bisecting cause commit starting from 1b649e0bcae71c118c1333e02249a7510ba7f70a
building syzkaller on e8e6c7d21dbd86f502f66737883b1a0c3ae8eeb1
testing commit 1b649e0bcae71c118c1333e02249a7510ba7f70a with gcc (GCC) 8.1.0
kernel signature: 2e70122411cd99c768f77a00969b903011ec6a9c7ce43a1903e961dfd03e9375
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v5.5
testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0
kernel signature: d55f3ed7ea5c54e10b31702418af3223d52fff700455780c75a2f599923664c5
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v5.4
testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0
kernel signature: f6a080d0755dd6ddfb8bda17de98042187cb1b19a2a6750a9201f02e11204c9b
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v5.3
testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0
kernel signature: d66c87322ddaebaea37bfd97285bce48591c16bea6ec9c51c097706392bacb0b
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v5.2
testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0
kernel signature: ddb0655dcdea4d22eddfe2c83ea63d0268d59e2539a5e9943d93862fd6e06e48
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v5.1
testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0
kernel signature: 917c16f7ef93493acb0eada78b8c4e425173cf6fbf219c9400dd5dc68791deb2
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v5.0
testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 with gcc (GCC) 8.1.0
kernel signature: bdbe207c875c8df60eee102a9db4e764dd302f0e8b1eb07b03ec6fca82ee9053
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v4.20
testing commit 8fe28cb58bcb235034b64cbbb7550a8a43fd88be with gcc (GCC) 8.1.0
kernel signature: d7ff6288ccd79bcdcbfa7c289f51f661da392f87e830824763cd0c016fe0ca20
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v4.19
testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d with gcc (GCC) 8.1.0
kernel signature: cf2803c342407af7c26e5ad15d73e3de828ee81f499fb47c9b9f12af9219dfab
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v4.18
testing commit 94710cac0ef4ee177a63b5227664b38c95bbf703 with gcc (GCC) 8.1.0
kernel signature: 0a65106604ca4682ee522c1582ef8763c6ecee95f0edc95608cadd65d1ac59a0
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v4.17
testing commit 29dcea88779c856c7dc92040a0c01233263101d4 with gcc (GCC) 8.1.0
kernel signature: 9ea8cdaa38d29a0af7e53f84cd2df60bd216f5524fa7e2de64671f4c1e94ecaa
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v4.16
testing commit 0adb32858b0bddf4ada5f364a84ed60b196dbcda with gcc (GCC) 8.1.0
kernel signature: 3ffa9fcd7c4b81438a5da8d314a5fd2638f5669570bbafbfeddc70b25802f6da
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v4.15
testing commit d8a5b80568a9cb66810e75b182018e9edb68e8ff with gcc (GCC) 8.1.0
kernel signature: f586715fe551a13cb30e86cf060de2fe83de00e5516bd4fd5475129ba933b50a
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v4.14
testing commit bebc6082da0a9f5d47a1ea2edc099bf671058bd4 with gcc (GCC) 8.1.0
kernel signature: 41958221625c539c92f75364b630dfbe5cd76d1f798246b6a6e63245ee72c1ca
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v4.13
testing commit 569dbb88e80deb68974ef6fdd6a13edb9d686261 with gcc (GCC) 8.1.0
kernel signature: 861a047304be7876093e9378cf5ba1b6d1f94b205b8a2df4dc00e048c40c0968
all runs: crashed: kernel panic: smack: Failed to initialize cipso DOI.
testing release v4.12
testing commit 6f7da290413ba713f0cdd9ff1a2a9bb129ef4f6c with gcc (GCC) 8.1.0
kernel signature: cb293e00f4c5be663ca6022e0828fb23c3e4f31f0604ad375cdcc8965a36779e
all runs: crashed: BUG: sleeping function called from invalid context in tap_get_minor
testing release v4.11
testing commit a351e9b9fc24e982ec2f0e76379a49826036da12 with gcc (GCC) 7.3.0
kernel signature: 1f6933d4a4e140abe0ceffd62195af72e5fa0627109c16d5a6a968da92bbaae5
all runs: crashed: BUG: sleeping function called from invalid context in tap_get_minor
testing release v4.10
testing commit c470abd4fde40ea6a0846a2beab642a578c0b8cd with gcc (GCC) 5.5.0
kernel signature: f12bff77dbd6443b9c7fd979b29cb30b0f30f5726ed778e12b069657cb97e581
