bisecting fixing commit since dd86e7fa07a3ec33c92c957ea7b642c4702516a0 building syzkaller on 23a562dfb3a9986a066a1341c2cfc9e87a8fa164 testing commit dd86e7fa07a3ec33c92c957ea7b642c4702516a0 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8d6812e3b9c2929aa6bec5ac45bb5b4544e89e651c616963090ce90b5e52beb1 run #0: basic kernel testing failed: failed to copy test binary to VM: failed to run ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "/tmp/syz-executor2326576003" "root@10.128.0.123:./syz-executor2326576003"]: exit status 1 Connection timed out during banner exchange Connection to 10.128.0.123 port 22 timed out lost connection run #1: crashed: INFO: task hung in addrconf_dad_work run #2: crashed: INFO: task hung in addrconf_dad_work run #3: crashed: INFO: task hung in addrconf_dad_work run #4: crashed: INFO: task hung in addrconf_dad_work run #5: crashed: INFO: task hung in linkwatch_event run #6: crashed: INFO: task hung in addrconf_dad_work run #7: crashed: INFO: task hung in addrconf_dad_work run #8: crashed: INFO: task hung in addrconf_dad_work run #9: crashed: INFO: task hung in addrconf_dad_work run #10: crashed: INFO: task hung in linkwatch_event run #11: crashed: INFO: task hung in linkwatch_event run #12: crashed: INFO: task hung in addrconf_dad_work run #13: crashed: INFO: task hung in linkwatch_event run #14: crashed: INFO: task hung in addrconf_dad_work run #15: crashed: INFO: task hung in linkwatch_event run #16: crashed: INFO: task hung in addrconf_dad_work run #17: crashed: INFO: task hung in linkwatch_event run #18: crashed: INFO: task hung in addrconf_dad_work run #19: crashed: INFO: task hung in linkwatch_event testing current HEAD 3123109284176b1532874591f7c81f3837bbdc17 testing commit 3123109284176b1532874591f7c81f3837bbdc17 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 938161a8dcdefe63f952727cb8820271ff37a4437f82e765ff77aca8ba8c1d7c all runs: OK # git bisect start 3123109284176b1532874591f7c81f3837bbdc17 dd86e7fa07a3ec33c92c957ea7b642c4702516a0 Bisecting: 52404 revisions left to test after this (roughly 16 steps) [07281a257a6868b900da5de1eda808c9e20253f1] Merge tag 'usb-5.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb testing commit 07281a257a6868b900da5de1eda808c9e20253f1 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 arch/x86/kernel/setup.c:916:6: error: implicit declaration of function 'acpi_mps_check' [-Werror=implicit-function-declaration] arch/x86/kernel/setup.c:1110:2: error: implicit declaration of function 'acpi_table_upgrade' [-Werror=implicit-function-declaration] arch/x86/kernel/setup.c:1112:2: error: implicit declaration of function 'acpi_boot_table_init' [-Werror=implicit-function-declaration] arch/x86/kernel/setup.c:1120:2: error: implicit declaration of function 'early_acpi_boot_init'; did you mean 'early_cpu_init'? [-Werror=implicit-function-declaration] arch/x86/kernel/setup.c:1162:2: error: implicit declaration of function 'acpi_boot_init' [-Werror=implicit-function-declaration] # git bisect skip 07281a257a6868b900da5de1eda808c9e20253f1 Bisecting: 52403 revisions left to test after this (roughly 16 steps) [ea7b4244b3656ca33b19a950f092b5bbc718b40c] x86/setup: Explicitly include acpi.h testing commit ea7b4244b3656ca33b19a950f092b5bbc718b40c compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 3324196a66a35130bb07e0438d3db7313fa02f2104d28866ebe596a3849ddbb4 run #0: crashed: INFO: task hung in linkwatch_event run #1: crashed: INFO: task hung in addrconf_dad_work run #2: crashed: INFO: task hung in addrconf_dad_work run #3: crashed: INFO: task hung in rtnetlink_rcv_msg run #4: crashed: INFO: task hung in addrconf_dad_work run #5: crashed: INFO: task hung in addrconf_dad_work run #6: crashed: INFO: task hung in addrconf_dad_work run #7: crashed: INFO: task hung in addrconf_dad_work run #8: crashed: INFO: task hung in linkwatch_event run #9: crashed: INFO: task hung in addrconf_dad_work # git bisect good ea7b4244b3656ca33b19a950f092b5bbc718b40c Bisecting: 26201 revisions left to test after this (roughly 15 steps) [bce9a0b7900836df223ab638090df0cb8430d9e8] bnxt_en: use firmware provided max timeout for messages testing commit bce9a0b7900836df223ab638090df0cb8430d9e8 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c1f5108eb555e40fc46ffa52d6e44f308d41d7806302a4debad5818f14ade034 all runs: OK # git bisect bad bce9a0b7900836df223ab638090df0cb8430d9e8 Bisecting: 12929 revisions left to test after this (roughly 14 steps) [fc02cb2b37fe2cbf1d3334b9f0f0eab9431766c4] Merge tag 'net-next-for-5.16' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next testing commit fc02cb2b37fe2cbf1d3334b9f0f0eab9431766c4 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: ad01496efbbddd49fcfd23afd65705178e2535da095e190643f35f172f45f583 all runs: crashed: INFO: rcu detected stall in netlink_sendmsg # git bisect good fc02cb2b37fe2cbf1d3334b9f0f0eab9431766c4 Bisecting: 6429 revisions left to test after this (roughly 13 steps) [0c5c62ddf88c34bc83b66e4ac9beb2bb0e1887d4] Merge tag 'pci-v5.16-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci testing commit 0c5c62ddf88c34bc83b66e4ac9beb2bb0e1887d4 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: ee00e05de98182fa35b1e2ecb469579806d7ab41491c1e2cf63b10c4c59fff88 all runs: crashed: INFO: rcu detected stall in netlink_sendmsg # git bisect good 0c5c62ddf88c34bc83b66e4ac9beb2bb0e1887d4 Bisecting: 3216 revisions left to test after this (roughly 12 steps) [944207047ca4dabe8e288f653e7ec6da05e70230] Merge tag 'usb-5.16-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb testing commit 944207047ca4dabe8e288f653e7ec6da05e70230 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f680e8f7857b6870b4c8f89844888a5fe4d28f3851e5931eb8d62884ee44f8a4 all runs: OK # git bisect bad 944207047ca4dabe8e288f653e7ec6da05e70230 Bisecting: 1577 revisions left to test after this (roughly 11 steps) [304ac8032d3fa2d37750969cd4b8d5736a1829d9] Merge tag 'drm-next-2021-11-12' of git://anongit.freedesktop.org/drm/drm testing commit 304ac8032d3fa2d37750969cd4b8d5736a1829d9 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: e5e76770d71b709b85ca2d0961096b827acc637bfe04268f952665dd6a9241a8 run #0: crashed: INFO: rcu detected stall in corrupted run #1: crashed: INFO: rcu detected stall in netlink_sendmsg run #2: crashed: INFO: rcu detected stall in netlink_sendmsg run #3: crashed: INFO: rcu detected stall in netlink_sendmsg run #4: crashed: INFO: rcu detected stall in netlink_sendmsg run #5: crashed: INFO: rcu detected stall in netlink_sendmsg run #6: crashed: INFO: rcu detected stall in netlink_sendmsg run #7: crashed: INFO: rcu detected stall in netlink_sendmsg run #8: crashed: INFO: rcu detected stall in netlink_sendmsg run #9: crashed: INFO: rcu detected stall in netlink_sendmsg # git bisect good 304ac8032d3fa2d37750969cd4b8d5736a1829d9 Bisecting: 790 revisions left to test after this (roughly 10 steps) [61564e7b3abcb67d57b09afdb4b14b85f8bc1976] Merge tag 'block-5.16-2021-11-19' of git://git.kernel.dk/linux-block testing commit 61564e7b3abcb67d57b09afdb4b14b85f8bc1976 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 4fc53fe91199e2e683548fa97fccef4cabdc599dfdb7e43350721aeff03efb02 all runs: OK # git bisect bad 61564e7b3abcb67d57b09afdb4b14b85f8bc1976 Bisecting: 392 revisions left to test after this (roughly 9 steps) [622c72b651c85cb55bae147debc1a2fae0189b53] Merge tag 'timers-urgent-2021-11-14' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit 622c72b651c85cb55bae147debc1a2fae0189b53 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 9781a616712fce246d473252f3ff7ad5df352d6a2b75331b604c0319e1911b49 run #0: crashed: INFO: task hung in linkwatch_event run #1: crashed: INFO: task hung in addrconf_dad_work run #2: crashed: INFO: task hung in linkwatch_event run #3: crashed: INFO: task hung in addrconf_dad_work run #4: crashed: INFO: task hung in linkwatch_event run #5: crashed: INFO: task hung in linkwatch_event run #6: crashed: INFO: task hung in linkwatch_event run #7: crashed: INFO: task hung in addrconf_dad_work run #8: crashed: INFO: task hung in linkwatch_event run #9: crashed: INFO: task hung in linkwatch_event # git bisect good 622c72b651c85cb55bae147debc1a2fae0189b53 Bisecting: 144 revisions left to test after this (roughly 8 steps) [8d0112ac6fd001f95aabb084ec2ccaa3637bc344] Merge tag 'net-5.16-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit 8d0112ac6fd001f95aabb084ec2ccaa3637bc344 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a21530c16839a6f6b9043c2af43b75ff078be978e3acad83c6d99d1610d57590 all runs: OK # git bisect bad 8d0112ac6fd001f95aabb084ec2ccaa3637bc344 Bisecting: 123 revisions left to test after this (roughly 7 steps) [c46e8ece9613b18d9554e2382a228b6e1795288d] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm testing commit c46e8ece9613b18d9554e2382a228b6e1795288d compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 03d4caa448e13e43c5c85c8c5191afa2ec1eb9385e66ba96637d06b6cd3942dc run #0: crashed: INFO: task hung in linkwatch_event run #1: crashed: INFO: task hung in linkwatch_event run #2: crashed: INFO: task hung in linkwatch_event run #3: crashed: INFO: task hung in rtnetlink_rcv_msg run #4: crashed: INFO: task hung in linkwatch_event run #5: crashed: INFO: task hung in nl80211_pre_doit run #6: crashed: INFO: task hung in addrconf_dad_work run #7: crashed: INFO: task hung in addrconf_dad_work run #8: crashed: INFO: task hung in rtnetlink_rcv_msg run #9: crashed: INFO: task hung in linkwatch_event # git bisect good c46e8ece9613b18d9554e2382a228b6e1795288d Bisecting: 61 revisions left to test after this (roughly 6 steps) [0a83f96f8709f65a6498a012ba49f608925dfae6] MAINTAINERS: remove GR-everest-linux-l2@marvell.com testing commit 0a83f96f8709f65a6498a012ba49f608925dfae6 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 2aac38f566ee2cac546d0544f191c94611a07f674b79d64c3ac9a43a1024d32f all runs: OK # git bisect bad 0a83f96f8709f65a6498a012ba49f608925dfae6 Bisecting: 30 revisions left to test after this (roughly 5 steps) [8905072a192fffe9389255489db250c73ecab008] iavf: Fix failure to exit out from last all-multicast mode testing commit 8905072a192fffe9389255489db250c73ecab008 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: ca54341cd3482ba998499360e7d85420159bff8d84292812c514d9c3fb8ed5e9 all runs: crashed: INFO: rcu detected stall in netlink_sendmsg # git bisect good 8905072a192fffe9389255489db250c73ecab008 Bisecting: 17 revisions left to test after this (roughly 4 steps) [099f896f498a2b26d84f4ddae039b2c542c18b48] udp: Validate checksum in udp_read_sock() testing commit 099f896f498a2b26d84f4ddae039b2c542c18b48 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 77f2e218745e466f1840d0895be26001fb3c88e8ee7cb327c2bd5f6c3f2e50e1 all runs: crashed: INFO: rcu detected stall in netlink_sendmsg # git bisect good 099f896f498a2b26d84f4ddae039b2c542c18b48 Bisecting: 10 revisions left to test after this (roughly 3 steps) [30f6cf96912b638d0ddfc325204b598f94efddc2] mac80211: fix throughput LED trigger testing commit 30f6cf96912b638d0ddfc325204b598f94efddc2 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 164823ae9d7fbb94460345986629f3d4257aaa53136535380822fc589496ebc1 all runs: OK # git bisect bad 30f6cf96912b638d0ddfc325204b598f94efddc2 Bisecting: 3 revisions left to test after this (roughly 2 steps) [77dfc2bc0bb4b8376ecd7a430f27a4a8fff6a5a0] mac80211: do not access the IV when it was stripped testing commit 77dfc2bc0bb4b8376ecd7a430f27a4a8fff6a5a0 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5dfde6f0fb66c1e2ac7f87da93d4852c1e8e8929ec02268306fdba6c55498b4e all runs: OK # git bisect bad 77dfc2bc0bb4b8376ecd7a430f27a4a8fff6a5a0 Bisecting: 1 revision left to test after this (roughly 1 step) [563fbefed46ae4c1f70cffb8eb54c02df480b2c2] cfg80211: call cfg80211_stop_ap when switch from P2P_GO type testing commit 563fbefed46ae4c1f70cffb8eb54c02df480b2c2 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5b0ff6815a360c7e6a730c7071b417129bbd12d236c4d349f3be548a0990698f all runs: OK # git bisect bad 563fbefed46ae4c1f70cffb8eb54c02df480b2c2 563fbefed46ae4c1f70cffb8eb54c02df480b2c2 is the first bad commit commit 563fbefed46ae4c1f70cffb8eb54c02df480b2c2 Author: Nguyen Dinh Phi Date: Thu Oct 28 01:37:22 2021 +0800 cfg80211: call cfg80211_stop_ap when switch from P2P_GO type If the userspace tools switch from NL80211_IFTYPE_P2P_GO to NL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it does not call the cleanup cfg80211_stop_ap(), this leads to the initialization of in-use data. For example, this path re-init the sdata->assigned_chanctx_list while it is still an element of assigned_vifs list, and makes that linked list corrupt. Signed-off-by: Nguyen Dinh Phi Reported-by: syzbot+bbf402b783eeb6d908db@syzkaller.appspotmail.com Link: https://lore.kernel.org/r/20211027173722.777287-1-phind.uet@gmail.com Cc: stable@vger.kernel.org Fixes: ac800140c20e ("cfg80211: .stop_ap when interface is going down") Signed-off-by: Johannes Berg net/wireless/util.c | 1 + 1 file changed, 1 insertion(+) parent commit 1aa3b2207e889a948049c9a8016cedb0218c2389 wasn't tested testing commit 1aa3b2207e889a948049c9a8016cedb0218c2389 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 69b02ea48cade6ff62af54a0f37eff02504f1d8a2bc1929219de271f79ca1508 culprit signature: 5b0ff6815a360c7e6a730c7071b417129bbd12d236c4d349f3be548a0990698f parent signature: 69b02ea48cade6ff62af54a0f37eff02504f1d8a2bc1929219de271f79ca1508 revisions tested: 18, total time: 4h25m6.971417884s (build: 1h57m57.318952476s, test: 2h24m14.27893266s) first good commit: 563fbefed46ae4c1f70cffb8eb54c02df480b2c2 cfg80211: call cfg80211_stop_ap when switch from P2P_GO type recipients (to): ["davem@davemloft.net" "johannes.berg@intel.com" "kuba@kernel.org" "netdev@vger.kernel.org" "pabeni@redhat.com" "phind.uet@gmail.com"] recipients (cc): ["johannes@sipsolutions.net" "linux-kernel@vger.kernel.org" "linux-wireless@vger.kernel.org"]