bisecting cause commit starting from 34d1d36073ea4d4c532e8c8345627a9702be799e building syzkaller on 0fc5c330fea4b4129567aaa44ea5a134cb850bbb testing commit 34d1d36073ea4d4c532e8c8345627a9702be799e compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: fd8535dea3f75d598bcfd28bc21f914aed8ea48af58d49ce23f78c2c7ff293c9 all runs: crashed: WARNING in cfg80211_ch_switch_notify testing release v5.18 testing commit 4b0986a3613c92f4ec1bdc7f60ec66fea135991f compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 0610ed162499f4d84cf50bc7f89f1e654d9bd114fe023ab7cb07243edffbb2d9 all runs: OK # git bisect start 34d1d36073ea4d4c532e8c8345627a9702be799e 4b0986a3613c92f4ec1bdc7f60ec66fea135991f Bisecting: 9729 revisions left to test after this (roughly 13 steps) [bf9095424d027e942e1d1ee74977e17b7df8e455] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm testing commit bf9095424d027e942e1d1ee74977e17b7df8e455 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8d652422bad1b6cdab6721f0e494ab4076ac24f8a319c1b4e26cfe1942caf80a all runs: OK # git bisect good bf9095424d027e942e1d1ee74977e17b7df8e455 Bisecting: 4868 revisions left to test after this (roughly 12 steps) [6c0d09d9374c025f503d33bcef5f656e3f1dd349] Merge branch 'dt-bindings-dp83867-add-binding-for-io_impedance_ctrl-nvmem-cell' testing commit 6c0d09d9374c025f503d33bcef5f656e3f1dd349 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a6173c6dfeb0aa328546a8d7833321d1e0942c63a78a1f6f4de88facdc99abe5 all runs: OK # git bisect good 6c0d09d9374c025f503d33bcef5f656e3f1dd349 Bisecting: 2453 revisions left to test after this (roughly 11 steps) [3d76d093616b3dde3626ad2b910612dbb6c8b2b1] Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git testing commit 3d76d093616b3dde3626ad2b910612dbb6c8b2b1 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 66303a16f41a5b4c653090922cc5b03b9c03a161047168bd7a7814386ba737fa all runs: crashed: WARNING in cfg80211_ch_switch_notify # git bisect bad 3d76d093616b3dde3626ad2b910612dbb6c8b2b1 Bisecting: 1181 revisions left to test after this (roughly 10 steps) [a5a7a07ad7ce7b897fb65622ba7876f386b04384] Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux.git testing commit a5a7a07ad7ce7b897fb65622ba7876f386b04384 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 3c509d4dfe6201c8c6ad1b53d68cd90932e08e0065432ce12ea7459b18631a9f all runs: OK # git bisect good a5a7a07ad7ce7b897fb65622ba7876f386b04384 Bisecting: 559 revisions left to test after this (roughly 9 steps) [9054f828db5d83a4400630828455290056c08046] Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git testing commit 9054f828db5d83a4400630828455290056c08046 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f39dee5e0f0b5499a2f613e31c4ce23fe9fc67a8474a9011a3ec665bbeaa1854 all runs: OK # git bisect good 9054f828db5d83a4400630828455290056c08046 Bisecting: 326 revisions left to test after this (roughly 8 steps) [e4a8864f74e9e9e4a7eb93952a4cfa35c165c930] iosys-map: Fix typo in documentation testing commit e4a8864f74e9e9e4a7eb93952a4cfa35c165c930 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 6ca48e4f563beee7cc01a0778accab76c7bb0db1ff9eb29401ee8a1b6d1c14d5 all runs: OK # git bisect good e4a8864f74e9e9e4a7eb93952a4cfa35c165c930 Bisecting: 165 revisions left to test after this (roughly 7 steps) [5e5f6db87390990bc4d6fac058d2f1f6d442eeb7] next-20220620/drm-misc testing commit 5e5f6db87390990bc4d6fac058d2f1f6d442eeb7 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 71122407aeb7ae9b00a6ad408bafefdfe5f4c2335ad93fe332b1a8b15a7ce8a8 all runs: crashed: WARNING in cfg80211_ch_switch_notify # git bisect bad 5e5f6db87390990bc4d6fac058d2f1f6d442eeb7 Bisecting: 86 revisions left to test after this (roughly 6 steps) [efbabc11650040c64884ff3019b88c7bcc0ceb1d] cfg80211: Indicate MLO connection info in connect and roam callbacks testing commit efbabc11650040c64884ff3019b88c7bcc0ceb1d compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 2b1e1156736e4494c4dde7aa1d5dee84e66e7127da74e8af722d536146d688ae run #0: crashed: WARNING in cfg80211_ch_switch_notify run #1: crashed: WARNING in cfg80211_ch_switch_notify run #2: crashed: WARNING in cfg80211_ch_switch_notify run #3: crashed: WARNING in cfg80211_ch_switch_notify run #4: crashed: WARNING in cfg80211_ch_switch_notify run #5: crashed: WARNING in cfg80211_ch_switch_notify run #6: crashed: WARNING in cfg80211_ch_switch_notify run #7: boot failed: INFO: task hung in add_early_randomness run #8: boot failed: INFO: task hung in add_early_randomness run #9: boot failed: INFO: task hung in add_early_randomness # git bisect bad efbabc11650040c64884ff3019b88c7bcc0ceb1d Bisecting: 36 revisions left to test after this (roughly 5 steps) [4b41b2ef9e0d044528062eddbf34589da95c01bc] wifi: mac80211: refactor some link setup code testing commit 4b41b2ef9e0d044528062eddbf34589da95c01bc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1b80c828dde18fadc8376ba64726a88585cd8ac8bed253d471e6ba5c930f2a46 run #0: crashed: WARNING in cfg80211_ch_switch_notify run #1: crashed: WARNING in cfg80211_ch_switch_notify run #2: crashed: WARNING in cfg80211_ch_switch_notify run #3: crashed: WARNING in cfg80211_ch_switch_notify run #4: crashed: WARNING in cfg80211_ch_switch_notify run #5: crashed: WARNING in cfg80211_ch_switch_notify run #6: crashed: WARNING in cfg80211_ch_switch_notify run #7: crashed: WARNING in cfg80211_ch_switch_notify run #8: boot failed: INFO: task hung in add_early_randomness run #9: boot failed: INFO: task hung in add_early_randomness # git bisect bad 4b41b2ef9e0d044528062eddbf34589da95c01bc Bisecting: 18 revisions left to test after this (roughly 4 steps) [9331f7d3c54a263bede5055e106e40b28d0bd937] ath11k: Fix incorrect debug_mask mappings testing commit 9331f7d3c54a263bede5055e106e40b28d0bd937 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 53303761290d8a6afd56f78973125e2ed665c91edaffddde4a72047e45195f6e all runs: OK # git bisect good 9331f7d3c54a263bede5055e106e40b28d0bd937 Bisecting: 9 revisions left to test after this (roughly 3 steps) [f276e20b182dbfc069d192fda259d85feea71143] wifi: mac80211: move interface config to new struct testing commit f276e20b182dbfc069d192fda259d85feea71143 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a88a23fab3ecf5ae9cb9512e5df92a1548a3aed0310d826c51e27599acab588c run #0: crashed: WARNING in cfg80211_ch_switch_notify run #1: crashed: WARNING in cfg80211_ch_switch_notify run #2: crashed: WARNING in cfg80211_ch_switch_notify run #3: crashed: WARNING in cfg80211_ch_switch_notify run #4: crashed: WARNING in cfg80211_ch_switch_notify run #5: crashed: WARNING in cfg80211_ch_switch_notify run #6: crashed: WARNING in cfg80211_ch_switch_notify run #7: boot failed: INFO: task hung in add_early_randomness run #8: boot failed: INFO: task hung in add_early_randomness run #9: boot failed: INFO: task hung in add_early_randomness # git bisect bad f276e20b182dbfc069d192fda259d85feea71143 Bisecting: 4 revisions left to test after this (roughly 2 steps) [cc2609eda6981d65b3b1c81e2807910d718b2b98] ath10k: fix recently introduced checkpatch warning testing commit cc2609eda6981d65b3b1c81e2807910d718b2b98 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: bb861d86e0299c7b67d9e7eff46ae311007b7fa22e9298a92df7667f82a31b7b all runs: OK # git bisect good cc2609eda6981d65b3b1c81e2807910d718b2b98 Bisecting: 2 revisions left to test after this (roughly 1 step) [92ea8df110b8ca92f9664ec7bd76dea109115348] wifi: mac80211: reject WEP or pairwise keys with key ID > 3 testing commit 92ea8df110b8ca92f9664ec7bd76dea109115348 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 2beee9a2c5a35b7aca6a7dccb23963ae831dbbc81f5f75388f33352fee73cb67 run #0: OK run #1: OK run #2: OK run #3: OK run #4: boot failed: INFO: task hung in add_early_randomness run #5: boot failed: INFO: task hung in add_early_randomness run #6: boot failed: INFO: task hung in add_early_randomness run #7: boot failed: INFO: task hung in add_early_randomness run #8: boot failed: INFO: task hung in add_early_randomness run #9: boot failed: INFO: task hung in add_early_randomness # git bisect good 92ea8df110b8ca92f9664ec7bd76dea109115348 Bisecting: 0 revisions left to test after this (roughly 1 step) [d0a9123ef548def5c8880e83e5df948eb5b55c62] wifi: mac80211: move some future per-link data to bss_conf testing commit d0a9123ef548def5c8880e83e5df948eb5b55c62 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 47b416cbae9d26aabebd59f923dd52fea59054df24420cf2deac2cfb84cae3ae run #0: crashed: WARNING in cfg80211_ch_switch_notify run #1: crashed: WARNING in cfg80211_ch_switch_notify run #2: crashed: WARNING in cfg80211_ch_switch_notify run #3: crashed: WARNING in cfg80211_ch_switch_notify run #4: crashed: WARNING in cfg80211_ch_switch_notify run #5: crashed: WARNING in cfg80211_ch_switch_notify run #6: crashed: WARNING in cfg80211_ch_switch_notify run #7: boot failed: INFO: task hung in add_early_randomness run #8: boot failed: INFO: task hung in add_early_randomness run #9: boot failed: INFO: task hung in add_early_randomness # git bisect bad d0a9123ef548def5c8880e83e5df948eb5b55c62 Bisecting: 0 revisions left to test after this (roughly 0 steps) [7b0a0e3c3a88260b6fcb017e49f198463aa62ed1] wifi: cfg80211: do some rework towards MLO link APIs testing commit 7b0a0e3c3a88260b6fcb017e49f198463aa62ed1 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: ced83f1a5330a410da169f9da582fcb60145087fe41b45383fae4c746bb5a147 run #0: crashed: WARNING in cfg80211_ch_switch_notify run #1: crashed: WARNING in cfg80211_ch_switch_notify run #2: crashed: WARNING in cfg80211_ch_switch_notify run #3: crashed: WARNING in cfg80211_ch_switch_notify run #4: crashed: WARNING in cfg80211_ch_switch_notify run #5: crashed: WARNING in cfg80211_ch_switch_notify run #6: boot failed: INFO: task hung in add_early_randomness run #7: boot failed: INFO: task hung in add_early_randomness run #8: boot failed: INFO: task hung in add_early_randomness run #9: boot failed: INFO: task hung in add_early_randomness # git bisect bad 7b0a0e3c3a88260b6fcb017e49f198463aa62ed1 7b0a0e3c3a88260b6fcb017e49f198463aa62ed1 is the first bad commit commit 7b0a0e3c3a88260b6fcb017e49f198463aa62ed1 Author: Johannes Berg Date: Thu Apr 14 16:50:57 2022 +0200 wifi: cfg80211: do some rework towards MLO link APIs In order to support multi-link operation with multiple links, start adding some APIs. The notable addition here is to have the link ID in a new nl80211 attribute, that will be used to differentiate the links in many nl80211 operations. So far, this patch adds the netlink NL80211_ATTR_MLO_LINK_ID attribute (as well as the NL80211_ATTR_MLO_LINKS attribute) and plugs it through the system in some places, checking the validity etc. along with other infrastructure needed for it. For now, I've decided to include only the over-the-air link ID in the API. I know we discussed that we eventually need to have to have other ways of identifying a link, but for local AP mode and auth/assoc commands as well as set_key etc. we'll use the OTA ID. Also included in this patch is some refactoring of the data structures in struct wireless_dev, splitting for the first time the data into type dependent pieces, to make reasoning about these things easier. Signed-off-by: Johannes Berg drivers/net/wireless/ath/ath6kl/cfg80211.c | 6 +- drivers/net/wireless/ath/wil6210/cfg80211.c | 9 +- .../broadcom/brcm80211/brcmfmac/cfg80211.c | 4 +- drivers/net/wireless/marvell/libertas/mesh.c | 10 +- drivers/net/wireless/marvell/mwifiex/11h.c | 2 +- drivers/net/wireless/marvell/mwifiex/cfg80211.c | 18 +- drivers/net/wireless/microchip/wilc1000/cfg80211.c | 3 +- drivers/net/wireless/quantenna/qtnfmac/cfg80211.c | 14 +- drivers/net/wireless/quantenna/qtnfmac/commands.c | 2 +- drivers/net/wireless/quantenna/qtnfmac/event.c | 15 +- drivers/staging/rtl8723bs/os_dep/ioctl_cfg80211.c | 4 +- include/linux/ieee80211.h | 3 + include/net/cfg80211.h | 99 +++- include/uapi/linux/nl80211.h | 28 + net/mac80211/cfg.c | 8 +- net/mac80211/mlme.c | 2 +- net/wireless/ap.c | 46 +- net/wireless/chan.c | 196 +++++-- net/wireless/core.c | 28 +- net/wireless/core.h | 13 +- net/wireless/ibss.c | 57 +- net/wireless/mesh.c | 31 +- net/wireless/mlme.c | 74 +-- net/wireless/nl80211.c | 623 +++++++++++++++------ net/wireless/ocb.c | 5 +- net/wireless/rdev-ops.h | 32 +- net/wireless/reg.c | 139 +++-- net/wireless/scan.c | 8 +- net/wireless/sme.c | 102 ++-- net/wireless/trace.h | 86 ++- net/wireless/util.c | 44 +- net/wireless/wext-compat.c | 48 +- net/wireless/wext-sme.c | 29 +- 33 files changed, 1255 insertions(+), 533 deletions(-) culprit signature: ced83f1a5330a410da169f9da582fcb60145087fe41b45383fae4c746bb5a147 parent signature: 2beee9a2c5a35b7aca6a7dccb23963ae831dbbc81f5f75388f33352fee73cb67 revisions tested: 17, total time: 4h17m19.100247298s (build: 1h54m4.297403617s, test: 2h20m38.029092865s) first bad commit: 7b0a0e3c3a88260b6fcb017e49f198463aa62ed1 wifi: cfg80211: do some rework towards MLO link APIs recipients (to): ["SHA-cyfmac-dev-list@infineon.com" "ajay.kathat@microchip.com" "amitkarwar@gmail.com" "aspriel@gmail.com" "brcm80211-dev-list.pdl@broadcom.com" "claudiu.beznea@microchip.com" "davem@davemloft.net" "edumazet@google.com" "franky.lin@broadcom.com" "ganapathi017@gmail.com" "gregkh@linuxfoundation.org" "hante.meuleman@broadcom.com" "huxinming820@gmail.com" "imitsyanko@quantenna.com" "johannes.berg@intel.com" "kuba@kernel.org" "libertas-dev@lists.infradead.org" "linux-staging@lists.linux.dev" "linux-wireless@vger.kernel.org" "netdev@vger.kernel.org" "pabeni@redhat.com" "sharvari.harisangam@nxp.com"] recipients (cc): ["fabioaiuto83@gmail.com" "geomatsi@gmail.com" "hdegoede@redhat.com" "jagathjog1996@gmail.com" "johannes@sipsolutions.net" "kvalo@kernel.org" "linux-kernel@vger.kernel.org" "loic.poulain@linaro.org" "prestwoj@gmail.com" "smoch@web.de" "ye.guojin@zte.com.cn"] crash: WARNING in cfg80211_ch_switch_notify wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 ------------[ cut here ]------------ WARNING: CPU: 0 PID: 689 at net/wireless/nl80211.c:18296 cfg80211_ch_switch_notify+0x303/0x6f0 net/wireless/nl80211.c:18284 Modules linked in: CPU: 0 PID: 689 Comm: kworker/u4:4 Not tainted 5.19.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: phy5 ieee80211_csa_finalize_work RIP: 0010:cfg80211_ch_switch_notify+0x303/0x6f0 net/wireless/nl80211.c:18296 Code: 00 00 fc ff df 4c 89 e2 48 c1 ea 03 80 3c 02 00 0f 85 d8 03 00 00 49 8b 14 24 44 89 f6 48 89 ef e8 f2 7d fc ff e9 57 ff ff ff <0f> 0b e9 50 ff ff ff 48 8d bd f8 04 00 00 48 ba 00 00 00 00 00 fc RSP: 0018:ffffc90003317c78 EFLAGS: 00010293 RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000001 RDX: 1ffff1100f551993 RSI: ffffffff890bc120 RDI: ffff88807aa8cc98 RBP: ffff88807aa8cc90 R08: 0000000000000000 R09: ffffffff8ceb1a97 R10: fffffbfff19d6352 R11: 0000000000000020 R12: ffff88807aa8d9a8 R13: ffff88807aa8c000 R14: 0000000000000000 R15: ffff88807a9a0000 FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000080 CR3: 00000000791ba000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __ieee80211_csa_finalize+0x5a6/0xa10 net/mac80211/cfg.c:3395 ieee80211_csa_finalize net/mac80211/cfg.c:3402 [inline] ieee80211_csa_finalize_work+0x100/0x130 net/mac80211/cfg.c:3427 process_one_work+0x865/0x13d0 kernel/workqueue.c:2289 worker_thread+0x598/0xec0 kernel/workqueue.c:2436 kthread+0x299/0x340 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:302