ci starts bisection 2023-06-02 18:00:10.292766444 +0000 UTC m=+100763.790721000
bisecting fixing commit since 98555239e4c3aab1810d84073166eef6d54eeb3d
building syzkaller on 86777b7fb4a452ebbd7430a2c4add0486734922b
ensuring issue is reproducible on original commit 98555239e4c3aab1810d84073166eef6d54eeb3d
testing commit 98555239e4c3aab1810d84073166eef6d54eeb3d gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: fc61949a4f1676baf500d8a9be5e5484fa851fc463ac6a72ef2bbbf15427b63b
run #0: crashed: general protection fault in skb_queue_tail
run #1: crashed: general protection fault in skb_queue_tail
run #2: crashed: general protection fault in skb_queue_tail
run #3: crashed: general protection fault in skb_queue_tail
run #4: crashed: general protection fault in skb_queue_tail
run #5: crashed: general protection fault in skb_queue_tail
run #6: crashed: general protection fault in skb_queue_tail
run #7: crashed: general protection fault in skb_queue_tail
run #8: crashed: general protection fault in skb_queue_tail
run #9: crashed: general protection fault in skb_queue_tail
run #10: crashed: general protection fault in skb_queue_tail
run #11: crashed: general protection fault in skb_queue_tail
run #12: crashed: general protection fault in skb_queue_tail
run #13: crashed: general protection fault in skb_queue_tail
run #14: crashed: general protection fault in skb_queue_tail
run #15: crashed: general protection fault in skb_queue_tail
run #16: crashed: general protection fault in skb_queue_tail
run #17: crashed: general protection fault in skb_queue_tail
run #18: crashed: general protection fault in skb_queue_tail
run #19: crashed: SYZFATAL: executor failed NUM times: executor NUM: failed to write control pipe: write |NUM: broken pipe
testing current HEAD 5321d1b1afb9a17302c6cec79f0cbf823eb0d3fc
testing commit 5321d1b1afb9a17302c6cec79f0cbf823eb0d3fc gcc
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 7915643df5cf8dee2c99aa630f814827098efab88e56add2dec0cc1a4785ada8
all runs: crashed: INFO: trying to register non-static key in skb_queue_tail
crash still not fixed/happens on the oldest tested release
revisions tested: 2, total time: 35m1.512719023s (build: 26m45.53136018s, test: 7m3.275057462s)
crash still not fixed on HEAD or HEAD had kernel test errors
commit msg: Merge tag 'riscv-for-linus-6.4-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux
crash: INFO: trying to register non-static key in skb_queue_tail
INFO: trying to register non-static key.
The code is fine but needs lockdep annotation, or maybe
you didn't initialize this object before use?
turning off the locking correctness validator.
CPU: 1 PID: 21 Comm: ksoftirqd/1 Not tainted 6.4.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
dump_stack_lvl+0x167/0x220
assign_lock_key+0x222/0x230
register_lock_class+0x28e/0x990
__lock_acquire+0xd3/0x2070
lock_acquire+0x1e3/0x520
_raw_spin_lock_irqsave+0xd5/0x120
skb_queue_tail+0x30/0x120
hif_usb_regout_cb+0x101/0x130
__usb_hcd_giveback_urb+0x222/0x360
dummy_timer+0xa30/0x2de0
call_timer_fn+0x12f/0x3a0
__run_timers+0x59f/0x6e0
run_timer_softirq+0x4a/0xb0
__do_softirq+0x2ab/0x908
__irq_exit_rcu+0x159/0x240
irq_exit_rcu+0x9/0x20
sysvec_apic_timer_interrupt+0x95/0xb0
asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:finish_lock_switch+0x95/0x110
Code: 45 31 c9 68 a7 89 54 81 e8 e8 9c 09 00 48 83 c4 08 4c 89 ff e8 6c a8 fe ff 66 90 4c 89 ff e8 d2 89 ff 07 e8 6d 22 2b 00 fb 5b <41> 5c 41 5d 41 5e 41 5f c3 44 89 f1 80 e1 07 80 c1 03 38 c1 7c 83
RSP: 0018:ffffc900001b7b98 EFLAGS: 00000286
RAX: 7b1435c198d9b700 RBX: ffff8880156bbbb4 RCX: ffffffff900f5003
RDX: dffffc0000000000 RSI: ffffffff898a4aa0 RDI: ffffffff89d99940
