bisecting fixing commit since 06a7a37be55e29961c9ba2abec4d07c8e0e21861
building syzkaller on bc15f7dbbc1c6e2042a7115b3fdacc0ada8c35e7
testing commit 06a7a37be55e29961c9ba2abec4d07c8e0e21861 with gcc (GCC) 8.4.1 20210217
kernel signature: c1a01bb8a89a1db1e66babf084771f7f9491dd15dad740d090c1360e6a072016
run #0: crashed: WARNING: locking bug in l2cap_sock_teardown_cb
run #1: crashed: KASAN: use-after-free Read in lock_sock_nested
run #2: crashed: KASAN: use-after-free Read in lock_sock_nested
run #3: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb
run #4: crashed: KASAN: slab-out-of-bounds Read in lock_sock_nested
run #5: crashed: KASAN: use-after-free Read in lock_sock_nested
run #6: crashed: KASAN: use-after-free Read in lock_sock_nested
run #7: crashed: KASAN: use-after-free Read in lock_sock_nested
run #8: crashed: KASAN: use-after-free Read in lock_sock_nested
run #9: crashed: KASAN: use-after-free Read in lock_sock_nested
run #10: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb
run #11: crashed: KASAN: use-after-free Read in lock_sock_nested
run #12: crashed: KASAN: use-after-free Read in lock_sock_nested
run #13: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb
run #14: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb
run #15: crashed: KASAN: use-after-free Read in lock_sock_nested
run #16: crashed: KASAN: use-after-free Read in lock_sock_nested
run #17: crashed: KASAN: use-after-free Read in lock_sock_nested
run #18: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb
run #19: crashed: KASAN: use-after-free Read in lock_sock_nested
testing current HEAD 7a1468ba0e02eee24ae1353e8933793a27198e20
testing commit 7a1468ba0e02eee24ae1353e8933793a27198e20 with gcc (GCC) 10.2.1 20210217
kernel signature: 0dc53025f0b5255bb011e93676a59969ef9f677180984bb2aa5f0800e1a83d3f
run #0: crashed: KASAN: use-after-free Read in lock_sock_nested
run #1: crashed: KASAN: use-after-free Read in lock_sock_nested
run #2: crashed: KASAN: use-after-free Read in lock_sock_nested
run #3: crashed: KASAN: use-after-free Read in lock_sock_nested
run #4: crashed: KASAN: use-after-free Read in lock_sock_nested
run #5: crashed: KASAN: use-after-free Read in lock_sock_nested
run #6: crashed: KASAN: slab-out-of-bounds Read in lock_sock_nested
run #7: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb
run #8: crashed: KASAN: use-after-free Read in lock_sock_nested
run #9: crashed: INFO: trying to register non-static key in l2cap_sock_teardown_cb
revisions tested: 2, total time: 20m58.600206758s (build: 12m20.25440873s, test: 8m1.986728537s)
the crash still happens on HEAD
commit msg: net: phy: broadcom: Add power down exit reset state delay
crash: INFO: trying to register non-static key in l2cap_sock_teardown_cb
INFO: trying to register non-static key.
the code is fine but needs lockdep annotation.
turning off the locking correctness validator.
CPU: 1 PID: 7364 Comm: kworker/1:5 Not tainted 5.12.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events l2cap_chan_timeout
Call Trace:
 __dump_stack lib/dump_stack.c:79 [inline]
 dump_stack+0x10c/0x14b lib/dump_stack.c:120
 assign_lock_key kernel/locking/lockdep.c:935 [inline]
 register_lock_class+0x111e/0x11f0 kernel/locking/lockdep.c:1247
 __lock_acquire+0xfc/0x5050 kernel/locking/lockdep.c:4779
 lock_acquire kernel/locking/lockdep.c:5510 [inline]
 lock_acquire+0x212/0x850 kernel/locking/lockdep.c:5475
 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline]
 _raw_spin_lock_bh+0x2f/0x40 kernel/locking/spinlock.c:175
 spin_lock_bh include/linux/spinlock.h:359 [inline]
 lock_sock_nested+0x39/0xf0 net/core/sock.c:3063
 l2cap_sock_teardown_cb+0x83/0x3a0 net/bluetooth/l2cap_sock.c:1520
 l2cap_chan_del+0x96/0x1010 net/bluetooth/l2cap_core.c:618
 l2cap_chan_close+0xe2/0x9d0 net/bluetooth/l2cap_core.c:823
 l2cap_chan_timeout+0x122/0x3a0 net/bluetooth/l2cap_core.c:436
 process_one_work+0x84c/0x13b0 kernel/workqueue.c:2275
 worker_thread+0x598/0xf80 kernel/workqueue.c:2421
 kthread+0x36f/0x450 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294