bisecting cause commit starting from 5076190daded2197f62fe92cf69674488be44175
building syzkaller on 0a96a13cb96316b8374bb7d8dd0793bcaff166a0
testing commit 5076190daded2197f62fe92cf69674488be44175 with gcc (GCC) 8.1.0
kernel signature: 5e16b4195f5cc7235c7006506c3daf0b97394d4378858b086932ccd2e655d6a8
all runs: crashed: INFO: trying to register non-static key in prepare_to_wait_event
testing release v5.5
testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0
kernel signature: a56edf4c2461aff8562b27a4a63a8a099ddf828ebba544963032a3dfcc97bcc7
all runs: OK
# git bisect start 5076190daded2197f62fe92cf69674488be44175 d5226fa6dbae0569ee43ecfc08bdcd6770fc4755
Bisecting: 5637 revisions left to test after this (roughly 13 steps)
[9f68e3655aae6d49d6ba05dd263f99f33c2567af] Merge tag 'drm-next-2020-01-30' of git://anongit.freedesktop.org/drm/drm
testing commit 9f68e3655aae6d49d6ba05dd263f99f33c2567af with gcc (GCC) 8.1.0
kernel signature: 93844e68f0a977f8f497b9396be85ce779fc2da3a8af34e929fa8bdd44402340
run #0: OK
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: boot failed: can't ssh into the instance
# git bisect good 9f68e3655aae6d49d6ba05dd263f99f33c2567af
Bisecting: 2883 revisions left to test after this (roughly 12 steps)
[469030d454bd1620c7b2651d9ec8cdcbaa74deb9] Merge tag 'armsoc-soc' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
testing commit 469030d454bd1620c7b2651d9ec8cdcbaa74deb9 with gcc (GCC) 8.1.0
kernel signature: 7654a07adf6cf5960164d756b9ffffe456468747de6240dec2c7f4b2b1481628
all runs: OK
# git bisect good 469030d454bd1620c7b2651d9ec8cdcbaa74deb9
Bisecting: 1438 revisions left to test after this (roughly 11 steps)
[db70e26e33eef1b148ca1c9f50de92203ec7e82e] Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input
testing commit db70e26e33eef1b148ca1c9f50de92203ec7e82e with gcc (GCC) 8.1.0
kernel signature: 74ffc15cf7e84528510117b58f66b363d54df88d938534c83d06653e33dc086b
all runs: OK
# git bisect good db70e26e33eef1b148ca1c9f50de92203ec7e82e
Bisecting: 718 revisions left to test after this (roughly 10 steps)
[2edc78b9a4b868d7bfee4f87ea29f2df19b6e955] Merge tag 'block-5.6-2020-02-28' of git://git.kernel.dk/linux-block
testing commit 2edc78b9a4b868d7bfee4f87ea29f2df19b6e955 with gcc (GCC) 8.1.0
kernel signature: 04ee7686446e04215280f76cb4207b3473e044a2ea74d959be412eb8323ad6e1
all runs: crashed: INFO: trying to register non-static key in prepare_to_wait_event
# git bisect bad 2edc78b9a4b868d7bfee4f87ea29f2df19b6e955
Bisecting: 365 revisions left to test after this (roughly 9 steps)
[cee853e825a9ab64b54bd53f991e98f832c47317] Merge tag 'usb-5.6-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
testing commit cee853e825a9ab64b54bd53f991e98f832c47317 with gcc (GCC) 8.1.0
kernel signature: b7ee2f193a9cb32b24bfd794efa2ef9f45649f4720bca3fb80b41675b6db5718
all runs: OK
# git bisect good cee853e825a9ab64b54bd53f991e98f832c47317
Bisecting: 186 revisions left to test after this (roughly 8 steps)
[63623fd44972d1ed2bfb6e0fb631dfcf547fd1e7] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
testing commit 63623fd44972d1ed2bfb6e0fb631dfcf547fd1e7 with gcc (GCC) 8.1.0
kernel signature: 13e236061a02f5319f78c1d27dec9280b6fb008a0c522c70486cc2daece79b6f
all runs: OK
# git bisect good 63623fd44972d1ed2bfb6e0fb631dfcf547fd1e7
Bisecting: 115 revisions left to test after this (roughly 7 steps)
[a2f0b878c3ca531a1706cb2a8b079cea3b17bafc] Merge tag 'kbuild-fixes-v5.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
testing commit a2f0b878c3ca531a1706cb2a8b079cea3b17bafc with gcc (GCC) 8.1.0
kernel signature: d5cf15e12bc7e1651e31cef8b92a3a80bc9177130365bef71c936dd6a2b7df9a
run #0: crashed: INFO: trying to register non-static key in prepare_to_wait_event
run #1: crashed: INFO: trying to register non-static key in prepare_to_wait_event
run #2: crashed: INFO: trying to register non-static key in prepare_to_wait_event
run #3: crashed: INFO: trying to register non-static key in prepare_to_wait_event
run #4: crashed: INFO: trying to register non-static key in prepare_to_wait_event
run #5: crashed: INFO: trying to register non-static key in prepare_to_wait_event
