bisecting cause commit starting from a409ed156a90093a03fe6a93721ddf4c591eac87 building syzkaller on 04201c0669446145fd9c347c5538da0ca13ff29b testing commit a409ed156a90093a03fe6a93721ddf4c591eac87 with gcc (GCC) 8.1.0 kernel signature: 0c71ca32d45abaa59002d94e5402f83576a4e5d16c1ed8e82c2228b37d4233e4 run #0: crashed: WARNING: locking bug in l2cap_sock_teardown_cb run #1: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #2: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #3: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #4: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #5: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #6: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #7: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #8: crashed: WARNING: refcount bug in l2cap_sock_kill run #9: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb testing release v5.10 testing commit 2c85ebc57b3e1817b6ce1a6b703928e113a90442 with gcc (GCC) 8.1.0 kernel signature: 5890dbd4a724521c4141fab48a93c323b869b8fc76772a8d8f5dfdfb7cda23ff run #0: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #1: crashed: BUG: unable to handle kernel paging request in lock_sock_nested run #2: crashed: WARNING: refcount bug in l2cap_sock_kill run #3: crashed: BUG: unable to handle kernel paging request in lock_sock_nested run #4: crashed: general protection fault in l2cap_chan_put run #5: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #6: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #7: crashed: WARNING: refcount bug in l2cap_chan_timeout run #8: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #9: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb testing release v5.9 testing commit bbf5c979011a099af5dc76498918ed7df445635b with gcc (GCC) 8.1.0 kernel signature: 009873c63d63503b9b24b1156022994368ad09e1de19ba741c1ffd56810f8eae run #0: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #1: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #2: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #3: crashed: WARNING: refcount bug in l2cap_chan_timeout run #4: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #5: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #6: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #7: crashed: WARNING: refcount bug in l2cap_sock_kill run #8: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #9: crashed: WARNING: locking bug in l2cap_sock_teardown_cb testing release v5.8 testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.1.0 kernel signature: e340a27f3e034420c52b8d9ee1bafc52040ac244d77348dbb5cfe95ddb362496 run #0: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #1: crashed: WARNING: refcount bug in l2cap_sock_kill run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in l2cap_chan_put run #3: crashed: WARNING: locking bug in l2cap_sock_teardown_cb run #4: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #5: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #6: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #7: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #8: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #9: crashed: WARNING: refcount bug in l2cap_sock_kill testing release v5.7 testing commit 3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162 with gcc (GCC) 8.1.0 kernel signature: e1992b07555db0d1114efe7c2eb66de1cb5e1a10856de4661b21d4f748a3d240 run #0: crashed: KASAN: use-after-free Read in lock_sock_nested run #1: crashed: KASAN: use-after-free Read in lock_sock_nested run #2: crashed: KASAN: use-after-free Read in lock_sock_nested run #3: crashed: KASAN: use-after-free Read in lock_sock_nested run #4: crashed: KASAN: use-after-free Read in lock_sock_nested run #5: crashed: KASAN: slab-out-of-bounds Read in lock_sock_nested run #6: crashed: KASAN: use-after-free