Re: [syzbot] [wireless?] WARNING in cfg80211_scan_done

All of lore.kernel.org
 help / color / mirror / Atom feed

From: syzbot <syzbot+189dcafc06865d38178d@syzkaller.appspotmail.com>
To: davem@davemloft.net, edumazet@google.com,
	johannes@sipsolutions.net,  kuba@kernel.org,
	linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org,
	 netdev@vger.kernel.org, pabeni@redhat.com,
	syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [wireless?] WARNING in cfg80211_scan_done
Date: Thu, 12 Jun 2025 20:55:27 -0700	[thread overview]
Message-ID: <684ba12f.a00a0220.279073.0009.GAE@google.com> (raw)
In-Reply-To: <000000000000dbcd0f061f911231@google.com>

syzbot has found a reproducer for the following issue on:

HEAD commit:    19272b37aa4f Linux 6.16-rc1
git tree:       git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=10e239d4580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=8409c4d4e51ac27
dashboard link: https://syzkaller.appspot.com/bug?extid=189dcafc06865d38178d
compiler:       Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6
userspace arch: arm64
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=14e239d4580000

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/92d22b0c6493/disk-19272b37.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/3fb0142bb63a/vmlinux-19272b37.xz
kernel image: https://storage.googleapis.com/syzbot-assets/3d5f3836ae42/Image-19272b37.gz.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+189dcafc06865d38178d@syzkaller.appspotmail.com

------------[ cut here ]------------
WARNING: CPU: 1 PID: 2225 at net/wireless/scan.c:1182 cfg80211_scan_done+0x2c8/0x4b0 net/wireless/scan.c:1181
Modules linked in:
CPU: 1 UID: 0 PID: 2225 Comm: kworker/u8:12 Not tainted 6.16.0-rc1-syzkaller-g19272b37aa4f #0 PREEMPT 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Workqueue: events_unbound cfg80211_wiphy_work
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : cfg80211_scan_done+0x2c8/0x4b0 net/wireless/scan.c:1181
lr : cfg80211_scan_done+0x2c8/0x4b0 net/wireless/scan.c:1181
sp : ffff8000a14d77c0
x29: ffff8000a14d7820 x28: ffff0000c7570700 x27: 1fffe00019a1e20c
x26: 1ffff0001429aef8 x25: dfff800000000000 x24: ffff0000c75701b8
x23: ffff0000cd0f1060 x22: ffff0000c75729f0 x21: ffff0000cd0f1070
x20: ffff8000a14d77e0 x19: ffff0000cd0f1000 x18: 1fffe00033807876
x17: ffff80008f55e000 x16: ffff80008ae5617c x15: 0000000000000002
x14: 1ffff0001429aefc x13: 0000000000000000 x12: 0000000000000000
x11: ffff70001429aefe x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000cc293d00 x7 : 0000000000000000 x6 : 0000000000000000
x5 : ffff8000a14d77f0 x4 : ffff0000cd0f1080 x3 : ffff80008a530eec
x2 : 0000000000000010 x1 : ffff80008b492da0 x0 : 0000000000000001
Call trace:
 cfg80211_scan_done+0x2c8/0x4b0 net/wireless/scan.c:1181 (P)
 __ieee80211_scan_completed+0x4ec/0xae0 net/mac80211/scan.c:501
 ieee80211_scan_work+0x140/0x18c4 net/mac80211/scan.c:1177
 cfg80211_wiphy_work+0x2a8/0x48c net/wireless/core.c:435
 process_one_work+0x7e8/0x155c kernel/workqueue.c:3238
 process_scheduled_works kernel/workqueue.c:3321 [inline]
 worker_thread+0x958/0xed8 kernel/workqueue.c:3402
 kthread+0x5fc/0x75c kernel/kthread.c:464
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:847
irq event stamp: 1301622
hardirqs last  enabled at (1301621): [<ffff8000830764a8>] class_irqsave_destructor include/linux/irqflags.h:266 [inline]
hardirqs last  enabled at (1301621): [<ffff8000830764a8>] __free_object+0x528/0x71c lib/debugobjects.c:524
hardirqs last disabled at (1301622): [<ffff80008ae5160c>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (1301568): [<ffff80008644576c>] spin_unlock_bh include/linux/spinlock.h:396 [inline]
softirqs last  enabled at (1301568): [<ffff80008644576c>] nsim_dev_trap_report drivers/net/netdevsim/dev.c:820 [inline]
softirqs last  enabled at (1301568): [<ffff80008644576c>] nsim_dev_trap_report_work+0x67c/0x9fc drivers/net/netdevsim/dev.c:851
softirqs last disabled at (1301566): [<ffff8000864456e4>] spin_lock_bh include/linux/spinlock.h:356 [inline]
softirqs last disabled at (1301566): [<ffff8000864456e4>] nsim_dev_trap_report drivers/net/netdevsim/dev.c:816 [inline]
softirqs last disabled at (1301566): [<ffff8000864456e4>] nsim_dev_trap_report_work+0x5f4/0x9fc drivers/net/netdevsim/dev.c:851
---[ end trace 0000000000000000 ]---


---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.

next prev parent reply	other threads:[~2025-06-13  3:55 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-08-13 14:03 [syzbot] [wireless?] WARNING in cfg80211_scan_done syzbot
2025-06-13  3:55 ` syzbot [this message]
2025-06-19  8:05   ` [PATCH] wifi: cfg80211: Prevent comparison with invalid registered dev scan req Lizhi Xu
2025-06-20 11:01     ` Johannes Berg
2025-06-23  8:26       ` Lizhi Xu
2025-06-19  2:52 ` [syzbot] Re: [syzbot] [wireless?] WARNING in cfg80211_scan_done syzbot
2025-06-19  7:37 ` syzbot
2026-01-05 17:04 ` syzbot
     [not found] <20250619025207.461444-1-lizhi.xu@windriver.com>
2025-06-19  5:51 ` syzbot
     [not found] <20250619073752.740424-1-lizhi.xu@windriver.com>
2025-06-19  8:04 ` syzbot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=684ba12f.a00a0220.279073.0009.GAE@google.com \
    --to=syzbot+189dcafc06865d38178d@syzkaller.appspotmail.com \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=johannes@sipsolutions.net \
    --cc=kuba@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-wireless@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=pabeni@redhat.com \
    --cc=syzkaller-bugs@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.