bisecting cause commit starting from c9c9e6a49f8998e9334507378c08cc16cb3ec0e5 building syzkaller on 54289b0835634ca07a8117613c48b73e9e647d13 testing commit c9c9e6a49f8998e9334507378c08cc16cb3ec0e5 with gcc (GCC) 8.1.0 kernel signature: 4541234348c01859dd04c24fbb594db4fd57dffd5d3a705550fd2425ec6ea35c run #0: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_manage_cell run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_alloc_anon_key run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #4: crashed: BUG: unable to handle kernel paging request in afs_proc_cell_remove run #5: crashed: general protection fault in afs_proc_cell_setup run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_manage_cell run #7: crashed: BUG: unable to handle kernel paging request in afs_proc_cell_remove run #8: crashed: WARNING: proc registration bug in afs_manage_cell run #9: crashed: BUG: unable to handle kernel paging request in afs_proc_cell_remove testing release v5.8 testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.1.0 kernel signature: 2f0c1d883b29499ca3eea3b8e19f74eefabd8df8a23d7f7510df86b67b3ff5a4 run #0: crashed: BUG: unable to handle kernel paging request in afs_proc_cell_setup run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_manage_cell run #3: crashed: WARNING in __proc_create run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_proc_cell_remove run #5: crashed: BUG: unable to handle kernel NULL pointer dereference in afs_deactivate_cell run #6: crashed: BUG: Dentry still in use [unmount of afs afs] run #7: crashed: BUG: Dentry still in use [unmount of afs afs] run #8: crashed: INFO: rcu detected stall in do_idle run #9: crashed: general protection fault in afs_dns_query testing release v5.7 testing commit 3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162 with gcc (GCC) 8.1.0 kernel signature: 6cbebac87c8963b57151722300edc14b09bf74f3c01999276fb4cc925dfaca48 run #0: crashed: KASAN: use-after-free Write in afs_manage_cell run #1: crashed: KASAN: use-after-free Write in afs_manage_cell run #2: crashed: KASAN: use-after-free Write in afs_manage_cell run #3: crashed: KASAN: use-after-free Write in afs_manage_cell run #4: crashed: KASAN: use-after-free Read in afs_deactivate_cell run #5: crashed: KASAN: use-after-free Write in afs_deactivate_cell run #6: crashed: KASAN: use-after-free Write in afs_manage_cell run #7: crashed: WARNING: ODEBUG bug in __do_softirq run #8: crashed: KASAN: use-after-free Write in afs_manage_cell run #9: crashed: KASAN: use-after-free Read in __proc_create testing release v5.6 testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.1.0 kernel signature: daec1b4d166cc3b003962a36fbb47624907a1c85f490043f388774df97108b77 run #0: crashed: KASAN: use-after-free Write in afs_manage_cell run #1: crashed: KASAN: use-after-free Write in afs_manage_cell run #2: crashed: KASAN: use-after-free Write in afs_manage_cell run #3: crashed: KASAN: use-after-free Write in afs_manage_cell run #4: crashed: KASAN: use-after-free Write in afs_manage_cell run #5: crashed: KASAN: use-after-free Write in afs_deactivate_cell run #6: crashed: WARNING: ODEBUG bug in __do_softirq run #7: crashed: KASAN: use-after-free Write in afs_manage_cell run #8: crashed: KASAN: use-after-free Write in afs_manage_cell run #9: crashed: KASAN: use-after-free Write in afs_manage_cell testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: 3c4d5845bc76bfc9b1f49d8a641ec51dc6f3ff84ed4e9362ffdbac2588f892dc run #0: crashed: KASAN: use-after-free Read in afs_deactivate_cell run #1: crashed: WARNING: ODEBUG bug in __do_softirq run #2: crashed: KASAN: use-after-free Write in afs_manage_cell run #3: crashed: KASAN: use-after-free Write in afs_manage_cell run #4: crashed: KASAN: use-after-free Read in afs_deactivate_cell run #5: crashed: KASAN: use-after-free Write in afs_deactivate_cell run #6: crashed: KASAN: use-after-free Read in afs_manage_cell run #7: crashed: WARNING: ODEBUG bug in __do_softirq run #8: crashed: KASAN: use-after-free Read in afs_deactivate_cell run #9: crashed: KASAN: use-after-free Read in fscache_alloc_cookie testing release v5.4 testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0 kernel signature: d9f192bfa2a9ad32183cece485f0bab3918a5b6050eddd1b8a73672c98a0cb1a run #0: crashed: KASAN: use-after-free Write in afs_manage_cell run #1: crashed: WARNING: ODEBUG bug in __do_softirq run #2: crashed: KASAN: use-after-free Read in afs_deactivate_cell run #3: crashed: KASAN: use-after-free Write in afs_manage_cell run #4: crashed: KASAN: use-after-free Write in afs_manage_cell run #5: crashed: KASAN: use-after-free Write in afs_deactivate_cell run #6: crashed: KASAN: use-after-free Read in fscache_alloc_cookie run #7: crashed: KASAN: use-after-free Write in afs_manage_cell run #8: crashed: KASAN: use-after-free Write in afs_manage_cell run #9: crashed: WARNING: ODEBUG bug in __do_softirq testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0 kernel signature: d829e7fbbbf1c25d9164f8a93e5572812953045cc2485ef8867636f45ed6386e run #0: crashed: WARNING: ODEBUG bug in afs_cell_destroy run #1: crashed: KASAN: use-after-free Write in afs_deactivate_cell run #2: crashed: KASAN: use-after-free Write in afs_manage_cell run #3: crashed: KASAN: use-after-free Write in afs_deactivate_cell run #4: crashed: KASAN: use-after-free Write in afs_manage_cell run #5: crashed: KASAN: use-after-free Read in afs_dynroot_mkdir run #6: crashed: KASAN: use-after-free Write in afs_manage_cell run #7: crashed: KASAN: use-after-free Write in afs_manage_cell run #8: crashed: KASAN: use-after-free Write in afs_manage_cell run #9: crashed: KASAN: use-after-free Write in afs_deactivate_cell testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 kernel signature: 7c53fa7d7937aaf4089ad0eabe886374501a4248f754ad2325e0ff917ac7b60c run #0: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #1: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #2: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #3: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #4: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #5: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #6: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #7: crashed: KASAN: use-after-free Write in afs_deactivate_cell run #8: crashed: KASAN: use-after-free Read in afs_deactivate_cell run #9: crashed: KASAN: use-after-free Write in afs_manage_cell testing release v5.1 testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0 kernel signature: daac8a5b4da4c535cb5d34f560c1b9a9e7a0d8572df0be2c20be45ddd957104b all runs: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset testing release v5.0 testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 with gcc (GCC) 8.1.0 kernel signature: f77cf37dcdea211f47b350411c1e50bcc2728fd88fd0afa27803b5969de11480 all runs: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset testing release v4.20 testing commit 8fe28cb58bcb235034b64cbbb7550a8a43fd88be with gcc (GCC) 8.1.0 kernel signature: 73489a2926ec334cb36683f52c95223cf56e8cb69020c48a81a1ab92cd5b5b59 run #0: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #1: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #2: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #3: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #4: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #5: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #6: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #7: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #8: OK run #9: OK testing release v4.19 testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d with gcc (GCC) 8.1.0 kernel signature: 30b13be60a8972f8a572ff2164bd3dfac7a5ebe4a90ec0a4f2170847b70a50e1 run #0: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #1: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #2: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #3: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #4: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #5: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #6: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #7: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #8: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #9: OK testing release v4.18 testing commit 94710cac0ef4ee177a63b5227664b38c95bbf703 with gcc (GCC) 8.1.0 kernel signature: 65a2d9a62f369705fd675d1955339231f8ac47577d64bc8e081ad23c38d75d20 all runs: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset testing release v4.17 testing commit 29dcea88779c856c7dc92040a0c01233263101d4 with gcc (GCC) 8.1.0 kernel signature: 4eabd00dfe155216c70f2deaf31beafb1357ae7d8ad3215fcd6972846c6e327d all runs: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset testing release v4.16 testing commit 0adb32858b0bddf4ada5f364a84ed60b196dbcda with gcc (GCC) 8.1.0 kernel signature: a6edbde998163a3a1894b557b073b3a8a8239d921003638e18cb2504e2827402 run #0: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #1: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #2: basic kernel testing failed: UBSAN: undefined-behaviour in handle_null_ptr_deref run #3: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #4: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #5: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #6: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #7: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #8: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #9: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset testing release v4.15 testing commit d8a5b80568a9cb66810e75b182018e9edb68e8ff with gcc (GCC) 8.1.0 ./arch/x86/include/asm/bootparam_utils.h:37: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:39: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:42: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:45: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:48: undefined reference to `__ubsan_handle_type_mismatch_v1' testing release v4.14 testing commit bebc6082da0a9f5d47a1ea2edc099bf671058bd4 with gcc (GCC) 8.1.0 ./arch/x86/include/asm/bootparam_utils.h:37: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:39: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:42: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:45: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:48: undefined reference to `__ubsan_handle_type_mismatch_v1' testing release v4.13 testing commit 569dbb88e80deb68974ef6fdd6a13edb9d686261 with gcc (GCC) 8.1.0 ./arch/x86/include/asm/bootparam_utils.h:36: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:38: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:41: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:44: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:47: undefined reference to `__ubsan_handle_type_mismatch_v1' testing release v4.12 testing commit 6f7da290413ba713f0cdd9ff1a2a9bb129ef4f6c with gcc (GCC) 8.1.0 arch/x86/entry/common.c:173: undefined reference to `__ubsan_handle_type_mismatch_v1' ./include/linux/compiler.h:254: undefined reference to `__ubsan_handle_type_mismatch_v1' ./include/linux/tracehook.h:190: undefined reference to `__ubsan_handle_type_mismatch_v1' ./include/linux/thread_info.h:60: undefined reference to `__ubsan_handle_type_mismatch_v1' ./include/trace/events/syscalls.h:17: undefined reference to `__ubsan_handle_type_mismatch_v1' testing release v4.11 testing commit a351e9b9fc24e982ec2f0e76379a49826036da12 with gcc (GCC) 7.3.0 kernel signature: e433a6e1254d018fa867a6d3c2ed4c86e8069167a13cdc888b46e1694f37a6c4 run #0: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #1: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #2: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #3: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #4: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #5: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #6: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #7: crashed: BUG: sleeping function called from invalid context in tap_get_minor run #8: crashed: BUG: sleeping function called from invalid context in tap_get_minor run #9: crashed: BUG: sleeping function called from invalid context in tap_get_minor testing release v4.10 testing commit c470abd4fde40ea6a0846a2beab642a578c0b8cd with gcc (GCC) 5.5.0 kernel signature: acdaea4aeebb0cba4db2184662e42fcd55f36954fad897d53ee29a1edc2ba44d run #0: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #1: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #2: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #3: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #4: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #5: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #6: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #7: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #8: OK run #9: OK testing release v4.9 testing commit 69973b830859bc6529a7a0468ba0d80ee5117826 with gcc (GCC) 5.5.0 kernel signature: 65d65349293df9f2bfa68d5f28818bbe604fa83bfb0b810bfa4a2461f530bf3a run #0: crashed: WARNING in nf_unregister_net_hook run #1: crashed: WARNING in nf_unregister_net_hook run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK testing release v4.8 testing commit c8d2bc9bc39ebea8437fd974fdbc21847bb897a3 with gcc (GCC) 5.5.0 kernel signature: 00941a91157fb50207ff92dfbaab432b5c67b50d15f67041f534b58e518d9c79 all runs: OK # git bisect start 69973b830859bc6529a7a0468ba0d80ee5117826 c8d2bc9bc39ebea8437fd974fdbc21847bb897a3 Bisecting: 8695 revisions left to test after this (roughly 13 steps) [a5af7e1fc69a46f29b977fd4b570e0ac414c2338] rxrpc: Fix loss of PING RESPONSE ACK production due to PING ACKs testing commit a5af7e1fc69a46f29b977fd4b570e0ac414c2338 with gcc (GCC) 5.5.0 kernel signature: 455fc5356e2b90b52dd9d189187cf528b6469fbca671a0ad36bf9e5f8a1debc0 run #0: crashed: WARNING in nf_unregister_net_hook run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad a5af7e1fc69a46f29b977fd4b570e0ac414c2338 Bisecting: 4346 revisions left to test after this (roughly 12 steps) [d268dbe76a53d72cc41316eb59e7968db60e77ad] Merge tag 'pinctrl-v4.9-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl testing commit d268dbe76a53d72cc41316eb59e7968db60e77ad with gcc (GCC) 5.5.0 kernel signature: 281cace63b51b8e537a130fecf26d913db1e045181678289fe81647693b96676 run #0: crashed: UBSAN: undefined-behaviour in nf_unregister_net_hook run #1: crashed: UBSAN: undefined-behaviour in batadv_iv_ogm_queue_add run #2: OK run #3: boot failed: UBSAN: undefined-behaviour in acpi_ds_create_operand run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad d268dbe76a53d72cc41316eb59e7968db60e77ad Bisecting: 2170 revisions left to test after this (roughly 11 steps) [02bafd96f3a5d8e610b19033ffec55b92459aaae] Merge tag 'docs-4.9' of git://git.lwn.net/linux testing commit 02bafd96f3a5d8e610b19033ffec55b92459aaae with gcc (GCC) 5.5.0 kernel signature: 14ab5506de59a6224ae88a2498a120e38aae91ae76d7e07f64ad39873663e7b8 all runs: OK # git bisect good 02bafd96f3a5d8e610b19033ffec55b92459aaae Bisecting: 1051 revisions left to test after this (roughly 10 steps) [e812bd905a5cf00fea95da9df4889dad63d4a36a] Merge tag 'wireless-drivers-next-for-davem-2016-09-15' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next testing commit e812bd905a5cf00fea95da9df4889dad63d4a36a with gcc (GCC) 5.5.0 kernel signature: 2aa8fbcd14645c7e42cb1988c897f693d969a6d12e4cb51bd3f074538f0cd98d run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad e812bd905a5cf00fea95da9df4889dad63d4a36a Bisecting: 559 revisions left to test after this (roughly 9 steps) [ccbd3dbe85e1445231a7e0da2dada130cedce9d0] rxrpc: Fix a potential NULL-pointer deref in rxrpc_abort_calls testing commit ccbd3dbe85e1445231a7e0da2dada130cedce9d0 with gcc (GCC) 5.5.0 kernel signature: 7a5ff044cc024cea6aca0226f7f056358147fb4e318dae0e1ea2fb7e420669e2 run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad ccbd3dbe85e1445231a7e0da2dada130cedce9d0 Bisecting: 279 revisions left to test after this (roughly 8 steps) [d6657781b5a9d2e2c72da1af0d185899b2d7e2f1] cxgb4: Register changes and fw defines for crypto testing commit d6657781b5a9d2e2c72da1af0d185899b2d7e2f1 with gcc (GCC) 5.5.0 kernel signature: 6fc088052a70b6c84f84ffd1e1e69a002817dc3222a0b512b804e134a5eaaedd run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #3: boot failed: UBSAN: undefined-behaviour in acpi_ds_create_operand run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad d6657781b5a9d2e2c72da1af0d185899b2d7e2f1 Bisecting: 139 revisions left to test after this (roughly 7 steps) [912f85e104f4dfc46bf33e6b5eef1f72a39d0336] net: can: usb: esd_usb2: don't print error when allocating urb fails testing commit 912f85e104f4dfc46bf33e6b5eef1f72a39d0336 with gcc (GCC) 5.5.0 kernel signature: a339b981b0e4c852cbffb69598ea863efac239a3240204cbfd10776de8ff8ee7 run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 912f85e104f4dfc46bf33e6b5eef1f72a39d0336 Bisecting: 69 revisions left to test after this (roughly 6 steps) [a995560a279628bcc00a0524ab068c39a3a184fb] sfc: use new performance based event queue init testing commit a995560a279628bcc00a0524ab068c39a3a184fb with gcc (GCC) 5.5.0 kernel signature: 58e48cb10ea42a78a212b2fb691519ac584e8b7a09ef10e6497fe141dc7fe491 run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad a995560a279628bcc00a0524ab068c39a3a184fb Bisecting: 34 revisions left to test after this (roughly 5 steps) [0184165b2f42c4b032da9dd11546bfbaeb5afd4e] ravb: add sleep PM suspend/resume support testing commit 0184165b2f42c4b032da9dd11546bfbaeb5afd4e with gcc (GCC) 5.5.0 kernel signature: 558170b65a1c84353398077ac61d763f2d14d94648cbc549b0661e26ef96e9dd run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 0184165b2f42c4b032da9dd11546bfbaeb5afd4e Bisecting: 16 revisions left to test after this (roughly 4 steps) [65752dda4b525730746085a351e6e936d29bc586] net: ethernet: greth: use phydev from struct net_device testing commit 65752dda4b525730746085a351e6e936d29bc586 with gcc (GCC) 5.5.0 kernel signature: 4140c3bb298e9cad9f6bcc4e545b50182361a411cd33b491b72ee4ce04caad3c run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #3: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #4: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #5: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 65752dda4b525730746085a351e6e936d29bc586 Bisecting: 8 revisions left to test after this (roughly 3 steps) [2647cffb2bc6fbed163d377390eb7ca552c7c1cb] net: ipconfig: Support using "delayed" DHCP replies testing commit 2647cffb2bc6fbed163d377390eb7ca552c7c1cb with gcc (GCC) 5.5.0 kernel signature: 6d0b29e645194942edbcc54bf94dd79b93472fc8150d586c64a4bb4dab6bbb33 run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 2647cffb2bc6fbed163d377390eb7ca552c7c1cb Bisecting: 3 revisions left to test after this (roughly 2 steps) [92fbb1df83ec17f62a46b23507ebb3f06ca10cd3] be2net: Avoid unnecessary firmware updates of multicast list testing commit 92fbb1df83ec17f62a46b23507ebb3f06ca10cd3 with gcc (GCC) 5.5.0 kernel signature: 9ef2348e371e007949864d394f473a64ea697dda38f473f5d7ffc7d11bf1e8d8 run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 92fbb1df83ec17f62a46b23507ebb3f06ca10cd3 Bisecting: 1 revision left to test after this (roughly 1 step) [841f60fcc4e7986a4ef3f83a289ab47076872e42] be2net: clear vlan-promisc setting before programming the vlan list testing commit 841f60fcc4e7986a4ef3f83a289ab47076872e42 with gcc (GCC) 5.5.0 kernel signature: 33ca3e1e4b32505b261fbfab33a041cb53aa7f8b39b99b0ffa73b905c05e1799 run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 841f60fcc4e7986a4ef3f83a289ab47076872e42 Bisecting: 0 revisions left to test after this (roughly 0 steps) [0e7bbcc104baaade4f64205e9706b7d43c46db7d] neigh: allow admin to set NUD_STALE testing commit 0e7bbcc104baaade4f64205e9706b7d43c46db7d with gcc (GCC) 5.5.0 kernel signature: 2b844c87c2b057001b3990ad42775d1f52111eb127b223eba2ae451786b4823f run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 0e7bbcc104baaade4f64205e9706b7d43c46db7d 0e7bbcc104baaade4f64205e9706b7d43c46db7d is the first bad commit commit 0e7bbcc104baaade4f64205e9706b7d43c46db7d Author: Julian Anastasov Date: Wed Jul 27 09:56:50 2016 +0300 neigh: allow admin to set NUD_STALE Admin should be able to set any state. Currently, this fails when lladdr is not changed and state is changed from NUD_CONNECTED to NUD_STALE: ip neigh add 192.168.8.1 lladdr 00:11:22:33:44:55 nud perm dev wlan0 ip neigh show to 192.168.8.1 192.168.8.1 dev wlan0 lladdr 00:11:22:33:44:55 PERMANENT ip neigh change 192.168.8.1 lladdr 00:11:22:33:44:55 nud stale dev wlan0 ip neigh show to 192.168.8.1 192.168.8.1 dev wlan0 lladdr 00:11:22:33:44:55 PERMANENT Problem may be from 2.1.X days. Signed-off-by: Julian Anastasov Reviewed-by: Chunhui He Signed-off-by: David S. Miller net/core/neighbour.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) parent commit 1fe323aa1b2390a0c57fb0b06a782f128d49094c wasn't tested testing commit 1fe323aa1b2390a0c57fb0b06a782f128d49094c with gcc (GCC) 5.5.0 kernel signature: 8a8418dd7a014da543de9aa99e99a1084851127618ca86f08dd3a8ed534a83bc culprit signature: 2b844c87c2b057001b3990ad42775d1f52111eb127b223eba2ae451786b4823f parent signature: 8a8418dd7a014da543de9aa99e99a1084851127618ca86f08dd3a8ed534a83bc revisions tested: 37, total time: 8h10m39.438023264s (build: 3h30m44.480809884s, test: 4h35m24.216154522s) first bad commit: 0e7bbcc104baaade4f64205e9706b7d43c46db7d neigh: allow admin to set NUD_STALE recipients (to): ["davem@davemloft.net" "hchunhui@mail.ustc.edu.cn" "ja@ssi.bg"] recipients (cc): [] crash: UBSAN: undefined-behaviour in ip_idents_reserve IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready ================================================================================ UBSAN: Undefined behaviour in ./arch/x86/include/asm/atomic.h:156:9 signed integer overflow: -1284631236 + -1347599334 cannot be represented in type 'int' CPU: 0 PID: 7573 Comm: modprobe Not tainted 4.7.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 ffff88012c007020 ffffffff83778841 1ffffffff1177866 0000000041b58ab3 ffffffff884c4ca7 ffffffff83778684 0000000000000086 ffffffff00000028 ffff88012c007048 ffff88012c006ff8 ffff88012c007010 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0x1bd/0x29c lib/dump_stack.c:51 [] ubsan_epilogue+0xd/0x8a lib/ubsan.c:164 [] handle_overflow+0x202/0x23d lib/ubsan.c:195 [] __ubsan_handle_add_overflow+0xe/0x10 lib/ubsan.c:203 [] atomic_add_return arch/x86/include/asm/atomic.h:156 [inline] [] ip_idents_reserve+0xf8/0x140 net/ipv4/route.c:484 [] __ip_select_ident+0x183/0x260 net/ipv4/route.c:499 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [] iptunnel_xmit+0x534/0xaa0 net/ipv4/ip_tunnel_core.c:98 [] udp_tunnel_xmit_skb+0x234/0x400 net/ipv4/udp_tunnel.c:159 [] geneve_xmit_skb drivers/net/geneve.c:911 [inline] [] geneve_xmit+0x7d0/0x4280 drivers/net/geneve.c:1034 [] __netdev_start_xmit include/linux/netdevice.h:3980 [inline] [] netdev_start_xmit include/linux/netdevice.h:3989 [inline] [] xmit_one net/core/dev.c:2919 [inline] [] dev_hard_start_xmit+0x184/0xb10 net/core/dev.c:2935 IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [] __dev_queue_xmit+0x1448/0x2970 net/core/dev.c:3405 [] dev_queue_xmit+0xb/0x10 net/core/dev.c:3438 [] neigh_resolve_output+0x4b4/0x8f0 net/core/neighbour.c:1307 [] dst_neigh_output include/net/dst.h:464 [inline] [] ip6_finish_output2+0xe0e/0x2370 net/ipv6/ip6_output.c:113 [] ip6_finish_output+0x2fb/0x830 net/ipv6/ip6_output.c:131 [] NF_HOOK_COND include/linux/netfilter.h:233 [inline] [] ip6_output+0x196/0x6d0 net/ipv6/ip6_output.c:145 [] dst_output include/net/dst.h:501 [inline] [] NF_HOOK_THRESH include/linux/netfilter.h:219 [inline] [] NF_HOOK include/linux/netfilter.h:242 [inline] [] mld_sendpack+0x785/0x1180 net/ipv6/mcast.c:1646 [] mld_send_cr net/ipv6/mcast.c:1927 [inline] [] mld_ifc_timer_expire+0x3d2/0x780 net/ipv6/mcast.c:2425 [] call_timer_fn+0x1ab/0x890 kernel/time/timer.c:1298 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [] expire_timers+0x352/0x700 kernel/time/timer.c:1338 IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [] __run_timers kernel/time/timer.c:1624 [inline] [] run_timer_softirq+0x1c1/0x5e0 kernel/time/timer.c:1637 [] __do_softirq+0x2e2/0xf20 kernel/softirq.c:273 [] invoke_softirq kernel/softirq.c:350 [inline] [] irq_exit+0x13b/0x250 kernel/softirq.c:391 [] exiting_irq arch/x86/include/asm/apic.h:657 [inline] [] smp_apic_timer_interrupt+0x80/0xb0 arch/x86/kernel/apic/apic.c:934 [] apic_timer_interrupt+0x8c/0xa0 arch/x86/entry/entry_64.S:618 [] ? dump_trace+0x63/0x7f0 arch/x86/kernel/dumpstack_64.c:156 [] save_stack_trace+0x26/0x80 arch/x86/kernel/stacktrace.c:67 [] save_stack mm/kasan/kasan.c:479 [inline] [] set_track mm/kasan/kasan.c:491 [inline] [] kasan_kmalloc+0xee/0x180 mm/kasan/kasan.c:582 [] kasan_slab_alloc+0x12/0x20 mm/kasan/kasan.c:521 [] slab_post_alloc_hook mm/slab.h:417 [inline] [] slab_alloc mm/slab.c:3412 [inline] [] kmem_cache_alloc+0x1a3/0x7f0 mm/slab.c:3571 [] anon_vma_alloc mm/rmap.c:78 [inline] [] anon_vma_prepare+0x236/0x490 mm/rmap.c:187 [] do_cow_fault mm/memory.c:3208 [inline] [] do_fault+0x787/0x2bc0 mm/memory.c:3324 [] handle_pte_fault mm/memory.c:3521 [inline] [] __handle_mm_fault mm/memory.c:3608 [inline] [] handle_mm_fault+0x112c/0x1d90 mm/memory.c:3645 [] __do_page_fault+0x2aa/0xb80 arch/x86/mm/fault.c:1356 [] do_page_fault+0x4a/0x70 arch/x86/mm/fault.c:1419 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:920 ================================================================================ IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready