bisecting cause commit starting from 7de086909365cd60a5619a45af3f4152516fd75c building syzkaller on a41ca8fa8285754d8561dcc3ed54cca2da60eed7 testing commit 7de086909365cd60a5619a45af3f4152516fd75c with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in j1939_priv_get_by_ndev_locked testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0 all runs: OK # git bisect start 7de086909365cd60a5619a45af3f4152516fd75c v5.3 Bisecting: 7036 revisions left to test after this (roughly 13 steps) [81160dda9a7aad13c04e78bb2cfd3c4630e3afab] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next testing commit 81160dda9a7aad13c04e78bb2cfd3c4630e3afab with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in j1939_priv_get_by_ndev_locked # git bisect bad 81160dda9a7aad13c04e78bb2cfd3c4630e3afab Bisecting: 3707 revisions left to test after this (roughly 12 steps) [04cbfba6208592999d7bfe6609ec01dc3fde73f5] Merge tag 'dmaengine-5.4-rc1' of git://git.infradead.org/users/vkoul/slave-dma testing commit 04cbfba6208592999d7bfe6609ec01dc3fde73f5 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 04cbfba6208592999d7bfe6609ec01dc3fde73f5 Bisecting: 1853 revisions left to test after this (roughly 11 steps) [e69e9db9031b2ef4897cfafb9a496f8eb6724e14] nfp: nsp: add support for hwinfo set operation testing commit e69e9db9031b2ef4897cfafb9a496f8eb6724e14 with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in j1939_priv_get_by_ndev_locked # git bisect bad e69e9db9031b2ef4897cfafb9a496f8eb6724e14 Bisecting: 918 revisions left to test after this (roughly 10 steps) [8c40f3b212a373be843a29db608b462af5c3ed5d] Merge tag 'mlx5-updates-2019-08-15' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux testing commit 8c40f3b212a373be843a29db608b462af5c3ed5d with gcc (GCC) 8.1.0 all runs: OK # git bisect good 8c40f3b212a373be843a29db608b462af5c3ed5d Bisecting: 459 revisions left to test after this (roughly 9 steps) [58d3bef4163b40147058649b225fddcdd9de7e82] iwlwifi: remove all the d0i3 references testing commit 58d3bef4163b40147058649b225fddcdd9de7e82 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 58d3bef4163b40147058649b225fddcdd9de7e82 Bisecting: 184 revisions left to test after this (roughly 8 steps) [1e46c09ec10049a9e366153b32e41cc557383fdb] Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next testing commit 1e46c09ec10049a9e366153b32e41cc557383fdb with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in j1939_priv_get_by_ndev_locked # git bisect bad 1e46c09ec10049a9e366153b32e41cc557383fdb Bisecting: 137 revisions left to test after this (roughly 7 steps) [7d993c5f86aa308b00c2fd420fe5208da18125e2] gianfar: remove forward declarations testing commit 7d993c5f86aa308b00c2fd420fe5208da18125e2 with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in j1939_priv_get_by_ndev_locked # git bisect bad 7d993c5f86aa308b00c2fd420fe5208da18125e2 Bisecting: 68 revisions left to test after this (roughly 6 steps) [aa3198819bea60f65f22cd771baf2ff038f59df1] ionic: Add RSS support testing commit aa3198819bea60f65f22cd771baf2ff038f59df1 with gcc (GCC) 8.1.0 all runs: OK # git bisect good aa3198819bea60f65f22cd771baf2ff038f59df1 Bisecting: 36 revisions left to test after this (roughly 5 steps) [8330f73fe9742f201f467639f8356cf58756fb9f] rocker: add missing init_net check in FIB notifier testing commit 8330f73fe9742f201f467639f8356cf58756fb9f with gcc (GCC) 8.1.0 all runs: OK # git bisect good 8330f73fe9742f201f467639f8356cf58756fb9f Bisecting: 18 revisions left to test after this (roughly 4 steps) [9868b5d44f3df9dd75247acd23dddff0a42f79be] can: introduce CAN_REQUIRED_SIZE macro testing commit 9868b5d44f3df9dd75247acd23dddff0a42f79be with gcc (GCC) 8.1.0 all runs: OK # git bisect good 9868b5d44f3df9dd75247acd23dddff0a42f79be Bisecting: 9 revisions left to test after this (roughly 3 steps) [4647e021193d638d3c87d1f1b9a5f7f7a48f36a3] net: stmmac: selftests: Add selftest for L3/L4 Filters testing commit 4647e021193d638d3c87d1f1b9a5f7f7a48f36a3 with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in j1939_priv_get_by_ndev_locked # git bisect bad 4647e021193d638d3c87d1f1b9a5f7f7a48f36a3 Bisecting: 4 revisions left to test after this (roughly 2 steps) [44c40910b66f786d33ffd2682ef38750eebb567c] Merge tag 'linux-can-next-for-5.4-20190904' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next testing commit 44c40910b66f786d33ffd2682ef38750eebb567c with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in j1939_priv_get_by_ndev_locked # git bisect bad 44c40910b66f786d33ffd2682ef38750eebb567c Bisecting: 1 revision left to test after this (roughly 1 step) [f5223e9eee651e005c0f6d6d078909087601b7e9] can: extend sockaddr_can to include j1939 members testing commit f5223e9eee651e005c0f6d6d078909087601b7e9 with gcc (GCC) 8.1.0 all runs: OK # git bisect good f5223e9eee651e005c0f6d6d078909087601b7e9 Bisecting: 0 revisions left to test after this (roughly 0 steps) [9d71dd0c70099914fcd063135da3c580865e924c] can: add support of SAE J1939 protocol testing commit 9d71dd0c70099914fcd063135da3c580865e924c with gcc (GCC) 8.1.0 all runs: crashed: general protection fault in j1939_priv_get_by_ndev_locked # git bisect bad 9d71dd0c70099914fcd063135da3c580865e924c 9d71dd0c70099914fcd063135da3c580865e924c is the first bad commit commit 9d71dd0c70099914fcd063135da3c580865e924c Author: The j1939 authors Date: Mon Oct 8 11:48:36 2018 +0200 can: add support of SAE J1939 protocol SAE J1939 is the vehicle bus recommended practice used for communication and diagnostics among vehicle components. Originating in the car and heavy-duty truck industry in the United States, it is now widely used in other parts of the world. J1939, ISO 11783 and NMEA 2000 all share the same high level protocol. SAE J1939 can be considered the replacement for the older SAE J1708 and SAE J1587 specifications. Acked-by: Oliver Hartkopp Signed-off-by: Bastian Stender Signed-off-by: Elenita Hinds Signed-off-by: kbuild test robot Signed-off-by: Kurt Van Dijck Signed-off-by: Maxime Jayat Signed-off-by: Robin van der Gracht Signed-off-by: Oleksij Rempel Signed-off-by: Marc Kleine-Budde :040000 040000 6438450435a8d8353573ce224b3dc9bcc05336fa 7305e82a35c355e46b2660329eb868aa551e2b4c M Documentation :100644 100644 a081c477d1d16934701a8f744f6a44e0d280b3f9 844f416437c427107d7410ab5ab972a202ebe86a M MAINTAINERS :040000 040000 dd56832348e76ffa1949ca007d838d21854a0bfa dfca2d178b96f019a0a7ae1ab81a813b2064f5d3 M include :040000 040000 93492ef857a6d33d4eafc56c27db9f1e31803033 356932da79a67691bcedc6e71faa591f7e5f7392 M net revisions tested: 16, total time: 3h25m27.59918331s (build: 1h32m20.797446869s, test: 1h48m50.478497907s) first bad commit: 9d71dd0c70099914fcd063135da3c580865e924c can: add support of SAE J1939 protocol cc: ["bst@pengutronix.de" "dev.kurt@vandijck-laurijssen.be" "ecathinds@gmail.com" "linux-can@vger.kernel.org" "lkp@intel.com" "maxime.jayat@mobile-devices.fr" "mkl@pengutronix.de" "o.rempel@pengutronix.de" "robin@protonic.nl" "socketcan@hartkopp.net"] crash: general protection fault in j1939_priv_get_by_ndev_locked kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 7717 Comm: syz-executor.3 Not tainted 5.3.0-rc7+ #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:j1939_ndev_to_priv net/can/j1939/main.c:210 [inline] RIP: 0010:j1939_priv_get_by_ndev_locked+0xc9/0x150 net/can/j1939/main.c:222 Code: 03 80 3c 02 00 0f 85 86 00 00 00 48 8b 9b 88 05 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d bb 28 60 00 00 48 89 fa 48 c1 ea 03 <80> 3c 02 00 75 6b 4c 8b a3 28 60 00 00 4d 85 e4 74 0d 49 8d bc 24 RSP: 0018:ffff8880a26e7a40 EFLAGS: 00010206 RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff88808677ad90 RDX: 0000000000000c05 RSI: ffffffff88e08eb8 RDI: 0000000000006028 RBP: ffff8880a26e7a50 R08: 0000000000000004 R09: ffffed10144dcf39 R10: ffffed10144dcf39 R11: 0000000000000003 R12: 0000000000000000 R13: 0000000000000006 R14: ffffffff88e08e60 R15: ffffffff88e19f80 FS: 0000555555e6c940(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b31220000 CR3: 0000000092d05000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: j1939_priv_get_by_ndev net/can/j1939/main.c:234 [inline] j1939_netdev_notify+0x42/0xf0 net/can/j1939/main.c:344 notifier_call_chain+0x8a/0x160 kernel/notifier.c:95 __raw_notifier_call_chain kernel/notifier.c:396 [inline] raw_notifier_call_chain+0x11/0x20 kernel/notifier.c:403 call_netdevice_notifiers_info+0x28/0x60 net/core/dev.c:1749 call_netdevice_notifiers_extack net/core/dev.c:1761 [inline] call_netdevice_notifiers net/core/dev.c:1775 [inline] rollback_registered_many+0x59c/0xb90 net/core/dev.c:8239 rollback_registered+0xdc/0x190 net/core/dev.c:8281 unregister_netdevice_queue+0x186/0x240 net/core/dev.c:9328 unregister_netdevice include/linux/netdevice.h:2633 [inline] __tun_detach+0xb05/0xf10 drivers/net/tun.c:723 tun_detach drivers/net/tun.c:740 [inline] tun_chr_close+0xb5/0x150 drivers/net/tun.c:3442 __fput+0x25a/0x770 fs/file_table.c:280 ____fput+0x9/0x10 fs/file_table.c:313 task_work_run+0x108/0x180 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x24e/0x2e0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline] syscall_return_slowpath arch/x86/entry/common.c:274 [inline] do_syscall_64+0x462/0x540 arch/x86/entry/common.c:299 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x413ae1 Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 RSP: 002b:00007ffc5d5831d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000413ae1 RDX: 0000001b31520000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff R10: 00007ffc5d5832b0 R11: 0000000000000293 R12: 000000000075bf20 R13: 000000000000e94f R14: 00000000007601f8 R15: 000000000075bf2c Modules linked in: ---[ end trace 9da19c950cd0b084 ]--- RIP: 0010:j1939_ndev_to_priv net/can/j1939/main.c:210 [inline] RIP: 0010:j1939_priv_get_by_ndev_locked+0xc9/0x150 net/can/j1939/main.c:222 Code: 03 80 3c 02 00 0f 85 86 00 00 00 48 8b 9b 88 05 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d bb 28 60 00 00 48 89 fa 48 c1 ea 03 <80> 3c 02 00 75 6b 4c 8b a3 28 60 00 00 4d 85 e4 74 0d 49 8d bc 24 RSP: 0018:ffff8880a26e7a40 EFLAGS: 00010206 RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff88808677ad90 RDX: 0000000000000c05 RSI: ffffffff88e08eb8 RDI: 0000000000006028 RBP: ffff8880a26e7a50 R08: 0000000000000004 R09: ffffed10144dcf39 R10: ffffed10144dcf39 R11: 0000000000000003 R12: 0000000000000000 R13: 0000000000000006 R14: ffffffff88e08e60 R15: ffffffff88e19f80 FS: 0000555555e6c940(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b31220000 CR3: 0000000092d05000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400