all runs: OK
# git bisect start a351e9b9fc24e982ec2f0e76379a49826036da12 c470abd4fde40ea6a0846a2beab642a578c0b8cd
Bisecting: 7088 revisions left to test after this (roughly 13 steps)
[1ec5c1867af085897bb9e0f67bef3713334dbe7f] Merge tag 'gpio-v4.11-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio
testing commit 1ec5c1867af085897bb9e0f67bef3713334dbe7f with gcc (GCC) 5.5.0
kernel signature: d8403f992b403450f6fb39164bfd01dc1e140a60134d620fd175f1dd81e47962
all runs: boot failed: WARNING in __hrtimer_init
# git bisect skip 1ec5c1867af085897bb9e0f67bef3713334dbe7f
Bisecting: 7088 revisions left to test after this (roughly 13 steps)
[a9d2d53a788a9c5bc8a7d1b4ea7857b68e221357] ixgbe: test for trust in macvlan adjustments for VF
testing commit a9d2d53a788a9c5bc8a7d1b4ea7857b68e221357 with gcc (GCC) 5.5.0
kernel signature: 823ea89ea55f41701bbaefa4eed4d819fed5f9d05bbf886254548fabc6ffe4ec
run #0: OK
run #1: OK
run #2: OK
run #3: crashed: general protection fault in batadv_iv_ogm_queue_add
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad a9d2d53a788a9c5bc8a7d1b4ea7857b68e221357
Bisecting: 61 revisions left to test after this (roughly 7 steps)
[85eb018fec29eae60d20f6d04af854308ffb3a05] Merge tag 'wireless-drivers-next-for-davem-2017-01-02' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next
testing commit 85eb018fec29eae60d20f6d04af854308ffb3a05 with gcc (GCC) 5.5.0
kernel signature: 53de2efa7127d6e697c07deb62e3f962905651f700f902cb345bfb29662f2b52
all runs: OK
# git bisect good 85eb018fec29eae60d20f6d04af854308ffb3a05
Bisecting: 32 revisions left to test after this (roughly 5 steps)
[3289025aedc018f8fd9d0e37fb9efa0c6d531ffa] RDS: add receive message trace used by application
testing commit 3289025aedc018f8fd9d0e37fb9efa0c6d531ffa with gcc (GCC) 5.5.0
kernel signature: cc7e63aaa69cf8165a64b753a35afa598bf21cec6c2834f93a09867dadc76dc7
all runs: OK
# git bisect good 3289025aedc018f8fd9d0e37fb9efa0c6d531ffa
Bisecting: 15 revisions left to test after this (roughly 4 steps)
[7f953ab2ba46e8649537942c0a64668ca2ce5cc5] af_packet: TX_RING support for TPACKET_V3
testing commit 7f953ab2ba46e8649537942c0a64668ca2ce5cc5 with gcc (GCC) 5.5.0
kernel signature: e3130cba334ece77d58fa45d2eb16c4aaffb4d7f6a0301ccc6df8ab1c912ab07
all runs: OK
# git bisect good 7f953ab2ba46e8649537942c0a64668ca2ce5cc5
Bisecting: 7 revisions left to test after this (roughly 3 steps)
[cb8e051446ae554aae38163d3421edc793221784] ixgbe: Report driver version to firmware for x550 devices
testing commit cb8e051446ae554aae38163d3421edc793221784 with gcc (GCC) 5.5.0
kernel signature: 3824a4ae6ea2439a26ecbccf8e409d8fec40c2b6a392fc29c747c8ba2bea2af8
all runs: OK
# git bisect good cb8e051446ae554aae38163d3421edc793221784
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[3f0d646b720d541309b11e190db58086f446f41e] ixgbe: Reduce I2C retry count on X550 devices
testing commit 3f0d646b720d541309b11e190db58086f446f41e with gcc (GCC) 5.5.0
kernel signature: c19303fedb53f76567dbcfb15a25be5be50d71ab791b4118b83044a0e095552e
all runs: OK
# git bisect good 3f0d646b720d541309b11e190db58086f446f41e
Bisecting: 1 revision left to test after this (roughly 1 step)
[f7f37e7ff2b9b7eff7fbd035569cab35896869a3] ixgbe: handle close/suspend race with netif_device_detach/present
testing commit f7f37e7ff2b9b7eff7fbd035569cab35896869a3 with gcc (GCC) 5.5.0
kernel signature: 82d77af79c8a559b5500110c5112340d438c89b80fa51b3df30c50c3b63f0d9b
all runs: OK
# git bisect good f7f37e7ff2b9b7eff7fbd035569cab35896869a3
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[2dad7b2775ea030c898fe4946971edd25af237d1] ixgbevf: handle race between close and suspend on shutdown
testing commit 2dad7b2775ea030c898fe4946971edd25af237d1 with gcc (GCC) 5.5.0
kernel signature: c12ed0770d0d3da34c2275a356b8c3152f371932edb6f16d331ebee84dff417c
all runs: OK
# git bisect good 2dad7b2775ea030c898fe4946971edd25af237d1
a9d2d53a788a9c5bc8a7d1b4ea7857b68e221357 is the first bad commit
commit a9d2d53a788a9c5bc8a7d1b4ea7857b68e221357
Author: Ken Cox <jkc@redhat.com>
Date:   Tue Nov 15 13:00:37 2016 -0600

    ixgbe: test for trust in macvlan adjustments for VF
    
    There are two methods for setting mac addresses in a Macvlan, that
    differentiate themselves in the function macvlan_set_mac_Address.
    If the macvlan mode is passthru, then we use the dev_set_mac_address
    method, otherwise we use the dev_uc api via macvlan_sync_addresses.
    The latter method (which would stem from using any non-passthru mode,
    like bridge, or vepa), calls down into the driver in a path that terminates
    in ixgbevf_set_uc_addr_vf, which sends a IXGBE_VF_SET_MACVLAN message,
    which causes the pf to spawn the noted error message.  This occurs because
    it appears that the guest is trying to delete the mac address of the macvlan
    before adding another.
    
    The other path in macvlan_set_mac_address uses dev_set_mac_address, which
    calls into ixgbevf_set_mac which uses the IXGBE_VF_SET_MAC_ADDR to the
    pf to set the macvlan mac address.
    
    The discrepancy here is in the handlers.  The handler function for
    IXGBE_VF_SET_MAC_ADDR (ixgbe_set_vf_mac_addr) has a check for
    the vfinfo[].trusted bit to allow the operation if the vf is trusted.
    In comparison, the IXGBE_VF_SET_MACVLAN message handler
    (ixgbe_set_vf_macvlan_msg) has no such check of the trusted bit.
    
    Signed-off-by: Ken Cox <jkc@redhat.com>
    Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>

 drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
culprit signature: 823ea89ea55f41701bbaefa4eed4d819fed5f9d05bbf886254548fabc6ffe4ec
parent  signature: c12ed0770d0d3da34c2275a356b8c3152f371932edb6f16d331ebee84dff417c
revisions tested: 27, total time: 4h59m34.876095273s (build: 2h17m8.609227832s, test: 2h40m11.552037318s)
first bad commit: a9d2d53a788a9c5bc8a7d1b4ea7857b68e221357 ixgbe: test for trust in macvlan adjustments for VF
cc: ["intel-wired-lan@lists.osuosl.org" "jeffrey.t.kirsher@intel.com" "jkc@redhat.com" "linux-kernel@vger.kernel.org" "netdev@vger.kernel.org"]
crash: general protection fault in batadv_iv_ogm_queue_add
batman_adv: batadv0: Removing interface: batadv_slave_0
batman_adv: batadv0: Interface deactivated: batadv_slave_1
batman_adv: batadv0: Removing interface: batadv_slave_1
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 6923 Comm: kworker/u4:6 Not tainted 4.10.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
task: ffff880118ece540 task.stack: ffff880117e98000
RIP: 0010:batadv_iv_ogm_queue_add+0x2f/0xdb0 net/batman-adv/bat_iv_ogm.c:773
RSP: 0018:ffff880117e9fb78 EFLAGS: 00010286
RAX: dffffc0000000000 RBX: ffff88011a17ba00 RCX: ffff88011a17ba00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
RBP: ffff880117e9fc10 R08: ffff88011a17ba00 R09: 0000000000000001
R10: ffff880118eced98 R11: ffff880118ece540 R12: 000000000000003c
R13: 0000000000000000 R14: ffff88011a17ba00 R15: ffff88011d99a2c0
FS:  0000000000000000(0000) GS:ffff88012c000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005584e60af160 CR3: 000000011b84b000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 batadv_iv_ogm_schedule+0x95a/0xcc0 net/batman-adv/bat_iv_ogm.c:977
 batadv_iv_send_outstanding_bat_ogm_packet+0x4e0/0x770 net/batman-adv/bat_iv_ogm.c:1803
 process_one_work+0x72f/0x16a0 kernel/workqueue.c:2098
 worker_thread+0xe1/0x1110 kernel/workqueue.c:2232
 kthread+0x2c9/0x3d0 kernel/kthread.c:227
 ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:427
Code: 00 00 00 fc ff df 55 48 89 e5 41 57 49 89 ff 48 8d 7e 03 41 56 41 55 49 89 f5 41 54 41 89 d4 48 89 fa 48 c1 ea 03 53 48 83 ec 70 <0f> b6 04 02 48 89 fa 48 89 4d b0 83 e2 07 4c 89 45 c0 44 89 4d 
RIP: batadv_iv_ogm_queue_add+0x2f/0xdb0 net/batman-adv/bat_iv_ogm.c:773 RSP: ffff880117e9fb78
---[ end trace b0d222fc6203e9c2 ]---