bisecting fixing commit since 3bd837bfe431839a378e9d421af05b2e22a6d329
building syzkaller on 1656845f45f284c574eb4f8bfe85dd7916a47a3a
testing commit 3bd837bfe431839a378e9d421af05b2e22a6d329 with gcc (GCC) 8.1.0
kernel signature: c74a8cca39fbcb21bfffd95c50fe204125e72898
all runs: crashed: general protection fault in rxrpc_connect_call
testing current HEAD c7ecf3e3a71c216327980f26b1e895ce9b07ad31
testing commit c7ecf3e3a71c216327980f26b1e895ce9b07ad31 with gcc (GCC) 8.1.0
kernel signature: df192e271801aacadb6950b784319ee99a52a804
all runs: crashed: kernel BUG at net/rxrpc/local_object.c:LINE!
revisions tested: 2, total time: 23m57.75532448s (build: 16m53.845618388s, test: 6m18.208338325s)
the crash still happens on HEAD
commit msg: Linux 4.19.92
crash: kernel BUG at net/rxrpc/local_object.c:LINE!
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
rxrpc: Assertion failed
------------[ cut here ]------------
kernel BUG at net/rxrpc/local_object.c:437!
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 3226 Comm: kworker/1:2 Not tainted 4.19.92-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: krxrpcd rxrpc_local_processor
RIP: 0010:rxrpc_local_destroyer net/rxrpc/local_object.c:437 [inline]
RIP: 0010:rxrpc_local_processor.cold.7+0x1a/0x21 net/rxrpc/local_object.c:470
Code: eb de 48 c7 c7 60 ff 64 87 e8 b2 16 5f fb 0f 0b 48 c7 c7 60 ff 64 87 e8 a4 16 5f fb 0f 0b 48 c7 c7 60 ff 64 87 e8 96 16 5f fb <0f> 0b 90 90 90 90 90 55 48 89 e5 41 57 41 56 49 89 fe 41 55 41 54
RSP: 0018:ffff88809bf7fd10 EFLAGS: 00010282
RAX: 0000000000000017 RBX: ffff88809592db78 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff86ff2360 RDI: ffffffff89a846a0
RBP: ffff88809bf7fd58 R08: ffffed1015d65079 R09: ffffed1015d65078
R10: ffffed1015d65078 R11: ffff8880aeb283c7 R12: ffff88809592db68
R13: ffff88808e9f60c0 R14: ffff88809592db70 R15: ffff8880944907c8
FS:  0000000000000000(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000625208 CR3: 000000008e021000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 process_one_work+0x830/0x1670 kernel/workqueue.c:2153
 worker_thread+0x85/0xb60 kernel/workqueue.c:2296
 kthread+0x324/0x3e0 kernel/kthread.c:246
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
Modules linked in:
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
---[ end trace 12dc7ac78c37a89b ]---
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
RIP: 0010:rxrpc_local_destroyer net/rxrpc/local_object.c:437 [inline]
RIP: 0010:rxrpc_local_processor.cold.7+0x1a/0x21 net/rxrpc/local_object.c:470
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
Code: eb de 48 c7 c7 60 ff 64 87 e8 b2 16 5f fb 0f 0b 48 c7 c7 60 ff 64 87 e8 a4 16 5f fb 0f 0b 48 c7 c7 60 ff 64 87 e8 96 16 5f fb <0f> 0b 90 90 90 90 90 55 48 89 e5 41 57 41 56 49 89 fe 41 55 41 54
RSP: 0018:ffff88809bf7fd10 EFLAGS: 00010282
RAX: 0000000000000017 RBX: ffff88809592db78 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff86ff2360 RDI: ffffffff89a846a0
RBP: ffff88809bf7fd58 R08: ffffed1015d65079 R09: ffffed1015d65078
R10: ffffed1015d65078 R11: ffff8880aeb283c7 R12: ffff88809592db68
R13: ffff88808e9f60c0 R14: ffff88809592db70 R15: ffff8880944907c8
FS:  0000000000000000(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
CR2: 0000000000625208 CR3: 000000008e021000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400