bisecting cause commit starting from a3d3c74da49c65fc63a937fa559186b0e16adca3 building syzkaller on 32d593576a7ee67f588218d3a44a0b69fe31b0a0 testing commit a3d3c74da49c65fc63a937fa559186b0e16adca3 with gcc (GCC) 8.1.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue testing release v5.1 testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue testing release v5.0 testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 with gcc (GCC) 8.1.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue testing release v4.20 testing commit 8fe28cb58bcb235034b64cbbb7550a8a43fd88be with gcc (GCC) 8.1.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue testing release v4.19 testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d with gcc (GCC) 8.1.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue testing release v4.18 testing commit 94710cac0ef4ee177a63b5227664b38c95bbf703 with gcc (GCC) 8.1.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue testing release v4.17 testing commit 29dcea88779c856c7dc92040a0c01233263101d4 with gcc (GCC) 8.1.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue testing release v4.16 testing commit 0adb32858b0bddf4ada5f364a84ed60b196dbcda with gcc (GCC) 8.1.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue testing release v4.15 testing commit d8a5b80568a9cb66810e75b182018e9edb68e8ff with gcc (GCC) 8.1.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue testing release v4.14 testing commit bebc6082da0a9f5d47a1ea2edc099bf671058bd4 with gcc (GCC) 8.1.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue testing release v4.13 testing commit 569dbb88e80deb68974ef6fdd6a13edb9d686261 with gcc (GCC) 8.1.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue testing release v4.12 testing commit 6f7da290413ba713f0cdd9ff1a2a9bb129ef4f6c with gcc (GCC) 8.1.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue testing release v4.11 testing commit a351e9b9fc24e982ec2f0e76379a49826036da12 with gcc (GCC) 7.3.0 all runs: OK # git bisect start v4.12 v4.11 Bisecting: 7831 revisions left to test after this (roughly 13 steps) [2bd80401743568ced7d303b008ae5298ce77e695] Merge tag 'gpio-v4.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio testing commit 2bd80401743568ced7d303b008ae5298ce77e695 with gcc (GCC) 7.3.0 all runs: OK # git bisect good 2bd80401743568ced7d303b008ae5298ce77e695 Bisecting: 3830 revisions left to test after this (roughly 12 steps) [85d604902eb28eaea4f9e0f3a655ae986fa4bd2e] Merge tag 'armsoc-dt' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc testing commit 85d604902eb28eaea4f9e0f3a655ae986fa4bd2e with gcc (GCC) 7.3.0 all runs: OK # git bisect good 85d604902eb28eaea4f9e0f3a655ae986fa4bd2e Bisecting: 1914 revisions left to test after this (roughly 11 steps) [b16c4c48390eb14a1bb4a06702a8c65b837c4566] Merge branch 'mlxsw-fixes' testing commit b16c4c48390eb14a1bb4a06702a8c65b837c4566 with gcc (GCC) 7.3.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue # git bisect bad b16c4c48390eb14a1bb4a06702a8c65b837c4566 Bisecting: 965 revisions left to test after this (roughly 10 steps) [73ccb023a2f25b72c4b95499ca24760588014614] Merge tag 'nfs-for-4.12-1' of git://git.linux-nfs.org/projects/trondmy/linux-nfs testing commit 73ccb023a2f25b72c4b95499ca24760588014614 with gcc (GCC) 7.3.