bisecting cause commit starting from 770fbb32d34e5d6298cc2be590c9d2fd6069aa17
building syzkaller on 78267cec1aaa5e066d66e6a6c76fea1753e51b46
testing commit 770fbb32d34e5d6298cc2be590c9d2fd6069aa17 with gcc (GCC) 8.1.0
kernel signature: aa8a6b618d0e9033a3a9d02a2727a6da28cb5ad50f5dd20e5a79f32fd1ff55fc
run #0: crashed: KASAN: use-after-free Write in hci_sock_bind
run #1: crashed: KASAN: use-after-free Write in hci_sock_bind
run #2: crashed: KASAN: use-after-free Write in hci_sock_bind
run #3: crashed: KASAN: use-after-free Write in hci_sock_bind
run #4: crashed: WARNING: locking bug in __perf_event_task_sched_in
run #5: crashed: KASAN: use-after-free Write in hci_sock_bind
run #6: crashed: KASAN: use-after-free Write in hci_sock_bind
run #7: crashed: WARNING: locking bug in __perf_event_task_sched_in
run #8: crashed: KASAN: use-after-free Write in hci_sock_bind
run #9: crashed: WARNING: locking bug in finish_task_switch
testing release v5.5
testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0
kernel signature: a2fca8eba76ead5848c6aeefeb305ec06d0a1233b0801311eae4a6a2db012502
run #0: crashed: KASAN: use-after-free Write in hci_sock_bind
run #1: crashed: KASAN: use-after-free Write in hci_sock_bind
run #2: crashed: WARNING: locking bug in __perf_event_task_sched_in
run #3: crashed: KASAN: use-after-free Write in hci_sock_bind
run #4: crashed: KASAN: use-after-free Write in hci_sock_bind
run #5: crashed: WARNING: locking bug in __perf_event_task_sched_in
run #6: crashed: KASAN: use-after-free Write in hci_sock_bind
run #7: crashed: KASAN: use-after-free Write in hci_sock_bind
run #8: crashed: KASAN: use-after-free Write in hci_sock_bind
run #9: crashed: WARNING: locking bug in __perf_event_task_sched_in
testing release v5.4
testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0
kernel signature: 3aaf17f30a470fdae4ce5e20f34be372d719df44ac083ded9cbb0e35034419cc
run #0: crashed: KASAN: use-after-free Write in hci_sock_bind
run #1: crashed: KASAN: use-after-free Write in hci_sock_bind
run #2: crashed: KASAN: use-after-free Write in hci_sock_bind
run #3: crashed: WARNING: locking bug in __perf_event_task_sched_in
run #4: crashed: WARNING: locking bug in __perf_event_task_sched_in
run #5: crashed: KASAN: use-after-free Write in hci_sock_bind
run #6: crashed: WARNING: locking bug in __perf_event_task_sched_in
run #7: crashed: WARNING: locking bug in finish_task_switch
run #8: crashed: WARNING: locking bug in __perf_event_task_sched_in
run #9: crashed: WARNING: locking bug in __perf_event_task_sched_in
testing release v5.3
testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0
kernel signature: 1e4fae4ffccd5429e730b1ce88fcdd7804f55529e7a060fe259067983edc5a16
run #0: crashed: KASAN: use-after-free Write in hci_sock_bind
run #1: crashed: KASAN: use-after-free Write in hci_sock_bind
run #2: crashed: WARNING in hci_sock_dev_event
run #3: crashed: KASAN: use-after-free Write in hci_sock_bind
run #4: crashed: KASAN: use-after-free Write in hci_sock_bind
run #5: crashed: KASAN: use-after-free Write in hci_sock_bind
run #6: crashed: KASAN: use-after-free Write in hci_sock_bind
run #7: crashed: KASAN: use-after-free Write in hci_sock_bind
run #8: crashed: KASAN: use-after-free Write in hci_sock_bind
run #9: crashed: KASAN: use-after-free Write in hci_sock_bind
testing release v5.2
testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0
kernel signature: 5736048e08d0f1e425d60c003f6457f91696b4151467c1318e4a8e099450ac70
run #0: crashed: WARNING in kernfs_get
run #1: crashed: KASAN: use-after-free Write in hci_sock_bind
run #2: crashed: KASAN: use-after-free Write in hci_sock_bind
run #3: crashed: KASAN: use-after-free Write in hci_sock_bind
run #4: crashed: WARNING: locking bug in finish_task_switch
run #5: crashed: WARNING in kernfs_get
run #6: crashed: WARNING: locking bug in __perf_event_task_sched_in
run #7: crashed: WARNING: locking bug in __perf_event_task_sched_in
run #8: crashed: WARNING: locking bug in __perf_event_task_sched_in
run #9: crashed: KASAN: use-after-free Write in hci_sock_bind
testing release v5.1
testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0
kernel signature: 0ca9d34a7447adb5db09ea9ac9265e11cdbf40e79b492de308fde60a0ad81a27
run #0: crashed: KASAN: use-after-free Write in hci_sock_bind
run #1: crashed: WARNING: locking bug in finish_task_switch
run #2: crashed: WARNING in kernfs_put
run #3: crashed: KASAN: use-after-free Write in hci_sock_bind
run #4: crashed: WARNING: locking bug in hci_dev_open
run #5: crashed: KASAN: use-after-free Write in hci_sock_bind
run #6: crashed: WARNING: locking bug in __perf_event_task_sched_in
run #7: crashed: WARNING in kernfs_get
run #8: crashed: KASAN: use-after-free Write in hci_sock_bind
run #9: crashed: KASAN: use-after-free Write in hci_sock_bind
testing release v5.0
testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 with gcc (GCC) 8.1.0
kernel signature: 851d432f034f10444c0d981aa80dca52f4d230c8b12aa35d8c1e4291f3e8e4ac
run #0: crashed: WARNING in kernfs_get
run #1: crashed: KASAN: use-after-free Read in put_device
run #2: crashed: WARNING in kernfs_get
run #3: crashed: KASAN: use-after-free Write in hci_sock_bind
run #4: crashed: KASAN: use-after-free Write in hci_sock_bind
run #5: crashed: KASAN: use-after-free Write in hci_sock_bind
run #6: crashed: WARNING: locking bug in hci_sock_dev_event
run #7: crashed: KASAN: use-after-free Write in hci_sock_bind
run #8: crashed: KASAN: use-after-free Write in hci_sock_bind
run #9: crashed: KASAN: use-after-free Write in hci_sock_bind
testing release v4.20
testing commit 8fe28cb58bcb235034b64cbbb7550a8a43fd88be with gcc (GCC) 8.1.0
kernel signature: b939408d44a1699a1e0ecffbdbea4e8fed213f2e05ba3722dc07796cb3cc6e08
run #0: crashed: KASAN: use-after-free Write in hci_sock_bind
run #1: crashed: KASAN: use-after-free Write in hci_sock_bind
run #2: crashed: KASAN: use-after-free Read in put_device
run #3: crashed: KASAN: use-after-free Write in hci_sock_bind
run #4: crashed: KASAN: use-after-free Write in hci_sock_bind
run #5: crashed: KASAN: use-after-free Write in hci_sock_bind
run #6: crashed: KASAN: use-after-free Write in hci_sock_bind
run #7: crashed: KASAN: use-after-free Write in hci_sock_bind
run #8: crashed: WARNING in kernfs_get
run #9: crashed: KASAN: use-after-free Write in hci_sock_bind
testing release v4.19
testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d with gcc (GCC) 8.1.0
kernel signature: 4972b587cad25c48a5f98768f3797eb80c12250d7eed5dfaa50cd5d84626ebd0
run #0: crashed: KASAN: use-after-free Write in hci_sock_bind
run #1: crashed: KASAN: use-after-free Read in put_device
run #2: crashed: WARNING in kernfs_get
run #3: crashed: KASAN: use-after-free Write in hci_sock_bind
run #4: crashed: WARNING in kernfs_get
run #5: crashed: KASAN: use-after-free Write in hci_sock_bind
run #6: crashed: WARNING in kernfs_get
run #7: crashed: KASAN: use-after-free Write in hci_sock_bind
run #8: crashed: general protection fault in kernfs_add_one
run #9: crashed: KASAN: use-after-free Write in hci_sock_bind
testing release v4.18
testing commit 94710cac0ef4ee177a63b5227664b38c95bbf703 with gcc (GCC) 8.1.0
kernel signature: 25f8f6dbfb1d5bc4908beaf058e5a4e97afe64d02fda187c3e2ceb9486da6dc0
run #0: crashed: KASAN: use-after-free Write in hci_sock_bind
