bisecting cause commit starting from d01f2f7e35573049673b71e18be7abfe3f80323f
building syzkaller on 4c37c133e4bf703d023995535f1e264d8658e08e
testing commit d01f2f7e35573049673b71e18be7abfe3f80323f with gcc (GCC) 10.2.1 20210217
kernel signature: 44b2ebce7577423adb24639454b9304d018f224c9de41eb114d6a17b2ff1e029
run #0: crashed: SYZFAIL: wrong response packet
run #1: crashed: KASAN: use-after-free Read in __cpuhp_state_remove_instance
run #2: crashed: INFO: task hung in io_sq_thread_park
run #3: crashed: INFO: task hung in io_sq_thread_park
run #4: crashed: INFO: task hung in io_sq_thread_park
run #5: crashed: INFO: task hung in io_sq_thread_park
run #6: crashed: INFO: task hung in io_sq_thread_park
run #7: crashed: INFO: task hung in io_sq_thread_park
run #8: crashed: INFO: task hung in io_sq_thread_park
run #9: crashed: INFO: task hung in io_sq_thread_park
run #10: crashed: INFO: task hung in io_sq_thread_park
run #11: crashed: INFO: task hung in io_sq_thread_park
run #12: crashed: INFO: task hung in io_sq_thread_park
run #13: crashed: INFO: task hung in io_sq_thread_park
run #14: crashed: INFO: task hung in io_sq_thread_park
run #15: crashed: INFO: task hung in io_sq_thread_park
run #16: crashed: INFO: task hung in io_sq_thread_park
run #17: crashed: INFO: task hung in io_sq_thread_park
run #18: crashed: INFO: task hung in io_sq_thread_park
run #19: crashed: INFO: task hung in io_sq_thread_park
testing release v5.11
testing commit f40ddce88593482919761f74910f42f4b84c004b with gcc (GCC) 10.2.1 20210217
kernel signature: b47e4715276950756b03b5ad9dbf4728b20992193d0763caa8c0112f7aa0328d
run #0: crashed: SYZFAIL: wrong response packet
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
reproducer seems to be flaky
testing release v5.10
testing commit 2c85ebc57b3e1817b6ce1a6b703928e113a90442 with gcc (GCC) 10.2.1 20210217
kernel signature: 0ca9dcf3af21d1a5232536de4f8c9778d9f136c1a60b7c1c645fc9418ee2b463
run #0: crashed: WARNING: ODEBUG bug in netdev_run_todo
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
run #10: OK
run #11: OK
run #12: OK
run #13: OK
run #14: OK
run #15: OK
run #16: OK
run #17: OK
run #18: OK
run #19: OK
testing release v5.9
testing commit bbf5c979011a099af5dc76498918ed7df445635b with gcc (GCC) 10.2.1 20210217
kernel signature: f35ba365435e6b891c352e8b6ef0836217246197fa760240a81c026a0fb39f68
run #0: crashed: SYZFAIL: wrong response packet
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
run #10: OK
run #11: OK
run #12: OK
run #13: OK
run #14: OK
run #15: OK
run #16: OK
run #17: OK
run #18: OK
run #19: OK
testing release v5.8
testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.4.1 20210217
kernel signature: 94433569a06f503ffd5ee1505f4d9ad2586a02d16c23b5179fe502fccaf110e0
all runs: OK
# git bisect start bbf5c979011a099af5dc76498918ed7df445635b bcf876870b95592b52519ed4aafcf9d95999bc9c
Bisecting: 7841 revisions left to test after this (roughly 13 steps)
[47ec5303d73ea344e84f46660fff693c57641386] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next

testing commit 47ec5303d73ea344e84f46660fff693c57641386 with gcc (GCC) 8.4.1 20210217
kernel signature: 1f573f655a209eac0cdf8085397b3010bb393040e0ecb53fd13d15c94f608137
all runs: OK
# git bisect good 47ec5303d73ea344e84f46660fff693c57641386
Bisecting: 3921 revisions left to test after this (roughly 12 steps)
[97d052ea3fa853b9aabcc4baca1a605cb1188611] Merge tag 'locking-urgent-2020-08-10' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

