bisecting cause commit starting from f5ae2ea6347a308cfe91f53b53682ce635497d0d
building syzkaller on 3de7aabbb79a6c2267f5d7ee8a8aaa83f63305b7
testing commit f5ae2ea6347a308cfe91f53b53682ce635497d0d with gcc (GCC) 8.1.0
kernel signature: 604cf31613944e35b1b2b800a970609585562770
all runs: crashed: general protection fault in can_rx_register
testing release v5.4
testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0
kernel signature: 095ff774f38806de62d3b55a5debb202df785985
all runs: crashed: general protection fault in can_rx_register
testing release v5.3
testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0
kernel signature: cca18b1a9a601230668512c26690022f9c994e19
all runs: OK
# git bisect start 219d54332a09e8d8741c1e1982f5eae56099de85 4d856f72c10ecb060868ed10ff1b1453943fc6c8
Bisecting: 7882 revisions left to test after this (roughly 13 steps)
[a9f8b38a071b468276a243ea3ea5a0636e848cf2] Merge tag 'for-linus-5.4-1' of git://github.com/cminyard/linux-ipmi
testing commit a9f8b38a071b468276a243ea3ea5a0636e848cf2 with gcc (GCC) 8.1.0
kernel signature: b0a765c16ca18affb96f01f58792b1e4bf42ff79
all runs: crashed: general protection fault in j1939_priv_get_by_ndev_locked
# git bisect bad a9f8b38a071b468276a243ea3ea5a0636e848cf2
Bisecting: 3920 revisions left to test after this (roughly 12 steps)
[fe38bd6862074c0a2b9be7f31f043aaa70b2af5f] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
testing commit fe38bd6862074c0a2b9be7f31f043aaa70b2af5f with gcc (GCC) 8.1.0
kernel signature: f31b51f706f6e42905149ce382731c5fa3fee501
all runs: OK
# git bisect good fe38bd6862074c0a2b9be7f31f043aaa70b2af5f
Bisecting: 1962 revisions left to test after this (roughly 11 steps)
[069841ef8293697e951c34f9a45601b77fb541d7] Merge branch '40GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queue
testing commit 069841ef8293697e951c34f9a45601b77fb541d7 with gcc (GCC) 8.1.0
kernel signature: da2d8bc9845b4943831223190b6153e94f4eb06b
all runs: crashed: general protection fault in j1939_priv_get_by_ndev_locked
# git bisect bad 069841ef8293697e951c34f9a45601b77fb541d7
Bisecting: 978 revisions left to test after this (roughly 10 steps)
[f33bf6b00f20c9d26c42dfdaf8b83c2b0c1e6f71] net: stmmac: dwmac-meson: use devm_platform_ioremap_resource() to simplify code
testing commit f33bf6b00f20c9d26c42dfdaf8b83c2b0c1e6f71 with gcc (GCC) 8.1.0
kernel signature: c108f86467c9721f6ccea4cabdfdba95a92813ea
all runs: OK
# git bisect good f33bf6b00f20c9d26c42dfdaf8b83c2b0c1e6f71
Bisecting: 487 revisions left to test after this (roughly 9 steps)
[67e974c3ae21c8ced474eae3ce9261a6f827e95c] Merge tag 'iwlwifi-next-for-kalle-2019-09-06' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/iwlwifi-next
testing commit 67e974c3ae21c8ced474eae3ce9261a6f827e95c with gcc (GCC) 8.1.0
kernel signature: 0181c4b6db60f55de26559fa7d4a1fe3c6c48892
all runs: OK
# git bisect good 67e974c3ae21c8ced474eae3ce9261a6f827e95c
Bisecting: 212 revisions left to test after this (roughly 8 steps)
[1e46c09ec10049a9e366153b32e41cc557383fdb] Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
testing commit 1e46c09ec10049a9e366153b32e41cc557383fdb with gcc (GCC) 8.1.0
kernel signature: ef29fbbdd7b1bbd6999a9d96239c8836099605fc
all runs: crashed: general protection fault in j1939_priv_get_by_ndev_locked
# git bisect bad 1e46c09ec10049a9e366153b32e41cc557383fdb
Bisecting: 137 revisions left to test after this (roughly 7 steps)