run #1: crashed: KASAN: use-after-free Write in hci_sock_bind
run #2: crashed: KASAN: use-after-free Write in hci_sock_bind
run #3: crashed: KASAN: use-after-free Write in hci_sock_bind
run #4: crashed: KASAN: use-after-free Write in hci_sock_bind
run #5: crashed: KASAN: use-after-free Write in hci_sock_bind
run #6: crashed: KASAN: use-after-free Write in hci_sock_bind
run #7: crashed: KASAN: use-after-free Read in put_device
run #8: crashed: KASAN: use-after-free Write in hci_sock_bind
run #9: crashed: KASAN: use-after-free Write in hci_sock_bind
testing release v4.17
testing commit 29dcea88779c856c7dc92040a0c01233263101d4 with gcc (GCC) 8.1.0
kernel signature: d86adc168eab892b3d2d5d56dc8cd92a8f19da9703a068760399bf486018344b
run #0: crashed: KASAN: use-after-free Write in hci_sock_bind
run #1: crashed: KASAN: use-after-free Read in put_device
run #2: crashed: KASAN: use-after-free Write in hci_sock_bind
run #3: crashed: KASAN: use-after-free Write in hci_sock_bind
run #4: crashed: KASAN: use-after-free Write in hci_sock_bind
run #5: crashed: KASAN: use-after-free Write in hci_sock_bind
run #6: crashed: KASAN: use-after-free Write in hci_sock_bind
run #7: crashed: KASAN: use-after-free Write in hci_sock_bind
run #8: crashed: KASAN: use-after-free Write in hci_sock_bind
run #9: crashed: KASAN: use-after-free Write in hci_sock_bind
testing release v4.16
testing commit 0adb32858b0bddf4ada5f364a84ed60b196dbcda with gcc (GCC) 8.1.0
kernel signature: 4aaec240ff24cf2a67f228ce7b7c6dacdf39a8f5f2c2c6b05db93807c7e59d06
run #0: crashed: KASAN: use-after-free Read in put_device
run #1: crashed: KASAN: use-after-free Read in put_device
run #2: crashed: KASAN: use-after-free Read in put_device
run #3: crashed: WARNING: locking bug in hci_sock_dev_event
run #4: crashed: KASAN: use-after-free Read in put_device
run #5: crashed: KASAN: use-after-free Read in put_device
run #6: crashed: WARNING: locking bug in hci_sock_dev_event
run #7: crashed: KASAN: use-after-free Read in put_device
run #8: crashed: KASAN: use-after-free Read in hci_dev_do_close
run #9: crashed: kernel BUG at net/bluetooth/af_bluetooth.c:LINE!
testing release v4.15
testing commit d8a5b80568a9cb66810e75b182018e9edb68e8ff with gcc (GCC) 8.1.0
kernel signature: eff0005a82d1ccd11d4043f07e367e3f80a171a11384c7b9a1965cb5bf64cdc6
run #0: crashed: KASAN: use-after-free Read in put_device
run #1: crashed: KASAN: use-after-free Read in put_device
run #2: crashed: general protection fault in batadv_iv_ogm_queue_add
run #3: crashed: WARNING: locking bug in hci_sock_dev_event
run #4: crashed: KASAN: use-after-free Read in hci_dev_do_close
run #5: crashed: KASAN: use-after-free Read in put_device
run #6: crashed: KASAN: use-after-free Read in hci_dev_do_close
run #7: crashed: KASAN: use-after-free Read in hci_dev_do_close
run #8: crashed: general protection fault in batadv_iv_ogm_queue_add
run #9: OK
testing release v4.14
testing commit bebc6082da0a9f5d47a1ea2edc099bf671058bd4 with gcc (GCC) 8.1.0
kernel signature: fda1f741ac81267599ae82b2ffa1e3def2d069189028d35eb00cab1fe9fe5d23
run #0: crashed: KASAN: use-after-free Read in put_device
run #1: crashed: KASAN: use-after-free Read in put_device
run #2: crashed: KASAN: use-after-free Read in put_device
run #3: crashed: KASAN: use-after-free Read in put_device
run #4: crashed: KASAN: use-after-free Read in put_device
run #5: crashed: KASAN: use-after-free Read in put_device
run #6: crashed: KASAN: use-after-free Read in hci_dev_do_close
run #7: crashed: KASAN: use-after-free Read in put_device
run #8: crashed: KASAN: use-after-free Read in put_device
run #9: crashed: KASAN: use-after-free Read in put_device
testing release v4.13
testing commit 569dbb88e80deb68974ef6fdd6a13edb9d686261 with gcc (GCC) 8.1.0
kernel signature: d1c85b64cfe6700b01a1c6e14ed084a4ba964ae98e5f2ab92760cd0ad0b0b02c
run #0: crashed: KASAN: use-after-free Read in put_device
run #1: crashed: WARNING: locking bug in hci_sock_dev_event
run #2: crashed: KASAN: use-after-free Read in put_device
run #3: crashed: KASAN: use-after-free Read in put_device
run #4: crashed: KASAN: use-after-free Read in put_device
run #5: crashed: WARNING: locking bug in hci_sock_dev_event
run #6: crashed: KASAN: use-after-free Read in put_device
run #7: crashed: KASAN: use-after-free Read in put_device
run #8: crashed: KASAN: use-after-free Read in put_device
run #9: crashed: KASAN: use-after-free Read in put_device
testing release v4.12
testing commit 6f7da290413ba713f0cdd9ff1a2a9bb129ef4f6c with gcc (GCC) 8.1.0
kernel signature: 577bb5bbba5204fb784edb428e8dfdd8f526ea8052cfc1de90dc298b0f060a46
all runs: crashed: BUG: sleeping function called from invalid context in tap_get_minor
testing release v4.11
testing commit a351e9b9fc24e982ec2f0e76379a49826036da12 with gcc (GCC) 7.3.0
kernel signature: 06c771e12b1a7d48b07d8780c191a16adc72c03da564d31e00d6c2f1a975c4e2
all runs: crashed: BUG: sleeping function called from invalid context in tap_get_minor
testing release v4.10
testing commit c470abd4fde40ea6a0846a2beab642a578c0b8cd with gcc (GCC) 5.5.0
kernel signature: 797a3e751703921caf0aaa4da7c70629806af0a30e806a4e8587b21a087ed64a
run #0: crashed: KASAN: use-after-free Read in put_device
run #1: crashed: KASAN: use-after-free Read in put_device
run #2: crashed: KASAN: use-after-free Read in put_device
run #3: crashed: WARNING in nf_unregister_net_hook
run #4: crashed: WARNING in nf_unregister_net_hook
run #5: crashed: KASAN: use-after-free Read in put_device
run #6: crashed: KASAN: use-after-free Read in put_device
run #7: crashed: KASAN: use-after-free Read in put_device
run #8: crashed: KASAN: use-after-free Read in put_device
run #9: crashed: WARNING: locking bug in hci_sock_dev_event
testing release v4.9
testing commit 69973b830859bc6529a7a0468ba0d80ee5117826 with gcc (GCC) 5.5.0
kernel signature: 914e222bedcdaf13826f11aaa8c05998478e7431dbb8b7b34975fcb2fc31aae4
run #0: crashed: WARNING in nf_unregister_net_hook
run #1: crashed: WARNING in nf_unregister_net_hook
run #2: crashed: WARNING in nf_unregister_net_hook
run #3: crashed: general protection fault in batadv_iv_ogm_queue_add
run #4: crashed: general protection fault in batadv_iv_ogm_queue_add
run #5: crashed: WARNING: ODEBUG bug in batadv_purge_outstanding_packets
run #6: OK
run #7: OK
run #8: OK
run #9: OK
testing release v4.8
testing commit c8d2bc9bc39ebea8437fd974fdbc21847bb897a3 with gcc (GCC) 5.5.0
kernel signature: 36441883f15f4d00bc71912fae8dab069484dd4f33bae8db6134fa5ee9e131cc
run #0: crashed: KASAN: use-after-free Read in batadv_iv_ogm_queue_add
run #1: crashed: KASAN: null-ptr-deref Read
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
testing release v4.7
testing commit 523d939ef98fd712632d93a5a2b588e477a7565e with gcc (GCC) 5.5.0
kernel signature: 716784f18cbc23c4512dbdb466101998c2c13c3ebf20a2025a58eb786ec42498
all runs: OK
# git bisect start c8d2bc9bc39ebea8437fd974fdbc21847bb897a3 523d939ef98fd712632d93a5a2b588e477a7565e
Bisecting: 7344 revisions left to test after this (roughly 13 steps)
[e61c10e468a42512f5fad74c00b62af5cc19f65f] sh: add device tree source for J2 FPGA on Mimas v2 board
testing commit e61c10e468a42512f5fad74c00b62af5cc19f65f with gcc (GCC) 5.5.0
kernel signature: 2512f496cac90187e9c7df4ad88b8aefefe80739469864e846801db855dcd6ec
