bisecting fixing commit since b94de4d19498b454645b72d08a05d32fa9074fb5 building syzkaller on cba33199be220cbf61f7c0c8223d88a25a913d6f testing commit b94de4d19498b454645b72d08a05d32fa9074fb5 compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: 0f8de585e4e3b6c9a77a947dac05e5426fdff4c4cb00a686b242bda8fddf443f all runs: crashed: KASAN: use-after-free Read in ieee80211_ibss_build_presp testing current HEAD 59456c9cc40c8f75b5a7efa0fe1f211d9c6fcaf1 testing commit 59456c9cc40c8f75b5a7efa0fe1f211d9c6fcaf1 compiler: gcc version 8.4.1 20210217 (GCC) kernel signature: fa543c0953ce32bf6aabecb177388ed324f14cb51dd8d875f914e5aa9541ec58 run #0: crashed: WARNING in __cfg80211_ibss_joined run #1: crashed: WARNING in __cfg80211_ibss_joined run #2: crashed: WARNING in __cfg80211_ibss_joined run #3: crashed: WARNING in __cfg80211_ibss_joined run #4: crashed: WARNING in __cfg80211_ibss_joined run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK revisions tested: 2, total time: 41m44.981271383s (build: 24m33.277677114s, test: 16m29.488006616s) the crash still happens on HEAD commit msg: Linux 4.19.204 crash: WARNING in __cfg80211_ibss_joined IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready ------------[ cut here ]------------ WARNING: CPU: 0 PID: 9125 at net/wireless/ibss.c:36 __cfg80211_ibss_joined.cold.2+0x32/0x39 net/wireless/ibss.c:36 Modules linked in: CPU: 0 PID: 9125 Comm: kworker/u4:7 Not tainted 4.19.204-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: cfg80211 cfg80211_event_work RIP: 0010:__cfg80211_ibss_joined.cold.2+0x32/0x39 net/wireless/ibss.c:36 Code: 68 1e e2 ff 0f 0b e9 3d 41 7f ff 48 c7 c7 80 c2 f5 88 e8 55 1e e2 ff 0f 0b e9 08 42 7f ff 48 c7 c7 80 c2 f5 88 e8 42 1e e2 ff <0f> 0b e9 17 41 7f ff 48 c7 c7 80 c2 f5 88 e8 2f 1e e2 ff 0f 0b 48 RSP: 0018:ffff8881d3bafc00 EFLAGS: 00010286 RAX: 0000000000000024 RBX: ffff8881e869d190 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff885020e0 RDI: ffffffff8bad8720 RBP: ffff8881d3bafca0 R08: ffffed103ec84e99 R09: ffffed103ec84e98 R10: ffffed103ec84e98 R11: ffff8881f64274c7 R12: 1ffff1103a775f82 R13: ffff8881e869c6c0 R14: ffff8881e54c6b18 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff8881f6400000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000048901d CR3: 000000000986d006 CR4: 00000000001606f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: cfg80211_process_wdev_events+0x35d/0x510 net/wireless/util.c:886 cfg80211_process_rdev_events+0x55/0xc0 net/wireless/util.c:912 cfg80211_event_work+0x19/0x30 net/wireless/core.c:305 process_one_work+0x7b9/0x15a0 kernel/workqueue.c:2153 worker_thread+0x85/0xb60 kernel/workqueue.c:2296 kthread+0x347/0x410 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 irq event stamp: 53832328 hardirqs last enabled at (53832327): [] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline] hardirqs last enabled at (53832327): [] _raw_spin_unlock_irq+0x27/0x90 kernel/locking/spinlock.c:192 hardirqs last disabled at (53832328): [] trace_hardirqs_off_thunk+0x1a/0x1c softirqs last enabled at (53832322): [] __do_softirq+0x62d/0x919 kernel/softirq.c:318 softirqs last disabled at (53832303): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (53832303): [] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 ---[ end trace e42b2a9246716d48 ]--- IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready