bisecting cause commit starting from cb7fb043e69a109057fa94510ff5d5602207d548
building syzkaller on 07bfe8a540418c37449ef29dfc84ccf4d15ea0e0
testing commit cb7fb043e69a109057fa94510ff5d5602207d548 with gcc (GCC) 8.1.0
kernel signature: 8a047be3363184d3863499e18360a57c656024cba56d7f7df2ea08d7d9c5ac2d
all runs: crashed: INFO: task hung in lock_sock_nested
testing release v5.9
testing commit bbf5c979011a099af5dc76498918ed7df445635b with gcc (GCC) 8.1.0
kernel signature: ae997c81c8480492441e712d3c127e3da959156d4e937c464609e101fa84e28c
all runs: OK
# git bisect start cb7fb043e69a109057fa94510ff5d5602207d548 bbf5c979011a099af5dc76498918ed7df445635b
Bisecting: 10003 revisions left to test after this (roughly 13 steps)
[4d0e9df5e43dba52d38b251e3b909df8fa1110be] lib, uaccess: add failure injection to usercopy functions
testing commit 4d0e9df5e43dba52d38b251e3b909df8fa1110be with gcc (GCC) 8.1.0
kernel signature: 19d651166031891e1c42f1a0518e05f408372acef30d76f75e5b6df6eabbfcd1
all runs: OK
# git bisect good 4d0e9df5e43dba52d38b251e3b909df8fa1110be
Bisecting: 4987 revisions left to test after this (roughly 12 steps)
[3fec0eaaf04adf5e23b2704f5490d5943fb8b0b1] Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux
testing commit 3fec0eaaf04adf5e23b2704f5490d5943fb8b0b1 with gcc (GCC) 8.1.0
kernel signature: df97becf7211df4944e69eb563de460e7fde3d9c1395c607b016894cc44c9efd
all runs: OK
# git bisect good 3fec0eaaf04adf5e23b2704f5490d5943fb8b0b1
Bisecting: 2525 revisions left to test after this (roughly 11 steps)
[8ffd778aff45be760292225049e0141255d4ad6e] tpm: efi: Don't create binary_bios_measurements file for an empty log
testing commit 8ffd778aff45be760292225049e0141255d4ad6e with gcc (GCC) 8.1.0
kernel signature: 3e6b09b40a05ad4bcc7b20c5988f523ffde85c6fec08ae25205821d0af09128a
all runs: OK
# git bisect good 8ffd778aff45be760292225049e0141255d4ad6e
Bisecting: 1262 revisions left to test after this (roughly 10 steps)
[f24afa1083b79dd348208254f8d3409bf66956c7] Merge branch 'mlxsw-preparations-for-nexthop-objects-support-part-2-2'
testing commit f24afa1083b79dd348208254f8d3409bf66956c7 with gcc (GCC) 8.1.0
kernel signature: 95b95102e8699d636593be800e90f6853769d79c09a29fe9c59948f4bc69c693
run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
reproducer seems to be flaky
# git bisect bad f24afa1083b79dd348208254f8d3409bf66956c7
Bisecting: 631 revisions left to test after this (roughly 9 steps)
[a884915f4cef940dd477e273009fe53c9ba7d656] net: stmmac: dwc-qos: Change the dwc_eth_dwmac_data's .probe prototype
testing commit a884915f4cef940dd477e273009fe53c9ba7d656 with gcc (GCC) 8.1.0
kernel signature: c2b656c61715e07c0b9c417f4e818b4da9f50612cbd4cccf05b4051ec4e3bc71
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad a884915f4cef940dd477e273009fe53c9ba7d656
Bisecting: 315 revisions left to test after this (roughly 8 steps)
[87de1f058aacc8ce4be94e36a38f77b860914a76] net: phy: add genphy_handle_interrupt_no_ack()
testing commit 87de1f058aacc8ce4be94e36a38f77b860914a76 with gcc (GCC) 8.1.0
kernel signature: 6ad25788ec2441e64814f7208b7778ca4b7f0e4abbfe7b713d549dcc49dae6d8
all runs: OK
# git bisect good 87de1f058aacc8ce4be94e36a38f77b860914a76
Bisecting: 149 revisions left to test after this (roughly 7 steps)
[fc7b66ef076644dd646eb9f11563684edc479649] Merge tag 'drm-fixes-2020-11-06-1' of git://anongit.freedesktop.org/drm/drm
