ci2 starts bisection 2022-11-05 05:22:06.054156301 +0000 UTC m=+117067.410584199 bisecting cause commit starting from 7f2e600bf63a9cda882a6c86de04183e5061e8ee building syzkaller on 08977f5d5e344fa0ac0b80af0b72fc3f1468d6a5 ensuring issue is reproducible on original commit 7f2e600bf63a9cda882a6c86de04183e5061e8ee testing commit 7f2e600bf63a9cda882a6c86de04183e5061e8ee gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: db42b486c71f3802376d6836289330202b750e9a5b0b982e38d4a119d07c7ef8 run #0: crashed: kernel BUG in pfkey_send_acquire run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK reproducer seems to be flaky testing release v5.15.74 testing commit a3f2f5ac9d61e973e383f17a95cf2aa384e2d0c4 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 2ba55c417145f2814564c662abe69dd0bd93fc8f09a81ee0b01209c62e92b1f5 all runs: OK # git bisect start 7f2e600bf63a9cda882a6c86de04183e5061e8ee a3f2f5ac9d61e973e383f17a95cf2aa384e2d0c4 Bisecting: 2430 revisions left to test after this (roughly 11 steps) [09d346dc01f43b3aee7ee0a722c9d4347c7a7e3c] ANDROID: gki_defconfig: Enable USB_NET_CDC_NCM testing commit 09d346dc01f43b3aee7ee0a722c9d4347c7a7e3c gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 970a103be47f30de33ed09345a362b86e208ec76b9adb432fd8a352028e8c0bd run #0: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #1: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #2: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #3: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #4: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #5: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #6: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #7: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #8: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #9: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #10: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #11: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #12: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #13: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #14: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #15: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #16: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #17: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #18: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #19: basic kernel testing failed: UBSAN: object-size-mismatch in send4 # git bisect skip 09d346dc01f43b3aee7ee0a722c9d4347c7a7e3c Bisecting: 2429 revisions left to test after this (roughly 11 steps) [2b30d715648aa3d5459e25d914a9c07c7e77ffb5] ANDROID: gki_defconfig: Enable IFB, NET_SCH_TBF, NET_ACT_POLICE testing commit 2b30d715648aa3d5459e25d914a9c07c7e77ffb5 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 30c34caefc2f54303b5e0d6bb8b6bdf82c5bf91d0ee9b5d2d4583a63ee201fbc run #0: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #1: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #2: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #3: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #4: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #5: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #6: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #7: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #8: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #9: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #10: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #11: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #12: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #13: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #14: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #15: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #16: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #17: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #18: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #19: basic kernel testing failed: UBSAN: object-size-mismatch in send4 # git bisect skip 2b30d715648aa3d5459e25d914a9c07c7e77ffb5 Bisecting: 2429 revisions left to test after this (roughly 11 steps) [cb28bf923064492756ec7ee6cb24fd0cec375b86] FROMLIST: arm64: reserve x18 from general allocation with SCS testing commit cb28bf923064492756ec7ee6cb24fd0cec375b86 gcc compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: f19b9e21c6544fc2c58cc0224b8180a4b374e781a192132369d07f3f23545636 run #0: basic kernel testing failed: KASAN: use-after-free Read in task_active_pid_ns run #1: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #2: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #3: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #4: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #5: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #6: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #7: basic kernel testing failed: KASAN: use-after-free Read in task_active_pid_ns run #8: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #9: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #10: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #11: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #12: basic kernel testing failed: KASAN: use-after-free Read in task_active_pid_ns run #13: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #14: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #15: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #16: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #17: basic kernel testing failed: KASAN: use-after-free Read in task_active_pid_ns run #18: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #19: basic kernel testing failed: KASAN: use-after-free Read in task_active_pid_ns # git bisect skip cb28bf923064492756ec7ee6cb24fd0cec375b86 Bisecting: 2429 revisions left to test after this (roughly 11 steps) [cc254ce831c0d353a45b27f412153d0fb8a18b4a] ANDROID: uapi: Add dm-user structure definition testing commit cc254ce831c0d353a45b27f412153d0fb8a18b4a gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 90c432460092830cda542be22607f4f1ba802d9e0a7857f54a8dcafcc509e5e7 run #0: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #1: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #2: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #3: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #4: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #5: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #6: basic kernel testing failed: UBSAN: object-size-mismatch in wg_xmit run #7: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #8: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #9: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #10: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #11: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #12: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #13: basic kernel testing failed: UBSAN: object-size-mismatch in wg_xmit run #14: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #15: basic kernel testing failed: UBSAN: object-size-mismatch in wg_xmit run #16: basic kernel testing failed: UBSAN: object-size-mismatch in wg_xmit run #17: basic kernel testing failed: UBSAN: object-size-mismatch in wg_xmit run #18: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #19: basic kernel testing failed: KASAN: use-after-free Read in attach_pid # git bisect skip cc254ce831c0d353a45b27f412153d0fb8a18b4a Bisecting: 2429 revisions left to test after this (roughly 11 steps) [e80661dff22927d8745cc74c4c106d1022129ee6] Revert "netfilter: conntrack: convert to refcount_t api" testing commit e80661dff22927d8745cc74c4c106d1022129ee6 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 3d2e799f78d8f180816fa38f8be4874669f1fbf595b6ccc8b6bd9a3b4fb4c3de all runs: OK # git bisect good e80661dff22927d8745cc74c4c106d1022129ee6 Bisecting: 301 revisions left to test after this (roughly 8 steps) [90e5d9e3039fb7f0f9a8bb8de1fff0bb586f6e11] Revert "Revert "ANDROID: GKI: Add ANDROID_OEM_DATA in struct blk_mq_ctx"" testing commit 90e5d9e3039fb7f0f9a8bb8de1fff0bb586f6e11 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: e93703034c88150ffd897289fbea10f23bd42877f088659c0e1da5275deb3fb4 all runs: OK # git bisect good 90e5d9e3039fb7f0f9a8bb8de1fff0bb586f6e11 Bisecting: 150 revisions left to test after this (roughly 7 steps) [f6bdf3d697932a7e10668b550fac535b42fcac74] UPSTREAM: nl80211: fix locking in nl80211_set_tx_bitrate_mask() testing commit f6bdf3d697932a7e10668b550fac535b42fcac74 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 2d2ea3255e746d4debd82c027bdf317432faca2cafa7e8a10c3b9ef83e87b5b0 all runs: OK # git bisect good f6bdf3d697932a7e10668b550fac535b42fcac74 Bisecting: 80 revisions left to test after this (roughly 6 steps) [d20aaea59dae527e7795ed4faba2ef10382bc3af] ANDROID: firmware_loader: Restore permissions for firmware class path testing commit d20aaea59dae527e7795ed4faba2ef10382bc3af gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 3d19df5c2b062c293322a9b75c3ff6ab638ece388bbbb6a947d5990b52be09e9 all runs: OK # git bisect good d20aaea59dae527e7795ed4faba2ef10382bc3af Bisecting: 40 revisions left to test after this (roughly 5 steps) [22aed70fc15815569a821e81a1208af66172b9f1] Merge 5.15.55 into android13-5.15-lts testing commit 22aed70fc15815569a821e81a1208af66172b9f1 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 76de09212646da1114cc97052f5a9960c8d69b1d5d3d26aaf792b220d10067e8 all runs: OK # git bisect good 22aed70fc15815569a821e81a1208af66172b9f1 Bisecting: 20 revisions left to test after this (roughly 4 steps) [0882368e616cb425b3e93824b74697fe0b261fcd] Revert "android: binder: stop saving a pointer to the VMA" testing commit 0882368e616cb425b3e93824b74697fe0b261fcd gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 9bbfe8a28352f4ab56e624d506b0729221969752219506ed80d675b767e02cf9 all runs: OK # git bisect good 0882368e616cb425b3e93824b74697fe0b261fcd Bisecting: 9 revisions left to test after this (roughly 3 steps) [7b0fdb742b4aaa0a66ae98c1a4e600f1836fcab4] Revert "xhci: Add grace period after xHC start to prevent premature runtime suspend." testing commit 7b0fdb742b4aaa0a66ae98c1a4e600f1836fcab4 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: eaada46442d96fd43ee1bb3a4268d79581de39ccf56a1091afe7e92881173d21 all runs: OK # git bisect good 7b0fdb742b4aaa0a66ae98c1a4e600f1836fcab4 Bisecting: 4 revisions left to test after this (roughly 2 steps) [4248b89fb1c8558a980d3a3dd5e97a18e51fc7cc] Merge 5.15.69 into android13-5.15-lts testing commit 4248b89fb1c8558a980d3a3dd5e97a18e51fc7cc gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: e4817f3e6ad20b3dde9187fcc04b7b30ff2bd6f36357cd2639934b8f05311736 run #0: crashed: kernel