bisecting cause commit starting from ba5f4cfeac77fca981b199ec7f2396a3616e5216 building syzkaller on 2d5ea0cb6edb828803beea8af38dbc04dc80f028 testing commit ba5f4cfeac77fca981b199ec7f2396a3616e5216 with gcc (GCC) 8.1.0 kernel signature: 8574b4906afdabad0e5ed4ef080e348cebc85817ce5f6a6f22e799b6d108df23 run #0: crashed: WARNING in hrtimer_forward run #1: crashed: WARNING in hrtimer_forward run #2: crashed: WARNING in hrtimer_forward run #3: crashed: WARNING in hrtimer_forward run #4: crashed: WARNING in hrtimer_forward run #5: crashed: WARNING in hrtimer_forward run #6: crashed: WARNING in hrtimer_forward run #7: crashed: WARNING in hrtimer_forward run #8: OK run #9: OK testing release v5.8 testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.1.0 kernel signature: d89ce882c6ef66b9f56daab639cd8e60ff4764c9467eeb547da355284ffa9a8d run #0: crashed: WARNING in hrtimer_forward run #1: crashed: WARNING in hrtimer_forward run #2: crashed: WARNING in hrtimer_forward run #3: crashed: WARNING in hrtimer_forward run #4: crashed: WARNING in hrtimer_forward run #5: crashed: WARNING in hrtimer_forward run #6: crashed: WARNING in hrtimer_forward run #7: crashed: WARNING in hrtimer_forward run #8: OK run #9: OK testing release v5.7 testing commit 3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162 with gcc (GCC) 8.1.0 kernel signature: c92a2754ec4c612813831efb46d7fac37eb2d0da5b734e48584d011e50ac626c run #0: crashed: WARNING in hrtimer_forward run #1: crashed: WARNING in hrtimer_forward run #2: crashed: WARNING in hrtimer_forward run #3: crashed: WARNING in hrtimer_forward run #4: crashed: WARNING in hrtimer_forward run #5: crashed: WARNING in hrtimer_forward run #6: crashed: WARNING in hrtimer_forward run #7: crashed: WARNING in hrtimer_forward run #8: crashed: WARNING in hrtimer_forward run #9: OK testing release v5.6 testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.1.0 kernel signature: f619b10c252e26a7d90509f820511b3d1b31fd9f21891963e0c582e64fbf83d3 all runs: crashed: WARNING in hrtimer_forward testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: 321599963e7ae18b6656ee9b19e388522a03ced6ce2a03aaca095d7e0863bf6a all runs: crashed: WARNING in hrtimer_forward testing release v5.4 testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0 kernel signature: 0b5221b026466d1d4c507e8b6b3535626eb28060eb3605ad7075893153cfb5f8 all runs: crashed: WARNING in hrtimer_forward testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0 kernel signature: 4330db9c4e5c7664e1d10db74f66bd8bf0bbfd07205429a12e195f210cdebd83 all runs: crashed: WARNING in hrtimer_forward testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 kernel signature: fba9bf9079802e792963e372bdf377d1b7f34b6a62d151c734f68f430560f0af run #0: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #1: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #2: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #3: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #4: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #5: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #6: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #7: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #8: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #9: crashed: WARNING in hrtimer_forward testing release v5.1 testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0 kernel signature: 7ceda91ec600a7002c83a33601678b2b2f9d0f9a20c0bff7d2d393ad67181044 run #0: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #1: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #2: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #3: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #4: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #5: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #6: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #7: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #8: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #9: OK testing release v5.0 testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 with gcc (GCC) 8.1.0 kernel signature: 8560c65c5c65fbf4ed19e9580d63336bd61e966f0b11542b8abf10a1799a3c5f run #0: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #1: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #2: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #3: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #4: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #5: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #6: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #7: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #8: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #9: OK testing release v4.20 testing commit 8fe28cb58bcb235034b64cbbb7550a8a43fd88be with gcc (GCC) 8.1.0 kernel signature: 92effda6023c32b31351fa8d6f5ee7cc646b5e47f298e910af9225a2b878ae76 all runs: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset testing release v4.19 testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d with gcc (GCC) 8.1.0 kernel signature: c20f790c8ac070b661dae642aa2c4e89d064c673f053a6797386c727d22e0df6 all runs: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset testing release v4.18 testing commit 94710cac0ef4ee177a63b5227664b38c95bbf703 with gcc (GCC) 8.1.0 kernel signature: e9f2cb73c9f321ee0235c60596797e9e1e8cdba412c9dd154ccf1836e489342b run #0: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #1: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #2: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #3: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #4: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #5: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #6: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #7: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #8: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #9: OK testing release v4.17 testing commit 29dcea88779c856c7dc92040a0c01233263101d4 with gcc (GCC) 8.1.0 kernel signature: 83dc385e152c7ec20c22e460f6519290cdb7a104d55468c2cb404ac0dc985ebd all runs: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset testing release v4.16 testing commit 0adb32858b0bddf4ada5f364a84ed60b196dbcda with gcc (GCC) 8.1.0 kernel signature: 508a0c3a820226760f0e1322960e3100b0ba4c36dde05c45572f324e1487065b run #0: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #1: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #2: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #3: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #4: basic kernel testing failed: UBSAN: undefined-behaviour in handle_null_ptr_deref run #5: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #6: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #7: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #8: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset run #9: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_vq_reset testing release v4.15 testing commit d8a5b80568a9cb66810e75b182018e9edb68e8ff with gcc (GCC) 8.1.0 ./arch/x86/include/asm/bootparam_utils.h:37: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:39: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:42: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:45: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:48: undefined reference to `__ubsan_handle_type_mismatch_v1' testing release v4.14 testing commit bebc6082da0a9f5d47a1ea2edc099bf671058bd4 with gcc (GCC) 8.1.0 ./arch/x86/include/asm/bootparam_utils.h:37: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:39: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:42: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:45: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:48: undefined reference to `__ubsan_handle_type_mismatch_v1' testing release v4.13 testing commit 569dbb88e80deb68974ef6fdd6a13edb9d686261 with gcc (GCC) 8.1.0 ./arch/x86/include/asm/bootparam_utils.h:36: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:38: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:41: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:44: undefined reference to `__ubsan_handle_type_mismatch_v1' ./arch/x86/include/asm/bootparam_utils.h:47: undefined reference to `__ubsan_handle_type_mismatch_v1' testing release v4.12 testing commit 6f7da290413ba713f0cdd9ff1a2a9bb129ef4f6c with gcc (GCC) 8.1.0 arch/x86/entry/common.c:173: undefined reference to `__ubsan_handle_type_mismatch_v1' ./include/linux/compiler.h:254: undefined reference to `__ubsan_handle_type_mismatch_v1' ./include/linux/tracehook.h:190: undefined reference to `__ubsan_handle_type_mismatch_v1' ./include/linux/thread_info.h:60: undefined reference to `__ubsan_handle_type_mismatch_v1' ./include/trace/events/syscalls.h:17: undefined reference to `__ubsan_handle_type_mismatch_v1' testing release v4.11 testing commit a351e9b9fc24e982ec2f0e76379a49826036da12 with gcc (GCC) 7.3.0 kernel signature: aeb79260d81b7b0e794dd7f2e85e848e01b7963c8bac7e1f9b6be2f5ac364f44 run #0: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #1: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #2: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #3: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #4: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #5: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #6: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #7: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #8: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le run #9: crashed: BUG: sleeping function called from invalid context in tap_get_minor testing release v4.10 testing commit c470abd4fde40ea6a0846a2beab642a578c0b8cd with gcc (GCC) 5.5.0 kernel signature: aee3c6f7041b53ff75640217e4976d777a10689272e090f5d2046869be023a06 all runs: basic kernel testing failed: UBSAN: undefined-behaviour in vhost_init_is_le testing release v4.9 testing commit 69973b830859bc6529a7a0468ba0d80ee5117826 with gcc (GCC) 5.5.0 kernel signature: 05bda582850fa0a2885a09fdf3510be5ca72b7d2a0276c6e37b06fef50afa2d0 run #0: crashed: WARNING in nf_unregister_net_hook run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK testing release v4.8 testing commit c8d2bc9bc39ebea8437fd974fdbc21847bb897a3 with gcc (GCC) 5.5.0 kernel signature: ced7e8d249de149fa089d613ecd13c853500e5a8bdbdb07aae645e4c3f5064f1 all runs: OK # git bisect start 69973b830859bc6529a7a0468ba0d80ee5117826 c8d2bc9bc39ebea8437fd974fdbc21847bb897a3 Bisecting: 8695 revisions left to test after this (roughly 13 steps) [a5af7e1fc69a46f29b977fd4b570e0ac414c2338] rxrpc: Fix loss of PING RESPONSE ACK production due to PING ACKs testing commit a5af7e1fc69a46f29b977fd4b570e0ac414c2338 with gcc (GCC) 5.5.0 kernel signature: 00e22b6a168a6d42870bd7f50ac3f0b3a665903d808ec2017c50fd9fefbaa197 run #0: crashed: WARNING in nf_unregister_net_hook run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad a5af7e1fc69a46f29b977fd4b570e0ac414c2338 Bisecting: 4346 revisions left to test after this (roughly 12 steps) [d268dbe76a53d72cc41316eb59e7968db60e77ad] Merge tag 'pinctrl-v4.9-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl testing commit d268dbe76a53d72cc41316eb59e7968db60e77ad with gcc (GCC) 5.5.0 kernel signature: 2b8ce524aa4f673b1fe9cc450f452e6711f2cb103dad31f2982242a9d932d4c7 run #0: crashed: UBSAN: undefined-behaviour in nf_unregister_net_hook run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad d268dbe76a53d72cc41316eb59e7968db60e77ad Bisecting: 2170 revisions left to test after this (roughly 11 steps) [02bafd96f3a5d8e610b19033ffec55b92459aaae] Merge tag 'docs-4.9' of git://git.lwn.net/linux testing commit 02bafd96f3a5d8e610b19033ffec55b92459aaae with gcc (GCC) 5.5.0 kernel signature: 1609773820cb38ed8a91132c4092e3387ecbfa3b4c48fe01b6ef645dc1034185 all runs: OK # git bisect good 02bafd96f3a5d8e610b19033ffec55b92459aaae Bisecting: 1051 revisions left to test after this (roughly 10 steps) [e812bd905a5cf00fea95da9df4889dad63d4a36a] Merge tag 'wireless-drivers-next-for-davem-2016-09-15' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next testing commit e812bd905a5cf00fea95da9df4889dad63d4a36a with gcc (GCC) 5.5.0 kernel signature: 6070601b6d90e16434af16d7c1463e6ee17e3931d587eaeee1f7a43a72583521 run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad e812bd905a5cf00fea95da9df4889dad63d4a36a Bisecting: 559 revisions left to test after this (roughly 9 steps) [ccbd3dbe85e1445231a7e0da2dada130cedce9d0] rxrpc: Fix a potential NULL-pointer deref in rxrpc_abort_calls testing commit ccbd3dbe85e1445231a7e0da2dada130cedce9d0 with gcc (GCC) 5.5.0 kernel signature: 70bee5658f4856bfae50ec91e7081437e70c7d9d10ce4ceacc5a8304ddc24a9f run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad ccbd3dbe85e1445231a7e0da2dada130cedce9d0 Bisecting: 279 revisions left to test after this (roughly 8 steps) [d6657781b5a9d2e2c72da1af0d185899b2d7e2f1] cxgb4: Register changes and fw defines for crypto testing commit d6657781b5a9d2e2c72da1af0d185899b2d7e2f1 with gcc (GCC) 5.5.0 kernel signature: c87ee6e891127ba8c5f9bc16694f4964a4ea06df208a6aa18b6b7bbdb7aa4ca1 run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #3: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad d6657781b5a9d2e2c72da1af0d185899b2d7e2f1 Bisecting: 139 revisions left to test after this (roughly 7 steps) [912f85e104f4dfc46bf33e6b5eef1f72a39d0336] net: can: usb: esd_usb2: don't print error when allocating urb fails testing commit 912f85e104f4dfc46bf33e6b5eef1f72a39d0336 with gcc (GCC) 5.5.0 kernel signature: 7db785d5ac53fbbe38cc22b64ad66e1e4a9da26c80d0e6cd826bf255d23f8462 run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 912f85e104f4dfc46bf33e6b5eef1f72a39d0336 Bisecting: 69 revisions left to test after this (roughly 6 steps) [a995560a279628bcc00a0524ab068c39a3a184fb] sfc: use new performance based event queue init testing commit a995560a279628bcc00a0524ab068c39a3a184fb with gcc (GCC) 5.5.0 kernel signature: b2dc1fb8b733894d92647ee1b4d021341bbf9bd1ffeccbe1f5dcbc7710785128 run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad a995560a279628bcc00a0524ab068c39a3a184fb Bisecting: 34 revisions left to test after this (roughly 5 steps) [0184165b2f42c4b032da9dd11546bfbaeb5afd4e] ravb: add sleep PM suspend/resume support testing commit 0184165b2f42c4b032da9dd11546bfbaeb5afd4e with gcc (GCC) 5.5.0 kernel signature: ca724b87e3f1eb192647a2e7408cc2651de2a141838ec6a65950b0878bca3837 run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #3: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #4: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 0184165b2f42c4b032da9dd11546bfbaeb5afd4e Bisecting: 16 revisions left to test after this (roughly 4 steps) [65752dda4b525730746085a351e6e936d29bc586] net: ethernet: greth: use phydev from struct net_device testing commit 65752dda4b525730746085a351e6e936d29bc586 with gcc (GCC) 5.5.0 kernel signature: dc0cda6dfe6d513b6cfb0b43e027870795fe99c48fe370336cf212abb1af1814 run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 65752dda4b525730746085a351e6e936d29bc586 Bisecting: 8 revisions left to test after this (roughly 3 steps) [2647cffb2bc6fbed163d377390eb7ca552c7c1cb] net: ipconfig: Support using "delayed" DHCP replies testing commit 2647cffb2bc6fbed163d377390eb7ca552c7c1cb with gcc (GCC) 5.5.0 kernel signature: 0086049434994bfcee1e039a77fb704b3ca6b3910763b32098552ad9e3b912ee run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 2647cffb2bc6fbed163d377390eb7ca552c7c1cb Bisecting: 3 revisions left to test after this (roughly 2 steps) [92fbb1df83ec17f62a46b23507ebb3f06ca10cd3] be2net: Avoid unnecessary firmware updates of multicast list testing commit 92fbb1df83ec17f62a46b23507ebb3f06ca10cd3 with gcc (GCC) 5.5.0 kernel signature: 459cfb2de97b773dfba8d0c5d0fe8c9b7c8f8cb2bf4f90d6b4e5443334276faa run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 92fbb1df83ec17f62a46b23507ebb3f06ca10cd3 Bisecting: 1 revision left to test after this (roughly 1 step) [841f60fcc4e7986a4ef3f83a289ab47076872e42] be2net: clear vlan-promisc setting before programming the vlan list testing commit 841f60fcc4e7986a4ef3f83a289ab47076872e42 with gcc (GCC) 5.5.0 kernel signature: 2dedb246e0ea904d798697623cfe8e7551fd84bbede6d40ab4f91dd9877e124a run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 841f60fcc4e7986a4ef3f83a289ab47076872e42 Bisecting: 0 revisions left to test after this (roughly 0 steps) [0e7bbcc104baaade4f64205e9706b7d43c46db7d] neigh: allow admin to set NUD_STALE testing commit 0e7bbcc104baaade4f64205e9706b7d43c46db7d with gcc (GCC) 5.5.0 kernel signature: 12b3e2e2e8e2ceef9084a4f37e9687748d5a58707980bda841c7216d3a14d37a run #0: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #1: crashed: UBSAN: undefined-behaviour in ip_idents_reserve run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 0e7bbcc104baaade4f64205e9706b7d43c46db7d 0e7bbcc104baaade4f64205e9706b7d43c46db7d is the first bad commit commit 0e7bbcc104baaade4f64205e9706b7d43c46db7d Author: Julian Anastasov Date: Wed Jul 27 09:56:50 2016 +0300 neigh: allow admin to set NUD_STALE Admin should be able to set any state. Currently, this fails when lladdr is not changed and state is changed from NUD_CONNECTED to NUD_STALE: ip neigh add 192.168.8.1 lladdr 00:11:22:33:44:55 nud perm dev wlan0 ip neigh show to 192.168.8.1 192.168.8.1 dev wlan0 lladdr 00:11:22:33:44:55 PERMANENT ip neigh change 192.168.8.1 lladdr 00:11:22:33:44:55 nud stale dev wlan0 ip neigh show to 192.168.8.1 192.168.8.1 dev wlan0 lladdr 00:11:22:33:44:55 PERMANENT Problem may be from 2.1.X days. Signed-off-by: Julian Anastasov Reviewed-by: Chunhui He Signed-off-by: David S. Miller net/core/neighbour.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) parent commit 1fe323aa1b2390a0c57fb0b06a782f128d49094c wasn't tested testing commit 1fe323aa1b2390a0c57fb0b06a782f128d49094c with gcc (GCC) 5.5.0 kernel signature: a7c274262366ed859d4bfcc379edc26f8d68cf527cd91e87b9bd5ecf603355a6 culprit signature: 12b3e2e2e8e2ceef9084a4f37e9687748d5a58707980bda841c7216d3a14d37a parent signature: a7c274262366ed859d4bfcc379edc26f8d68cf527cd91e87b9bd5ecf603355a6 revisions tested: 37, total time: 8h17m30.750486998s (build: 3h28m20.504818621s, test: 4h44m22.698396015s) first bad commit: 0e7bbcc104baaade4f64205e9706b7d43c46db7d neigh: allow admin to set NUD_STALE recipients (to): ["davem@davemloft.net" "hchunhui@mail.ustc.edu.cn" "ja@ssi.bg"] recipients (cc): [] crash: UBSAN: undefined-behaviour in ip_idents_reserve batman_adv: batadv0: Interface activated: batadv_slave_0 IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready batman_adv: batadv0: Interface activated: batadv_slave_1 IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready ================================================================================ UBSAN: Undefined behaviour in ./arch/x86/include/asm/atomic.h:156:9 signed integer overflow: -1213432333 + -998986911 cannot be represented in type 'int' CPU: 0 PID: 7363 Comm: modprobe Not tainted 4.7.0-syzkaller #0 IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready 0000000000000000 ffff88012c007020 ffffffff83778841 1ffffffff1177866 0000000041b58ab3[ 54.992582] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready device veth0_macvtap entered promiscuous mode ffffffff884c9747IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready device veth1_macvtap entered promiscuous mode ffffffff83778684 0000000000000086 ffffffff00000028[ 55.027811] device veth0_macvtap entered promiscuous mode ffff88012c007048 ffff88012c006ff8 ffff88012c007010 Call Trace: IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready device veth1_macvtap entered promiscuous mode [ 55.057146] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0x1bd/0x29c