bisecting fixing commit since 3bd837bfe431839a378e9d421af05b2e22a6d329 building syzkaller on 1656845f45f284c574eb4f8bfe85dd7916a47a3a testing commit 3bd837bfe431839a378e9d421af05b2e22a6d329 with gcc (GCC) 8.1.0 kernel signature: f694b453906aefa83442bc0b3114d2cd6ee94e2afe26e24c9afb56d184609a37 all runs: crashed: general protection fault in rxrpc_connect_call testing current HEAD 7cdefde351b6911ec5ef39322980296c091f6c52 testing commit 7cdefde351b6911ec5ef39322980296c091f6c52 with gcc (GCC) 8.1.0 kernel signature: 93037ba8d5344867791afbd2a02b2bb5581174522ad8c305fd4317fec88b8795 all runs: OK # git bisect start 7cdefde351b6911ec5ef39322980296c091f6c52 3bd837bfe431839a378e9d421af05b2e22a6d329 Bisecting: 2845 revisions left to test after this (roughly 12 steps) [9de276a804c719f553fe9bc90b6b1998e8747557] PCI/ERR: Run error recovery callbacks for all affected devices testing commit 9de276a804c719f553fe9bc90b6b1998e8747557 with gcc (GCC) 8.1.0 kernel signature: 682515e3eff07450274d95fd20060ef3050d0ed7548b36053c1def36ecc2a44c all runs: crashed: kernel BUG at net/rxrpc/local_object.c:LINE! # git bisect good 9de276a804c719f553fe9bc90b6b1998e8747557 Bisecting: 1422 revisions left to test after this (roughly 11 steps) [45a6c3fb4c0b97881dba13d5894575c69ce97cef] extcon: sm5502: Reset registers during initialization testing commit 45a6c3fb4c0b97881dba13d5894575c69ce97cef with gcc (GCC) 8.1.0 kernel signature: 1d3e5fc85ec0502172dfb2ed3ea2f785e8741e5777b1e8f3bf6c83c896bb55a5 all runs: crashed: kernel BUG at net/rxrpc/local_object.c:LINE! # git bisect good 45a6c3fb4c0b97881dba13d5894575c69ce97cef Bisecting: 711 revisions left to test after this (roughly 10 steps) [211eabc55d07fc3709e967b08b6f5bb77198dbd0] ipmi: Fix memory leak in __ipmi_bmc_register testing commit 211eabc55d07fc3709e967b08b6f5bb77198dbd0 with gcc (GCC) 8.1.0 kernel signature: 31259a9dec070643d9f03a66fdeb313ae61a82ded14969c25a8bb0ffedf74cc4 all runs: crashed: kernel BUG at net/rxrpc/local_object.c:LINE! # git bisect good 211eabc55d07fc3709e967b08b6f5bb77198dbd0 Bisecting: 355 revisions left to test after this (roughly 9 steps) [a0a4643f1899b6f9339957d3c7c8e749735be494] EDAC/mc: Fix edac_mc_find() in case no device is found testing commit a0a4643f1899b6f9339957d3c7c8e749735be494 with gcc (GCC) 8.1.0 kernel signature: b0f1bca5311ad5cc0b62f940d773e2d1e7555a307be331cb2f3a369fdbc5b759 all runs: crashed: kernel BUG at net/rxrpc/local_object.c:LINE! # git bisect good a0a4643f1899b6f9339957d3c7c8e749735be494 Bisecting: 177 revisions left to test after this (roughly 8 steps) [cbbc34abc395d3cf91265f3b35a29ca76f7c0c04] Btrfs: fix inode cache waiters hanging on path allocation failure testing commit cbbc34abc395d3cf91265f3b35a29ca76f7c0c04 with gcc (GCC) 8.1.0 kernel signature: 780cf6bf68759355a6b3f8a908e8e488880d47dcf3e13be24d76905de05b9eab all runs: OK # git bisect bad cbbc34abc395d3cf91265f3b35a29ca76f7c0c04 Bisecting: 88 revisions left to test after this (roughly 7 steps) [0fea8f5ee0193f523428cb05d9fa9d0084213d4c] devres: allow const resource arguments testing commit 0fea8f5ee0193f523428cb05d9fa9d0084213d4c with gcc (GCC) 8.1.0 kernel signature: ca94adc9425c88ddd3b717a332dcd6d332eca4d1884a9d3679022b1115088313 all runs: crashed: kernel BUG at net/rxrpc/local_object.c:LINE! # git bisect good 0fea8f5ee0193f523428cb05d9fa9d0084213d4c Bisecting: 44 revisions left to test after this (roughly 6 steps) [c636fdf43c3b5b9120778205672e596af7288ef1] drm: rcar-du: lvds: Fix bridge_to_rcar_lvds testing commit c636fdf43c3b5b9120778205672e596af7288ef1 with gcc (GCC) 8.1.0 kernel signature: 48969518359c6b8a5da1b13719efc501c1278f7d1a999313e75a9a343cd10a2f all runs: crashed: kernel BUG at net/rxrpc/local_object.c:LINE! # git bisect good c636fdf43c3b5b9120778205672e596af7288ef1 Bisecting: 22 revisions left to test after this (roughly 5 steps) [8e456b4b1a3b91aa5cd59813a0bdc99f41de5f00] staging: greybus: light: fix a couple double frees testing commit 8e456b4b1a3b91aa5cd59813a0bdc99f41de5f00 with gcc (GCC) 8.1.0 kernel signature: 9184c56058395110a9d07e0a980616c3e20648ecdaffd3fa94ec3cc196df3909 all runs: OK # git bisect bad 8e456b4b1a3b91aa5cd59813a0bdc99f41de5f00 Bisecting: 10 revisions left to test after this (roughly 4 steps) [630c20f52abf7a8195835103603164aeee0c3e1c] rtc: pcf2127: bugfix: read rtc disables watchdog testing commit 630c20f52abf7a8195835103603164aeee0c3e1c with gcc (GCC) 8.1.0 kernel signature: 734ebe6e5937414265d966a3fa4e69d63d629b0a7c487b1ffbce75fae4ae4482 all runs: crashed: kernel BUG at net/rxrpc/local_object.c:LINE! # git bisect good 630c20f52abf7a8195835103603164aeee0c3e1c Bisecting: 5 revisions left to test after this (roughly 3 steps) [792668145b56165fd113f318f531e499a23e9a52] rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2] testing commit 792668145b56165fd113f318f531e499a23e9a52 with gcc (GCC) 8.1.0 kernel signature: 9e424cdcc2d26c27742e1f704d990197d71d45a297706c24410ae077da51d7d5 all runs: OK # git bisect bad 792668145b56165fd113f318f531e499a23e9a52 Bisecting: 2 revisions left to test after this (roughly 1 step) [767686f5ebdd14a9b2a454cf832b1de7f8ca5d88] media: em28xx: Fix exception handling in em28xx_alloc_urbs() testing commit 767686f5ebdd14a9b2a454cf832b1de7f8ca5d88 with gcc (GCC) 8.1.0 kernel signature: 155daa41c268c229f0fefc04ac9ef58822a977e19343dc43ad3d5a9daebae7c7 all runs: crashed: kernel BUG at net/rxrpc/local_object.c:LINE! # git bisect good 767686f5ebdd14a9b2a454cf832b1de7f8ca5d88 Bisecting: 0 revisions left to test after this (roughly 1 step) [5571688c22a8d55c73c4ca06424e6ec36f74e736] ahci: Do not export local variable ahci_em_messages testing commit 5571688c22a8d55c73c4ca06424e6ec36f74e736 with gcc (GCC) 8.1.0 kernel signature: bda83cd5efd27cd6b8d398c9e1c94f321aaeed58fedc7aed3fb3ea53da3dd0f2 all runs: crashed: kernel BUG at net/rxrpc/local_object.c:LINE! # git bisect good 5571688c22a8d55c73c4ca06424e6ec36f74e736 792668145b56165fd113f318f531e499a23e9a52 is the first bad commit commit 792668145b56165fd113f318f531e499a23e9a52 Author: David Howells Date: Thu Aug 29 14:12:11 2019 +0100 rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2] [ Upstream commit d12040b6933f684a26773afad46dbba9778608d7 ] When a local endpoint is ceases to be in use, such as when the kafs module is unloaded, the kernel will emit an assertion failure if there are any outstanding client connections: rxrpc: Assertion failed ------------[ cut here ]------------ kernel BUG at net/rxrpc/local_object.c:433! and even beyond that, will evince other oopses if there are service connections still present. Fix this by: (1) Removing the triggering of connection reaping when an rxrpc socket is released. These don't actually clean up the connections anyway - and further, the local endpoint may still be in use through another socket. (2) Mark the local endpoint as dead when we start the process of tearing it down. (3) When destroying a local endpoint, strip all of its client connections from the idle list and discard the ref on each that the list was holding. (4) When destroying a local endpoint, call the service connection reaper directly (rather than through a workqueue) to immediately kill off all outstanding service connections. (5) Make the service connection reaper reap connections for which the local endpoint is marked dead. Only after destroying the connections can we close the socket lest we get an oops in a workqueue that's looking at a connection or a peer. Fixes: 3d18cbb7fd0c ("rxrpc: Fix conn expiry timers") Signed-off-by: David Howells Tested-by: Marc Dionne Signed-off-by: David S. Miller Signed-off-by: Sasha Levin net/rxrpc/af_rxrpc.c | 3 --- net/rxrpc/ar-internal.h | 1 + net/rxrpc/conn_client.c | 44 ++++++++++++++++++++++++++++++++++++++++++++ net/rxrpc/conn_object.c | 2 +- net/rxrpc/local_object.c | 5 ++++- 5 files changed, 50 insertions(+), 5 deletions(-) culprit signature: 9e424cdcc2d26c27742e1f704d990197d71d45a297706c24410ae077da51d7d5 parent signature: bda83cd5efd27cd6b8d398c9e1c94f321aaeed58fedc7aed3fb3ea53da3dd0f2 revisions tested: 14, total time: 3h27m38.39044534s (build: 2h11m55.649717319s, test: 1h14m11.375249261s) first good commit: 792668145b56165fd113f318f531e499a23e9a52 rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2] cc: ["davem@davemloft.net" "dhowells@redhat.com" "marc.dionne@auristor.com" "sashal@kernel.org"]