bisecting fixing commit since db5b9190ff8202b609fe802ccde41cb28669389f building syzkaller on f9b6950728295eb8f52b05a0d9e5dccd99f93eaa testing commit db5b9190ff8202b609fe802ccde41cb28669389f with gcc (GCC) 8.1.0 kernel signature: 71fed105017809a3dd7d8241f2d14b1f0f739154d0ff9ba26bd9a326f14345f9 all runs: crashed: general protection fault in nft_tunnel_get_init testing current HEAD 9b15f7fae677336e04b9e026ff91854e43165455 testing commit 9b15f7fae677336e04b9e026ff91854e43165455 with gcc (GCC) 8.1.0 kernel signature: 59b14940da6822f3b413888d2e332a8937f6eb1ddf38126ab421f5d6e5c033ed all runs: OK # git bisect start 9b15f7fae677336e04b9e026ff91854e43165455 db5b9190ff8202b609fe802ccde41cb28669389f Bisecting: 647 revisions left to test after this (roughly 9 steps) [1b7081bff268184c82cb811be1cacb9d82dac7a3] ACPI: PM: Introduce "poweroff" callbacks for ACPI PM domain and LPSS testing commit 1b7081bff268184c82cb811be1cacb9d82dac7a3 with gcc (GCC) 8.1.0 kernel signature: 0263cb5998ac8e04bf5d686ad4b4cb9f0773f241655670407445582e658e383a all runs: OK # git bisect bad 1b7081bff268184c82cb811be1cacb9d82dac7a3 Bisecting: 323 revisions left to test after this (roughly 8 steps) [5fc07a47308ba169b28ce845e7dfcd244cc8eb9c] crypto: tgr192 - fix unaligned memory access testing commit 5fc07a47308ba169b28ce845e7dfcd244cc8eb9c with gcc (GCC) 8.1.0 kernel signature: 5321cf45a4484148d04f4b9db98240aa61e57baa882849a9eb2603d21c93e62c all runs: OK # git bisect bad 5fc07a47308ba169b28ce845e7dfcd244cc8eb9c Bisecting: 161 revisions left to test after this (roughly 7 steps) [565389fc18ebe7c54569f1630a320a3c5dc2cdae] mlxsw: spectrum: Wipe xstats.backlog of down ports testing commit 565389fc18ebe7c54569f1630a320a3c5dc2cdae with gcc (GCC) 8.1.0 kernel signature: 62a7c07179a8dc5e9c11eb229ffad82f4389ceea33963e5aee20a1c807eae9a2 all runs: OK # git bisect bad 565389fc18ebe7c54569f1630a320a3c5dc2cdae Bisecting: 80 revisions left to test after this (roughly 6 steps) [10d55ea6136b4116623297df3bd156981cc87f7e] ioat: ioat_alloc_ring() failure handling. testing commit 10d55ea6136b4116623297df3bd156981cc87f7e with gcc (GCC) 8.1.0 kernel signature: f43f5c99bdf821aeaad00406d4788e1df7939308583d9b377df8853e31d1e829 all runs: crashed: general protection fault in nft_tunnel_get_init # git bisect good 10d55ea6136b4116623297df3bd156981cc87f7e Bisecting: 40 revisions left to test after this (roughly 5 steps) [107fb2906db14ac9fc14f780f2a92418974a0c66] drm/i915: Add missing include file testing commit 107fb2906db14ac9fc14f780f2a92418974a0c66 with gcc (GCC) 8.1.0 kernel signature: a8404f5bb0eefb7f3cf9338d2ca46913f60e69033103751e4e60821cdbe978e5 all runs: crashed: general protection fault in nft_tunnel_get_init # git bisect good 107fb2906db14ac9fc14f780f2a92418974a0c66 Bisecting: 20 revisions left to test after this (roughly 4 steps) [5205825195a1af8d98ef2d2e3eb083f2f1bb4724] cfg80211: fix deadlocks in autodisconnect work testing commit 5205825195a1af8d98ef2d2e3eb083f2f1bb4724 with gcc (GCC) 8.1.0 kernel signature: d290160f242d489d77595181229c2a23cea1d7875c50c8d84553bb72c9be9b0e all runs: crashed: general protection fault in nft_tunnel_get_init # git bisect good 5205825195a1af8d98ef2d2e3eb083f2f1bb4724 Bisecting: 10 revisions left to test after this (roughly 3 steps) [da319f060b853a2cf4df3bc6119083813aaa1976] batman-adv: Fix DAT candidate selection on little endian systems testing commit da319f060b853a2cf4df3bc6119083813aaa1976 with gcc (GCC) 8.1.0 kernel signature: e5f481daf8aa250a9199b74d6ba9840504aa56ef0ac5d85383f46b9f37827366 all runs: OK # git bisect bad da319f060b853a2cf4df3bc6119083813aaa1976 Bisecting: 4 revisions left to test after this (roughly 2 steps) [6de941ce70cd5c6d672f8af2d0a6dc83039a283c] netfilter: nft_tunnel: fix null-attribute check testing commit 6de941ce70cd5c6d672f8af2d0a6dc83039a283c with gcc (GCC) 8.1.0 kernel signature: 6384106b9ac7a3e9d854226848f86e97e0916fa41c9d31e3611f01ceb9c76e1a all runs: OK # git bisect bad 6de941ce70cd5c6d672f8af2d0a6dc83039a283c Bisecting: 2 revisions left to test after this (roughly 1 step) [ec4234e5dd66f326931b2e30e40bcc29002b1478] cfg80211: fix page refcount issue in A-MSDU decap testing commit ec4234e5dd66f326931b2e30e40bcc29002b1478 with gcc (GCC) 8.1.0 kernel signature: 913dc0882472ce5a4069ca880b1b305100471591df877a88cf201a2369622ad8 all runs: crashed: general protection fault in nft_tunnel_get_init # git bisect good ec4234e5dd66f326931b2e30e40bcc29002b1478 Bisecting: 0 revisions left to test after this (roughly 1 step) [e3282417b91c09af9e327238edfd11deb887b83a] netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct testing commit e3282417b91c09af9e327238edfd11deb887b83a with gcc (GCC) 8.1.0 kernel signature: 143d164cca5c3d57369adaaaeb907211bb10da414fb15225a2a82f9f4f285700 all runs: crashed: general protection fault in nft_tunnel_get_init # git bisect good e3282417b91c09af9e327238edfd11deb887b83a 6de941ce70cd5c6d672f8af2d0a6dc83039a283c is the first bad commit commit 6de941ce70cd5c6d672f8af2d0a6dc83039a283c Author: Florian Westphal Date: Thu Jan 16 08:44:11 2020 +0100 netfilter: nft_tunnel: fix null-attribute check commit 1c702bf902bd37349f6d91cd7f4b372b1e46d0ed upstream. else we get null deref when one of the attributes is missing, both must be non-null. Reported-by: syzbot+76d0b80493ac881ff77b@syzkaller.appspotmail.com Fixes: aaecfdb5c5dd8ba ("netfilter: nf_tables: match on tunnel metadata") Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso Signed-off-by: Greg Kroah-Hartman net/netfilter/nft_tunnel.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) culprit signature: 6384106b9ac7a3e9d854226848f86e97e0916fa41c9d31e3611f01ceb9c76e1a parent signature: 143d164cca5c3d57369adaaaeb907211bb10da414fb15225a2a82f9f4f285700 revisions tested: 12, total time: 3h11m58.178251507s (build: 1h49m58.147748548s, test: 1h20m46.237987482s) first good commit: 6de941ce70cd5c6d672f8af2d0a6dc83039a283c netfilter: nft_tunnel: fix null-attribute check cc: ["fw@strlen.de" "gregkh@linuxfoundation.org" "pablo@netfilter.org"]