_write+0xa6/0x1a0 /fs/read_write.c:544 [<000000001f6744df>] SYSC_write /fs/read_write.c:589 [inline] [<000000001f6744df>] SyS_write+0x41/0xa0 /fs/read_write.c:581 [<000000001c491cd5>] entry_SYSCALL_64_fastpath+0x1e/0x81 [<000000002b9cf1f7>] 0xffffffffffffffff