bisecting fixing commit since 3bd837bfe431839a378e9d421af05b2e22a6d329
building syzkaller on 1656845f45f284c574eb4f8bfe85dd7916a47a3a
testing commit 3bd837bfe431839a378e9d421af05b2e22a6d329 with gcc (GCC) 8.1.0
kernel signature: a0739d081f48c5f488044763dfbc0b09eee246dd
all runs: crashed: general protection fault in rxrpc_connect_call
testing current HEAD 174651bdf802a2139065e8e31ce950e2f3fc4a94
testing commit 174651bdf802a2139065e8e31ce950e2f3fc4a94 with gcc (GCC) 8.1.0
kernel signature: 85cf7892013b48cb88692c3659cfdf2244c97ea9
all runs: crashed: kernel BUG at net/rxrpc/local_object.c:LINE!
revisions tested: 2, total time: 23m17.458337451s (build: 16m3.728396171s, test: 6m13.743987555s)
the crash still happens on HEAD
commit msg: Linux 4.19.87
crash: kernel BUG at net/rxrpc/local_object.c:LINE!
8021q: adding VLAN 0 to HW filter on device batadv0
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
8021q: adding VLAN 0 to HW filter on device batadv0
rxrpc: Assertion failed
------------[ cut here ]------------
kernel BUG at net/rxrpc/local_object.c:437!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 6920 Comm: kworker/1:2 Not tainted 4.19.87-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: krxrpcd rxrpc_local_processor
RIP: 0010:rxrpc_local_destroyer net/rxrpc/local_object.c:437 [inline]
RIP: 0010:rxrpc_local_processor.cold.7+0x1a/0x21 net/rxrpc/local_object.c:470
Code: eb de 48 c7 c7 a0 f2 64 87 e8 12 6d 5f fb 0f 0b 48 c7 c7 a0 f2 64 87 e8 04 6d 5f fb 0f 0b 48 c7 c7 a0 f2 64 87 e8 f6 6c 5f fb <0f> 0b 90 90 90 90 90 55 48 89 e5 41 57 41 56 49 89 fe 41 55 41 54
kobject: 'loop0' (0000000088a4e221): kobject_uevent_env
RSP: 0018:ffff88808a5b7d10 EFLAGS: 00010282
RAX: 0000000000000017 RBX: ffff88808a47edf8 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff86ff2020 RDI: ffffffff89a826a0
RBP: ffff88808a5b7d58 R08: ffffed1015d65079 R09: ffffed1015d65078
R10: ffffed1015d65078 R11: ffff8880aeb283c7 R12: ffff88808a47ede8
R13: ffff888094889540 R14: ffff88808a47edf0 R15: ffff88809a218808
FS:  0000000000000000(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ff6ee09a000 CR3: 00000000a5461000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 process_one_work+0x830/0x1670 kernel/workqueue.c:2153
 worker_thread+0x85/0xb60 kernel/workqueue.c:2296
 kthread+0x324/0x3e0 kernel/kthread.c:246
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
Modules linked in:
---[ end trace 8e491f80bb975a5e ]---
kobject: 'loop0' (0000000088a4e221): fill_kobj_path: path = '/devices/virtual/block/loop0'
RIP: 0010:rxrpc_local_destroyer net/rxrpc/local_object.c:437 [inline]
RIP: 0010:rxrpc_local_processor.cold.7+0x1a/0x21 net/rxrpc/local_object.c:470
kobject: 'loop4' (00000000833f57b8): kobject_uevent_env
Code: eb de 48 c7 c7 a0 f2 64 87 e8 12 6d 5f fb 0f 0b 48 c7 c7 a0 f2 64 87 e8 04 6d 5f fb 0f 0b 48 c7 c7 a0 f2 64 87 e8 f6 6c 5f fb <0f> 0b 90 90 90 90 90 55 48 89 e5 41 57 41 56 49 89 fe 41 55 41 54
kobject: 'loop4' (00000000833f57b8): fill_kobj_path: path = '/devices/virtual/block/loop4'
RSP: 0018:ffff88808a5b7d10 EFLAGS: 00010282
RAX: 0000000000000017 RBX: ffff88808a47edf8 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff86ff2020 RDI: ffffffff89a826a0
RBP: ffff88808a5b7d58 R08: ffffed1015d65079 R09: ffffed1015d65078
R10: ffffed1015d65078 R11: ffff8880aeb283c7 R12: ffff88808a47ede8
R13: ffff888094889540 R14: ffff88808a47edf0 R15: ffff88809a218808
FS:  0000000000000000(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000040 CR3: 000000009f173000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400