bisecting cause commit starting from 4082c502bf9c8a6afe4268c654d4e93ab7dfeb69
building syzkaller on 740ff4615a9ced4a8a016365aa44674b9b0e807d
testing commit 4082c502bf9c8a6afe4268c654d4e93ab7dfeb69 with gcc (GCC) 8.1.0
kernel signature: a10b9f87f909e7e37ec9d97d29840f8dbe3b75d45024aa64ed60719ec07d926e
all runs: crashed: WARNING in inet_sock_destruct
testing release v5.9
testing commit bbf5c979011a099af5dc76498918ed7df445635b with gcc (GCC) 8.1.0
kernel signature: 7123ca9ac444fa7cea0bd6d693069bab26885e9a39a632dc5f09d507172c6cff
all runs: OK
# git bisect start 4082c502bf9c8a6afe4268c654d4e93ab7dfeb69 bbf5c979011a099af5dc76498918ed7df445635b
Bisecting: 9259 revisions left to test after this (roughly 13 steps)
[4d0e9df5e43dba52d38b251e3b909df8fa1110be] lib, uaccess: add failure injection to usercopy functions
testing commit 4d0e9df5e43dba52d38b251e3b909df8fa1110be with gcc (GCC) 8.1.0
kernel signature: 7099ca77d2c942f0d704eddd303a14d7bc08bb7110838e947b45173700370232
all runs: OK
# git bisect good 4d0e9df5e43dba52d38b251e3b909df8fa1110be
Bisecting: 4613 revisions left to test after this (roughly 12 steps)
[24717cfbbbbfa415d1e3dca0f21c417e5faf8208] Merge tag 'nfsd-5.10' of git://linux-nfs.org/~bfields/linux
testing commit 24717cfbbbbfa415d1e3dca0f21c417e5faf8208 with gcc (GCC) 8.1.0
kernel signature: 4e99a7c549126dbc6085d0235dd0648a42f36e5fa6f7e52e124026ba520538b7
all runs: OK
# git bisect good 24717cfbbbbfa415d1e3dca0f21c417e5faf8208
Bisecting: 2306 revisions left to test after this (roughly 11 steps)
[7a1cc646709c531f5cb3473bfdd689a6da554505] MAINTAINERS: Update AMD POWERPLAY pattern
testing commit 7a1cc646709c531f5cb3473bfdd689a6da554505 with gcc (GCC) 8.1.0
kernel signature: dcd6c91fda12f8a7de7fe28331d4d44c14b7a25dc85cc3f0e0d623d6077ec65b
all runs: OK
# git bisect good 7a1cc646709c531f5cb3473bfdd689a6da554505
Bisecting: 1152 revisions left to test after this (roughly 10 steps)
[8ed1045bb828cd04326369cd66afeb48af2582ac] Merge branch 'net-ipa-little-fixes'
testing commit 8ed1045bb828cd04326369cd66afeb48af2582ac with gcc (GCC) 8.1.0
kernel signature: ae8e735318fd0392cd61f34018254e6f3fe1441e74c397a6ccd988a8aae29964
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
reproducer seems to be flaky
# git bisect bad 8ed1045bb828cd04326369cd66afeb48af2582ac
Bisecting: 549 revisions left to test after this (roughly 9 steps)
[41f16530241405819ae5644b6544965ab124bbda] Merge tag 'net-5.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
testing commit 41f16530241405819ae5644b6544965ab124bbda with gcc (GCC) 8.1.0
kernel signature: 2d9a1f4875d7d21bc780cacce8386120fa3638a926fc419e0f8f8003ea2b1535
all runs: OK
# git bisect good 41f16530241405819ae5644b6544965ab124bbda
Bisecting: 274 revisions left to test after this (roughly 8 steps)
[93f323b9cccc1fc77660de49faefd11fdfd55017] mptcp: add a new sysctl add_addr_timeout
testing commit 93f323b9cccc1fc77660de49faefd11fdfd55017 with gcc (GCC) 8.1.0
kernel signature: 393c524a846668dfd5cd2f3c6b2fcbe6855f6f4e32371d4e0e926b0ecdcffe99
all runs: OK
# git bisect good 93f323b9cccc1fc77660de49faefd11fdfd55017
Bisecting: 150 revisions left to test after this (roughly 7 steps)
[bf3e76289cd28b87f679cd53e26d67fd708d718a] Merge branch 'mtd/fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux
testing commit bf3e76289cd28b87f679cd53e26d67fd708d718a with gcc (GCC) 8.1.0
kernel signature: aeeef7e4653af5735a72fdd7efac765768619480ba2077151fa1120cfe7ad14e
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad bf3e76289cd28b87f679cd53e26d67fd708d718a
Bisecting: 70 revisions left to test after this (roughly 6 steps)
[356583b956e620a7ef8086f14bfe971986a320b3] Merge tag 'drm-misc-fixes-2020-11-05' of git://anongit.freedesktop.org/drm/drm-misc into drm-fixes
testing commit 356583b956e620a7ef8086f14bfe971986a320b3 with gcc (GCC) 8.1.0
kernel signature: b2f3236192b1cba4c095dad8a17a7d967e110d2b917158e3e51f8f6245afa8e6
all runs: OK
# git bisect good 356583b956e620a7ef8086f14bfe971986a320b3
Bisecting: 36 revisions left to test after this (roughly 5 steps)
[fc7b66ef076644dd646eb9f11563684edc479649] Merge tag 'drm-fixes-2020-11-06-1' of git://anongit.freedesktop.org/drm/drm
testing commit fc7b66ef076644dd646eb9f11563684edc479649 with gcc (GCC) 8.1.0
kernel signature: ee45eb4566758145fa3f1668f765103d22291a074bd0b1b20e95e44f1c02b5f7
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad fc7b66ef076644dd646eb9f11563684edc479649
Bisecting: 17 revisions left to test after this (roughly 4 steps)
[30f3f68e27d14a237acc339975e18670e58927ca] Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
testing commit 30f3f68e27d14a237acc339975e18670e58927ca with gcc (GCC) 8.1.0
kernel signature: 2d9a1f4875d7d21bc780cacce8386120fa3638a926fc419e0f8f8003ea2b1535
run #0: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 30f3f68e27d14a237acc339975e18670e58927ca
Bisecting: 7 revisions left to test after this (roughly 3 steps)
[0b2ca2c7d0c9e2731d01b6c862375d44a7e13923] s390/pci: fix hot-plug of PCI function missing bus
testing commit 0b2ca2c7d0c9e2731d01b6c862375d44a7e13923 with gcc (GCC) 8.1.0
kernel signature: febfd205054150ef1da52a8bff85dd5d4dd1c5d1e55618bfa1e7bae228355760
all runs: OK
# git bisect good 0b2ca2c7d0c9e2731d01b6c862375d44a7e13923
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[4257087e8feb2e6f918eb0773eb1c1a697dd2a39] Merge tag 'arc-5.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc
testing commit 4257087e8feb2e6f918eb0773eb1c1a697dd2a39 with gcc (GCC) 8.1.0
kernel signature: 2d9a1f4875d7d21bc780cacce8386120fa3638a926fc419e0f8f8003ea2b1535
run #0: basic kernel testing failed: BUG: sleeping function called from invalid context in sta_info_move_state
run #1: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #2: crashed: BUG: sleeping function called from invalid context in sta_info_move_state
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
# git bisect bad 4257087e8feb2e6f918eb0773eb1c1a697dd2a39
Bisecting: 1 revision left to test after this (roughly 1 step)
[3b57533b460c8dc22a432684b7e8d22571f34d2e] ARC: [plat-hsdk] Remap CCMs super early in asm boot trampoline
testing commit 3b57533b460c8dc22a432684b7e8d22571f34d2e with gcc (GCC) 8.1.0
kernel signature: febfd205054150ef1da52a8bff85dd5d4dd1c5d1e55618bfa1e7bae228355760
all runs: OK
# git bisect good 3b57533b460c8dc22a432684b7e8d22571f34d2e
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[ee51814888278677cb4384814bbe3c95f6270b50] Merge tag 's390-5.10-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
testing commit ee51814888278677cb4384814bbe3c95f6270b50 with gcc (GCC) 8.1.0
kernel signature: 2d9a1f4875d7d21bc780cacce8386120fa3638a926fc419e0f8f8003ea2b1535
all runs: OK
# git bisect good ee51814888278677cb4384814bbe3c95f6270b50
4257087e8feb2e6f918eb0773eb1c1a697dd2a39 is the first bad commit
commit 4257087e8feb2e6f918eb0773eb1c1a697dd2a39
Merge: ee5181488827 3b57533b460c
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date:   Fri Nov 6 12:29:08 2020 -0800