Read in lock_sock_nested run #7: crashed: KASAN: use-after-free Read in lock_sock_nested run #8: crashed: KASAN: use-after-free Read in lock_sock_nested run #9: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v5.6 testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.1.0 kernel signature: cefe7ee13cc830a1cd8cae4749437488fa8e49bd6bd6eec3ebff54502b330b8b run #0: crashed: KASAN: use-after-free Read in lock_sock_nested run #1: crashed: WARNING in lock_sock_nested run #2: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #3: crashed: KASAN: use-after-free Read in lock_sock_nested run #4: crashed: KASAN: use-after-free Read in lock_sock_nested run #5: crashed: KASAN: use-after-free Read in lock_sock_nested run #6: crashed: KASAN: slab-out-of-bounds Read in lock_sock_nested run #7: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #8: crashed: KASAN: use-after-free Read in lock_sock_nested run #9: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: dccf49ca5c9e1b9de402f8f2421bf4239df2d89a13622c72d99c09dce9e3002c all runs: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v5.4 testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0 kernel signature: 446571ac676ddbed19db2579c5acf6a11ebd121ecbdb14eb2ba0512fc483634f run #0: crashed: KASAN: use-after-free Read in lock_sock_nested run #1: crashed: KASAN: slab-out-of-bounds Read in lock_sock_nested run #2: crashed: KASAN: use-after-free Read in lock_sock_nested run #3: crashed: KASAN: use-after-free Read in lock_sock_nested run #4: crashed: KASAN: use-after-free Read in lock_sock_nested run #5: crashed: KASAN: use-after-free Read in lock_sock_nested run #6: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb run #7: crashed: KASAN: slab-out-of-bounds Read in lock_sock_nested run #8: crashed: KASAN: use-after-free Read in lock_sock_nested run #9: crashed: KASAN: slab-out-of-bounds Read in lock_sock_nested testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0 kernel signature: ce9367509403d2095107fbb279b5255973f0209cd82e00985c7d85645d08a7cc all runs: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 kernel signature: 78b3cf7f7e7909ee1ca028c184aca224f2171991c626678f98134f3ab77c1473 all runs: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v5.1 testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0 kernel signature: 9246ca26b4777446f510caf820891df5de56ffb3ef3b1ca60a140a66c6a140a5 all runs: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v5.0 testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 with gcc (GCC) 8.1.0 kernel signature: 24f5e612743b27cb71df6cf8b24ed3e2034f75727b706054333a015c3397ebf1 run #0: crashed: KASAN: slab-out-of-bounds Read in lock_sock_nested run #1: crashed: KASAN: use-after-free Read in lock_sock_nested run #2: crashed: KASAN: use-after-free Read in lock_sock_nested run #3: crashed: KASAN: use-after-free Read in lock_sock_nested run #4: crashed: KASAN: use-after-free Read in lock_sock_nested run #5: crashed: KASAN: use-after-free Read in lock_sock_nested run #6: crashed: KASAN: use-after-free Read in lock_sock_nested run #7: crashed: KASAN: use-after-free Read in lock_sock_nested run #8: crashed: KASAN: use-after-free Read in lock_sock_nested run #9: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v4.20 testing commit 8fe28cb58bcb235034b64cbbb7550a8a43fd88be with gcc (GCC) 8.1.0 kernel signature: 5ae8dbb85b48f9e9fa55ac2b673b3a6005bddb3bb821ada0d332bca8d7a7d763 all runs: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v4.19 testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d with gcc (GCC) 8.1.0 kernel signature: fe82d2bcb875fbdd103fbcd87072accc9e8a8645fcff1e1cc6472e8e6b9487b9 run #0: crashed: KASAN: use-after-free Read in lock_sock_nested run #1: crashed: KASAN: use-after-free Read in lock_sock_nested run #2: crashed: KASAN: use-after-free Read