bisecting cause commit starting from 034307507118f7e1b18f8403c85af2216da2dc94
building syzkaller on 1bf9a662c66aa432ff2fe3bf2562578cef626c09
testing commit 034307507118f7e1b18f8403c85af2216da2dc94 with gcc (GCC) 8.1.0
kernel signature: f75d3bb2cbc6bbd09ba59900edaf392afc64d30f8c85626791310021a426d221
all runs: crashed: possible deadlock in brd_probe
testing release v5.9
testing commit bbf5c979011a099af5dc76498918ed7df445635b with gcc (GCC) 8.1.0
kernel signature: a82b63d060ceb014a456a27cdef2f1ec1d15fc82de1427bc4784201d6479e67b
all runs: OK
# git bisect start 034307507118f7e1b18f8403c85af2216da2dc94 bbf5c979011a099af5dc76498918ed7df445635b
Bisecting: 11028 revisions left to test after this (roughly 14 steps)
[96685f8666714233d34abb71b242448c80077536] Merge tag 'powerpc-5.10-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux
testing commit 96685f8666714233d34abb71b242448c80077536 with gcc (GCC) 8.1.0
kernel signature: 90f01d7c30287463aad6dabf044b191cdef2fb560210b6bec6eb75c471acb69c
all runs: OK
# git bisect good 96685f8666714233d34abb71b242448c80077536
Bisecting: 5516 revisions left to test after this (roughly 13 steps)
[0064c5c1b3bf2a695c772c90e8dea38426a870ff] net: xfrm: use core API for updating/providing stats
testing commit 0064c5c1b3bf2a695c772c90e8dea38426a870ff with gcc (GCC) 8.1.0
kernel signature: 0024dc8a2a8c71b3419aef784de0f80db40f25186f3c3bf0f65d48acf469e96e
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 0064c5c1b3bf2a695c772c90e8dea38426a870ff
Bisecting: 2787 revisions left to test after this (roughly 12 steps)
[e731f3146ff3bba5424b40140e1a7e6f92e94964] Merge tag 'armsoc-soc' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
testing commit e731f3146ff3bba5424b40140e1a7e6f92e94964 with gcc (GCC) 8.1.0
kernel signature: c31bf147fb855e8df9d498822527e71883a6ef7f129b725bf10c74d9bf445833
all runs: OK
# git bisect good e731f3146ff3bba5424b40140e1a7e6f92e94964
Bisecting: 1393 revisions left to test after this (roughly 11 steps)
[d598cc6a2d45321a2a662742f8c38b43021e36e0] selftests: net: bridge: add test for mldv2 exclude timeout
testing commit d598cc6a2d45321a2a662742f8c38b43021e36e0 with gcc (GCC) 8.1.0
kernel signature: bfbc2a89931ff763b3b6785f4fab9d88c3076d8748e3efbc8cf8aa0d8b1bd242
all runs: OK
# git bisect good d598cc6a2d45321a2a662742f8c38b43021e36e0
Bisecting: 696 revisions left to test after this (roughly 10 steps)
[86bbf01977b4fdfffc8cab46e398ff279380b194] Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf
testing commit 86bbf01977b4fdfffc8cab46e398ff279380b194 with gcc (GCC) 8.1.0
kernel signature: 2f380ceea4dacbe6be96ea1ad5d093846bd5cd02f77f37a4a98d71235b745aa3
run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 86bbf01977b4fdfffc8cab46e398ff279380b194
Bisecting: 348 revisions left to test after this (roughly 9 steps)
[8c14577df4cd5c6d8b799bdfb3a0e94923f17d50] Merge branches 'pm-cpufreq', 'pm-cpuidle', 'pm-opp' and 'powercap'
testing commit 8c14577df4cd5c6d8b799bdfb3a0e94923f17d50 with gcc (GCC) 8.1.0
kernel signature: a29d373b6386ea59c3e0754e76e0105fa203da1e53c253f2c2d46f49b03430a5
all runs: OK
# git bisect good 8c14577df4cd5c6d8b799bdfb3a0e94923f17d50
Bisecting: 147 revisions left to test after this (roughly 8 steps)
[41f16530241405819ae5644b6544965ab124bbda] Merge tag 'net-5.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
testing commit 41f16530241405819ae5644b6544965ab124bbda with gcc (GCC) 8.1.0
kernel signature: fc9ba25bdc81867dbbc858e25509108aa69fed23aedeb2f392fde634af392433
run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect good 41f16530241405819ae5644b6544965ab124bbda
Bisecting: 86 revisions left to test after this (roughly 6 steps)
[356583b956e620a7ef8086f14bfe971986a320b3] Merge tag 'drm-misc-fixes-2020-11-05' of git://anongit.freedesktop.org/drm/drm-misc into drm-fixes
testing commit 356583b956e620a7ef8086f14bfe971986a320b3 with gcc (GCC) 8.1.0
kernel signature: b14cf531f00315b7b26caa851cb3b9a9d60d46ec5763bf5d4042f13c8ba03b0b
all runs: OK
# git bisect good 356583b956e620a7ef8086f14bfe971986a320b3
Bisecting: 52 revisions left to test after this (roughly 6 steps)
[fc7b66ef076644dd646eb9f11563684edc479649] Merge tag 'drm-fixes-2020-11-06-1' of git://anongit.freedesktop.org/drm/drm
testing commit fc7b66ef076644dd646eb9f11563684edc479649 with gcc (GCC) 8.1.0
kernel signature: 786029f13b0433c2c1c896c542f9c7899d8deaf5af6b0116606a5fa81be177e9
run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #3: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad fc7b66ef076644dd646eb9f11563684edc479649
Bisecting: 17 revisions left to test after this (roughly 4 steps)
[30f3f68e27d14a237acc339975e18670e58927ca] Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
testing commit 30f3f68e27d14a237acc339975e18670e58927ca with gcc (GCC) 8.1.0
kernel signature: fc9ba25bdc81867dbbc858e25509108aa69fed23aedeb2f392fde634af392433
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: crashed: INFO: task hung in __blkdev_get
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 30f3f68e27d14a237acc339975e18670e58927ca
Bisecting: 7 revisions left to test after this (roughly 3 steps)
[0b2ca2c7d0c9e2731d01b6c862375d44a7e13923] s390/pci: fix hot-plug of PCI function missing bus
testing commit 0b2ca2c7d0c9e2731d01b6c862375d44a7e13923 with gcc (GCC) 8.1.0
kernel signature: 323cc9beb607dd81715eca0d906481201e30456884c050cbfb518f272bc61665
all runs: OK
# git bisect good 0b2ca2c7d0c9e2731d01b6c862375d44a7e13923
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[4257087e8feb2e6f918eb0773eb1c1a697dd2a39] Merge tag 'arc-5.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc
testing commit 4257087e8feb2e6f918eb0773eb1c1a697dd2a39 with gcc (GCC) 8.1.0
kernel signature: fc9ba25bdc81867dbbc858e25509108aa69fed23aedeb2f392fde634af392433
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 4257087e8feb2e6f918eb0773eb1c1a697dd2a39
Bisecting: 1 revision left to test after this (roughly 1 step)
[3b57533b460c8dc22a432684b7e8d22571f34d2e] ARC: [plat-hsdk] Remap CCMs super early in asm boot trampoline
testing commit 3b57533b460c8dc22a432684b7e8d22571f34d2e with gcc (GCC) 8.1.0
kernel signature: 323cc9beb607dd81715eca0d906481201e30456884c050cbfb518f272bc61665
all runs: OK
# git bisect good 3b57533b460c8dc22a432684b7e8d22571f34d2e
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[ee51814888278677cb4384814bbe3c95f6270b50] Merge tag 's390-5.10-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
testing commit ee51814888278677cb4384814bbe3c95f6270b50 with gcc (GCC) 8.1.0
kernel signature: fc9ba25bdc81867dbbc858e25509108aa69fed23aedeb2f392fde634af392433
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad ee51814888278677cb4384814bbe3c95f6270b50
ee51814888278677cb4384814bbe3c95f6270b50 is the first bad commit
commit ee51814888278677cb4384814bbe3c95f6270b50
Merge: 41f165302414 0b2ca2c7d0c9
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date:   Fri Nov 6 12:21:33 2020 -0800

