bisecting cause commit starting from e2f74b13dbe60e36e7082592cebfa8bd84ae5931
building syzkaller on 1b20171a857edaeb6232e42ae1e0b783d4c5f666
testing commit e2f74b13dbe60e36e7082592cebfa8bd84ae5931 with gcc (GCC) 10.2.1 20210217
kernel signature: a03d7187326029369ba4cc8a971ce954fb4e1d6bca55763c11cc134335b7723b
run #0: basic kernel testing failed: possible deadlock in fs_reclaim_acquire
run #1: basic kernel testing failed: possible deadlock in fs_reclaim_acquire
run #2: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #3: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #4: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #5: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #6: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #7: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #8: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #9: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #10: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #11: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #12: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #13: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #14: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #15: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #16: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #17: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #18: crashed: KASAN: use-after-free Read in r871xu_dev_remove
run #19: crashed: KASAN: use-after-free Read in r871xu_dev_remove
testing release v5.13
testing commit 62fb9874f5da54fdb243003b386128037319b219 with gcc (GCC) 10.2.1 20210217
kernel signature: 1cb5111c0f95c1fc7e3896d55db5b53fbce5858f143c657e735c92f7019c7d10
all runs: OK
# git bisect start e2f74b13dbe60e36e7082592cebfa8bd84ae5931 62fb9874f5da54fdb243003b386128037319b219
Bisecting: 7344 revisions left to test after this (roughly 13 steps)
[514798d36572fb8eba6ccff3de10c9615063a7f5] Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux

testing commit 514798d36572fb8eba6ccff3de10c9615063a7f5 with gcc (GCC) 10.2.1 20210217
kernel signature: fc7ee250f7d71ae3e8fb0d3883a0f0d8b738389ea641b84cfad3904bef284464
all runs: OK
# git bisect good 514798d36572fb8eba6ccff3de10c9615063a7f5
Bisecting: 3321 revisions left to test after this (roughly 12 steps)
[a16d8644bad461bb073b92e812080ea6715ddf2b] Merge tag 'staging-5.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging

testing commit a16d8644bad461bb073b92e812080ea6715ddf2b with gcc (GCC) 10.2.1 20210217
kernel signature: 731f071ac0890eca6e2659c43417eae356e689c88e2c3c3cc1a035a586b04abb
run #0: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0)
run #1: boot failed: possible deadlock in fs_reclaim_acquire
run #2: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0)
run #3: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0)
run #4: boot failed: BUG: sleeping function called from invalid context in stack_depot_save
run #5: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0)
run #6: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0)
run #7: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0)
run #8: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0)
run #9: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0)
# git bisect skip a16d8644bad461bb073b92e812080ea6715ddf2b
Bisecting: 3321 revisions left to test after this (roughly 12 steps)
[f11f44be2427a601595be1c2f8d6e3a77d3a0f98] arm64: dts: mt8183: Add kukui-jacuzzi-kappa board

testing commit f11f44be2427a601595be1c2f8d6e3a77d3a0f98 with gcc (GCC) 10.2.1 20210217
kernel signature: 7e19f4f182739dc6106847e7afc83d6067ff8edbbed6c16a00674ea0912dd1d4
all runs: OK
# git bisect good f11f44be2427a601595be1c2f8d6e3a77d3a0f98
Bisecting: 3309 revisions left to test after this (roughly 12 steps)
[9ba0889e2272294bfbb5589b1b180ad2e782b2a4] xfs: drop the AGI being passed to xfs_check_agi_freecount

testing commit 9ba0889e2272294bfbb5589b1b180ad2e782b2a4 with gcc (GCC) 10.2.1 20210217
kernel signature: 6d5bf05a4db70300859fcdaff437776741d92392a0d9ad2aee99f21aa4ca9971
all runs: OK
# git bisect good 9ba0889e2272294bfbb5589b1b180ad2e782b2a4
Bisecting: 3309 revisions left to test after this (roughly 12 steps)
[9b2574f61c499e264df69b2e71a5f4319654a00b] counter: ftm-quaddec: Add const qualifier for actions_list array

testing commit 9b2574f61c499e264df69b2e71a5f4319654a00b with gcc (GCC) 10.2.1 20210217
kernel signature: 6130d3e33db5b7b81f5237fe42a2c55d5d7c0279479e20ef7b785df8b7792897
all runs: OK
# git bisect good 9b2574f61c499e264df69b2e71a5f4319654a00b
Bisecting: 3309 revisions left to test after this (roughly 12 steps)
[b61ce4d81ba29d0b70487635105e12ec44c3a873] selftests/lkdtm: Enable various testable CONFIGs

testing commit b61ce4d81ba29d0b70487635105e12ec44c3a873 with gcc (GCC) 10.2.1 20210217
kernel signature: 8ebd0ebea0f743f9db52164f1dd5e3bbef240826f49f9f570ddc9541d8cbc323
run #0: crashed: BUG: sleeping function called from invalid context in lock_sock_nested
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
reproducer seems to be flaky
# git bisect bad b61ce4d81ba29d0b70487635105e12ec44c3a873
Bisecting: 142 revisions left to test after this (roughly 7 steps)
[6e16ab6c326cd149c086ccbab6da9ccff1a528ff] habanalabs: prepare preboot stage to dynamic f/w load

testing commit 6e16ab6c326cd149c086ccbab6da9ccff1a528ff with gcc (GCC) 10.2.1 20210217
kernel signature: bd89b5c442ee66ddee8767d6a656bd6b15b6b2a8b89c37581fc149d96a6a75fc
all runs: OK
# git bisect good 6e16ab6c326cd149c086ccbab6da9ccff1a528ff
Bisecting: 73 revisions left to test after this (roughly 6 steps)
[b7a71fddc0ddfdd66cdefcf5bf1f59a0f0bdea57] habanalabs/gaudi: refactor hard-reset related code

testing commit b7a71fddc0ddfdd66cdefcf5bf1f59a0f0bdea57 with gcc (GCC) 10.2.1 20210217
kernel signature: bd89b5c442ee66ddee8767d6a656bd6b15b6b2a8b89c37581fc149d96a6a75fc
all runs: OK
# git bisect good b7a71fddc0ddfdd66cdefcf5bf1f59a0f0bdea57
Bisecting: 37 revisions left to test after this (roughly 5 steps)
[15692a80d9491b42f910f61f5ef2171b3c2eb15c] phy: Revert "phy: ralink: Kconfig: convert mt7621-pci-phy into 'bool'"

testing commit 15692a80d9491b42f910f61f5ef2171b3c2eb15c with gcc (GCC) 10.2.1 20210217
kernel signature: ade4d4831b509a48b3ed83b33eb10c8702b119b2d545f46ad7b559fa2830e28f
all runs: OK
# git bisect good 15692a80d9491b42f910f61f5ef2171b3c2eb15c
Bisecting: 18 revisions left to test after this (roughly 4 steps)
[f274e2962677d77bcd0d1d767e1d2737edf07893] Merge tag 'icc-5.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/djakov/icc into char-misc-next

testing commit f274e2962677d77bcd0d1d767e1d2737edf07893 with gcc (GCC) 10.2.1 20210217
kernel signature: bd89b5c442ee66ddee8767d6a656bd6b15b6b2a8b89c37581fc149d96a6a75fc
all runs: OK
# git bisect good f274e2962677d77bcd0d1d767e1d2737edf07893
Bisecting: 9 revisions left to test after this (roughly 3 steps)
[d97c0ff5a124f48109c4b32d6471c7bccd497009] extcon: sm5502: Add support for SM5504

testing commit d97c0ff5a124f48109c4b32d6471c7bccd497009 with gcc (GCC) 10.2.1 20210217
kernel signature: 9a687ee3c25d16f81c681a8040e7a6cb9c03a6610b4322a4a0e6cc1ecfe6b905
all runs: OK
# git bisect good d97c0ff5a124f48109c4b32d6471c7bccd497009
Bisecting: 4 revisions left to test after this (roughly 2 steps)
[0acbdbc7205cf754e76c4f234dde4fa42316f50d] selftests/lkdtm: Fix expected text for free poison

testing commit 0acbdbc7205cf754e76c4f234dde4fa42316f50d with gcc (GCC) 10.2.1 20210217
kernel signature: 8ebd0ebea0f743f9db52164f1dd5e3bbef240826f49f9f570ddc9541d8cbc323
all runs: OK
# git bisect good 0acbdbc7205cf754e76c4f234dde4fa42316f50d
Bisecting: 2 revisions left to test after this (roughly 1 step)
[9c4f6ebc3665b33f15ee97ba1eb2c9bed341b8e6] lkdtm/heap: Add vmalloc linear overflow test

testing commit 9c4f6ebc3665b33f15ee97ba1eb2c9bed341b8e6 with gcc (GCC) 10.2.1 20210217
kernel signature: 8ebd0ebea0f743f9db52164f1dd5e3bbef240826f49f9f570ddc9541d8cbc323
all runs: OK
# git bisect good 9c4f6ebc3665b33f15ee97ba1eb2c9bed341b8e6
Bisecting: 0 revisions left to test after this (roughly 1 step)
[5b777131bd8005acaf7e9d6e7690214155f42890] lkdtm: Add CONFIG hints in errors where possible

testing commit 5b777131bd8005acaf7e9d6e7690214155f42890 with gcc (GCC) 10.2.1 20210217
kernel signature: 8ebd0ebea0f743f9db52164f1dd5e3bbef240826f49f9f570ddc9541d8cbc323
all runs: OK
# git bisect good 5b777131bd8005acaf7e9d6e7690214155f42890
b61ce4d81ba29d0b70487635105e12ec44c3a873 is the first bad commit
commit b61ce4d81ba29d0b70487635105e12ec44c3a873
Author: Kees Cook <keescook@chromium.org>
Date:   Wed Jun 23 13:39:35 2021 -0700

    selftests/lkdtm: Enable various testable CONFIGs
    
    Add a handful of LKDTM-testable features that depend on certain CONFIGs
    so that they are visible in logs for CI systems that run the selftests.
    Others could be added, but may be seen as having too high a trade-off
    for general testing.
    
    Cc: kernelci@groups.io
    Suggested-by: Guillaume Tucker <guillaume.tucker@collabora.com>
    Signed-off-by: Kees Cook <keescook@chromium.org>
    Link: https://lore.kernel.org/r/20210623203936.3151093-9-keescook@chromium.org
    Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

 tools/testing/selftests/lkdtm/config | 6 ++++++
 1 file changed, 6 insertions(+)

culprit signature: 8ebd0ebea0f743f9db52164f1dd5e3bbef240826f49f9f570ddc9541d8cbc323
parent  signature: 8ebd0ebea0f743f9db52164f1dd5e3bbef240826f49f9f570ddc9541d8cbc323
Reproducer flagged being flaky
revisions tested: 16, total time: 4h55m41.526597664s (build: 1h53m26.148901141s, test: 2h59m52.049806458s)
first bad commit: b61ce4d81ba29d0b70487635105e12ec44c3a873 selftests/lkdtm: Enable various testable CONFIGs
recipients (to): ["gregkh@linuxfoundation.org" "keescook@chromium.org" "linux-kselftest@vger.kernel.org" "shuah@kernel.org"]
recipients (cc): ["keescook@chromium.org" "linux-kernel@vger.kernel.org"]
crash: BUG: sleeping function called from invalid context in lock_sock_nested
BUG: sleeping function called from invalid context at net/core/sock.c:3064
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 8815, name: syz-executor.1
1 lock held by syz-executor.1/8815:
 #0: ffffffff8c1e6120 (hci_sk_list.lock){++++}-{2:2}, at: hci_sock_dev_event+0x377/0x5d0 net/bluetooth/hci_sock.c:763
Preemption disabled at:
[<0000000000000000>] 0x0
CPU: 0 PID: 8815 Comm: syz-executor.1 Not tainted 5.13.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:79 [inline]
 dump_stack+0xa5/0xe6 lib/dump_stack.c:120
 ___might_sleep.cold+0x1f1/0x237 kernel/sched/core.c:8338
 lock_sock_nested+0x1e/0xf0 net/core/sock.c:3064
 lock_sock include/net/sock.h:1610 [inline]
 hci_sock_dev_event+0x3ed/0x5d0 net/bluetooth/hci_sock.c:765
 hci_unregister_dev+0x29b/0xfb0 net/bluetooth/hci_core.c:4013
 vhci_release+0x62/0xd0 drivers/bluetooth/hci_vhci.c:340
 __fput+0x209/0x870 fs/file_table.c:280
 task_work_run+0xc0/0x160 kernel/task_work.c:164
 exit_task_work include/linux/task_work.h:32 [inline]
 do_exit+0xa26/0x2500 kernel/exit.c:826
 do_group_exit+0xe7/0x290 kernel/exit.c:923
 __do_sys_exit_group kernel/exit.c:934 [inline]
 __se_sys_exit_group kernel/exit.c:932 [inline]
 __x64_sys_exit_group+0x35/0x40 kernel/exit.c:932
 do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x4665d9
Code: Unable to access opcode bytes at RIP 0x4665af.
RSP: 002b:00007ffdf1b35688 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 00007ffdf1b35e48 RCX: 00000000004665d9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043
RBP: 0000000000000000 R08: 0000000000000025 R09: 00007ffdf1b35e48
R10: 00000000ffffffff R11: 0000000000000246 R12: 00000000004bef54
R13: 0000000000000010 R14: 0000000000000000 R15: 0000000000400538

======================================================