bisecting cause commit starting from 9e6dfe8045f85f9b5aade47e4192482927e2791a
building syzkaller on 32329ceb4bbf58a21007c90edf2fb7ed242345db
testing commit 9e6dfe8045f85f9b5aade47e4192482927e2791a with gcc (GCC) 8.1.0
all runs: crashed: general protection fault in tls_sk_proto_close
testing release v5.2
testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0
run #0: crashed: KASAN: use-after-free Read in class_equal
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: crashed: KASAN: use-after-free Read in sk_psock_unlink
run #7: OK
run #8: OK
run #9: OK
testing release v5.1
testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0
all runs: crashed: WARNING: ODEBUG bug in del_timer
testing release v5.0
testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 with gcc (GCC) 8.1.0
run #0: crashed: WARNING in strp_done
run #1: crashed: WARNING in strp_done
run #2: crashed: WARNING in strp_done
run #3: crashed: WARNING in strp_done
run #4: crashed: WARNING in strp_done
run #5: crashed: WARNING in strp_done
run #6: crashed: WARNING in strp_done
run #7: crashed: WARNING in corrupted
run #8: crashed: WARNING in strp_done
run #9: crashed: WARNING in strp_done
testing release v4.20
testing commit 8fe28cb58bcb235034b64cbbb7550a8a43fd88be with gcc (GCC) 8.1.0
run #0: crashed: KASAN: use-after-free Read in sk_psock_unlink
run #1: crashed: KASAN: use-after-free Read in sk_psock_unlink
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
testing release v4.19
testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d with gcc (GCC) 8.1.0
all runs: OK
# git bisect start v4.20 v4.19
Bisecting: 7499 revisions left to test after this (roughly 13 steps)
[ec9c166434595382be3babf266febf876327774d] Merge tag 'mips_fixes_4.20_1' of git://git.kernel.org/pub/scm/linux/kernel/git/mips/linux
testing commit ec9c166434595382be3babf266febf876327774d with gcc (GCC) 8.1.0
run #0: crashed: KASAN: use-after-free Read in sk_psock_unlink
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad ec9c166434595382be3babf266febf876327774d
Bisecting: 3252 revisions left to test after this (roughly 12 steps)
[50b825d7e87f4cff7070df6eb26390152bb29537] Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
testing commit 50b825d7e87f4cff7070df6eb26390152bb29537 with gcc (GCC) 8.1.0
run #0: crashed: KASAN: use-after-free Read in sk_psock_unlink
run #1: crashed: KASAN: use-after-free Read in sk_psock_unlink
run #2: crashed: KASAN: use-after-free Read in sk_psock_unlink
run #3: crashed: KASAN: use-after-free Read in sk_psock_unlink
run #4: crashed: KASAN: use-after-free Read in sk_psock_unlink
run #5: crashed: KASAN: slab-out-of-bounds Read in class_equal
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 50b825d7e87f4cff7070df6eb26390152bb29537
Bisecting: 2120 revisions left to test after this (roughly 11 steps)
[99e9acd85ccbdc8f5785f9e961d4956e96bd6aa5] Merge tag 'mlx5-updates-2018-10-17' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux
testing commit 99e9acd85ccbdc8f5785f9e961d4956e96bd6aa5 with gcc (GCC) 8.1.0
run #0: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #1: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #2: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #3: crashed: KASAN: use-after-free Read in sk_psock_unlink
run #4: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #5: OK
run #6: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #7: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #8: OK
run #9: OK
# git bisect bad 99e9acd85ccbdc8f5785f9e961d4956e96bd6aa5
Bisecting: 989 revisions left to test after this (roughly 10 steps)
[d793fb46822ff7408a1767313ef6b12e811baa55] Merge tag 'wireless-drivers-next-for-davem-2018-10-02' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next
testing commit d793fb46822ff7408a1767313ef6b12e811baa55 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good d793fb46822ff7408a1767313ef6b12e811baa55
Bisecting: 461 revisions left to test after this (roughly 9 steps)
[071a234ad744ab9a1e9c948874d5f646a2964734] Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
testing commit 071a234ad744ab9a1e9c948874d5f646a2964734 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 071a234ad744ab9a1e9c948874d5f646a2964734
Bisecting: 229 revisions left to test after this (roughly 8 steps)
[f95cd52476dee761a1a8ebe617dd01793e0eb39c] Merge ath-next from git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/ath.git
testing commit f95cd52476dee761a1a8ebe617dd01793e0eb39c with gcc (GCC) 8.1.0
all runs: OK
# git bisect good f95cd52476dee761a1a8ebe617dd01793e0eb39c
Bisecting: 114 revisions left to test after this (roughly 7 steps)
[e85679511e48168b0f066b6ae585556b5e0d8f5b] Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
testing commit e85679511e48168b0f066b6ae585556b5e0d8f5b with gcc (GCC) 8.1.0
run #0: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #1: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #2: crashed: KASAN: slab-out-of-bounds Read in class_equal
run #3: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #4: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #5: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad e85679511e48168b0f066b6ae585556b5e0d8f5b
Bisecting: 57 revisions left to test after this (roughly 6 steps)
[23aefdd761599e42d7f1f6504ff38c558e18de2a] bnxt_en: Modify bnxt_ring_alloc_send_msg() to support 57500 chips.
