bisecting fixing commit since 2f7b98d1e55ccd34e4998bf5f321ec7b9d6b451b building syzkaller on 7e2b734bac96c22086fedd1b18135da06d5e4054 testing commit 2f7b98d1e55ccd34e4998bf5f321ec7b9d6b451b with gcc (GCC) 10.2.1 20210217 kernel signature: 6dcedb5559249ae466c589a7b7366855521d1993d96746d872cbe8313cee7ba8 run #0: crashed: KASAN: use-after-free Write in ext4_put_super run #1: crashed: KASAN: use-after-free Write in ext4_put_super run #2: crashed: KASAN: use-after-free Write in ext4_put_super run #3: crashed: KASAN: use-after-free Write in ext4_put_super run #4: crashed: KASAN: use-after-free Write in ext4_put_super run #5: crashed: KASAN: use-after-free Write in ext4_put_super run #6: crashed: KASAN: use-after-free Write in ext4_put_super run #7: crashed: KASAN: use-after-free Write in ext4_put_super run #8: crashed: KASAN: use-after-free Write in ext4_put_super run #9: crashed: KASAN: use-after-free Write in ext4_put_super run #10: crashed: KASAN: use-after-free Write in ext4_put_super run #11: crashed: INFO: task hung in ext4_put_super run #12: crashed: KASAN: use-after-free Write in ext4_put_super run #13: crashed: KASAN: use-after-free Write in ext4_put_super run #14: crashed: KASAN: use-after-free Write in ext4_put_super run #15: OK run #16: OK run #17: OK run #18: OK run #19: crashed: KASAN: use-after-free Write in ext4_put_super testing current HEAD d936eb23874433caa3e3d841cfa16f5434b85dcf testing commit d936eb23874433caa3e3d841cfa16f5434b85dcf with gcc (GCC) 10.2.1 20210217 kernel signature: 1caab83a14a3e2607692c9d5b72d7d27f022c75f8ffcae37e93726b7907f53b2 all runs: OK # git bisect start d936eb23874433caa3e3d841cfa16f5434b85dcf 2f7b98d1e55ccd34e4998bf5f321ec7b9d6b451b Bisecting: 15707 revisions left to test after this (roughly 14 steps) [394febc9d0a607d6310e14d8248af62125feb5d1] misc/pvpanic: Make 'pvpanic_probe()' resource managed testing commit 394febc9d0a607d6310e14d8248af62125feb5d1 with gcc (GCC) 10.2.1 20210217 kernel signature: 2f144924a0513d479943d08b01e36f29e0bf4c3925fc807f1991b104dbd23c1c run #0: crashed: KASAN: use-after-free Write in ext4_put_super run #1: crashed: KASAN: use-after-free Write in ext4_put_super run #2: crashed: KASAN: use-after-free Write in ext4_put_super run #3: crashed: KASAN: use-after-free Write in ext4_put_super run #4: crashed: INFO: task hung in ext4_put_super run #5: crashed: KASAN: use-after-free Write in ext4_put_super run #6: OK run #7: OK run #8: OK run #9: crashed: INFO: task hung in ext4_put_super # git bisect good 394febc9d0a607d6310e14d8248af62125feb5d1 Bisecting: 8457 revisions left to test after this (roughly 13 steps) [bcb9928a155444dbd212473e60241ca0a7f641e1] net: dsa: properly check for the bridge_leave methods in dsa_switch_bridge_leave() testing commit bcb9928a155444dbd212473e60241ca0a7f641e1 with gcc (GCC) 10.2.1 20210217 kernel signature: 4403a5ab96b8c3b84c660177717c3d45923249aa67332b3226fb7e50988efb37 run #0: crashed: KASAN: use-after-free Write in ext4_put_super run #1: crashed: KASAN: use-after-free Write in ext4_put_super run #2: crashed: KASAN: use-after-free Write in ext4_put_super run #3: crashed: KASAN: use-after-free Write in ext4_put_super run #4: crashed: KASAN: use-after-free Write in ext4_put_super run #5: crashed: KASAN: use-after-free Write in ext4_put_super run #6: crashed: INFO: task hung in ext4_put_super run #7: crashed: KASAN: use-after-free Write in ext4_put_super run #8: crashed: KASAN: use-after-free Write in ext4_put_super run #9: OK # git bisect good bcb9928a155444dbd212473e60241ca0a7f641e1 Bisecting: 