[7d993c5f86aa308b00c2fd420fe5208da18125e2] gianfar: remove forward declarations
testing commit 7d993c5f86aa308b00c2fd420fe5208da18125e2 with gcc (GCC) 8.1.0
kernel signature: c6da5b819948f2e7a9d13e0c15a7b7f1fc4e5ae2
all runs: crashed: general protection fault in j1939_priv_get_by_ndev_locked
# git bisect bad 7d993c5f86aa308b00c2fd420fe5208da18125e2
Bisecting: 68 revisions left to test after this (roughly 6 steps)
[aa3198819bea60f65f22cd771baf2ff038f59df1] ionic: Add RSS support
testing commit aa3198819bea60f65f22cd771baf2ff038f59df1 with gcc (GCC) 8.1.0
kernel signature: 8b1d1a712e6b02dd52f3a21f88582fc905ceb76b
all runs: OK
# git bisect good aa3198819bea60f65f22cd771baf2ff038f59df1
Bisecting: 36 revisions left to test after this (roughly 5 steps)
[8330f73fe9742f201f467639f8356cf58756fb9f] rocker: add missing init_net check in FIB notifier
testing commit 8330f73fe9742f201f467639f8356cf58756fb9f with gcc (GCC) 8.1.0
kernel signature: 09f93c2bb595a5ca3b89bec678bc26d4100cc011
all runs: OK
# git bisect good 8330f73fe9742f201f467639f8356cf58756fb9f
Bisecting: 18 revisions left to test after this (roughly 4 steps)
[9868b5d44f3df9dd75247acd23dddff0a42f79be] can: introduce CAN_REQUIRED_SIZE macro
testing commit 9868b5d44f3df9dd75247acd23dddff0a42f79be with gcc (GCC) 8.1.0
kernel signature: c5d7d2a20d44cd633086a4771057bdd921a7fdb3
all runs: crashed: general protection fault in can_rx_register
# git bisect bad 9868b5d44f3df9dd75247acd23dddff0a42f79be
Bisecting: 8 revisions left to test after this (roughly 3 steps)
[fac785009aaf2f6588649778617b33cb0dcd4c8e] can: af_can: rename find_dev_rcv_lists() to can_dev_rcv_lists_find()
testing commit fac785009aaf2f6588649778617b33cb0dcd4c8e with gcc (GCC) 8.1.0
kernel signature: b6eb809ab65be4f56680b4f9f59301395be475ca
all runs: OK
# git bisect good fac785009aaf2f6588649778617b33cb0dcd4c8e
Bisecting: 4 revisions left to test after this (roughly 2 steps)
[ffd956eef69b212a724b1cc4cdc61828f3ad9104] can: introduce CAN midlayer private and allocate it automatically
testing commit ffd956eef69b212a724b1cc4cdc61828f3ad9104 with gcc (GCC) 8.1.0
kernel signature: cf3e8f5977c4b42eb1c2649a9da788909bef07c9
all runs: OK
# git bisect good ffd956eef69b212a724b1cc4cdc61828f3ad9104
Bisecting: 2 revisions left to test after this (roughly 1 step)
[bdfb5765e45b86b599caf377a99826409f8403cb] can: af_can: remove NULL-ptr checks from users of can_dev_rcv_lists_find()
testing commit bdfb5765e45b86b599caf377a99826409f8403cb with gcc (GCC) 8.1.0
kernel signature: d7ef7fccc942fed0e92e0a402e6a6a6b2fddcfa4
all runs: OK
# git bisect good bdfb5765e45b86b599caf377a99826409f8403cb
Bisecting: 0 revisions left to test after this (roughly 1 step)
[4f746fb4951834ba71d590d430f27dee54f9d9a0] mailmap: update email address
testing commit 4f746fb4951834ba71d590d430f27dee54f9d9a0 with gcc (GCC) 8.1.0
kernel signature: 902de7b05dd907f18fa4b543cdbca680eea12ef6
all runs: OK
# git bisect good 4f746fb4951834ba71d590d430f27dee54f9d9a0
9868b5d44f3df9dd75247acd23dddff0a42f79be is the first bad commit
commit 9868b5d44f3df9dd75247acd23dddff0a42f79be
Author: Kurt Van Dijck <dev.kurt@vandijck-laurijssen.be>
Date:   Mon Oct 8 11:48:33 2018 +0200

    can: introduce CAN_REQUIRED_SIZE macro
    
    The size of this structure will be increased with J1939 support. To stay
    binary compatible, the CAN_REQUIRED_SIZE macro is introduced for
    existing CAN protocols.
