ci starts bisection 2022-12-30 05:14:52.433771703 +0000 UTC m=+218042.976477245
bisecting fixing commit since b96fbd602d35739b5cdb49baa02048f2c41fdab1
building syzkaller on 356d821720a2d24a4cc96f8c0b2b7a11c8882190
ensuring issue is reproducible on original commit b96fbd602d35739b5cdb49baa02048f2c41fdab1

testing commit b96fbd602d35739b5cdb49baa02048f2c41fdab1 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 9b8a73b93bac592b75b6cdac60dbe45ef2bfbc43b35cc3ea95c2e583588549ba
all runs: crashed: BUG: corrupted list in hci_conn_add_sysfs
testing current HEAD bff687b3dad6e0e56b27f4d3ed8a9695f35c7b1a
testing commit bff687b3dad6e0e56b27f4d3ed8a9695f35c7b1a gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: cbcae3004e28925602c0ca0a3220fcb1083f9657c60042d6a61e9fde41ea9075
run #0: basic kernel testing failed: BUG: program execution failed: executor NUM: EOF
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect start bff687b3dad6e0e56b27f4d3ed8a9695f35c7b1a b96fbd602d35739b5cdb49baa02048f2c41fdab1
Bisecting: 15241 revisions left to test after this (roughly 14 steps)
[08ad43d554bacb9769c6a69d5f771f02f5ba411c] Merge tag 'net-6.1-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

testing commit 08ad43d554bacb9769c6a69d5f771f02f5ba411c gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: c134fffd4c55082f6df1f45a9f58685caa112735c415ac5651c8404fc51903ce
all runs: OK
# git bisect bad 08ad43d554bacb9769c6a69d5f771f02f5ba411c
Bisecting: 7615 revisions left to test after this (roughly 13 steps)
[5d435a3f7b6cb1db566d0f56f5f8dc33be0dde69] Merge tag 'media/v6.1-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media

testing commit 5d435a3f7b6cb1db566d0f56f5f8dc33be0dde69 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: e1fcf83aa5a9403273dca7073eaed21524c1abb2b28ee677b51d77620f73ea77
run #0: basic kernel testing failed: BUG: program execution failed: executor NUM: EOF
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 5d435a3f7b6cb1db566d0f56f5f8dc33be0dde69
Bisecting: 3836 revisions left to test after this (roughly 12 steps)
[1c2daf52185bbc91421f0e84e6bf2706bb350cce] Merge tag 'tag-chrome-platform-for-v6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/chrome-platform/linux

testing commit 1c2daf52185bbc91421f0e84e6bf2706bb350cce gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 1878758bec2c9fba98f6756b80335a180f7513d0b43686989fe80b2d4c7c7f59
all runs: OK
# git bisect bad 1c2daf52185bbc91421f0e84e6bf2706bb350cce
Bisecting: 1829 revisions left to test after this (roughly 11 steps)
[accc3b4a572bba903a801a393532272727f83f5b] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

testing commit accc3b4a572bba903a801a393532272727f83f5b gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 0266e9835d127f0781ef5283443f2d459e0ec31ded475f9c07fcfd2f34b4bbb2
all runs: crashed: BUG: corrupted list in hci_conn_add_sysfs
# git bisect good accc3b4a572bba903a801a393532272727f83f5b
Bisecting: 1029 revisions left to test after this (roughly 10 steps)
[522667b24f08009591c90e75bfe2ffb67f555498] Merge tag 'landlock-6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux

testing commit 522667b24f08009591c90e75bfe2ffb67f555498 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: ed30b50d5297b9a070f68b6dbe01916488d12834715ef5de17c3852100a85091
all runs: boot failed: WARNING in netlink_ack
# git bisect skip 522667b24f08009591c90e75bfe2ffb67f555498
Bisecting: 1029 revisions left to test after this (roughly 10 steps)
[c969bb8dbaf2f3628927eae73e7c579a74cf1b6e] selinux: use "grep -E" instead of "egrep"

testing commit c969bb8dbaf2f3628927eae73e7c579a74cf1b6e gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 66f8c906f1ef7a7bb757f345838e0e5ea5a39d5575222e5e63676f185d5d9d13
run #0: boot failed: general protection fault in driver_register
run #1: boot failed: WARNING in wiphy_register
run #2: boot failed: general protection fault in rcu_core
run #3: boot failed: BUG: unable to handle kernel paging request in copy_namespaces
run #4: boot failed: general protection fault in netdev_queue_update_kobjects
run #5: boot failed: kernel BUG in __phys_addr
run #6: boot failed: general protection fault in driver_register
run #7: boot failed: BUG: unable to handle kernel paging request in kernel_execve
run #8: boot failed: general protection fault in device_create_groups_vargs
run #9: boot failed: BUG: unable to handle kernel paging request in kernel_execve
# git bisect skip c969bb8dbaf2f3628927eae73e7c579a74cf1b6e
Bisecting: 1029 revisions left to test after this (roughly 10 steps)
[7c036ed9e0065e852fb1886d9ea97ceb35680e3f] selftests/bpf: Add verifier tests for bpf_lookup_*_key() and bpf_key_put()

testing commit 7c036ed9e0065e852fb1886d9ea97ceb35680e3f gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: e9e4eb38b90078ddf1d032f4acc04013353a4121bfa6ac1fce34ddb9225c25a4
all runs: crashed: BUG: corrupted list in hci_conn_add_sysfs
# git bisect good 7c036ed9e0065e852fb1886d9ea97ceb35680e3f
Bisecting: 953 revisions left to test after this (roughly 10 steps)
[1224e29572f655facfcd850cf0f0a4784f36a903] spi: s3c64xx: Fix large transfers with DMA

testing commit 1224e29572f655facfcd850cf0f0a4784f36a903 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 8fb72e08d178773829af77a5af2983934da620acef3c645398b9184a6e52cc7c
all runs: crashed: BUG: corrupted list in hci_conn_add_sysfs
# git bisect good 1224e29572f655facfcd850cf0f0a4784f36a903
Bisecting: 874 revisions left to test after this (roughly 10 steps)
[5c43fd7954108bd138f7a1b4db4fb997ae1dc696] selftests/nolibc: add a "defconfig" target

testing commit 5c43fd7954108bd138f7a1b4db4fb997ae1dc696 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 07544826f5644b1f1198e686febafdfd038fb6be87b247fb030d1f487529b485
run #0: boot failed: kernel BUG in __phys_addr
run #1: boot failed: BUG: unable to handle kernel paging request in scsi_change_queue_depth
run #2: boot failed: BUG: unable to handle kernel paging request in kernel_execve
run #3: boot failed: BUG: unable to handle kernel paging request in kernel_execve
run #4: boot failed: general protection fault in netdev_queue_update_kobjects
run #5: boot failed: general protection fault in netdev_queue_update_kobjects
run #6: boot failed: general protection fault in getname_kernel
run #7: boot failed: WARNING in copy_process
run #8: boot failed: general protection fault in really_probe
run #9: boot failed: BUG: unable to handle kernel paging request in blk_mq_complete_request
# git bisect skip 5c43fd7954108bd138f7a1b4db4fb997ae1dc696
Bisecting: 874 revisions left to test after this (roughly 10 steps)
[a2e5ba242c338208024cd814128c7fa9e22ae2b4] net/mlx5e: xsk: Split out WQE allocation for legacy XSK RQ

testing commit a2e5ba242c338208024cd814128c7fa9e22ae2b4 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 889c813c9fab3c926ef6d3d4f6f4e39ceb9cb0b4d642121e8db2277afcbb96f4
all runs: OK
# git bisect bad a2e5ba242c338208024cd814128c7fa9e22ae2b4
Bisecting: 188 revisions left to test after this (roughly 8 steps)
[a373f38cd1f5e86cae86157f0b77cf731c5049c1] brcmfmac: Remove the call to "dtim_assoc" IOVAR

testing commit a373f38cd1f5e86cae86157f0b77cf731c5049c1 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: aa2c64dfa6dab4617781f57d84dd24b8743de9ed605c6ea689fbf62c24a819eb
all runs: crashed: BUG: corrupted list in hci_conn_add_sysfs
# git bisect good a373f38cd1f5e86cae86157f0b77cf731c5049c1
Bisecting: 75 revisions left to test after this (roughly 7 steps)
[915b96c52763e2988e6368b538b487a7138b8fa4] Merge tag 'wireless-next-2022-09-30' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless-next

testing commit 915b96c52763e2988e6368b538b487a7138b8fa4 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 934a51a234ca967b02d113255364e8827b1714e210b198012831ea236fc10b01
all runs: crashed: BUG: corrupted list in hci_conn_add_sysfs
# git bisect good 915b96c52763e2988e6368b538b487a7138b8fa4
Bisecting: 37 revisions left to test after this (roughly 5 steps)
[2d2cb3066f2c90cd8ca540b36ba7a55e7f2406e0] Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()

testing commit 2d2cb3066f2c90cd8ca540b36ba7a55e7f2406e0 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 62652df276431602aa0eb617ffaca7f3546abd686bc86f336fa47eecbde34e3c
all runs: crashed: BUG: corrupted list in hci_conn_add_sysfs
# git bisect good 2d2cb3066f2c90cd8ca540b36ba7a55e7f2406e0
Bisecting: 18 revisions left to test after this (roughly 4 steps)
[cf5ca4ddc37a693b17fdb653cb84b920b1185d71] net: dsa: don't leave dangling pointers in dp->pl when failing

testing commit cf5ca4ddc37a693b17fdb653cb84b920b1185d71 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: baa39590674171fca99087f7d44862133c1a70274b94e56160b120ab46ac281a
all runs: OK
# git bisect bad cf5ca4ddc37a693b17fdb653cb84b920b1185d71
Bisecting: 8 revisions left to test after this (roughly 3 steps)
[35fcbc4243aad7e7d020b7c1dfb14bb888b20a4f] Bluetooth: L2CAP: Fix user-after-free

testing commit 35fcbc4243aad7e7d020b7c1dfb14bb888b20a4f gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 1fba18f9a1a683fb6fb0e2cc3d6e798d76daf0746cfa240287e8fc1dba902c4e
all runs: OK
# git bisect bad 35fcbc4243aad7e7d020b7c1dfb14bb888b20a4f
Bisecting: 4 revisions left to test after this (roughly 2 steps)
[7096daba731eea262e0f7bf03453ceddcad89f70] Bluetooth: hci_debugfs: Fix not checking conn->debugfs

testing commit 7096daba731eea262e0f7bf03453ceddcad89f70 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: e9c4082dc8a16a24db5e4ddaa5e1df05eee24f6941777b5b50ba59c3e6161958
all runs: OK
# git bisect bad 7096daba731eea262e0f7bf03453ceddcad89f70
Bisecting: 2 revisions left to test after this (roughly 1 step)
[3124d320c22f3f4388d9ac5c8f37eaad0cefd6b1] Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure

testing commit 3124d320c22f3f4388d9ac5c8f37eaad0cefd6b1 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 9c686c5adfae698842ea3985d8377ff270fb9ffb072035bb6a33ac09a312d83e
all runs: crashed: BUG: corrupted list in hci_conn_add_sysfs
# git bisect good 3124d320c22f3f4388d9ac5c8f37eaad0cefd6b1
Bisecting: 0 revisions left to test after this (roughly 1 step)
[448a496f760664d3e2e79466aa1787e6abc922b5] Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times

