bisecting fixing commit since 27ce4f2a6817e38ca74c643d47a96359f6cc0c1c
building syzkaller on 77a55c8ea6070a9a88715db4c17e9612a7f99b21
testing commit 27ce4f2a6817e38ca74c643d47a96359f6cc0c1c with gcc (GCC) 8.4.1 20210217
kernel signature: a6c5b08ff3337f9f026f995e2a5a999d98d2171752fd29cfd348fe616d30a131
run #0: crashed: BUG: corrupted list in kobject_add_internal
run #1: crashed: BUG: corrupted list in kobject_add_internal
run #2: crashed: BUG: corrupted list in kobject_add_internal
run #3: crashed: BUG: corrupted list in kobject_add_internal
run #4: crashed: BUG: corrupted list in kobject_add_internal
run #5: crashed: BUG: corrupted list in kobject_add_internal
run #6: crashed: BUG: corrupted list in kobject_add_internal
run #7: crashed: BUG: corrupted list in kobject_add_internal
run #8: crashed: BUG: corrupted list in kobject_add_internal
run #9: crashed: BUG: corrupted list in kobject_add_internal
run #10: crashed: BUG: corrupted list in kobject_add_internal
run #11: crashed: WARNING in sysfs_warn_dup
run #12: crashed: BUG: corrupted list in kobject_add_internal
run #13: crashed: BUG: corrupted list in kobject_add_internal
run #14: crashed: BUG: corrupted list in kobject_add_internal
run #15: crashed: BUG: corrupted list in kobject_add_internal
run #16: crashed: BUG: corrupted list in kobject_add_internal
run #17: crashed: BUG: corrupted list in kobject_add_internal
run #18: crashed: BUG: corrupted list in kobject_add_internal
run #19: crashed: BUG: corrupted list in kobject_add_internal
testing current HEAD 29c52025152bab4c557d8174da58f1a4c8e70438
testing commit 29c52025152bab4c557d8174da58f1a4c8e70438 with gcc (GCC) 8.4.1 20210217
kernel signature: a780be2f8d1ea1d13b6e8002f595e9c00a830bc254188b6ee70a04a8a0fe4907
all runs: crashed: BUG: corrupted list in kobject_add_internal
revisions tested: 2, total time: 20m51.468822276s (build: 13m38.757057795s, test: 6m17.729906781s)
the crash still happens on HEAD
commit msg: Linux 4.14.221
crash: BUG: corrupted list in kobject_add_internal
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready
list_add double add: new=ffff8881dbda8b78, prev=ffff8881dbda8b78, next=ffff8881f53c6e00.
IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:31!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 7688 Comm: kworker/u5:4 Not tainted 4.14.221-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: hci2 hci_rx_work
task: ffff8881dc5f6300 task.stack: ffff8881de318000
device veth0_macvtap entered promiscuous mode
RIP: 0010:__list_add_valid+0xaa/0xb0 lib/list_debug.c:29
RSP: 0018:ffff8881de31f820 EFLAGS: 00010282
RAX: 0000000000000058 RBX: ffff8881f53c6e00 RCX: 0000000000000000
RDX: 0000000000000058 RSI: ffffffff878b90a0 RDI: ffffed103bc63efb
RBP: ffff8881de31f838 R08: ffff8881dc5f6c20 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881dbda8b78
R13: ffff8881dbda8b88 R14: ffff8881f53c6e00 R15: ffff8881dbda8b70
FS:  0000000000000000(0000) GS:ffff8881f6400000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005640fb3c0a18 CR3: 0000000008e6a001 CR4: 00000000001606f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready
Call Trace:
 __list_add include/linux/list.h:60 [inline]
 list_add_tail include/linux/list.h:93 [inline]
 kobj_kset_join lib/kobject.c:171 [inline]
 kobject_add_internal+0x165/0x8d0 lib/kobject.c:220
 kobject_add_varg lib/kobject.c:364 [inline]
 kobject_add+0x109/0x160 lib/kobject.c:409
device veth1_macvtap entered promiscuous mode
 device_add+0x344/0x1530 drivers/base/core.c:1884
IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready
 hci_conn_add_sysfs+0x8e/0x150 net/bluetooth/hci_sysfs.c:53
 hci_sync_conn_complete_evt.isra.101+0x8bc/0xa50 net/bluetooth/hci_event.c:3769
 hci_event_packet+0x1c10/0x6f60 net/bluetooth/hci_event.c:5388
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
 hci_rx_work+0x378/0xa60 net/bluetooth/hci_core.c:4244
 process_one_work+0x74f/0x1620 kernel/workqueue.c:2116
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
 worker_thread+0xcc/0xee0 kernel/workqueue.c:2250
 kthread+0x338/0x400 kernel/kthread.c:232
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
Code: 
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
75 
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
e8 eb a9 48 89 f7 48 89 75 e8 e8 91 fe 61 fe 48 8b 75 e8 eb bb 48 89 f2 48 89 d9 4c 89 e6 48 c7 c7 80 6e cc 87 e8 2a c5 
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
f7 03 <0f> 0b 0f 1f 40 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 41 
RIP: __list_add_valid+0xaa/0xb0 lib/list_debug.c:29 RSP: ffff8881de31f820
---[ end trace e101ee9bf64f6aa3 ]---
IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready