bisecting cause commit starting from 39f3b41aa7cae917f928ef9f31d09da28188e5ed building syzkaller on d801cb0223da621d7abb7af8b96a848d8976cc9f testing commit 39f3b41aa7cae917f928ef9f31d09da28188e5ed with gcc (GCC) 8.1.0 kernel signature: b58cabe7ad491a1a11f37608a4c7b5cbeec79c9418a48f72457729c9b64016ee all runs: crashed: general protection fault in nldev_stat_set_doit testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: f38e34fb45e37949154305b46e1a5b5e0aadbfa633eb9ca71b722a27d50475d1 all runs: crashed: general protection fault in nldev_stat_set_doit testing release v5.4 testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0 kernel signature: 00de4c367a551d3f56332c8cfbe183543b198acaa09b8a11c77249922b344c5e all runs: crashed: general protection fault in nldev_stat_set_doit testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0 kernel signature: 4d33e3b091fa42370a85b1e60961e55b32a65a77e1647abe0209b444b8f748c7 all runs: crashed: general protection fault in nldev_stat_set_doit testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 kernel signature: 75c01d4446d2db15bcf03f59b12bbd8a20825aa56dc0be715c065f10511b46bc all runs: OK # git bisect start 4d856f72c10ecb060868ed10ff1b1453943fc6c8 0ecfebd2b52404ae0c54a878c872bb93363ada36 Bisecting: 7848 revisions left to test after this (roughly 13 steps) [43c95d3694cc448fdf50bd53b7ff3a5bb4655883] Merge tag 'pinctrl-v5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl testing commit 43c95d3694cc448fdf50bd53b7ff3a5bb4655883 with gcc (GCC) 8.1.0 kernel signature: 515cf2bd1f8317f9d799591c3a7e8980dd59a6f9aa2fd4ce05b436cc12693606 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: crashed: general protection fault in send_hsr_supervision_frame # git bisect bad 43c95d3694cc448fdf50bd53b7ff3a5bb4655883 Bisecting: 4619 revisions left to test after this (roughly 12 steps) [8f6ccf6159aed1f04c6d179f61f6fb2691261e84] Merge tag 'clone3-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux testing commit 8f6ccf6159aed1f04c6d179f61f6fb2691261e84 with gcc (GCC) 8.1.0 kernel signature: 925aa7d050138e8027ef70bb03d39f112f6b764b01f5dbe7ada73c4ce348e059 all runs: OK # git bisect good 8f6ccf6159aed1f04c6d179f61f6fb2691261e84 Bisecting: 2306 revisions left to test after this (roughly 11 steps) [753c8d9b7d81206bb5d011b28abe829d364b028e] Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit 753c8d9b7d81206bb5d011b28abe829d364b028e with gcc (GCC) 8.1.0 kernel signature: f388d7078d3d4cd9dd34343342b4aa5e78ce1e7d985ad4c8d4e978da6bc2b677 all runs: OK # git bisect good 753c8d9b7d81206bb5d011b28abe829d364b028e Bisecting: 1152 revisions left to test after this (roughly 10 steps) [d72619706abc4aa7e540ea882dae883cee7cc3b3] Merge tag 'tty-5.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty testing commit d72619706abc4aa7e540ea882dae883cee7cc3b3 with gcc (GCC) 8.1.0 kernel signature: 36fd670609d2bd3e7241c97003ce35e17995f8949d7d7e4b1781663bb02a58f9 all runs: OK # git bisect good d72619706abc4aa7e540ea882dae883cee7cc3b3 Bisecting: 574 revisions left to test after this (roughly 9 steps) [f632a8170a6b667ee4e3f552087588f0fe13c4bb] Merge tag 'driver-core-5.