bisecting fixing commit since f40ddce88593482919761f74910f42f4b84c004b
building syzkaller on 98682e5e2aefc9aad61354f4f3ac93be96002a2a
testing commit f40ddce88593482919761f74910f42f4b84c004b with gcc (GCC) 10.2.1 20210217
kernel signature: a20fdda6284e1de4805076b3f724e927513bee772a53c4f27dc22d1ef7831f86
run #0: crashed: KASAN: use-after-free Read in blk_update_request
run #1: crashed: KASAN: use-after-free Read in blk_update_request
run #2: crashed: KASAN: use-after-free Read in blk_update_request
run #3: crashed: KASAN: use-after-free Read in blk_update_request
run #4: crashed: KASAN: use-after-free Read in blk_update_request
run #5: crashed: KASAN: use-after-free Read in blk_update_request
run #6: crashed: KASAN: use-after-free Read in blk_update_request
run #7: crashed: KASAN: use-after-free Read in blk_update_request
run #8: crashed: KASAN: use-after-free Read in blk_update_request
run #9: OK
run #10: OK
run #11: OK
run #12: OK
run #13: OK
run #14: OK
run #15: OK
run #16: OK
run #17: OK
run #18: OK
run #19: OK
reproducer seems to be flaky
testing current HEAD a48b0872e69428d3d02994dcfad3519f01def7fa
testing commit a48b0872e69428d3d02994dcfad3519f01def7fa with gcc (GCC) 10.2.1 20210217
kernel signature: 6f600ca0c3c0a0e0ce5e08ea78ac43712cc68af0f69281c82c28e45d8671e903
run #0: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #1: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #2: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #3: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #4: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #5: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #6: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #7: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #8: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #9: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #10: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #11: crashed: WARNING in __nf_unregister_net_hook
run #12: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #13: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #14: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #15: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #16: crashed: WARNING in __nf_unregister_net_hook
run #17: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #18: basic kernel testing failed: WARNING in __nf_unregister_net_hook
run #19: crashed: WARNING in __nf_unregister_net_hook
Reproducer flagged being flaky
revisions tested: 2, total time: 28m20.145948471s (build: 15m7.024703527s, test: 12m18.572539074s)
the crash still happens on HEAD
commit msg: Merge branch 'akpm' (patches from Andrew)
crash: WARNING in __nf_unregister_net_hook
------------[ cut here ]------------
hook not found, pf 3 num 0
WARNING: CPU: 0 PID: 582 at net/netfilter/core.c:480 __nf_unregister_net_hook+0x17a/0x560 net/netfilter/core.c:480
Modules linked in:
CPU: 0 PID: 582 Comm: kworker/u4:7 Not tainted 5.12.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: netns cleanup_net
RIP: 0010:__nf_unregister_net_hook+0x17a/0x560 net/netfilter/core.c:480
Code: 89 f0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 a7 03 00 00 8b 53 1c 44 89 e6 48 c7 c7 00 cd 9d 89 4c 89 04 24 e8 de 83 62 01 <0f> 0b 4c 8b 04 24 e9 ba 00 00 00 48 89 ea 48 c1 e2 04 49 8d 7c 10
RSP: 0018:ffffc90001e9fbf0 EFLAGS: 00010282
RAX: 0000000000000000 RBX: ffff888021e1be00 RCX: 0000000000000000
RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffff520003d3f70
RBP: 0000000000000001 R08: 0000000000000001 R09: ffff8880ba01fa5b
R10: ffffed1017403f4b R11: 0000000000000001 R12: 0000000000000003
R13: ffff888027f70000 R14: ffff888021e1be1c R15: ffff888027f70f20
FS:  0000000000000000(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f67fb265000 CR3: 000000002748e000 CR4: 0000000000350ee0
Call Trace:
 nf_unregister_net_hook net/netfilter/core.c:502 [inline]
 nf_unregister_net_hooks+0xb1/0xf0 net/netfilter/core.c:576
 ops_pre_exit_list net/core/net_namespace.c:165 [inline]
 cleanup_net+0x3a4/0x990 net/core/net_namespace.c:583
 process_one_work+0x84c/0x13b0 kernel/workqueue.c:2275
 worker_thread+0x598/0xf80 kernel/workqueue.c:2421
 kthread+0x36f/0x450 kernel/kthread.c:313
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294