testing commit 97d052ea3fa853b9aabcc4baca1a605cb1188611 with gcc (GCC) 8.4.1 20210217
kernel signature: c78622dec4956fb011523b633a48db6ac4bfea724c0a14ffc08718860bc72270
all runs: OK
# git bisect good 97d052ea3fa853b9aabcc4baca1a605cb1188611
Bisecting: 1960 revisions left to test after this (roughly 11 steps)
[df561f6688fef775baa341a0f5d960becd248b11] treewide: Use fallthrough pseudo-keyword

testing commit df561f6688fef775baa341a0f5d960becd248b11 with gcc (GCC) 8.4.1 20210217
kernel signature: c780cd28d5bdfc7bf71a9684c9249e87440dad3ee3aa3ce183bad15e1b74fe8b
all runs: OK
# git bisect good df561f6688fef775baa341a0f5d960becd248b11
Bisecting: 982 revisions left to test after this (roughly 10 steps)
[e4c26faa426c17274884f759f708bc9ee22fd59a] Merge tag 'usb-5.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb

testing commit e4c26faa426c17274884f759f708bc9ee22fd59a with gcc (GCC) 8.4.1 20210217
kernel signature: cbad6e5aee2c41028632cad288a43c7c1916957879f3ea37f1d5848c6af274b6
run #0: crashed: SYZFAIL: wrong response packet
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
run #10: OK
run #11: OK
run #12: OK
run #13: OK
run #14: OK
run #15: OK
run #16: OK
run #17: OK
run #18: OK
run #19: OK
# git bisect bad e4c26faa426c17274884f759f708bc9ee22fd59a
Bisecting: 446 revisions left to test after this (roughly 9 steps)
[3e8d3bdc2a757cc6be5470297947799a7df445cc] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

testing commit 3e8d3bdc2a757cc6be5470297947799a7df445cc with gcc (GCC) 8.4.1 20210217
kernel signature: e767e8a96fa2ed4868058ab55902fcf8f8e8662b4b4b351fd2674a29de8740b4
all runs: OK
# git bisect good 3e8d3bdc2a757cc6be5470297947799a7df445cc
Bisecting: 219 revisions left to test after this (roughly 8 steps)
[d6dc7e06826bd7bbb654b7a730db99e7020abbf6] Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi

testing commit d6dc7e06826bd7bbb654b7a730db99e7020abbf6 with gcc (GCC) 8.4.1 20210217
kernel signature: ff5fee9192e668e4d193b32b5c308dd64f0a05d0c909c076990607d5f2c5f583
run #0: crashed: SYZFAIL: wrong response packet
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
run #10: OK
run #11: OK
run #12: OK
run #13: OK
run #14: OK
run #15: OK
run #16: OK
run #17: OK
run #18: OK
run #19: OK
# git bisect bad d6dc7e06826bd7bbb654b7a730db99e7020abbf6
Bisecting: 117 revisions left to test after this (roughly 7 steps)
[d824e0809ce3c9e935f3aa37381cda7fd4184f12] Merge tag 'libata-5.9-2020-09-04' of git://git.kernel.dk/linux-block

testing commit d824e0809ce3c9e935f3aa37381cda7fd4184f12 with gcc (GCC) 8.4.1 20210217
kernel signature: 56444bad232040b7d44c587c747958825b4fa83666b7acfadaef9ba771f0d2fe
run #0: crashed: SYZFAIL: wrong response packet
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
run #10: OK
run #11: OK
run #12: OK
run #13: OK
run #14: OK
run #15: OK
run #16: OK
run #17: OK
run #18: OK
run #19: OK
# git bisect bad d824e0809ce3c9e935f3aa37381cda7fd4184f12
Bisecting: 44 revisions left to test after this (roughly 6 steps)
[86edf52e7c7201fabfba39ae694a5206d48e77af] Merge tag 'sound-5.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound

testing commit 86edf52e7c7201fabfba39ae694a5206d48e77af with gcc (GCC) 8.4.1 20210217
kernel signature: b896eaede94b91b228e8bbfd65f4cb3d7d9418ce4b8c52005c28ce55fdd6129c
all runs: OK
# git bisect good 86edf52e7c7201fabfba39ae694a5206d48e77af
Bisecting: 23 revisions left to test after this (roughly 5 steps)
[7e24969022cbd61ddc586f14824fc205661bb124] block: allow for_each_bvec to support zero len bvec

testing commit 7e24969022cbd61ddc586f14824fc205661bb124 with gcc (GCC) 8.4.1 20210217
kernel signature: 29de0298bdc16a41a6aa4f38502f826c089e3ba62089719e00ddad58303eb40e
all runs: OK
# git bisect good 7e24969022cbd61ddc586f14824fc205661bb124
Bisecting: 11 revisions left to test after this (roughly 4 steps)
[e2dacf6cd13c1f8d40a59fdda41ecd139c2207df] Merge tag 'dmaengine-fix-5.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/dmaengine

testing commit e2dacf6cd13c1f8d40a59fdda41ecd139c2207df with gcc (GCC) 8.4.1 20210217
kernel signature: a7a3eba6be5b30fc51a7334f308258db58d8e52e6b74bf517c7ae2422a3fb0d2
all runs: OK
# git bisect good e2dacf6cd13c1f8d40a59fdda41ecd139c2207df
Bisecting: 7 revisions left to test after this (roughly 3 steps)
[2fb547911ca54bc9ffa2709c55c9a7638ac50ae4] Merge tag 'thermal-v5.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/thermal/linux

testing commit 2fb547911ca54bc9ffa2709c55c9a7638ac50ae4 with gcc (GCC) 8.4.1 20210217
kernel signature: 9f11e6ceb474c8cb9277a4d3c1fdead0c1db3df63971832c97c6abd4716ea246
all runs: OK
# git bisect good 2fb547911ca54bc9ffa2709c55c9a7638ac50ae4
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[d849ca483dba7546ad176da83bf66d1c013725f6] Merge tag 'io_uring-5.9-2020-09-04' of git://git.kernel.dk/linux-block

testing commit d849ca483dba7546ad176da83bf66d1c013725f6 with gcc (GCC) 8.4.1 20210217
kernel signature: a6f9e057f02604015fa3036015e0100709393891d9f13c8377fb37630d4b453c
all runs: OK
# git bisect good d849ca483dba7546ad176da83bf66d1c013725f6
Bisecting: 1 revision left to test after this (roughly 1 step)
[3b5455636fe26ea21b4189d135a424a6da016418] libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks

testing commit 3b5455636fe26ea21b4189d135a424a6da016418 with gcc (GCC) 8.4.1 20210217
kernel signature: 41371d5ac2ce1433a811483430b5f9cc042f4f7e9b6f4b9fc714c8e469811b83
all runs: OK
# git bisect good 3b5455636fe26ea21b4189d135a424a6da016418
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[8075fc3b113dee1531106aaec3dfa19c8158374d] Merge tag 'block-5.9-2020-09-04' of git://git.kernel.dk/linux-block

testing commit 8075fc3b113dee1531106aaec3dfa19c8158374d with gcc (GCC) 8.4.1 20210217
kernel signature: 9fa2d8a38514452e26178b0135ca8ae23933a1862c3e54554f29527b8ac22988
run #0: crashed: SYZFAIL: wrong response packet
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
run #10: OK
run #11: OK
run #12: OK
run #13: OK
run #14: OK
run #15: OK
run #16: OK
run #17: OK
run #18: OK
run #19: OK
# git bisect bad 8075fc3b113dee1531106aaec3dfa19c8158374d
8075fc3b113dee1531106aaec3dfa19c8158374d is the first bad commit
commit 8075fc3b113dee1531106aaec3dfa19c8158374d
Merge: d849ca483dba 7e24969022cb
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date:   Fri Sep 4 13:04:51 2020 -0700

    Merge tag 'block-5.9-2020-09-04' of git://git.kernel.dk/linux-block
    
    Pull block fixes from Jens Axboe:
     "A bit larger than usual this week, mostly due to the NVMe fixes
      arriving late for -rc3 and hence didn't make last weeks pull request.
    