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core testing commit f632a8170a6b667ee4e3f552087588f0fe13c4bb with gcc (GCC) 8.1.0 kernel signature: dfdf86be3ca8887240ddfe42fc302df9f49f353c3efaa71ab6ef68061e4c6fed run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: crashed: general protection fault in send_hsr_supervision_frame # git bisect bad f632a8170a6b667ee4e3f552087588f0fe13c4bb Bisecting: 307 revisions left to test after this (roughly 8 steps) [d06e4156430e7c5eb4f04dabcaa0d9e2fba335e3] Merge tag 'devicetree-for-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux testing commit d06e4156430e7c5eb4f04dabcaa0d9e2fba335e3 with gcc (GCC) 8.1.0 kernel signature: b7ff756894feb292ee491bef219d87a7763e216d9a854baf6b39a7afd35da79c all runs: OK # git bisect good d06e4156430e7c5eb4f04dabcaa0d9e2fba335e3 Bisecting: 160 revisions left to test after this (roughly 7 steps) [2c207985f354dfb549e5a543102a3e084eea81f6] mm/oom_kill.c: remove redundant OOM score normalization in select_bad_process() testing commit 2c207985f354dfb549e5a543102a3e084eea81f6 with gcc (GCC) 8.1.0 kernel signature: 755a8e238cb4bf13b117a88e9bcbb10341a5079a2457527bdf1213a73f94a70e all runs: OK # git bisect good 2c207985f354dfb549e5a543102a3e084eea81f6 Bisecting: 80 revisions left to test after this (roughly 6 steps) [209de31034522fae53f789f52c9461c557011d70] staging: most-core: Use bus_find_device_by_name testing commit 209de31034522fae53f789f52c9461c557011d70 with gcc (GCC) 8.1.0 kernel signature: 4b8cfaee328d73814d3aa694160bd120f73249b438304b2a6610541d8371b0ed all runs: OK # git bisect good 209de31034522fae53f789f52c9461c557011d70 Bisecting: 37 revisions left to test after this (roughly 5 steps) [74e80d81cc7e2b445c28c88cf3b2fa944ae73555] Merge tag 'ib-mfd-cros-v5.3' into chrome-platform/for-next testing commit 74e80d81cc7e2b445c28c88cf3b2fa944ae73555 with gcc (GCC) 8.1.0 kernel signature: b157ad935928476b2184ab032edef33b00267d7398e4a7c86c4dd23dd168a261 all runs: OK # git bisect good 74e80d81cc7e2b445c28c88cf3b2fa944ae73555 Bisecting: 18 revisions left to test after this (roughly 4 steps) [62a6bc3a1e4f4ee9ae0076fa295f9af1c3725ce3] driver: core: Allow subsystems to continue deferring probe testing commit 62a6bc3a1e4f4ee9ae0076fa295f9af1c3725ce3 with gcc (GCC) 8.1.0 kernel signature: dd1573a57907ed18ed662155165dc1c2609080a705650778d8041923b7f76ede all runs: OK # git bisect good 62a6bc3a1e4f4ee9ae0076fa295f9af1c3725ce3 Bisecting: 9 revisions left to test after this (roughly 3 steps) [9eecd07b34507de9d6a9c264d13d30e1ee5fabe8] platform/chrome: cros_ec_lpc_mec: Fix kernel-doc comment first line testing commit 9eecd07b34507de9d6a9c264d13d30e1ee5fabe8 with gcc (GCC) 8.1.0 kernel signature: 7714d0c2d0fd689fc304abac702b3bb8077113248f6d8984b71d1c752f3e84cf all runs: OK # git bisect good 9eecd07b34507de9d6a9c264d13d30e1ee5fabe8 Bisecting: 4 revisions left to test after this (roughly 2 steps) [d7d170a8e357bd9926cc6bfea5c2385c2eac65b2] Merge tag 'tag-chrome-platform-for-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/chrome-platform/linux testing commit d7d170a8e357bd9926cc6bfea5c2385c2eac65b2 with gcc (GCC) 8.1.0 kernel signature: 2307260ca4b23610d2c0dedb76e3335f045e77b1283a7772153c68f1bd73469a all runs: OK # git bisect good d7d170a8e357bd9926cc6bfea5c2385c2eac65b2 Bisecting: 2 revisions left to test after this (roughly 1 step) [0979cf95d201f7e9c7c060b96795f39733d2ed6e] orangefs: fix build warning from debugfs cleanup patch testing commit 0979cf95d201f7e9c7c060b96795f39733d2ed6e with gcc (GCC) 8.1.0 kernel signature: d81435c14d0d44c20cc2915b91d16baca576994e78406b9d5a42f6481e242033 all runs: OK # git bisect good 0979cf95d201f7e9c7c060b96795f39733d2ed6e Bisecting: 1 revision left to test after this (roughly 1 step) [c33d442328f556460b79aba6058adb37bb555389] debugfs: make error message a bit more verbose testing commit c33d442328f556460b79aba6058adb37bb555389 with gcc (GCC) 8.1.0 kernel signature: 1f17d222a3ef7fec58d6cbf1e696efd07fa4da50ba171a34ffd05d412f2493c8 all runs: OK # git bisect good c33d442328f556460b79aba6058adb37bb555389 Bisecting: 0 revisions left to test after this (roughly 0 steps) [ef8f3d48afd6a17a0dae8c277c2f539c2f19fd16] Merge branch 'akpm' (patches from Andrew) testing commit ef8f3d48afd6a17a0dae8c277c2f539c2f19fd16 with gcc (GCC) 8.1.0 kernel signature: 2d545dbe982224fc94089f1aa879bd6be5255530a5224457be6e8076f69eb84e run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: crashed: general protection fault in send_hsr_supervision_frame run #8: OK run #9: OK # git bisect bad ef8f3d48afd6a17a0dae8c277c2f539c2f19fd16 ef8f3d48afd6a17a0dae8c277c2f539c2f19fd16 is the first bad commit commit ef8f3d48afd6a17a0dae8c277c2f539c2f19fd16 Merge: d7d170a8e357 2c207985f354 Author: Linus Torvalds Date: Fri Jul 12 11:40:28 2019 -0700 Merge branch 'akpm' (patches from Andrew) Merge updates from Andrew Morton: "Am experimenting with splitting MM up into identifiable subsystems perhaps with a view to gitifying it in complex ways. Also with more verbose "incoming" emails. Most of MM is here and a few other trees. Subsystems affected by this patch series: - hotfixes - iommu - scripts - arch/sh - ocfs2 - mm:slab-generic - mm:slub - mm:kmemleak - mm:kasan - mm:cleanups - mm:debug - mm:pagecache - mm:swap - mm:memcg - mm:gup - mm:pagemap - mm:infrastructure - mm:vmalloc - mm:initialization - mm:pagealloc - mm:vmscan - mm:tools - mm:proc - mm:ras - mm:oom-kill hotfixes: mm: vmscan: scan anonymous pages on file refaults mm/nvdimm: add is_ioremap_addr and use that to check ioremap address mm/memcontrol: fix wrong statistics in memory.stat mm/z3fold.c: lock z3fold page before __SetPageMovable() nilfs2: do not use unexported cpu_to_le32()/le32_to_cpu() in uapi header MAINTAINERS: nilfs2: update email address iommu: include/linux/dmar.h: replace single-char identifiers in macros scripts: scripts/decode_stacktrace: match basepath using shell prefix operator, not regex scripts/decode_stacktrace: look for modules with .ko.debug extension scripts/spelling.txt: drop "sepc" from the misspelling list scripts/spelling.txt: add spelling fix for prohibited scripts/decode_stacktrace: Accept dash/underscore in modules scripts/spelling.txt: add more spellings to spelling.txt arch/sh: arch/sh/configs/sdk7786_defconfig: remove CONFIG_LOGFS sh: config: remove left-over BACKLIGHT_LCD_SUPPORT sh: prevent warnings when using iounmap ocfs2: fs: ocfs: fix spelling mistake "hearbeating" -> "heartbeat" ocfs2/dlm: use struct_size() helper ocfs2: add last unlock times in locking_state ocfs2: add locking filter debugfs file ocfs2: add first lock wait time in locking_state ocfs: no need to check return value of debugfs_create functions fs/ocfs2/dlmglue.c: unneeded variable: "status" ocfs2: use kmemdup rather than duplicating its implementation mm:slab-generic: Patch series "mm/slab: Improved sanity checking": mm/slab: validate cache membership under freelist hardening mm/slab: sanity-check page type when looking up cache lkdtm/heap: add tests for freelist hardening mm:slub: mm/slub.c: avoid double string traverse in kmem_cache_flags() slub: don't panic for memcg kmem cache creation failure mm:kmemleak: mm/kmemleak.c: fix check for softirq context mm/kmemleak.c: change error at _write when kmemleak is disabled docs: kmemleak: add more documentation details mm:kasan: mm/kasan: print frame description for stack bugs Patch series "Bitops instrumentation for KASAN", v5: lib/test_kasan: add bitops tests x86: use static_cpu_has in uaccess region to