run #6: crashed: INFO: trying to register non-static key in prepare_to_wait_event
run #7: crashed: INFO: trying to register non-static key in prepare_to_wait_event
run #8: crashed: INFO: trying to register non-static key in prepare_to_wait_event
run #9: boot failed: can't ssh into the instance
# git bisect bad a2f0b878c3ca531a1706cb2a8b079cea3b17bafc
Bisecting: 27 revisions left to test after this (roughly 5 steps)
[91ad64a84e9e63e2906ae714dfa3933dd3f64c64] Merge tag 'trace-v5.6-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace
testing commit 91ad64a84e9e63e2906ae714dfa3933dd3f64c64 with gcc (GCC) 8.1.0
kernel signature: 1b4e12162f58b67772153f85d79b98a1562bf39aa8221dd00020e5fbea3b1243
all runs: OK
# git bisect good 91ad64a84e9e63e2906ae714dfa3933dd3f64c64
Bisecting: 16 revisions left to test after this (roughly 4 steps)
[4eb1b01de5b9d8596d6c103efcf1a15cfc1bedf7] HID: hid-bigbenff: fix race condition for scheduled work during removal
testing commit 4eb1b01de5b9d8596d6c103efcf1a15cfc1bedf7 with gcc (GCC) 8.1.0
kernel signature: e73a9b7a034669b09ae2f7f4642216cc4a49235d5ab7f28ef0c0351880907357
all runs: crashed: INFO: trying to register non-static key in prepare_to_wait_event
# git bisect bad 4eb1b01de5b9d8596d6c103efcf1a15cfc1bedf7
Bisecting: 5 revisions left to test after this (roughly 3 steps)
[84a4062632462c4320704fcdf8e99e89e94c0aba] HID: core: increase HID report buffer size to 8KiB
testing commit 84a4062632462c4320704fcdf8e99e89e94c0aba with gcc (GCC) 8.1.0
kernel signature: dd57d6d217e157c2dfeb6e0558709d5b3773fe4307a10c4b46e92ff9d3b5120e
all runs: crashed: INFO: trying to register non-static key in prepare_to_wait_event
# git bisect bad 84a4062632462c4320704fcdf8e99e89e94c0aba
Bisecting: 2 revisions left to test after this (roughly 1 step)
[beae56192a2570578ae45050e73c5ff9254f63e6] HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock
testing commit beae56192a2570578ae45050e73c5ff9254f63e6 with gcc (GCC) 8.1.0
kernel signature: 5145cc3d55a1442dfa2631d505f51c81b22e10bdf084f065221b3b59d219c6fb
all runs: OK
# git bisect good beae56192a2570578ae45050e73c5ff9254f63e6
Bisecting: 0 revisions left to test after this (roughly 1 step)
[5ebdffd25098898aff1249ae2f7dbfddd76d8f8f] HID: core: fix off-by-one memset in hid_report_raw_event()
testing commit 5ebdffd25098898aff1249ae2f7dbfddd76d8f8f with gcc (GCC) 8.1.0
kernel signature: ba7c14c87d2be82cfeabc571ee5815de58658187e02102816576f2254ea8e245
all runs: OK
# git bisect good 5ebdffd25098898aff1249ae2f7dbfddd76d8f8f
84a4062632462c4320704fcdf8e99e89e94c0aba is the first bad commit
commit 84a4062632462c4320704fcdf8e99e89e94c0aba
Author: Johan Korsnes <jkorsnes@cisco.com>
Date:   Fri Jan 17 13:08:36 2020 +0100

    HID: core: increase HID report buffer size to 8KiB
    
    We have a HID touch device that reports its opens and shorts test
    results in HID buffers of size 8184 bytes. The maximum size of the HID
    buffer is currently set to 4096 bytes, causing probe of this device to
    fail. With this patch we increase the maximum size of the HID buffer to
    8192 bytes, making device probe and acquisition of said buffers succeed.
    
    Signed-off-by: Johan Korsnes <jkorsnes@cisco.com>
    Cc: Alan Stern <stern@rowland.harvard.edu>
    Cc: Armando Visconti <armando.visconti@st.com>
    Cc: Jiri Kosina <jkosina@suse.cz>
    Signed-off-by: Jiri Kosina <jkosina@suse.cz>

 include/linux/hid.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
culprit signature: dd57d6d217e157c2dfeb6e0558709d5b3773fe4307a10c4b46e92ff9d3b5120e
parent  signature: ba7c14c87d2be82cfeabc571ee5815de58658187e02102816576f2254ea8e245
revisions tested: 14, total time: 3h37m58.434912825s (build: 1h33m56.568693171s, test: 2h2m37.86297869s)
first bad commit: 84a4062632462c4320704fcdf8e99e89e94c0aba HID: core: increase HID report buffer size to 8KiB
cc: ["benjamin.tissoires@redhat.com" "jikos@kernel.org" "jkorsnes@cisco.com" "jkosina@suse.cz" "linux-input@vger.kernel.org" "linux-kernel@vger.kernel.org"]
crash: INFO: trying to register non-static key in prepare_to_wait_event
INFO: trying to register non-static key.
the code is fine but needs lockdep annotation.
turning off the locking correctness validator.
