bisecting cause commit starting from 6147c83fd749d19a0d3ccc2f64d12138ab010b47 building syzkaller on 1d2b823edd7b3936545a8b4d9901d53640334ee6 testing commit 6147c83fd749d19a0d3ccc2f64d12138ab010b47 with gcc (GCC) 8.1.0 kernel signature: e6a22db5b4868bb2a728c7d4717908beb7c1df9380ba01e7838ab901ae522019 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in drm_client_buffer_vunmap testing release v5.9 testing commit bbf5c979011a099af5dc76498918ed7df445635b with gcc (GCC) 8.1.0 kernel signature: ae997c81c8480492441e712d3c127e3da959156d4e937c464609e101fa84e28c all runs: OK # git bisect start 6147c83fd749d19a0d3ccc2f64d12138ab010b47 bbf5c979011a099af5dc76498918ed7df445635b Bisecting: 12698 revisions left to test after this (roughly 14 steps) [6694875ef8045cdb1e6712ee9b68fe08763507d8] ext4: indicate that fast_commit is available via /sys/fs/ext4/feature/... testing commit 6694875ef8045cdb1e6712ee9b68fe08763507d8 with gcc (GCC) 8.1.0 kernel signature: 2799b9d4540100cd9bf08c21a4326827de42a26f883d88092a41e6542540360c all runs: OK # git bisect good 6694875ef8045cdb1e6712ee9b68fe08763507d8 Bisecting: 6441 revisions left to test after this (roughly 13 steps) [8b68716691ee46819173cdc6715cbf8b331a2e98] Merge remote-tracking branch 'jc_docs/docs-next' testing commit 8b68716691ee46819173cdc6715cbf8b331a2e98 with gcc (GCC) 8.1.0 kernel signature: 0a7513d3df62518e2ff3b118081113d525dfeec788cf153be05bba8ccad5e6cd all runs: OK # git bisect good 8b68716691ee46819173cdc6715cbf8b331a2e98 Bisecting: 3228 revisions left to test after this (roughly 12 steps) [eaae9bf3840991c31082d4b52f27529549fc11ad] Merge remote-tracking branch 'drm-tegra/drm/tegra/for-next' testing commit eaae9bf3840991c31082d4b52f27529549fc11ad with gcc (GCC) 8.1.0 kernel signature: be642d7e6bb23b4740e63904d0f20d311c383aab796c957dc539b66e48c0ab99 all runs: OK # git bisect good eaae9bf3840991c31082d4b52f27529549fc11ad Bisecting: 1622 revisions left to test after this (roughly 11 steps) [26146838dcc55cb7a813a5f3a8f0f4d6a0c486d1] Merge remote-tracking branch 'usb/usb-next' testing commit 26146838dcc55cb7a813a5f3a8f0f4d6a0c486d1 with gcc (GCC) 8.1.0 kernel signature: 5ed3eefc4cefa05f8d678f0db12a30f04a268a8c554c2a25ef32bf4678596845 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in drm_client_buffer_vunmap # git bisect bad 26146838dcc55cb7a813a5f3a8f0f4d6a0c486d1 Bisecting: 787 revisions left to test after this (roughly 10 steps) [f2f63301ff6ccfcbb8cfb4a1b009074c1dffbcdc] Merge remote-tracking branch 'mmc/next' testing commit f2f63301ff6ccfcbb8cfb4a1b009074c1dffbcdc with gcc (GCC) 8.1.0 kernel signature: 435b53fb8b22082efa0dace3c0faaa370de3298b55c52fcecb995b403f605765 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in drm_client_buffer_vunmap # git bisect bad f2f63301ff6ccfcbb8cfb4a1b009074c1dffbcdc Bisecting: 285 revisions left to test after this (roughly 9 steps) [c2b6f23511185c594d04ea7aa8e3346129b1e952] Merge remote-tracking branch 'sound-asoc/for-next' testing commit c2b6f23511185c594d04ea7aa8e3346129b1e952 with gcc (GCC) 8.1.0 kernel signature: 541d64fa44af12d95fa5865138e52e87d297c92d6099e587e1d6dfde77c48518 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in drm_client_buffer_vunmap # git bisect bad c2b6f23511185c594d04ea7aa8e3346129b1e952 Bisecting: 265 revisions left to test after this (roughly 8 steps) [b3cf78e0dacb7fba50d0c1eb9dfa6f92d31529e2] ASoC: ti: depend on COMMON_CLK to fix compile tests testing commit b3cf78e0dacb7fba50d0c1eb9dfa6f92d31529e2 with gcc (GCC) 8.1.0 kernel signature: 10487cfbb7d75518a425ffb66d2302442de4de44741e65c719076c59d0da38f5 all runs: OK # git bisect good b3cf78e0dacb7fba50d0c1eb9dfa6f92d31529e2 Bisecting: 132 revisions left to test after this (roughly 7 steps) [bf8975837dac156c33a4d15d46602700998cb6dd] dma-buf/dma-resv: Respect num_fences when initializing the shared fence list. testing commit bf8975837dac156c33a4d15d46602700998cb6dd with gcc (GCC) 8.1.0 kernel signature: 340c185436c3a66d8275c9aa9296d0a8e300fc22b8aeb52ac2222aa6e8ff2660 run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state run #1: crashed: BUG: unable to handle kernel NULL pointer dereference in drm_client_buffer_vunmap run #2: crashed: BUG: unable to handle kernel NULL pointer dereference in drm_client_buffer_vunmap run #3: crashed: BUG: unable to handle kernel NULL pointer dereference in drm_client_buffer_vunmap run #4: crashed: BUG: unable to handle kernel NULL pointer dereference in drm_client_buffer_vunmap run #5: crashed: BUG: sleeping function called from invalid context in sta_info_move_state run #6: crashed: BUG: unable to handle kernel NULL pointer dereference in drm_client_buffer_vunmap run #7: crashed: BUG: unable to handle kernel NULL pointer dereference in drm_client_buffer_vunmap run #8: crashed: BUG: unable to handle kernel NULL pointer dereference in drm_client_buffer_vunmap run #9: crashed: BUG: unable to handle kernel NULL pointer dereference in drm_client_buffer_vunmap # git bisect bad bf8975837dac156c33a4d15d46602700998cb6dd Bisecting: 66 revisions left to test after this (roughly 6 steps) [fed79215df7f39d7e327958f325c0d4a8a3d3828] drm/rockchip/rockchip_rgb: Consume our own header testing commit fed79215df7f39d7e327958f325c0d4a8a3d3828 with gcc (GCC) 8.1.0 kernel signature: 02e674f40e0d7bb4fecb512ede866626c26ecea0bef107edc0be8ea2fc0ee9b9 run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK reproducer seems to be flaky # git bisect bad fed79215df7f39d7e327958f325c0d4a8a3d3828 Bisecting: 32 revisions left to test after this (roughly 5 steps) [a1ac250a82a5e97db71f14101ff7468291a6aaef] fbcon: Avoid using FNTCHARCNT() and hard-coded built-in font charcount testing commit a1ac250a82a5e97db71f14101ff7468291a6aaef with gcc (GCC) 8.1.0 kernel signature: f59dfbeaa05d21ccea46473951f51a0bea436fd26bfbf071f86d2ebc047b22eb run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state run #2: crashed: BUG: sleeping function called from invalid context in sta_info_move_state run #3: crashed: BUG: sleeping function called from invalid context in sta_info_move_state run #4: crashed: BUG: sleeping function called from invalid context in sta_info_move_state run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad a1ac250a82a5e97db71f14101ff7468291a6aaef Bisecting: 16 revisions left to test after this (roughly 4 steps) [846939118270863bc074fb734a1c2e0690ddb444] drm/gma500: Remove 2D accel code testing commit 846939118270863bc074fb734a1c2e0690ddb444 with gcc (GCC) 8.1.0 kernel signature: 9fbf6e935e8713999044bcf4a1376f4daba8e5d47a1b616f81f6e107a30cbcd2 run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state run #1: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state run #2: crashed: BUG: sleeping function called from invalid context in sta_info_move_state run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 846939118270863bc074fb734a1c2e0690ddb444 Bisecting: 7 revisions left to test after this (roughly 3 steps) [a7319c8f50c5e93a12997e2d0821a2f7946fb734] drm/udl: Fix missing error code in udl_handle_damage() testing commit a7319c8f50c5e93a12997e2d0821a2f7946fb734 with gcc (GCC) 8.1.0 kernel signature: ee56638f39889c3543f12d98b571e61ee5b154a381fa29f4c05e25db4426ff6e run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad a7319c8f50c5e93a12997e2d0821a2f7946fb734 Bisecting: 3 revisions left to test after this (roughly 2 steps) [eee013c1f1280946b79f9baca9f4d3b45b901fa1] drm/savage/savage_bci: Remove set but never used 'aper_rsrc' and 'fb_rsrc' testing commit eee013c1f1280946b79f9baca9f4d3b45b901fa1 with gcc (GCC) 8.1.0 kernel signature: 00cfa68baea128489686bdf4a681d75693eb5e81d224f3e3f5d992b213eb90f9 run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad eee013c1f1280946b79f9baca9f4d3b45b901fa1 Bisecting: 1 revision left to test after this (roughly 1 step) [5f1f10998e7f0ba98a8efc27009cd9a11cff6616] drm/atmel-hlcdc/atmel_hlcdc_plane: Staticise local function 'atmel_hlcdc_plane_setup_scaler()' testing commit 5f1f10998e7f0ba98a8efc27009cd9a11cff6616 with gcc (GCC) 8.1.0 kernel signature: 