avoid instrumentation asm-generic, x86: add bitops instrumentation for KASAN Patch series "mm/kasan: Add object validation in ksize()", v3: mm/kasan: introduce __kasan_check_{read,write} mm/kasan: change kasan_check_{read,write} to return boolean lib/test_kasan: Add test for double-kzfree detection mm/slab: refactor common ksize KASAN logic into slab_common.c mm/kasan: add object validation in ksize() mm:cleanups: include/linux/pfn_t.h: remove pfn_t_to_virt() Patch series "remove ARCH_SELECT_MEMORY_MODEL where it has no effect": arm: remove ARCH_SELECT_MEMORY_MODEL s390: remove ARCH_SELECT_MEMORY_MODEL sparc: remove ARCH_SELECT_MEMORY_MODEL mm/gup.c: make follow_page_mask() static mm/memory.c: trivial clean up in insert_page() mm: make !CONFIG_HUGE_PAGE wrappers into static inlines include/linux/mm_types.h: ifdef struct vm_area_struct::swap_readahead_info mm: remove the account_page_dirtied export mm/page_isolation.c: change the prototype of undo_isolate_page_range() include/linux/vmpressure.h: use spinlock_t instead of struct spinlock mm: remove the exporting of totalram_pages include/linux/pagemap.h: document trylock_page() return value mm:debug: mm/failslab.c: by default, do not fail allocations with direct reclaim only Patch series "debug_pagealloc improvements": mm, debug_pagelloc: use static keys to enable debugging mm, page_alloc: more extensive free page checking with debug_pagealloc mm, debug_pagealloc: use a page type instead of page_ext flag mm:pagecache: Patch series "fix filler_t callback type mismatches", v2: mm/filemap.c: fix an overly long line in read_cache_page mm/filemap: don't cast ->readpage to filler_t for do_read_cache_page jffs2: pass the correct prototype to read_cache_page 9p: pass the correct prototype to read_cache_page mm/filemap.c: correct the comment about VM_FAULT_RETRY mm:swap: mm, swap: fix race between swapoff and some swap operations mm/swap_state.c: simplify total_swapcache_pages() with get_swap_device() mm, swap: use rbtree for swap_extent mm/mincore.c: fix race between swapoff and mincore mm:memcg: memcg, oom: no oom-kill for __GFP_RETRY_MAYFAIL memcg, fsnotify: no oom-kill for remote memcg charging mm, memcg: introduce memory.events.local mm: memcontrol: dump memory.stat during cgroup OOM Patch series "mm: reparent slab memory on cgroup removal", v7: mm: memcg/slab: postpone kmem_cache memcg pointer initialization to memcg_link_cache() mm: memcg/slab: rename slab delayed deactivation functions and fields mm: memcg/slab: generalize postponed non-root kmem_cache deactivation mm: memcg/slab: introduce __memcg_kmem_uncharge_memcg() mm: memcg/slab: unify SLAB and SLUB page accounting mm: memcg/slab: don't check the dying flag on kmem_cache creation mm: memcg/slab: synchronize access to kmem_cache dying flag using a spinlock mm: memcg/slab: rework non-root kmem_cache lifecycle management mm: memcg/slab: stop setting page->mem_cgroup pointer for slab pages mm: memcg/slab: reparent memcg kmem_caches on cgroup removal mm, memcg: add a memcg_slabinfo debugfs file mm:gup: Patch series "switch the remaining architectures to use generic GUP", v4: mm: use untagged_addr() for get_user_pages_fast addresses mm: simplify gup_fast_permitted mm: lift the x86_32 PAE version of gup_get_pte to common code MIPS: use the generic get_user_pages_fast code sh: add the missing pud_page definition sh: use the generic get_user_pages_fast code sparc64: add the missing pgd_page definition sparc64: define untagged_addr() sparc64: use the generic get_user_pages_fast code mm: rename