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue # git bisect bad 73ccb023a2f25b72c4b95499ca24760588014614 Bisecting: 468 revisions left to test after this (roughly 9 steps) [4879b7ae05431ebcd228a4ff25a81120b3d85891] Merge tag 'dmaengine-4.12-rc1' of git://git.infradead.org/users/vkoul/slave-dma testing commit 4879b7ae05431ebcd228a4ff25a81120b3d85891 with gcc (GCC) 7.3.0 all runs: OK # git bisect good 4879b7ae05431ebcd228a4ff25a81120b3d85891 Bisecting: 252 revisions left to test after this (roughly 8 steps) [dc9edaab90de9441cc28ac570b23b0d2bdba7879] Merge tag 'acpi-extra-4.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm testing commit dc9edaab90de9441cc28ac570b23b0d2bdba7879 with gcc (GCC) 7.3.0 all runs: OK # git bisect good dc9edaab90de9441cc28ac570b23b0d2bdba7879 Bisecting: 115 revisions left to test after this (roughly 7 steps) [5ccd414080822d5257c3569f4aeca74f63f4a257] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm testing commit 5ccd414080822d5257c3569f4aeca74f63f4a257 with gcc (GCC) 7.3.0 all runs: crashed: WARNING: suspicious RCU usage in netem_enqueue # git bisect bad 5ccd414080822d5257c3569f4aeca74f63f4a257 Bisecting: 68 revisions left to test after this (roughly 6 steps) [1e9a038b7fe9a8c10ef1238f4e695d5fbe0dd594] srcu: Expedited grace periods with reduced memory contention testing commit 1e9a038b7fe9a8c10ef1238f4e695d5fbe0dd594 with gcc (GCC) 5.5.0 all runs: boot failed: divide error in irq_create_affinity_masks # git bisect skip 1e9a038b7fe9a8c10ef1238f4e695d5fbe0dd594 Bisecting: 68 revisions left to test after this (roughly 6 steps) [6a6e77006fcdba89708214556c6d560323e850fc] Documentation: tee subsystem and op-tee driver testing commit 6a6e77006fcdba89708214556c6d560323e850fc with gcc (GCC) 5.5.0 all runs: boot failed: KASAN: use-after-free Write in rb_erase # git bisect skip 6a6e77006fcdba89708214556c6d560323e850fc Bisecting: 68 revisions left to test after this (roughly 6 steps) [6cc40f273b30ef8f7b37f95cd2e6456d652808c0] KVM: arm/arm64: Get rid of its->initialized field testing commit 6cc40f273b30ef8f7b37f95cd2e6456d652808c0 with gcc (GCC) 5.5.0 all runs: crashed: WARNING in br_fdb_find # git bisect bad 6cc40f273b30ef8f7b37f95cd2e6456d652808c0 Bisecting: 16 revisions left to test after this (roughly 4 steps) [06bd5359549d7a0a2759a08f07e3d13a7acc9ecc] KVM: arm64: vgic-its: Read config and pending bit in add_lpi() testing commit 06bd5359549d7a0a2759a08f07e3d13a7acc9ecc with gcc (GCC) 5.5.0 all runs: crashed: WARNING in br_fdb_find # git bisect bad 06bd5359549d7a0a2759a08f07e3d13a7acc9ecc Bisecting: 7 revisions left to test after this (roughly 3 steps) [8331c23c28e8b7f70cb5c25366160d900ab127d7] KVM: arm64: vgic-its: Implement vgic_its_has_attr_regs and attr_regs_access testing commit 8331c23c28e8b7f70cb5c25366160d900ab127d7 with gcc (GCC) 5.5.0 all runs: crashed: WARNING in br_fdb_find # git bisect bad 8331c23c28e8b7f70cb5c25366160d900ab127d7 Bisecting: 4 revisions left to test after this (roughly 2 steps) [100e62983ef3a012e62e0e7116035529a286c1ec] KVM: arm/arm64: Add GICV3 pending table save API documentation testing commit 100e62983ef3a012e62e0e7116035529a286c1ec with gcc (GCC) 5.5.0 all runs: crashed: WARNING in br_fdb_find # git bisect bad 100e62983ef3a012e62e0e7116035529a286c1ec Bisecting: 1 revision left to test after this (roughly 1 step) [35d2d5d490e2dc98ec07f899577b2a5451f413e8] KVM: arm/arm64: Move shared files to virt/kvm/arm testing commit 35d2d5d490e2dc98ec07f899577b2a5451f413e8 with gcc (GCC) 5.5.0 all runs: crashed: WARNING in br_fdb_find # git bisect bad 35d2d5d490e2dc98ec07f899577b2a5451f413e8 Bisecting: 0 revisions left to test after this (roughly 0 steps) [c667186f1c01ca8970c785888868b7ffd74e51ee] arm64: KVM: Fix decoding of Rt/Rt2 when trapping AArch32 CP accesses testing commit