CPU: 0 PID: 8622 Comm: syz-executor.3 Not tainted 5.5.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x128/0x182 lib/dump_stack.c:118
 assign_lock_key kernel/locking/lockdep.c:880 [inline]
 register_lock_class+0x18a5/0x1a50 kernel/locking/lockdep.c:1189
 __lock_acquire+0x101/0x4370 kernel/locking/lockdep.c:3836
 lock_acquire+0x19b/0x420 kernel/locking/lockdep.c:4484
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0x95/0xc0 kernel/locking/spinlock.c:159
 prepare_to_wait_event+0x65/0x650 kernel/sched/wait.c:280
 uhid_char_read+0x246/0x5cb drivers/hid/uhid.c:669
 do_loop_readv_writev fs/read_write.c:714 [inline]
 do_iter_read+0x360/0x580 fs/read_write.c:935
 vfs_readv+0xc7/0x130 fs/read_write.c:997
 do_readv+0x20e/0x280 fs/read_write.c:1034
 do_syscall_64+0xc6/0x5e0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45c849
Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fc3eaf14c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
RAX: ffffffffffffffda RBX: 00007fc3eaf156d4 RCX: 000000000045c849
RDX: 0000000000000002 RSI: 0000000020001680 RDI: 0000000000000003
RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000886 R14: 00000000004cb18c R15: 000000000076bf0c
list_del corruption. prev->next should be ffffc90003187bb0, but was 0000000000000000
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:53!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 8622 Comm: syz-executor.3 Not tainted 5.5.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__list_del_entry_valid.cold.1+0x48/0x4d lib/list_debug.c:51
Code: 4e 8d 87 e8 db 90 11 fe 0f 0b 48 89 de 48 c7 c7 c0 4f 8d 87 e8 ca 90 11 fe 0f 0b 48 89 de 48 c7 c7 60 4f 8d 87 e8 b9 90 11 fe <0f> 0b cc cc cc 41 57 41 56 41 55 41 54 55 48 bd 00 00 00 00 00 fc
RSP: 0018:ffffc90003187a48 EFLAGS: 00010086
RAX: 0000000000000054 RBX: ffffc90003187bb0 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000007 RDI: ffffffff8b3d6360
RBP: ffff88807bde11f8 R08: ffffed1015d045c9 R09: ffffed1015d045c9
R10: ffffed1015d045c8 R11: ffff8880ae822e43 R12: ffff88807bde11f8
R13: ffff88807bde11c0 R14: ffffc90003187bb0 R15: 0000000000000001
FS:  00007fc3eaf15700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000815fd0 CR3: 00000000a03b8000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __list_del_entry include/linux/list.h:131 [inline]
 list_del_init include/linux/list.h:190 [inline]
 prepare_to_wait_event+0x1d4/0x650 kernel/sched/wait.c:294
 uhid_char_read+0x246/0x5cb drivers/hid/uhid.c:669
 do_loop_readv_writev fs/read_write.c:714 [inline]
 do_iter_read+0x360/0x580 fs/read_write.c:935
 vfs_readv+0xc7/0x130 fs/read_write.c:997
 do_readv+0x20e/0x280 fs/read_write.c:1034
 do_syscall_64+0xc6/0x5e0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45c849
Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fc3eaf14c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
RAX: ffffffffffffffda RBX: 00007fc3eaf156d4 RCX: 000000000045c849
RDX: 0000000000000002 RSI: 0000000020001680 RDI: 0000000000000003
RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000886 R14: 00000000004cb18c R15: 000000000076bf0c
Modules linked in:
---[ end trace 1fb4ca2f099b84c2 ]---
RIP: 0010:__list_del_entry_valid.cold.1+0x48/0x4d lib/list_debug.c:51
Code: 4e 8d 87 e8 db 90 11 fe 0f 0b 48 89 de 48 c7 c7 c0 4f 8d 87 e8 ca 90 11 fe 0f 0b 48 89 de 48 c7 c7 60 4f 8d 87 e8 b9 90 11 fe <0f> 0b cc cc cc 41 57 41 56 41 55 41 54 55 48 bd 00 00 00 00 00 fc
RSP: 0018:ffffc90003187a48 EFLAGS: 00010086
RAX: 0000000000000054 RBX: ffffc90003187bb0 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000007 RDI: ffffffff8b3d6360
RBP: ffff88807bde11f8 R08: ffffed1015d045c9 R09: ffffed1015d045c9
R10: ffffed1015d045c8 R11: ffff8880ae822e43 R12: ffff88807bde11f8
R13: ffff88807bde11c0 R14: ffffc90003187bb0 R15: 0000000000000001
FS:  00007fc3eaf15700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000815fd0 CR3: 00000000a03b8000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400