wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
=============================
WARNING: suspicious RCU usage
syzkaller #0 Not tainted
-----------------------------
net/sched/sch_generic.c:1288 suspicious rcu_dereference_protected() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
3 locks held by kworker/u8:6/1107:
 #0: ffff888074468948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3211 [inline]
 #0: ffff888074468948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 kernel/workqueue.c:3319
 #1: ffffc90003defbc0 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3212 [inline]
 #1: ffffc90003defbc0 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 kernel/workqueue.c:3319
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x153/0x2e00 drivers/net/bonding/bond_main.c:2982

stack backtrace:
CPU: 0 UID: 0 PID: 1107 Comm: kworker/u8:6 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Workqueue: bond0 bond_mii_monitor
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 lockdep_rcu_suspicious+0x140/0x1d0 kernel/locking/lockdep.c:6876
 dev_deactivate_queue+0x8f/0x1b0 net/sched/sch_generic.c:1288
 netdev_for_each_tx_queue include/linux/netdevice.h:2660 [inline]
 dev_deactivate_many+0xd3/0xd40 net/sched/sch_generic.c:1364
 dev_deactivate+0x118/0x1b0 net/sched/sch_generic.c:1401
 linkwatch_do_dev+0x10f/0x170 net/core/link_watch.c:184
 ethtool_op_get_link+0x15/0x70 net/ethtool/ioctl.c:63
 bond_check_dev_link+0x447/0x6c0 drivers/net/bonding/bond_main.c:865
 bond_miimon_inspect drivers/net/bonding/bond_main.c:2762 [inline]
 bond_mii_monitor+0x428/0x2e00 drivers/net/bonding/bond_main.c:2984
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3319
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400
 kthread+0x70e/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

=============================
WARNING: suspicious RCU usage
syzkaller #0 Not tainted
-----------------------------
./include/linux/rtnetlink.h:163 suspicious rcu_dereference_protected() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
3 locks held by kworker/u8:6/1107:
 #0: ffff888074468948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3211 [inline]
 #0: ffff888074468948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 kernel/workqueue.c:3319
 #1: ffffc90003defbc0 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3212 [inline]
 #1: ffffc90003defbc0 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 kernel/workqueue.c:3319
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x153/0x2e00 drivers/net/bonding/bond_main.c:2982

stack backtrace:
CPU: 1 UID: 0 PID: 1107 Comm: kworker/u8:6 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Workqueue: bond0 bond_mii_monitor
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 lockdep_rcu_suspicious+0x140/0x1d0 kernel/locking/lockdep.c:6876
 dev_ingress_queue include/linux/rtnetlink.h:163 [inline]
 dev_deactivate_many+0x197/0xd40 net/sched/sch_generic.c:1366
 dev_deactivate+0x118/0x1b0 net/sched/sch_generic.c:1401
 linkwatch_do_dev+0x10f/0x170 net/core/link_watch.c:184
 ethtool_op_get_link+0x15/0x70 net/ethtool/ioctl.c:63
 bond_check_dev_link+0x447/0x6c0 drivers/net/bonding/bond_main.c:865
 bond_miimon_inspect drivers/net/bonding/bond_main.c:2762 [inline]
 bond_mii_monitor+0x428/0x2e00 drivers/net/bonding/bond_main.c:2984
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3319
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400
 kthread+0x70e/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

=============================
WARNING: suspicious RCU usage
syzkaller #0 Not tainted
-----------------------------
net/sched/sch_generic.c:1304 suspicious rcu_dereference_protected() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
3 locks held by kworker/u8:6/1107:
 #0: ffff888074468948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3211 [inline]
 #0: ffff888074468948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 kernel/workqueue.c:3319
 #1: ffffc90003defbc0 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3212 [inline]
 #1: ffffc90003defbc0 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 kernel/workqueue.c:3319
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x153/0x2e00 drivers/net/bonding/bond_main.c:2982

stack backtrace:
CPU: 0 UID: 0 PID: 1107 Comm: kworker/u8:6 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Workqueue: bond0 bond_mii_monitor
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 lockdep_rcu_suspicious+0x140/0x1d0 kernel/locking/lockdep.c:6876
 dev_reset_queue+0x88/0x1b0 net/sched/sch_generic.c:1304
 netdev_for_each_tx_queue include/linux/netdevice.h:2660 [inline]
 dev_deactivate_many+0x720/0xd40 net/sched/sch_generic.c:1378
 dev_deactivate+0x118/0x1b0 net/sched/sch_generic.c:1401
 linkwatch_do_dev+0x10f/0x170 net/core/link_watch.c:184
 ethtool_op_get_link+0x15/0x70 net/ethtool/ioctl.c:63
 bond_check_dev_link+0x447/0x6c0 drivers/net/bonding/bond_main.c:865
 bond_miimon_inspect drivers/net/bonding/bond_main.c:2762 [inline]
 bond_mii_monitor+0x428/0x2e00 drivers/net/bonding/bond_main.c:2984
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3319
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400
 kthread+0x70e/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

=============================
WARNING: suspicious RCU usage
syzkaller #0 Not tainted
-----------------------------
net/sched/sch_generic.c:1335 suspicious rcu_dereference_protected() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
3 locks held by kworker/u8:6/1107:
 #0: ffff888074468948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3211 [inline]
 #0: ffff888074468948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 kernel/workqueue.c:3319
 #1: ffffc90003defbc0 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3212 [inline]
 #1: ffffc90003defbc0 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 kernel/workqueue.c:3319
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x153/0x2e00 drivers/net/bonding/bond_main.c:2982

stack backtrace:
CPU: 0 UID: 0 PID: 1107 Comm: kworker/u8:6 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Workqueue: bond0 bond_mii_monitor
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 lockdep_rcu_suspicious+0x140/0x1d0 kernel/locking/lockdep.c:6876
 some_qdisc_is_busy net/sched/sch_generic.c:1335 [inline]
 dev_deactivate_many+0xa22/0xd40 net/sched/sch_generic.c:1386
 dev_deactivate+0x118/0x1b0 net/sched/sch_generic.c:1401
 linkwatch_do_dev+0x10f/0x170 net/core/link_watch.c:184
 ethtool_op_get_link+0x15/0x70 net/ethtool/ioctl.c:63
 bond_check_dev_link+0x447/0x6c0 drivers/net/bonding/bond_main.c:865
 bond_miimon_inspect drivers/net/bonding/bond_main.c:2762 [inline]
 bond_mii_monitor+0x428/0x2e00 drivers/net/bonding/bond_main.c:2984
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3319
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400
 kthread+0x70e/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1536
in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 1107, name: kworker/u8:6
preempt_count: 0, expected: 0
RCU nest depth: 1, expected: 0
3 locks held by kworker/u8:6/1107:
 #0: ffff888074468948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3211 [inline]
 #0: ffff888074468948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 kernel/workqueue.c:3319
 #1: ffffc90003defbc0 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3212 [inline]
 #1: ffffc90003defbc0 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 kernel/workqueue.c:3319
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x153/0x2e00 drivers/net/bonding/bond_main.c:2982
CPU: 0 UID: 0 PID: 1107 Comm: kworker/u8:6 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Workqueue: bond0 bond_mii_monitor
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 __might_resched+0x495/0x610 kernel/sched/core.c:8957
 down_read+0x22/0x2e0 kernel/locking/rwsem.c:1536
 wireless_nlevent_flush net/wireless/wext-core.c:351 [inline]
 wext_netdev_notifier_call+0x28/0x110 net/wireless/wext-core.c:371
 notifier_call_chain+0x1b3/0x3e0 kernel/notifier.c:85
 netif_state_change+0x284/0x3a0 net/core/dev.c:1583
 linkwatch_do_dev+0x117/0x170 net/core/link_watch.c:186
 ethtool_op_get_link+0x15/0x70 net/ethtool/ioctl.c:63
 bond_check_dev_link+0x447/0x6c0 drivers/net/bonding/bond_main.c:865
 bond_miimon_inspect drivers/net/bonding/bond_main.c:2762 [inline]
 bond_mii_monitor+0x428/0x2e00 drivers/net/bonding/bond_main.c:2984
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3319
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400
 kthread+0x70e/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

=============================
[ BUG: Invalid wait context ]
syzkaller #0 Tainted: G        W          
-----------------------------
kworker/u8:6/1107 is trying to lock:
ffffffff8f52cb50 (net_rwsem){++++}-{4:4}, at: wireless_nlevent_flush net/wireless/wext-core.c:351 [inline]
ffffffff8f52cb50 (net_rwsem){++++}-{4:4}, at: wext_netdev_notifier_call+0x28/0x110 net/wireless/wext-core.c:371
other info that might help us debug this:
context-{5:5}
3 locks held by kworker/u8:6/1107:
 #0: ffff888074468948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3211 [inline]
 #0: ffff888074468948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 kernel/workqueue.c:3319
 #1: ffffc90003defbc0 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3212 [inline]
 #1: ffffc90003defbc0 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 kernel/workqueue.c:3319
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
 #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x153/0x2e00 drivers/net/bonding/bond_main.c:2982
stack backtrace:
CPU: 0 UID: 0 PID: 1107 Comm: kworker/u8:6 Tainted: G        W           syzkaller #0 PREEMPT(full) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Workqueue: bond0 bond_mii_monitor
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 print_lock_invalid_wait_context kernel/locking/lockdep.c:4830 [inline]
 check_wait_context kernel/locking/lockdep.c:4902 [inline]
 __lock_acquire+0xbcb/0xd20 kernel/locking/lockdep.c:5187
 lock_acquire+0x120/0x360 kernel/locking/lockdep.c:5868
 down_read+0x46/0x2e0 kernel/locking/rwsem.c:1537
 wireless_nlevent_flush net/wireless/wext-core.c:351 [inline]
 wext_netdev_notifier_call+0x28/0x110 net/wireless/wext-core.c:371
 notifier_call_chain+0x1b3/0x3e0 kernel/notifier.c:85
 netif_state_change+0x284/0x3a0 net/core/dev.c:1583
 linkwatch_do_dev+0x117/0x170 net/core/link_watch.c:186
 ethtool_op_get_link+0x15/0x70 net/ethtool/ioctl.c:63
 bond_check_dev_link+0x447/0x6c0 drivers/net/bonding/bond_main.c:865
 bond_miimon_inspect drivers/net/bonding/bond_main.c:2762 [inline]
 bond_mii_monitor+0x428/0x2e00 drivers/net/bonding/bond_main.c:2984
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3319
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400
 kthread+0x70e/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
------------[ cut here ]------------
RTNL: assertion failed at net/ipv4/devinet.c (1586)
WARNING: CPU: 0 PID: 1107 at net/ipv4/devinet.c:1586 inetdev_event+0x12b8/0x15b0 net/ipv4/devinet.c:1586
Modules linked in:
CPU: 0 UID: 0 PID: 1107 Comm: kworker/u8:6 Tainted: G        W           syzkaller #0 PREEMPT(full) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Workqueue: bond0 bond_mii_monitor
RIP: 0010:inetdev_event+0x12b8/0x15b0 net/ipv4/devinet.c:1586
Code: c4 79 01 cc e8 f9 76 bc f7 c6 05 8d 61 8a 05 01 90 48 c7 c7 20 90 9e 8c 48 c7 c6 40 8f 9e 8c ba 32 06 00 00 e8 99 12 80 f7 90 <0f> 0b 90 90 e9 a3 ee ff ff e8 ca 76 bc f7 48 89 df be 03 00 00 00
RSP: 0018:ffffc90003def460 EFLAGS: 00010246
RAX: b484393e071cf200 RBX: ffff888075232418 RCX: ffff888026b83c00
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
RBP: ffffc90003def528 R08: 0000000000000003 R09: 0000000000000004
R10: dffffc0000000000 R11: fffffbfff1bfa1f4 R12: 1ffff1100ea46483
R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000004
FS:  0000000000000000(0000) GS:ffff888125c15000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fb1f032a6b0 CR3: 000000000df36000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 notifier_call_chain+0x1b3/0x3e0 kernel/notifier.c:85
 netif_state_change+0x284/0x3a0 net/core/dev.c:1583
 linkwatch_do_dev+0x117/0x170 net/core/link_watch.c:186
 ethtool_op_get_link+0x15/0x70 net/ethtool/ioctl.c:63
 bond_check_dev_link+0x447/0x6c0 drivers/net/bonding/bond_main.c:865
 bond_miimon_inspect drivers/net/bonding/bond_main.c:2762 [inline]
 bond_mii_monitor+0x428/0x2e00 drivers/net/bonding/bond_main.c:2984
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3319
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400
 kthread+0x70e/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>