bisecting fixing commit since 7f75285ca572eaabc028cf78c6ab5473d0d160be
building syzkaller on fcdb12ba70875c410749932abf39160d19c753d9
testing commit 7f75285ca572eaabc028cf78c6ab5473d0d160be
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 5a35942aaf03f046596d485c96a62c55f444cdf54b245dccfb0c73cdb1716f95
all runs: crashed: general protection fault in ieee80211_chanctx_num_assigned
testing current HEAD 455e73a07f6e288b0061dfcf4fcf54fa9fe06458
testing commit 455e73a07f6e288b0061dfcf4fcf54fa9fe06458
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: c18011b514534bbc4959a41fb12d8e8f687e693e6d1a0a3d94c8d1f9a0fa5aa5
all runs: OK
# git bisect start 455e73a07f6e288b0061dfcf4fcf54fa9fe06458 7f75285ca572eaabc028cf78c6ab5473d0d160be
Bisecting: 35114 revisions left to test after this (roughly 15 steps)
[19a31d79219cdd66484721f564ee68293dcc6c24] Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next

testing commit 19a31d79219cdd66484721f564ee68293dcc6c24
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 8aa1b001bda8d88ab8893048aad4482615127af5e367f6d8462fedd77f3d9477
all runs: crashed: general protection fault in ieee80211_chanctx_num_assigned
# git bisect good 19a31d79219cdd66484721f564ee68293dcc6c24
Bisecting: 17013 revisions left to test after this (roughly 14 steps)
[56d33754481fe0dc7436dc4ee4fbd44b3039361d] Merge tag 'drm-next-2021-11-03' of git://anongit.freedesktop.org/drm/drm

testing commit 56d33754481fe0dc7436dc4ee4fbd44b3039361d
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 240fc6c3f07eeb67f901ba51b053c955f0afc51d7c5c646714ad54d80c2d2d69
all runs: crashed: general protection fault in ieee80211_chanctx_num_assigned
# git bisect good 56d33754481fe0dc7436dc4ee4fbd44b3039361d
Bisecting: 8502 revisions left to test after this (roughly 13 steps)
[fb7d0829135a1db9abe9b8a10e42f47d5301861a] Merge tag 'usb-5.16-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb

testing commit fb7d0829135a1db9abe9b8a10e42f47d5301861a
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 77dc3246f2d493b678451d27c3f3ad132a5ed93251dc987e8c215ab55e8ab673
all runs: OK
# git bisect bad fb7d0829135a1db9abe9b8a10e42f47d5301861a
Bisecting: 4285 revisions left to test after this (roughly 12 steps)
[7fd982f394c42f25a73fe9dfbf1e6b11fa26b40a] module: change to print useful messages from elf_validity_check()

testing commit 7fd982f394c42f25a73fe9dfbf1e6b11fa26b40a
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: dc6e03280419b9ec32c5397776efd3ef45c92ec161937302fbf32517ecfd30bb
all runs: crashed: general protection fault in ieee80211_chanctx_num_assigned
# git bisect good 7fd982f394c42f25a73fe9dfbf1e6b11fa26b40a
Bisecting: 2143 revisions left to test after this (roughly 11 steps)
[1aa3b2207e889a948049c9a8016cedb0218c2389] net,lsm,selinux: revert the security_sctp_assoc_established() hook

testing commit 1aa3b2207e889a948049c9a8016cedb0218c2389
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 41bbc042678f405de416d6481982daf2953b424c7b2fdf36c66e4b79933446ee
all runs: crashed: general protection fault in ieee80211_chanctx_num_assigned
# git bisect good 1aa3b2207e889a948049c9a8016cedb0218c2389
Bisecting: 1059 revisions left to test after this (roughly 10 steps)
[c5c17547b778975b3d83a73c8d84e8fb5ecf3ba5] Merge tag 'net-5.16-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

testing commit c5c17547b778975b3d83a73c8d84e8fb5ecf3ba5
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: b6a1fb4b445475d2eeabd5e045a154fd5db5981091f9055f0128fadc58842a12
all runs: OK
# git bisect bad c5c17547b778975b3d83a73c8d84e8fb5ecf3ba5
Bisecting: 527 revisions left to test after this (roughly 9 steps)
[8d0112ac6fd001f95aabb084ec2ccaa3637bc344] Merge tag 'net-5.16-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

testing commit 8d0112ac6fd001f95aabb084ec2ccaa3637bc344
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: e48cad7a8ecbafbd4b3a13930cc6394c2da2b4f6f0b500a867162336225bd066
all runs: OK
# git bisect bad 8d0112ac6fd001f95aabb084ec2ccaa3637bc344
Bisecting: 268 revisions left to test after this (roughly 8 steps)
[35c8fad4a703fdfa009ed274f80bb64b49314cde] Merge tag 'perf-tools-for-v5.16-2021-11-13' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux

testing commit 35c8fad4a703fdfa009ed274f80bb64b49314cde
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: b516a37ea09d3b37539caba313aff7f4631a6006dc65fbaab89e588523a061df
all runs: crashed: general protection fault in ieee80211_chanctx_num_assigned
# git bisect good 35c8fad4a703fdfa009ed274f80bb64b49314cde
Bisecting: 116 revisions left to test after this (roughly 7 steps)
[c46e8ece9613b18d9554e2382a228b6e1795288d] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

testing commit c46e8ece9613b18d9554e2382a228b6e1795288d
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 896800ba8c800664b52ad75fe95786cb84992ebe54c814d057c0a3964cb1be73
all runs: crashed: general protection fault in ieee80211_chanctx_num_assigned
# git bisect good c46e8ece9613b18d9554e2382a228b6e1795288d
Bisecting: 57 revisions left to test after this (roughly 6 steps)
[e4ca7823da001d70d71793704a321fb7ae6d7b52] Merge branch 'net-fix-the-mirred-packet-drop-due-to-the-incorrect-dst'

testing commit e4ca7823da001d70d71793704a321fb7ae6d7b52
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 5d4722e021bd8a7052fd01762bf46ca97950288b3dfd65d4e3492c597d3ce1a4
all runs: OK
# git bisect bad e4ca7823da001d70d71793704a321fb7ae6d7b52
Bisecting: 28 revisions left to test after this (roughly 5 steps)
[848e5d66fa3105b4136c95ddbc5654e9c43ba7d7] Merge branch '40GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/net-queue

testing commit 848e5d66fa3105b4136c95ddbc5654e9c43ba7d7
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: bbdf1da85d4cedf9f4ca540a4e493fd6203f4d24bf63c7f5bca2c6f01aa139c7
all runs: crashed: general protection fault in ieee80211_chanctx_num_assigned
# git bisect good 848e5d66fa3105b4136c95ddbc5654e9c43ba7d7
Bisecting: 14 revisions left to test after this (roughly 4 steps)
[f083ec3160325b6eb32907279bf2960566c2b585] Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf

testing commit f083ec3160325b6eb32907279bf2960566c2b585
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: f78be729d1353c19e1db6799421ae1c9c5c852ddf2c8762e573d109028c75fd3
all runs: crashed: general protection fault in ieee80211_chanctx_num_assigned
# git bisect good f083ec3160325b6eb32907279bf2960566c2b585
Bisecting: 7 revisions left to test after this (roughly 3 steps)
[30f6cf96912b638d0ddfc325204b598f94efddc2] mac80211: fix throughput LED trigger

testing commit 30f6cf96912b638d0ddfc325204b598f94efddc2
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 57eded507bfb9bc930cdabf85f86b7cce4529c062bda5d0d271499317e6f905b
all runs: OK
# git bisect bad 30f6cf96912b638d0ddfc325204b598f94efddc2
Bisecting: 3 revisions left to test after this (roughly 2 steps)
[77dfc2bc0bb4b8376ecd7a430f27a4a8fff6a5a0] mac80211: do not access the IV when it was stripped

testing commit 77dfc2bc0bb4b8376ecd7a430f27a4a8fff6a5a0
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 77f77f12d33371b1bef9e3d2511a3ae0963a5194b728d6cae1435a65a135edf4
all runs: OK
# git bisect bad 77dfc2bc0bb4b8376ecd7a430f27a4a8fff6a5a0
Bisecting: 0 revisions left to test after this (roughly 1 step)
[ce6b69749961426c6d822215ded9e67154e1ad4f] nl80211: fix radio statistics in survey dump

testing commit ce6b69749961426c6d822215ded9e67154e1ad4f
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 4b64773ed208025519a3d5077f146c066a75a21ebbff41761370d8892c576535
all runs: OK
# git bisect bad ce6b69749961426c6d822215ded9e67154e1ad4f
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[563fbefed46ae4c1f70cffb8eb54c02df480b2c2] cfg80211: call cfg80211_stop_ap when switch from P2P_GO type

testing commit 563fbefed46ae4c1f70cffb8eb54c02df480b2c2
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 815d531626615cd246db5f255ad6a16dfaf941ebcb15ab1ca64246483b3562c5
all runs: OK
# git bisect bad 563fbefed46ae4c1f70cffb8eb54c02df480b2c2
563fbefed46ae4c1f70cffb8eb54c02df480b2c2 is the first bad commit
commit 563fbefed46ae4c1f70cffb8eb54c02df480b2c2
Author: Nguyen Dinh Phi <phind.uet@gmail.com>
Date:   Thu Oct 28 01:37:22 2021 +0800

    cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
    
    If the userspace tools switch from NL80211_IFTYPE_P2P_GO to
    NL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it
    does not call the cleanup cfg80211_stop_ap(), this leads to the
    initialization of in-use data. For example, this path re-init the
    sdata->assigned_chanctx_list while it is still an element of
    assigned_vifs list, and makes that linked list corrupt.
    
    Signed-off-by: Nguyen Dinh Phi <phind.uet@gmail.com>
    Reported-by: syzbot+bbf402b783eeb6d908db@syzkaller.appspotmail.com
    Link: https://lore.kernel.org/r/20211027173722.777287-1-phind.uet@gmail.com
    Cc: stable@vger.kernel.org
    Fixes: ac800140c20e ("cfg80211: .stop_ap when interface is going down")
    Signed-off-by: Johannes Berg <johannes.berg@intel.com>

 net/wireless/util.c | 1 +
 1 file changed, 1 insertion(+)

culprit signature: 815d531626615cd246db5f255ad6a16dfaf941ebcb15ab1ca64246483b3562c5
parent  signature: 41bbc042678f405de416d6481982daf2953b424c7b2fdf36c66e4b79933446ee
revisions tested: 18, total time: 4h12m45.04473891s (build: 2h3m0.212284993s, test: 2h7m31.647528978s)
first good commit: 563fbefed46ae4c1f70cffb8eb54c02df480b2c2 cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
recipients (to): ["davem@davemloft.net" "johannes.berg@intel.com" "kuba@kernel.org" "netdev@vger.kernel.org" "phind.uet@gmail.com"]
recipients (cc): ["johannes@sipsolutions.net" "linux-kernel@vger.kernel.org" "linux-wireless@vger.kernel.org"]