bisecting cause commit starting from d64c6f96ba86bd8b97ed8d6762a8c8cc1770d214 building syzkaller on 04201c0669446145fd9c347c5538da0ca13ff29b testing commit d64c6f96ba86bd8b97ed8d6762a8c8cc1770d214 with gcc (GCC) 8.1.0 kernel signature: cf87cc5e78de51930955cf3940d7768abb99476fdaa291f33d1daa83399806a9 all runs: crashed: kernel BUG at lib/string.c:LINE! testing release v5.10 testing commit 2c85ebc57b3e1817b6ce1a6b703928e113a90442 with gcc (GCC) 8.1.0 kernel signature: f5760b2c445d15f5ece92b856df5a49be8c93d3d22f6cda3cb5ed85afe8f4ee1 all runs: OK # git bisect start d64c6f96ba86bd8b97ed8d6762a8c8cc1770d214 2c85ebc57b3e1817b6ce1a6b703928e113a90442 Bisecting: 5617 revisions left to test after this (roughly 13 steps) [c367caf1a38b6f0a1aababafd88b00fefa625f9e] Merge tag 'sound-5.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound testing commit c367caf1a38b6f0a1aababafd88b00fefa625f9e with gcc (GCC) 8.1.0 kernel signature: 805eae9903bed9f2a4a22194291fba773f1e1cb567d1a206029fc4f55bc04a2e all runs: OK # git bisect good c367caf1a38b6f0a1aababafd88b00fefa625f9e Bisecting: 2754 revisions left to test after this (roughly 12 steps) [ac7ac4618cf25e0d5cd8eba83d5f600084b65b9a] Merge tag 'for-5.11/block-2020-12-14' of git://git.kernel.dk/linux-block testing commit ac7ac4618cf25e0d5cd8eba83d5f600084b65b9a with gcc (GCC) 8.1.0 kernel signature: bda9b15e2cc54e7c8f1331dc1b1aa51ecd285f89482c1cd7e72c64bdb9a82455 all runs: crashed: kernel BUG at lib/string.c:LINE! # git bisect bad ac7ac4618cf25e0d5cd8eba83d5f600084b65b9a Bisecting: 1420 revisions left to test after this (roughly 11 steps) [61f914256c56a39a96dc14eae9f394d35b934812] Merge tag 'platform-drivers-x86-v5.11-1' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86 testing commit 61f914256c56a39a96dc14eae9f394d35b934812 with gcc (GCC) 8.1.0 kernel signature: cc19fea8140b9da95fdd481c1c5ac7bbfcff071429183c8fbcd671e27473bd5b all runs: OK # git bisect good 61f914256c56a39a96dc14eae9f394d35b934812 Bisecting: 734 revisions left to test after this (roughly 10 steps) [9867cb1fd510187d8f828540bdb48f78fceb70b3] Merge tag 'jfs-5.11' of git://github.com/kleikamp/linux-shaggy testing commit 9867cb1fd510187d8f828540bdb48f78fceb70b3 with gcc (GCC) 8.1.0 kernel signature: 82a78e7cd448ce98607f15296f48a6e2b74cf127d93f4ec8e3691f98bca505d0 all runs: OK # git bisect good 9867cb1fd510187d8f828540bdb48f78fceb70b3 Bisecting: 369 revisions left to test after this (roughly 9 steps) [7194850efa47c8dac6e805087dd23c7b03af019d] Merge tag 'linux-kselftest-next-5.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest testing commit 7194850efa47c8dac6e805087dd23c7b03af019d with gcc (GCC) 8.1.0 kernel signature: 0f722ab7476f242f376a9a1ccc442f56b120ed7fb9499694c6eb57cd604639d1 all runs: crashed: kernel BUG at lib/string.c:LINE! # git bisect bad 7194850efa47c8dac6e805087dd23c7b03af019d Bisecting: 184 revisions left to test after this (roughly 8 steps) [6febd8bef36e64fc1f4aaff1f6302be5c653ad64] Merge branch 'signal-for-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace testing commit 6febd8bef36e64fc1f4aaff1f6302be5c653ad64 with gcc (GCC) 8.1.0 kernel signature: ab6c70b503498d5bf392953c6931fbf29b830167ac7717567990592530f217a5 all runs: OK # git bisect good 6febd8bef36e64fc1f4aaff1f6302be5c653ad64 