testing commit fc7b66ef076644dd646eb9f11563684edc479649 with gcc (GCC) 8.1.0
kernel signature: 7151b7fdd841e3868f49d13d2167c96dc9e7d5d0d5c011819726aafc047d05eb
run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state
run #3: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad fc7b66ef076644dd646eb9f11563684edc479649
Bisecting: 83 revisions left to test after this (roughly 6 steps)
[ee51814888278677cb4384814bbe3c95f6270b50] Merge tag 's390-5.10-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
testing commit ee51814888278677cb4384814bbe3c95f6270b50 with gcc (GCC) 8.1.0
kernel signature: b7c0fee57a70cb3d5465895e6aee98bff8877ad0fbeb3aaebb7faac2c74ddba8
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad ee51814888278677cb4384814bbe3c95f6270b50
Bisecting: 40 revisions left to test after this (roughly 5 steps)
[286228d382ba6320f04fa2e7c6fc8d4d92e428f4] can: can_create_echo_skb(): fix echo skb generation: always use skb_clone()
testing commit 286228d382ba6320f04fa2e7c6fc8d4d92e428f4 with gcc (GCC) 8.1.0
kernel signature: 64b628416782eb4f7be1ca6d2ba4201ea3e49348bda283b1079be86cc0dcbe9b
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 286228d382ba6320f04fa2e7c6fc8d4d92e428f4
Bisecting: 22 revisions left to test after this (roughly 4 steps)
[859191b234f86b5f36cbe384baca1067a2221eb7] Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
testing commit 859191b234f86b5f36cbe384baca1067a2221eb7 with gcc (GCC) 8.1.0
kernel signature: bb0c977486c6b08f1d537ad8ec9151f5208055b3009908027fb8d55f4dfe5ad5
all runs: OK
# git bisect good 859191b234f86b5f36cbe384baca1067a2221eb7
Bisecting: 11 revisions left to test after this (roughly 4 steps)
[42172f44df77f83777d1b5004db99c23bd2df7a4] Merge branch 'dpaa_eth-buffer-layout-fixes'
testing commit 42172f44df77f83777d1b5004db99c23bd2df7a4 with gcc (GCC) 8.1.0
kernel signature: 7fa16ea843852b8df61a594f552fc9f907f7a67d2a11c4ea9741fbb621495c9c
run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect good 42172f44df77f83777d1b5004db99c23bd2df7a4
Bisecting: 5 revisions left to test after this (roughly 3 steps)
[1f9234401ce0aa7a05857db43c5aef290d5177e2] dt-bindings: can: add can-controller.yaml
testing commit 1f9234401ce0aa7a05857db43c5aef290d5177e2 with gcc (GCC) 8.1.0
kernel signature: 82fff512aa674c47e24a601d2f127ab21803c6c8be85e570405195fabf58d40f
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 1f9234401ce0aa7a05857db43c5aef290d5177e2
Bisecting: 2 revisions left to test after this (roughly 2 steps)
[99cab7107d914a71c57f5a4e6d34292425fbbb61] net: dsa: qca8k: Fix port MTU setting
testing commit 99cab7107d914a71c57f5a4e6d34292425fbbb61 with gcc (GCC) 8.1.0
kernel signature: 82fff512aa674c47e24a601d2f127ab21803c6c8be85e570405195fabf58d40f
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 99cab7107d914a71c57f5a4e6d34292425fbbb61
Bisecting: 0 revisions left to test after this (roughly 1 step)
[b6df8c81412190fbd5eaa3cec7f642142d9c16cd] sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms
testing commit b6df8c81412190fbd5eaa3cec7f642142d9c16cd with gcc (GCC) 8.1.0
kernel signature: 82fff512aa674c47e24a601d2f127ab21803c6c8be85e570405195fabf58d40f
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad b6df8c81412190fbd5eaa3cec7f642142d9c16cd
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[0a26ba0603d637eb6673a2ea79808cc73909ef3a] net: ethernet: ti: cpsw: disable PTPv1 hw timestamping advertisement