BUG in pfkey_send_acquire run #1: crashed: kernel BUG in pfkey_send_acquire run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK # git bisect bad 4248b89fb1c8558a980d3a3dd5e97a18e51fc7cc Bisecting: 2 revisions left to test after this (roughly 1 step) [35fc902dbd930da7e4de52f9c7f561f356fc6b48] Merge 5.15.68 into android13-5.15-lts testing commit 35fc902dbd930da7e4de52f9c7f561f356fc6b48 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 sound/usb/endpoint.c:1405:19: error: use of undeclared identifier 'snd_usb_endpoint_configure' # git bisect skip 35fc902dbd930da7e4de52f9c7f561f356fc6b48 Bisecting: 2 revisions left to test after this (roughly 1 step) [956d54b490954b0d4698eb6dfb775ac2cc982270] UPSTREAM: Revert "ALSA: usb-audio: Split endpoint setups for hw_params and prepare" testing commit 956d54b490954b0d4698eb6dfb775ac2cc982270 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 402ba7be1518bdbe441bc4dd26b4d061018e5866ed712a5a020b2133fb083673 all runs: OK # git bisect good 956d54b490954b0d4698eb6dfb775ac2cc982270 Bisecting: 0 revisions left to test after this (roughly 0 steps) [ced746caafb16369e925af42e7b70d0e7f40ffe9] Revert "arm64: errata: add detection for AMEVCNTR01 incrementing incorrectly" testing commit ced746caafb16369e925af42e7b70d0e7f40ffe9 gcc compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: d7078043642ea174e04495b5f9bb30286f4f8699136559bbd949e8f6aee415a4 all runs: OK # git bisect good ced746caafb16369e925af42e7b70d0e7f40ffe9 4248b89fb1c8558a980d3a3dd5e97a18e51fc7cc is the first bad commit commit 4248b89fb1c8558a980d3a3dd5e97a18e51fc7cc Merge: ced746caafb1 820b689b4a7a Author: Greg Kroah-Hartman Date: Fri Sep 30 13:27:38 2022 +0200 Merge 5.15.69 into android13-5.15-lts Changes in 5.15.69 NFS: Fix WARN_ON due to unionization of nfs_inode.nrequests ACPI: resource: skip IRQ override on AMD Zen platforms ARM: dts: imx: align SPI NOR node name with dtschema ARM: dts: imx6qdl-kontron-samx6i: fix spi-flash compatible ARM: dts: at91: fix low limit for CPU regulator ARM: dts: at91: sama7g5ek: specify proper regulator output ranges lockdep: Fix -Wunused-parameter for _THIS_IP_ x86/mm: Force-inline __phys_addr_nodebug() task_stack, x86/cea: Force-inline stack helpers tracing: hold caller_addr to hardirq_{enable,disable}_ip tracefs: Only clobber mode/uid/gid on remount if asked iommu/vt-d: Fix kdump kernels boot failure with scalable mode Input: goodix - add support for GT1158 platform/surface: aggregator_registry: Add support for Surface Laptop Go 2 drm/msm/rd: Fix FIFO-full deadlock dt-bindings: iio: gyroscope: bosch,bmg160: correct number of pins HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message tg3: Disable tg3 device on system reboot to avoid triggering AER gpio: mockup: remove gpio debugfs when remove device ieee802154: cc2520: add rc code in cc2520_tx() Input: iforce - add support for Boeder Force Feedback Wheel nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change() drm/amd/amdgpu: skip ucode loading if ucode_size == 0 net: dsa: hellcreek: Print warning only once perf/arm_pmu_platform: fix tests for platform_get_irq() failure platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() soc: fsl: select FSL_GUTS driver for DPIO usb: gadget: f_uac2: clean up some inconsistent indenting usb: gadget: f_uac2: fix superspeed transfer RDMA/irdma: Use s/g array in post send only when its valid Input: goodix - add compatible string for GT1158 Linux 5.15.69 Signed-off-by: Greg Kroah-Hartman Change-Id: I8bf545a2cbe110fc6c49e4b41f80fea8736f6f54 .../bindings/iio/gyroscope/bosch,bmg160.yaml | 2 + Documentation/input/joydev/joystick.rst | 1 + Makefile | 2 +- arch/arm/boot/dts/at91-sama7g5ek.dts | 20 ++--- arch/arm/boot/dts/imx28-evk.dts | 2 +- arch/arm/boot/dts/imx28-m28evk.dts | 2 +- arch/arm/boot/dts/imx28-sps1.dts | 2 +- arch/arm/boot/dts/imx6dl-rex-basic.dts | 2 +- arch/arm/boot/dts/imx6q-ba16.dtsi | 2 +- arch/arm/boot/dts/imx6q-bx50v3.dtsi | 2 +- arch/arm/boot/dts/imx6q-cm-fx6.dts | 2 +- arch/arm/boot/dts/imx6q-dmo-edmqmx6.dts | 2 +- arch/arm/boot/dts/imx6q-dms-ba16.dts | 2 +- arch/arm/boot/dts/imx6q-gw5400-a.dts | 2 +- arch/arm/boot/dts/imx6q-marsboard.dts | 2 +- arch/arm/boot/dts/imx6q-rex-pro.dts | 2 +- arch/arm/boot/dts/imx6qdl-aristainetos.dtsi | 2 +- arch/arm/boot/dts/imx6qdl-aristainetos2.dtsi | 2 +- arch/arm/boot/dts/imx6qdl-dfi-fs700-m60.dtsi | 2 +- arch/arm/boot/dts/imx6qdl-kontron-samx6i.dtsi | 4 +- arch/arm/boot/dts/imx6qdl-nit6xlite.dtsi | 2 +- arch/arm/boot/dts/imx6qdl-nitrogen6_max.dtsi | 2 +- arch/arm/boot/dts/imx6qdl-nitrogen6_som2.dtsi | 2 +- arch/arm/boot/dts/imx6qdl-nitrogen6x.dtsi | 2 +- arch/arm/boot/dts/imx6qdl-sabreauto.dtsi | 2 +- arch/arm/boot/dts/imx6qdl-sabrelite.dtsi | 2 +- arch/arm/boot/dts/imx6qdl-sabresd.dtsi | 2 +- arch/arm/boot/dts/imx6sl-evk.dts | 2 +- arch/arm/boot/dts/imx6sx-nitrogen6sx.dts | 2 +- arch/arm/boot/dts/imx6sx-sdb-reva.dts | 4 +- arch/arm/boot/dts/imx6sx-sdb.dts | 4 +- arch/arm/boot/dts/imx6ul-14x14-evk.dtsi | 2 +- arch/arm/boot/dts/imx6ul-kontron-n6310-som.dtsi | 2 +- arch/arm/boot/dts/imx6ul-kontron-n6311-som.dtsi | 2 +- .../boot/dts/imx6ul-kontron-n6x1x-som-common.dtsi | 2 +- arch/arm/boot/dts/imx6ull-kontron-n6411-som.dtsi | 2 +- arch/arm64/kernel/entry-common.c | 8 +- arch/x86/include/asm/cpu_entry_area.h | 2 +- arch/x86/include/asm/page_64.h | 2 +- arch/x86/kvm/x86.h | 2 +- drivers/acpi/resource.c | 10 +++ drivers/gpio/gpio-mockup.c | 9 +- drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 2 +- drivers/gpu/drm/msm/msm_rd.c | 3 + drivers/hid/intel-ish-hid/ishtp-hid.h | 2 +- drivers/hid/intel-ish-hid/ishtp/client.c | 68 ++++++++------ drivers/infiniband/hw/irdma/uk.c | 3 +- drivers/input/joystick/iforce/iforce-main.c | 1 + drivers/input/touchscreen/goodix.c | 2 + drivers/iommu/intel/iommu.c | 100 +++++++++------------ drivers/net/ethernet/broadcom/tg3.c | 8 +- drivers/net/ieee802154/cc2520.c | 1 + drivers/nvme/target/tcp.c | 3 + drivers/perf/arm_pmu_platform.c | 2 +- .../platform/surface/surface_aggregator_registry.c | 3 + drivers/platform/x86/acer-wmi.c | 9 +- drivers/soc/fsl/Kconfig | 1 + drivers/usb/gadget/function/f_uac2.c | 30 +++++-- drivers/usb/storage/unusual_uas.h | 7 ++ fs/tracefs/inode.c | 31 +++++-- include/linux/intel-iommu.h | 9 +- include/linux/irqflags.h | 4 +- include/linux/kvm_host.h | 2 +- include/linux/nfs_fs.h | 4 +- include/linux/sched/task_stack.h | 2 +- kernel/entry/common.c | 6 +- kernel/locking/lockdep.c | 22 ++--- kernel/sched/idle.c | 2 +- kernel/trace/trace_preemptirq.c | 8 +- mm/mmap.c | 9 +- net/dsa/tag_hellcreek.c | 2 +- 71 files changed, 278 insertions(+), 196 deletions(-) Reproducer flagged being flaky revisions tested: 16, total time: 3h25m47.820344308s (build: 1h17m4.391358654s, test: 2h6m39.801261549s) first bad commit: 4248b89fb1c8558a980d3a3dd5e97a18e51fc7cc Merge 5.15.69 into android13-5.15-lts recipients (to): ["gregkh@google.com"] recipients (cc): [] crash: kernel BUG in pfkey_send_acquire skbuff: skb_over_panic: text:ffffffff841099bb len:160 put:72 head:ffff888125763000 data:ffff888125763000 tail:0xa0 end:0x80 dev: ------------[ cut here ]------------ kernel BUG at net/core/skbuff.c:113! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 528 Comm: syz-executor.2 Not tainted 5.15.69-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 RIP: 0010:skb_panic+0x14c/0x150 net/core/skbuff.c:113 Code: c7 60 e5 5c 85 48 8b 75 c0 48 8b 55 b8 8b 4d d4 44 8b 45 d0 4c 8b 4d c8 31 c0 53 41 56 41 55 41 54 e8 b5 48 c7 00 48 83 c4 20 <0f> 0b 66 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 70 4c RSP: 0018:ffffc900003aeb58 EFLAGS: 00010282 RAX: 0000000000000086 RBX: ffffffff855ce5e0 RCX: 3b4f814c5da82a00 RDX: 1ffff92000075d30 RSI: ffffffff8526ea20 RDI: 0000000000000001 RBP: ffffc900003aeba0 R08: dffffc0000000000 R09: ffffed103ee665e0 R10: ffffed103ee665e0 R11: 1ffff1103ee665df R12: ffff888125763000 R13: 00000000000000a0 R14: 0000000000000080 R15: dffffc0000000000 FS: 00007f1fb5d1a700(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020015038 CR3: 00000001255b7000 CR4: 00000000003506a0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: skb_over_panic net/core/skbuff.c:118 [inline] skb_put+0x10e/0x200 net/core/skbuff.c:2039 dump_esp_combs net/key/af_key.c:3009 [inline] pfkey_send_acquire+0x161b/0x2d90 net/key/af_key.c:3230 km_query+0x83/0xc0 net/xfrm/xfrm_state.c:2247 xfrm_state_find+0x1e17/0x2e20 net/xfrm/xfrm_state.c:1164 xfrm_tmpl_resolve_one net/xfrm/xfrm_policy.c:2393 [inline] xfrm_tmpl_resolve net/xfrm/xfrm_policy.c:2438 [inline] xfrm_resolve_and_create_bundle+0x5b1/0x28b0 net/xfrm/xfrm_policy.c:2731 xfrm_lookup_with_ifid+0xca2/0x1cb0 net/xfrm/xfrm_policy.c:3065 xfrm_lookup net/xfrm/xfrm_policy.c:3194 [inline] xfrm_lookup_route+0x1d/0x120 net/xfrm/xfrm_policy.c:3205 ip_route_output_flow+0x1bb/0x2e0 net/ipv4/route.c:2889 udp_sendmsg+0x1627/0x2960 net/ipv4/udp.c:1224 inet_sendmsg+0x8c/0xa0 net/ipv4/af_inet.c:827 sock_sendmsg_nosec net/socket.c:704 [inline] sock_sendmsg net/socket.c:724 [inline] ____sys_sendmsg+0x487/0x780 net/socket.c:2412 ___sys_sendmsg net/socket.c:2466 [inline] __sys_sendmmsg+0x3f8/0x6f0 net/socket.c:2552 __do_sys_sendmmsg net/socket.c:2581 [inline] __se_sys_sendmmsg net/socket.c:2578 [inline] __x64_sys_sendmmsg+0x9b/0xb0 net/socket.c:2578 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x61/0xcb RIP: 0033:0x7f1fb61c75a9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f1fb5d1a168 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 RAX: ffffffffffffffda RBX: 00007f1fb62e8050 RCX: 00007f1fb61c75a9 RDX: 000000000800001d RSI: 0000000020007fc0 RDI: 0000000000000003 RBP: 00007f1fb62227b0 R08: 0000000000000000 R09: 0000000000000000 R10: 000000a742250118 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc564c101f R14: 00007f1fb5d1a300 R15: 0000000000022000 Modules linked in: ---[ end trace 817f59fe406a3971 ]--- RIP: 0010:skb_panic+0x14c/0x150 net/core/skbuff.c:113 Code: c7 60 e5 5c 85 48 8b 75 c0 48 8b 55 b8 8b 4d d4 44 8b 45 d0 4c 8b 4d c8 31 c0 53 41 56 41 55 41 54 e8 b5 48 c7 00 48 83 c4 20 <0f> 0b 66 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 70 4c RSP: 0018:ffffc900003aeb58 EFLAGS: 00010282 RAX: 0000000000000086 RBX: ffffffff855ce5e0 RCX: 3b4f814c5da82a00 RDX: 1ffff92000075d30 RSI: ffffffff8526ea20 RDI: 0000000000000001 RBP: ffffc900003aeba0 R08: dffffc0000000000 R09: ffffed103ee665e0 R10: ffffed103ee665e0 R11: 1ffff1103ee665df R12: ffff888125763000 R13: 00000000000000a0 R14: 0000000000000080 R15: dffffc0000000000 FS: 00007f1fb5d1a700(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000563712b350b8 CR3: 00000001255b7000 CR4: 00000000003506b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400