On Fri, 2023-11-24 at 17:56 +0300, Dmitry Antipov wrote: > I'm trying to investigate a WARN_ON() in subject, seen at least once > with 5.10.200 under syzkaller. Surely this may be a weird artifact of > using the syzkaller itself, but is there a scenario to trigger this > WARN_ON() in a "real" environment? And, looking through the code, is > it a good idea to call 'cfg80211_get_bss()' without checking whether > the corresponding BSSID is non-zero? > I feel like we should probably just remove the WARN_ON()? Seems this is either triggered by a strange CSA request from userspace, or a CSA happening while also leaving the IBSS? ieee80211_ibss_finish_csa() is strangely checking for is_zero_ether_addr(), but I'm not sure how that happens when the state is JOINED? Maybe there's somewhere a check missing that we cannot join an IBSS with all-zeroes BSSID? But I'm not sure how much value there is in digging deep into this ... johannes
