bisecting fixing commit since a844dc4c544291470aa69edbe2434b040794e269
building syzkaller on 4b83c8fbed7b9cea831be880ec8aa1098b465f25
testing commit a844dc4c544291470aa69edbe2434b040794e269 with gcc (GCC) 8.1.0
kernel signature: 9c949127d82f5d8eea0871744ace4dc8a600f0a2
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in mem_serial_out
testing current HEAD b0cdffaa546e24acf92ab3b0d4e917a51aff6a82
testing commit b0cdffaa546e24acf92ab3b0d4e917a51aff6a82 with gcc (GCC) 8.1.0
kernel signature: a4f50bdb41222feb80cd36a03b6cf69f91004d33
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in mem_serial_out
revisions tested: 2, total time: 25m42.424825432s (build: 18m9.358680208s, test: 6m37.831654312s)
the crash still happens on HEAD
commit msg: Linux 4.14.163
crash: BUG: unable to handle kernel NULL pointer dereference in mem_serial_out
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
BUG: unable to handle kernel NULL pointer dereference at 0000000000000003
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
IP: writeb arch/x86/include/asm/io.h:65 [inline]
IP: mem_serial_out+0x61/0x90 drivers/tty/serial/8250/8250_port.c:408
8021q: adding VLAN 0 to HW filter on device batadv0
PGD 910bd067 P4D 910bd067 PUD 9100f067 PMD 0 
kobject: 'vlan0' (ffff8880a92d3900): kobject_add_internal: parent: 'mesh', set: '<NULL>'
Oops: 0002 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 1 PID: 6913 Comm: syz-executor.2 Not tainted 4.14.163-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff88809ff0c4c0 task.stack: ffff888096bf0000
IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
RIP: 0010:writeb arch/x86/include/asm/io.h:65 [inline]
RIP: 0010:mem_serial_out+0x61/0x90 drivers/tty/serial/8250/8250_port.c:408
8021q: adding VLAN 0 to HW filter on device bond0
RSP: 0018:ffff888096bf78c0 EFLAGS: 00010206
RAX: dffffc0000000000 RBX: ffffffff8a45de10 RCX: 1ffffffff148bbca
RDX: 00000000000000bf RSI: 0000000000000003 RDI: ffffffff8a45de50
RBP: ffff888096bf78d0 R08: ffff88809ff0cd88 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8a45df50
R13: ffffffff8a45de10 R14: ffffffff8a45de60 R15: ffffffff8a45dedc
FS:  00007ffb966cc700(0000) GS:ffff8880aed00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000003 CR3: 0000000090b34000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
Call Trace:
 serial_port_out include/linux/serial_core.h:266 [inline]
 serial8250_do_startup+0xf1f/0x1ad0 drivers/tty/serial/8250/8250_port.c:2140
 serial8250_startup+0x39/0x50 drivers/tty/serial/8250/8250_port.c:2411
 uart_port_startup drivers/tty/serial/serial_core.c:231 [inline]
 uart_startup.part.20+0x2a0/0x710 drivers/tty/serial/serial_core.c:270
 uart_startup drivers/tty/serial/serial_core.c:267 [inline]
 uart_set_info drivers/tty/serial/serial_core.c:1010 [inline]
 uart_set_info_user drivers/tty/serial/serial_core.c:1038 [inline]
 uart_ioctl+0x127e/0x2b90 drivers/tty/serial/serial_core.c:1361
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
 tty_ioctl+0x434/0x1260 drivers/tty/tty_io.c:2661
8021q: adding VLAN 0 to HW filter on device team0
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x180/0xfb0 fs/ioctl.c:684
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x74/0x80 fs/ioctl.c:692
 do_syscall_64+0x1c7/0x5b0 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45a6f9
hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
RSP: 002b:00007ffb966cbc78 EFLAGS: 00000246
hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a6f9
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
RDX: 0000000020000080 RSI: 000000000000541f RDI: 0000000000000003
IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffb966cc6d4
R13: 00000000004c5c0b R14: 00000000004dbf70 R15: 00000000ffffffff
Code: 0f b6 8b d1 00 00 
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
00 48 8d 7b 40 48 b8 00 00 00 00 00 fc ff df d3 e6 48 89 f9 48 c1 e9 03 80 3c 01 00 
8021q: adding VLAN 0 to HW filter on device batadv0
75 23 48 63 f6 48 03 73 40 <88> 16 48 83 c4 08 5b 5d c3 
kobject: 'vlan0' (ffff88808b319a00): kobject_add_internal: parent: 'mesh', set: '<NULL>'
89 55 f0 89 75 f4 e8 5b 08 38 fe 8b 
RIP: writeb arch/x86/include/asm/io.h:65 [inline] RSP: ffff888096bf78c0
RIP: mem_serial_out+0x61/0x90 drivers/tty/serial/8250/8250_port.c:408 RSP: ffff888096bf78c0
CR2: 0000000000000003
---[ end trace 55e9e256d4e9dded ]---
8021q: adding VLAN 0 to HW filter on device bond0
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready