bisecting cause commit starting from 9dcd936c5312f870955f108e8a1bfebf3eb6f688
building syzkaller on ba6ddb4336e8a17ba03cb9fe9e7ed5c76e115d43
testing commit 9dcd936c5312f870955f108e8a1bfebf3eb6f688 with gcc (GCC) 8.1.0
run #0: OK
run #1: crashed: INFO: task hung in evdev_flush
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
testing release v4.18
testing commit 94710cac0ef4ee177a63b5227664b38c95bbf703 with gcc (GCC) 8.1.0
all runs: OK
# git bisect start 9dcd936c5312f870955f108e8a1bfebf3eb6f688 v4.18
Bisecting: 7495 revisions left to test after this (roughly 13 steps)
[c1c2ad82c772966d3cdb9a4852329fa2cf71853a] Merge tag 'edac_for_4.19' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bp
testing commit c1c2ad82c772966d3cdb9a4852329fa2cf71853a with gcc (GCC) 8.1.0
run #0: crashed: INFO: task hung in evdev_flush
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad c1c2ad82c772966d3cdb9a4852329fa2cf71853a
Bisecting: 4309 revisions left to test after this (roughly 12 steps)
[0a957467c5fd46142bc9c52758ffc552d4c5e2f7] x86: i8259: Add missing include file
testing commit 0a957467c5fd46142bc9c52758ffc552d4c5e2f7 with gcc (GCC) 8.1.0
run #0: crashed: INFO: task hung in evdev_release
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 0a957467c5fd46142bc9c52758ffc552d4c5e2f7
Bisecting: 1595 revisions left to test after this (roughly 11 steps)
[958f338e96f874a0d29442396d6adf9c1e17aa2d] Merge branch 'l1tf-final' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
testing commit 958f338e96f874a0d29442396d6adf9c1e17aa2d with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 958f338e96f874a0d29442396d6adf9c1e17aa2d
Bisecting: 854 revisions left to test after this (roughly 10 steps)
[2c20443ec221dcb76484b30933593e8ecd836bbd] Merge tag 'acpi-4.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
testing commit 2c20443ec221dcb76484b30933593e8ecd836bbd with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 2c20443ec221dcb76484b30933593e8ecd836bbd
Bisecting: 499 revisions left to test after this (roughly 9 steps)
[4aa5db22d35588e1a5d2ee88472348ea73d9fb23] Merge branch 'asoc-4.19' into asoc-next
testing commit 4aa5db22d35588e1a5d2ee88472348ea73d9fb23 with gcc (GCC) 8.1.0
run #0: basic kernel testing failed: timed out
run #1: basic kernel testing failed: timed out
run #2: basic kernel testing failed: timed out
run #3: OK
run #4: crashed: INFO: task hung in evdev_flush
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 4aa5db22d35588e1a5d2ee88472348ea73d9fb23
Bisecting: 177 revisions left to test after this (roughly 8 steps)
[caed9d636e857997e923dfe473b9310de645d916] ASoC: Intel: bytcr_rt5651: Reporting button presses
testing commit caed9d636e857997e923dfe473b9310de645d916 with gcc (GCC) 8.1.0
run #0: basic kernel testing failed: timed out
run #1: basic kernel testing failed: timed out
run #2: basic kernel testing failed: timed out
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect good caed9d636e857997e923dfe473b9310de645d916
Bisecting: 89 revisions left to test after this (roughly 7 steps)
[c8cb5f775c8dacb605e628a320ded42be3bd9453] ASoC: wcd9335: add CLASS-H Controller support
testing commit c8cb5f775c8dacb605e628a320ded42be3bd9453 with gcc (GCC) 8.1.0
run #0: basic kernel testing failed: timed out
run #1: basic kernel testing failed: timed out
run #2: basic kernel testing failed: timed out
run #3: basic kernel testing failed: timed out
run #4: basic kernel testing failed: timed out
run #5: basic kernel testing failed: timed out
run #6: basic kernel testing failed: timed out
run #7: OK
run #8: OK
run #9: OK
# git bisect skip c8cb5f775c8dacb605e628a320ded42be3bd9453
Bisecting: 89 revisions left to test after this (roughly 7 steps)
[110743189c863e96dc08a581d56c50b965870a3f] ASoC: qdsp6: q6afe-dai: do not close port if its not opened
testing commit 110743189c863e96dc08a581d56c50b965870a3f with gcc (GCC) 8.1.0
run #0: basic kernel testing failed: timed out
run #1: basic kernel testing failed: timed out
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect good 110743189c863e96dc08a581d56c50b965870a3f
Bisecting: 86 revisions left to test after this (roughly 7 steps)
[fe65324e3f5205072a2d55ac9c63ec77155fa528] ASoC: Intel: Skylake: fix widget handling
testing commit fe65324e3f5205072a2d55ac9c63ec77155fa528 with gcc (GCC) 8.1.0
run #0: basic kernel testing failed: timed out
run #1: basic kernel testing failed: timed out
run #2: basic kernel testing failed: timed out
run #3: basic kernel testing failed: timed out
run #4: basic kernel testing failed: timed out
run #5: OK
run #6: crashed: INFO: task hung in evdev_flush
run #7: OK
run #8: OK
run #9: OK
# git bisect bad fe65324e3f5205072a2d55ac9c63ec77155fa528
Bisecting: 28 revisions left to test after this (roughly 5 steps)
[a0d1d867c262f4ad5d8e4925e2212711ebdbf2b7] ASoC: Intel: bytcr_rt5651: Add mono speaker quirk
testing commit a0d1d867c262f4ad5d8e4925e2212711ebdbf2b7 with gcc (GCC) 8.1.0
run #0: basic kernel testing failed: timed out
run #1: basic kernel testing failed: timed out
run #2: basic kernel testing failed: timed out
run #3: basic kernel testing failed: timed out
run #4: crashed: INFO: task hung in evdev_release
run #5: crashed: INFO: task hung in evdev_flush
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad a0d1d867c262f4ad5d8e4925e2212711ebdbf2b7
Bisecting: 13 revisions left to test after this (roughly 4 steps)
[6dc4fa179fb86d2c986b2bc8a8377fe4d8c0428d] ASoC: meson: add axg fifo base driver
testing commit 6dc4fa179fb86d2c986b2bc8a8377fe4d8c0428d with gcc (GCC) 8.1.0
run #0: basic kernel testing failed: timed out
run #1: basic kernel testing failed: timed out
run #2: basic kernel testing failed: timed out
run #3: crashed: INFO: task hung in evdev_release
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 6dc4fa179fb86d2c986b2bc8a8377fe4d8c0428d
Bisecting: 7 revisions left to test after this (roughly 3 steps)
[19e023e3befb4cb64b4a81b47a92a0c687672661] ASoC: AMD: For capture have interrupts on I2S->ACP channel
testing commit 19e023e3befb4cb64b4a81b47a92a0c687672661 with gcc (GCC) 8.1.0
run #0: basic kernel testing failed: timed out
run #1: basic kernel testing failed: timed out
run #2: basic kernel testing failed: timed out
run #3: basic kernel testing failed: timed out
run #4: basic kernel testing failed: timed out
run #5: basic kernel testing failed: timed out
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect good 19e023e3befb4cb64b4a81b47a92a0c687672661
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[791940779d651c2219e97702d2245b5420b0c8ae] ASoC: qdsp6: q6routing: remove component framework related code
testing commit 791940779d651c2219e97702d2245b5420b0c8ae with gcc (GCC) 8.1.0
run #0: basic kernel testing failed: timed out
run #1: basic kernel testing failed: timed out
run #2: basic kernel testing failed: timed out
run #3: basic kernel testing failed: timed out
run #4: basic kernel testing failed: timed out
run #5: basic kernel testing failed: timed out
run #6: basic kernel testing failed: timed out
run #7: OK
run #8: OK
run #9: OK
# git bisect skip 791940779d651c2219e97702d2245b5420b0c8ae
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[bf270262b7b8bb7b48a846c613f74e800abba392] ASoC: hdac_hdmi: Add documentation for power management
testing commit bf270262b7b8bb7b48a846c613f74e800abba392 with gcc (GCC) 8.1.0
run #0: basic kernel testing failed: timed out
run #1: basic kernel testing failed: timed out
run #2: basic kernel testing failed: timed out
run #3: basic kernel testing failed: timed out
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect good bf270262b7b8bb7b48a846c613f74e800abba392
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[e32d99af6830c9a8f37b4f2637ef0cdc60fa79fb] ASoC: meson: add axg fifos DT binding documentation
testing commit e32d99af6830c9a8f37b4f2637ef0cdc60fa79fb with gcc (GCC) 8.1.0
run #0: basic kernel testing failed: timed out
run #1: basic kernel testing failed: timed out
run #2: basic kernel testing failed: timed out
run #3: basic kernel testing failed: timed out
run #4: OK
run #5: crashed: INFO: task hung in evdev_release
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad e32d99af6830c9a8f37b4f2637ef0cdc60fa79fb
e32d99af6830c9a8f37b4f2637ef0cdc60fa79fb is the first bad commit
commit e32d99af6830c9a8f37b4f2637ef0cdc60fa79fb
Author: Jerome Brunet <jbrunet@baylibre.com>
Date:   Tue Jul 17 17:42:50 2018 +0200

    ASoC: meson: add axg fifos DT binding documentation
    
    Add the DT bindings documentation for axg's FIFOs: TODDR and FRDDR.
    
    Signed-off-by: Jerome Brunet <jbrunet@baylibre.com>
    Signed-off-by: Mark Brown <broonie@kernel.org>

:040000 040000 0d25a49b861f4a4278b3eb186977c2e0a914224e a9e2f6e11dd73456e2303045116a10a3a7e0348c M	Documentation
revisions tested: 17, total time: 4h55m19.804750865s (build: 1h37m18.979827732s, test: 3h11m20.333902084s)
first bad commit: e32d99af6830c9a8f37b4f2637ef0cdc60fa79fb ASoC: meson: add axg fifos DT binding documentation
cc: ["alsa-devel@alsa-project.org" "broonie@kernel.org" "devicetree@vger.kernel.org" "jbrunet@baylibre.com" "lgirdwood@gmail.com" "linux-kernel@vger.kernel.org" "mark.rutland@arm.com" "robh+dt@kernel.org"]
crash: INFO: task hung in evdev_release
team0 (unregistering): Port device team_slave_1 removed
team0 (unregistering): Port device team_slave_0 removed
bond0 (unregistering): Releasing backup interface bond_slave_1
bond0 (unregistering): Releasing backup interface bond_slave_0
bond0 (unregistering): Released all slaves
INFO: task syz-executor2:6879 blocked for more than 140 seconds.
      Not tainted 4.18.0-rc1+ #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor2   D22728  6879   5243 0x80000002
Call Trace:
 context_switch kernel/sched/core.c:2862 [inline]
 __schedule+0x836/0x1f40 kernel/sched/core.c:3504
 schedule+0xfe/0x460 kernel/sched/core.c:3548
 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3606
 __mutex_lock_common kernel/locking/mutex.c:834 [inline]
 __mutex_lock+0xe62/0x1890 kernel/locking/mutex.c:894
 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
 evdev_close_device drivers/input/evdev.c:447 [inline]
 evdev_release+0xdd/0x1a0 drivers/input/evdev.c:488
 __fput+0x2ec/0x990 fs/file_table.c:209
 ____fput+0x9/0x10 fs/file_table.c:243
 task_work_run+0x19f/0x240 kernel/task_work.c:113
 exit_task_work include/linux/task_work.h:22 [inline]
 do_exit+0x1767/0x23b0 kernel/exit.c:865
 do_group_exit+0x13d/0x3c0 kernel/exit.c:968
 get_signal+0x6c9/0x14b0 kernel/signal.c:2468
 do_signal+0x9c/0x21e0 arch/x86/kernel/signal.c:816
 exit_to_usermode_loop+0x1ce/0x300 arch/x86/entry/common.c:162
 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:268 [inline]
 do_syscall_64+0x587/0x700 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457669
Code: 0f 7f 28 f3 0f 7f 70 10 f3 0f 7f 78 20 f3 44 0f 7f 40 30 f3 44 0f 7f 48 40 f3 44 0f 7f 50 50 f3 44 0f 7f 58 60 f3 44 0f 7f 60 <70> c3 cc cc cc cc cc 48 8d 74 24 08 48 8b 3c 24 48 8d 05 10 00 00 
RSP: 002b:00007f46ee6f8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffea RBX: 0000000000000003 RCX: 0000000000457669
RDX: 0000000020013000 RSI: 000000008040450a RDI: 0000000000000004
RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f46ee6f96d4
R13: 00000000004bf430 R14: 00000000004cf230 R15: 00000000ffffffff
INFO: task syz-executor4:6886 blocked for more than 140 seconds.
      Not tainted 4.18.0-rc1+ #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor4   D22472  6886   5245 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:2862 [inline]
 __schedule+0x836/0x1f40 kernel/sched/core.c:3504
 schedule+0xfe/0x460 kernel/sched/core.c:3548
 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3606
 __mutex_lock_common kernel/locking/mutex.c:834 [inline]
 __mutex_lock+0xe62/0x1890 kernel/locking/mutex.c:894
 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
 evdev_close_device drivers/input/evdev.c:447 [inline]
 evdev_release+0xdd/0x1a0 drivers/input/evdev.c:488
 __fput+0x2ec/0x990 fs/file_table.c:209
 ____fput+0x9/0x10 fs/file_table.c:243
 task_work_run+0x19f/0x240 kernel/task_work.c:113
 tracehook_notify_resume include/linux/tracehook.h:192 [inline]
 exit_to_usermode_loop+0x267/0x300 arch/x86/entry/common.c:166
 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:268 [inline]
 do_syscall_64+0x587/0x700 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x410ff1
Code: 30 48 89 4c 24 10 e8 8e 09 00 00 48 8b 44 24 28 48 89 04 24 48 8b 44 24 30 48 89 44 24 08 e8 36 5d 04 00 48 8b 6c 24 18 48 83 <c4> 20 c3 cc cc cc cc cc cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff 
RSP: 002b:00007ffe2eae1f00 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000410ff1
RDX: 0000000000000000 RSI: 0000000000730488 RDI: 0000000000000004
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 00007ffe2eae1e30 R11: 0000000000000293 R12: 0000000000000000
R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000004

Showing all locks held in the system:
1 lock held by khungtaskd/983:
 #0: (____ptrval____) (rcu_read_lock){....}, at: debug_show_all_locks+0xd0/0x424 kernel/locking/lockdep.c:4461
2 locks held by rsyslogd/5000:
 #0: (____ptrval____) (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x170/0x1d0 fs/file.c:766
 #1: (____ptrval____) (&rq->lock){-.-.}, at: finish_wait+0x119/0x430 kernel/sched/wait.c:364
2 locks held by getty/5090:
 #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:365
 #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2fd/0x1b60 drivers/tty/n_tty.c:2131
2 locks held by getty/5091:
 #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:365
 #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2fd/0x1b60 drivers/tty/n_tty.c:2131
2 locks held by getty/5092:
 #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:365
 #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2fd/0x1b60 drivers/tty/n_tty.c:2131
2 locks held by getty/5093:
 #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:365
 #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2fd/0x1b60 drivers/tty/n_tty.c:2131
2 locks held by getty/5094:
 #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:365
 #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2fd/0x1b60 drivers/tty/n_tty.c:2131
2 locks held by getty/5095:
 #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:365
 #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2fd/0x1b60 drivers/tty/n_tty.c:2131
2 locks held by getty/5096:
 #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:365
 #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2fd/0x1b60 drivers/tty/n_tty.c:2131
1 lock held by syz-executor2/6879:
 #0: (____ptrval____) (&evdev->mutex){+.+.}, at: evdev_close_device drivers/input/evdev.c:447 [inline]
 #0: (____ptrval____) (&evdev->mutex){+.+.}, at: evdev_release+0xdd/0x1a0 drivers/input/evdev.c:488
1 lock held by syz-executor4/6886:
 #0: (____ptrval____) (&evdev->mutex){+.+.}, at: evdev_close_device drivers/input/evdev.c:447 [inline]
 #0: (____ptrval____) (&evdev->mutex){+.+.}, at: evdev_release+0xdd/0x1a0 drivers/input/evdev.c:488
1 lock held by syz-executor0/6916:
 #0: (____ptrval____) (&evdev->mutex){+.+.}, at: evdev_ioctl_handler+0x7b/0x140 drivers/input/evdev.c:1299
1 lock held by syz-executor0/6934:
 #0: (____ptrval____) (&evdev->mutex){+.+.}, at: evdev_ioctl_handler+0x7b/0x140 drivers/input/evdev.c:1299

=============================================

NMI backtrace for cpu 0
CPU: 0 PID: 983 Comm: khungtaskd Not tainted 4.18.0-rc1+ #1
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x16e/0x22a lib/dump_stack.c:113
 nmi_cpu_backtrace.cold.5+0x13/0xb1 lib/nmi_backtrace.c:103
 nmi_trigger_cpumask_backtrace+0xf5/0x119 lib/nmi_backtrace.c:62
 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
 trigger_all_cpu_backtrace include/linux/nmi.h:138 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:196 [inline]
 watchdog+0x6e5/0xbe0 kernel/hung_task.c:252
 kthread+0x319/0x3e0 kernel/kthread.c:240
 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:412
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at native_safe_halt+0x6/0x10 arch/x86/include/asm/irqflags.h:54