    Merge tag 's390-5.10-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
    
    Pull s390 fixes from Heiko Carstens:
    
     - fix reference counting for ap devices
    
     - fix paes selftest
    
     - fix pmd_deref()/pud_deref() so they can also handle large pages
    
     - remove unused vdso file and defines
    
     - update defconfigs
    
     - call rcu_cpu_starting() early in smp init code to avoid lockdep
       warnings
    
     - fix hotplug of PCI function missing bus
    
    * tag 's390-5.10-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
      s390/pci: fix hot-plug of PCI function missing bus
      s390/smp: move rcu_cpu_starting() earlier
      s390/pkey: fix paes selftest failure with paes and pkey static build
      s390: update defconfigs
      s390/vdso: remove unused constants
      s390/vdso: remove empty unused file
      s390/mm: make pmd/pud_deref() large page aware
      s390/ap: fix ap devices reference counting

 arch/s390/configs/debug_defconfig    | 10 ++++---
 arch/s390/configs/defconfig          |  9 ++++---
 arch/s390/configs/zfcpdump_defconfig |  2 +-
 arch/s390/include/asm/pgtable.h      | 52 +++++++++++++++++++++---------------
 arch/s390/include/asm/vdso/vdso.h    |  0
 arch/s390/kernel/asm-offsets.c       |  8 ------
 arch/s390/kernel/smp.c               |  3 ++-
 arch/s390/pci/pci_event.c            |  4 +++
 drivers/s390/crypto/ap_bus.c         | 14 ++++++++--
 drivers/s390/crypto/pkey_api.c       | 30 +++++++++++----------
 drivers/s390/crypto/zcrypt_card.c    | 13 +++++----
 drivers/s390/crypto/zcrypt_queue.c   |  6 +----
 12 files changed, 85 insertions(+), 66 deletions(-)
 delete mode 100644 arch/s390/include/asm/vdso/vdso.h
revisions tested: 16, total time: 3h41m2.03737406s (build: 1h11m55.151853529s, test: 2h27m25.837616175s)
first bad commit: ee51814888278677cb4384814bbe3c95f6270b50 Merge tag 's390-5.10-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
recipients (to): ["torvalds@linux-foundation.org"]
recipients (cc): []
crash: BUG: sleeping function called from invalid context in sta_info_move_state
wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
BUG: sleeping function called from invalid context at net/mac80211/sta_info.c:1962
in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 8, name: kworker/u4:0
4 locks held by kworker/u4:0/8:
 #0: ffff88811f648538 ((wq_completion)phy11){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #0: ffff88811f648538 ((wq_completion)phy11){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: ffff88811f648538 ((wq_completion)phy11){+.+.}-{0:0}, at: process_one_work+0x1e6/0x600 kernel/workqueue.c:2243
 #1: ffffc90000c97e70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #1: ffffc90000c97e70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #1: ffffc90000c97e70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x1e6/0x600 kernel/workqueue.c:2243
 #2: 
ffff88811f67cd00 (&wdev->mtx){+.+.}-{3:3}, at: sdata_lock net/mac80211/ieee80211_i.h:1021 [inline]
ffff88811f67cd00 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x36/0x420 net/mac80211/ibss.c:1683
 #3: ffffffff84bf1e40 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_finish net/mac80211/sta_info.c:644 [inline]
 #3: ffffffff84bf1e40 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_rcu+0x1c2/0xde0 net/mac80211/sta_info.c:732
Preemption disabled at:
[<ffffffff835f2a00>] __mutex_lock_common kernel/locking/mutex.c:955 [inline]
[<ffffffff835f2a00>] __mutex_lock+0x70/0x9f0 kernel/locking/mutex.c:1103
CPU: 1 PID: 8 Comm: kworker/u4:0 Not tainted 5.10.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: phy11 ieee80211_iface_work
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x77/0x97 lib/dump_stack.c:118
 ___might_sleep.cold.110+0xf2/0x106 kernel/sched/core.c:7298
 sta_info_move_state+0x1a/0x2b0 net/mac80211/sta_info.c:1962
 sta_info_free+0x11/0xd0 net/mac80211/sta_info.c:274
 sta_info_insert_rcu+0xd4/0xde0 net/mac80211/sta_info.c:738
 ieee80211_ibss_finish_sta+0x9e/0x120 net/mac80211/ibss.c:592
 ieee80211_ibss_work+0x10a/0x420 net/mac80211/ibss.c:1700
 process_one_work+0x273/0x600 kernel/workqueue.c:2272
 worker_thread+0x38/0x380 kernel/workqueue.c:2418
 kthread+0x144/0x170 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