testing commit 448a496f760664d3e2e79466aa1787e6abc922b5 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: d4dcb0a74cc8f45765d63b37fd0382497c81ca1347d99f909c633a25a8740694
all runs: OK
# git bisect bad 448a496f760664d3e2e79466aa1787e6abc922b5
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[bb20da18ce936adda6b48aea79a8797c8eee479f] Bluetooth: MGMT: fix zalloc-simple.cocci warnings

testing commit bb20da18ce936adda6b48aea79a8797c8eee479f gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 2401b18a1eb75ea9c0630e17740b19cccb4a92731b60077383a86a650f143cf6
all runs: crashed: BUG: corrupted list in hci_conn_add_sysfs
# git bisect good bb20da18ce936adda6b48aea79a8797c8eee479f
448a496f760664d3e2e79466aa1787e6abc922b5 is the first bad commit
commit 448a496f760664d3e2e79466aa1787e6abc922b5
Author: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Date:   Mon Sep 19 10:56:59 2022 -0700

    Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
    
    device_add shall not be called multiple times as stated in its
    documentation:
    
     'Do not call this routine or device_register() more than once for
     any device structure'
    
    Syzkaller reports a bug as follows [1]:
    ------------[ cut here ]------------
    kernel BUG at lib/list_debug.c:33!
    invalid opcode: 0000 [#1] PREEMPT SMP KASAN
    [...]
    Call Trace:
     <TASK>
     __list_add include/linux/list.h:69 [inline]
     list_add_tail include/linux/list.h:102 [inline]
     kobj_kset_join lib/kobject.c:164 [inline]
     kobject_add_internal+0x18f/0x8f0 lib/kobject.c:214
     kobject_add_varg lib/kobject.c:358 [inline]
     kobject_add+0x150/0x1c0 lib/kobject.c:410
     device_add+0x368/0x1e90 drivers/base/core.c:3452
     hci_conn_add_sysfs+0x9b/0x1b0 net/bluetooth/hci_sysfs.c:53
     hci_le_cis_estabilished_evt+0x57c/0xae0 net/bluetooth/hci_event.c:6799
     hci_le_meta_evt+0x2b8/0x510 net/bluetooth/hci_event.c:7110
     hci_event_func net/bluetooth/hci_event.c:7440 [inline]
     hci_event_packet+0x63d/0xfd0 net/bluetooth/hci_event.c:7495
     hci_rx_work+0xae7/0x1230 net/bluetooth/hci_core.c:4007
     process_one_work+0x991/0x1610 kernel/workqueue.c:2289
     worker_thread+0x665/0x1080 kernel/workqueue.c:2436
     kthread+0x2e4/0x3a0 kernel/kthread.c:376
     ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306
     </TASK>
    
    Link: https://syzkaller.appspot.com/bug?id=da3246e2d33afdb92d66bc166a0934c5b146404a
    Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
    Tested-by: Hawkins Jiawei <yin31149@gmail.com>

 net/bluetooth/hci_sysfs.c | 3 +++
 1 file changed, 3 insertions(+)

culprit signature: d4dcb0a74cc8f45765d63b37fd0382497c81ca1347d99f909c633a25a8740694
parent  signature: 2401b18a1eb75ea9c0630e17740b19cccb4a92731b60077383a86a650f143cf6
revisions tested: 21, total time: 5h2m11.260280074s (build: 2h38m13.80659379s, test: 2h19m45.393686737s)
first good commit: 448a496f760664d3e2e79466aa1787e6abc922b5 Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
recipients (to): ["davem@davemloft.net" "edumazet@google.com" "johan.hedberg@gmail.com" "kuba@kernel.org" "linux-bluetooth@vger.kernel.org" "luiz.dentz@gmail.com" "luiz.von.dentz@intel.com" "marcel@holtmann.org" "netdev@vger.kernel.org" "pabeni@redhat.com" "yin31149@gmail.com"]
recipients (cc): ["linux-kernel@vger.kernel.org"]