bisecting fixing commit since 7d7d1c0ab3eb7c8d8f63a126535018007823b207 building syzkaller on 09efdd63fa8ebdadeccc841b699026e73081f7e0 testing commit 7d7d1c0ab3eb7c8d8f63a126535018007823b207 compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 89f10a68e6ec3cf0c90fa9cb6d7b320c5215137b1373ee3b0cdedfc463ab948d all runs: crashed: SYZFAIL: syz_usbip_server_init: socketpair failed testing current HEAD 46914f96189be290174e378c6bf9ccadfdb9ca1e testing commit 46914f96189be290174e378c6bf9ccadfdb9ca1e compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 4d571f233cc959ad7ec1a38ee7503bf4b8ea001b10947f076d9e5e26c4892f6b all runs: crashed: unregister_netdevice: waiting for DEV to become free revisions tested: 2, total time: 26m3.002509532s (build: 16m55.54013127s, test: 8m34.871038855s) the crash still happens on HEAD commit msg: Linux 4.14.243 crash: unregister_netdevice: waiting for DEV to become free Bluetooth: hci1 command 0x0409 tx timeout Bluetooth: hci4 command 0x0409 tx timeout Bluetooth: hci5 command 0x0409 tx timeout Bluetooth: hci3 command 0x0409 tx timeout Bluetooth: hci2 command 0x0409 tx timeout unregister_netdevice: waiting for ip6gre0 to become free. Usage count = -1 Bluetooth: hci1 command 0x041b tx timeout Bluetooth: hci2 command 0x041b tx timeout Bluetooth: hci3 command 0x041b tx timeout Bluetooth: hci5 command 0x041b tx timeout Bluetooth: hci4 command 0x041b tx timeout Bluetooth: hci1 command 0x040f tx timeout Bluetooth: hci4 command 0x040f tx timeout Bluetooth: hci5 command 0x040f tx timeout Bluetooth: hci3 command 0x040f tx timeout Bluetooth: hci2 command 0x040f tx timeout Bluetooth: hci1 command 0x0419 tx timeout Bluetooth: hci2 command 0x0419 tx timeout Bluetooth: hci3 command 0x0419 tx timeout Bluetooth: hci5 command 0x0419 tx timeout Bluetooth: hci4 command 0x0419 tx timeout BUG: sleeping function called from invalid context at net/core/sock.c:2787 in_atomic(): 1, irqs_disabled(): 0, pid: 8338, name: syz-executor.4 1 lock held by syz-executor.4/8338: #0: (hci_sk_list.lock){++++}, at: [] hci_sock_dev_event+0x348/0x5c0 net/bluetooth/hci_sock.c:751 Preemption disabled at: [] hci_sock_dev_event+0x348/0x5c0 net/bluetooth/hci_sock.c:751 CPU: 1 PID: 8338 Comm: syz-executor.4 Not tainted 4.14.243-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x14b/0x1e7 lib/dump_stack.c:58 ___might_sleep.cold.19+0x1f1/0x265 kernel/sched/core.c:6038 __might_sleep+0x93/0xb0 kernel/sched/core.c:5991 lock_sock_nested+0x24/0x100 net/core/sock.c:2787 lock_sock include/net/sock.h:1471 [inline] hci_sock_dev_event+0x3cc/0x5c0 net/bluetooth/hci_sock.c:753 hci_unregister_dev+0x20b/0x870 net/bluetooth/hci_core.c:3212 vhci_release+0x6b/0xe0 drivers/bluetooth/hci_vhci.c:354 __fput+0x232/0x740 fs/file_table.c:210 ____fput+0x9/0x10 fs/file_table.c:244 task_work_run+0xe5/0x170 kernel/task_work.c:113 exit_task_work include/linux/task_work.h:22 [inline] do_exit+0x98b/0x2c90 kernel/exit.c:868 do_group_exit+0xf8/0x2c0 kernel/exit.c:965 SYSC_exit_group kernel/exit.c:976 [inline] SyS_exit_group+0x18/0x20 kernel/exit.c:974 do_syscall_64+0x1c7/0x5b0 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x4665f9 RSP: 002b:00007ffdca6045f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 00007ffdca604db8 RCX: 00000000004665f9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 RBP: 0000000000000000 R08: 0000000000000025 R09: 00007ffdca604db8 R10: 00000000ffffffff R11: 0000000000000246 R12: 00000000004bef7c R13: 0000000000000010 R14: 0000000000000000 R15: 0000000000400538