bisecting cause commit starting from c0cc271173b2e1c2d8d0ceaef14e4dfa79eefc0d building syzkaller on a8c6a3f8da30ccf825c6001c81a8adff21829c30 testing commit c0cc271173b2e1c2d8d0ceaef14e4dfa79eefc0d with gcc (GCC) 8.1.0 kernel signature: 0497552999f0ee454d973d2fea9725e67ee430e596480033b5d33a0c65546562 run #0: crashed: WARNING in cpu_latency_qos_remove_request run #1: crashed: WARNING in cpu_latency_qos_remove_request run #2: crashed: WARNING in cpu_latency_qos_remove_request run #3: crashed: general protection fault in plist_check_prev_next run #4: crashed: WARNING in cpu_latency_qos_remove_request run #5: crashed: WARNING in plist_check_prev_next run #6: crashed: WARNING in cpu_latency_qos_remove_request run #7: crashed: WARNING in cpu_latency_qos_remove_request run #8: crashed: general protection fault in pm_qos_get_value run #9: crashed: WARNING in cpu_latency_qos_remove_request testing release v5.6 testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.1.0 kernel signature: 003b0808fc1e40cee73bfda3e4a341b0671ccb40c6197c42e9f9775136b24d5d run #0: crashed: WARNING in pm_qos_remove_request run #1: crashed: WARNING in plist_check_prev_next run #2: crashed: WARNING in pm_qos_remove_request run #3: crashed: BUG: unable to handle kernel paging request in pm_qos_update_target run #4: crashed: general protection fault in pm_qos_update_target run #5: crashed: BUG: unable to handle kernel paging request in pm_qos_update_target run #6: crashed: WARNING in pm_qos_remove_request run #7: crashed: BUG: unable to handle kernel paging request in pm_qos_update_target run #8: crashed: WARNING in pm_qos_remove_request run #9: crashed: WARNING in pm_qos_remove_request testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: 7679cc579c59e1d7c7d8141cf4318758d4fc2c71fcf9712262656863bfa4980e all runs: OK # git bisect start 7111951b8d4973bda27ff663f2cf18b663d15b48 d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 Bisecting: 6113 revisions left to test after this (roughly 13 steps) [9f68e3655aae6d49d6ba05dd263f99f33c2567af] Merge tag 'drm-next-2020-01-30' of git://anongit.freedesktop.org/drm/drm testing commit 9f68e3655aae6d49d6ba05dd263f99f33c2567af with gcc (GCC) 8.1.0 kernel signature: 1c4a8c2caa6f013522be5577a3dfa5e5546c6e5b3b6db747a20a47b377887981 all runs: OK # git bisect good 9f68e3655aae6d49d6ba05dd263f99f33c2567af Bisecting: 3359 revisions left to test after this (roughly 12 steps) [469030d454bd1620c7b2651d9ec8cdcbaa74deb9] Merge tag 'armsoc-soc' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc testing commit 469030d454bd1620c7b2651d9ec8cdcbaa74deb9 with gcc (GCC) 8.1.0 kernel signature: 7a177551f1cf9d16004145e035dc513e92971feb1e18f988bcec0566e75eda87 all runs: OK # git bisect good 469030d454bd1620c7b2651d9ec8cdcbaa74deb9 Bisecting: 1644 revisions left to test after this (roughly 11 steps) [3dc55dba67231fc22352483f5ca737df96cdc1e6] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit 3dc55dba67231fc22352483f5ca737df96cdc1e6 with gcc (GCC) 8.1.0 kernel signature: 6788ff948b22a18fb9ef1bbdb148543d570dd07fb3213f5193bc71ace2e79ec7 run #0: basic kernel testing failed: timed out run #1: basic