RBP: ffffc900001b7c10 R08: dffffc0000000000 R09: fffffbfff19abf6e
R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
R13: 1ffff110173a79cb R14: ffff8880b9d3ce58 R15: ffff8880b9d3c100
finish_task_switch+0x134/0x610
__schedule+0x1861/0x48c0
schedule+0xc3/0x180
smpboot_thread_fn+0x545/0x890
kthread+0x276/0x2f0
ret_from_fork+0x1f/0x30
general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
CPU: 1 PID: 21 Comm: ksoftirqd/1 Not tainted 6.4.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
RIP: 0010:skb_queue_tail+0xb6/0x120
Code: 09 52 fa 4d 89 2f 49 bf 00 00 00 00 00 fc ff df 42 80 7c 3d 00 00 74 08 4c 89 f7 e8 74 09 52 fa 49 89 1e 4c 89 e8 48 c1 e8 03 <42> 80 3c 38 00 74 08 4c 89 ef e8 5b 09 52 fa 49 89 5d 00 49 83 c4
RSP: 0018:ffffc900001e07d8 EFLAGS: 00010046
RAX: 0000000000000000 RBX: ffff888070e04280 RCX: dffffc0000000000
RDX: dffffc0000000000 RSI: 0000000000000004 RDI: ffffc900001e06c0
RBP: 1ffff1100dbbf71b R08: dffffc0000000000 R09: 0000000000000003
R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88806ddfb8d0
R13: 0000000000000000 R14: ffff88806ddfb8d8 R15: dffffc0000000000
FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ff455146440 CR3: 0000000027e00000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
hif_usb_regout_cb+0x101/0x130
__usb_hcd_giveback_urb+0x222/0x360
dummy_timer+0xa30/0x2de0
call_timer_fn+0x12f/0x3a0
__run_timers+0x59f/0x6e0
run_timer_softirq+0x4a/0xb0
__do_softirq+0x2ab/0x908
__irq_exit_rcu+0x159/0x240
irq_exit_rcu+0x9/0x20
sysvec_apic_timer_interrupt+0x95/0xb0
asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:finish_lock_switch+0x95/0x110
Code: 45 31 c9 68 a7 89 54 81 e8 e8 9c 09 00 48 83 c4 08 4c 89 ff e8 6c a8 fe ff 66 90 4c 89 ff e8 d2 89 ff 07 e8 6d 22 2b 00 fb 5b <41> 5c 41 5d 41 5e 41 5f c3 44 89 f1 80 e1 07 80 c1 03 38 c1 7c 83
RSP: 0018:ffffc900001b7b98 EFLAGS: 00000286
RAX: 7b1435c198d9b700 RBX: ffff8880156bbbb4 RCX: ffffffff900f5003
RDX: dffffc0000000000 RSI: ffffffff898a4aa0 RDI: ffffffff89d99940
RBP: ffffc900001b7c10 R08: dffffc0000000000 R09: fffffbfff19abf6e
R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
R13: 1ffff110173a79cb R14: ffff8880b9d3ce58 R15: ffff8880b9d3c100
finish_task_switch+0x134/0x610
__schedule+0x1861/0x48c0
schedule+0xc3/0x180
smpboot_thread_fn+0x545/0x890
kthread+0x276/0x2f0
ret_from_fork+0x1f/0x30
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:skb_queue_tail+0xb6/0x120
Code: 09 52 fa 4d 89 2f 49 bf 00 00 00 00 00 fc ff df 42 80 7c 3d 00 00 74 08 4c 89 f7 e8 74 09 52 fa 49 89 1e 4c 89 e8 48 c1 e8 03 <42> 80 3c 38 00 74 08 4c 89 ef e8 5b 09 52 fa 49 89 5d 00 49 83 c4
RSP: 0018:ffffc900001e07d8 EFLAGS: 00010046
RAX: 0000000000000000 RBX: ffff888070e04280 RCX: dffffc0000000000
RDX: dffffc0000000000 RSI: 0000000000000004 RDI: ffffc900001e06c0
RBP: 1ffff1100dbbf71b R08: dffffc0000000000 R09: 0000000000000003
R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88806ddfb8d0
R13: 0000000000000000 R14: ffff88806ddfb8d8 R15: dffffc0000000000
FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ff455146440 CR3: 0000000027e00000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
0: 45 31 c9 xor %r9d,%r9d
3: 68 a7 89 54 81 pushq $0xffffffff815489a7
8: e8 e8 9c 09 00 callq 0x99cf5
d: 48 83 c4 08 add $0x8,%rsp
11: 4c 89 ff mov %r15,%rdi
14: e8 6c a8 fe ff callq 0xfffea885
19: 66 90 xchg %ax,%ax
1b: 4c 89 ff mov %r15,%rdi
1e: e8 d2 89 ff 07 callq 0x7ff89f5
23: e8 6d 22 2b 00 callq 0x2b2295
28: fb sti
29: 5b pop %rbx
* 2a: 41 5c pop %r12 <-- trapping instruction
2c: 41 5d pop %r13
2e: 41 5e pop %r14
30: 41 5f pop %r15
32: c3 retq
33: 44 89 f1 mov %r14d,%ecx
36: 80 e1 07 and $0x7,%cl
39: 80 c1 03 add $0x3,%cl
3c: 38 c1 cmp %al,%cl
3e: 7c 83 jl 0xffffffc3