4245 revisions left to test after this (roughly 12 steps) [8e8d9442d1139d05d0c3b83efa34c4b7693d2969] Merge tag 'vfio-v5.14-rc1' of git://github.com/awilliam/linux-vfio testing commit 8e8d9442d1139d05d0c3b83efa34c4b7693d2969 with gcc (GCC) 10.2.1 20210217 kernel signature: c39f44290e5fc446ba6ef70b1b08243b12693d53f2ac234b7d1f55b72f02ff78 all runs: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0) # git bisect skip 8e8d9442d1139d05d0c3b83efa34c4b7693d2969 Bisecting: 4245 revisions left to test after this (roughly 12 steps) [86335b51e47d9b5065abf0e5fc438234e53ffe86] dt-bindings: i2c: i2c-mux-pca954x: Convert to DT schema testing commit 86335b51e47d9b5065abf0e5fc438234e53ffe86 with gcc (GCC) 10.2.1 20210217 kernel signature: 7856a841e4a1b78817a93ac0dd28fcae3df25ffc7dd51addbf23fb087a3ac3e3 run #0: crashed: KASAN: use-after-free Write in ext4_put_super run #1: crashed: KASAN: use-after-free Write in ext4_put_super run #2: crashed: KASAN: use-after-free Write in ext4_put_super run #3: crashed: KASAN: use-after-free Write in ext4_put_super run #4: crashed: KASAN: use-after-free Write in ext4_put_super run #5: crashed: INFO: task hung in ext4_put_super run #6: crashed: KASAN: use-after-free Write in ext4_put_super run #7: OK run #8: OK run #9: OK # git bisect good 86335b51e47d9b5065abf0e5fc438234e53ffe86 Bisecting: 4208 revisions left to test after this (roughly 12 steps) [303392fd5c160822bf778270b28ec5ea50cab2b4] Merge tag 'leds-5.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/pavel/linux-leds testing commit 303392fd5c160822bf778270b28ec5ea50cab2b4 with gcc (GCC) 10.2.1 20210217 kernel signature: 0ca4ec1fcd11c825df0d529f4b2fe89e6a01633ee26a92924f3df37ef189e428 all runs: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0) # git bisect skip 303392fd5c160822bf778270b28ec5ea50cab2b4 Bisecting: 4208 revisions left to test after this (roughly 12 steps) [ae128916fb87a91ae41bec0461330e8a81500d84] intel_th: Remove an unused exit point from intel_th_remove() testing commit ae128916fb87a91ae41bec0461330e8a81500d84 with gcc (GCC) 10.2.1 20210217 kernel signature: 0119e6ae85778fb49e67ec155125d627a697ab0cd926d687d73bc95d49e6a937 run #0: crashed: KASAN: use-after-free Write in ext4_put_super run #1: crashed: KASAN: use-after-free Write in ext4_put_super run #2: crashed: KASAN: use-after-free Write in ext4_put_super run #3: crashed: KASAN: use-after-free Write in ext4_put_super run #4: crashed: KASAN: use-after-free Write in ext4_put_super run #5: crashed: INFO: task hung in ext4_put_super run #6: crashed: KASAN: use-after-free Write in ext4_put_super run #7: crashed: INFO: task hung in ext4_put_super run #8: crashed: KASAN: use-after-free Write in ext4_put_super run #9: crashed: KASAN: use-after-free Write in ext4_put_super # git bisect good ae128916fb87a91ae41bec0461330e8a81500d84 Bisecting: 4083 revisions left to test after this (roughly 12 steps) [757fa80f4edca010769f3f8d116c19c85f27e817] Merge tag 'trace-v5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace testing commit 757fa80f4edca010769f3f8d116c19c85f27e817 with gcc (GCC) 10.2.1 20210217 kernel signature: 63b2a27ccddc208102ef643e56368fb313f9e9ef4df0b70ff40528ee6904d800 all runs: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0) # git bisect skip 757fa80f4edca010769f3f8d116c19c85f27e817 Bisecting: 4083 revisions left to test after this (roughly 12 steps) [24d1e49415be546470b20429d748e240d0518b7e] ALSA: intel8x0: Fix breakage at ac97 clock measurement testing commit 24d1e49415be546470b20429d748e240d0518b7e with gcc (GCC) 10.2.1 20210217 kernel signature: 534331de350af732ef9c4eb3ca829ee7783bd567f2f331d3f080ef9ed8272325 all runs: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0) # git bisect skip 24d1e49415be546470b20429d748e240d0518b7e Bisecting: 4083 revisions left to test after this (roughly 12 steps) [6522a8486c00d130a32a57c6c8a365572958b4df] ASoC: atmel: sam9x5_wm8731: use devm_snd_soc_register_card() testing commit 6522a8486c00d130a32a57c6c8a365572958b4df with gcc (GCC) 10.2.1 20210217 kernel signature: 7856a841e4a1b78817a93ac0dd28fcae3df25ffc7dd51addbf23fb087a3ac3e3 run #0: crashed: KASAN: use-after-free Write in ext4_put_super run #1: crashed: KASAN: use-after-free Write in ext4_put_super run #2: crashed: KASAN: use-after-free Write in ext4_put_super run #3: crashed: KASAN: use-after-free Write in ext4_put_super run #4: crashed: INFO: task hung in ext4_put_super run #5: crashed: KASAN: use-after-free Write in ext4_put_super run #6: crashed: KASAN: use-after-free Write in ext4_put_super run #7: crashed: KASAN: use-after-free Write in ext4_put_super run #8: OK run #9: OK # git bisect good 6522a8486c00d130a32a57c6c8a365572958b4df Bisecting: 4025 revisions left to test after this (roughly 12 steps) [58ec9059b396a570b208239b4edc45eeb68b14c4] Merge branch 'work.namei' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs testing commit 58ec9059b396a570b208239b4edc45eeb68b14c4 with gcc (GCC) 10.2.1 20210217 kernel signature: 3d91e277b6c05562ab96ca57310e0f639ff735606e97ada00719b3375b3188ed all runs: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0) # git bisect skip 58ec9059b396a570b208239b4edc45eeb68b14c4 Bisecting: 4025 revisions left to test after this (roughly 12 steps) [72b5e8958738aaa453db5149e6ca3bcf416023b9] virtio-ring: store DMA metadata in desc_extra for split virtqueue testing commit 72b5e8958738aaa453db5149e6ca3bcf416023b9 with gcc (GCC) 10.2.1 20210217 kernel signature: fd56c35de5c1ded21ec09dbf29e3bb5664725a4f6bd3a349ab200c5e6f930415 all runs: OK # git bisect bad 72b5e8958738aaa453db5149e6ca3bcf416023b9 Bisecting: 1157 revisions left to test after this (roughly 10 steps) [6c475bdbece0df896bb4db9553073a48503269c8] drm/amd/display: Trigger full update after DCC on/off testing commit 6c475bdbece0df896bb4db9553073a48503269c8 with gcc (GCC) 10.2.1 20210217 kernel signature: ffb4171943669e0e2ae16eb52cf701d3af746d39ec7ae60674b21421c5224e32 run #0: crashed: KASAN: use-after-free Write in ext4_put_super run #1: crashed: KASAN: use-after-free Write in ext4_put_super run #2: crashed: KASAN: use-after-free Write in ext4_put_super run #3: crashed: KASAN: use-after-free Write in ext4_put_super run #4: crashed: KASAN: use-after-free Write in ext4_put_super run #5: crashed: KASAN: use-after-free Write in ext4_put_super run #6: crashed: INFO: task hung in ext4_put_super run #7: crashed: INFO: task hung in ext4_put_super run #8: crashed: KASAN: use-after-free Write in ext4_put_super run #9: OK # git bisect good 6c475bdbece0df896bb4db9553073a48503269c8 Bisecting: 547 revisions left to test after this (roughly 9 steps) [e058a84bfddc42ba356a2316f2cf1141974625c9] Merge tag 'drm-next-2021-07-01' of git://anongit.freedesktop.org/drm/drm testing commit e058a84bfddc42ba356a2316f2cf1141974625c9 with gcc (GCC) 10.2.1 20210217 kernel signature: c1e4b363794d9b09fec1fd253b56f6d765aa704d19ba8bcfba84b856a04dee1c all runs: OK # git bisect bad e058a84bfddc42ba356a2316f2cf1141974625c9 Bisecting: 303 revisions left to test after this (roughly 8 steps) [d472b36efbf8a27dc8a80519db8b5a8caffe42b6] Merge tag 'amd-drm-next-5.14-2021-06-16' of https://gitlab.freedesktop.org/agd5f/linux into drm-next testing commit d472b36efbf8a27dc8a80519db8b5a8caffe42b6 with gcc (GCC) 10.2.1 20210217 kernel signature: 2b67174ea6f51ce980fb99c306977c0a2d39807b84a85aacc20dbed925951b25 run #0: crashed: KASAN: use-after-free Write in ext4_put_super run #1: crashed: KASAN: use-after-free Write in ext4_put_super run #2: crashed: KASAN: use-after-free Write in ext4_put_super run #3: crashed: KASAN: use-after-free Write in ext4_put_super run #4: crashed: KASAN: use-after-free Write in ext4_put_super run #5: crashed: INFO: task hung in ext4_put_super run #6: crashed: KASAN: use-after-free Write in ext4_put_super run #7: crashed: KASAN: use-after-free Write in ext4_put_super run #8: crashed: KASAN: use-after-free Write in ext4_put_super run #9: OK # git bisect good d472b36efbf8a27dc8a80519db8b5a8caffe42b6 Bisecting: 141 revisions left to test after this (roughly 7 steps) [c288d9cd710433e5991d58a0764c4d08a933b871] Merge tag 'for-5.14/io_uring-2021-06-30' of git://git.kernel.dk/linux-block testing commit c288d9cd710433e5991d58a0764c4d08a933b871 with gcc (GCC) 10.2.1 20210217 kernel signature: c1b6c5c85fff93c6c7196c4a1571ebcc8d8558e8a0d592f1442dbe9e528ccb03 all runs: OK # git bisect bad c288d9cd710433e5991d58a0764c4d08a933b871 Bisecting: 80 revisions left to test after this (roughly 6 steps) [99ebe4efbd3882422db1fd6a1b477291ea8bdab7] io_uring: pre-initialise some of req fields testing commit 99ebe4efbd3882422db1fd6a1b477291ea8bdab7 with gcc (GCC) 10.2.1 20210217 kernel signature: f019f94bf53449e55e29f38332c852b287fdbe7a42545cf31beff86829c8f8fc run #0: crashed: KASAN: use-after-free Write in ext4_put_super run #1: crashed: KASAN: use-after-free Write in ext4_put_super run #2: crashed: KASAN: use-after-free Write in ext4_put_super run #3: crashed: KASAN: use-after-free Write in ext4_put_super run #4: crashed: INFO: task hung in ext4_put_super run #5: crashed: KASAN: use-after-free Write in ext4_put_super run #6: crashed: KASAN: use-after-free Write in ext4_put_super run #7: crashed: KASAN: use-after-free Write in ext4_put_super run #8: crashed: INFO: task hung in ext4_put_super run #9: OK # git bisect good 99ebe4efbd3882422db1fd6a1b477291ea8bdab7 Bisecting: 44 revisions left to test after this (roughly 5 steps) [2cfa582be80081fb8db02d4d9b44bff34b82ac54] Merge tag 'for-5.14/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm testing commit 2cfa582be80081fb8db02d4d9b44bff34b82ac54 with gcc (GCC) 10.2.1 20210217 kernel signature: 4a20566b9d40a37937cb2e7fec166c90601cbd8b82ad3509c0f8b403015421c4 run #0: crashed: KASAN: use-after-free Write in ext4_put_super run #1: crashed: INFO: task hung in ext4_put_super run #2: crashed: INFO: task hung in ext4_put_super run #3: crashed: KASAN: use-after-free Write in ext4_put_super run #4: crashed: KASAN: use-after-free Write in ext4_put_super run #5: crashed: KASAN: use-after-free Write in ext4_put_super run #6: crashed: KASAN: use-after-free Write in ext4_put_super run #7: OK run #8: OK run #9: OK # git bisect good 2cfa582be80081fb8db02d4d9b44bff34b82ac54 Bisecting: 22 revisions left to test after this (roughly 5 steps) [0caaefbaf2a429c256c7469cb603ca8918e96fb0] ext4: no need to verify new add extent block testing commit 0caaefbaf2a429c256c7469cb603ca8918e96fb0 with gcc (GCC) 10.2.1 20210217 kernel signature: 367529d43934d10072b4ca6f39d75aafd601813f3bbf49cec656d152712b3858 all runs: OK # git bisect bad 0caaefbaf2a429c256c7469cb603ca8918e96fb0 Bisecting: 10 revisions left to test after this (roughly 4 steps) [b2d2e7573548295a14db999095fd1df40352c91a] ext4: remove set but rewrite variables testing commit b2d2e7573548295a14db999095fd1df40352c91a with gcc (GCC) 10.2.1 20210217 kernel signature: 7718787fca63ceb42d9a2abec20fe16681f4d91593bc14bdaab69cd397518392 all runs: OK # git bisect bad b2d2e7573548295a14db999095fd1df40352c91a Bisecting: 4 revisions left to test after this (roughly 3 steps) [b9a037b7f3c401d3c63e0423e56aef606b1ffaaf] ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle testing commit b9a037b7f3c401d3c63e0423e56aef606b1ffaaf with gcc (GCC) 10.2.1 20210217 kernel signature: c951fd378aecf0adb14eb360563ae11e58e56546f45a5a9ffc3f3efc21cc3f49 all runs: OK # git bisect bad b9a037b7f3c401d3c63e0423e56aef606b1ffaaf Bisecting: 2 revisions left to test after this (roughly 2 steps) [1fc57ca5a2cd26e0a526e5eb2b0fc0c054117a5b] ext4: remove redundant assignment to error testing commit 1fc57ca5a2cd26e0a526e5eb2b0fc0c054117a5b with gcc (GCC) 10.2.1 20210217 kernel signature: 03be0830de604ce7225e6469be2df986dfa63564e434424ecc4fbca1fe1a8773 run #0: crashed: KASAN: use-after-free Write in ext4_put_super run #1: crashed: KASAN: use-after-free Write in ext4_put_super run #2: crashed: KASAN: use-after-free Write in ext4_put_super run #3: crashed: KASAN: use-after-free Write in ext4_put_super run #4: crashed: KASAN: use-after-free Write in ext4_put_super run #5: crashed: INFO: task hung in ext4_put_super run #6: crashed: INFO: task hung in ext4_put_super run #7: OK run #8: crashed: KASAN: use-after-free Write in ext4_put_super run #9: OK # git bisect good 1fc57ca5a2cd26e0a526e5eb2b0fc0c054117a5b Bisecting: 1 revision left to test after this (roughly 1 step) [618f003199c6188e01472b03cdbba227f1dc5f24] ext4: fix memory leak in ext4_fill_super testing commit 618f003199c6188e01472b03cdbba227f1dc5f24 with gcc (GCC) 10.2.1 20210217 kernel signature: 88c6947b6b361457104d6b507c32cb8fa90271dc179ecc9b7420714d800d5079 all runs: OK # git bisect bad 618f003199c6188e01472b03cdbba227f1dc5f24 618f003199c6188e01472b03cdbba227f1dc5f24 is the first bad commit commit 618f003199c6188e01472b03cdbba227f1dc5f24 Author: Pavel Skripkin Date: Fri Apr 30 21:50:46 2021 +0300 ext4: fix memory leak in ext4_fill_super static int kthread(void *_create) will return -ENOMEM or -EINTR in case of internal failure or kthread_stop() call happens before threadfn call. To prevent fancy error checking and make code more straightforward we moved all cleanup code out of kmmpd threadfn. Also, dropped struct mmpd_data at all. Now struct super_block is a threadfn data and struct buffer_head embedded into struct ext4_sb_info. Reported-by: syzbot+d9e482e303930fa4f6ff@syzkaller.appspotmail.com Signed-off-by: Pavel Skripkin Link: https://lore.kernel.org/r/20210430185046.15742-1-paskripkin@gmail.com Signed-off-by: Theodore Ts'o fs/ext4/ext4.h | 4 ++++ fs/ext4/mmp.c | 28 +++++++++++++--------------- fs/ext4/super.c | 10 ++++------ 3 files changed, 21 insertions(+), 21 deletions(-) culprit signature: 88c6947b6b361457104d6b507c32cb8fa90271dc179ecc9b7420714d800d5079 parent signature: 03be0830de604ce7225e6469be2df986dfa63564e434424ecc4fbca1fe1a8773 revisions tested: 24, total time: 7h18m19.329194935s (build: 2h45m3.901998698s, test: 4h29m52.684686412s) first good commit: 618f003199c6188e01472b03cdbba227f1dc5f24 ext4: fix memory leak in ext4_fill_super recipients (to): ["adilger.kernel@dilger.ca" "linux-ext4@vger.kernel.org" "paskripkin@gmail.com" "tytso@mit.edu" "tytso@mit.edu"] recipients (cc): ["linux-kernel@vger.kernel.org"]