testing commit 23aefdd761599e42d7f1f6504ff38c558e18de2a with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 23aefdd761599e42d7f1f6504ff38c558e18de2a
Bisecting: 28 revisions left to test after this (roughly 5 steps)
[8a615c6b0352a9ec56151b6c95d68e0a2eef5cf0] bpf: Allow sk_lookup with IPv6 module
testing commit 8a615c6b0352a9ec56151b6c95d68e0a2eef5cf0 with gcc (GCC) 8.1.0
run #0: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #1: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #2: crashed: KASAN: use-after-free Read in sk_psock_unlink
run #3: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #4: crashed: KASAN: use-after-free Read in sk_psock_unlink
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 8a615c6b0352a9ec56151b6c95d68e0a2eef5cf0
Bisecting: 14 revisions left to test after this (roughly 4 steps)
[0ef6bf39f09832866fd581cbafafbad9b2469eb3] bpftool: Allow to add compiler flags via EXTRA_CFLAGS variable
testing commit 0ef6bf39f09832866fd581cbafafbad9b2469eb3 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 0ef6bf39f09832866fd581cbafafbad9b2469eb3
Bisecting: 7 revisions left to test after this (roughly 3 steps)
[1243a51f6c05ecbb2c5c9e02fdcc1e7a06f76f26] tcp, ulp: remove ulp bits from sockmap
testing commit 1243a51f6c05ecbb2c5c9e02fdcc1e7a06f76f26 with gcc (GCC) 8.1.0
kernel/bpf/sockmap.c:1476:40: error: ‘bpf_tcp_ulp_ops’ undeclared (first use in this function); did you mean ‘bpf_tcp_prots’?
# git bisect skip 1243a51f6c05ecbb2c5c9e02fdcc1e7a06f76f26
Bisecting: 7 revisions left to test after this (roughly 3 steps)
[604326b41a6fb9b4a78b6179335decee0365cd8c] bpf, sockmap: convert to generic sk_msg interface
testing commit 604326b41a6fb9b4a78b6179335decee0365cd8c with gcc (GCC) 8.1.0
run #0: crashed: KASAN: use-after-free Read in sk_psock_unlink
run #1: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #2: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #3: crashed: KASAN: use-after-free Read in sk_psock_link_pop
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 604326b41a6fb9b4a78b6179335decee0365cd8c
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[1ae80cf31938c8f77c37a29bbe29e7f1cd492be8] bpf: wait for running BPF programs when updating map-in-map
testing commit 1ae80cf31938c8f77c37a29bbe29e7f1cd492be8 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 1ae80cf31938c8f77c37a29bbe29e7f1cd492be8
Bisecting: 1 revision left to test after this (roughly 1 step)
[8b9088f806e1ccd10c3d48b3b6d3d5d7855d92c5] tcp, ulp: enforce sock_owned_by_me upon ulp init and cleanup
testing commit 8b9088f806e1ccd10c3d48b3b6d3d5d7855d92c5 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 8b9088f806e1ccd10c3d48b3b6d3d5d7855d92c5
There are only 'skip'ped commits left to test.
The first bad commit could be any of:
1243a51f6c05ecbb2c5c9e02fdcc1e7a06f76f26
604326b41a6fb9b4a78b6179335decee0365cd8c
We cannot bisect more!
revisions tested: 20, total time: 4h47m57.328448721s (build: 1h47m45.705760791s, test: 2h54m10.532510242s)
bisection is inconclusive, the first bad commit could be any of:
1243a51f6c05ecbb2c5c9e02fdcc1e7a06f76f26
604326b41a6fb9b4a78b6179335decee0365cd8c