c667186f1c01ca8970c785888868b7ffd74e51ee with gcc (GCC) 5.5.0 all runs: crashed: WARNING in br_fdb_find # git bisect bad c667186f1c01ca8970c785888868b7ffd74e51ee c667186f1c01ca8970c785888868b7ffd74e51ee is the first bad commit commit c667186f1c01ca8970c785888868b7ffd74e51ee Author: Marc Zyngier Date: Thu Apr 27 19:06:48 2017 +0100 arm64: KVM: Fix decoding of Rt/Rt2 when trapping AArch32 CP accesses Our 32bit CP14/15 handling inherited some of the ARMv7 code for handling the trapped system registers, completely missing the fact that the fields for Rt and Rt2 are now 5 bit wide, and not 4... Let's fix it, and provide an accessor for the most common Rt case. Cc: stable@vger.kernel.org Reviewed-by: Christoffer Dall Signed-off-by: Marc Zyngier Signed-off-by: Christoffer Dall :040000 040000 51fd637e62417ac527deb21439891bf9b52ab02a 5c10d26bc453cd660a4a0bd98c34a6230e3af896 M arch revisions tested: 29, total time: 5h46m6.671907814s (build: 2h14m3.913191352s, test: 3h24m12.139211059s) first bad commit: c667186f1c01ca8970c785888868b7ffd74e51ee arm64: KVM: Fix decoding of Rt/Rt2 when trapping AArch32 CP accesses cc: ["catalin.marinas@arm.com" "cdall@linaro.org" "christoffer.dall@linaro.org" "kvm@vger.kernel.org" "kvmarm@lists.cs.columbia.edu" "linux-arm-kernel@lists.infradead.org" "linux-kernel@vger.kernel.org" "marc.zyngier@arm.com" "pbonzini@redhat.com" "rkrcmar@redhat.com" "will.deacon@arm.com"] crash: WARNING in br_fdb_find kobject: 'tx-0' (ffff88011b553858): fill_kobj_path: path = '/devices/virtual/net/ip6gretap0/queues/tx-0' kobject: 'batman_adv' (ffff88012af71c00): kobject_add_internal: parent: 'ip6gretap0', set: '' ------------[ cut here ]------------ WARNING: CPU: 0 PID: 23918 at net/bridge/br_fdb.c:109 br_fdb_find+0x1bc/0x1e0 net/bridge/br_fdb.c:109 Kernel panic - not syncing: panic_on_warn set ... CPU: 0 PID: 23918 Comm: syz-executor215 Not tainted 4.11.0-rc3+ #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0xe6/0x120 lib/dump_stack.c:52 panic+0x1b6/0x358 kernel/panic.c:180 __warn+0x18d/0x1b0 kernel/panic.c:541 warn_slowpath_null+0x18/0x20 kernel/panic.c:584 br_fdb_find+0x1bc/0x1e0 net/bridge/br_fdb.c:109 fdb_insert+0xd3/0x320 net/bridge/br_fdb.c:529 br_fdb_insert+0x35/0x50 net/bridge/br_fdb.c:557 __vlan_add+0x10ac/0x2450 net/bridge/br_vlan.c:250 br_vlan_add+0x9d2/0xc60 net/bridge/br_vlan.c:599 br_vlan_init+0x17e/0x1f0 net/bridge/br_vlan.c:940 br_dev_init+0xf5/0x230 net/bridge/br_device.c:106 register_netdevice+0x259/0xd60 net/core/dev.c:7233 br_dev_newlink+0x91/0xb0 net/bridge/br_netlink.c:1172 rtnl_newlink+0xbe7/0x12f0 net/core/rtnetlink.c:2627 rtnetlink_rcv_msg+0x222/0x670 net/core/rtnetlink.c:4104 netlink_rcv_skb+0x242/0x350 net/netlink/af_netlink.c:2298 rtnetlink_rcv+0x25/0x30 net/core/rtnetlink.c:4110 netlink_unicast_kernel net/netlink/af_netlink.c:1231 [inline] netlink_unicast+0x45a/0x660 net/netlink/af_netlink.c:1257 netlink_sendmsg+0x89c/0xb40 net/netlink/af_netlink.c:1803 sock_sendmsg_nosec net/socket.c:633 [inline] sock_sendmsg+0xb5/0xf0 net/socket.c:643 SYSC_sendto+0x1c9/0x300 net/socket.c:1685 SyS_sendto+0x9/0x10 net/socket.c:1653 entry_SYSCALL_64_fastpath+0x23/0xc6 RIP: 0033:0x401fd3 RSP: 002b:00007ffd798b63b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000401fd3 RDX: 000000000000003c RSI: 00000000006d4c30 RDI: 0000000000000003 RBP: 00007ffd798b6800 R08: 00007ffd798b63c0 R09: 000000000000000c R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00000000004030e0 R14: 0000000000000000 R15: 0000000000000000 Kernel Offset: disabled Rebooting in 86400 seconds..