bisecting cause commit starting from d7223aa5867134b9923b42e1245801bd790a1d8c building syzkaller on cef5ae6814696260ff58c538a1b6044af90c5979 testing commit d7223aa5867134b9923b42e1245801bd790a1d8c with gcc (GCC) 8.1.0 kernel signature: db19cb7c592c2dfbb586d1385041306fd50dcc44cc58471e34c63e0e071b0139 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in nexthop_is_blackhole testing release v5.8 testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.1.0 kernel signature: 2b23081f694bdf42ac9bb90d1afa6e9173808fcd05125e890f51f1dbc5c6b19a all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in nexthop_is_blackhole testing release v5.7 testing commit 3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162 with gcc (GCC) 8.1.0 kernel signature: d56754b73f8524e960ddfc6458d4e1746954f28d447343c9f761ea4784436167 all runs: crashed: general protection fault in nexthop_is_blackhole testing release v5.6 testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.1.0 kernel signature: 076b7d714389257a44ab73346d6e92cbc46e01a2fe39fc6909a88d22cb478c52 all runs: crashed: KASAN: use-after-free Read in __ip6_del_rt testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: 928e5a891d735076bf7f42ce3b6ad2380d00280d725a1fa9ebeeed76a20ae9f4 all runs: crashed: KASAN: use-after-free Read in __ip6_del_rt testing release v5.4 testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0 kernel signature: 103e2a349404267f2c3c86d6b2995c723e1d59dbb123ab0fd1d5376d5284e12a all runs: crashed: KASAN: use-after-free Read in __ip6_del_rt testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0 kernel signature: 3d17d99a3b7211049706e4d2704c1ad5979befdb34464810805b34cc37acc06a all runs: crashed: KASAN: use-after-free Read in __ip6_del_rt testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 kernel signature: ddd85692b0918ab24af288f01d4e6328a4a371aca2b727916dcf409b5c4ac7c6 all runs: OK # git bisect start 4d856f72c10ecb060868ed10ff1b1453943fc6c8 0ecfebd2b52404ae0c54a878c872bb93363ada36 Bisecting: 7848 revisions left to test after this (roughly 13 steps) [43c95d3694cc448fdf50bd53b7ff3a5bb4655883] Merge tag 'pinctrl-v5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl testing commit 43c95d3694cc448fdf50bd53b7ff3a5bb4655883 with gcc (GCC) 8.1.0 kernel signature: 6a06761376305bb3c38ddc0389944666f8e44796b1b17cf365754c69edd9ba4f all runs: crashed: KASAN: use-after-free Read in __ip6_del_rt # git bisect bad 43c95d3694cc448fdf50bd53b7ff3a5bb4655883 Bisecting: 4619 revisions left to test after this (roughly 12 steps) [8f6ccf6159aed1f04c6d179f61f6fb2691261e84] Merge tag 'clone3-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux testing commit 8f6ccf6159aed1f04c6d179f61f6fb2691261e84 with gcc (GCC) 8.1.0 kernel signature: 9d3c6c685f81824b614d90afe3457c9b57bd6feb90a8813d53a57c8e71c235c3 all runs: OK # git bisect good 8f6ccf6159aed1f04c6d179f61f6fb2691261e84 Bisecting: 2306 revisions left to test after this (roughly 11 steps) [753c8d9b7d81206bb5d011b28abe829d364b028e] Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit 753c8d9b7d81206bb5d011b28abe829d364b028e with gcc (GCC) 8.1.0 kernel signature: 6105530ec3026eabc671932a274f2d4e29e952acfd3bae3890a733937d45ebb2 all runs: crashed: KASAN: use-after-free Read in __ip6_del_rt # git bisect bad 753c8d9b7d81206bb5d011b28abe829d364b028e Bisecting: 1156 revisions left to test after this (roughly 10 steps) [2f9b0d93a9d3ec64558537ab5d7cff820886afa4] net: ethernet: ti: cpsw: Fix suspend/resume break testing commit 2f9b0d93a9d3ec64558537ab5d7cff820886afa4 with gcc (GCC) 8.1.0 kernel signature: 6136d50e296ab1d58dcec089629cbe090339a62afafcf54851355a3c50477bba all runs: crashed: KASAN: use-after-free Read in __ip6_del_rt # git bisect bad 