[ 407.166135] BUG: sleeping function called from invalid context at net/core/sock.c:2863 [ 407.175389] in_atomic(): 1, irqs_disabled(): 0, pid: 29094, name: syz-executor.3 [ 407.183217] 1 lock held by syz-executor.3/29094: [ 407.188046] #0: 00000000d88a308c (hci_sk_list.lock){++++}, at: hci_sock_dev_event+0x335/0x530 [ 407.196962] Preemption disabled at: [ 407.196975] [] hci_sock_dev_event+0x335/0x530 [ 407.207025] CPU: 1 PID: 29094 Comm: syz-executor.3 Not tainted 4.19.197-syzkaller #0 [ 407.215043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.224740] Call Trace: [ 407.227616] dump_stack+0x17c/0x226 [ 407.231510] ? hci_sock_dev_event+0x335/0x530 [ 407.236423] ___might_sleep.cold.15+0x1f1/0x265 [ 407.241608] __might_sleep+0x95/0x190 [ 407.245585] lock_sock_nested+0x24/0x100 [ 407.249903] hci_sock_dev_event+0x39a/0x530 [ 407.254488] ? hci_send_monitor_ctrl_event+0x4b0/0x4b0 [ 407.260370] ? ksm_scan_thread+0x1090/0x35a0 [ 407.264812] hci_unregister_dev+0x207/0x7a0 [ 407.269121] vhci_release+0x6b/0xe0 [ 407.272753] __fput+0x249/0x7f0 [ 407.276214] ____fput+0x9/0x10 [ 407.279664] task_work_run+0x108/0x180 [ 407.283614] do_exit+0xa6a/0x2d90 [ 407.287143] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 407.292232] ? mm_update_next_owner+0x680/0x680 [ 407.296878] ? wait_for_completion_io+0x20/0x20 [ 407.301628] ? get_signal+0x2ba/0x1970 [ 407.305497] ? _raw_spin_unlock_irq+0x27/0x90 [ 407.310250] ? get_signal+0x2ba/0x1970 [ 407.314130] do_group_exit+0xf8/0x2c0 [ 407.317907] get_signal+0x30b/0x1970 [ 407.321597] ? __vfs_read+0x440/0x880 [ 407.325381] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 407.330395] do_signal+0x87/0x1870 [ 407.334609] ? setup_sigcontext+0x7d0/0x7d0 [ 407.338908] ? rw_verify_area+0xb8/0x2b0 [ 407.343031] ? vfs_read+0xff/0x300 [ 407.346744] ? ksys_read+0x103/0x260 [ 407.350447] ? exit_to_usermode_loop+0x3a/0x1e0 [ 407.355281] ? do_syscall_64+0x413/0x4e0 [ 407.359686] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 407.364865] ? exit_to_usermode_loop+0x3a/0x1e0 [ 407.369528] ? trace_hardirqs_on+0x28/0x190 [ 407.374686] exit_to_usermode_loop+0x159/0x1e0 [ 407.379822] do_syscall_64+0x413/0x4e0 [ 407.383701] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 407.388874] RIP: 0033:0x417aec [ 407.392081] Code: Bad RIP value. [ 407.395504] RSP: 002b:00007ffeb4e674f0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 407.403379] RAX: fffffffffffffe00 RBX: 00007ffeb4e67590 RCX: 0000000000417aec [ 407.410820] RDX: 0000000000000038 RSI: 0000000000558020 RDI: 00000000000000f9 [ 407.418089] RBP: 0000000000000003 R08: 0000000000000000 R09: 0079746972756365 [ 407.425350] R10: 00007ffeb4e66eb0 R11: 0000000000000246 R12: 00007ffeb4e675d0 [ 407.432695] R13: 000000000005f8a5 R14: 0000000000000000 R15: 0000000000000009 [ 409.547157] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 409.554201] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 409.563767] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 409.571155] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 409.579769] device bridge_slave_1 left promiscuous mode [ 409.586624] bridge0: port 2(bridge_slave_1) entered disabled state [ 409.636415] device bridge_slave_0 left promiscuous mode [ 409.642068] bridge0: port 1(bridge_slave_0) entered disabled state [ 409.687446] device veth1_macvtap left promiscuous mode [ 409.692769] device veth0_macvtap left promiscuous mode [ 409.698849] device veth1_vlan left promiscuous mode [ 409.703997] device veth0_vlan left promiscuous mode [ 413.939024] device hsr_slave_1 left promiscuous mode [ 413.977738] device hsr_slave_0 left promiscuous mode [ 414.043673] team0 (unregistering): Port device team_slave_1 removed [ 414.052754] team0 (unregistering): Port device team_slave_0 removed [ 414.062392] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 414.099715] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 414.174203] bond0 (unregistering): Released all slaves Warning: Permanently added '10.128.0.238' (ECDSA) to the list of known hosts. [ 414.352508] IPVS: ftp: loaded support on port[0] = 21 [ 415.725786] BUG: sleeping function called from invalid context at net/core/sock.c:2863 [ 415.734459] in_atomic(): 1, irqs_disabled(): 0, pid: 969, name: syz-executor418 [ 415.742254] 1 lock held by syz-executor418/969: [ 415.747013] #0: 00000000d88a308c (hci_sk_list.lock){++++}, at: hci_sock_dev_event+0x335/0x530 [ 415.756551] Preemption disabled at: [ 415.756562] [] hci_sock_dev_event+0x335/0x530 [ 415.767765] CPU: 1 PID: 969 Comm: syz-executor418 Tainted: G W 4.19.197-syzkaller #0 [ 415.777278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 415.786979] Call Trace: [ 415.789552] dump_stack+0x17c/0x226 [ 415.793413] ? hci_sock_dev_event+0x335/0x530 [ 415.798178] ___might_sleep.cold.15+0x1f1/0x265 [ 415.803025] __might_sleep+0x95/0x190 [ 415.806820] lock_sock_nested+0x24/0x100 [ 415.811027] hci_sock_dev_event+0x39a/0x530 [ 415.815779] ? hci_send_monitor_ctrl_event+0x4b0/0x4b0 [ 415.821324] hci_unregister_dev+0x207/0x7a0 [ 415.825757] vhci_release+0x6b/0xe0 [ 415.829453] __fput+0x249/0x7f0 [ 415.832813] ____fput+0x9/0x10 [ 415.835992] task_work_run+0x108/0x180 [ 415.839952] do_exit+0xa6a/0x2d90 [ 415.843383] ? madvise_willneed+0x8c0/0x8c0 [ 415.847685] ? mm_update_next_owner+0x680/0x680 [ 415.852420] ? kasan_check_write+0x14/0x20 [ 415.856823] ? fput+0x18/0x120 [ 415.860357] ? do_writev+0x259/0x330 [ 415.864149] ? ksys_read+0x1ce/0x260 [ 415.868027] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 415.873326] ? do_syscall_64+0x21/0x4e0 [ 415.877300] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 415.882905] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 415.887573] __x64_sys_exit+0x3d/0x50 [ 415.891796] do_syscall_64+0xd0/0x4e0 [ 415.895639] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 415.901175] RIP: 0033:0x403a4e [ 415.905768] Code: Bad RIP value. [ 415.909153] RSP: 002b:00007fc78c56b340 EFLAGS: 00000246 ORIG_RAX: 000000000000003c [ 415.917205] RAX: ffffffffffffffda RBX: 00007fc78c56b700 RCX: 0000000000403a4e [ 415.924917] RD