    
    Signed-off-by: Kurt Van Dijck <dev.kurt@vandijck-laurijssen.be>
    Signed-off-by: Oleksij Rempel <o.rempel@pengutronix.de>
    Acked-by: Oliver Hartkopp <socketcan@hartkopp.net>
    Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>

 include/linux/can/core.h | 8 ++++++++
 net/can/bcm.c            | 4 ++--
 net/can/raw.c            | 4 ++--
 3 files changed, 12 insertions(+), 4 deletions(-)
culprit signature: c5d7d2a20d44cd633086a4771057bdd921a7fdb3
parent  signature: 902de7b05dd907f18fa4b543cdbca680eea12ef6
revisions tested: 17, total time: 4h17m13.542707648s (build: 1h55m40.766977488s, test: 2h19m38.215461079s)
first bad commit: 9868b5d44f3df9dd75247acd23dddff0a42f79be can: introduce CAN_REQUIRED_SIZE macro
cc: ["dev.kurt@vandijck-laurijssen.be" "mkl@pengutronix.de" "o.rempel@pengutronix.de" "socketcan@hartkopp.net"]
crash: general protection fault in can_rx_register
bond1: (slave vxcan13): The slave device specified does not support setting the MAC address
bond1: (slave vxcan13): Error -22 calling dev_set_mtu
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 8556 Comm: syz-executor.4 Not tainted 5.3.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:hlist_add_head_rcu include/linux/rculist.h:508 [inline]
RIP: 0010:can_rx_register+0x31a/0x6b0 net/can/af_can.c:475
Code: 49 89 4e 30 80 3c 16 00 0f 85 05 03 00 00 48 8b 8d 18 ff ff ff 48 89 c6 48 ba 00 00 00 00 00 fc ff df 48 c1 ee 03 49 89 4e 38 <80> 3c 16 00 0f 85 c4 02 00 00 48 ba 00 00 00 00 00 fc ff df 4c 89
RSP: 0018:ffff88808a297b58 EFLAGS: 00010202
RAX: 0000000000000008 RBX: 1ffff11011452f72 RCX: ffff8880928d2ac0
RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffff8880908800a8
RBP: ffff88808a297c58 R08: 0000000000000004 R09: ffffed1011452f58
R10: 1ffff11012110010 R11: 0000000000000003 R12: 0000000000000000
R13: 0000000000000000 R14: ffff888090880070 R15: ffff8880a479a900
FS:  00007f72dd470700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000087ae80 CR3: 0000000095ab3000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 raw_enable_filters+0xc3/0x1e0 net/can/raw.c:189
 raw_enable_allfilters+0x80/0x1b0 net/can/raw.c:255
 raw_bind+0x239/0x8d0 net/can/raw.c:428
 __sys_bind+0x1e1/0x230 net/socket.c:1647
 __do_sys_bind net/socket.c:1658 [inline]
 __se_sys_bind net/socket.c:1656 [inline]
 __x64_sys_bind+0x6e/0xb0 net/socket.c:1656
 do_syscall_64+0xd0/0x540 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45aff9
Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f72dd46fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
RAX: ffffffffffffffda RBX: 00007f72dd4706d4 RCX: 000000000045aff9
RDX: 0000000000000008 RSI: 0000000020000180 RDI: 0000000000000003
RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000031 R14: 00000000004c140d R15: 000000000075bfd4
Modules linked in:
---[ end trace 654afd1aab27cd36 ]---
RIP: 0010:hlist_add_head_rcu include/linux/rculist.h:508 [inline]
RIP: 0010:can_rx_register+0x31a/0x6b0 net/can/af_can.c:475
Code: 49 89 4e 30 80 3c 16 00 0f 85 05 03 00 00 48 8b 8d 18 ff ff ff 48 89 c6 48 ba 00 00 00 00 00 fc ff df 48 c1 ee 03 49 89 4e 38 <80> 3c 16 00 0f 85 c4 02 00 00 48 ba 00 00 00 00 00 fc ff df 4c 89
RSP: 0018:ffff88808a297b58 EFLAGS: 00010202
RAX: 0000000000000008 RBX: 1ffff11011452f72 RCX: ffff8880928d2ac0
RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffff8880908800a8
RBP: ffff88808a297c58 R08: 0000000000000004 R09: ffffed1011452f58
R10: 1ffff11012110010 R11: 0000000000000003 R12: 0000000000000000
R13: 0000000000000000 R14: ffff888090880070 R15: ffff8880a479a900
FS:  00007f72dd470700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000087ae80 CR3: 0000000095ab3000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400