bisecting fixing commit since bfb9e5c03076a446b1f4f6a523ddc8d723c907a6
building syzkaller on 36650b4b2c942bc382314dce384d311fbadd1208
testing commit bfb9e5c03076a446b1f4f6a523ddc8d723c907a6 with gcc (GCC) 8.1.0
kernel signature: 58b46e6fb90c08149e20c852d63880f1f00ef8c9597c999e025bc04a1a639b6d
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in mem16_serial_out
testing current HEAD ab9dfda232481dcfaf549ce774004d116fc80c13
testing commit ab9dfda232481dcfaf549ce774004d116fc80c13 with gcc (GCC) 8.1.0
kernel signature: 16cfc15a4b6396d72988fa6561b581374e36047da26f5f3f82831d66f7575d7c
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in mem16_serial_out
revisions tested: 2, total time: 26m24.740081085s (build: 19m12.817315561s, test: 5m54.244855877s)
the crash still happens on HEAD
commit msg: Linux 4.14.180
crash: BUG: unable to handle kernel NULL pointer dereference in mem16_serial_out
8021q: adding VLAN 0 to HW filter on device batadv0
8021q: adding VLAN 0 to HW filter on device batadv0
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
8021q: adding VLAN 0 to HW filter on device bond0
BUG: unable to handle kernel NULL pointer dereference at 0000000000000002
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
IP: writew arch/x86/include/asm/io.h:66 [inline]
IP: mem16_serial_out+0x61/0xa0 drivers/tty/serial/8250/8250_port.c:414
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
PGD 90ae1067 P4D 90ae1067 PUD 90ae0067 PMD 0 
Oops: 0002 [#1] PREEMPT SMP KASAN
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
Modules linked in:
CPU: 1 PID: 7304 Comm: syz-executor.0 Not tainted 4.14.180-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
8021q: adding VLAN 0 to HW filter on device team0
task: ffff88808d19a500 task.stack: ffff8880833d8000
RIP: 0010:writew arch/x86/include/asm/io.h:66 [inline]
RIP: 0010:mem16_serial_out+0x61/0xa0 drivers/tty/serial/8250/8250_port.c:414
RSP: 0018:ffff8880833df8a0 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: ffffffff8a45fe10 RCX: 1ffffffff148bfca
RDX: 0000000000000001 RSI: 0000000000000002 RDI: ffffffff8a45fe50
RBP: ffff8880833df8b0 R08: ffff88808d19add0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8a45fe60
R13: ffffffff8a45fe10 R14: ffffffff8a45fe10 R15: ffffffff8a45fedc
FS:  00007f3dd0dd4700(0000) GS:ffff8880aed00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000002 CR3: 000000008d5b2000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 serial_out drivers/tty/serial/8250/8250.h:120 [inline]
 serial8250_clear_fifos.part.7+0x35/0xb0 drivers/tty/serial/8250/8250_port.c:557
 serial8250_clear_fifos drivers/tty/serial/8250/8250_port.c:556 [inline]
 serial8250_do_startup+0x34c/0x1b10 drivers/tty/serial/8250/8250_port.c:2198
 serial8250_startup+0x39/0x50 drivers/tty/serial/8250/8250_port.c:2415
 uart_port_startup drivers/tty/serial/serial_core.c:231 [inline]
 uart_startup.part.20+0x2a0/0x710 drivers/tty/serial/serial_core.c:270
 uart_startup drivers/tty/serial/serial_core.c:267 [inline]
 uart_set_info drivers/tty/serial/serial_core.c:1010 [inline]
 uart_set_info_user drivers/tty/serial/serial_core.c:1038 [inline]
 uart_ioctl+0x127e/0x2b90 drivers/tty/serial/serial_core.c:1361
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
 tty_ioctl+0x434/0x1260 drivers/tty/tty_io.c:2661
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x180/0xfb0 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x74/0x80 fs/ioctl.c:692
 do_syscall_64+0x1c7/0x5b0 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45a919
RSP: 002b:00007f3dd0dd3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a919
RDX: 0000000020000240 RSI: 000000000000541f RDI: 0000000000000003
RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3dd0dd46d4
R13: 00000000004c5e04 R14: 00000000004dc270 R15: 00000000ffffffff
Code: 0f b6 8b d1 00 
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
00 00 48 8d 7b 40 48 b8 00 00 00 00 00 fc ff df d3 e6 48 89 f9 48 c1 e9 03 80 3c 01 00 75 24 48 63 f6 48 03 73 40 <66> 89 16 
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
48 83 c4 08 5b 5d c3 89 55 f0 89 
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
75 f4 e8 6a a6 37 fe 
RIP: writew arch/x86/include/asm/io.h:66 [inline] RSP: ffff8880833df8a0
RIP: mem16_serial_out+0x61/0xa0 drivers/tty/serial/8250/8250_port.c:414 RSP: ffff8880833df8a0
CR2: 0000000000000002
---[ end trace 130152aaceb1fe88 ]---