bisecting cause commit starting from 2015a28f2cd57fc46ad14d1a763ca658d82ebc68 building syzkaller on cb93629971b93f04dfa44e2ef3a517a36ba32a8e testing commit 2015a28f2cd57fc46ad14d1a763ca658d82ebc68 with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in trace_probe_unlink testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 all runs: OK # git bisect start 2015a28f2cd57fc46ad14d1a763ca658d82ebc68 v5.2 Bisecting: 14378 revisions left to test after this (roughly 14 steps) [33920f1ec5bf47c5c0a1d2113989bdd9dfb3fae9] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit 33920f1ec5bf47c5c0a1d2113989bdd9dfb3fae9 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 33920f1ec5bf47c5c0a1d2113989bdd9dfb3fae9 Bisecting: 6619 revisions left to test after this (roughly 13 steps) [204034c5e4648cf4e5899c5b1d539dd7f47bf1dc] Merge remote-tracking branch 'net-next/master' testing commit 204034c5e4648cf4e5899c5b1d539dd7f47bf1dc with gcc (GCC) 8.1.0 all runs: OK # git bisect good 204034c5e4648cf4e5899c5b1d539dd7f47bf1dc Bisecting: 3314 revisions left to test after this (roughly 12 steps) [1a0fd49c7b3c28ad6f9dc9b72687cdd62b6d4591] Merge remote-tracking branch 'iommu/next' testing commit 1a0fd49c7b3c28ad6f9dc9b72687cdd62b6d4591 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 1a0fd49c7b3c28ad6f9dc9b72687cdd62b6d4591 Bisecting: 1602 revisions left to test after this (roughly 11 steps) [a58feb6446edc6c8693a5a623fb37cea062d327f] Merge commit 'ec13c78d7b45' (char-misc/char-misc-next from previous -next) testing commit a58feb6446edc6c8693a5a623fb37cea062d327f with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in trace_probe_unlink # git bisect bad a58feb6446edc6c8693a5a623fb37cea062d327f Bisecting: 793 revisions left to test after this (roughly 10 steps) [d24bdd74e6490c9b821b8f2d747f7aa09bb63313] Merge remote-tracking branch 'tip/auto-latest' testing commit d24bdd74e6490c9b821b8f2d747f7aa09bb63313 with gcc (GCC) 8.1.0 all runs: OK # git bisect good d24bdd74e6490c9b821b8f2d747f7aa09bb63313 Bisecting: 441 revisions left to test after this (roughly 9 steps) [6552d7d64651424d496288dfe261e9f9006e2627] Merge remote-tracking branch 'driver-core/driver-core-next' testing commit 6552d7d64651424d496288dfe261e9f9006e2627 with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in trace_probe_unlink # git bisect bad 6552d7d64651424d496288dfe261e9f9006e2627 Bisecting: 158 revisions left to test after this (roughly 8 steps) [18e8c831eae2ad5f31924b1ed4e39c1c0e3bbdfd] Merge remote-tracking branch 'drivers-x86/for-next' testing commit 18e8c831eae2ad5f31924b1ed4e39c1c0e3bbdfd with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in trace_probe_unlink # git bisect bad 18e8c831eae2ad5f31924b1ed4e39c1c0e3bbdfd Bisecting: 102 revisions left to test after this (roughly 7 steps) [c640a725d3e030313db4728edbc5e70365bfb176] Merge remote-tracking branch 'kvm/linux-next' testing commit c640a725d3e030313db4728edbc5e70365bfb176 with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in trace_probe_unlink # git bisect bad c640a725d3e030313db4728edbc5e70365bfb176 Bisecting: 44 revisions left to test after this (roughly 6 steps) [8dc4e99138146da26f11be955285a8438ea84090] Merge remote-tracking branch 'irqchip/irq/irqchip-next' testing commit 8dc4e99138146da26f11be955285a8438ea84090 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 8dc4e99138146da26f11be955285a8438ea84090 Bisecting: 22 revisions left to test after this (roughly 5 steps) [f7edb451fa51e44e62177347ea7850aa0e901ea5] tracing/arm64: Have max stack tracer handle the case of return address after data testing commit f7edb451fa51e44e62177347ea7850aa0e901ea5 with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in trace_probe_unlink # git bisect bad f7edb451fa51e44e62177347ea7850aa0e901ea5 Bisecting: 10 revisions left to test after this (roughly 4 steps) [ab10d69eb714961d1eca4129e4f8cda5e0618f66] tracing/uprobe: Add per-probe delete from event testing commit ab10d69eb714961d1eca4129e4f8cda5e0618f66 with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in trace_probe_unlink # git bisect bad ab10d69eb714961d1eca4129e4f8cda5e0618f66 Bisecting: 5 revisions left to test after this (roughly 3 steps) [60d53e2c3b75e79c83970fe73db79123d9462c7c] tracing/probe: Split trace_event related data from trace_probe testing commit 60d53e2c3b75e79c83970fe73db79123d9462c7c with gcc (GCC) 8.1.0 all runs: OK # git bisect good 60d53e2c3b75e79c83970fe73db79123d9462c7c Bisecting: 2 revisions left to test after this (roughly 2 steps) [ca89bc071d5e4e981dcc52e0ca90f4500d332e42] tracing/kprobe: Add multi-probe per event support testing commit ca89bc071d5e4e981dcc52e0ca90f4500d332e42 with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in trace_probe_unlink # git bisect bad ca89bc071d5e4e981dcc52e0ca90f4500d332e42 Bisecting: 0 revisions left to test after this (roughly 1 step) [30199137c899d7e416a2adc58bf09bec217ce9ca] tracing/dynevent: Pass extra arguments to match operation testing commit 30199137c899d7e416a2adc58bf09bec217ce9ca with gcc (GCC) 8.1.0 all runs: OK # git bisect good 30199137c899d7e416a2adc58bf09bec217ce9ca ca89bc071d5e4e981dcc52e0ca90f4500d332e42 is the first bad commit commit ca89bc071d5e4e981dcc52e0ca90f4500d332e42 Author: Masami Hiramatsu Date: Thu Jun 20 00:07:49 2019 +0900 tracing/kprobe: Add multi-probe per event support Add multi-probe per one event support to kprobe events. User can define several different probes on one trace event if those events have same "event signature", e.g. # echo p:testevent _do_fork > kprobe_events # echo p:testevent fork_idle >> kprobe_events # kprobe_events p:kprobes/testevent _do_fork p:kprobes/testevent fork_idle The event signature is defined by kprobe type (retprobe or not), the number of args, argument names, and argument types. Note that this only support appending method. Delete event operation will delete all probes on the event. Link: http://lkml.kernel.org/r/156095686913.28024.9357292202316540742.stgit@devnote2 Signed-off-by: Masami Hiramatsu Signed-off-by: Steven Rostedt (VMware) :040000 040000 5a819964a19a7e5266784c8fe61942b4fa62d0c4 2ae532fd967f0ba08338d233aaad74de00451ea1 M kernel revisions tested: 16, total time: 3h42m58.326353259s (build: 1h34m7.165250475s, test: 2h3m0.211603866s) first bad commit: ca89bc071d5e4e981dcc52e0ca90f4500d332e42 tracing/kprobe: Add multi-probe per event support cc: ["linux-kernel@vger.kernel.org" "mhiramat@kernel.org" "mingo@redhat.com" "rostedt@goodmis.org"] crash: general protection fault in trace_probe_unlink RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f8e5b72b6d4 R13: 00000000004c671d R14: 00000000004db7d8 R15: 0000000000000004 kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 8743 Comm: syz-executor.2 Not tainted 5.3.0-rc6+ #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:__list_del_entry_valid+0x84/0xf3 lib/list_debug.c:51 Code: 0f 84 cc 00 00 00 48 b8 22 01 00 00 00 00 ad de 49 39 c4 0f 84 a5 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 75 5f 49 8b 14 24 48 39 da 0f 85 ba 00 00 00 49 8d 7d RSP: 0018:ffff88808a35fa48 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffff888095907a40 RCX: 1ffff11012b20f09 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888095907a48 RBP: ffff88808a35fa60 R08: 0000000000000004 R09: ffffed101146bf2f R10: ffffed101146bf2f R11: 0000000000000003 R12: 0000000000000000 R13: 0000000000000000 R14: ffff888095907a40 R15: ffff888095907a50 FS: 00007f8e5b72b700(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000075c091 CR3: 00000000985f9000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __list_del_entry include/linux/list.h:131 [inline] list_del_init include/linux/list.h:190 [inline] trace_probe_unlink+0x13/0x1d0 kernel/trace/trace_probe.c:913 trace_probe_cleanup+0x9e/0xd0 kernel/trace/trace_probe.c:927 trace_probe_init+0x3c3/0x4e0 kernel/trace/trace_probe.c:965 alloc_trace_uprobe+0x55/0x220 kernel/trace/trace_uprobe.c:321 create_local_trace_uprobe+0xd4/0x420 kernel/trace/trace_uprobe.c:1452 perf_uprobe_init+0xec/0x180 kernel/trace/trace_event_perf.c:314 perf_uprobe_event_init+0xb9/0x130 kernel/events/core.c:8815 perf_try_init_event+0x102/0x480 kernel/events/core.c:10101 perf_init_event kernel/events/core.c:10145 [inline] perf_event_alloc+0x14e4/0x2a70 kernel/events/core.c:10423 __do_sys_perf_event_open+0x23c/0x2400 kernel/events/core.c:10894 __se_sys_perf_event_open kernel/events/core.c:10783 [inline] __x64_sys_perf_event_open+0xb9/0x140 kernel/events/core.c:10783 do_syscall_64+0xd0/0x540 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4598e9 Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f8e5b72ac78 EFLAGS: 00000246 ORIG_RAX: 000000000000012a RAX: ffffffffffffffda RBX: 00007f8e5b72ac90 RCX: 00000000004598e9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f8e5b72b6d4 R13: 00000000004c671d R14: 00000000004db7d8 R15: 0000000000000004 Modules linked in: ---[ end trace d2a2aa7dd5c8ed9d ]--- RIP: 0010:__list_del_entry_valid+0x84/0xf3 lib/list_debug.c:51 Code: 0f 84 cc 00 00 00 48 b8 22 01 00 00 00 00 ad de 49 39 c4 0f 84 a5 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 75 5f 49 8b 14 24 48 39 da 0f 85 ba 00 00 00 49 8d 7d RSP: 0018:ffff88808a35fa48 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffff888095907a40 RCX: 1ffff11012b20f09 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888095907a48 RBP: ffff88808a35fa60 R08: 0000000000000004 R09: ffffed101146bf2f R10: ffffed101146bf2f R11: 0000000000000003 R12: 0000000000000000 R13: 0000000000000000 R14: ffff888095907a40 R15: ffff888095907a50 FS: 00007f8e5b72b700(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000075c091 CR3: 00000000985f9000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400