2f9b0d93a9d3ec64558537ab5d7cff820886afa4 Bisecting: 577 revisions left to test after this (roughly 9 steps) [d28d66e5a92de81199d21b696df707068361a4e7] net: ethernet: mediatek: fix mtk_eth_soc build errors & warnings testing commit d28d66e5a92de81199d21b696df707068361a4e7 with gcc (GCC) 8.1.0 kernel signature: 7f1c8baa2d1f08993ae25c6138f8b83b6f04f9a6c8aa4766181888e6d89aa56f all runs: OK # git bisect good d28d66e5a92de81199d21b696df707068361a4e7 Bisecting: 288 revisions left to test after this (roughly 8 steps) [9126e75e39e14c357cfb2820abf0733bbc3cd8dc] net: ethernet: ti: cpsw_ethtool: simplify slave loops testing commit 9126e75e39e14c357cfb2820abf0733bbc3cd8dc with gcc (GCC) 8.1.0 kernel signature: c05816c241852e8984bc2b177ae1fb3fc43bef24dc2975a81bced31888701042 all runs: crashed: KASAN: use-after-free Read in __ip6_del_rt # git bisect bad 9126e75e39e14c357cfb2820abf0733bbc3cd8dc Bisecting: 144 revisions left to test after this (roughly 7 steps) [de47c5d8e11dda678e4354eeb4235e58e92f7cd2] af_key: make use of BUG_ON macro testing commit de47c5d8e11dda678e4354eeb4235e58e92f7cd2 with gcc (GCC) 8.1.0 kernel signature: 81b31febf3c6e3f494c82efffbf1140e5ab433e128eeb346cb930c598678235d run #0: crashed: general protection fault in batadv_iv_ogm_queue_add run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad de47c5d8e11dda678e4354eeb4235e58e92f7cd2 Bisecting: 71 revisions left to test after this (roughly 6 steps) [867d03bc238f62fcd28f287b9da8af5e483baeab] net: axienet: Add DMA registers to ethtool register dump testing commit 867d03bc238f62fcd28f287b9da8af5e483baeab with gcc (GCC) 8.1.0 kernel signature: fc2b242385e83ea18a80308252e77c5116f5f0330954a8becf9f8f1c767af0f1 run #0: crashed: general protection fault in batadv_iv_ogm_queue_add run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 867d03bc238f62fcd28f287b9da8af5e483baeab Bisecting: 35 revisions left to test after this (roughly 5 steps) [8b5e07d7ee95e3c22cb301731f87d95f58639591] inet_connection_sock: remove unused parameter of reqsk_queue_unlink func testing commit 8b5e07d7ee95e3c22cb301731f87d95f58639591 with gcc (GCC) 8.1.0 kernel signature: 8efcd6d498ad8f76b00620a132665556a6ee3fbd48d8048ec0cd36c041fe8c86 all runs: OK # git bisect good 8b5e07d7ee95e3c22cb301731f87d95f58639591 Bisecting: 17 revisions left to test after this (roughly 4 steps) [2d6b51c6924c1bba8e4948dc4a2dbc96bf685b97] net/tls: split the TLS_DRIVER_STATE_SIZE and bump TX to 16 bytes testing commit 2d6b51c6924c1bba8e4948dc4a2dbc96bf685b97 with gcc (GCC) 8.1.0 kernel signature: 6f88960840a7e2952750d58f2ebf6b1d4466cb076967c8745cc2b7175126a0b2 all runs: OK # git bisect good 2d6b51c6924c1bba8e4948dc4a2dbc96bf685b97 Bisecting: 8 revisions left to test after this (roughly 3 steps) [23e6b2dc93630b60a6c33bd2a1289686bc33e272] net: axienet: Fix casting of pointers to u32 testing commit 23e6b2dc93630b60a6c33bd2a1289686bc33e272 with gcc (GCC) 8.1.0 kernel signature: 2ef4cd791a1f5c96766a590215aa9d7192774b08fd9e8786aff739f9d06c2ba3 all runs: OK # git bisect good 23e6b2dc93630b60a6c33bd2a1289686bc33e272 Bisecting: 4 revisions left to test after this (roughly 2 steps) [09a0354cadec267be7f5249c89eb998b3474263a] net: axienet: Use clock framework to get device clock rate testing commit 09a0354cadec267be7f5249c89eb998b3474263a with gcc (GCC) 8.1.0 kernel signature: aefa80717e547fcea2f4bef32e93f946186b842d5c12d5ddd1e24731149c9613 all runs: OK # git bisect good 09a0354cadec267be7f5249c89eb998b3474263a Bisecting: 2 revisions left to test after this (roughly 1 step) [7789e9ed0591bab4d8a419bf3b9b18327d75128f] net: axienet: Re-initialize MDIO registers properly after reset testing commit 7789e9ed0591bab4d8a419bf3b9b18327d75128f with gcc (GCC) 8.1.0 kernel signature: b960521bc058fb03dc69c2b192001e3c6c7e91afadfe7af553edab8b7bea9a52 all runs: OK # git bisect good 7789e9ed0591bab4d8a419bf3b9b18327d75128f Bisecting: 0 revisions left to test after this (roughly 1 step) [8b09ca823ffb4eee44cc1e41af2935e511eb98f1] net: axienet: Make RX/TX ring sizes configurable testing commit 8b09ca823ffb4eee44cc1e41af2935e511eb98f1 with gcc (GCC) 8.1.0 kernel signature: 519b96f2ef868a8c3f3a0afee8532999f387d9283b4601bbe6868050871daccd all runs: OK # git bisect good 8b09ca823ffb4eee44cc1e41af2935e511eb98f1 867d03bc238f62fcd28f287b9da8af5e483baeab is the first bad commit commit 867d03bc238f62fcd28f287b9da8af5e483baeab Author: Robert Hancock Date: Thu Jun 6 16:28:14 2019 -0600 net: axienet: Add DMA registers to ethtool register dump These registers are important for troubleshooting the state of the DMA cores. Signed-off-by: Robert Hancock Signed-off-by: David S. Miller drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) culprit signature: fc2b242385e83ea18a80308252e77c5116f5f0330954a8becf9f8f1c767af0f1 parent signature: 519b96f2ef868a8c3f3a0afee8532999f387d9283b4601bbe6868050871daccd revisions tested: 22, total time: 5h44m28.37838638s (build: 2h13m36.384853437s, test: 3h28m11.162698305s) first bad commit: 867d03bc238f62fcd28f287b9da8af5e483baeab net: axienet: Add DMA registers to ethtool register dump recipients (to): ["John.Linn@xilinx.com" "anirudh@xilinx.com" "davem@davemloft.net" "hancock@sedsystems.ca" "linux-arm-kernel@lists.infradead.org" "michal.simek@xilinx.com" "netdev@vger.kernel.org"] recipients (cc): ["davem@davemloft.net" "linux-kernel@vger.kernel.org"] crash: general protection fault in batadv_iv_ogm_queue_add kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 44 Comm: kworker/u4:2 Not tainted 5.2.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet RIP: 0010:batadv_iv_ogm_queue_add+0x9b/0xe50 net/batman-adv/bat_iv_ogm.c:599 Code: 44 89 8d 64 ff ff ff c7 02 f1 f1 f1 f1 c7 42 04 04 f2 f2 f2 48 89 fa 65 48 8b 0c 25 28 00 00 00 48 89 4d d0 31 c9 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 99 0b 00 00 RSP: 0018:ffff8880a9b77ac0 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffff8880a744d000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: ffff8880a9b77bd8 R08: ffff8880983c7840 R09: 0000000000000001 R10: ffffed101536ef8f R11: 0000000000000003 R12: ffff8880983c7840 R13: dffffc0000000000 R14: ffffed1013078f16 R15: 000000000000003c FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f6228525020 CR3: 00000000955e1000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: batadv_iv_ogm_schedule+0xb47/0xe80 net/batman-adv/bat_iv_ogm.c:807 batadv_iv_send_outstanding_bat_ogm_packet+0x4a2/0x790 net/batman-adv/bat_iv_ogm.c:1669 process_one_work+0x7b9/0x15e0 kernel/workqueue.c:2269 worker_thread+0x85/0xb60 kernel/workqueue.c:2415 kthread+0x324/0x3e0 kernel/kthread.c:255 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352 Modules linked in: ---[ end trace 9031ba57fb8f043d ]--- RIP: 0010:batadv_iv_ogm_queue_add+0x9b/0xe50 net/batman-adv/bat_iv_ogm.c:599 Code: 44 89 8d 64 ff ff ff c7 02 f1 f1 f1 f1 c7 42 04 04 f2 f2 f2 48 89 fa 65 48 8b 0c 25 28 00 00 00 48 89 4d d0 31 c9 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 99 0b 00 00 RSP: 0018:ffff8880a9b77ac0 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffff8880a744d000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: ffff8880a9b77bd8 R08: ffff8880983c7840 R09: 0000000000000001 R10: ffffed101536ef8f R11: 0000000000000003 R12: ffff8880983c7840 R13: dffffc0000000000 R14: ffffed1013078f16 R15: 000000000000003c FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f6228525020 CR3: 00000000955e1000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400