all runs: OK
# git bisect good e61c10e468a42512f5fad74c00b62af5cc19f65f
Bisecting: 3672 revisions left to test after this (roughly 12 steps)
[b6e8d4aa1110306378af0f3472a6b85a1f039a16] rapidio: add RapidIO channelized messaging driver
testing commit b6e8d4aa1110306378af0f3472a6b85a1f039a16 with gcc (GCC) 5.5.0
kernel signature: ecac7f6dc6bae794081a98abda8961610755470e011f79b6f38c6766702fa5b7
all runs: OK
# git bisect good b6e8d4aa1110306378af0f3472a6b85a1f039a16
Bisecting: 1836 revisions left to test after this (roughly 11 steps)
[694d0d0bb2030d2e36df73e2d23d5770511dbc8d] Linux 4.8-rc2
testing commit 694d0d0bb2030d2e36df73e2d23d5770511dbc8d with gcc (GCC) 5.5.0
kernel signature: 323e1829a9e97938805c1eb2b8fe8be52c381a641795fcc3ef42a6a2b388a671
all runs: OK
# git bisect good 694d0d0bb2030d2e36df73e2d23d5770511dbc8d
Bisecting: 931 revisions left to test after this (roughly 10 steps)
[39da979c98cf7516bc7b2c648ee4aed528eb1f36] Merge tag 'tty-4.8-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty
testing commit 39da979c98cf7516bc7b2c648ee4aed528eb1f36 with gcc (GCC) 5.5.0
kernel signature: e5ad8a8495f3632d067a033652b9284af5d13387bb47926e4153291380e2ed30
run #0: crashed: KASAN: use-after-free Read in batadv_tvlv_container_ogm_append
run #1: crashed: KASAN: null-ptr-deref Read
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 39da979c98cf7516bc7b2c648ee4aed528eb1f36
Bisecting: 448 revisions left to test after this (roughly 9 steps)
[28687b935e93a9041a485b9ecdcab0e335f8eda5] Merge branch 'for-linus-4.8' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
testing commit 28687b935e93a9041a485b9ecdcab0e335f8eda5 with gcc (GCC) 5.5.0
kernel signature: 1e50c5da0d6ea922ca7cbecc2639a755f7180e845825f9c458f6ee8515dc1c54
all runs: OK
# git bisect good 28687b935e93a9041a485b9ecdcab0e335f8eda5
Bisecting: 188 revisions left to test after this (roughly 8 steps)
[1f6a563ee0cd577a9292940eee389482db306765] Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
testing commit 1f6a563ee0cd577a9292940eee389482db306765 with gcc (GCC) 5.5.0
kernel signature: a1404b10b2b4d63e36be78658c2542e3305fd44eca926b42608123bdcd1c0852
run #0: crashed: general protection fault in batadv_iv_ogm_queue_add
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 1f6a563ee0cd577a9292940eee389482db306765
Bisecting: 135 revisions left to test after this (roughly 7 steps)
[908e373f1c8102505d13cdb61ad56c1686d6a583] Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
testing commit 908e373f1c8102505d13cdb61ad56c1686d6a583 with gcc (GCC) 5.5.0
kernel signature: 86d5b0c78281da1c6fd5d661c9764633f06141c512e22eb8c988e52cf63f9b41
all runs: OK
# git bisect good 908e373f1c8102505d13cdb61ad56c1686d6a583
Bisecting: 67 revisions left to test after this (roughly 6 steps)
[c15e07b02bf0450bc8e60f2cc51cb42daa371417] team: loadbalance: push lacpdus to exact delivery
testing commit c15e07b02bf0450bc8e60f2cc51cb42daa371417 with gcc (GCC) 5.5.0
kernel signature: 0d53e4ad70d753a9e4d7219b3ed8e66dd9f99343367f395b573b3557011a158e
all runs: OK
# git bisect good c15e07b02bf0450bc8e60f2cc51cb42daa371417
Bisecting: 39 revisions left to test after this (roughly 5 steps)
[da43bf0c21e57fff0221da5de0a9a388ec0d27cd] intel_pmic_gpio: Make explicitly non-modular
testing commit da43bf0c21e57fff0221da5de0a9a388ec0d27cd with gcc (GCC) 5.5.0
kernel signature: 6edeb59ed01d795cc905ac043502267ff65648f457e1153f856c742f848fc61e
all runs: OK
# git bisect good da43bf0c21e57fff0221da5de0a9a388ec0d27cd
Bisecting: 19 revisions left to test after this (roughly 4 steps)
[b99b43bb4bdf1d361f7487cf03d803082bbf9101] Add Killer E2500 device ID in alx driver.
