ci starts bisection 2023-02-14 13:14:43.211286752 +0000 UTC m=+7900.541832615
bisecting fixing commit since a6afa4199d3d038fbfdff5511f7523b0e30cb774
building syzkaller on aea5da898f473385f3b66c94f8aa49ca9a1c9744
ensuring issue is reproducible on original commit a6afa4199d3d038fbfdff5511f7523b0e30cb774

testing commit a6afa4199d3d038fbfdff5511f7523b0e30cb774 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: d9954118168f26b3c1d2e6a42dd3fb59f5fcf13042c3f8dbfdd3d3701a52aab1
run #0: crashed: KASAN: use-after-free Read in dbJoin
run #1: crashed: KASAN: use-after-free Read in dbJoin
run #2: crashed: KASAN: use-after-free Read in dbJoin
run #3: crashed: KASAN: use-after-free Read in dbJoin
run #4: crashed: UBSAN: array-index-out-of-bounds in dbAdjTree
run #5: crashed: UBSAN: array-index-out-of-bounds in dbAdjTree
run #6: crashed: UBSAN: array-index-out-of-bounds in dbAdjTree
run #7: crashed: UBSAN: array-index-out-of-bounds in dbAdjTree
run #8: crashed: KASAN: use-after-free Read in dbJoin
run #9: crashed: UBSAN: array-index-out-of-bounds in dbAdjTree
run #10: crashed: UBSAN: array-index-out-of-bounds in dbAdjTree
run #11: crashed: KASAN: use-after-free Read in dbJoin
run #12: crashed: UBSAN: array-index-out-of-bounds in dbAdjTree
run #13: crashed: KASAN: use-after-free Read in dbJoin
run #14: crashed: KASAN: use-after-free Read in dbJoin
run #15: crashed: KASAN: use-after-free Read in dbJoin
run #16: crashed: UBSAN: array-index-out-of-bounds in dbAdjTree
run #17: crashed: KASAN: use-after-free Read in dbJoin
run #18: crashed: KASAN: use-after-free Read in dbJoin
run #19: crashed: KASAN: use-after-free Read in dbJoin
testing current HEAD f6feea56f66d34259c4222fa02e8171c4f2673d1
testing commit f6feea56f66d34259c4222fa02e8171c4f2673d1 gcc
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 9b0703fbc3223ff1774d36a74544d250193e2ea915627a356d1a2387dbf66b2b
run #0: crashed: INFO: trying to register non-static key in net_free
run #1: crashed: INFO: trying to register non-static key in net_free
run #2: crashed: unregister_netdevice: waiting for DEV to become free
run #3: crashed: unregister_netdevice: waiting for DEV to become free
run #4: crashed: unregister_netdevice: waiting for DEV to become free
run #5: crashed: unregister_netdevice: waiting for DEV to become free
run #6: crashed: unregister_netdevice: waiting for DEV to become free
run #7: crashed: unregister_netdevice: waiting for DEV to become free
run #8: crashed: unregister_netdevice: waiting for DEV to become free
run #9: crashed: unregister_netdevice: waiting for DEV to become free
revisions tested: 2, total time: 23m2.70529983s (build: 13m58.749560147s, test: 8m14.572372865s)
the crash still happens on HEAD
commit msg: Merge tag 'mm-hotfixes-stable-2023-02-13-13-50' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
crash: unregister_netdevice: waiting for DEV to become free
unregister_netdevice: waiting for lo to become free. Usage count = 2
leaked reference.
 __netdev_tracker_alloc include/linux/netdevice.h:4020 [inline]
 netdev_hold include/linux/netdevice.h:4049 [inline]
 ipv6_add_dev+0x3c1/0x1160 net/ipv6/addrconf.c:401
 addrconf_notify+0x40d/0x12d0 net/ipv6/addrconf.c:3552
 notifier_call_chain+0x94/0x170 kernel/notifier.c:87
 call_netdevice_notifiers_extack net/core/dev.c:1982 [inline]
 call_netdevice_notifiers net/core/dev.c:1996 [inline]
 register_netdevice+0xcbd/0x1400 net/core/dev.c:10078
 register_netdev+0x17/0x30 net/core/dev.c:10173
 loopback_net_init+0x6c/0x120 drivers/net/loopback.c:219
 ops_init+0x96/0x580 net/core/net_namespace.c:135
 setup_net+0x74a/0xd60 net/core/net_namespace.c:333
 copy_net_ns+0x2a4/0x540 net/core/net_namespace.c:483
 create_new_namespaces+0x35a/0x920 kernel/nsproxy.c:110
 unshare_nsproxy_namespaces+0x86/0x1a0 kernel/nsproxy.c:228
 ksys_unshare+0x309/0x6b0 kernel/fork.c:3202
 __do_sys_unshare kernel/fork.c:3273 [inline]
 __se_sys_unshare kernel/fork.c:3271 [inline]
 __x64_sys_unshare+0x28/0x40 kernel/fork.c:3271
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd