bisecting fixing commit since cb83ddcd5332fcc3efd52ba994976efc4dd6061e building syzkaller on fdb2bb2c23ee709880407f56307e2800ad27e9ae testing commit cb83ddcd5332fcc3efd52ba994976efc4dd6061e with gcc (GCC) 8.4.1 20210217 kernel signature: 33cb0d105ee4f4fd38db722faac07d5720190f44815aa06c3f0b87827d2d6f21 all runs: crashed: general protection fault in try_to_wake_up testing current HEAD 7d7d1c0ab3eb7c8d8f63a126535018007823b207 testing commit 7d7d1c0ab3eb7c8d8f63a126535018007823b207 with gcc (GCC) 8.4.1 20210217 kernel signature: c4a3f24fda08fe33be96e1c35f1be27f3ea36f68c354b17952bf7ec6298f35f8 all runs: OK # git bisect start 7d7d1c0ab3eb7c8d8f63a126535018007823b207 cb83ddcd5332fcc3efd52ba994976efc4dd6061e Bisecting: 147 revisions left to test after this (roughly 7 steps) [99b948bd84de1597ceb7b8df45199663d1851271] USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem testing commit 99b948bd84de1597ceb7b8df45199663d1851271 with gcc (GCC) 8.4.1 20210217 kernel signature: 1217dfbbcfaac47abe7569f1630365855d9d902b3afc40c79305ddc3a0f7ff7e all runs: crashed: general protection fault in try_to_wake_up # git bisect good 99b948bd84de1597ceb7b8df45199663d1851271 Bisecting: 73 revisions left to test after this (roughly 6 steps) [f6420532cfd7f73ad05045d89efc9c3a9377b85e] net: tun: set tun->dev->addr_len during TUNSETLINK processing testing commit f6420532cfd7f73ad05045d89efc9c3a9377b85e with gcc (GCC) 8.4.1 20210217 kernel signature: 49cab8097146acc82ef861e5b4fb1a8fb827bb1f401c1faa5a1cbb804ccec0a8 all runs: OK # git bisect bad f6420532cfd7f73ad05045d89efc9c3a9377b85e Bisecting: 36 revisions left to test after this (roughly 5 steps) [f77ee7a287f578f0e726649117e06afff322b019] ocfs2: fix deadlock between setattr and dio_end_io_write testing commit f77ee7a287f578f0e726649117e06afff322b019 with gcc (GCC) 8.4.1 20210217 kernel signature: 600e13222c8d367777fc19cf07f454ef42e4c533f44395776d9ee109c091a447 all runs: crashed: general protection fault in try_to_wake_up # git bisect good f77ee7a287f578f0e726649117e06afff322b019 Bisecting: 18 revisions left to test after this (roughly 4 steps) [bb271612b3c79612ed7592bb25ce1431c6f88c6c] ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces testing commit bb271612b3c79612ed7592bb25ce1431c6f88c6c with gcc (GCC) 8.4.1 20210217 kernel signature: 71d150133f68aa6cdc1efb1c68e1a7ae082c352b64df4ed09950f2d1e9114b38 run #0: crashed: INFO: task hung in usb_get_descriptor run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK reproducer seems to be flaky # git bisect good bb271612b3c79612ed7592bb25ce1431c6f88c6c Bisecting: 9 revisions left to test after this (roughly 3 steps) [a94d89d1573a266d28261738fe0a1dc521767d15] RDMA/cxgb4: check for ipv6 address properly while destroying listener testing commit a94d89d1573a266d28261738fe0a1dc521767d15 with gcc (GCC) 8.4.1 20210217 kernel signature: fbb11dd24654080054f6c5b1d8dcc03d34656c9186c04113ca22d87755b5585d run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: crashed: INFO: task hung in usb_get_descriptor # git bisect good a94d89d1573a266d28261738fe0a1dc521767d15 Bisecting: 4 revisions left to test after this (roughly 2 steps) [f4e7325060fe9d7f6b223fee7d2a28bf91ba8cb9] net/ncsi: Add generic netlink family testing commit f4e7325060fe9d7f6b223fee7d2a28bf91ba8cb9 with gcc (GCC) 8.4.1 20210217 kernel signature: ccefc37b50d0e0be05641df385a2dd2a7cba06262f79e2dd33f9fa68b512be66 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: crashed: INFO: task hung in usb_get_descriptor run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect good f4e7325060fe9d7f6b223fee7d2a28bf91ba8cb9 Bisecting: 2 revisions left to test after this (roughly 1 step) [d4a8169615a0ed1c8c7085871ccd58f51333b74d] net/ncsi: Avoid GFP_KERNEL in response handler testing commit d4a8169615a0ed1c8c7085871ccd58f51333b74d with gcc (GCC) 8.4.1 20210217 kernel signature: d3b6b39d1d562d4be60b9858b1c8dd64e8c38d0798ec2a156b7452dcc2ead418 run #0: basic kernel testing failed: failed to copy test binary to VM: failed to run ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "/tmp/syz-executor168263690" "root@10.128.0.57:./syz-executor168263690"]: exit status 1 kex_exchange_identification: read: Connection reset by peer Connection reset by 10.128.0.57 port 22 lost connection run #1: crashed: kernel panic: hung_task: blocked tasks run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect good d4a8169615a0ed1c8c7085871ccd58f51333b74d Bisecting: 0 revisions left to test after this (roughly 1 step) [bd7b29fb365e7880dad175908bb05428b4c000ea] cfg80211: remove WARN_ON() in cfg80211_sme_connect testing commit bd7b29fb365e7880dad175908bb05428b4c000ea with gcc (GCC) 8.4.1 20210217 kernel signature: 3ae48ad2583b1f881bb7bed2db75e0f694d637a1de31626cccbcfc3fa34d06a4 run #0: crashed: INFO: task hung in usb_remote_wakeup run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect good bd7b29fb365e7880dad175908bb05428b4c000ea f6420532cfd7f73ad05045d89efc9c3a9377b85e is the first bad commit commit f6420532cfd7f73ad05045d89efc9c3a9377b85e Author: Phillip Potter Date: Tue Apr 6 18:45:54 2021 +0100 net: tun: set tun->dev->addr_len during TUNSETLINK processing commit cca8ea3b05c972ffb5295367e6c544369b45fbdd upstream. When changing type with TUNSETLINK ioctl command, set tun->dev->addr_len to match the appropriate type, using new tun_get_addr_len utility function which returns appropriate address length for given type. Fixes a KMSAN-found uninit-value bug reported by syzbot at: https://syzkaller.appspot.com/bug?id=0766d38c656abeace60621896d705743aeefed51 Reported-by: syzbot+001516d86dbe88862cec@syzkaller.appspotmail.com Diagnosed-by: Eric Dumazet Signed-off-by: Phillip Potter Reviewed-by: Eric Dumazet Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman drivers/net/tun.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) culprit signature: 49cab8097146acc82ef861e5b4fb1a8fb827bb1f401c1faa5a1cbb804ccec0a8 parent signature: 3ae48ad2583b1f881bb7bed2db75e0f694d637a1de31626cccbcfc3fa34d06a4 Reproducer flagged being flaky revisions tested: 10, total time: 2h59m23.290317638s (build: 1h29m3.582471637s, test: 1h29m10.267046668s) first good commit: f6420532cfd7f73ad05045d89efc9c3a9377b85e net: tun: set tun->dev->addr_len during TUNSETLINK processing recipients (to): ["davem@davemloft.net" "edumazet@google.com" "gregkh@linuxfoundation.org" "phil@philpotter.co.uk"] recipients (cc): []