WARNING in sta_apply_parameters
5 views
Skip to first unread message
syzbot
Nov 7, 2020, 10:56:17 AM11/7/20
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: b94de4d1 Linux 4.19.155
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=150abe1a500000
kernel config: https://syzkaller.appspot.com/x/.config?x=252047157acf1cb1
dashboard link: https://syzkaller.appspot.com/bug?extid=7a122cd3268394470b93
compiler: gcc (GCC) 10.1.0-syz 20200507
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16c53684500000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12c8ff14500000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+7a122c...@syzkaller.appspotmail.com
device wlan0 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
WARNING: CPU: 0 PID: 8119 at net/mac80211/ieee80211_i.h:1413 ieee80211_get_sband net/mac80211/ieee80211_i.h:1413 [inline]
WARNING: CPU: 0 PID: 8119 at net/mac80211/ieee80211_i.h:1413 sta_apply_parameters+0x1481/0x1dc0 net/mac80211/cfg.c:1229
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 8119 Comm: syz-executor665 Not tainted 4.19.155-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2fe lib/dump_stack.c:118
panic+0x26a/0x50e kernel/panic.c:186
__warn.cold+0x20/0x61 kernel/panic.c:541
report_bug+0x262/0x2b0 lib/bug.c:186
fixup_bug arch/x86/kernel/traps.c:178 [inline]
fixup_bug arch/x86/kernel/traps.c:173 [inline]
do_error_trap+0x1d7/0x310 arch/x86/kernel/traps.c:296
invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:1038
RIP: 0010:ieee80211_get_sband net/mac80211/ieee80211_i.h:1413 [inline]
RIP: 0010:sta_apply_parameters+0x1481/0x1dc0 net/mac80211/cfg.c:1229
Code: 89 fe e8 62 1d a7 f9 45 85 ff 0f 85 d3 00 00 00 e8 e4 1b a7 f9 44 89 e6 4c 89 f7 e8 09 2b 12 00 e9 cc f9 ff ff e8 cf 1b a7 f9 <0f> 0b e8 c8 db 94 f9 31 ff 89 c3 89 c6 e8 2d 1d a7 f9 85 db 74 1d
RSP: 0018:ffff888094d774c0 EFLAGS: 00010293
RAX: ffff888097db2600 RBX: ffff888094d775d8 RCX: ffffffff87bd9f8f
RDX: 0000000000000000 RSI: ffffffff87bdb2c1 RDI: 0000000000000007
RBP: ffff888095faa3c0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000007 R11: 0000000000000000 R12: ffff8880ab448ec0
R13: 0000000000000000 R14: ffff8880ab408be0 R15: ffff8880ab408be0
ieee80211_add_station+0x2f8/0x610 net/mac80211/cfg.c:1442
rdev_add_station net/wireless/rdev-ops.h:176 [inline]
nl80211_new_station+0xd78/0x1510 net/wireless/nl80211.c:5601
genl_family_rcv_msg+0x642/0xc40 net/netlink/genetlink.c:602
genl_rcv_msg+0xbf/0x160 net/netlink/genetlink.c:627
netlink_rcv_skb+0x160/0x440 net/netlink/af_netlink.c:2455
genl_rcv+0x24/0x40 net/netlink/genetlink.c:638
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x4d5/0x690 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x6bb/0xc40 net/netlink/af_netlink.c:1909
sock_sendmsg_nosec net/socket.c:622 [inline]
sock_sendmsg+0xc3/0x120 net/socket.c:632
___sys_sendmsg+0x7bb/0x8e0 net/socket.c:2115
__sys_sendmsg net/socket.c:2153 [inline]
__do_sys_sendmsg net/socket.c:2162 [inline]
__se_sys_sendmsg net/socket.c:2160 [inline]
__x64_sys_sendmsg+0x132/0x220 net/socket.c:2160
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x447199
Code: e8 5c b1 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 6b 05 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fdcecadfd98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00000000006dcc78 RCX: 0000000000447199
RDX: 0000000000000000 RSI: 0000000020000040 RDI: 000000000000000a
RBP: 00000000006dcc70 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc7c
R13: 0000000000000000 R14: 000000306e616c77 R15: 0000000000660006
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: b94de4d1 Linux 4.19.155
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=150abe1a500000
kernel config: https://syzkaller.appspot.com/x/.config?x=252047157acf1cb1
dashboard link: https://syzkaller.appspot.com/bug?extid=7a122cd3268394470b93
compiler: gcc (GCC) 10.1.0-syz 20200507
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16c53684500000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12c8ff14500000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+7a122c...@syzkaller.appspotmail.com
device wlan0 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
WARNING: CPU: 0 PID: 8119 at net/mac80211/ieee80211_i.h:1413 ieee80211_get_sband net/mac80211/ieee80211_i.h:1413 [inline]
WARNING: CPU: 0 PID: 8119 at net/mac80211/ieee80211_i.h:1413 sta_apply_parameters+0x1481/0x1dc0 net/mac80211/cfg.c:1229
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 8119 Comm: syz-executor665 Not tainted 4.19.155-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2fe lib/dump_stack.c:118
panic+0x26a/0x50e kernel/panic.c:186
__warn.cold+0x20/0x61 kernel/panic.c:541
report_bug+0x262/0x2b0 lib/bug.c:186
fixup_bug arch/x86/kernel/traps.c:178 [inline]
fixup_bug arch/x86/kernel/traps.c:173 [inline]
do_error_trap+0x1d7/0x310 arch/x86/kernel/traps.c:296
invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:1038
RIP: 0010:ieee80211_get_sband net/mac80211/ieee80211_i.h:1413 [inline]
RIP: 0010:sta_apply_parameters+0x1481/0x1dc0 net/mac80211/cfg.c:1229
Code: 89 fe e8 62 1d a7 f9 45 85 ff 0f 85 d3 00 00 00 e8 e4 1b a7 f9 44 89 e6 4c 89 f7 e8 09 2b 12 00 e9 cc f9 ff ff e8 cf 1b a7 f9 <0f> 0b e8 c8 db 94 f9 31 ff 89 c3 89 c6 e8 2d 1d a7 f9 85 db 74 1d
RSP: 0018:ffff888094d774c0 EFLAGS: 00010293
RAX: ffff888097db2600 RBX: ffff888094d775d8 RCX: ffffffff87bd9f8f
RDX: 0000000000000000 RSI: ffffffff87bdb2c1 RDI: 0000000000000007
RBP: ffff888095faa3c0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000007 R11: 0000000000000000 R12: ffff8880ab448ec0
R13: 0000000000000000 R14: ffff8880ab408be0 R15: ffff8880ab408be0
ieee80211_add_station+0x2f8/0x610 net/mac80211/cfg.c:1442
rdev_add_station net/wireless/rdev-ops.h:176 [inline]
nl80211_new_station+0xd78/0x1510 net/wireless/nl80211.c:5601
genl_family_rcv_msg+0x642/0xc40 net/netlink/genetlink.c:602
genl_rcv_msg+0xbf/0x160 net/netlink/genetlink.c:627
netlink_rcv_skb+0x160/0x440 net/netlink/af_netlink.c:2455
genl_rcv+0x24/0x40 net/netlink/genetlink.c:638
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x4d5/0x690 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x6bb/0xc40 net/netlink/af_netlink.c:1909
sock_sendmsg_nosec net/socket.c:622 [inline]
sock_sendmsg+0xc3/0x120 net/socket.c:632
___sys_sendmsg+0x7bb/0x8e0 net/socket.c:2115
__sys_sendmsg net/socket.c:2153 [inline]
__do_sys_sendmsg net/socket.c:2162 [inline]
__se_sys_sendmsg net/socket.c:2160 [inline]
__x64_sys_sendmsg+0x132/0x220 net/socket.c:2160
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x447199
Code: e8 5c b1 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 6b 05 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fdcecadfd98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00000000006dcc78 RCX: 0000000000447199
RDX: 0000000000000000 RSI: 0000000020000040 RDI: 000000000000000a
RBP: 00000000006dcc70 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc7c
R13: 0000000000000000 R14: 000000306e616c77 R15: 0000000000660006
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot
Jul 22, 2021, 4:08:10 AM7/22/21
to syzkaller...@googlegroups.com
syzbot suspects this issue was fixed by commit:
commit 25487a5ff100398cb214ae854358609e4bbd4e7d
Author: Johannes Berg <johann...@intel.com>
Date: Mon May 17 14:47:17 2021 +0000
mac80211: remove warning in ieee80211_get_sband()
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=12a0e00a300000
start commit: b94de4d19498 Linux 4.19.155
git tree: linux-4.19.y
#syz fix: mac80211: remove warning in ieee80211_get_sband()
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
commit 25487a5ff100398cb214ae854358609e4bbd4e7d
Author: Johannes Berg <johann...@intel.com>
Date: Mon May 17 14:47:17 2021 +0000
mac80211: remove warning in ieee80211_get_sband()
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=12a0e00a300000
start commit: b94de4d19498 Linux 4.19.155
git tree: linux-4.19.y
kernel config: https://syzkaller.appspot.com/x/.config?x=252047157acf1cb1
dashboard link: https://syzkaller.appspot.com/bug?extid=7a122cd3268394470b93
dashboard link: https://syzkaller.appspot.com/bug?extid=7a122cd3268394470b93
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16c53684500000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12c8ff14500000
If the result looks correct, please mark the issue as fixed by replying with:
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12c8ff14500000
#syz fix: mac80211: remove warning in ieee80211_get_sband()
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
Reply all
Reply to author
Forward
0 new messages