in lock_sock_nested run #3: crashed: KASAN: use-after-free Read in lock_sock_nested run #4: crashed: KASAN: use-after-free Read in lock_sock_nested run #5: crashed: KASAN: use-after-free Read in lock_sock_nested run #6: crashed: KASAN: use-after-free Read in lock_sock_nested run #7: crashed: KASAN: slab-out-of-bounds Read in lock_sock_nested run #8: crashed: KASAN: use-after-free Read in lock_sock_nested run #9: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v4.18 testing commit 94710cac0ef4ee177a63b5227664b38c95bbf703 with gcc (GCC) 8.1.0 kernel signature: f7e71b680ef7dcbb18ab9ab60a63ef26b28c4c7fa2f054dc499f0bce3bef7497 all runs: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v4.17 testing commit 29dcea88779c856c7dc92040a0c01233263101d4 with gcc (GCC) 8.1.0 kernel signature: d96521be9b2dc32a24ad85107deffb51b528646f1cf392947d431c75d95456f6 all runs: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v4.16 testing commit 0adb32858b0bddf4ada5f364a84ed60b196dbcda with gcc (GCC) 8.1.0 kernel signature: 91cf2d181153fbe9e88e61e734a5e0dbd5f71e405b360f2537fe0492b435c797 all runs: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v4.15 testing commit d8a5b80568a9cb66810e75b182018e9edb68e8ff with gcc (GCC) 8.1.0 kernel signature: 00fec7764fad250908b1a0e6fd84a70c580432efb8691c7b799c249e600881d4 run #0: crashed: KASAN: use-after-free Read in lock_sock_nested run #1: crashed: KASAN: use-after-free Read in lock_sock_nested run #2: crashed: KASAN: use-after-free Read in lock_sock_nested run #3: crashed: KASAN: slab-out-of-bounds Read in lock_sock_nested run #4: crashed: KASAN: use-after-free Read in lock_sock_nested run #5: crashed: KASAN: use-after-free Read in lock_sock_nested run #6: crashed: KASAN: use-after-free Read in lock_sock_nested run #7: crashed: KASAN: use-after-free Read in lock_sock_nested run #8: crashed: KASAN: use-after-free Read in lock_sock_nested run #9: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v4.14 testing commit bebc6082da0a9f5d47a1ea2edc099bf671058bd4 with gcc (GCC) 8.1.0 kernel signature: 8d8e02400c3d0bda068b2fe3c7b6bd3582c43d25f4d5c71f181c6521d00c296f all runs: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v4.13 testing commit 569dbb88e80deb68974ef6fdd6a13edb9d686261 with gcc (GCC) 8.1.0 kernel signature: 10cd481e3c99900498562575f0cea44ad786364249b7dd8ad96ce25fb79218ef run #0: crashed: KASAN: use-after-free Read in lock_sock_nested run #1: crashed: KASAN: use-after-free Read in lock_sock_nested run #2: crashed: KASAN: use-after-free Read in lock_sock_nested run #3: crashed: KASAN: use-after-free Read in lock_sock_nested run #4: crashed: KASAN: use-after-free Read in lock_sock_nested run #5: crashed: KASAN: use-after-free Read in lock_sock_nested run #6: crashed: KASAN: use-after-free Read in lock_sock_nested run #7: crashed: KASAN: use-after-free Read in lock_sock_nested run #8: crashed: KASAN: use-after-free Read in lock_sock_nested run #9: crashed: KASAN: slab-out-of-bounds Read in lock_sock_nested testing release v4.12 testing commit 6f7da290413ba713f0cdd9ff1a2a9bb129ef4f6c with gcc (GCC) 8.1.0 kernel signature: 5de73b50fc6cac09ea7b62db74ed971e64b7e70ff5b3a0e1c27854567ad253c4 all runs: basic kernel testing failed: BUG: sleeping function called from invalid context in tap_get_minor testing release v4.11 testing commit a351e9b9fc24e982ec2f0e76379a49826036da12 with gcc (GCC) 7.3.0 kernel signature: c7f91f5f313066599bcd9fff42b77ace5a7db4c5934d506f58fae3e31f6750c2 all runs: basic kernel testing failed: BUG: sleeping function called from invalid context in tap_get_minor testing release v4.10 testing commit c470abd4fde40ea6a0846a2beab642a578c0b8cd with gcc (GCC) 5.5.0 kernel signature: a8be69673f74b454493dd76a703def1508e5229437ae052bdec5987c47077b79 all runs: crashed: KASAN: use-after-free Read in lock_sock_nested testing release v4.9 testing commit 69973b830859bc6529a7a0468ba0d80ee5117826 with gcc (GCC) 5.5.0 kernel signature: b8617d4d386d7c236c1ec5f0725c06815dad5aed5ce8531e22deb08d43500144 run #0: basic kernel testing failed: general protection fault in br_multicast_group_expired run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect start c470abd4fde40ea6a0846a2beab642a578c0b8cd 69973b830859bc6529a7a0468ba0d80ee5117826 Bisecting: 7099 revisions left to test after this (roughly 13 steps) [f4000cd99750065d5177555c0a805c97174d1b9f] Merge tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux testing commit f4000cd99750065d5177555c0a805c97174d1b9f with gcc (GCC) 5.5.0 kernel signature: 645a93215ab5e500db5bbb0bebb94debd7026e6cee34d953efe45a93df7abd6e run #0: basic kernel testing failed: failed to copy test binary to VM: timedout ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/bin/linux_amd64/syz-executor" "root@10.128.0.106:./syz-executor"] run #1: boot failed: can't ssh into the instance run #2: boot failed: can't ssh into the instance run #3: boot failed: can't ssh into the instance run #4: boot failed: can't ssh into the instance run #5: boot failed: can't ssh into the instance run #6: boot failed: WARNING: unrecognized kernel stack return address ADDR at ADDR in systemd-udevd:LINE run #7: boot failed: can't ssh into the instance run #8: boot failed: can't ssh into the instance run #9: boot failed: WARNING: unrecognized kernel stack return address ADDR at ADDR in sd-resolve:LINE # git bisect skip f4000cd99750065d5177555c0a805c97174d1b9f Bisecting: 7099 revisions left to test after this (roughly 13 steps) [ab1effc09519f3bb4b84dd6d8276cedf07b17a1b] staging: ks7010: Add blank line after declarations testing commit ab1effc09519f3bb4b84dd6d8276cedf07b17a1b with gcc (GCC) 5.5.0 kernel signature: 74527974836c8087c7a0a7131ed9cc7e82160f22827b29dad0b569ccd44d8c75 all runs: basic kernel testing failed: WARNING in depot_save_stack # git bisect skip ab1effc09519f3bb4b84dd6d8276cedf07b17a1b Bisecting: 7099 revisions left to test after this (roughly 13 steps) [ae7871be189cb41184f1e05742b4a99e2c59774d] swiotlb: Convert swiotlb_force from int to enum testing commit ae7871be189cb41184f1e05742b4a99e2c59774d with gcc (GCC) 5.5.0 kernel signature: 2616355d2fac7b76f5aba2a96ae8512cc9c6f1bc6736db3edddd6bdea46ae8f0 run #0: basic kernel testing failed: failed to copy test binary to VM: failed to run ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/bin/linux_amd64/syz-executor" "root@10.128.1.48:./syz-executor"]: exit status 1 Connection timed out during banner exchange lost connection run #1: basic kernel testing failed: failed to copy test binary to VM: timedout ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/bin/linux_amd64/syz-fuzzer" "root@10.128.0.191:./syz-fuzzer"] Warning: Permanently added '10.128.0.191' (ECDSA) to the list of known hosts. run #2: basic kernel testing failed: failed to copy test binary to VM: failed to run ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/bin/linux_amd64/syz-fuzzer" "root@10.128.10.34:./syz-fuzzer"]: exit status 1 Connection timed out during banner exchange lost connection run #3: basic kernel testing failed: no output from test machine run #4: boot failed: can't ssh into the instance run #5: boot failed: WARNING: unrecognized kernel stack return address ADDR at ADDR in systemd-timesyn:LINE run #6: boot failed: can't ssh into the instance run #7: boot failed: can't ssh into the instance run #8: boot failed: WARNING: unrecognized kernel stack return address ADDR at ADDR in systemd-udevd:LINE run #9: boot failed: can't ssh into the instance # git bisect skip ae7871be189cb41184f1e05742b4a99e2c59774d Bisecting: 7099 revisions left to test after this (roughly 13 steps) [4a2ce27bb5f291c38d8e49ef16899828289e4d3d] i40e: properly cleanup on allocation failure in i40e_sync_vsi_filters testing commit 4a2ce27bb5f291c38d8e49ef16899828289e4d3d with gcc (GCC) 5.5.0 kernel signature: 85e546cc51f26bda6f3a17e7534131392521c97175a7db69cd80f32d65bebfd6 run #0: basic kernel testing failed: general protection fault in br_multicast_group_expired run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good 4a2ce27bb5f291c38d8e49ef16899828289e4d3d Bisecting: 6932 revisions left to test after this (roughly 13 steps) [5084fdf081739b7455c7aeecda6d7b83ec59c85f] Merge tag 'ext4_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 testing commit 5084fdf081739b7455c7aeecda6d7b83ec59c85f with gcc (GCC) 5.5.0 kernel signature: c9f4ca19547cc12f9ff83e8582d95542983dbd24dabd5403e9b484e26cb462f4 run #0: basic kernel testing failed: failed to copy test binary to VM: failed to run ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/bin/linux_amd64/syz-fuzzer" "root@10.128.0.49:./syz-fuzzer"]: exit status 1 Connection timed out during banner exchange lost connection run #1: boot failed: WARNING: unrecognized kernel stack return address ADDR at ADDR in systemd-udevd:LINE run #2: boot failed: WARNING: unrecognized kernel stack return address ADDR at ADDR in systemd-udevd:LINE run #3: boot failed: can't ssh into the instance run #4: boot failed: can't ssh into the instance run #5: boot failed: WARNING: unrecognized kernel stack return address ADDR at ADDR in systemd-timesyn:LINE run #6: boot failed: can't ssh into the instance run #7: boot failed: WARNING: unrecognized kernel stack return address ADDR at ADDR in systemd-udevd:LINE run #8: boot failed: can't ssh into the instance run #9: boot failed: WARNING: unrecognized kernel stack return address ADDR at ADDR in systemd-udevd:LINE # git bisect skip 5084fdf081739b7455c7aeecda6d7b83ec59c85f Bisecting: 6932 revisions left to test after this (roughly 13 steps) [4cc5bed1caeb6d40f2f41c4c5eb83368691fbffb] [media] uvcvideo: Use memdup_user() rather than duplicating its implementation testing commit 4cc5bed1caeb6d40f2f41c4c5eb83368691fbffb with gcc (GCC) 5.5.0 kernel signature: 08e069ebe4317d1926400ae1d49ef88cf511687628f679851334a546c6f11b45 all runs: OK # git bisect good 4cc5bed1caeb6d40f2f41c4c5eb83368691fbffb Bisecting: 6691 revisions left to test after this (roughly 13 steps) [2ec4584eb89b8933d1ee307f2fc9c42e745847d7] Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux testing commit 2ec4584eb89b8933d1ee307f2fc9c42e745847d7 with gcc (GCC) 5.5.0 kernel signature: d115cde310e0dce2806b663f324dc23efe2131fdf1622ea2dcb7413bafb3beaf run #0: basic kernel testing failed: failed to copy test binary to VM: failed to run ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/bin/linux_amd64/syz-executor" "root@10.128.10.36:./syz-executor"]: exit status 1 Connection timed out during banner exchange lost connection run #1: basic kernel testing failed: failed to copy test binary to VM: failed to run ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/bin/linux_amd64/syz-fuzzer" "root@10.128.0.179:./syz-fuzzer"]: exit status 1 Connection timed out during banner exchange lost connection run #2: basic kernel testing failed: lost connection to test machine run #3: basic kernel testing failed: failed to copy test binary to VM: failed to run ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/bin/linux_amd64/syz-fuzzer" "root@10.128.10.37:./syz-fuzzer"]: exit status 1 Connection timed out during banner exchange lost connection run #4: boot failed: WARNING: unrecognized kernel stack return address ADDR at ADDR in (imesyncd):LINE run #5: boot failed: WARNING: unrecognized kernel stack return address ADDR at ADDR in v4l_id:LINE run #6: boot failed: can't ssh into the instance run #7: boot failed: WARNING: unrecognized kernel stack return address ADDR at ADDR in systemd-udevd:LINE run #8: boot failed: can't ssh into the instance run #9: boot failed: can't ssh into the instance # git bisect skip 2ec4584eb89b8933d1ee307f2fc9c42e745847d7 Bisecting: 6691 revisions left to test after this (roughly 13 steps) [ac32378f3eca55123fe917a6bb38e581118de9e3] Merge branch 'phy-broadcom-wirespeed-downshift-support' testing commit ac32378f3eca55123fe917a6bb38e581118de9e3 with gcc (GCC) 5.5.0 kernel signature: 6281ade9b3be6dabbe33c7810f170ce31eb3a330026488f924253975c5b61886 all runs: OK # git bisect good ac32378f3eca55123fe917a6bb38e581118de9e3 Bisecting: 6460 revisions left to test after this (roughly 13 steps) [84b6079134420f4635f23c2088a3892057b23bb0] Merge tag 'configfs-for-4.10' of git://git.infradead.org/users/hch/configfs testing commit 84b6079134420f4635f23c2088a3892057b23bb0 with gcc (GCC) 5.5.0 kernel signature: 795ae3cbafc8c42a8438499f3a6cb80ad1d729389be7d65bf9b5cfe07813d518 run #0: basic kernel testing failed: failed to copy test binary to VM: failed to run ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/bin/linux_amd64/syz-fuzzer" "root@10.128.10.39:./syz-fuzzer"]: exit status 1 Connection timed out during banner exchange lost connection run #1: basic kernel testing failed: failed to copy test binary to VM: failed to run ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/bin/linux_amd64/syz-fuzzer" "root@10.128.10.46:./syz-fuzzer"]: exit status 1 Connection timed out during banner exchange lost connection run #2: basic kernel testing failed: failed to copy test binary to VM: timedout ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/bin/linux_amd64/syz-fuzzer" "root@10.128.1.31:./syz-fuzzer"] Warning: Permanently added '10.128.1.31' (ECDSA) to the list of known hosts. run #3: boot failed: can't ssh into the instance run #4: boot failed: can't ssh into the instance run #5: boot failed: can't ssh into the instance run #6: boot failed: can't ssh into the instance run #7: boot failed: can't ssh into the instance run #8: boot failed: can't ssh into the instance run #9: basic kernel testing failed: no output from test machine # git bisect skip 84b6079134420f4635f23c2088a3892057b23bb0 Bisecting: 6460 revisions left to test after this (roughly 13 steps) [f301606934b240fb54d8edf3618a0483e36046fc] at86rf230: Allow slow GPIO pins for "rstn" testing commit f301606934b240fb54d8edf3618a0483e36046fc with gcc (GCC) 5.5.0 kernel signature: 389790edce3afd6bf8a37082f80e5e899badbf3b40fec145dfeeb94d41f7bb9e all runs: OK # git bisect good f301606934b240fb54d8edf3618a0483e36046fc Bisecting: 700 revisions left to test after this (roughly 10 steps) [9d1d166f18f8f0f332573b8d2e28e5b3291f09c5] Merge tag 'media/v4.10-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media testing commit 9d1d166f18f8f0f332573b8d2e28e5b3291f09c5 with gcc (GCC) 5.5.0 kernel signature: 946019f42e355b5a6111b4021f2a6f4a56ce581d3ff1796ab6bb54582e6a9482 all runs: OK # git bisect good 9d1d166f18f8f0f332573b8d2e28e5b3291f09c5 Bisecting: 343 revisions left to test after this (roughly 9 steps) [79c9089f97d37ffac88c3ddb6d359b2cf75058b7] Merge tag 'drm-fixes-for-v4.10-rc7' of git://people.freedesktop.org/~airlied/linux testing commit 79c9089f97d37ffac88c3ddb6d359b2cf75058b7 with gcc (GCC) 5.5.0 kernel signature: d575cca2a82ae8970e0278e6eb2f3c00c0f1a389dcaeb0b639b68d363dac4941 all runs: OK # git bisect good 79c9089f97d37ffac88c3ddb6d359b2cf75058b7 Bisecting: 177 revisions left to test after this (roughly 8 steps) [55aac6ef53e114c28170ee3f79065cfa8ca9cf3f] Merge git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending testing commit 55aac6ef53e114c28170ee3f79065cfa8ca9cf3f with gcc (GCC) 5.5.0 kernel signature: 4506b2e79c9ecc1e919d2c12ee3782524560e392feb3d5139abf0cbbb120f393 all runs: OK # git bisect good 55aac6ef53e114c28170ee3f79065cfa8ca9cf3f Bisecting: 87 revisions left to test after this (roughly 7 steps) [1ce42845f987e92eabfc6e026d44d826c25c74a5] Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit 1ce42845f987e92eabfc6e026d44d826c25c74a5 with gcc (GCC) 5.5.0 kernel signature: acd3fb1411912fd38bb505e16def714878152bbc2cfddeb6f0a8584ffa24d6d6 all runs: OK # git bisect good 1ce42845f987e92eabfc6e026d44d826c25c74a5 Bisecting: 43 revisions left to test after this (roughly 6 steps) [785f35775d968e0f45231b754e945fcb3ed6bded] dpaa_eth: small leak on error testing commit 785f35775d968e0f45231b754e945fcb3ed6bded with gcc (GCC) 5.5.0 kernel signature: 1fed0087a22dc313d13270ee27b591c1c073fff42640888ca85fa6276ca155e8 all runs: OK # git bisect good 785f35775d968e0f45231b754e945fcb3ed6bded Bisecting: 21 revisions left to test after this (roughly 5 steps) [fc98c3c8c9dcafd67adcce69e6ce3191d5306c9c] printk: use rcuidle console tracepoint testing commit fc98c3c8c9dcafd67adcce69e6ce3191d5306c9c with gcc (GCC) 5.5.0 kernel signature: 945b389eff3506680f027512f9111fcef55e554f555aa41e2967b98c92df6abc all runs: OK # git bisect good fc98c3c8c9dcafd67adcce69e6ce3191d5306c9c Bisecting: 10 revisions left to test after this (roughly 4 steps) [17a984bccde4c9ea34d78de1535760a25ad87993] Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit 17a984bccde4c9ea34d78de1535760a25ad87993 with gcc (GCC) 5.5.0 kernel signature: f5b4012472dffc987b0e28f93fe34b2fb52215f7b4c2317b7c18bd9235c75cf0 all runs: OK # git bisect good 17a984bccde4c9ea34d78de1535760a25ad87993 Bisecting: 3 revisions left to test after this (roughly 3 steps) [2763f92f858f7c4c3198335c0542726eaed07ba3] Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc testing commit 2763f92f858f7c4c3198335c0542726eaed07ba3 with gcc (GCC) 5.5.0 kernel signature: ffc4a863458fd413402caae22860eb993c23850ab35e5a496bf1f75808e63d8f all runs: OK # git bisect good 2763f92f858f7c4c3198335c0542726eaed07ba3 Bisecting: 1 revision left to test after this (roughly 1 step) [fd3fc0b4d7305fa7246622dcc0dec69c42443f45] scsi: don't BUG_ON() empty DMA transfers testing commit fd3fc0b4d7305fa7246622dcc0dec69c42443f45 with gcc (GCC) 5.5.0 kernel signature: aa1797ecc5f08acb48df1b29d3b54c60d4135613814ea372d8c9bc34275ec7b5 all runs: OK # git bisect good fd3fc0b4d7305fa7246622dcc0dec69c42443f45 Bisecting: 0 revisions left to test after this (roughly 0 steps) [137d01df511b3afe1f05499aea05f3bafc0fb221] Fix missing sanity check in /dev/sg testing commit 137d01df511b3afe1f05499aea05f3bafc0fb221 with gcc (GCC) 5.5.0 kernel signature: 277175e6e276486868f6525742d7d00f78bbfc35d7bca47fcd55b90c6c27c852 run #0: basic kernel testing failed: general protection fault in br_multicast_group_expired run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good 137d01df511b3afe1f05499aea05f3bafc0fb221 c470abd4fde40ea6a0846a2beab642a578c0b8cd is the first bad commit commit c470abd4fde40ea6a0846a2beab642a578c0b8cd Author: Linus Torvalds Date: Sun Feb 19 14:34:00 2017 -0800 Linux 4.10 Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) culprit signature: a8be69673f74b454493dd76a703def1508e5229437ae052bdec5987c47077b79 parent signature: 277175e6e276486868f6525742d7d00f78bbfc35d7bca47fcd55b90c6c27c852 revisions tested: 44, total time: 7h45m18.606506478s (build: 3h4m51.834670371s, test: 4h35m18.763385536s) first bad commit: c470abd4fde40ea6a0846a2beab642a578c0b8cd Linux 4.10 recipients (to): ["linux-kbuild@vger.kernel.org" "mmarek@suse.com" "torvalds@linux-foundation.org"] recipients (cc): ["linux-kernel@vger.kernel.org"] crash: KASAN: use-after-free Read in lock_sock_nested NOHZ: local_softirq_pending 08 ================================================================== BUG: KASAN: use-after-free in __lock_acquire+0x4e7a/0x50c0 kernel/locking/lockdep.c:3224 at addr ffff88011ceccb20 Read of size 8 by task kworker/0:0/3 CPU: 0 PID: 3 Comm: kworker/0:0 Not tainted 4.10.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events l2cap_chan_timeout Call Trace: __dump_stack lib/dump_stack.c:15 [inline] dump_stack+0x136/0x1d4 lib/dump_stack.c:51 kasan_object_err+0x1c/0x70 mm/kasan/report.c:162 print_address_description mm/kasan/report.c:200 [inline] kasan_report_error mm/kasan/report.c:289 [inline] kasan_report.part.1+0x1c9/0x480 mm/kasan/report.c:311 kasan_report mm/kasan/report.c:332 [inline] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:332 __lock_acquire+0x4e7a/0x50c0 kernel/locking/lockdep.c:3224 lock_acquire+0x197/0x4b0 kernel/locking/lockdep.c:3753 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:137 [inline] _raw_spin_lock_bh+0x3a/0x50 kernel/locking/spinlock.c:175 spin_lock_bh include/linux/spinlock.h:307 [inline] lock_sock_nested+0x3e/0x100 net/core/sock.c:2523 l2cap_sock_teardown_cb+0x86/0x5d0 net/bluetooth/l2cap_sock.c:1327 l2cap_chan_del+0xa0/0x8d0 net/bluetooth/l2cap_core.c:596 l2cap_chan_close+0x307/0x8a0 net/bluetooth/l2cap_core.c:754 l2cap_chan_timeout+0xe5/0x270 net/bluetooth/l2cap_core.c:427 process_one_work+0x685/0x1660 kernel/workqueue.c:2098 worker_thread+0xe1/0x1110 kernel/workqueue.c:2232 kthread+0x2c9/0x3d0 kernel/kthread.c:227 ret_from_fork+0x31/0x40 arch/x86/entry/entry_64.S:430 Object at ffff88011cecca80, in cache kmalloc-2048 size: 2048 Allocated: PID = 10534 save_stack_trace+0x16/0x20 arch/x86/kernel/stacktrace.c:57 save_stack mm/kasan/kasan.c:502 [inline] set_track mm/kasan/kasan.c:514 [inline] kasan_kmalloc+0xee/0x180 mm/kasan/kasan.c:605 __do_kmalloc mm/slab.c:3724 [inline] __kmalloc+0x162/0x440 mm/slab.c:3733 kmalloc include/linux/slab.h:495 [inline] sk_prot_alloc+0xda/0x260 net/core/sock.c:1340 sk_alloc+0x31/0x9f0 net/core/sock.c:1396 l2cap_sock_alloc.constprop.4+0x28/0x1e0 net/bluetooth/l2cap_sock.c:1589 l2cap_sock_create+0xcb/0x180 net/bluetooth/l2cap_sock.c:1635 bt_sock_create+0x13f/0x250 net/bluetooth/af_bluetooth.c:128 __sock_create+0x2f2/0x580 net/socket.c:1199 sock_create net/socket.c:1239 [inline] SYSC_socket net/socket.c:1269 [inline] SyS_socket+0xd9/0x1e0 net/socket.c:1249 entry_SYSCALL_64_fastpath+0x23/0xc6 Freed: PID = 10534 save_stack_trace+0x16/0x20 arch/x86/kernel/stacktrace.c:57 save_stack mm/kasan/kasan.c:502 [inline] set_track mm/kasan/kasan.c:514 [inline] kasan_slab_free+0xad/0x180 mm/kasan/kasan.c:578 __cache_free mm/slab.c:3502 [inline] kfree+0xd4/0x2d0 mm/slab.c:3819 sk_prot_free net/core/sock.c:1379 [inline] __sk_destruct+0x3b2/0x470 net/core/sock.c:1452 sk_destruct+0x3a/0x60 net/core/sock.c:1460 __sk_free+0x4f/0x1f0 net/core/sock.c:1468 sk_free+0x13/0x20 net/core/sock.c:1479 sock_put include/net/sock.h:1638 [inline] l2cap_sock_kill.part.2+0xdb/0x100 net/bluetooth/l2cap_sock.c:1054 l2cap_sock_kill net/bluetooth/l2cap_sock.c:1193 [inline] l2cap_sock_release+0x189/0x1d0 net/bluetooth/l2cap_sock.c:1203 sock_release+0x83/0x1a0 net/socket.c:599 sock_close+0xd/0x20 net/socket.c:1063 __fput+0x232/0x740 fs/file_table.c:208 ____fput+0x9/0x10 fs/file_table.c:244 task_work_run+0xd9/0x150 kernel/task_work.c:116 get_signal+0x1132/0x1390 kernel/signal.c:2143 do_signal+0x7f/0x1950 arch/x86/kernel/signal.c:807 exit_to_usermode_loop+0x112/0x170 arch/x86/entry/common.c:156 prepare_exit_to_usermode arch/x86/entry/common.c:190 [inline] syscall_return_slowpath+0x251/0x2d0 arch/x86/entry/common.c:259 entry_SYSCALL_64_fastpath+0xc4/0xc6 Memory state around the buggy address: ffff88011cecca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff88011cecca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb >ffff88011ceccb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff88011ceccb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff88011ceccc00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ==================================================================