00cfa68baea128489686bdf4a681d75693eb5e81d224f3e3f5d992b213eb90f9 run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 5f1f10998e7f0ba98a8efc27009cd9a11cff6616 Bisecting: 0 revisions left to test after this (roughly 0 steps) [c2edc1fe596e00e19a0e1a46dc56406ad2128ba7] drm/atmel-hlcdc/atmel_hlcdc_crtc: Apply correct formatting to struct docs testing commit c2edc1fe596e00e19a0e1a46dc56406ad2128ba7 with gcc (GCC) 8.1.0 kernel signature: 00cfa68baea128489686bdf4a681d75693eb5e81d224f3e3f5d992b213eb90f9 run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state run #2: crashed: BUG: sleeping function called from invalid context in sta_info_move_state run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad c2edc1fe596e00e19a0e1a46dc56406ad2128ba7 c2edc1fe596e00e19a0e1a46dc56406ad2128ba7 is the first bad commit commit c2edc1fe596e00e19a0e1a46dc56406ad2128ba7 Author: Lee Jones Date: Thu Nov 12 19:00:22 2020 +0000 drm/atmel-hlcdc/atmel_hlcdc_crtc: Apply correct formatting to struct docs And fix-up a misnamed member description. Fixes the following W=1 kernel build warning(s): drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_crtc.c:33: warning: cannot understand function prototype: 'struct atmel_hlcdc_crtc_state ' drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_crtc.c:52: warning: cannot understand function prototype: 'struct atmel_hlcdc_crtc ' Cc: Sam Ravnborg Cc: Boris Brezillon Cc: David Airlie Cc: Daniel Vetter Cc: Nicolas Ferre Cc: Alexandre Belloni Cc: Ludovic Desroches Cc: Jean-Jacques Hiblot Cc: dri-devel@lists.freedesktop.org Cc: linux-arm-kernel@lists.infradead.org Signed-off-by: Lee Jones Signed-off-by: Sam Ravnborg Link: https://patchwork.freedesktop.org/patch/msgid/20201112190039.2785914-14-lee.jones@linaro.org drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_crtc.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) parent commit 05481f072787e96d08cc304cda0c10e0d02cdadc wasn't tested testing commit 05481f072787e96d08cc304cda0c10e0d02cdadc with gcc (GCC) 8.1.0 kernel signature: 00cfa68baea128489686bdf4a681d75693eb5e81d224f3e3f5d992b213eb90f9 culprit signature: 00cfa68baea128489686bdf4a681d75693eb5e81d224f3e3f5d992b213eb90f9 parent signature: 00cfa68baea128489686bdf4a681d75693eb5e81d224f3e3f5d992b213eb90f9 Reproducer flagged being flaky revisions tested: 17, total time: 3h30m7.071354168s (build: 1h17m29.916599254s, test: 2h10m38.393906562s) first bad commit: c2edc1fe596e00e19a0e1a46dc56406ad2128ba7 drm/atmel-hlcdc/atmel_hlcdc_crtc: Apply correct formatting to struct docs recipients (to): ["airlied@linux.ie" "bbrezillon@kernel.org" "daniel@ffwll.ch" "dri-devel@lists.freedesktop.org" "lee.jones@linaro.org" "sam@ravnborg.org" "sam@ravnborg.org"] recipients (cc): ["alexandre.belloni@bootlin.com" "linux-arm-kernel@lists.infradead.org" "linux-kernel@vger.kernel.org" "ludovic.desroches@microchip.com" "nicolas.ferre@microchip.com"] crash: BUG: sleeping function called from invalid context in sta_info_move_state BUG: sleeping function called from invalid context at net/mac80211/sta_info.c:1962 in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 8, name: kworker/u4:0 INFO: lockdep is turned off. Preemption disabled at: [] __mutex_lock_common kernel/locking/mutex.c:955 [inline] [] __mutex_lock+0x70/0x9f0 kernel/locking/mutex.c:1103 CPU: 1 PID: 8 Comm: kworker/u4:0 Not tainted 5.10.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: phy11 ieee80211_iface_work Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x77/0x97 lib/dump_stack.c:118 ___might_sleep.cold.110+0xf2/0x106 kernel/sched/core.c:7298 sta_info_move_state+0x1a/0x2b0 net/mac80211/sta_info.c:1962 sta_info_free+0x11/0xd0 net/mac80211/sta_info.c:274 sta_info_insert_rcu+0xd4/0xde0 net/mac80211/sta_info.c:738 ieee80211_ibss_finish_sta+0x9e/0x120 net/mac80211/ibss.c:592 ieee80211_ibss_work+0x10a/0x420 net/mac80211/ibss.c:1700 process_one_work+0x273/0x600 kernel/workqueue.c:2272 worker_thread+0x38/0x380 kernel/workqueue.c:2418 kthread+0x144/0x170 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296