testing commit 0a26ba0603d637eb6673a2ea79808cc73909ef3a with gcc (GCC) 8.1.0
kernel signature: 7fa16ea843852b8df61a594f552fc9f907f7a67d2a11c4ea9741fbb621495c9c
all runs: OK
# git bisect good 0a26ba0603d637eb6673a2ea79808cc73909ef3a
b6df8c81412190fbd5eaa3cec7f642142d9c16cd is the first bad commit
commit b6df8c81412190fbd5eaa3cec7f642142d9c16cd
Author: Petr Malat <oss@malat.biz>
Date:   Fri Oct 30 14:26:33 2020 +0100

    sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms
    
    Commit 978aa0474115 ("sctp: fix some type cast warnings introduced since
    very beginning")' broke err reading from sctp_arg, because it reads the
    value as 32-bit integer, although the value is stored as 16-bit integer.
    Later this value is passed to the userspace in 16-bit variable, thus the
    user always gets 0 on big-endian platforms. Fix it by reading the __u16
    field of sctp_arg union, as reading err field would produce a sparse
    warning.
    
    Fixes: 978aa0474115 ("sctp: fix some type cast warnings introduced since very beginning")
    Signed-off-by: Petr Malat <oss@malat.biz>
    Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
    Link: https://lore.kernel.org/r/20201030132633.7045-1-oss@malat.biz
    Signed-off-by: Jakub Kicinski <kuba@kernel.org>

 net/sctp/sm_sideeffect.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
culprit signature: 82fff512aa674c47e24a601d2f127ab21803c6c8be85e570405195fabf58d40f
parent  signature: 7fa16ea843852b8df61a594f552fc9f907f7a67d2a11c4ea9741fbb621495c9c
Reproducer flagged being flaky
revisions tested: 17, total time: 4h12m21.835848377s (build: 1h15m36.998569071s, test: 2h55m8.38515712s)
first bad commit: b6df8c81412190fbd5eaa3cec7f642142d9c16cd sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms
recipients (to): ["kuba@kernel.org" "marcelo.leitner@gmail.com" "oss@malat.biz"]
recipients (cc): []
crash: BUG: sleeping function called from invalid context in sta_info_move_state
BUG: sleeping function called from invalid context at net/mac80211/sta_info.c:1962
in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 497, name: kworker/u4:5
4 locks held by kworker/u4:5/497:
 #0: ffff88811e72a538 ((wq_completion)phy7){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #0: ffff88811e72a538 ((wq_completion)phy7){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: ffff88811e72a538 ((wq_completion)phy7){+.+.}-{0:0}, at: process_one_work+0x1e6/0x600 kernel/workqueue.c:2243
 #1: ffffc9000151be70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #1: ffffc9000151be70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #1: ffffc9000151be70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x1e6/0x600 kernel/workqueue.c:2243
 #2: ffff88811e760d00 (&wdev->mtx){+.+.}-{3:3}, at: sdata_lock net/mac80211/ieee80211_i.h:1021 [inline]
 #2: ffff88811e760d00 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x36/0x420 net/mac80211/ibss.c:1683
 #3: ffffffff84bf1e40 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_finish net/mac80211/sta_info.c:644 [inline]
 #3: ffffffff84bf1e40 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_rcu+0x1c2/0xde0 net/mac80211/sta_info.c:732
Preemption disabled at:
[<ffffffff835f1710>] __mutex_lock_common kernel/locking/mutex.c:955 [inline]
[<ffffffff835f1710>] __mutex_lock+0x70/0x9f0 kernel/locking/mutex.c:1103
CPU: 1 PID: 497 Comm: kworker/u4:5 Not tainted 5.10.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: phy7 ieee80211_iface_work
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x77/0x97 lib/dump_stack.c:118
 ___might_sleep.cold.110+0xf2/0x106 kernel/sched/core.c:7298
 sta_info_move_state+0x1a/0x2b0 net/mac80211/sta_info.c:1962
 sta_info_free+0x11/0xd0 net/mac80211/sta_info.c:274
 sta_info_insert_rcu+0xd4/0xde0 net/mac80211/sta_info.c:738
 ieee80211_ibss_finish_sta+0x9e/0x120 net/mac80211/ibss.c:592
 ieee80211_ibss_work+0x10a/0x420 net/mac80211/ibss.c:1700
 process_one_work+0x273/0x600 kernel/workqueue.c:2272
 worker_thread+0x38/0x380 kernel/workqueue.c:2418
 kthread+0x144/0x170 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

=============================
[ BUG: Invalid wait context ]
5.10.0-rc1-syzkaller #0 Tainted: G        W        
-----------------------------
kworker/u4:5/497 is trying to lock:
ffff88811e73a9d0 (&local->chanctx_mtx){+.+.}-{3:3}, at: ieee80211_recalc_min_chandef+0x1f/0x90 net/mac80211/util.c:2740
other info that might help us debug this:
context-{4:4}
4 locks held by kworker/u4:5/497:
 #0: ffff88811e72a538 ((wq_completion)phy7){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #0: ffff88811e72a538 ((wq_completion)phy7){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: ffff88811e72a538 ((wq_completion)phy7){+.+.}-{0:0}, at: process_one_work+0x1e6/0x600 kernel/workqueue.c:2243
 #1: ffffc9000151be70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #1: ffffc9000151be70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #1: ffffc9000151be70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x1e6/0x600 kernel/workqueue.c:2243
 #2: ffff88811e760d00 (&wdev->mtx){+.+.}-{3:3}, at: sdata_lock net/mac80211/ieee80211_i.h:1021 [inline]
 #2: ffff88811e760d00 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x36/0x420 net/mac80211/ibss.c:1683
 #3: ffffffff84bf1e40 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_finish net/mac80211/sta_info.c:644 [inline]
 #3: ffffffff84bf1e40 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_rcu+0x1c2/0xde0 net/mac80211/sta_info.c:732
stack backtrace:
CPU: 1 PID: 497 Comm: kworker/u4:5 Tainted: G        W         5.10.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: phy7 ieee80211_iface_work
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x77/0x97 lib/dump_stack.c:118
 print_lock_invalid_wait_context kernel/locking/lockdep.c:4489 [inline]
 check_wait_context kernel/locking/lockdep.c:4550 [inline]
 __lock_acquire.cold.73+0x160/0x2be kernel/locking/lockdep.c:4787
 lock_acquire+0xd0/0x3d0 kernel/locking/lockdep.c:5442
 __mutex_lock_common kernel/locking/mutex.c:956 [inline]
 __mutex_lock+0x94/0x9f0 kernel/locking/mutex.c:1103
 ieee80211_recalc_min_chandef+0x1f/0x90 net/mac80211/util.c:2740
 sta_info_move_state+0x140/0x2b0 net/mac80211/sta_info.c:2019
 sta_info_free+0x11/0xd0 net/mac80211/sta_info.c:274
 sta_info_insert_rcu+0xd4/0xde0 net/mac80211/sta_info.c:738
 ieee80211_ibss_finish_sta+0x9e/0x120 net/mac80211/ibss.c:592
 ieee80211_ibss_work+0x10a/0x420 net/mac80211/ibss.c:1700
 process_one_work+0x273/0x600 kernel/workqueue.c:2272
 worker_thread+0x38/0x380 kernel/workqueue.c:2418
 kthread+0x144/0x170 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296