CONFIG_HAVE_GENERIC_GUP to CONFIG_HAVE_FAST_GUP mm: reorder code blocks in gup.c mm: consolidate the get_user_pages* implementations mm: validate get_user_pages_fast flags mm: move the powerpc hugepd code to mm/gup.c mm: switch gup_hugepte to use try_get_compound_head mm: mark the page referenced in gup_hugepte mm/gup: speed up check_and_migrate_cma_pages() on huge page mm/gup.c: remove some BUG_ONs from get_gate_page() mm/gup.c: mark undo_dev_pagemap as __maybe_unused mm:pagemap: asm-generic, x86: introduce generic pte_{alloc,free}_one[_kernel] alpha: switch to generic version of pte allocation arm: switch to generic version of pte allocation arm64: switch to generic version of pte allocation csky: switch to generic version of pte allocation m68k: sun3: switch to generic version of pte allocation mips: switch to generic version of pte allocation nds32: switch to generic version of pte allocation nios2: switch to generic version of pte allocation parisc: switch to generic version of pte allocation riscv: switch to generic version of pte allocation um: switch to generic version of pte allocation unicore32: switch to generic version of pte allocation mm/pgtable: drop pgtable_t variable from pte_fn_t functions mm/memory.c: fail when offset == num in first check of __vm_map_pages() mm:infrastructure: mm/mmu_notifier: use hlist_add_head_rcu() mm:vmalloc: Patch series "Some cleanups for the KVA/vmalloc", v5: mm/vmalloc.c: remove "node" argument mm/vmalloc.c: preload a CPU with one object for split purpose mm/vmalloc.c: get rid of one single unlink_va() when merge mm/vmalloc.c: switch to WARN_ON() and move it under unlink_va() mm/vmalloc.c: spelling> s/informaion/information/ mm:initialization: mm/large system hash: use vmalloc for size > MAX_ORDER when !hashdist mm/large system hash: clear hashdist when only one node with memory is booted mm:pagealloc: arm64: move jump_label_init() before parse_early_param() Patch series "add init_on_alloc/init_on_free boot options", v10: mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options mm: init: report memory auto-initialization features at boot time mm:vmscan: mm: vmscan: remove double slab pressure by inc'ing sc->nr_scanned mm: vmscan: correct some vmscan counters for THP swapout mm:tools: tools/vm/slabinfo: order command line options tools/vm/slabinfo: add partial slab listing to -X tools/vm/slabinfo: add option to sort by partial slabs tools/vm/slabinfo: add sorting info to help menu mm:proc: proc: use down_read_killable mmap_sem for /proc/pid/maps proc: use down_read_killable mmap_sem for /proc/pid/smaps_rollup proc: use down_read_killable mmap_sem for /proc/pid/pagemap proc: use down_read_killable mmap_sem for /proc/pid/clear_refs proc: use down_read_killable mmap_sem for /proc/pid/map_files mm: use down_read_killable for locking mmap_sem in access_remote_vm mm: smaps: split PSS into components mm: vmalloc: show number of vmalloc pages in /proc/meminfo mm:ras: mm/memory-failure.c: clarify error message mm:oom-kill: mm: memcontrol: use CSS_TASK_ITER_PROCS at mem_cgroup_scan_tasks() mm, oom: refactor dump_tasks for memcg OOMs mm, oom: remove redundant task_in_mem_cgroup() check oom: decouple mems_allowed from oom_unkillable_task mm/oom_kill.c: remove redundant OOM score normalization in select_bad_process()" * akpm: (147 commits) mm/oom_kill.c: remove redundant OOM score normalization in select_bad_process() oom: decouple mems_allowed from oom_unkillable_task mm, oom: remove redundant task_in_mem_cgroup() check mm, oom: refactor dump_tasks