bisecting fixing commit since f6d5cb9e2c06f7d583dd9f4f7cca21d13d78c32a building syzkaller on d5a3ae1f760e7cb2cd5a721d9645ae22eae114fe testing commit f6d5cb9e2c06f7d583dd9f4f7cca21d13d78c32a with gcc (GCC) 8.1.0 kernel signature: 95785e345c2a4ffe703e7f2ea50601b041a009b4611a698f1f3f35eedca0511a all runs: crashed: INFO: trying to register non-static key in uhid_dev_destroy testing current HEAD 10ad6cfd57360760116cde00a8ef756e121367a9 testing commit 10ad6cfd57360760116cde00a8ef756e121367a9 with gcc (GCC) 8.1.0 kernel signature: c6023f93149f4e8e2571dfb74ce4dfd2ab5e7090a6f2045534a3c6ec46259102 all runs: OK # git bisect start 10ad6cfd57360760116cde00a8ef756e121367a9 f6d5cb9e2c06f7d583dd9f4f7cca21d13d78c32a Bisecting: 194 revisions left to test after this (roughly 8 steps) [c0a7b7fe0e0f7baa7c1779e401d293d176307c51] ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO testing commit c0a7b7fe0e0f7baa7c1779e401d293d176307c51 with gcc (GCC) 8.1.0 kernel signature: ad0aa8988141bb13d466e8fe952451f99b9cd359a16f50b124336773f0b067a9 all runs: OK # git bisect bad c0a7b7fe0e0f7baa7c1779e401d293d176307c51 Bisecting: 96 revisions left to test after this (roughly 7 steps) [567e1a915e8f0897972d190fd7a7ef8e9a35954c] usb: host: xhci: fix ep context print mismatch in debugfs testing commit 567e1a915e8f0897972d190fd7a7ef8e9a35954c with gcc (GCC) 8.1.0 kernel signature: 4bdbd5af2c6291d29d5082a0d1c959a81b5b236be4d8a560102a8a6e465c780c run #0: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #1: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #2: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #3: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #4: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #5: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #6: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #7: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #8: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #9: crashed: INFO: trying to register non-static key in corrupted # git bisect good 567e1a915e8f0897972d190fd7a7ef8e9a35954c Bisecting: 48 revisions left to test after this (roughly 6 steps) [04b3604008265fb84f8fc7d7646ee652b4546834] MIPS: mm: BMIPS5000 has inclusive physical caches testing commit 04b3604008265fb84f8fc7d7646ee652b4546834 with gcc (GCC) 8.1.0 kernel signature: 1dd91766e05e7d4d36e59ab2c1a7f79126eaed0e871eadcedd4313e2d84c9cc3 all runs: OK # git bisect bad 04b3604008265fb84f8fc7d7646ee652b4546834 Bisecting: 23 revisions left to test after this (roughly 5 steps) [9c7514464430cb4d57182542fc15c09d07eb808d] usb: dwc3: gadget: Handle ZLP for sg requests testing commit 9c7514464430cb4d57182542fc15c09d07eb808d with gcc (GCC) 8.1.0 kernel signature: ec2bf371e54a6dd6fd494a3bcdc544373590f7bb70cbe4c6618dbdf90dd7db31 all runs: crashed: INFO: trying to register non-static key in uhid_dev_destroy # git bisect good 9c7514464430cb4d57182542fc15c09d07eb808d Bisecting: 11 revisions left to test after this (roughly 4 steps) [bb0d61385e21d231322c9f78815c2b4f967b1e84] hwmon: (applesmc) check status earlier. testing commit bb0d61385e21d231322c9f78815c2b4f967b1e84 with gcc (GCC) 8.1.0 kernel signature: 387ca44dd1f2e262217a3dac920b7ba64d5321e013da5c1ad5313ae6a150490e all runs: OK # git bisect bad bb0d61385e21d231322c9f78815c2b4f967b1e84 Bisecting: 5 revisions left to test after this (roughly 3 steps) [a47b8511d90528c77346597e2012100dfc28cd8c] HID: core: Sanitize event code and type when mapping input testing commit a47b8511d90528c77346597e2012100dfc28cd8c with gcc (GCC) 8.1.0 kernel signature: 29d9f72c9af27d82b547eac2036e8e8da4f2ee3fcf690b36d9cada764a626226 all runs: OK # git bisect bad a47b8511d90528c77346597e2012100dfc28cd8c Bisecting: 2 revisions left to test after this (roughly 2 steps) [79361df22e723d97607b4a8e871f0b3720ada7be] ALSA: usb-audio: Update documentation comment for MS2109 quirk testing commit 79361df22e723d97607b4a8e871f0b3720ada7be with gcc (GCC) 8.1.0 kernel signature: e62068b130e53a428fb0045a3ca0050c3a8f49696e23b08ea6b1b65a9ac3fb62 all runs: crashed: INFO: trying to register non-static key in uhid_dev_destroy # git bisect good 79361df22e723d97607b4a8e871f0b3720ada7be Bisecting: 0 revisions left to test after this (roughly 1 step) [abae259fdccc5e41ff302dd80a2b944ce385c970] HID: core: Correctly handle ReportSize being zero testing commit abae259fdccc5e41ff302dd80a2b944ce385c970 with gcc (GCC) 8.1.0 kernel signature: d4fd9983c8713bd22d2653758e3e62efe12b8d5cb9a02f082e22b67d2047217f all runs: OK # git bisect bad abae259fdccc5e41ff302dd80a2b944ce385c970 Bisecting: 0 revisions left to test after this (roughly 0 steps) [c37da90efff5f183bea6ae4c2af33571f61fe317] Linux 4.19.143 testing commit c37da90efff5f183bea6ae4c2af33571f61fe317 with gcc (GCC) 8.1.0 kernel signature: 0194b9dc14b376790008e6948b35027fa3331e2196e1e1e79540a260e5fe3e9b run #0: crashed: INFO: trying to register non-static key in corrupted run #1: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #2: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #3: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #4: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #5: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #6: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #7: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #8: crashed: INFO: trying to register non-static key in uhid_dev_destroy run #9: crashed: INFO: trying to register non-static key in uhid_dev_destroy # git bisect good c37da90efff5f183bea6ae4c2af33571f61fe317 abae259fdccc5e41ff302dd80a2b944ce385c970 is the first bad commit commit abae259fdccc5e41ff302dd80a2b944ce385c970 Author: Marc Zyngier Date: Sat Aug 29 12:26:01 2020 +0100 HID: core: Correctly handle ReportSize being zero commit bce1305c0ece3dc549663605e567655dd701752c upstream. It appears that a ReportSize value of zero is legal, even if a bit non-sensical. Most of the HID code seems to handle that gracefully, except when computing the total size in bytes. When fed as input to memset, this leads to some funky outcomes. Detect the corner case and correctly compute the size. Cc: stable@vger.kernel.org Signed-off-by: Marc Zyngier Signed-off-by: Benjamin Tissoires Signed-off-by: Greg Kroah-Hartman drivers/hid/hid-core.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) culprit signature: d4fd9983c8713bd22d2653758e3e62efe12b8d5cb9a02f082e22b67d2047217f parent signature: 0194b9dc14b376790008e6948b35027fa3331e2196e1e1e79540a260e5fe3e9b revisions tested: 11, total time: 3h6m15.547882076s (build: 1h41m52.797906655s, test: 1h23m9.148297566s) first good commit: abae259fdccc5e41ff302dd80a2b944ce385c970 HID: core: Correctly handle ReportSize being zero recipients (to): ["benjamin.tissoires@gmail.com" "gregkh@linuxfoundation.org" "maz@kernel.org"] recipients (cc): []