bisecting cause commit starting from a45ea48e2bcd92c1f678b794f488ca0bda9835b8 building syzkaller on dd56146d2611f7de0fbb7d8db6c016d3dcdc6371 testing commit a45ea48e2bcd92c1f678b794f488ca0bda9835b8 with gcc (GCC) 8.1.0 kernel signature: 68f6226b45873909f4cbd08a1f433b77db6edc29f638a8fadb5425aa8982c7d3 all runs: crashed: KASAN: null-ptr-deref Read in tcf_generic_walker testing release v5.4 testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0 kernel signature: 080325bb3adfa993b3f23ff29895da7f6e9d9976532e85729dd6b930fcc8ce63 all runs: crashed: KASAN: null-ptr-deref Read in tcf_generic_walker testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0 kernel signature: c64bb5e229d1aa5ce406147429f34d63b6d72908e9e9c4add333739d959bb324 all runs: crashed: KASAN: null-ptr-deref Read in tcf_generic_walker testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 kernel signature: c19243f968200a0b95e9fd344deb9ed0bfbc70ca8427a86f829815a78fb7a248 all runs: crashed: KASAN: null-ptr-deref Read in tcf_generic_walker testing release v5.1 testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0 kernel signature: 3b867b493ba06f36cd7a60b7bda05230123968484be8a1f435b9ea9f1a8922f4 all runs: crashed: KASAN: null-ptr-deref Read in tcf_generic_walker testing release v5.0 testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 with gcc (GCC) 8.1.0 kernel signature: a0a9306bbdd32e02a6c720d61cb975c3c0c0d1294ce31ec15f6508734f9c701a all runs: crashed: KASAN: null-ptr-deref Read in tcf_generic_walker testing release v4.20 testing commit 8fe28cb58bcb235034b64cbbb7550a8a43fd88be with gcc (GCC) 8.1.0 kernel signature: c3ed23c81a3ff3b92aa1110306a16cca16ae606f7d56e60a3c282d5c3c433ae4 all runs: crashed: KASAN: null-ptr-deref Read in tcf_generic_walker testing release v4.19 testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d with gcc (GCC) 8.1.0 kernel signature: 223d7bf20eeb9ea10cbdacf885acd0e0294081db92085465a9479ae9cf2507be all runs: crashed: KASAN: null-ptr-deref Read in __tcf_idr_release testing release v4.18 testing commit 94710cac0ef4ee177a63b5227664b38c95bbf703 with gcc (GCC) 8.1.0 kernel signature: 792b675d95b22f94d5685a2090db3732788bb68ff3364f54c5450b57d45fc263 all runs: OK # git bisect start 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d 94710cac0ef4ee177a63b5227664b38c95bbf703 Bisecting: 7596 revisions left to test after this (roughly 13 steps) [db06f826ec12bf0701ea7fc0a3c0aa00b84417c8] Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux testing commit db06f826ec12bf0701ea7fc0a3c0aa00b84417c8 with gcc (GCC) 8.1.0 kernel signature: 19e4fbd10d60f078fbb57ac51987ef1e92d0ec266e12d12a9f2b4e759b17b14c run #0: crashed: KASAN: null-ptr-deref Read in __tcf_idr_release run #1: crashed: KASAN: null-ptr-deref Read in __tcf_idr_release run #2: crashed: KASAN: use-after-free Read in __tcf_action_put run #3: crashed: KASAN: null-ptr-deref Read in __tcf_idr_release run #4: crashed: KASAN: null-ptr-deref Read in __tcf_idr_release run #5: crashed: KASAN: null-ptr-deref Read in __tcf_idr_release run #6: crashed: KASAN: null-ptr-deref Read in __tcf_idr_release run #7: crashed: KASAN: use-after-free Read in __tcf_action_put run #8: crashed: KASAN: null-ptr-deref Read in __tcf_idr_release run #9: crashed: KASAN: null-ptr-deref Read in __tcf_idr_release # git bisect bad db06f826ec12bf0701ea7fc0a3c0aa00b84417c8 Bisecting: 4493 revisions left to test after this (roughly 12 steps) [0a957467c5fd46142bc9c52758ffc552d4c5e2f7] x86: i8259: Add missing include file testing commit 0a957467c5fd46142bc9c52758ffc552d4c5e2f7 with gcc (GCC) 8.1.0 kernel signature: d3d654eec37eacb6f2077fd3a2a6c55f32b05a31d4f4f0d5f6d5e7265759ff9e run #0: crashed: general protection fault in batadv_iv_ogm_queue_add run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: boot failed: KASAN: use-after-free Read in dd_has_work run #9: OK # git bisect bad 0a957467c5fd46142bc9c52758ffc552d4c5e2f7 Bisecting: 1595 revisions left to test after this (roughly 11 steps) [958f338e96f874a0d29442396d6adf9c1e17aa2d] Merge branch 'l1tf-final' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit 958f338e96f874a0d29442396d6adf9c1e17aa2d with gcc (GCC) 8.1.0 kernel signature: c236afd22d450eaeb7628ea52f6c1b580712c7ac81b8b5238d19adc6a74e92f8 all runs: OK # git bisect good 958f338e96f874a0d29442396d6adf9c1e17aa2d Bisecting: 854 revisions left to test after this (roughly 10 steps) [2c20443ec221dcb76484b30933593e8ecd836bbd] Merge tag 'acpi-4.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm testing commit 2c20443ec221dcb76484b30933593e8ecd836bbd with gcc (GCC) 8.1.0 kernel signature: ed74f754957fcaa9c18578dd18862a650a95bb9a5cdbf8393b18dc4555cb1eb0 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: boot failed: KASAN: use-after-free Read in dd_has_work # git bisect good 2c20443ec221dcb76484b30933593e8ecd836bbd Bisecting: 499 revisions left to test after this (roughly 9 steps) [4aa5db22d35588e1a5d2ee88472348ea73d9fb23] Merge branch 'asoc-4.19' into asoc-next testing commit 4aa5db22d35588e1a5d2ee88472348ea73d9fb23 with gcc (GCC) 8.1.0 kernel signature: 22938b670355414c31be8e267a2487eb9ba042ff3e43436d0836fd899a837692 run #0: crashed: general protection fault in batadv_iv_ogm_queue_add run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 4aa5db22d35588e1a5d2ee88472348ea73d9fb23 Bisecting: 177 revisions left to test after this (roughly 8 steps) [caed9d636e857997e923dfe473b9310de645d916] ASoC: Intel: bytcr_rt5651: Reporting button presses testing commit caed9d636e857997e923dfe473b9310de645d916 with gcc (GCC) 8.1.0 kernel signature: 3621f9a068d3533192bbd89de96a31eb0724d1adbc11491c6b4a3172a5592d58 all runs: OK # git bisect good caed9d636e857997e923dfe473b9310de645d916 Bisecting: 89 revisions left to test after this (roughly 7 steps) [c8cb5f775c8dacb605e628a320ded42be3bd9453] ASoC: wcd9335: add CLASS-H Controller support testing commit c8cb5f775c8dacb605e628a320ded42be3bd9453 with gcc (GCC) 8.1.0 kernel signature: ea7cac15591a25a992e2a2dffb37b92ee1dc55e4f148eaf1bd458b0938e4a9e1 all runs: OK # git bisect good c8cb5f775c8dacb605e628a320ded42be3bd9453 Bisecting: 44 revisions left to test after this (roughly 6 steps) [16bbeb2b43c3f5d69e1348477e75a24ae6d55d5a] ASoC: fsl_esai: Mark expected switch fall-through testing commit 16bbeb2b43c3f5d69e1348477e75a24ae6d55d5a with gcc (GCC) 8.1.0 kernel signature: b88f6cc79acb6515f62a571cb6756fc4634b2b1113eab28b9f65e0bd67071904 run #0: crashed: general protection fault in batadv_iv_ogm_queue_add run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 16bbeb2b43c3f5d69e1348477e75a24ae6d55d5a Bisecting: 22 revisions left to test after this (roughly 5 steps) [b74fd69043262003c5b7ce545e59f5a7234ab290] ASoC: wcd9335: Fix build testing commit b74fd69043262003c5b7ce545e59f5a7234ab290 with gcc (GCC) 8.1.0 kernel signature: 21244b63fb485f2f773a055474796e00bc28ae86e33b15cce840acfc233664e1 all runs: OK # git bisect good b74fd69043262003c5b7ce545e59f5a7234ab290 Bisecting: 11 revisions left to test after this (roughly 4 steps) [7a2235ef507822679ac89007a6a37b23f30eed56] ASoC: wm9081: Mark expected switch fall-through testing commit 7a2235ef507822679ac89007a6a37b23f30eed56 with gcc (GCC) 8.1.0 kernel signature: 86dd48538caceeaad40d8a9142dfdb2e7e929959b11c7391b7c4e6af6977924f all runs: OK # git bisect good 7a2235ef507822679ac89007a6a37b23f30eed56 Bisecting: 5 revisions left to test after this (roughly 3 steps) [611cbc8799b672f41b6ba7afed758ad9efb959a7] ASoC: core: remove support for card rebind using component framework testing commit 611cbc8799b672f41b6ba7afed758ad9efb959a7 with gcc (GCC) 8.1.0 kernel signature: 77262213cae3aa56ca455d555a47a5d8f9a7f0b1690ab62550ed78ab83333bba all runs: OK # git bisect good 611cbc8799b672f41b6ba7afed758ad9efb959a7 Bisecting: 2 revisions left to test after this (roughly 2 steps) [3b7c88fcc2873eba64f9e8cef34c4af0cba20887] ASoC: davinci-i2s: mark expected switch fall-through testing commit 3b7c88fcc2873eba64f9e8cef34c4af0cba20887 with gcc (GCC) 8.1.0 kernel signature: cd4bea3506a6728b17072fa8a8bfb348895d786fea1f7cf92656bdf5f1371dc5 all runs: OK # git bisect good 3b7c88fcc2873eba64f9e8cef34c4af0cba20887 Bisecting: 0 revisions left to test after this (roughly 1 step) [1a12d5dc7dd1ffd985503f9770b736fb03db2e3f] ASoC: core: mark expected switch fall-through testing commit 1a12d5dc7dd1ffd985503f9770b736fb03db2e3f with gcc (GCC) 8.1.0 kernel signature: b3dc83cdc6d2bb8dda3c119ce488636d19ef795b9d71c02b2e89af33752ffbd9 all runs: OK # git bisect good 1a12d5dc7dd1ffd985503f9770b736fb03db2e3f 16bbeb2b43c3f5d69e1348477e75a24ae6d55d5a is the first bad commit commit 16bbeb2b43c3f5d69e1348477e75a24ae6d55d5a Author: Gustavo A. R. Silva Date: Fri Aug 3 11:29:53 2018 -0500 ASoC: fsl_esai: Mark expected switch fall-through In preparation to enabling -Wimplicit-fallthrough, mark switch cases where we are expecting to fall through. Addresses-Coverity-ID: 1222121 ("Missing break in switch") Signed-off-by: Gustavo A. R. Silva Signed-off-by: Mark Brown sound/soc/fsl/fsl_esai.c | 1 + 1 file changed, 1 insertion(+) culprit signature: b88f6cc79acb6515f62a571cb6756fc4634b2b1113eab28b9f65e0bd67071904 parent signature: b3dc83cdc6d2bb8dda3c119ce488636d19ef795b9d71c02b2e89af33752ffbd9 revisions tested: 22, total time: 5h22m22.056236092s (build: 2h7m30.233149337s, test: 3h12m33.451066939s) first bad commit: 16bbeb2b43c3f5d69e1348477e75a24ae6d55d5a ASoC: fsl_esai: Mark expected switch fall-through cc: ["alsa-devel@alsa-project.org" "broonie@kernel.org" "fabio.estevam@nxp.com" "gustavo@embeddedor.com" "lgirdwood@gmail.com" "linux-kernel@vger.kernel.org" "linuxppc-dev@lists.ozlabs.org" "nicoleotsuka@gmail.com" "perex@perex.cz" "timur@kernel.org" "tiwai@suse.com" "xiubo.lee@gmail.com"] crash: general protection fault in batadv_iv_ogm_queue_add bond0 (unregistering): Released all slaves batman_adv: batadv0: Interface deactivated: batadv_slave_0 batman_adv: batadv0: Removing interface: batadv_slave_0 kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 7829 Comm: kworker/u4:10 Not tainted 4.18.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet RIP: 0010:batadv_iv_ogm_queue_add+0x9b/0xe50 net/batman-adv/bat_iv_ogm.c:785 Code: 44 89 8d 64 ff ff ff c7 02 f1 f1 f1 f1 c7 42 04 04 f2 f2 f2 48 89 fa 65 48 8b 0c 25 28 00 00 00 48 89 4d d0 31 c9 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 a2 0b 00 00 RSP: 0018:ffff8800984cfaa0 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffff8800854128c0 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: ffff8800984cfbb8 R08: ffff88008ecbb340 R09: 0000000000000001 R10: ffffed0013099f8f R11: 0000000000000003 R12: 0000000000000007 R13: ffff88008ecbb370 R14: ffff88008ecbb340 R15: 000000000000003c FS: 0000000000000000(0000) GS:ffff8800aed00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffff600400 CR3: 00000000a0e55000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: batadv_iv_ogm_schedule+0xb97/0xf40 net/batman-adv/bat_iv_ogm.c:989 batadv_iv_send_outstanding_bat_ogm_packet+0x4b2/0x7b0 net/batman-adv/bat_iv_ogm.c:1817 process_one_work+0x830/0x1650 kernel/workqueue.c:2153 worker_thread+0x85/0xb60 kernel/workqueue.c:2296 kthread+0x316/0x3d0 kernel/kthread.c:240 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:412 Modules linked in: ---[ end trace 27e9a9785fac954b ]--- RIP: 0010:batadv_iv_ogm_queue_add+0x9b/0xe50 net/batman-adv/bat_iv_ogm.c:785 Code: 44 89 8d 64 ff ff ff c7 02 f1 f1 f1 f1 c7 42 04 04 f2 f2 f2 48 89 fa 65 48 8b 0c 25 28 00 00 00 48 89 4d d0 31 c9 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 a2 0b 00 00 RSP: 0018:ffff8800984cfaa0 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffff8800854128c0 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: ffff8800984cfbb8 R08: ffff88008ecbb340 R09: 0000000000000001 R10: ffffed0013099f8f R11: 0000000000000003 R12: 0000000000000007 R13: ffff88008ecbb370 R14: ffff88008ecbb340 R15: 000000000000003c FS: 0000000000000000(0000) GS:ffff8800aed00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffff600400 CR3: 00000000a0e55000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400