    Merge tag 'arc-5.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc
    
    Pull ARC fixes from Vineet Gupta:
    
     - Unbork HSDKv1 platform (won't boot) due to memory map issue
    
     - Prevent stack unwinder from infinite looping
    
    * tag 'arc-5.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc:
      ARC: [plat-hsdk] Remap CCMs super early in asm boot trampoline
      ARC: stack unwinding: avoid indefinite looping

 arch/arc/kernel/head.S        | 17 ++++++++++++++++-
 arch/arc/kernel/stacktrace.c  |  7 ++++++-
 arch/arc/plat-hsdk/platform.c | 17 -----------------
 3 files changed, 22 insertions(+), 19 deletions(-)
Reproducer flagged being flaky
revisions tested: 16, total time: 3h56m6.257961858s (build: 1h12m7.586762118s, test: 2h42m23.428956033s)
first bad commit: 4257087e8feb2e6f918eb0773eb1c1a697dd2a39 Merge tag 'arc-5.10-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc
recipients (to): ["torvalds@linux-foundation.org"]
recipients (cc): []
crash: BUG: sleeping function called from invalid context in sta_info_move_state
BUG: sleeping function called from invalid context at net/mac80211/sta_info.c:1962
in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 8, name: kworker/u4:0
4 locks held by kworker/u4:0/8:
 #0: ffff88811ed30938 ((wq_completion)phy14){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #0: ffff88811ed30938 ((wq_completion)phy14){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: ffff88811ed30938 ((wq_completion)phy14){+.+.}-{0:0}, at: process_one_work+0x1e6/0x600 kernel/workqueue.c:2243
 #1: ffffc90000c97e70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #1: ffffc90000c97e70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #1: ffffc90000c97e70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x1e6/0x600 kernel/workqueue.c:2243
 #2: ffff88811edc4d00 (&wdev->mtx){+.+.}-{3:3}, at: sdata_lock net/mac80211/ieee80211_i.h:1021 [inline]
 #2: ffff88811edc4d00 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x36/0x420 net/mac80211/ibss.c:1683
 #3: ffffffff84bf1e40 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_finish net/mac80211/sta_info.c:644 [inline]
 #3: ffffffff84bf1e40 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_rcu+0x1c2/0xde0 net/mac80211/sta_info.c:732
Preemption disabled at:
[<ffffffff835f2990>] __mutex_lock_common kernel/locking/mutex.c:955 [inline]
[<ffffffff835f2990>] __mutex_lock+0x70/0x9f0 kernel/locking/mutex.c:1103
CPU: 1 PID: 8 Comm: kworker/u4:0 Not tainted 5.10.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: phy14 ieee80211_iface_work
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x77/0x97 lib/dump_stack.c:118
 ___might_sleep.cold.110+0xf2/0x106 kernel/sched/core.c:7298
 sta_info_move_state+0x1a/0x2b0 net/mac80211/sta_info.c:1962
 sta_info_free+0x11/0xd0 net/mac80211/sta_info.c:274
 sta_info_insert_rcu+0xd4/0xde0 net/mac80211/sta_info.c:738
 ieee80211_ibss_finish_sta+0x9e/0x120 net/mac80211/ibss.c:592
 ieee80211_ibss_work+0x10a/0x420 net/mac80211/ibss.c:1700
 process_one_work+0x273/0x600 kernel/workqueue.c:2272
 worker_thread+0x38/0x380 kernel/workqueue.c:2418
 kthread+0x144/0x170 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

=============================
[ BUG: Invalid wait context ]
5.10.0-rc2-syzkaller #0 Tainted: G        W        
-----------------------------
kworker/u4:0/8 is trying to lock:
ffff88811ed529d0 (&local->chanctx_mtx){+.+.}-{3:3}, at: ieee80211_recalc_min_chandef+0x1f/0x90 net/mac80211/util.c:2740
other info that might help us debug this:
context-{4:4}
4 locks held by kworker/u4:0/8:
 #0: ffff88811ed30938 ((wq_completion)phy14){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #0: ffff88811ed30938 ((wq_completion)phy14){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: ffff88811ed30938 ((wq_completion)phy14){+.+.}-{0:0}, at: process_one_work+0x1e6/0x600 kernel/workqueue.c:2243
 #1: ffffc90000c97e70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #1: ffffc90000c97e70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #1: ffffc90000c97e70 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x1e6/0x600 kernel/workqueue.c:2243
 #2: ffff88811edc4d00 (&wdev->mtx){+.+.}-{3:3}, at: sdata_lock net/mac80211/ieee80211_i.h:1021 [inline]
 #2: ffff88811edc4d00 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_work+0x36/0x420 net/mac80211/ibss.c:1683
 #3: ffffffff84bf1e40 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_finish net/mac80211/sta_info.c:644 [inline]
 #3: ffffffff84bf1e40 (rcu_read_lock){....}-{1:2}, at: sta_info_insert_rcu+0x1c2/0xde0 net/mac80211/sta_info.c:732
stack backtrace:
CPU: 0 PID: 8 Comm: kworker/u4:0 Tainted: G        W         5.10.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: phy14 ieee80211_iface_work
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x77/0x97 lib/dump_stack.c:118
 print_lock_invalid_wait_context kernel/locking/lockdep.c:4483 [inline]
 check_wait_context kernel/locking/lockdep.c:4544 [inline]
 __lock_acquire.cold.73+0x160/0x2be kernel/locking/lockdep.c:4781
 lock_acquire+0xd0/0x3d0 kernel/locking/lockdep.c:5436
 __mutex_lock_common kernel/locking/mutex.c:956 [inline]
 __mutex_lock+0x94/0x9f0 kernel/locking/mutex.c:1103
 ieee80211_recalc_min_chandef+0x1f/0x90 net/mac80211/util.c:2740
 sta_info_move_state+0x140/0x2b0 net/mac80211/sta_info.c:2019
 sta_info_free+0x11/0xd0 net/mac80211/sta_info.c:274
 sta_info_insert_rcu+0xd4/0xde0 net/mac80211/sta_info.c:738
 ieee80211_ibss_finish_sta+0x9e/0x120 net/mac80211/ibss.c:592
 ieee80211_ibss_work+0x10a/0x420 net/mac80211/ibss.c:1700
 process_one_work+0x273/0x600 kernel/workqueue.c:2272
 worker_thread+0x38/0x380 kernel/workqueue.c:2418
 kthread+0x144/0x170 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
BUG: sleeping function called from invalid context at net/mac80211/sta_info.c:1962
in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 8, name: kworker/u4:0
INFO: lockdep is turned off.
Preemption disabled at:
[<ffffffff8100203d>] preempt_schedule_thunk+0x16/0x18 arch/x86/entry/thunk_64.S:40
CPU: 1 PID: 8 Comm: kworker/u4:0 Tainted: G        W         5.10.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: phy14 ieee80211_iface_work
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x77/0x97 lib/dump_stack.c:118
 ___might_sleep.cold.110+0xf2/0x106 kernel/sched/core.c:7298
 sta_info_move_state+0x1a/0x2b0 net/mac80211/sta_info.c:1962
 sta_info_free+0x11/0xd0 net/mac80211/sta_info.c:274
 sta_info_insert_rcu+0xd4/0xde0 net/mac80211/sta_info.c:738
 ieee80211_ibss_finish_sta+0x9e/0x120 net/mac80211/ibss.c:592
 ieee80211_ibss_work+0x10a/0x420 net/mac80211/ibss.c:1700
 process_one_work+0x273/0x600 kernel/workqueue.c:2272
 worker_thread+0x38/0x380 kernel/workqueue.c:2418
 kthread+0x144/0x170 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296