bisecting fixing commit since 5b7a52cd2eef952cee8a72512ef370bcdef46636
building syzkaller on a1839e81524f4e427a4b57bca0e4633d459d3d18
testing commit 5b7a52cd2eef952cee8a72512ef370bcdef46636 with gcc (GCC) 8.4.1 20210217
kernel signature: 532c4ab7e5b2e349cf3caf2c72c3a071f8cb7e6c0056f66d7999b678ad951762
all runs: crashed: KASAN: use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio
testing current HEAD 4e68c9b0763ff55eaa69d6e519f07515f1c9037b
testing commit 4e68c9b0763ff55eaa69d6e519f07515f1c9037b with gcc (GCC) 8.4.1 20210217
kernel signature: 13de4506c51253aa6cdc8b0296ceb4b905c810da3a9562dfbdf3cb76a1223d48
all runs: crashed: unregister_netdevice: waiting for DEV to become free
revisions tested: 2, total time: 26m3.558233495s (build: 19m7.081315339s, test: 6m21.761518934s)
the crash still happens on HEAD
commit msg: Linux 4.14.239
crash: unregister_netdevice: waiting for DEV to become free
Bluetooth: hci5 command 0x0409 tx timeout
Bluetooth: hci2 command 0x0409 tx timeout
Bluetooth: hci3 command 0x0409 tx timeout
Bluetooth: hci1 command 0x0409 tx timeout
Bluetooth: hci0 command 0x0409 tx timeout
unregister_netdevice: waiting for ip6gre0 to become free. Usage count = -1
Bluetooth: hci2 command 0x041b tx timeout
Bluetooth: hci5 command 0x041b tx timeout
Bluetooth: hci0 command 0x041b tx timeout
Bluetooth: hci4 command 0x041b tx timeout
Bluetooth: hci1 command 0x041b tx timeout
Bluetooth: hci3 command 0x041b tx timeout
Bluetooth: hci3 command 0x040f tx timeout
Bluetooth: hci0 command 0x040f tx timeout
Bluetooth: hci1 command 0x040f tx timeout
Bluetooth: hci5 command 0x040f tx timeout
Bluetooth: hci2 command 0x040f tx timeout
Bluetooth: hci4 command 0x040f tx timeout
Bluetooth: hci2 command 0x0419 tx timeout
Bluetooth: hci4 command 0x0419 tx timeout
Bluetooth: hci1 command 0x0419 tx timeout
Bluetooth: hci5 command 0x0419 tx timeout
Bluetooth: hci0 command 0x0419 tx timeout
Bluetooth: hci3 command 0x0419 tx timeout