ci starts bisection 2022-11-04 13:24:55.359905041 +0000 UTC m=+63820.910233875
bisecting fixing commit since dc164f4fb00a0abebdfff132f8bc7291a28f5401
building syzkaller on 0042f2b4c00ce1ceeaa44a0147909fe3a6f86c5c
ensuring issue is reproducible on original commit dc164f4fb00a0abebdfff132f8bc7291a28f5401

testing commit dc164f4fb00a0abebdfff132f8bc7291a28f5401 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: c97348d5ab6c6943887054d9c7b4bd2618ffc7df0ba00df498a636b886ee6671
run #0: basic kernel testing failed: BUG: program execution failed: executor NUM: EOF
run #1: basic kernel testing failed: BUG: program execution failed: executor NUM: EOF
run #2: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #3: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #4: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #5: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #6: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #7: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #8: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #9: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #10: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #11: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #12: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #13: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #14: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #15: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #16: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #17: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #18: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #19: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
testing current HEAD ee6050c8af96bba2f81e8b0793a1fc2f998fcd20
testing commit ee6050c8af96bba2f81e8b0793a1fc2f998fcd20 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 368628edb79d42cab69b9e6e1612be932988a9a4ff6f00ccc72cdbcd84fd2262
all runs: OK
# git bisect start ee6050c8af96bba2f81e8b0793a1fc2f998fcd20 dc164f4fb00a0abebdfff132f8bc7291a28f5401
Bisecting: 6989 revisions left to test after this (roughly 13 steps)
[7f198ba7ae9874c64ffe8cd3aa60cf5dab78ce3a] Merge tag 'affs-for-6.1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux

testing commit 7f198ba7ae9874c64ffe8cd3aa60cf5dab78ce3a gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: b00a3bb2fbee40b41d6be89177d8f35d262aae744e490afe70bd0b5ed0fc5589
all runs: OK
# git bisect bad 7f198ba7ae9874c64ffe8cd3aa60cf5dab78ce3a
Bisecting: 3484 revisions left to test after this (roughly 12 steps)
[d40c874573145b4af3b3b6205f3741b498697623] Merge tag 'regulator-v6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator

testing commit d40c874573145b4af3b3b6205f3741b498697623 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 7e1fac7506b2184b39e236b00bdc4e9aa81dc3cf4298b9a6810a3a5e0d1aa868
all runs: OK
# git bisect bad d40c874573145b4af3b3b6205f3741b498697623
Bisecting: 1685 revisions left to test after this (roughly 11 steps)
[accc3b4a572bba903a801a393532272727f83f5b] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

testing commit accc3b4a572bba903a801a393532272727f83f5b gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 82efeb4151f6369439bd97015ed55a2484fa7d54c59c8dd7225df1bd1daaeecf
all runs: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
# git bisect good accc3b4a572bba903a801a393532272727f83f5b
Bisecting: 885 revisions left to test after this (roughly 10 steps)
[522667b24f08009591c90e75bfe2ffb67f555498] Merge tag 'landlock-6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux

testing commit 522667b24f08009591c90e75bfe2ffb67f555498 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: dd7aebd3e7dbd0439955ee7bd171a44f91df20e5626be04e753a062307d526cf
all runs: boot failed: WARNING in netlink_ack
# git bisect skip 522667b24f08009591c90e75bfe2ffb67f555498
Bisecting: 885 revisions left to test after this (roughly 10 steps)
[06f7c08751939f33d79712590c2b21d02aba61b6] cpuidle: Remove redundant check in cpuidle_switch_governor()

testing commit 06f7c08751939f33d79712590c2b21d02aba61b6 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 60bb79759bb566597738e9460d5cc0934c81aa1e7cde0a67032088c0d9f7ea93
run #0: basic kernel testing failed: BUG: program execution failed: executor NUM: EOF
run #1: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #2: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #3: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #4: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #5: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #6: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #7: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #8: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
run #9: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
# git bisect good 06f7c08751939f33d79712590c2b21d02aba61b6
Bisecting: 885 revisions left to test after this (roughly 10 steps)
[0739ce4c1213a040301bb185cb7a0569417aef87] regulator: core: Remove "ramp_delay not set" debug message

testing commit 0739ce4c1213a040301bb185cb7a0569417aef87 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: d227172222e6e2ad2eed629f86be00087751d346581c6503fba66d1acfda1382
run #0: boot failed: general protection fault in rfkill_alloc
run #1: boot failed: WARNING: kobject bug in device_create_groups_vargs
run #2: boot failed: general protection fault in driver_register
run #3: boot failed: BUG: unable to handle kernel paging request in __scsi_remove_device
run #4: boot failed: general protection fault in scsi_alloc_sdev
run #5: boot failed: general protection fault in netdev_queue_update_kobjects
run #6: boot failed: kernel BUG in __phys_addr
run #7: boot failed: KASAN: wild-memory-access Write in apparmor_cred_free
run #8: boot failed: general protection fault in netdev_queue_update_kobjects
run #9: boot failed: general protection fault in netdev_queue_update_kobjects
# git bisect skip 0739ce4c1213a040301bb185cb7a0569417aef87
Bisecting: 885 revisions left to test after this (roughly 10 steps)
[738c345b74b8d11edd01b6cee5628c6b8368d8ea] selftests/bpf: Fix get_func_ip offset test for CONFIG_X86_KERNEL_IBT

testing commit 738c345b74b8d11edd01b6cee5628c6b8368d8ea gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: fc77ca35a634213cec898ce75341ed0342d7034e337f3d2da20d423f169790ad
all runs: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
# git bisect good 738c345b74b8d11edd01b6cee5628c6b8368d8ea
Bisecting: 783 revisions left to test after this (roughly 10 steps)
[3eba620e7bd772a0c7dc91966cb107872b54a910] Merge tag 'x86_cleanups_for_v6.1_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

testing commit 3eba620e7bd772a0c7dc91966cb107872b54a910 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: d2c12454fd7bb5cfd13763027b0ac7bca172eb2c024931f789d1a7aecfb115a8
all runs: boot failed: WARNING in netlink_ack
# git bisect skip 3eba620e7bd772a0c7dc91966cb107872b54a910
Bisecting: 783 revisions left to test after this (roughly 10 steps)
[d248cabff5da2f3f2ce0ab99c1f96a15e8fb98c6] selftests/nolibc: add a "kernel" target to build the kernel with the initramfs

testing commit d248cabff5da2f3f2ce0ab99c1f96a15e8fb98c6 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 83a2eb0353028b35f583bfe5aec8f23f12d8f3361c5b19c671d27d24bb17f397
run #0: boot failed: general protection fault in __rq_qos_done
run #1: boot failed: BUG: unable to handle kernel paging request in path_init
run #2: boot failed: general protection fault in netdev_queue_update_kobjects
run #3: boot failed: general protection fault in netdev_queue_update_kobjects
run #4: boot failed: general protection fault in driver_register
run #5: boot failed: general protection fault in netdev_queue_update_kobjects
run #6: boot failed: general protection fault in driver_register
run #7: boot failed: WARNING in copy_process
run #8: boot failed: general protection fault in mm_alloc
run #9: boot failed: BUG: unable to handle kernel paging request in kernel_execve
# git bisect skip d248cabff5da2f3f2ce0ab99c1f96a15e8fb98c6
Bisecting: 783 revisions left to test after this (roughly 10 steps)
[2820a400dfd3579af6db41b6bd5f5114b8749cae] nfp: add support restart of link auto-negotiation

testing commit 2820a400dfd3579af6db41b6bd5f5114b8749cae gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 95868c4c3ff0507ed9f3c1c1ee4f1f938984a911c14291cb432f05f478da4b8f
all runs: OK
# git bisect bad 2820a400dfd3579af6db41b6bd5f5114b8749cae
Bisecting: 181 revisions left to test after this (roughly 8 steps)
[dce45ded761946c053b9901f4b49f0439d934251] brcmfmac: Support 89459 pcie

testing commit dce45ded761946c053b9901f4b49f0439d934251 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: ecaa7c148e582b6a94cc5a24f1534acc027cadc68705ce65e24f17a4bafd267c
all runs: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
# git bisect good dce45ded761946c053b9901f4b49f0439d934251
Bisecting: 66 revisions left to test after this (roughly 7 steps)
[915b96c52763e2988e6368b538b487a7138b8fa4] Merge tag 'wireless-next-2022-09-30' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless-next

testing commit 915b96c52763e2988e6368b538b487a7138b8fa4 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: fdc490f2bf707649829ef0612805ffb562bb68bba4c31572b818ba4b3b129004
all runs: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
# git bisect good 915b96c52763e2988e6368b538b487a7138b8fa4
Bisecting: 32 revisions left to test after this (roughly 5 steps)
[f0ad26ee822b197f2421462df9c358a5687fddfd] Bluetooth: btusb: Add a new PID/VID 13d3/3583 for MT7921

testing commit f0ad26ee822b197f2421462df9c358a5687fddfd gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: d1b9a862c0b14cf993a2b6af54547bcdb4239afd2649a0364a23bb447669955f
all runs: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
# git bisect good f0ad26ee822b197f2421462df9c358a5687fddfd
Bisecting: 15 revisions left to test after this (roughly 4 steps)
[a507ea32b9c2c407012bf89109ac0cf89fae313c] Merge tag 'for-net-next-2022-09-30' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next

testing commit a507ea32b9c2c407012bf89109ac0cf89fae313c gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: b14511de096e3570d2279ad52a5d7f4e78f8e239207871563aa03f64f83bf18e
all runs: OK
# git bisect bad a507ea32b9c2c407012bf89109ac0cf89fae313c
Bisecting: 8 revisions left to test after this (roughly 3 steps)
[448a496f760664d3e2e79466aa1787e6abc922b5] Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times

