bisecting cause commit starting from 13bf6d6a51df4fbf57b0626a7e469b9232ed2d38 building syzkaller on 732bc5a0a4cc7468b8abfdf8ba14f349f6d8acfa testing commit 13bf6d6a51df4fbf57b0626a7e469b9232ed2d38 with gcc (GCC) 8.1.0 all runs: crashed: INFO: rcu detected stall in ipv6_rcv testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 all runs: OK # git bisect start 13bf6d6a51df4fbf57b0626a7e469b9232ed2d38 v5.2 Bisecting: 7995 revisions left to test after this (roughly 13 steps) [3f06962273e73c5f7a651726b191d531cadef788] Merge tag 'mtd/for-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux testing commit 3f06962273e73c5f7a651726b191d531cadef788 with gcc (GCC) 8.1.0 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: crashed: general protection fault in send_hsr_supervision_frame run #7: crashed: general protection fault in send_hsr_supervision_frame run #8: OK run #9: crashed: general protection fault in send_hsr_supervision_frame # git bisect bad 3f06962273e73c5f7a651726b191d531cadef788 Bisecting: 4705 revisions left to test after this (roughly 12 steps) [8f6ccf6159aed1f04c6d179f61f6fb2691261e84] Merge tag 'clone3-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux testing commit 8f6ccf6159aed1f04c6d179f61f6fb2691261e84 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 8f6ccf6159aed1f04c6d179f61f6fb2691261e84 Bisecting: 2352 revisions left to test after this (roughly 11 steps) [64b08df460cfdfc2b010263043a057cdd33500ed] Merge tag 'hwmon-for-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging testing commit 64b08df460cfdfc2b010263043a057cdd33500ed with gcc (GCC) 8.1.0 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: crashed: general protection fault in send_hsr_supervision_frame # git bisect bad 64b08df460cfdfc2b010263043a057cdd33500ed Bisecting: 1176 revisions left to test after this (roughly 10 steps) [1e47b4837f3bdaa425727cfe09f5ae3b6c4c41a9] ipv6: Dump route exceptions if requested testing commit 1e47b4837f3bdaa425727cfe09f5ae3b6c4c41a9 with gcc (GCC) 8.1.0 run #0: basic kernel testing failed: failed to copy test binary to VM: failed to run ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/tmp/syz-executor179276616" "root@10.128.15.213:./syz-executor179276616"]: exit status 1 ssh: connect to host 10.128.15.213 port 22: Connection timed out lost connection run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good 1e47b4837f3bdaa425727cfe09f5ae3b6c4c41a9 Bisecting: 578 revisions left to test after this (roughly 9 steps) [61c2491db779c94d29446cea38b95d0c72bc1a9e] Merge tag 'mlx5-updates-2019-07-04-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux testing commit 61c2491db779c94d29446cea38b95d0c72bc1a9e with gcc (GCC) 8.1.0 all runs: OK # git bisect good 61c2491db779c94d29446cea38b95d0c72bc1a9e Bisecting: 305 revisions left to test after this (roughly 8 steps) [7650b1a9bd693d133a3ec0548ba63e828f34e3ec] Merge branch 'mp-inner-L3' testing commit 7650b1a9bd693d133a3ec0548ba63e828f34e3ec with gcc (GCC) 8.1.0 all runs: OK # git bisect good 7650b1a9bd693d133a3ec0548ba63e828f34e3ec Bisecting: 142 revisions left to test after this (roughly 7 steps) [af144a983402f7fd324ce556d9f9011a8b3e01fe] Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net testing commit af144a983402f7fd324ce556d9f9011a8b3e01fe with gcc (GCC) 8.1.0 all runs: OK # git bisect good af144a983402f7fd324ce556d9f9011a8b3e01fe Bisecting: 71 revisions left to test after this (roughly 6 steps) [67bd0d5ea7974d9dc9c502c7b4096e16a80a553d] net: flow_offload: add flow_block_cb_{priv, incref, decref}() testing commit 67bd0d5ea7974d9dc9c502c7b4096e16a80a553d with gcc (GCC) 8.1.0 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: crashed: general protection fault in send_hsr_supervision_frame # git bisect bad 67bd0d5ea7974d9dc9c502c7b4096e16a80a553d Bisecting: 34 revisions left to test after this (roughly 5 steps) [216dcb059b767ef526499f3ed287e98b37af03c3] Merge branch 'net-sched-Introduce-tc-connection-tracking' testing commit 216dcb059b767ef526499f3ed287e98b37af03c3 with gcc (GCC) 8.1.0 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: crashed: general protection fault in send_hsr_supervision_frame run #9: crashed: general protection fault in send_hsr_supervision_frame # git bisect bad 216dcb059b767ef526499f3ed287e98b37af03c3 Bisecting: 17 revisions left to test after this (roughly 4 steps) [427545b3046326cd7b4dbbd7869f08737df2ad2b] nfp: tls: count TSO segments separately for the TLS offload testing commit 427545b3046326cd7b4dbbd7869f08737df2ad2b with gcc (GCC) 8.1.0 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: crashed: general protection fault in send_hsr_supervision_frame run #9: crashed: general protection fault in send_hsr_supervision_frame # git bisect bad 427545b3046326cd7b4dbbd7869f08737df2ad2b Bisecting: 8 revisions left to test after this (roughly 3 steps) [1c13475368b697d4fc9c0630b5d4ee51d5ca0790] sctp: remove prsctp_enable from asoc testing commit 1c13475368b697d4fc9c0630b5d4ee51d5ca0790 with gcc (GCC) 8.1.0 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: crashed: general protection fault in send_hsr_supervision_frame run #8: crashed: general protection fault in send_hsr_supervision_frame run #9: crashed: general protection fault in send_hsr_supervision_frame # git bisect bad 1c13475368b697d4fc9c0630b5d4ee51d5ca0790 Bisecting: 4 revisions left to test after this (roughly 2 steps) [2a2ea50870baa3fb4de0872c5b60828138654ca7] net: sched: add mpls manipulation actions to TC testing commit 2a2ea50870baa3fb4de0872c5b60828138654ca7 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 2a2ea50870baa3fb4de0872c5b60828138654ca7 Bisecting: 2 revisions left to test after this (roughly 1 step) [88e2f2846d901e1d61e99ac1d06544d41f478430] Merge branch 'Add-MPLS-actions-to-TC' testing commit 88e2f2846d901e1d61e99ac1d06544d41f478430 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 88e2f2846d901e1d61e99ac1d06544d41f478430 Bisecting: 0 revisions left to test after this (roughly 1 step) [a96701fb3534c45bd6fe5e6f6d3a91e3acc19b59] sctp: remove reconf_enable from asoc testing commit a96701fb3534c45bd6fe5e6f6d3a91e3acc19b59 with gcc (GCC) 8.1.0 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: crashed: general protection fault in send_hsr_supervision_frame run #9: crashed: general protection fault in send_hsr_supervision_frame # git bisect bad a96701fb3534c45bd6fe5e6f6d3a91e3acc19b59 Bisecting: 0 revisions left to test after this (roughly 0 steps) [ccf355e52a3265624b7acadd693c849d599e9b9f] net: phy: Make use of linkmode_mod_bit helper testing commit ccf355e52a3265624b7acadd693c849d599e9b9f with gcc (GCC) 8.1.0 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: crashed: general protection fault in send_hsr_supervision_frame run #7: OK run #8: crashed: general protection fault in send_hsr_supervision_frame run #9: OK # git bisect bad ccf355e52a3265624b7acadd693c849d599e9b9f ccf355e52a3265624b7acadd693c849d599e9b9f is the first bad commit commit ccf355e52a3265624b7acadd693c849d599e9b9f Author: Fuqian Huang Date: Mon Jul 8 20:34:17 2019 +0800 net: phy: Make use of linkmode_mod_bit helper linkmode_mod_bit is introduced as a helper function to set/clear bits in a linkmode. Replace the if else code structure with a call to the helper linkmode_mod_bit. Signed-off-by: Fuqian Huang Signed-off-by: David S. Miller :040000 040000 fb7632ec899886b3400e91dbe7f971579a129266 8053316d2983e4ca5cfeee9ab50b51371b43d9b7 M drivers revisions tested: 17, total time: 4h39m41.024086973s (build: 1h38m32.084294334s, test: 2h55m27.849780493s) first bad commit: ccf355e52a3265624b7acadd693c849d599e9b9f net: phy: Make use of linkmode_mod_bit helper cc: ["andrew@lunn.ch" "davem@davemloft.net" "f.fainelli@gmail.com" "hkallweit1@gmail.com" "huangfq.daxian@gmail.com" "linux-kernel@vger.kernel.org" "netdev@vger.kernel.org"] crash: general protection fault in send_hsr_supervision_frame kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.2.0-rc6+ #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:send_hsr_supervision_frame+0x30/0xf60 net/hsr/hsr_device.c:255 Code: 89 e5 41 57 41 56 41 55 49 89 fd 41 54 41 89 d4 48 89 c2 53 48 c1 ea 03 48 83 ec 50 48 89 45 d0 48 b8 00 00 00 00 00 fc ff df <80> 3c 02 00 89 75 c8 0f 85 83 0c 00 00 48 b8 00 00 00 00 00 fc ff RSP: 0018:ffff8880aea09c68 EFLAGS: 00010282 RAX: dffffc0000000000 RBX: ffff88809023efc0 RCX: 1ffff1100f31b1f4 RDX: 0000000000000002 RSI: 0000000000000017 RDI: 0000000000000000 RBP: ffff8880aea09ce0 R08: ffffed1015d46c80 R09: ffffed1015d46c7f R10: ffffed1015d46c7f R11: ffff8880aea363fb R12: 0000000000000000 R13: 0000000000000000 R14: ffff8880aea09db8 R15: ffff8880aea24b80 FS: 0000000000000000(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f146eab92b0 CR3: 00000000a99e3000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: hsr_announce+0xd9/0x2b0 net/hsr/hsr_device.c:339 call_timer_fn+0x14d/0x510 kernel/time/timer.c:1322 expire_timers kernel/time/timer.c:1366 [inline] __run_timers kernel/time/timer.c:1685 [inline] run_timer_softirq+0xc6f/0x1330 kernel/time/timer.c:1698 __do_softirq+0x260/0x958 kernel/softirq.c:292 invoke_softirq kernel/softirq.c:373 [inline] irq_exit+0x17f/0x1c0 kernel/softirq.c:413 exiting_irq arch/x86/include/asm/apic.h:536 [inline] smp_apic_timer_interrupt+0x13e/0x540 arch/x86/kernel/apic/apic.c:1068 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:806 RIP: 0010:native_safe_halt+0x12/0x20 arch/x86/include/asm/irqflags.h:61 Code: 11 ff ff ff 4c 89 e7 e8 bc 5e ee fa eb 97 90 90 90 90 90 90 90 90 90 90 55 48 89 e5 e9 07 00 00 00 0f 00 2d 50 ec 5c 00 fb f4 <5d> c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 e9 07 00 00 RSP: 0018:ffffffff88207ce0 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 RAX: dffffc0000000000 RBX: ffffffff8827a040 RCX: 0000000000000000 RDX: 1ffffffff10643e1 RSI: 0000000000000006 RDI: ffffffff88321f08 RBP: ffffffff88207ce0 R08: 0000000000000006 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: ffffffff88321ef8 R14: 0000000000000000 R15: ffffffff88f70fb8 arch_safe_halt arch/x86/include/asm/paravirt.h:156 [inline] default_idle+0x51/0x310 arch/x86/kernel/process.c:580 arch_cpu_idle+0xa/0x10 arch/x86/kernel/process.c:571 default_idle_call+0x6d/0x90 kernel/sched/idle.c:94 cpuidle_idle_call kernel/sched/idle.c:154 [inline] do_idle+0x3e4/0x590 kernel/sched/idle.c:263 cpu_startup_entry+0x18/0x20 kernel/sched/idle.c:354 rest_init+0x1a4/0x279 init/main.c:451 arch_call_rest_init+0x9/0xc start_kernel+0x6bd/0x6f8 init/main.c:761 x86_64_start_reservations+0x29/0x2b arch/x86/kernel/head64.c:470 x86_64_start_kernel+0x76/0x79 arch/x86/kernel/head64.c:451 secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:243 Modules linked in: ---[ end trace 1f65dae5140c34b4 ]--- RIP: 0010:send_hsr_supervision_frame+0x30/0xf60 net/hsr/hsr_device.c:255 Code: 89 e5 41 57 41 56 41 55 49 89 fd 41 54 41 89 d4 48 89 c2 53 48 c1 ea 03 48 83 ec 50 48 89 45 d0 48 b8 00 00 00 00 00 fc ff df <80> 3c 02 00 89 75 c8 0f 85 83 0c 00 00 48 b8 00 00 00 00 00 fc ff RSP: 0018:ffff8880aea09c68 EFLAGS: 00010282 RAX: dffffc0000000000 RBX: ffff88809023efc0 RCX: 1ffff1100f31b1f4 RDX: 0000000000000002 RSI: 0000000000000017 RDI: 0000000000000000 RBP: ffff8880aea09ce0 R08: ffffed1015d46c80 R09: ffffed1015d46c7f R10: ffffed1015d46c7f R11: ffff8880aea363fb R12: 0000000000000000 R13: 0000000000000000 R14: ffff8880aea09db8 R15: ffff8880aea24b80 FS: 0000000000000000(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f146eab92b0 CR3: 00000000a99e3000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400