bisecting fixing commit since 9b15f7fae677336e04b9e026ff91854e43165455 building syzkaller on 5d7b90f1af2e3bf33992b75e7fcf0bab6bf49bd6 testing commit 9b15f7fae677336e04b9e026ff91854e43165455 with gcc (GCC) 8.1.0 kernel signature: 3cbadb941fd298066be772050c1b8a556c0caabde797d3af5ab7caa3bfe631f7 run #0: crashed: BUG: looking up invalid subclass: 8 run #1: crashed: BUG: looking up invalid subclass: 8 run #2: crashed: BUG: looking up invalid subclass: 8 run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK testing current HEAD 54b4fa6d39551639cb10664f6ac78b01993a1d7e testing commit 54b4fa6d39551639cb10664f6ac78b01993a1d7e with gcc (GCC) 8.1.0 kernel signature: 09557018756f6d4b919271ecee2835f2e1bb776382fbd9c220293d77812fb918 run #0: crashed: BUG: looking up invalid subclass: 8 run #1: crashed: BUG: looking up invalid subclass: 8 run #2: crashed: BUG: looking up invalid subclass: 8 run #3: crashed: BUG: looking up invalid subclass: 8 run #4: crashed: BUG: looking up invalid subclass: 8 run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK revisions tested: 2, total time: 40m9.833891237s (build: 17m28.89926808s, test: 21m32.335362795s) the crash still happens on HEAD commit msg: Linux 4.19.113 crash: BUG: looking up invalid subclass: 8 bond52: Enslaving macvlan83 as an active interface with a down link 8021q: adding VLAN 0 to HW filter on device macvlan87 8021q: adding VLAN 0 to HW filter on device macvlan88 8021q: adding VLAN 0 to HW filter on device macvlan89 8021q: adding VLAN 0 to HW filter on device macvlan90 BUG: looking up invalid subclass: 8 turning off the locking correctness validator. CPU: 1 PID: 21156 Comm: syz-executor.2 Not tainted 4.19.113-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x123/0x177 lib/dump_stack.c:118 look_up_lock_class kernel/locking/lockdep.c:662 [inline] register_lock_class+0x952/0x2350 kernel/locking/lockdep.c:748 __lock_acquire+0x160/0x4980 kernel/locking/lockdep.c:3299 lock_acquire+0x173/0x3d0 kernel/locking/lockdep.c:3903 _raw_spin_lock_nested+0x33/0x50 kernel/locking/spinlock.c:354 bond_get_stats+0xcc/0x500 drivers/net/bonding/bond_main.c:3450 dev_get_stats+0x85/0x270 net/core/dev.c:9031 rtnl_fill_stats+0x44/0xc00 net/core/rtnetlink.c:1176 rtnl_fill_ifinfo+0xe1f/0x3170 net/core/rtnetlink.c:1663 rtmsg_ifinfo_build_skb+0xc4/0x170 net/core/rtnetlink.c:3356 rtmsg_ifinfo_event.part.32+0x1a/0xb0 net/core/rtnetlink.c:3388 rtmsg_ifinfo_event net/core/rtnetlink.c:4835 [inline] rtnetlink_event+0xc7/0x120 net/core/rtnetlink.c:4828 notifier_call_chain+0x8a/0x160 kernel/notifier.c:93 __raw_notifier_call_chain kernel/notifier.c:394 [inline] raw_notifier_call_chain+0x11/0x20 kernel/notifier.c:401 call_netdevice_notifiers_info+0x28/0x60 net/core/dev.c:1748 call_netdevice_notifiers net/core/dev.c:1766 [inline] netdev_features_change net/core/dev.c:1334 [inline] netdev_change_features+0x76/0xa0 net/core/dev.c:8467 bond_compute_features.isra.47+0x4ab/0x800 drivers/net/bonding/bond_main.c:1116 bond_enslave+0x14d8/0x4c40 drivers/net/bonding/bond_main.c:1754 do_set_master+0x171/0x200 net/core/rtnetlink.c:2321 rtnl_newlink+0xe84/0x1310 net/core/rtnetlink.c:3169 rtnetlink_rcv_msg+0x34f/0x8f0 net/core/rtnetlink.c:4777 netlink_rcv_skb+0x142/0x390 net/netlink/af_netlink.c:2455 rtnetlink_rcv+0x10/0x20 net/core/rtnetlink.c:4795 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline] netlink_unicast+0x443/0x650 net/netlink/af_netlink.c:1344 netlink_sendmsg+0x765/0xc40 net/netlink/af_netlink.c:1909 sock_sendmsg_nosec net/socket.c:622 [inline] sock_sendmsg+0xb5/0xf0 net/socket.c:632 ___sys_sendmsg+0x647/0x950 net/socket.c:2115 __sys_sendmsg+0xd9/0x180 net/socket.c:2153 __do_sys_sendmsg net/socket.c:2162 [inline] __se_sys_sendmsg net/socket.c:2160 [inline] __x64_sys_sendmsg+0x73/0xb0 net/socket.c:2160 do_syscall_64+0xd0/0x4e0 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45c6c9 Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f77c0113c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f77c01146d4 RCX: 000000000045c6c9 RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005 RBP: 000000000076bfc8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000000009cb R14: 00000000004cc6fd R15: 000000000076bfd4 bond54: making interface macvlan90 the new active one bond54: Enslaving macvlan90 as an active interface with an up link 8021q: adding VLAN 0 to HW filter on device macvlan91 bond55: making interface macvlan91 the new active one bond55: Enslaving macvlan91 as an active interface with an up link 8021q: adding VLAN 0 to HW filter on device macvlan92 bond56: Enslaving macvlan92 as an active interface with a down link 8021q: adding VLAN 0 to HW filter on device macvlan94 bond57: Enslaving macvlan94 as an active interface with a down link 8021q: adding VLAN 0 to HW filter on device macvlan96 bond58: making interface macvlan96 the new active one bond58: Enslaving macvlan96 as an active interface with an up link 8021q: adding VLAN 0 to HW filter on device macvlan97 bond59: making interface macvlan97 the new active one bond59: Enslaving macvlan97 as an active interface with an up link 8021q: adding VLAN 0 to HW filter on device macvlan98 bond60: Enslaving macvlan98 as an active interface with a down link 8021q: adding VLAN 0 to HW filter on device macvlan100 bond61: Enslaving macvlan100 as an active interface with a down link 8021q: adding VLAN 0 to HW filter on device macvlan104 bond64: Enslaving macvlan104 as an active interface with a down link 8021q: adding VLAN 0 to HW filter on device macvlan106 bond65: Enslaving macvlan106 as an active interface with a down link 8021q: adding VLAN 0 to HW filter on device macvlan108 bond66: Enslaving macvlan108 as an active interface with a down link 8021q: adding VLAN 0 to HW filter on device macvlan110 bond67: Enslaving macvlan110 as an active interface with a down link validate_nla: 129 callbacks suppressed netlink: 'syz-executor.1': attribute type 1 has an invalid length. netlink: 'syz-executor.3': attribute type 1 has an invalid length. netlink: 'syz-executor.1': attribute type 1 has an invalid length. netlink: 'syz-executor.5': attribute type 1 has an invalid length. netlink: 'syz-executor.0': attribute type 1 has an invalid length. netlink: 'syz-executor.4': attribute type 1 has an invalid length. netlink: 'syz-executor.2': attribute type 1 has an invalid length. netlink: 'syz-executor.3': attribute type 1 has an invalid length. netlink: 'syz-executor.4': attribute type 1 has an invalid length. netlink: 'syz-executor.0': attribute type 1 has an invalid length. 8021q: adding VLAN 0 to HW filter on device macvlan113 bond69: Enslaving macvlan113 as an active interface with a down link validate_nla: 215 callbacks suppressed netlink: 'syz-executor.4': attribute type 1 has an invalid length. netlink: 'syz-executor.2': attribute type 1 has an invalid length. netlink: 'syz-executor.5': attribute type 1 has an invalid length. netlink: 'syz-executor.0': attribute type 1 has an invalid length. netlink: 'syz-executor.1': attribute type 1 has an invalid length. netlink: 'syz-executor.3': attribute type 1 has an invalid length. netlink: 'syz-executor.4': attribute type 1 has an invalid length. netlink: 'syz-executor.1': attribute type 1 has an invalid length. netlink: 'syz-executor.2': attribute type 1 has an invalid length. netlink: 'syz-executor.5': attribute type 1 has an invalid length.