=============================
[ BUG: Invalid wait context ]
5.10.0-rc2-syzkaller #0 Tainted: G        W        
-----------------------------
kworker/u4:0/8 is trying to lock:
ffff88811f6529d0 (&local->chanctx_mtx){+.+.}-{3:3}, at: ieee80211_recalc_min_chandef+0x1f/0x90 net/mac80211/util.c:2740
other info that might help us debug this:
context-{4:4}
4 locks held by kworker/u4:0/8:
 #0: ffff88811f648538 ((wq_completion)phy11){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #0: ffff88811f648538 ((wq_completion)phy11){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: ffff88811f648538 ((wq_completion)phy11){+.+.}-{0:0}, at: process_one_work+0x1e6/0x600 kernel/workqueue.c:2243
 #1: ffffc90000c97e70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #1: ffffc90000c97e70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #1: ffffc90000c97e70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x1e6/0x600 kernel/workqueue.c:2243
 #2: ffff88811f67cd00 (&wdev->mtx){+.+.}-{3:3}, at: sdata_lock net/mac80211/ieee80211_i.h:1021 [inline]
 #2: ffff88811f67cd00 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x36/0x420 net/mac80211/ibss.c:1683
 #3: ffffffff84bf1e40 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_finish net/mac80211/sta_info.c:644 [inline]
 #3: ffffffff84bf1e40 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_rcu+0x1c2/0xde0 net/mac80211/sta_info.c:732
stack backtrace:
CPU: 1 PID: 8 Comm: kworker/u4:0 Tainted: G        W         5.10.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: phy11 ieee80211_iface_work
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x77/0x97 lib/dump_stack.c:118
 print_lock_invalid_wait_context kernel/locking/lockdep.c:4483 [inline]
 check_wait_context kernel/locking/lockdep.c:4544 [inline]
 __lock_acquire.cold.73+0x160/0x2be kernel/locking/lockdep.c:4781
 lock_acquire+0xd0/0x3d0 kernel/locking/lockdep.c:5436
 __mutex_lock_common kernel/locking/mutex.c:956 [inline]
 __mutex_lock+0x94/0x9f0 kernel/locking/mutex.c:1103
 ieee80211_recalc_min_chandef+0x1f/0x90 net/mac80211/util.c:2740
 sta_info_move_state+0x140/0x2b0 net/mac80211/sta_info.c:2019
 sta_info_free+0x11/0xd0 net/mac80211/sta_info.c:274
 sta_info_insert_rcu+0xd4/0xde0 net/mac80211/sta_info.c:738
 ieee80211_ibss_finish_sta+0x9e/0x120 net/mac80211/ibss.c:592
 ieee80211_ibss_work+0x10a/0x420 net/mac80211/ibss.c:1700
 process_one_work+0x273/0x600 kernel/workqueue.c:2272
 worker_thread+0x38/0x380 kernel/workqueue.c:2418
 kthread+0x144/0x170 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296