testing commit 448a496f760664d3e2e79466aa1787e6abc922b5 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: b9847e48d4ba1c28fabca73dc36dba7c7b7bd8b87f83e7dc51b1e0799325f2a5
all runs: OK
# git bisect bad 448a496f760664d3e2e79466aa1787e6abc922b5
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[2d2cb3066f2c90cd8ca540b36ba7a55e7f2406e0] Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()

testing commit 2d2cb3066f2c90cd8ca540b36ba7a55e7f2406e0 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: c6b1979ae5f0b5d3b0a7562c6ce3af5f362592ee148a84c7bb9ec53044aebcd4
all runs: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
# git bisect good 2d2cb3066f2c90cd8ca540b36ba7a55e7f2406e0
Bisecting: 1 revision left to test after this (roughly 1 step)
[3124d320c22f3f4388d9ac5c8f37eaad0cefd6b1] Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure

testing commit 3124d320c22f3f4388d9ac5c8f37eaad0cefd6b1 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 68315a92cd034028c57631c428306a8769a45fe5f4b161d513eb5c8bf59d9d5d
all runs: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
# git bisect good 3124d320c22f3f4388d9ac5c8f37eaad0cefd6b1
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[bb20da18ce936adda6b48aea79a8797c8eee479f] Bluetooth: MGMT: fix zalloc-simple.cocci warnings

testing commit bb20da18ce936adda6b48aea79a8797c8eee479f gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 7c25e0c84c6d356ae835728f91410fe7a3377a4e34c511137dc702e71679fe2a
all runs: crashed: KASAN: use-after-free Read in hci_conn_add_sysfs
# git bisect good bb20da18ce936adda6b48aea79a8797c8eee479f
448a496f760664d3e2e79466aa1787e6abc922b5 is the first bad commit
commit 448a496f760664d3e2e79466aa1787e6abc922b5
Author: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Date:   Mon Sep 19 10:56:59 2022 -0700

    Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
    
    device_add shall not be called multiple times as stated in its
    documentation:
    
     'Do not call this routine or device_register() more than once for
     any device structure'
    
    Syzkaller reports a bug as follows [1]:
    ------------[ cut here ]------------
    kernel BUG at lib/list_debug.c:33!
    invalid opcode: 0000 [#1] PREEMPT SMP KASAN
    [...]
    Call Trace:
     <TASK>
     __list_add include/linux/list.h:69 [inline]
     list_add_tail include/linux/list.h:102 [inline]
     kobj_kset_join lib/kobject.c:164 [inline]
     kobject_add_internal+0x18f/0x8f0 lib/kobject.c:214
     kobject_add_varg lib/kobject.c:358 [inline]
     kobject_add+0x150/0x1c0 lib/kobject.c:410
     device_add+0x368/0x1e90 drivers/base/core.c:3452
     hci_conn_add_sysfs+0x9b/0x1b0 net/bluetooth/hci_sysfs.c:53
     hci_le_cis_estabilished_evt+0x57c/0xae0 net/bluetooth/hci_event.c:6799
     hci_le_meta_evt+0x2b8/0x510 net/bluetooth/hci_event.c:7110
     hci_event_func net/bluetooth/hci_event.c:7440 [inline]
     hci_event_packet+0x63d/0xfd0 net/bluetooth/hci_event.c:7495
     hci_rx_work+0xae7/0x1230 net/bluetooth/hci_core.c:4007
     process_one_work+0x991/0x1610 kernel/workqueue.c:2289
     worker_thread+0x665/0x1080 kernel/workqueue.c:2436
     kthread+0x2e4/0x3a0 kernel/kthread.c:376
     ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306
     </TASK>
    
    Link: https://syzkaller.appspot.com/bug?id=da3246e2d33afdb92d66bc166a0934c5b146404a
    Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
    Tested-by: Hawkins Jiawei <yin31149@gmail.com>

 net/bluetooth/hci_sysfs.c | 3 +++
 1 file changed, 3 insertions(+)

culprit signature: b9847e48d4ba1c28fabca73dc36dba7c7b7bd8b87f83e7dc51b1e0799325f2a5
parent  signature: 7c25e0c84c6d356ae835728f91410fe7a3377a4e34c511137dc702e71679fe2a
revisions tested: 20, total time: 4h30m9.245604497s (build: 2h20m57.014327192s, test: 2h6m26.488063755s)
first good commit: 448a496f760664d3e2e79466aa1787e6abc922b5 Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
recipients (to): ["davem@davemloft.net" "edumazet@google.com" "johan.hedberg@gmail.com" "kuba@kernel.org" "linux-bluetooth@vger.kernel.org" "luiz.dentz@gmail.com" "luiz.von.dentz@intel.com" "marcel@holtmann.org" "netdev@vger.kernel.org" "pabeni@redhat.com" "yin31149@gmail.com"]
recipients (cc): ["linux-kernel@vger.kernel.org"]