bisecting fixing commit since cbfa1702aaf69b2311ea1b35e04f113c48368c67
building syzkaller on b74c49a6af84e6ab50018024e8862263b1e0bd6d
testing commit cbfa1702aaf69b2311ea1b35e04f113c48368c67 with gcc (GCC) 8.1.0
kernel signature: 9fc1e4188bde29141cd2eeff97d68761b38f36acdb27c10e617a0b0f23c03225
all runs: crashed: WARNING in sta_info_insert_rcu
testing current HEAD 2762b48e9611529239da2e68cba908dbbec9805f
testing commit 2762b48e9611529239da2e68cba908dbbec9805f with gcc (GCC) 8.1.0
kernel signature: c0bf4d8490805cceb9792a727a3ed95d601fe24ac0b70a96746d54207eb87f74
all runs: crashed: WARNING in sta_info_insert_rcu
revisions tested: 2, total time: 22m59.820586439s (build: 16m54.700501402s, test: 5m35.63984942s)
the crash still happens on HEAD
commit msg: Linux 4.14.216
crash: WARNING in sta_info_insert_rcu
IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
------------[ cut here ]------------
WARNING: CPU: 1 PID: 7147 at net/mac80211/sta_info.c:482 sta_info_insert_check net/mac80211/sta_info.c:481 [inline]
WARNING: CPU: 1 PID: 7147 at net/mac80211/sta_info.c:482 sta_info_insert_rcu+0x1b3/0x1db0 net/mac80211/sta_info.c:627
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
Kernel panic - not syncing: panic_on_warn set ...

CPU: 1 PID: 7147 Comm: kworker/u4:7 Not tainted 4.14.216-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: phy3 ieee80211_iface_work
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x14b/0x1e7 lib/dump_stack.c:58
 panic+0x1b0/0x358 kernel/panic.c:183
 __warn.cold.7+0x25/0x25 kernel/panic.c:547
 report_bug+0x1a4/0x200 lib/bug.c:186
 fixup_bug arch/x86/kernel/traps.c:177 [inline]
 do_error_trap+0x1bd/0x310 arch/x86/kernel/traps.c:295
 do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:314
 invalid_op+0x1b/0x40 arch/x86/entry/entry_64.S:964
RIP: 0010:sta_info_insert_check net/mac80211/sta_info.c:481 [inline]
RIP: 0010:sta_info_insert_rcu+0x1b3/0x1db0 net/mac80211/sta_info.c:627
RSP: 0018:ffff8881df7e7aa8 EFLAGS: 00010202
RAX: 0000000000000005 RBX: ffff8881db252b40 RCX: 00000000bd63276f
RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff8881d6305fcc
RBP: ffff8881df7e7b60 R08: ffff8881d70d26c0 R09: ffffffff895408e8
R10: ffff8881df7e7a98 R11: ffff8881d70d26c0 R12: 00000000bd63377f
R13: ffff8881d6304f00 R14: ffff8881d05e1920 R15: ffff8881db252b88
 ieee80211_ibss_finish_sta+0x1c4/0x280 net/mac80211/ibss.c:601
 ieee80211_ibss_work+0x255/0xcd0 net/mac80211/ibss.c:1692
 ieee80211_iface_work+0x4a6/0x690 net/mac80211/iface.c:1383
 process_one_work+0x74f/0x1620 kernel/workqueue.c:2116
 worker_thread+0xcc/0xed0 kernel/workqueue.c:2250
 kthread+0x338/0x400 kernel/kthread.c:232
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
Kernel Offset: disabled
Rebooting in 86400 seconds..