On Tue, 2020-11-10 at 10:51 +0100, Johannes Berg wrote: > From: Johannes Berg <johannes.berg@xxxxxxxxx> > > sta_info_free() may be used in a context that cannot sleep, > so do the wind-down earlier in __cleanup_single_sta(). We > should probably just unify that, by doing the free inside > sta_info_insert_finish() instead of the caller, but that'll > be a separate cleanup patch. > > Reported-by: syzbot+6a7fe9faf0d1d61bc24a@xxxxxxxxxxxxxxxxxxxxxxxxx > Reported-by: syzbot+abed06851c5ffe010921@xxxxxxxxxxxxxxxxxxxxxxxxx > Reported-by: syzbot+b7aeb9318541a1c709f1@xxxxxxxxxxxxxxxxxxxxxxxxx > Reported-by: syzbot+d5a9416c6cafe53b5dd0@xxxxxxxxxxxxxxxxxxxxxxxxx That's probably true - however, it will get the original problem that syzbot reported back ... https://syzkaller.appspot.com/bug?extid=2e293dbd67de2836ba42 That's because the allocation is in pre_move_state(). So we can't do this - but need to do the other two patches I posted directly. johannes