lib/dump_stack.c:51 IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [] ubsan_epilogue+0xd/0x8a lib/ubsan.c:164 [] handle_overflow+0x202/0x23d lib/ubsan.c:195 [] __ubsan_handle_add_overflow+0xe/0x10 lib/ubsan.c:203 [] atomic_add_return arch/x86/include/asm/atomic.h:156 [inline] [] ip_idents_reserve+0xf8/0x140 net/ipv4/route.c:484 [] __ip_select_ident+0x183/0x260 net/ipv4/route.c:499 [] iptunnel_xmit+0x534/0xaa0 net/ipv4/ip_tunnel_core.c:98 [] udp_tunnel_xmit_skb+0x234/0x400 net/ipv4/udp_tunnel.c:159 [] geneve_xmit_skb drivers/net/geneve.c:911 [inline] [] geneve_xmit+0x7d0/0x4280 drivers/net/geneve.c:1034 [] __netdev_start_xmit include/linux/netdevice.h:3980 [inline] [] netdev_start_xmit include/linux/netdevice.h:3989 [inline] [] xmit_one net/core/dev.c:2919 [inline] [] dev_hard_start_xmit+0x184/0xb10 net/core/dev.c:2935 [] __dev_queue_xmit+0x1448/0x2970 net/core/dev.c:3405 [] dev_queue_xmit+0xb/0x10 net/core/dev.c:3438 [] neigh_resolve_output+0x4b4/0x8f0 net/core/neighbour.c:1307 [] dst_neigh_output include/net/dst.h:464 [inline] [] ip6_finish_output2+0xe0e/0x2370 net/ipv6/ip6_output.c:113 [] ip6_finish_output+0x2fb/0x830 net/ipv6/ip6_output.c:131 [] NF_HOOK_COND include/linux/netfilter.h:233 [inline] [] ip6_output+0x196/0x6d0 net/ipv6/ip6_output.c:145 [] dst_output include/net/dst.h:501 [inline] [] NF_HOOK_THRESH include/linux/netfilter.h:219 [inline] [] NF_HOOK include/linux/netfilter.h:242 [inline] [] mld_sendpack+0x785/0x1180 net/ipv6/mcast.c:1646 [] mld_send_cr net/ipv6/mcast.c:1927 [inline] [] mld_ifc_timer_expire+0x3d2/0x780 net/ipv6/mcast.c:2425 [] call_timer_fn+0x1ab/0x890 kernel/time/timer.c:1298 [] expire_timers+0x352/0x700 kernel/time/timer.c:1338 [] __run_timers kernel/time/timer.c:1624 [inline] [] run_timer_softirq+0x1c1/0x5e0 kernel/time/timer.c:1637 [] __do_softirq+0x2e2/0xf20 kernel/softirq.c:273 [] invoke_softirq kernel/softirq.c:350 [inline] [] irq_exit+0x13b/0x250 kernel/softirq.c:391 [] exiting_irq arch/x86/include/asm/apic.h:657 [inline] [] smp_apic_timer_interrupt+0x80/0xb0 arch/x86/kernel/apic/apic.c:934 [] apic_timer_interrupt+0x8c/0xa0 arch/x86/entry/entry_64.S:618 [] ? arch_local_irq_restore arch/x86/include/asm/paravirt.h:789 [inline] [] ? lock_acquire+0x223/0x630 kernel/locking/lockdep.c:3749 [] rcu_lock_acquire include/linux/rcupdate.h:488 [inline] [] rcu_read_lock include/linux/rcupdate.h:870 [inline] [] dget_parent+0x3c/0x4b0 fs/dcache.c:833 [] ext4_file_open+0x20e/0xa20 fs/ext4/file.c:372 [] do_dentry_open+0x5d8/0xcd0 fs/open.c:736 [] vfs_open+0x13d/0x370 fs/open.c:849 [] do_last fs/namei.c:3374 [inline] [] path_openat+0xc66/0x2ae0 fs/namei.c:3497 [] do_filp_open+0x191/0x2b0 fs/namei.c:3532 [] do_sys_open+0x190/0x3c0 fs/open.c:1016 [] SYSC_open fs/open.c:1034 [inline] [] SyS_open+0x19/0x20 fs/open.c:1029 [] entry_SYSCALL_64_fastpath+0x23/0xc1 ================================================================================ IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready device veth0_macvtap entered promiscuous mode device veth1_macvtap entered promiscuous mode IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready device veth0_vlan entered promiscuous mode IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready device veth1_vlan entered promiscuous mode IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready device veth0_vlan entered promiscuous mode IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready device veth1_vlan entered promiscuous mode IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready device veth0_macvtap entered promiscuous mode device veth1_macvtap entered promiscuous mode IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready device veth0_macvtap entered promiscuous mode IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready device veth1_macvtap entered promiscuous mode wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready hrtimer: interrupt took 35097 ns