       - NVMe:
            - instance leak and io boundary fixes from Keith
            - fc locking fix from Christophe
            - various tcp/rdma reset during traffic fixes from Sagi
            - pci use-after-free fix from Tong
            - tcp target null deref fix from Ziye
    
       - Locking fix for partition removal (Christoph)
    
       - Ensure bdi->io_pages is always set (me)
    
       - Fixup for hd struct reference (Ming)
    
       - Fix for zero length bvecs (Ming)
    
       - Two small blk-iocost fixes (Tejun)"
    
    * tag 'block-5.9-2020-09-04' of git://git.kernel.dk/linux-block:
      block: allow for_each_bvec to support zero len bvec
      blk-stat: make q->stats->lock irqsafe
      blk-iocost: ioc_pd_free() shouldn't assume irq disabled
      block: fix locking in bdev_del_partition
      block: release disk reference in hd_struct_free_work
      block: ensure bdi->io_pages is always initialized
      nvme-pci: cancel nvme device request before disabling
      nvme: only use power of two io boundaries
      nvme: fix controller instance leak
      nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()'
      nvme: Fix NULL dereference for pci nvme controllers
      nvme-rdma: fix reset hang if controller died in the middle of a reset
      nvme-rdma: fix timeout handler
      nvme-rdma: serialize controller teardown sequences
      nvme-tcp: fix reset hang if controller died in the middle of a reset
      nvme-tcp: fix timeout handler
      nvme-tcp: serialize controller teardown sequences
      nvme: have nvme_wait_freeze_timeout return if it timed out
      nvme-fabrics: don't check state NVME_CTRL_NEW for request acceptance
      nvmet-tcp: Fix NULL dereference when a connect data comes in h2cdata pdu

 block/blk-core.c            |  1 +
 block/blk-iocost.c          |  5 +--
 block/blk-stat.c            | 17 ++++++----
 block/partitions/core.c     | 37 ++++++++++++---------
 drivers/nvme/host/core.c    | 56 ++++++++++++++++++++++++-------
 drivers/nvme/host/fabrics.c |  1 -
 drivers/nvme/host/nvme.h    |  2 +-
 drivers/nvme/host/pci.c     |  4 +--
 drivers/nvme/host/rdma.c    | 68 ++++++++++++++++++++++++++++----------
 drivers/nvme/host/tcp.c     | 80 ++++++++++++++++++++++++++++++++-------------
 drivers/nvme/target/fc.c    |  4 +--
 drivers/nvme/target/tcp.c   | 10 +++++-
 include/linux/bvec.h        |  9 ++++-
 13 files changed, 212 insertions(+), 82 deletions(-)

Reproducer flagged being flaky
revisions tested: 19, total time: 5h49m32.892546836s (build: 2h8m36.164128697s, test: 3h38m36.224802642s)
first bad commit: 8075fc3b113dee1531106aaec3dfa19c8158374d Merge tag 'block-5.9-2020-09-04' of git://git.kernel.dk/linux-block
recipients (to): ["torvalds@linux-foundation.org"]
recipients (cc): []
crash: SYZFAIL: wrong response packet
2021/02/27 10:42:08 result: hanged=false err=executor 4: exit status 67
SYZFAIL: wrong response packet
 (errno 16: Device or resource busy)
loop exited with status 67


SYZFAIL: wrong response packet
 (errno 16: Device or resource busy)
loop exited with status 67
2021/02/27 10:42:11 executed programs: 32
2021/02/27 10:42:16 executed programs: 499