IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
BUG: sleeping function called from invalid context at arch/x86/mm/fault.c:1363
in_atomic(): 0, irqs_disabled(): 1, pid: 6845, name: syz-executor.1
4 locks held by syz-executor.1/6845:
 #0:  (&tty->ldisc_sem){++++}, at: [<ffffffff86218b8d>] ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:376
 #1:  (&tty->termios_rwsem){++++}, at: [<ffffffff830eb60b>] tty_unthrottle+0x1b/0xe0 drivers/tty/tty_ioctl.c:135
 #2:  (&tty->ldisc_sem){++++}, at: [<ffffffff830ee65a>] tty_ldisc_ref+0x1a/0x70 drivers/tty/tty_ldisc.c:305
 #3:  (&mm->mmap_sem){++++}, at: [<ffffffff81291599>] __do_page_fault+0x289/0xb00 arch/x86/mm/fault.c:1349
irq event stamp: 16
hardirqs last  enabled at (15): [<ffffffff8100755c>] do_syscall_64+0x4c/0x5b0 arch/x86/entry/common.c:280
hardirqs last disabled at (16): [<ffffffff813be9cc>] queue_work_on+0x8c/0x180 kernel/workqueue.c:1485
softirqs last  enabled at (0): [<ffffffff81362015>] copy_process.part.37+0x1395/0x66e0 kernel/fork.c:1714
softirqs last disabled at (0): [<          (null)>]           (null)
8021q: adding VLAN 0 to HW filter on device bond0
CPU: 0 PID: 6845 Comm: syz-executor.1 Not tainted 4.14.161-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0xf7/0x13b lib/dump_stack.c:58
 ___might_sleep.cold.86+0x1bb/0x1f4 kernel/sched/core.c:6041
 __might_sleep+0x93/0xb0 kernel/sched/core.c:5994
 __do_page_fault+0x2a6/0xb00 arch/x86/mm/fault.c:1363
 do_page_fault+0x64/0x3fb arch/x86/mm/fault.c:1495
 page_fault+0x25/0x50 arch/x86/entry/entry_64.S:1122
RIP: 0010:test_and_set_bit arch/x86/include/asm/bitops.h:220 [inline]
RIP: 0010:queue_work_on+0x8c/0x180 kernel/workqueue.c:1487
RSP: 0018:ffff8880872efa18 EFLAGS: 00010046
RAX: 0000000000000007 RBX: 0000000000000282 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88808ce4ed04
RBP: ffff8880872efa40 R08: ffff88808ce4edb0 R09: 0000000000000000
R10: 0000000000000050 R11: ffff88808ce4e4c0 R12: 0000000000000050
R13: 0000000000000040 R14: ffff8880aa8147c0 R15: ffff8880a0685e00
 queue_work include/linux/workqueue.h:491 [inline]
 schedule_work include/linux/workqueue.h:549 [inline]
 slcan_write_wakeup+0x64/0x90 drivers/net/can/slcan.c:348
 tty_wakeup+0xaf/0xe0 drivers/tty/tty_io.c:533
 pty_unthrottle+0x32/0x50 drivers/tty/pty.c:95
 tty_unthrottle+0x78/0xe0 drivers/tty/tty_ioctl.c:138
 __tty_perform_flush+0x16a/0x1d0 drivers/tty/tty_ioctl.c:860
 n_tty_ioctl_helper+0xb9/0x320 drivers/tty/tty_ioctl.c:936
 n_tty_ioctl+0x2c/0x2d0 drivers/tty/n_tty.c:2466
 tty_ioctl+0x4b2/0x1260 drivers/tty/tty_io.c:2670
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x180/0xfb0 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x74/0x80 fs/ioctl.c:692
 do_syscall_64+0x1c7/0x5b0 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x459829
RSP: 002b:00007fdf04acfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829
RDX: 0000000000000000 RSI: 000000000000540b RDI: 0000000000000003
RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdf04ad06d4
R13: 00000000004c3e0b R14: 00000000004d7dd0 R15: 00000000ffffffff
BUG: unable to handle kernel NULL pointer dereference at 0000000000000050
IP: test_and_set_bit arch/x86/include/asm/bitops.h:220 [inline]
IP: queue_work_on+0x8c/0x180 kernel/workqueue.c:1487
PGD 9d75b067 
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
P4D 9d75b067 PUD 9d75d067 PMD 0 
Oops: 0002 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 6845 Comm: syz-executor.1 Tainted: G        W       4.14.161-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff88808ce4e4c0 task.stack: ffff8880872e8000
RIP: 0010:test_and_set_bit arch/x86/include/asm/bitops.h:220 [inline]
RIP: 0010:queue_work_on+0x8c/0x180 kernel/workqueue.c:1487
RSP: 0018:ffff8880872efa18 EFLAGS: 00010046
RAX: 0000000000000007 RBX: 0000000000000282 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88808ce4ed04
RBP: ffff8880872efa40 R08: ffff88808ce4edb0 R09: 0000000000000000
R10: 0000000000000050 R11: ffff88808ce4e4c0 R12: 0000000000000050
R13: 0000000000000040 R14: ffff8880aa8147c0 R15: ffff8880a0685e00
FS:  00007fdf04ad0700(0000) GS:ffff8880aee00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000050 CR3: 000000009d75a000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 queue_work include/linux/workqueue.h:491 [inline]
 schedule_work include/linux/workqueue.h:549 [inline]
 slcan_write_wakeup+0x64/0x90 drivers/net/can/slcan.c:348
 tty_wakeup+0xaf/0xe0 drivers/tty/tty_io.c:533
 pty_unthrottle+0x32/0x50 drivers/tty/pty.c:95
 tty_unthrottle+0x78/0xe0 drivers/tty/tty_ioctl.c:138
 __tty_perform_flush+0x16a/0x1d0 drivers/tty/tty_ioctl.c:860
 n_tty_ioctl_helper+0xb9/0x320 drivers/tty/tty_ioctl.c:936
 n_tty_ioctl+0x2c/0x2d0 drivers/tty/n_tty.c:2466
 tty_ioctl+0x4b2/0x1260 drivers/tty/tty_io.c:2670
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x180/0xfb0 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x74/0x80 fs/ioctl.c:692
 do_syscall_64+0x1c7/0x5b0 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x459829
RSP: 002b:00007fdf04acfc78 EFLAGS: 00000246
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829
RDX: 0000000000000000 RSI: 000000000000540b RDI: 0000000000000003
RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdf04ad06d4
R13: 00000000004c3e0b R14: 00000000004d7dd0 R15: 00000000ffffffff
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
Code: 48 89 fa 48 c1 
8021q: adding VLAN 0 to HW filter on device team0
ea 03 80 3c 02 00 0f 85 eb 00 00 00 48 83 3d 16 80 55 06 00 0f 84 cd 00 00 00 fa 66 0f 1f 44 00 00 e8 74 93 0a 00 <f0> 41 0f ba 2c 24 00 41 bf 00 00 00 00 0f 83 93 00 00 00 f6 c7 
RIP: test_and_set_bit arch/x86/include/asm/bitops.h:220 [inline] RSP: ffff8880872efa18
RIP: queue_work_on+0x8c/0x180 kernel/workqueue.c:1487 RSP: ffff8880872efa18
CR2: 0000000000000050
---[ end trace f5480972fdd89bee ]---