bisecting fixing commit since 8ee0807eedf3bc60c8a47a7dd95387102bcfd063 building syzkaller on 6caa12e443d9f79aa2df67d44cdc6163eaa1e97f testing commit 8ee0807eedf3bc60c8a47a7dd95387102bcfd063 compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 79e37c4f1f3b92cccacf0e4172712055aa46e60ecb5e5c1573acae003c25db88 run #0: crashed: unregister_netdevice: waiting for DEV to become free run #1: crashed: WARNING: ODEBUG bug in netdev_freemem run #2: crashed: WARNING: ODEBUG bug in netdev_freemem run #3: crashed: WARNING: ODEBUG bug in netdev_freemem run #4: crashed: unregister_netdevice: waiting for DEV to become free run #5: crashed: WARNING: ODEBUG bug in netdev_freemem run #6: crashed: WARNING: ODEBUG bug in netdev_freemem run #7: crashed: WARNING: ODEBUG bug in netdev_freemem run #8: crashed: WARNING: ODEBUG bug in netdev_freemem run #9: crashed: WARNING: ODEBUG bug in netdev_freemem run #10: crashed: WARNING: ODEBUG bug in netdev_freemem run #11: crashed: unregister_netdevice: waiting for DEV to become free run #12: crashed: WARNING: ODEBUG bug in netdev_freemem run #13: crashed: WARNING: ODEBUG bug in netdev_freemem run #14: crashed: unregister_netdevice: waiting for DEV to become free run #15: crashed: unregister_netdevice: waiting for DEV to become free run #16: crashed: unregister_netdevice: waiting for DEV to become free run #17: crashed: unregister_netdevice: waiting for DEV to become free run #18: crashed: unregister_netdevice: waiting for DEV to become free run #19: crashed: unregister_netdevice: waiting for DEV to become free testing current HEAD 4ba8e26127c393c32776dff6d79c5b82de6dc542 testing commit 4ba8e26127c393c32776dff6d79c5b82de6dc542 compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 812ac07d3321ff0d6c57274b6b720ef65b9ac7fc9d9b513b02760ac9cd3ca172 all runs: crashed: WARNING: ODEBUG bug in netdev_freemem revisions tested: 2, total time: 33m28.459817924s (build: 25m43.144793513s, test: 7m0.938744022s) the crash still happens on HEAD commit msg: Linux 4.14.262 crash: WARNING: ODEBUG bug in netdev_freemem ODEBUG: free active (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x90 kernel/workqueue.c:4866 ------------[ cut here ]------------ WARNING: CPU: 1 PID: 8281 at lib/debugobjects.c:290 debug_print_object.cold.8+0xa7/0xdb lib/debugobjects.c:287 Kernel panic - not syncing: panic_on_warn set ... CPU: 1 PID: 8281 Comm: syz-executor210 Not tainted 4.14.262-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x14b/0x1e7 lib/dump_stack.c:58 panic+0x1b0/0x358 kernel/panic.c:183 __warn.cold.7+0x25/0x25 kernel/panic.c:547 report_bug+0x1a1/0x200 lib/bug.c:183 fixup_bug arch/x86/kernel/traps.c:177 [inline] fixup_bug arch/x86/kernel/traps.c:172 [inline] do_error_trap+0x1bd/0x310 arch/x86/kernel/traps.c:295 do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:314 invalid_op+0x1b/0x40 arch/x86/entry/entry_64.S:964 RIP: 0010:debug_print_object.cold.8+0xa7/0xdb lib/debugobjects.c:287 RSP: 0018:ffff888091ad7128 EFLAGS: 00010082 RAX: 0000000000000061 RBX: 0000000000000003 RCX: 0000000000000000 RDX: 0000000000000061 RSI: ffffffff878b92a0 RDI: ffffed101235ae1c RBP: ffff888091ad7150 R08: 0000000000000000 R09: 0000000000000000 R10: fffffbfff15ee2f1 R11: dffffc0000000000 R12: ffffffff878b4520 R13: ffffffff81360d70 R14: 0000000000000000 R15: dffffc0000000000 __debug_check_no_obj_freed lib/debugobjects.c:747 [inline] debug_check_no_obj_freed+0x4bc/0x890 lib/debugobjects.c:776 kfree+0xbd/0x270 mm/slab.c:3814 kvfree+0x2c/0x30 mm/util.c:416 netdev_freemem+0x47/0x60 net/core/dev.c:8064 netdev_release+0x6a/0x80 net/core/net-sysfs.c:1525 device_release+0x134/0x170 drivers/base/core.c:848 kobject_cleanup lib/kobject.c:646 [inline] kobject_release lib/kobject.c:675 [inline] kref_put include/linux/kref.h:70 [inline] kobject_put lib/kobject.c:692 [inline] kobject_put+0x14f/0x3d0 lib/kobject.c:685 put_device+0x12/0x20 drivers/base/core.c:2030 free_netdev+0x237/0x320 net/core/dev.c:8234 rtnl_newlink+0x109b/0x1630 net/core/rtnetlink.c:2744 rtnetlink_rcv_msg+0x34c/0x9e0 net/core/rtnetlink.c:4320 netlink_rcv_skb+0x12f/0x3b0 net/netlink/af_netlink.c:2446 rtnetlink_rcv+0x10/0x20 net/core/rtnetlink.c:4332 netlink_unicast_kernel net/netlink/af_netlink.c:1294 [inline] netlink_unicast+0x40b/0x610 net/netlink/af_netlink.c:1320 netlink_sendmsg+0x651/0xc10 net/netlink/af_netlink.c:1891 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xac/0xf0 net/socket.c:656 ___sys_sendmsg+0x625/0x920 net/socket.c:2062 __sys_sendmsg+0xc1/0x140 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0xd/0x20 net/socket.c:2103 do_syscall_64+0x1c7/0x5b0 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x7f7f1da90399 RSP: 002b:00007ffe20ed5e28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7f1da90399 RDX: 0000000004040000 RSI: 0000000020000080 RDI: 0000000000000004 RBP: 00007ffe20ed5e30 R08: 65732f636f72702f R09: 65732f636f72702f R10: 65732f636f72702f R11: 0000000000000246 R12: 00007f7f1da54280 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 ======================================================