bisecting cause commit starting from fcadab740480e0e0e9fa9bd272acd409884d431a building syzkaller on 9602ddf403bdf3cfd87efef14becc76f9a38b81d testing commit fcadab740480e0e0e9fa9bd272acd409884d431a with gcc (GCC) 8.1.0 kernel signature: 17510fa6ec82c20e6def5128cdc4f45407f8d9b4f3c470eadc0e058098a57b0c all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v5.8 testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.1.0 kernel signature: 861fcdef9ec12952b6b0d9bf040095a055ac5bd31ab7b7c0c2cc4279c1d44645 all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v5.7 testing commit 3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162 with gcc (GCC) 8.1.0 kernel signature: 5b0e71254c349a196d7e8b7797d04ed19fcf9d683dcf9796b9770eb8c55e5d3c all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v5.6 testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.1.0 kernel signature: c61497bfb7514121847121083b16035687079a251874370869156108430d87c5 all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: 0d58d132ca95e214b12cafff0513f7ec5345a70a67705372f8a0d9247d454813 all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v5.4 testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0 kernel signature: 7d7d14b07231401b128b0eb1433db99c9fae82b9a149c60f857fca5c6a6f616a all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0 kernel signature: dcd09415c4237fd850046ad474a8cb58347b3dd4c204ab11805bc9013a380f93 all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 kernel signature: 7744d179a045dc9611d721c1a1956de751323c3ff5c2ae4a430fa57e3b359ed4 all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v5.1 testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0 kernel signature: d8212b972eb40400e07de39ea80f6ce9b6a356c5e1bab06bd87429718e171ae8 all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v5.0 testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 with gcc (GCC) 8.1.0 kernel signature: 474b3e1ded955a67feccc7133b451cdd6c54fda2b32b19ff7df111c860c73362 all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v4.20 testing commit 8fe28cb58bcb235034b64cbbb7550a8a43fd88be with gcc (GCC) 8.1.0 kernel signature: b327b7fcb32fb47cbf1426939a44f670fb98e59d594ffe2372d9c1b13aa6e443 all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v4.19 testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d with gcc (GCC) 8.1.0 kernel signature: 20b1f68a3d2c8fadf9a94d37e1025c6cd7d6685e6ef4f8056467769bf7f3746f all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v4.18 testing commit 94710cac0ef4ee177a63b5227664b38c95bbf703 with gcc (GCC) 8.1.0 kernel signature: c7c6fdfab8f166e099340ac2fed7c7452220f24b6ca9af611d59b94b51368673 all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v4.17 testing commit 29dcea88779c856c7dc92040a0c01233263101d4 with gcc (GCC) 8.1.0 kernel signature: 45a442a887aa4ea82cab936073ff91e0ff506e3f52d6a551aaaa883a4f4df4e9 all runs: crashed: WARNING in ieee80211_bss_info_change_notify testing release v4.16 testing commit 0adb32858b0bddf4ada5f364a84ed60b196dbcda with gcc (GCC) 8.1.0 kernel signature: cacab5181807cd9c4cd1cc146029e1f8e2a905cbc27cfad66f4bdfe963c4911b all runs: OK # git bisect start 29dcea88779c856c7dc92040a0c01233263101d4 0adb32858b0bddf4ada5f364a84ed60b196dbcda Bisecting: 7380 revisions left to test after this (roughly 13 steps) [97b1255cb27c551d7c3c5c496d787da40772da99] mm,oom_reaper: check for MMF_OOM_SKIP before complaining testing commit 97b1255cb27c551d7c3c5c496d787da40772da99 with gcc (GCC) 8.1.0 kernel signature: 29facc3ec69eb63f7bdbcd86cb7d0da3bf429e2378c2062e36dc3efb801e9511 all runs: crashed: WARNING in ieee80211_bss_info_change_notify # git bisect bad 97b1255cb27c551d7c3c5c496d787da40772da99 Bisecting: 4372 revisions left to test after this (roughly 12 steps) [bb2407a7219760926760f0448fddf00d625e5aec] Merge tag 'docs-4.17' of git://git.lwn.net/linux testing commit bb2407a7219760926760f0448fddf00d625e5aec with gcc (GCC) 8.1.0 kernel signature: 12e7cd69206925b86a78e9f3f712e750e7f4bb1ad9c4cee0582bf85e59461ace all runs: OK # git bisect good bb2407a7219760926760f0448fddf00d625e5aec Bisecting: 2394 revisions left to test after this (roughly 11 steps) [147a89bc71e7db40f011454a40add7ff2d10f8d8] Merge tag 'kconfig-v4.17' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild testing commit 147a89bc71e7db40f011454a40add7ff2d10f8d8 with gcc (GCC) 8.1.0 kernel signature: a9cb232c993cd7210009ea989bd804a169a9c7e17123492d8bfbb5a33a577eb0 run #0: crashed: WARNING in ieee80211_bss_info_change_notify run #1: crashed: WARNING in ieee80211_bss_info_change_notify run #2: crashed: WARNING in ieee80211_rx_napi run #3: crashed: WARNING in ieee80211_bss_info_change_notify run #4: crashed: WARNING in ieee80211_bss_info_change_notify run #5: crashed: WARNING in ieee80211_bss_info_change_notify run #6: crashed: WARNING in ieee80211_bss_info_change_notify run #7: crashed: WARNING in ieee80211_bss_info_change_notify run #8: crashed: WARNING in ieee80211_bss_info_change_notify run #9: crashed: WARNING in ieee80211_bss_info_change_notify # git bisect bad 147a89bc71e7db40f011454a40add7ff2d10f8d8 Bisecting: 988 revisions left to test after this (roughly 10 steps) [32c23b47dbd9765c6ec2542400f41f0d47a7d2c1] i40e: Properly check allowed advertisement capabilities testing commit 32c23b47dbd9765c6ec2542400f41f0d47a7d2c1 with gcc (GCC) 8.1.0 kernel signature: b2dff79c266cd7c7f4586e788fe61dd89db4b21a3d50df071c2699967ad059ff run #0: crashed: WARNING in ieee80211_rx_napi run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 32c23b47dbd9765c6ec2542400f41f0d47a7d2c1 Bisecting: 494 revisions left to test after this (roughly 9 steps) [937eeb3482748bb85486070e10b5fbeb6b973f63] selftests: forwarding: Create test topology for multipath routing testing commit 937eeb3482748bb85486070e10b5fbeb6b973f63 with gcc (GCC) 8.1.0 kernel signature: 0689d3757d5d9a40c186baf4b4403969f13b11acb94e084eec61ec182a18cca4 all runs: OK # git bisect good 937eeb3482748bb85486070e10b5fbeb6b973f63 Bisecting: 247 revisions left to test after this (roughly 8 steps) [649b9826cc733fe410207d28d94984354e023b21] net: Convert xfrm_user_net_ops testing commit 649b9826cc733fe410207d28d94984354e023b21 with gcc (GCC) 8.1.0 kernel signature: 0f230e9cbcfe66bd551602f83ca667a77b55ea22e37c98181ebe13857230a3bb all runs: OK # git bisect good 649b9826cc733fe410207d28d94984354e023b21 Bisecting: 123 revisions left to test after this (roughly 7 steps) [9ba32046fc2d19697e1a208ce81663239e78e41f] tc-testing: updated gact tests with batch test cases testing commit 9ba32046fc2d19697e1a208ce81663239e78e41f with gcc (GCC) 8.1.0 kernel signature: 30457a1d3e3f2b7b1155cca954c5225edf28a9f71e2f3c17bf1bacfe39deecbc all runs: OK # git bisect good 9ba32046fc2d19697e1a208ce81663239e78e41f Bisecting: 61 revisions left to test after this (roughly 6 steps) [1e8029515816f771b9b3751f24f19fe6df4c72ae] udp: Move the udp sysctl to namespace. testing commit 1e8029515816f771b9b3751f24f19fe6df4c72ae with gcc (GCC) 8.1.0 kernel signature: 9a95fa0b6507094db2e91ec0918b0f3a34279584782cfdcc27c56558d85f8052 all runs: OK # git bisect good 1e8029515816f771b9b3751f24f19fe6df4c72ae Bisecting: 30 revisions left to test after this (roughly 5 steps) [ec9663812f32c03e36c8c2ccc83e52dd5a7486d9] hv_netvsc: add trace points testing commit ec9663812f32c03e36c8c2ccc83e52dd5a7486d9 with gcc (GCC) 8.1.0 kernel signature: 5ee8ebc200ec9b7bad68669e72434cf42431494d36a4a635e65e680944b6f683 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: crashed: general protection fault in batadv_iv_ogm_queue_add # git bisect bad ec9663812f32c03e36c8c2ccc83e52dd5a7486d9 Bisecting: 15 revisions left to test after this (roughly 4 steps) [8cec2f49dc413d6328067d22862b0bdd0f4305ec] net: Convert mpls_net_ops testing commit 8cec2f49dc413d6328067d22862b0bdd0f4305ec with gcc (GCC) 8.1.0 kernel signature: 4dfa94c0dff17179ac0c14ae823316650b6faa078e3a372089ccf9a12e7b7c42 run #0: crashed: WARNING in ieee80211_rx_napi run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad 8cec2f49dc413d6328067d22862b0bdd0f4305ec Bisecting: 7 revisions left to test after this (roughly 3 steps) [1a26d0201d7670fd6c9086e15504911ce240e6ff] net/smc: add ipv6 support to CLC layer testing commit 1a26d0201d7670fd6c9086e15504911ce240e6ff with gcc (GCC) 8.1.0 kernel signature: a9c7a79d6377176a96b8d619373825d88f510fd660ecabf08c8c782541345806 all runs: OK # git bisect good 1a26d0201d7670fd6c9086e15504911ce240e6ff Bisecting: 3 revisions left to test after this (roughly 2 steps) [5dce837944de76b5ba9cff6d2a3ecde6f4838665] selftests/txtimestamp: Add more configurable parameters testing commit 5dce837944de76b5ba9cff6d2a3ecde6f4838665 with gcc (GCC) 8.1.0 kernel signature: 8dd72bca92787c4fbb433f87bb89d2560f7d3785cced5b5f513ba84ad8f1c059 all runs: OK # git bisect good 5dce837944de76b5ba9cff6d2a3ecde6f4838665 Bisecting: 1 revision left to test after this (roughly 1 step) [53794570049d314742f156c99022914840a3d5ab] net-tcp_bbr: set tp->snd_ssthresh to BDP upon STARTUP exit testing commit 53794570049d314742f156c99022914840a3d5ab with gcc (GCC) 8.1.0 kernel signature: 6ac69ee6af83db812e15a8d5b8b9dd66f0bb03e8d9cc6bd46f0e851b21ba0985 all runs: OK # git bisect good 53794570049d314742f156c99022914840a3d5ab Bisecting: 0 revisions left to test after this (roughly 0 steps) [489b30b53f0540b9f8e391cbb2839cea48b5d1c1] net: Convert l2tp_net_ops testing commit 489b30b53f0540b9f8e391cbb2839cea48b5d1c1 with gcc (GCC) 8.1.0 kernel signature: a7e1a5d1ce3c070443731ea9ae4446b11558aa02d16af4c796cc027b369a1fff run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: crashed: general protection fault in batadv_iv_ogm_queue_add # git bisect bad 489b30b53f0540b9f8e391cbb2839cea48b5d1c1 489b30b53f0540b9f8e391cbb2839cea48b5d1c1 is the first bad commit commit 489b30b53f0540b9f8e391cbb2839cea48b5d1c1 Author: Kirill Tkhai Date: Thu Mar 15 12:10:57 2018 +0300 net: Convert l2tp_net_ops Init method is rather simple. Exit method queues del_work for every tunnel from per-net list. This seems to be safe to be marked async. Signed-off-by: Kirill Tkhai Acked-by: Guillaume Nault Signed-off-by: David S. Miller net/l2tp/l2tp_core.c | 1 + 1 file changed, 1 insertion(+) culprit signature: a7e1a5d1ce3c070443731ea9ae4446b11558aa02d16af4c796cc027b369a1fff parent signature: 6ac69ee6af83db812e15a8d5b8b9dd66f0bb03e8d9cc6bd46f0e851b21ba0985 revisions tested: 29, total time: 6h0m33.074751261s (build: 2h58m45.315120687s, test: 2h57m35.367779573s) first bad commit: 489b30b53f0540b9f8e391cbb2839cea48b5d1c1 net: Convert l2tp_net_ops recipients (to): ["davem@davemloft.net" "g.nault@alphalink.fr" "ktkhai@virtuozzo.com"] recipients (cc): [] crash: general protection fault in batadv_iv_ogm_queue_add batman_adv: batadv0: Removing interface: batadv_slave_0 batman_adv: batadv0: Interface deactivated: batadv_slave_1 batman_adv: batadv0: Removing interface: batadv_slave_1 kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] PREEMPT SMP KASAN Modules linked in: CPU: 0 PID: 7799 Comm: kworker/u4:6 Not tainted 4.16.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet RIP: 0010:batadv_iv_ogm_queue_add+0x36/0xd40 net/batman-adv/bat_iv_ogm.c:785 RSP: 0018:ffff88009ee67b80 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: 000000000000003c RCX: ffff8800a4a65580 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: ffff88009ee67c18 R08: ffff8800a4a65580 R09: 0000000000000001 R10: dffffc0000000000 R11: 1ffff1001494cabe R12: ffff88009b2a2680 R13: 0000000000000000 R14: 0000000100003e7e R15: ffffed001494cabe FS: 0000000000000000(0000) GS:ffff8800aec00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f41025bf740 CR3: 000000009ad3b000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: batadv_iv_ogm_schedule+0x9fb/0xd80 net/batman-adv/bat_iv_ogm.c:989 batadv_iv_send_outstanding_bat_ogm_packet+0x480/0x7d0 net/batman-adv/bat_iv_ogm.c:1817 process_one_work+0x76a/0x1510 kernel/workqueue.c:2113 worker_thread+0xcc/0xed0 kernel/workqueue.c:2247 kthread+0x316/0x3d0 kernel/kthread.c:238 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:406 Code: 48 89 e5 41 57 41 56 41 55 49 89 f5 41 54 49 89 fc 48 8d 7e 03 53 89 d3 48 89 fa 48 83 ec 70 48 89 4d d0 48 c1 ea 03 4c 89 45 c0 <0f> b6 04 02 48 89 fa 44 89 4d cc 83 e2 07 38 d0 7f 08 84 c0 0f RIP: batadv_iv_ogm_queue_add+0x36/0xd40 net/batman-adv/bat_iv_ogm.c:785 RSP: ffff88009ee67b80 ---[ end trace d9a14d4e0c2c70c5 ]---