for memcg OOMs mm: memcontrol: use CSS_TASK_ITER_PROCS at mem_cgroup_scan_tasks() mm/memory-failure.c: clarify error message mm: vmalloc: show number of vmalloc pages in /proc/meminfo mm: smaps: split PSS into components mm: use down_read_killable for locking mmap_sem in access_remote_vm proc: use down_read_killable mmap_sem for /proc/pid/map_files proc: use down_read_killable mmap_sem for /proc/pid/clear_refs proc: use down_read_killable mmap_sem for /proc/pid/pagemap proc: use down_read_killable mmap_sem for /proc/pid/smaps_rollup proc: use down_read_killable mmap_sem for /proc/pid/maps tools/vm/slabinfo: add sorting info to help menu tools/vm/slabinfo: add option to sort by partial slabs tools/vm/slabinfo: add partial slab listing to -X tools/vm/slabinfo: order command line options mm: vmscan: correct some vmscan counters for THP swapout mm: vmscan: remove double slab pressure by inc'ing sc->nr_scanned ... Documentation/ABI/testing/procfs-smaps_rollup | 14 +- Documentation/admin-guide/cgroup-v2.rst | 10 + Documentation/admin-guide/kernel-parameters.txt | 19 +- Documentation/core-api/kernel-api.rst | 2 +- Documentation/dev-tools/kmemleak.rst | 48 +- Documentation/filesystems/proc.txt | 41 +- MAINTAINERS | 2 +- arch/alpha/include/asm/pgalloc.h | 40 +- arch/arm/Kconfig | 8 +- arch/arm/include/asm/pgalloc.h | 41 +- arch/arm/kernel/efi.c | 3 +- arch/arm/mm/dma-mapping.c | 3 +- arch/arm/mm/mmu.c | 2 +- arch/arm/mm/pageattr.c | 3 +- arch/arm64/Kconfig | 4 +- arch/arm64/include/asm/pgalloc.h | 47 +- arch/arm64/kernel/efi.c | 3 +- arch/arm64/kernel/setup.c | 5 + arch/arm64/kernel/smp.c | 5 - arch/arm64/mm/mmu.c | 2 +- arch/arm64/mm/pageattr.c | 3 +- arch/arm64/mm/pgd.c | 6 +- arch/csky/include/asm/pgalloc.h | 30 +- arch/m68k/include/asm/sun3_pgalloc.h | 41 +- arch/mips/Kconfig | 2 + arch/mips/include/asm/pgalloc.h | 33 +- arch/mips/include/asm/pgtable.h | 3 + arch/mips/mm/Makefile | 1 - arch/mips/mm/gup.c | 303 ----------- arch/nds32/include/asm/pgalloc.h | 31 +- arch/nios2/include/asm/pgalloc.h | 37 +- arch/parisc/include/asm/pgalloc.h | 33 +- arch/powerpc/Kconfig | 3 +- arch/powerpc/include/asm/pgtable.h | 14 + arch/powerpc/kvm/book3s_xics.c | 2 +- arch/powerpc/mm/hugetlbpage.c | 72 --- arch/riscv/include/asm/pgalloc.h | 29 +- arch/s390/Kconfig | 5 +- arch/s390/include/asm/pgtable.h | 8 +- arch/sh/Kconfig | 2 + arch/sh/configs/hp6xx_defconfig | 1 - arch/sh/configs/sdk7786_defconfig | 1 - arch/sh/configs/sh2007_defconfig | 1 - arch/sh/include/asm/io.h | 6 +- arch/sh/include/asm/pgtable-3level.h | 3 + arch/sh/include/asm/pgtable.h | 37 ++ arch/sh/mm/Makefile | 2 +- arch/sh/mm/gup.c | 277 ---------- arch/sparc/Kconfig | 4 +- arch/sparc/include/asm/pgtable_64.h | 43 ++ arch/sparc/mm/Makefile | 2 +- arch/sparc/mm/gup.c | 340 ------------ arch/um/include/asm/pgalloc.h | 16 +- arch/um/kernel/mem.c | 22 - arch/unicore32/include/asm/pgalloc.h | 36 +- arch/unicore32/include/mach/regs-gpio.h | 2 +- arch/x86/Kconfig | 5 +- arch/x86/ia32/ia32_signal.c | 2 +- arch/x86/include/asm/bitops.h | 189 ++----- arch/x86/include/asm/pgalloc.h | 19 +- arch/x86/include/asm/pgtable-3level.h | 47 -- arch/x86/include/asm/pgtable_64.h | 8 +- arch/x86/kernel/signal.c | 2 +- arch/x86/kvm/mmu.c | 2 +- arch/x86/mm/pgtable.c | 33 +- arch/x86/xen/mmu_pv.c | 3 +- drivers/clk/renesas/r8a77470-cpg-mssr.c | 2 +- drivers/gpu/drm/i915/i915_mm.c | 3 +- drivers/infiniband/core/uverbs_ioctl.c | 2 +- drivers/misc/lkdtm/core.c | 5 + drivers/misc/lkdtm/heap.c | 72 +++ drivers/misc/lkdtm/lkdtm.h | 5 + drivers/net/wireless/realtek/rtlwifi/wifi.h | 2 +- drivers/scsi/lpfc/lpfc_init.c | 2 +- drivers/staging/rtl8723bs/hal/rtl8723b_phycfg.c | 2 +- drivers/xen/gntdev.c | 6 +- drivers/xen/privcmd.c | 6 +- drivers/xen/xlate_mmu.c | 3 +- fs/9p/vfs_addr.c | 6 +- fs/jffs2/file.c | 4 +- fs/jffs2/fs.c | 2 +- fs/jffs2/os-linux.h | 2 +- fs/notify/fanotify/fanotify.c | 5 +- fs/notify/inotify/inotify_fsnotify.c | 8 +- fs/ocfs2/alloc.c | 10 +- fs/ocfs2/blockcheck.c | 56 +- fs/ocfs2/blockcheck.h | 7 +- fs/ocfs2/cluster/heartbeat.c | 102 +--- fs/ocfs2/cluster/heartbeat.h | 2 +- fs/ocfs2/cluster/netdebug.c | 39 +- fs/ocfs2/cluster/nodemanager.c | 4 +- fs/ocfs2/cluster/quorum.c | 2 +- fs/ocfs2/cluster/tcp.c | 5 +- fs/ocfs2/cluster/tcp.h | 5 +- fs/ocfs2/dlm/dlmdebug.c | 44 +- fs/ocfs2/dlm/dlmdebug.h | 10 +- fs/ocfs2/dlm/dlmdomain.c | 10 +- fs/ocfs2/dlm/dlmmaster.c | 2 +- fs/ocfs2/dlm/dlmrecovery.c | 8 +- fs/ocfs2/dlmglue.c | 96 +++- fs/ocfs2/localalloc.c | 6 +- fs/ocfs2/ocfs2.h | 4 + fs/ocfs2/super.c | 29 +- fs/proc/base.c | 31 +- fs/proc/meminfo.c | 2 +- fs/proc/task_mmu.c | 115 ++-- fs/proc/task_nommu.c | 6 +- include/asm-generic/bitops-instrumented.h | 263 +++++++++ include/asm-generic/pgalloc.h | 107 +++- include/linux/dmar.h | 14 +- include/linux/hugetlb.h | 120 +++-- include/linux/kasan-checks.h | 43 +- include/linux/kasan.h | 7 +- include/linux/memcontrol.h | 24 +- include/linux/mm.h | 57 +- include/linux/mm_types.h | 2 + include/linux/oom.h | 1 - include/linux/page-flags.h | 6 + include/linux/page-isolation.h | 2 +- include/linux/page_ext.h | 1 - include/linux/pagemap.h | 6 +- include/linux/pfn_t.h | 7 - include/linux/slab.h | 16 +- include/linux/swap.h | 18 +- include/linux/vmalloc.h | 2 + include/linux/vmpressure.h | 2 +- include/uapi/linux/nilfs2_ondisk.h | 24 +- init/main.c | 24 + kernel/iomem.c | 2 +- lib/test_kasan.c | 98 +++- mm/Kconfig | 16 +- mm/Kconfig.debug | 14 +- mm/Makefile | 4 +- mm/dmapool.c | 4 +- mm/failslab.c | 3 +- mm/filemap.c | 19 +- mm/gup.c | 674 +++++++++++++++--------- mm/kasan/common.c | 14 +- mm/kasan/generic.c | 13 +- mm/kasan/kasan.h | 15 +- mm/kasan/report.c | 165 ++++++ mm/kasan/tags.c | 12 +- mm/kmemleak.c | 4 +- mm/list_lru.c | 3 +- mm/memcontrol.c | 461 +++++++++------- mm/memory-failure.c | 2 +- mm/memory.c | 15 +- mm/mincore.c | 12 +- mm/mmu_notifier.c | 2 +- mm/nommu.c | 91 +--- mm/oom_kill.c | 131 ++--- mm/page-writeback.c | 1 - mm/page_alloc.c | 234 +++++--- mm/page_ext.c | 3 - mm/page_io.c | 2 +- mm/page_isolation.c | 3 +- mm/slab.c | 79 ++- mm/slab.h | 199 +++++-- mm/slab_common.c | 269 +++++++--- mm/slob.c | 4 +- mm/slub.c | 86 ++- mm/swap_state.c | 49 +- mm/swapfile.c | 291 ++++++---- mm/util.c | 47 -- mm/vmalloc.c | 108 ++-- mm/vmscan.c | 74 ++- mm/z3fold.c | 12 +- net/core/sock.c | 2 +- scripts/decode_stacktrace.sh | 4 +- scripts/spelling.txt | 36 +- security/Kconfig.hardening | 29 + tools/vm/slabinfo.c | 118 +++-- virt/kvm/arm/mmu.c | 2 +- 173 files changed, 3586 insertions(+), 3381 deletions(-) delete mode 100644 arch/mips/mm/gup.c delete mode 100644 arch/sh/mm/gup.c delete mode 100644 arch/sparc/mm/gup.c create mode 100644 include/asm-generic/bitops-instrumented.h revisions tested: 20, total time: 5h13m43.773616265s (build: 2h2m56.547182863s, test: 3h8m59.091004541s) first bad commit: ef8f3d48afd6a17a0dae8c277c2f539c2f19fd16 Merge branch 'akpm' (patches from Andrew) cc: ["aou@eecs.berkeley.edu" "arnd@arndb.de" "deanbo422@gmail.com" "green.hu@gmail.com" "gregkh@linuxfoundation.org" "guoren@kernel.org" "keescook@chromium.org" "linux-kernel@vger.kernel.org" "linux-riscv@lists.infradead.org" "palmer@sifive.com" "torvalds@linux-foundation.org"] crash: general protection fault in send_hsr_supervision_frame kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.2.