bisecting fixing commit since ee809c7e08956d737cb66454f5b6ca32cc0d9f26 building syzkaller on 40fa42bc2721bd9f0f3ca4546fedea692a4a4ffd testing commit ee809c7e08956d737cb66454f5b6ca32cc0d9f26 with gcc (GCC) 8.1.0 kernel signature: 8dbb181a9283dc1ad8c11b0f3880777ab0b5092c all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in tc_bind_tclass testing current HEAD fb683b5e3f53a73e761952735736180939a313df testing commit fb683b5e3f53a73e761952735736180939a313df with gcc (GCC) 8.1.0 kernel signature: ca59ce63406398e2eb7ed1ad08dcd9a05edc1704 all runs: OK # git bisect start fb683b5e3f53a73e761952735736180939a313df ee809c7e08956d737cb66454f5b6ca32cc0d9f26 Bisecting: 1327 revisions left to test after this (roughly 10 steps) [6376736d016f71ed1d70ee0eb78583c8b29d0852] nvme-multipath: fix possible io hang after ctrl reconnect testing commit 6376736d016f71ed1d70ee0eb78583c8b29d0852 with gcc (GCC) 8.1.0 kernel signature: 6738f4cb48924a2887370efba697c91dbba406aa all runs: OK # git bisect bad 6376736d016f71ed1d70ee0eb78583c8b29d0852 Bisecting: 663 revisions left to test after this (roughly 9 steps) [bbd76d9514c701d899f2c7255573ae0934bc3b9b] pktcdvd: remove warning on attempting to register non-passthrough dev testing commit bbd76d9514c701d899f2c7255573ae0934bc3b9b with gcc (GCC) 8.1.0 kernel signature: 38edfcac38583d7eb34e8f046b7d5391d77a69ad all runs: OK # git bisect bad bbd76d9514c701d899f2c7255573ae0934bc3b9b Bisecting: 331 revisions left to test after this (roughly 8 steps) [5fdefdcb92bbedc16460a934e353702b546729b9] HID: Add quirk for HP X500 PIXART OEM mouse testing commit 5fdefdcb92bbedc16460a934e353702b546729b9 with gcc (GCC) 8.1.0 kernel signature: 8266c1cf9c0fe3b59ceaa4d9cdd2726abfaf8652 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in tc_bind_tclass # git bisect good 5fdefdcb92bbedc16460a934e353702b546729b9 Bisecting: 165 revisions left to test after this (roughly 7 steps) [ad58ce6cacd1b7447054f35fa6bb39f6b655a941] nvme-multipath: fix ana log nsid lookup when nsid is not found testing commit ad58ce6cacd1b7447054f35fa6bb39f6b655a941 with gcc (GCC) 8.1.0 kernel signature: 673918da6606a125e665b876f3ccaeb2f94ca680 all runs: OK # git bisect bad ad58ce6cacd1b7447054f35fa6bb39f6b655a941 Bisecting: 82 revisions left to test after this (roughly 6 steps) [fdcf06a35bc60748fe430c9a878cee36f051071c] dmaengine: bcm2835: Print error in case setting DMA mask fails testing commit fdcf06a35bc60748fe430c9a878cee36f051071c with gcc (GCC) 8.1.0 kernel signature: 97aa87bb4d0a397380655776eb25712e756fdb46 all runs: OK # git bisect bad fdcf06a35bc60748fe430c9a878cee36f051071c Bisecting: 41 revisions left to test after this (roughly 5 steps) [ff0fbfacc94f94afae61fd06f44a0d5ac199008c] drm: Flush output polling on shutdown testing commit ff0fbfacc94f94afae61fd06f44a0d5ac199008c with gcc (GCC) 8.1.0 kernel signature: b5edf4b4972bda36ad29c440c8ccd0d8e67109d0 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in tc_bind_tclass # git bisect good ff0fbfacc94f94afae61fd06f44a0d5ac199008c Bisecting: 20 revisions left to test after this (roughly 4 steps) [99952b08537ca74a1bf9f3fc1e0511683ff72977] openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC testing commit 99952b08537ca74a1bf9f3fc1e0511683ff72977 with gcc (GCC) 8.1.0 kernel signature: ad0f4735f03bd18099b5e0780acdaaf5a405068b all runs: OK # git bisect bad 99952b08537ca74a1bf9f3fc1e0511683ff72977 Bisecting: 10 revisions left to test after this (roughly 3 steps) [fc3d296491f4ffd91fee6efbbba37832a59f9bf0] net/rds: Check laddr_check before calling it testing commit fc3d296491f4ffd91fee6efbbba37832a59f9bf0 with gcc (GCC) 8.1.0 kernel signature: 31308f99e92d01d24b740854f3786482197dea49 all runs: OK # git bisect bad fc3d296491f4ffd91fee6efbbba37832a59f9bf0 Bisecting: 4 revisions left to test after this (roughly 2 steps) [649836fe946c7b765748eb6dcf534b0db35ed62a] xfs: don't crash on null attr fork xfs_bmapi_read testing commit 649836fe946c7b765748eb6dcf534b0db35ed62a with gcc (GCC) 8.1.0 kernel signature: fb87b66c6f73dc33e5d2185552462a57968d9a54 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in tc_bind_tclass # git bisect good 649836fe946c7b765748eb6dcf534b0db35ed62a Bisecting: 2 revisions left to test after this (roughly 1 step) [90b0761c1b81a78b0d6cdb85a5a83e98d7e8494c] Bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices testing commit 90b0761c1b81a78b0d6cdb85a5a83e98d7e8494c with gcc (GCC) 8.1.0 kernel signature: 143a09b5524e4160a599a6adf1b1eb5bfcdf805d all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in tc_bind_tclass # git bisect good 90b0761c1b81a78b0d6cdb85a5a83e98d7e8494c Bisecting: 0 revisions left to test after this (roughly 1 step) [3de749d6d7cee11bbbe00090f4a285b759a406ab] net/rds: An rds_sock is added too early to the hash table testing commit 3de749d6d7cee11bbbe00090f4a285b759a406ab with gcc (GCC) 8.1.0 kernel signature: d97c998d2cf059b4fcfe6d892b47161bd5c17f91 all runs: OK # git bisect bad 3de749d6d7cee11bbbe00090f4a285b759a406ab Bisecting: 0 revisions left to test after this (roughly 0 steps) [07f7ec87b5f6e1c9d954e967e971efa696ecb018] net_sched: check cops->tcf_block in tc_bind_tclass() testing commit 07f7ec87b5f6e1c9d954e967e971efa696ecb018 with gcc (GCC) 8.1.0 kernel signature: fd9314aafce00c34075008291d4d4d1bc8f69e17 all runs: OK # git bisect bad 07f7ec87b5f6e1c9d954e967e971efa696ecb018 07f7ec87b5f6e1c9d954e967e971efa696ecb018 is the first bad commit commit 07f7ec87b5f6e1c9d954e967e971efa696ecb018 Author: Cong Wang Date: Sun Sep 8 12:11:23 2019 -0700 net_sched: check cops->tcf_block in tc_bind_tclass() [ Upstream commit 8b142a00edcf8422ca48b8de88d286efb500cb53 ] At least sch_red and sch_tbf don't implement ->tcf_block() while still have a non-zero tc "class". Instead of adding nop implementations to each of such qdisc's, we can just relax the check of cops->tcf_block() in tc_bind_tclass(). They don't support TC filter anyway. Reported-by: syzbot+21b29db13c065852f64b@syzkaller.appspotmail.com Cc: Jamal Hadi Salim Cc: Jiri Pirko Signed-off-by: Cong Wang Signed-off-by: David S. Miller Signed-off-by: Sasha Levin net/sched/sch_api.c | 2 ++ 1 file changed, 2 insertions(+) kernel signature: fd9314aafce00c34075008291d4d4d1bc8f69e17 previous signature: 143a09b5524e4160a599a6adf1b1eb5bfcdf805d revisions tested: 14, total time: 3h45m24.782383371s (build: 1h57m40.028426713s, test: 1h46m31.029674292s) first good commit: 07f7ec87b5f6e1c9d954e967e971efa696ecb018 net_sched: check cops->tcf_block in tc_bind_tclass() cc: ["davem@davemloft.net" "jhs@mojatatu.com" "jiri@resnulli.us" "sashal@kernel.org" "xiyou.wangcong@gmail.com"]