kernel testing failed: timed out run #2: basic kernel testing failed: timed out run #3: basic kernel testing failed: timed out run #4: basic kernel testing failed: timed out run #5: basic kernel testing failed: timed out run #6: basic kernel testing failed: timed out run #7: basic kernel testing failed: timed out run #8: basic kernel testing failed: timed out run #9: boot failed: can't ssh into the instance # git bisect skip 3dc55dba67231fc22352483f5ca737df96cdc1e6 Bisecting: 1644 revisions left to test after this (roughly 11 steps) [cb0cc635c7a9fa8a3a0f75d4d896721819c63add] powerpc: Include .BTF section testing commit cb0cc635c7a9fa8a3a0f75d4d896721819c63add with gcc (GCC) 8.1.0 kernel signature: fa2681e9b06cc1c5b40ead7c5f08514e8b6a6af4a14e4858fbe7cdf16f95d2ef all runs: OK # git bisect good cb0cc635c7a9fa8a3a0f75d4d896721819c63add Bisecting: 907 revisions left to test after this (roughly 10 steps) [c20037652700024cffeb6b0f74306ce9b391248f] Merge tag 'io_uring-5.6-2020-03-07' of git://git.kernel.dk/linux-block testing commit c20037652700024cffeb6b0f74306ce9b391248f with gcc (GCC) 8.1.0 kernel signature: 5a87babd80bd0102055104408fa9b4ed9ee115997c31564db65d93025c49d011 run #0: crashed: WARNING in pm_qos_remove_request run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad c20037652700024cffeb6b0f74306ce9b391248f Bisecting: 454 revisions left to test after this (roughly 9 steps) [289de35984815576793f579ec27248609e75976e] sched/fair: Fix statistics for find_idlest_group() testing commit 289de35984815576793f579ec27248609e75976e with gcc (GCC) 8.1.0 kernel signature: a47e89ac31f9d928c18c3cdd3e81079bf69b5fd3ac281ec9e6711abae234ba4f all runs: OK # git bisect good 289de35984815576793f579ec27248609e75976e Bisecting: 226 revisions left to test after this (roughly 8 steps) [26398db1f49a63f93b789d43b3bc292242ff73d4] Merge tag 'drm-misc-fixes-2020-03-05' of git://anongit.freedesktop.org/drm/drm-misc into drm-fixes testing commit 26398db1f49a63f93b789d43b3bc292242ff73d4 with gcc (GCC) 8.1.0 kernel signature: 31fc5816832cc6b7a87683dadfa90725785c65b3a028f760915ed09d2075c97f all runs: OK # git bisect good 26398db1f49a63f93b789d43b3bc292242ff73d4 Bisecting: 113 revisions left to test after this (roughly 7 steps) [c20c4a084a878df35a7e394a7e646f303b505eaf] Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux testing commit c20c4a084a878df35a7e394a7e646f303b505eaf with gcc (GCC) 8.1.0 kernel signature: 3b101937392ef675cb377a0f59b36592f6e25376107cdd0176b4be915d2b7c26 all runs: OK # git bisect good c20c4a084a878df35a7e394a7e646f303b505eaf Bisecting: 59 revisions left to test after this (roughly 6 steps) [63849c8f410717eb2e6662f3953ff674727303e7] Merge tag 'linux-kselftest-5.6-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest testing commit 63849c8f410717eb2e6662f3953ff674727303e7 with gcc (GCC) 8.1.0 kernel signature: 8b9f72e68a49adb5f46ab13a8397c47fcae28bc1692f8a0475e11e0787e48bb9 all runs: OK # git bisect good 63849c8f410717eb2e6662f3953ff674727303e7 Bisecting: 28 revisions left to test after this (roughly 5 steps) [fa883d6afb158c3c9bf33262272da3b6f0489742] Merge tag 'for-linus-2020-03-07' of