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:send_hsr_supervision_frame+0x30/0xf60 net/hsr/hsr_device.c:255 Code: 89 e5 41 57 41 56 41 55 49 89 fd 41 54 41 89 d4 48 89 c2 53 48 c1 ea 03 48 83 ec 50 48 89 45 d0 48 b8 00 00 00 00 00 fc ff df <80> 3c 02 00 89 75 c8 0f 85 83 0c 00 00 48 b8 00 00 00 00 00 fc ff RSP: 0018:ffff8880ae909c68 EFLAGS: 00010282 RAX: dffffc0000000000 RBX: ffff8880a5f41940 RCX: 1ffff11015d2137b RDX: 0000000000000002 RSI: 0000000000000017 RDI: 0000000000000000 RBP: ffff8880ae909ce0 R08: 0000000000000000 R09: 0000000000000000 R10: fffffbfff12d0067 R11: ffff8880a98de340 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff86fff370 FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fa9c4610140 CR3: 00000000a5336000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: hsr_announce+0xd9/0x2b0 net/hsr/hsr_device.c:339 call_timer_fn+0x169/0x570 kernel/time/timer.c:1322 expire_timers kernel/time/timer.c:1366 [inline] __run_timers kernel/time/timer.c:1685 [inline] run_timer_softirq+0xd85/0x13c0 kernel/time/timer.c:1698 __do_softirq+0x262/0x9a8 kernel/softirq.c:292 invoke_softirq kernel/softirq.c:373 [inline] irq_exit+0x19a/0x1d0 kernel/softirq.c:413 exiting_irq arch/x86/include/asm/apic.h:537 [inline] smp_apic_timer_interrupt+0x1a6/0x5f0 arch/x86/kernel/apic/apic.c:1095 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:828 RIP: 0010:native_safe_halt+0x12/0x20 arch/x86/include/asm/irqflags.h:61 Code: fe ff ff 48 89 df e8 7d 65 8e fa eb 9c 90 90 90 90 90 90 90 90 90 90 90 55 48 89 e5 e9 07 00 00 00 0f 00 2d c0 8c 5c 00 fb f4 <5d> c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 e9 07 00 00 RSP: 0018:ffff8880a98efd68 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 RAX: dffffc0000000000 RBX: ffff8880a98de340 RCX: ffffffff870adfed RDX: 1ffffffff1124f7d RSI: 0000000000000008 RDI: ffffffff88927be8 RBP: ffff8880a98efd68 R08: ffffed101531bc69 R09: ffffed101531bc69 R10: ffffed101531bc68 R11: ffff8880a98de347 R12: 0000000000000001 R13: 0000000000000001 R14: ffffffff88927bd8 R15: 0000000000000000 arch_safe_halt arch/x86/include/asm/paravirt.h:156 [inline] default_idle+0x51/0x340 arch/x86/kernel/process.c:580 arch_cpu_idle+0xa/0x10 arch/x86/kernel/process.c:571 default_idle_call+0x87/0xa0 kernel/sched/idle.c:94 cpuidle_idle_call kernel/sched/idle.c:154 [inline] do_idle+0x488/0x750 kernel/sched/idle.c:263 cpu_startup_entry+0x18/0x20 kernel/sched/idle.c:354 start_secondary+0x327/0x420 arch/x86/kernel/smpboot.c:264 secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:243 Modules linked in: ---[ end trace 876c5e95dea11b40 ]--- RIP: 0010:send_hsr_supervision_frame+0x30/0xf60 net/hsr/hsr_device.c:255 Code: 89 e5 41 57 41 56 41 55 49 89 fd 41 54 41 89 d4 48 89 c2 53 48 c1 ea 03 48 83 ec 50 48 89 45 d0 48 b8 00 00 00 00 00 fc ff df <80> 3c 02 00 89 75 c8 0f 85 83 0c 00 00 48 b8 00 00 00 00 00 fc ff RSP: 0018:ffff8880ae909c68 EFLAGS: 00010282 RAX: dffffc0000000000 RBX: ffff8880a5f41940 RCX: 1ffff11015d2137b RDX: 0000000000000002 RSI: 0000000000000017 RDI: 0000000000000000 RBP: ffff8880ae909ce0 R08: 0000000000000000 R09: 0000000000000000 R10: fffffbfff12d0067 R11: ffff8880a98de340 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff86fff370 FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fa9c4610140 CR3: 00000000a5336000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400