testing commit b99b43bb4bdf1d361f7487cf03d803082bbf9101 with gcc (GCC) 5.5.0
kernel signature: 6f1bfacfdf0ae6d3847268a3463cbbc02418970cabc025adfba37c181b5450c5
run #0: crashed: KASAN: null-ptr-deref Read
run #1: crashed: KASAN: null-ptr-deref Read
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad b99b43bb4bdf1d361f7487cf03d803082bbf9101
Bisecting: 9 revisions left to test after this (roughly 3 steps)
[8484f9ed13b26043be80ff5774506024956eae8f] net/mlx5e: Don't post fragmented MPWQE when RQ is disabled
testing commit 8484f9ed13b26043be80ff5774506024956eae8f with gcc (GCC) 5.5.0
kernel signature: da79933077c2b79086c9217e2e2ccc7e3ec1e22b6294b0b812d3af5e2bc78280
all runs: OK
# git bisect good 8484f9ed13b26043be80ff5774506024956eae8f
Bisecting: 4 revisions left to test after this (roughly 2 steps)
[1722b9694ecfbc602865017c3fa6da0e3ec234d8] net/mlx5: Add error prints when validate ETS failed
testing commit 1722b9694ecfbc602865017c3fa6da0e3ec234d8 with gcc (GCC) 5.5.0
kernel signature: 1fe0c774b8a7b05bbc24ba6b00d122aac578cf19211e7a1c58fcd3a75e831e71
all runs: OK
# git bisect good 1722b9694ecfbc602865017c3fa6da0e3ec234d8
Bisecting: 2 revisions left to test after this (roughly 1 step)
[e4d986a878e0eb9e46f851a564189f8204cc677f] Merge branch 'mlx5-series'
testing commit e4d986a878e0eb9e46f851a564189f8204cc677f with gcc (GCC) 5.5.0
kernel signature: 6e00f8c84095de0707665224ded1504e17b4e9b970cfd2e356cddc5e3f4f904e
all runs: OK
# git bisect good e4d986a878e0eb9e46f851a564189f8204cc677f
Bisecting: 0 revisions left to test after this (roughly 1 step)
[2fb04fdf30192ff1e2b5834e9b7745889ea8bbcb] net: smc91x: fix SMC accesses
testing commit 2fb04fdf30192ff1e2b5834e9b7745889ea8bbcb with gcc (GCC) 5.5.0
kernel signature: 9ce86d331a6f896729dacd52934664f4a64895686c73e04c3fc6c3d15583ec87
run #0: crashed: general protection fault in batadv_iv_ogm_queue_add
run #1: crashed: general protection fault in batadv_iv_ogm_queue_add
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 2fb04fdf30192ff1e2b5834e9b7745889ea8bbcb
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[7d13eca09ed5e477f6ecfd97a35058762228b5e4] Documentation: networking: dsa: Remove platform device TODO
testing commit 7d13eca09ed5e477f6ecfd97a35058762228b5e4 with gcc (GCC) 5.5.0
kernel signature: cb7492900946c7704f983d33f249759e63ab412eb8148f05f54bd0bcf5b71fa0
run #0: crashed: general protection fault in batadv_iv_ogm_queue_add
run #1: crashed: KASAN: null-ptr-deref Read
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 7d13eca09ed5e477f6ecfd97a35058762228b5e4
7d13eca09ed5e477f6ecfd97a35058762228b5e4 is the first bad commit
commit 7d13eca09ed5e477f6ecfd97a35058762228b5e4
Author: Florian Fainelli <f.fainelli@gmail.com>
Date:   Sat Aug 27 15:34:20 2016 -0700

    Documentation: networking: dsa: Remove platform device TODO
    
    Since commit 83c0afaec7b7 ("net: dsa: Add new binding implementation"),
    the shortcomings of the dsa platform device have been addressed, remove
    that TODO item.
    
    Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
    Acked-by: Andrew Lunn <andrew@lunn.ch>
    Signed-off-by: David S. Miller <davem@davemloft.net>

 Documentation/networking/dsa/dsa.txt | 20 --------------------
 1 file changed, 20 deletions(-)
culprit signature: cb7492900946c7704f983d33f249759e63ab412eb8148f05f54bd0bcf5b71fa0
parent  signature: 6e00f8c84095de0707665224ded1504e17b4e9b970cfd2e356cddc5e3f4f904e
revisions tested: 36, total time: 7h56m13.235895362s (build: 2h55m15.19159159s, test: 4h57m46.301184775s)
first bad commit: 7d13eca09ed5e477f6ecfd97a35058762228b5e4 Documentation: networking: dsa: Remove platform device TODO
cc: ["andrew@lunn.ch" "davem@davemloft.net" "f.fainelli@gmail.com"]
crash: KASAN: null-ptr-deref Read
batman_adv: batadv0: Removing interface: batadv_slave_1
==================================================================
device bridge_slave_1 left promiscuous mode
bridge0: port 2(bridge_slave_1) entered disabled state
BUG: KASAN: null-ptr-deref on address           (null)
Read of size 24 by task kworker/u4:6/7850
CPU: 1 PID: 7850 Comm: kworker/u4:6 Not tainted 4.8.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
 1ffffffff0dd62ce ffff880122c47998 ffffffff82d072c6 ffff880122c47a28
 ffff8801113f7780 0000000000000000 ffff8801228d1150 ffff880122c47a18
 ffffffff817583aa ffff8801113f7780 0000000000000286 ffff88012333e580
Call Trace:
 [<ffffffff82d072c6>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff82d072c6>] dump_stack+0xe6/0x120 lib/dump_stack.c:51
 [<ffffffff817583aa>] kasan_report_error+0x3da/0x490 mm/kasan/report.c:280
 [<ffffffff817587f4>] kasan_report+0x34/0x40 mm/kasan/report.c:303
 [<ffffffff85cc6338>] ? batadv_tvlv_realloc_packet_buff net/batman-adv/tvlv.c:289 [inline]
 [<ffffffff85cc6338>] ? batadv_tvlv_container_ogm_append+0x158/0x470 net/batman-adv/tvlv.c:324
 [<ffffffff817571fd>] check_memory_region_inline mm/kasan/kasan.c:285 [inline]
 [<ffffffff817571fd>] check_memory_region+0x13d/0x1a0 mm/kasan/kasan.c:299
 [<ffffffff817576c3>] memcpy+0x23/0x50 mm/kasan/kasan.c:334
 [<ffffffff85cc6338>] batadv_tvlv_realloc_packet_buff net/batman-adv/tvlv.c:289 [inline]
 [<ffffffff85cc6338>] batadv_tvlv_container_ogm_append+0x158/0x470 net/batman-adv/tvlv.c:324
 [<ffffffff85c52d50>] batadv_iv_ogm_schedule+0xa30/0xcc0 net/batman-adv/bat_iv_ogm.c:967
 [<ffffffff85c523a9>] ? batadv_iv_ogm_schedule+0x89/0xcc0 net/batman-adv/bat_iv_ogm.c:957
 [<ffffffff8135ad97>] ? __local_bh_enable_ip+0xa7/0x1a0 kernel/softirq.c:175
 [<ffffffff8143faac>] ? __trace_hardirqs_on_caller kernel/locking/lockdep.c:2686 [inline]
 [<ffffffff8143faac>] ? trace_hardirqs_on_caller+0x44c/0x5e0 kernel/locking/lockdep.c:2733
 [<ffffffff85c5311a>] ? spin_unlock_bh include/linux/spinlock.h:352 [inline]
 [<ffffffff85c5311a>] ? batadv_iv_send_outstanding_bat_ogm_packet+0x12a/0xbd0 net/batman-adv/bat_iv_ogm.c:1813
 [<ffffffff8143fc4d>] ? trace_hardirqs_on+0xd/0x10 kernel/locking/lockdep.c:2740
 [<ffffffff8135ad97>] ? __local_bh_enable_ip+0xa7/0x1a0 kernel/softirq.c:175
 [<ffffffff85c532c0>] batadv_iv_send_outstanding_bat_ogm_packet+0x2d0/0xbd0 net/batman-adv/bat_iv_ogm.c:1830
 [<ffffffff8139a7f2>] process_one_work+0x6a2/0x1580 kernel/workqueue.c:2096
 [<ffffffff8139a74c>] ? process_one_work+0x5fc/0x1580 kernel/workqueue.c:2093
 [<ffffffff8139a150>] ? cancel_delayed_work_sync+0x10/0x10 kernel/workqueue.c:3024
 [<ffffffff8139b7a7>] worker_thread+0xd7/0xf10 kernel/workqueue.c:2230
 [<ffffffff85d9a32e>] ? context_switch kernel/sched/core.c:2867 [inline]
 [<ffffffff85d9a32e>] ? __schedule+0x92e/0x1c80 kernel/sched/core.c:3376
 [<ffffffff81005066>] ? ___preempt_schedule+0x16/0x18
 [<ffffffff8139b6d0>] ? process_one_work+0x1580/0x1580 include/linux/compiler.h:220
 [<ffffffff813abfe9>] kthread+0x209/0x2d0 kernel/kthread.c:209
 [<ffffffff813abde0>] ? kthread_create_on_node+0x390/0x390 kernel/kthread.c:285
 [<ffffffff85dab64f>] ret_from_fork+0x1f/0x40 arch/x86/entry/entry_64.S:393
 [<ffffffff813abde0>] ? kthread_create_on_node+0x390/0x390 kernel/kthread.c:285
==================================================================
BUG: unable to handle kernel NULL pointer dereference at           (null)
IP: [<ffffffff82d39016>] memcpy_erms+0x6/0x10 arch/x86/lib/memcpy_64.S:51
PGD 114d43067 PUD 11544f067 PMD 0 
Oops: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 1 PID: 7850 Comm: kworker/u4:6 Tainted: G    B           4.8.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
task: ffff88012333e580 task.stack: ffff880122c40000
RIP: 0010:[<ffffffff82d39016>]  [<ffffffff82d39016>] memcpy_erms+0x6/0x10 arch/x86/lib/memcpy_64.S:51
RSP: 0018:ffff880122c47a78  EFLAGS: 00010246
RAX: ffff8801113f7780 RBX: 0000000000000018 RCX: 0000000000000018
RDX: 0000000000000018 RSI: 0000000000000000 RDI: ffff8801113f7780
RBP: ffff880122c47a98 R08: ffffed002227eef3 R09: ffffed002227eef3
R10: 0000000000000003 R11: ffffed002227eef2 R12: ffff8801113f7780
R13: 0000000000000000 R14: ffff8801228d1150 R15: 0000000000000024
FS:  0000000000000000(0000) GS:ffff88012c100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 0000000112988000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
 ffffffff817576e5 0000000000000018 ffff88010e2fe700 ffff8801228d1148
 ffff880122c47af8 ffffffff85cc6338 ffff88010e2fef28 0000000000000000
 ffff8801113f7780 ffff88010000003c ffff88010e2fef38 ffff88010e2fe700
Call Trace:
 [<ffffffff817576e5>] ? memcpy+0x45/0x50 mm/kasan/kasan.c:337
 [<ffffffff85cc6338>] batadv_tvlv_realloc_packet_buff net/batman-adv/tvlv.c:289 [inline]
 [<ffffffff85cc6338>] batadv_tvlv_container_ogm_append+0x158/0x470 net/batman-adv/tvlv.c:324
 [<ffffffff85c52d50>] batadv_iv_ogm_schedule+0xa30/0xcc0 net/batman-adv/bat_iv_ogm.c:967
 [<ffffffff85c523a9>] ? batadv_iv_ogm_schedule+0x89/0xcc0 net/batman-adv/bat_iv_ogm.c:957
 [<ffffffff8135ad97>] ? __local_bh_enable_ip+0xa7/0x1a0 kernel/softirq.c:175
 [<ffffffff8143faac>] ? __trace_hardirqs_on_caller kernel/locking/lockdep.c:2686 [inline]
 [<ffffffff8143faac>] ? trace_hardirqs_on_caller+0x44c/0x5e0 kernel/locking/lockdep.c:2733
 [<ffffffff85c5311a>] ? spin_unlock_bh include/linux/spinlock.h:352 [inline]
 [<ffffffff85c5311a>] ? batadv_iv_send_outstanding_bat_ogm_packet+0x12a/0xbd0 net/batman-adv/bat_iv_ogm.c:1813
 [<ffffffff8143fc4d>] ? trace_hardirqs_on+0xd/0x10 kernel/locking/lockdep.c:2740
 [<ffffffff8135ad97>] ? __local_bh_enable_ip+0xa7/0x1a0 kernel/softirq.c:175
 [<ffffffff85c532c0>] batadv_iv_send_outstanding_bat_ogm_packet+0x2d0/0xbd0 net/batman-adv/bat_iv_ogm.c:1830
 [<ffffffff8139a7f2>] process_one_work+0x6a2/0x1580 kernel/workqueue.c:2096
 [<ffffffff8139a74c>] ? process_one_work+0x5fc/0x1580 kernel/workqueue.c:2093
 [<ffffffff8139a150>] ? cancel_delayed_work_sync+0x10/0x10 kernel/workqueue.c:3024
 [<ffffffff8139b7a7>] worker_thread+0xd7/0xf10 kernel/workqueue.c:2230
 [<ffffffff85d9a32e>] ? context_switch kernel/sched/core.c:2867 [inline]
 [<ffffffff85d9a32e>] ? __schedule+0x92e/0x1c80 kernel/sched/core.c:3376
 [<ffffffff81005066>] ? ___preempt_schedule+0x16/0x18
 [<ffffffff8139b6d0>] ? process_one_work+0x1580/0x1580 include/linux/compiler.h:220
 [<ffffffff813abfe9>] kthread+0x209/0x2d0 kernel/kthread.c:209
 [<ffffffff813abde0>] ? kthread_create_on_node+0x390/0x390 kernel/kthread.c:285
 [<ffffffff85dab64f>] ret_from_fork+0x1f/0x40 arch/x86/entry/entry_64.S:393
 [<ffffffff813abde0>] ? kthread_create_on_node+0x390/0x390 kernel/kthread.c:285
Code: ff ff ff 90 90 eb 1e 0f 1f 00 48 89 f8 48 89 d1 48 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 c3 66 0f 1f 44 00 00 48 89 f8 48 89 d1 <f3> a4 c3 0f 1f 80 00 00 00 00 48 89 f8 48 83 fa 20 72 7e 40 38 
RIP  [<ffffffff82d39016>] memcpy_erms+0x6/0x10 arch/x86/lib/memcpy_64.S:50
 RSP <ffff880122c47a78>
CR2: 0000000000000000
---[ end trace f38f76fa0dc17dbd ]---