Bisecting: 98 revisions left to test after this (roughly 7 steps) [8958b2491104d7f254cff0698505392582dbc13a] mm: fix some spelling mistakes in comments testing commit 8958b2491104d7f254cff0698505392582dbc13a with gcc (GCC) 8.1.0 kernel signature: 2b2382efcac37850d1ab68ac3422f9a81cac28987cad9056e25a76b277b0ce65 all runs: crashed: kernel BUG at lib/string.c:LINE! # git bisect bad 8958b2491104d7f254cff0698505392582dbc13a Bisecting: 42 revisions left to test after this (roughly 6 steps) [03f4935135b9efeb780b970ba023c201f81cf4e6] checkpatch: fix unescaped left brace testing commit 03f4935135b9efeb780b970ba023c201f81cf4e6 with gcc (GCC) 8.1.0 kernel signature: 469d9ec53f12c8201019adc0be8d408be5342f79479afbf165f5689248c4d3ee all runs: crashed: kernel BUG at lib/string.c:LINE! # git bisect bad 03f4935135b9efeb780b970ba023c201f81cf4e6 Bisecting: 21 revisions left to test after this (roughly 5 steps) [2f78788b55baa3410b1ec91a576286abe1ad4d6a] ilog2: improve ilog2 for constant arguments testing commit 2f78788b55baa3410b1ec91a576286abe1ad4d6a with gcc (GCC) 8.1.0 kernel signature: 76270a7a9fecaeeafd4ecef38226ff67b4f8068406c73d8238ad20dc4acecf05 run #0: crashed: WARNING in __queue_work run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK reproducer seems to be flaky # git bisect bad 2f78788b55baa3410b1ec91a576286abe1ad4d6a Bisecting: 10 revisions left to test after this (roughly 3 steps) [35189b8ff18ee0c6f7c04f4c674584d1149d5c55] kernel/acct.c: use #elif instead of #end and #elif testing commit 35189b8ff18ee0c6f7c04f4c674584d1149d5c55 with gcc (GCC) 8.1.0 kernel signature: 24fbf3dc8aac14addc88734ec76754e3106edfd43158775e8d512babe91161cc all runs: OK # git bisect good 35189b8ff18ee0c6f7c04f4c674584d1149d5c55 Bisecting: 5 revisions left to test after this (roughly 3 steps) [47e684aaa2661b2af39474a12d05447865ce9184] lib/stackdepot.c: use flex_array_size() helper in memcpy() testing commit 47e684aaa2661b2af39474a12d05447865ce9184 with gcc (GCC) 8.1.0 kernel signature: 43c6516a55ad98518ac3fd53021f361e7ae3220e1bffe9ce8d380ef5a288d144 all runs: OK # git bisect good 47e684aaa2661b2af39474a12d05447865ce9184 Bisecting: 2 revisions left to test after this (roughly 2 steps) [e291851d65495739e4eede33b6bc387bb546a19b] lib/cmdline: fix get_option() for strings starting with hyphen testing commit e291851d65495739e4eede33b6bc387bb546a19b with gcc (GCC) 8.1.0 kernel signature: 93e4a000425be1dc996ca403d79e241dd3416268d3a9ed57367a723a9c2e2708 all runs: OK # git bisect good e291851d65495739e4eede33b6bc387bb546a19b Bisecting: 0 revisions left to test after this (roughly 1 step) [7546861a8c55f1d704a6cfd699b33a9e2dd8c021] lib/cmdline_kunit: add a new test suite for cmdline API testing commit 7546861a8c55f1d704a6cfd699b33a9e2dd8c021 with gcc (GCC) 8.1.0 kernel signature: 12b5fada59b61660b52ad4dfbd6c3cdcd6c0a97f3145d6734f96e63b11b67f40 all runs: OK # git bisect good 7546861a8c55f1d704a6cfd699b33a9e2dd8c021 2f78788b55baa3410b1ec91a576286abe1ad4d6a is the first bad commit commit 2f78788b55baa3410b1ec91a576286abe1ad4d6a Author: Jakub Jelinek Date: Tue Dec 15 20:43:37 2020 -0800 ilog2: improve ilog2 for constant arguments As discussed in https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97445 the const_ilog2 macro generates a lot of code which interferes badly with GCC inlining heuristics, until it can be proven that the ilog2 argument can or can't be simplified into a constant. It can be expressed using __builtin_clzll builtin which is supported by GCC 3.4 and later and when used only in the __builtin_constant_p guarded code it ought to always fold back to a constant. Other compilers support the same builtin for many years too. Other option would be to change the const_ilog2 macro, though as the description says it is meant to be used also in C constant expressions, and while GCC will fold it to constant with constant argument even in those, perhaps it is better to avoid using extensions in that case. [akpm@linux-foundation.org: coding style fixes] Link: https://lkml.kernel.org/r/20201120125154.GB3040@hirez.programming.kicks-ass.net Link: https://lkml.kernel.org/r/20201021132718.GB2176@tucnak Signed-off-by: Jakub Jelinek Signed-off-by: Peter Zijlstra (Intel) Cc: Christophe Leroy Cc: Randy Dunlap Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds include/linux/log2.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) culprit signature: 76270a7a9fecaeeafd4ecef38226ff67b4f8068406c73d8238ad20dc4acecf05 parent signature: 12b5fada59b61660b52ad4dfbd6c3cdcd6c0a97f3145d6734f96e63b11b67f40 Reproducer flagged being flaky revisions tested: 15, total time: 3h12m10.822094866s (build: 1h10m43.66043736s, test: 2h0m2.424397426s) first bad commit: 2f78788b55baa3410b1ec91a576286abe1ad4d6a ilog2: improve ilog2 for constant arguments recipients (to): ["akpm@linux-foundation.org" "jakub@redhat.com" "peterz@infradead.org" "torvalds@linux-foundation.org"] recipients (cc): [] crash: WARNING in __queue_work Bluetooth: hci3: command 0x041b tx timeout ------------[ cut here ]------------ WARNING: CPU: 1 PID: 3006 at kernel/workqueue.c:1419 current_wq_worker kernel/workqueue_internal.h:67 [inline] WARNING: CPU: 1 PID: 3006 at kernel/workqueue.c:1419 is_chained_work kernel/workqueue.c:1357 [inline] WARNING: CPU: 1 PID: 3006 at kernel/workqueue.c:1419 __queue_work+0x5a8/0x770 kernel/workqueue.c:1419 Modules linked in: CPU: 1 PID: 3006 Comm: kworker/1:2 Not tainted 5.10.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events hci_cmd_timeout RIP: 0010:__queue_work+0x5a8/0x770 kernel/workqueue.c:1419 Code: 8b c0 61 02 e9 57 fc ff ff 65 8b 05 a2 36 e0 7e a9 00 01 ff 00 75 13 65 48 8b 3c 25 00 70 01 00 f6 47 2c 20 0f 85 9d 00 00 00 <0f> 0b 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b e9 f4 fb RSP: 0018:ffffc900067c3dd8 EFLAGS: 00010006 RAX: ffff88813bd30a00 RBX: ffff888130a72a88 RCX: 0000000000000000 RDX: 0000000080000001 RSI: ffffffff84ac44cc RDI: ffff888103810000 RBP: ffffc900067c3e18 R08: 0000000000000001 R09: 0000000000000001 R10: 0000000000000001 R11: 0000000000000000 R12: ffff88811d822000 R13: 0000000000000008 R14: 0000000000000000 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f2443a6edb8 CR3: 0000000173c0b000 CR4: 00000000001506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: queue_work_on+0x65/0x70 kernel/workqueue.c:1524 process_one_work+0x27a/0x660 kernel/workqueue.c:2275 worker_thread+0x38/0x390 kernel/workqueue.c:2421 kthread+0x144/0x170 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296