bisecting fixing commit since a409ed156a90093a03fe6a93721ddf4c591eac87
building syzkaller on 04201c0669446145fd9c347c5538da0ca13ff29b
testing commit a409ed156a90093a03fe6a93721ddf4c591eac87
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 1ca01283cb922c934c5873a5a9dc87e419bd83ed142529dabbd300ae04e00706
run #0: crashed: KASAN: use-after-free Read in lock_sock_nested
run #1: crashed: BUG: spinlock bad magic in lock_sock_nested
run #2: crashed: KASAN: use-after-free Read in lock_sock_nested
run #3: crashed: KASAN: use-after-free Read in lock_sock_nested
run #4: crashed: KASAN: use-after-free Read in lock_sock_nested
run #5: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb
run #6: crashed: KASAN: use-after-free Read in lock_sock_nested
run #7: crashed: KASAN: use-after-free Read in lock_sock_nested
run #8: crashed: KASAN: use-after-free Read in lock_sock_nested
run #9: crashed: WARNING: locking bug in l2cap_sock_teardown_cb
run #10: crashed: KASAN: use-after-free Read in lock_sock_nested
run #11: crashed: KASAN: use-after-free Read in lock_sock_nested
run #12: crashed: KASAN: use-after-free Read in lock_sock_nested
run #13: crashed: WARNING: locking bug in l2cap_sock_teardown_cb
run #14: crashed: KASAN: use-after-free Read in lock_sock_nested
run #15: crashed: KASAN: use-after-free Read in lock_sock_nested
run #16: crashed: KASAN: slab-out-of-bounds Read in lock_sock_nested
run #17: crashed: KASAN: use-after-free Read in lock_sock_nested
run #18: crashed: KASAN: use-after-free Read in lock_sock_nested
run #19: crashed: KASAN: use-after-free Read in lock_sock_nested
testing current HEAD 92477dd1faa650e50bd3bb35a6c0b8d09198cc35
testing commit 92477dd1faa650e50bd3bb35a6c0b8d09198cc35
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 2f793b7d7d837423b154acdb2bbeffb62452c5130f44b19b37360f485c22e6fc
run #0: crashed: KASAN: use-after-free Read in lock_sock_nested
run #1: crashed: KASAN: use-after-free Read in lock_sock_nested
run #2: crashed: KASAN: use-after-free Read in lock_sock_nested
run #3: crashed: KASAN: use-after-free Read in lock_sock_nested
run #4: crashed: KASAN: use-after-free Read in lock_sock_nested
run #5: crashed: KASAN: use-after-free Read in lock_sock_nested
run #6: crashed: KASAN: use-after-free Read in lock_sock_nested
run #7: crashed: KASAN: use-after-free Read in lock_sock_nested
run #8: crashed: KASAN: use-after-free Read in lock_sock_nested
run #9: crashed: BUG: spinlock bad magic in lock_sock_nested
revisions tested: 2, total time: 19m45.933743436s (build: 10m30.371459826s, test: 8m33.505159528s)
the crash still happens on HEAD
commit msg: Merge tag 's390-5.15-ebpf-jit-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
crash: BUG: spinlock bad magic in lock_sock_nested
BUG: spinlock bad magic on CPU#0, kworker/0:5/8983
 lock: 0xffff888075df3088, .magic: 0003003f, .owner: <none>/-1, .owner_cpu: 786434000
CPU: 0 PID: 8983 Comm: kworker/0:5 Not tainted 5.15.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events l2cap_chan_timeout
Call Trace:
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x45/0x59 lib/dump_stack.c:106
 debug_spin_lock_before kernel/locking/spinlock_debug.c:85 [inline]
 do_raw_spin_lock+0x216/0x2b0 kernel/locking/spinlock_debug.c:114
 spin_lock_bh include/linux/spinlock.h:368 [inline]
 lock_sock_nested+0x39/0xf0 net/core/sock.c:3183
 l2cap_sock_teardown_cb+0x90/0x590 net/bluetooth/l2cap_sock.c:1528
 l2cap_chan_del+0x9b/0x8f0 net/bluetooth/l2cap_core.c:622
 l2cap_chan_close+0x180/0x990 net/bluetooth/l2cap_core.c:825
 l2cap_chan_timeout+0x125/0x280 net/bluetooth/l2cap_core.c:436
 process_one_work+0x87f/0x1470 kernel/workqueue.c:2297
 worker_thread+0x598/0x1040 kernel/workqueue.c:2444
 kthread+0x38b/0x460 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295