bisecting fixing commit since fa5941f45d7ed070118b7c209b7f2c3a034293bd
building syzkaller on b617407b25b37a7a8efa47127005d1f20dd0abe1
testing commit fa5941f45d7ed070118b7c209b7f2c3a034293bd with gcc (GCC) 8.1.0
kernel signature: 9f36020e3ac53e050386001a1cc75eb8264d6634
run #0: crashed: KASAN: use-after-free Read in erspan_build_header
run #1: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #2: crashed: KASAN: use-after-free Read in erspan_build_header
run #3: crashed: KASAN: use-after-free Read in erspan_build_header
run #4: crashed: KASAN: use-after-free Read in erspan_build_header
run #5: crashed: KASAN: use-after-free Read in erspan_build_header
run #6: crashed: KASAN: use-after-free Read in erspan_build_header
run #7: crashed: KASAN: use-after-free Read in erspan_build_header
run #8: crashed: KASAN: use-after-free Read in erspan_build_header
run #9: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED Location: Message:Quota 'CPUS' exceeded.  Limit: 500.0 in region us-central1. ForceSendFields:[] NullFields:[]}.
testing current HEAD 43598c571e7ed29e4c81e35b4a870fe6b9f8d58e
testing commit 43598c571e7ed29e4c81e35b4a870fe6b9f8d58e with gcc (GCC) 8.1.0
kernel signature: 19ac9c2bcffb3cf0058bb3884f355685e5a878eb
run #0: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED Location: Message:Quota 'CPUS' exceeded.  Limit: 500.0 in region us-central1. ForceSendFields:[] NullFields:[]}.
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect start 43598c571e7ed29e4c81e35b4a870fe6b9f8d58e fa5941f45d7ed070118b7c209b7f2c3a034293bd
Bisecting: 1630 revisions left to test after this (roughly 11 steps)
[779e18aa822348c98fca14e1ff29c0f0f3a4acd4] objtool: Add machine_real_restart() to the noreturn list
testing commit 779e18aa822348c98fca14e1ff29c0f0f3a4acd4 with gcc (GCC) 8.1.0
kernel signature: 7def4744d63892cc38ad9cc4b614a95147f7a87f
run #0: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED Location: Message:Quota 'CPUS' exceeded.  Limit: 500.0 in region us-central1. ForceSendFields:[] NullFields:[]}.
run #1: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED Location: Message:Quota 'CPUS' exceeded.  Limit: 500.0 in region us-central1. ForceSendFields:[] NullFields:[]}.
run #2: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED Location: Message:Quota 'CPUS' exceeded.  Limit: 500.0 in region us-central1. ForceSendFields:[] NullFields:[]}.
run #3: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED Location: Message:Quota 'CPUS' exceeded.  Limit: 500.0 in region us-central1. ForceSendFields:[] NullFields:[]}.
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 779e18aa822348c98fca14e1ff29c0f0f3a4acd4
Bisecting: 814 revisions left to test after this (roughly 10 steps)
[585724f83b0c9efdf85d9386b82725d4b2861e34] fuse: Add FOPEN_STREAM to use stream_open()
testing commit 585724f83b0c9efdf85d9386b82725d4b2861e34 with gcc (GCC) 8.1.0
kernel signature: 708fd28b0924ff0dc4fa130eafb88e8c9780329f
all runs: OK
# git bisect bad 585724f83b0c9efdf85d9386b82725d4b2861e34
Bisecting: 407 revisions left to test after this (roughly 9 steps)
[851d1a7cc4f4e730fda311c8fb6a47204eca12f6] userfaultfd: use RCU to free the task struct when fork fails
testing commit 851d1a7cc4f4e730fda311c8fb6a47204eca12f6 with gcc (GCC) 8.1.0
kernel signature: 9403836e6b45b80db1de3a8f56750560814b4cb9
run #0: crashed: KASAN: use-after-free Read in erspan_build_header
run #1: crashed: KASAN: use-after-free Read in erspan_build_header
run #2: crashed: KASAN: use-after-free Read in erspan_build_header
run #3: crashed: KASAN: use-after-free Read in erspan_build_header
run #4: crashed: KASAN: use-after-free Read in erspan_build_header
run #5: crashed: KASAN: use-after-free Read in erspan_build_header
run #6: crashed: KASAN: use-after-free Read in erspan_build_header
run #7: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #8: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #9: crashed: KASAN: use-after-free Read in erspan_build_header
# git bisect good 851d1a7cc4f4e730fda311c8fb6a47204eca12f6
Bisecting: 203 revisions left to test after this (roughly 8 steps)
[9449e18774aec49f7fd52b5afb15c8d47be7590a] media: pvrusb2: Prevent a buffer overflow
testing commit 9449e18774aec49f7fd52b5afb15c8d47be7590a with gcc (GCC) 8.1.0
kernel signature: 0ac8d239ea676e4600d8b8c4d3e35ac752fade86
run #0: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED Location: Message:Quota 'CPUS' exceeded.  Limit: 500.0 in region us-central1. ForceSendFields:[] NullFields:[]}.
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 9449e18774aec49f7fd52b5afb15c8d47be7590a
Bisecting: 101 revisions left to test after this (roughly 7 steps)
[86064569c02163444124f8d626d37c3f7a31f915] Revert "Don't jump to compute_result state from check_result state"
testing commit 86064569c02163444124f8d626d37c3f7a31f915 with gcc (GCC) 8.1.0
kernel signature: 5d0f943a9f411836d517a5d1c6a5259bcc07a084
all runs: OK
# git bisect bad 86064569c02163444124f8d626d37c3f7a31f915
Bisecting: 50 revisions left to test after this (roughly 6 steps)
[c65f75512cad37a5ae1936344296869b69d6109f] media: ov6650: Fix sensor possibly not detected on probe
testing commit c65f75512cad37a5ae1936344296869b69d6109f with gcc (GCC) 8.1.0
kernel signature: ba8fb0e250639c195ff8337160ed26bfe01ce534
all runs: OK
# git bisect bad c65f75512cad37a5ae1936344296869b69d6109f
Bisecting: 25 revisions left to test after this (roughly 5 steps)
[4be3eda04a7219b9c04edbd39c00384133bdb354] ext4: fix use-after-free in dx_release()
testing commit 4be3eda04a7219b9c04edbd39c00384133bdb354 with gcc (GCC) 8.1.0
kernel signature: d98b7647bf6907035f42a27a929ef9f944e16d4e
run #0: crashed: KASAN: use-after-free Read in erspan_build_header
run #1: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #2: crashed: KASAN: use-after-free Read in erspan_build_header
run #3: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #4: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #5: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #6: crashed: KASAN: use-after-free Read in erspan_build_header
run #7: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #8: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #9: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
# git bisect good 4be3eda04a7219b9c04edbd39c00384133bdb354
Bisecting: 12 revisions left to test after this (roughly 4 steps)
[403eac979a5b455e7a155e6a833c6c72bafba1b7] tipc: fix modprobe tipc failed after switch order of device registration
testing commit 403eac979a5b455e7a155e6a833c6c72bafba1b7 with gcc (GCC) 8.1.0
kernel signature: f82b744bb60712bc5e14f8cebdff508e6a5eccf7
all runs: OK
# git bisect bad 403eac979a5b455e7a155e6a833c6c72bafba1b7
Bisecting: 6 revisions left to test after this (roughly 3 steps)
[a1e1577d9e41041b71092e45e6e3eded77bc4af3] net: avoid weird emergency message
testing commit a1e1577d9e41041b71092e45e6e3eded77bc4af3 with gcc (GCC) 8.1.0
kernel signature: 3ad7e7abdf0507764d395b25996de8e171223165
run #0: crashed: KASAN: use-after-free Read in erspan_build_header
run #1: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #2: crashed: KASAN: use-after-free Read in erspan_build_header
run #3: crashed: KASAN: use-after-free Read in erspan_build_header
run #4: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #5: crashed: KASAN: use-after-free Read in erspan_build_header
run #6: crashed: KASAN: use-after-free Read in erspan_build_header
run #7: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #8: crashed: KASAN: use-after-free Read in erspan_build_header
run #9: crashed: KASAN: use-after-free Read in erspan_build_header
# git bisect good a1e1577d9e41041b71092e45e6e3eded77bc4af3
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[6833b82fbe4d6f5f66eebbae28b395fb8bb974c1] net: usb: qmi_wwan: add Telit 0x1260 and 0x1261 compositions
testing commit 6833b82fbe4d6f5f66eebbae28b395fb8bb974c1 with gcc (GCC) 8.1.0
kernel signature: 2aaac1c339c5e29d15621cfca11908dd5400ec64
run #0: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #1: crashed: KASAN: use-after-free Read in erspan_build_header
run #2: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #3: crashed: KASAN: use-after-free Read in erspan_build_header
run #4: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #5: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #6: crashed: KASAN: use-after-free Read in erspan_build_header
run #7: crashed: KASAN: use-after-free Read in erspan_build_header
run #8: crashed: KASAN: use-after-free Read in erspan_build_header
run #9: crashed: KASAN: use-after-free Read in erspan_build_header
# git bisect good 6833b82fbe4d6f5f66eebbae28b395fb8bb974c1
Bisecting: 1 revision left to test after this (roughly 1 step)
[af4af68df3e48f49a03c2213b8e438ac47143135] tipc: switch order of device registration to fix a crash
testing commit af4af68df3e48f49a03c2213b8e438ac47143135 with gcc (GCC) 8.1.0
kernel signature: 4d3e6429f97697925b0e1da7b96c600dfadf944c
run #0: crashed: KASAN: use-after-free Read in erspan_build_header
run #1: crashed: KASAN: use-after-free Read in erspan_build_header
run #2: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED Location: Message:Quota 'CPUS' exceeded.  Limit: 500.0 in region us-central1. ForceSendFields:[] NullFields:[]}.
run #3: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #4: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #5: crashed: KASAN: use-after-free Read in erspan_build_header
run #6: crashed: KASAN: use-after-free Read in erspan_build_header
run #7: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #8: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #9: crashed: KASAN: use-after-free Read in erspan_build_header
# git bisect good af4af68df3e48f49a03c2213b8e438ac47143135
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[4e539fa2dec4db3405e47002f2878aa4a99eb68b] vsock/virtio: free packets during the socket release
testing commit 4e539fa2dec4db3405e47002f2878aa4a99eb68b with gcc (GCC) 8.1.0
kernel signature: 96d7afe13687013fd19f2f96e8305f906470625f
run #0: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED Location: Message:Quota 'CPUS' exceeded.  Limit: 500.0 in region us-central1. ForceSendFields:[] NullFields:[]}.
run #1: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #2: crashed: KASAN: use-after-free Read in erspan_build_header
run #3: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #4: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #5: crashed: KASAN: use-after-free Read in erspan_build_header
run #6: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #7: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
run #8: crashed: KASAN: use-after-free Read in erspan_build_header
run #9: crashed: KASAN: slab-out-of-bounds Read in erspan_build_header
# git bisect good 4e539fa2dec4db3405e47002f2878aa4a99eb68b
403eac979a5b455e7a155e6a833c6c72bafba1b7 is the first bad commit
commit 403eac979a5b455e7a155e6a833c6c72bafba1b7
Author: Junwei Hu <hujunwei4@huawei.com>
Date:   Fri May 17 19:27:34 2019 +0800