gitolite.kernel.org:pub/scm/linux/kernel/git/brauner/linux testing commit fa883d6afb158c3c9bf33262272da3b6f0489742 with gcc (GCC) 8.1.0 kernel signature: d0b20110e5f2e9271273326012aa79ab91fc48e473339a4a5c93a8982ada204f all runs: OK # git bisect good fa883d6afb158c3c9bf33262272da3b6f0489742 Bisecting: 16 revisions left to test after this (roughly 4 steps) [9d588f63602778716921bb638cda412cdeacabc8] Merge tag 's390-5.6-5' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux testing commit 9d588f63602778716921bb638cda412cdeacabc8 with gcc (GCC) 8.1.0 kernel signature: d2df136f4f58d3eee101196f3d31c8bf57e36f63a29db6d42bf9ac0b1e78a002 all runs: OK # git bisect good 9d588f63602778716921bb638cda412cdeacabc8 Bisecting: 9 revisions left to test after this (roughly 3 steps) [6f784a3179dce0d3e9ab5413766e2fd9631d3521] Merge tag 'media/v5.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media testing commit 6f784a3179dce0d3e9ab5413766e2fd9631d3521 with gcc (GCC) 8.1.0 kernel signature: 0ea445860c8020bebab32bac9e5e6cbd3411bc672df63cee4214e0fceff95868 run #0: boot failed: error getting instance ci-upstream-kasan-gce-386-bisect-job-bisect-job-2 details after creation: googleapi: Error 503: Internal error. Please try again or contact Google Support. (Code: '9081210342822527839'), backendError run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good 6f784a3179dce0d3e9ab5413766e2fd9631d3521 Bisecting: 4 revisions left to test after this (roughly 2 steps) [5dfcc13902bfb6d252b84e234bfc4cdba76c1069] Merge tag 'block-5.6-2020-03-07' of git://git.kernel.dk/linux-block testing commit 5dfcc13902bfb6d252b84e234bfc4cdba76c1069 with gcc (GCC) 8.1.0 kernel signature: 392570b61f30eb654dedac6d07b94de872bbc0d8a99a97cd7969dffc60706c40 all runs: OK # git bisect good 5dfcc13902bfb6d252b84e234bfc4cdba76c1069 Bisecting: 2 revisions left to test after this (roughly 1 step) [80ad894382bf1d73eb688c29714fa10c0afcf2e7] io-wq: remove io_wq_flush and IO_WQ_WORK_INTERNAL testing commit 80ad894382bf1d73eb688c29714fa10c0afcf2e7 with gcc (GCC) 8.1.0 kernel signature: 1e86ae44c48709bd6971e17b40f43bbac1603e40ff379e464ce61ff8019d2b02 all runs: OK # git bisect good 80ad894382bf1d73eb688c29714fa10c0afcf2e7 Bisecting: 1 revision left to test after this (roughly 1 step) [c1e2148f8ecb26863b899d402a823dab8e26efd1] io_uring: free fixed_file_data after RCU grace period testing commit c1e2148f8ecb26863b899d402a823dab8e26efd1 with gcc (GCC) 8.1.0 kernel signature: 5a014b7688da9c3461cc6650cd9432ca2a4ee70f7035c3bbb0e5a23ba717b64a all runs: OK # git bisect good c1e2148f8ecb26863b899d402a823dab8e26efd1 Bisecting: 0 revisions left to test after this (roughly 0 steps) [f0e20b8943509d81200cef5e30af2adfddba0f5c] io_uring: fix lockup with timeouts testing commit f0e20b8943509d81200cef5e30af2adfddba0f5c with gcc (GCC) 8.1.0 kernel signature: 1bed113ddde962bfb96d9f3b1044fd9b3a6098a1c731849c0de7491fd4de9fbf all runs: OK # git bisect good f0e20b8943509d81200cef5e30af2adfddba0f5c c20037652700024cffeb6b0f74306ce9b391248f is the first bad commit commit c20037652700024cffeb6b0f74306ce9b391248f Merge: 5dfcc13902bf f0e20b894350 Author: Linus Torvalds Date: Sat Mar 7 14:20:29 2020 -0600 Merge tag 'io_uring-5.6-2020-03-07' of git://git.kernel.dk/linux-block Pull io_uring fixes from Jens Axboe: "Here are a few io_uring fixes that should go into this release. This contains: - Removal of (now) unused io_wq_flush() and associated flag (Pavel) - Fix cancelation lockup with linked timeouts (Pavel) - Fix for potential use-after-free when freeing percpu ref for fixed file sets - io-wq cancelation fixups (Pavel)" * tag 'io_uring-5.6-2020-03-07' of git://git.kernel.dk/linux-block: io_uring: fix lockup with timeouts io_uring: free fixed_file_data after RCU grace period io-wq: remove io_wq_flush and IO_WQ_WORK_INTERNAL io-wq: fix IO_WQ_WORK_NO_CANCEL cancellation fs/io-wq.c | 58 +++++++++++++++------------------------------------------- fs/io-wq.h | 2 -- fs/io_uring.c | 25 +++++++++++++++++++++++-- 3 files changed, 38 insertions(+), 47 deletions(-) revisions tested: 19, total time: 5h11m29.876184799s (build: 2h6m51.620258848s, test: 3h3m21.439491807s) first bad commit: c20037652700024cffeb6b0f74306ce9b391248f Merge tag 'io_uring-5.6-2020-03-07' of git://git.kernel.dk/linux-block cc: ["torvalds@linux-foundation.org"] crash: WARNING in pm_qos_remove_request ------------[ cut here ]------------ pm_qos_remove_request() called for unknown object WARNING: CPU: 1 PID: 8630 at kernel/power/qos.c:477 pm_qos_remove_request+0x24d/0x370 kernel/power/qos.c:477 Kernel panic - not syncing: panic_on_warn set ... CPU: 1 PID: 8630 Comm: syz-executor.5 Not tainted 5.6.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x128/0x182 lib/dump_stack.c:118 panic+0x22a/0x4e3 kernel/panic.c:221 __warn.cold.10+0x25/0x26 kernel/panic.c:582 report_bug+0x1ad/0x270 lib/bug.c:195 fixup_bug arch/x86/kernel/traps.c:174 [inline] do_error_trap+0x123/0x210 arch/x86/kernel/traps.c:267 do_invalid_op+0x31/0x40 arch/x86/kernel/traps.c:286 invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027 RIP: 0010:pm_qos_remove_request+0x24d/0x370 kernel/power/qos.c:477 Code: 65 00 4d 85 e4 75 bc 65 ff 0d 77 4a b0 7e 0f 85 1d fe ff ff e8 15 85 ae ff e9 13 fe ff ff 48 c7 c7 40 1b 6b 87 e8 cf 87 eb ff <0f> 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 65 ff 05 47 4a b0 7e 48 c7 RSP: 0018:ffffc90004c27ba0 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffff8882159f7040 RCX: 0000000000000000 RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffffff8b64f4a0 RBP: ffffc90004c27d50 R08: ffffed1015d26661 R09: ffffed1015d26661 R10: ffffed1015d26660 R11: ffff8880ae933307 R12: 1ffff92000984f85 R13: ffff8882159f7068 R14: ffff8880a788d280 R15: 0000000000004112 snd_pcm_hw_free sound/core/pcm_native.c:824 [inline] snd_pcm_common_ioctl+0xb19/0x1c20 sound/core/pcm_native.c:3187 snd_pcm_ioctl_compat+0x402/0xd20 sound/core/pcm_compat.c:532 __do_compat_sys_ioctl fs/ioctl.c:857 [inline] __se_compat_sys_ioctl fs/ioctl.c:808 [inline] __ia32_compat_sys_ioctl+0x1ce/0x220 fs/ioctl.c:808 do_syscall_32_irqs_on arch/x86/entry/common.c:337 [inline] do_fast_syscall_32+0x231/0xb9f arch/x86/entry/common.c:408 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 Kernel Offset: disabled Rebooting in 86400 seconds..