    tipc: fix modprobe tipc failed after switch order of device registration
    
    [ Upstream commit 532b0f7ece4cb2ffd24dc723ddf55242d1188e5e ]
    
    Error message printed:
    modprobe: ERROR: could not insert 'tipc': Address family not
    supported by protocol.
    when modprobe tipc after the following patch: switch order of
    device registration, commit 7e27e8d6130c
    ("tipc: switch order of device registration to fix a crash")
    
    Because sock_create_kern(net, AF_TIPC, ...) is called by
    tipc_topsrv_create_listener() in the initialization process
    of tipc_net_ops, tipc_socket_init() must be execute before that.
    
    I move tipc_socket_init() into function tipc_init_net().
    
    Fixes: 7e27e8d6130c
    ("tipc: switch order of device registration to fix a crash")
    Signed-off-by: Junwei Hu <hujunwei4@huawei.com>
    Reported-by: Wang Wang <wangwang2@huawei.com>
    Reviewed-by: Kang Zhou <zhoukang7@huawei.com>
    Reviewed-by: Suanming Mou <mousuanming@huawei.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>
    Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

 net/tipc/core.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)
kernel signature:   f82b744bb60712bc5e14f8cebdff508e6a5eccf7
previous signature: 96d7afe13687013fd19f2f96e8305f906470625f
revisions tested: 14, total time: 3h32m37.67329694s (build: 1h50m32.642801989s, test: 1h37m34.4110962s)
first good commit: 403eac979a5b455e7a155e6a833c6c72bafba1b7 tipc: fix modprobe tipc failed after switch order of device registration
cc: ["davem@davemloft.net" "gregkh@linuxfoundation.org" "hujunwei4@huawei.com" "mousuanming@huawei.com" "zhoukang7@huawei.com"]