syzbot


WARNING in ieee80211_free_keys (2)

Status: upstream: reported on 2025/08/09 10:09
Subsystems: wireless
Labels: prio:low
[Documentation on labels]
Reported-by: syzbot+de3ee5362db09487ea37@syzkaller.appspotmail.com
First crash: 344d, last: 3d21h
✨ AI Jobs (1)
ID Workflow Result Correct Bug Created Started Finished Revision Error
7c244b5f-ffb5-4600-bd9a-7665b56efe54 assessment-security DenialOfService: ❌ Exploitable: ❌ FilesystemTrigger: ❌ NetworkTrigger: ❌ PeripheralTrigger: ❌ RemoteTrigger: ❌ Unprivileged: ❌ UserNamespace: ❌ VMGuestTrigger: ❌ VMHostTrigger: ❌ WARNING in ieee80211_free_keys (2) 2026/05/22 21:04 2026/05/22 21:04 2026/05/22 21:45 df8ac09c914d5408499c5695877a3e0e31969e6f

			
		
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [wireless?] WARNING in ieee80211_free_keys (2) 0 (1) 2025/08/09 10:09
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING in ieee80211_free_keys wireless -1 7 483d 504d 0/29 auto-obsoleted due to no activity on 2025/06/27 11:28
linux-6.6 WARNING in ieee80211_free_keys -1 2 255d 255d 0/2 auto-obsoleted due to no activity on 2026/02/10 09:35
linux-5.15 WARNING in ieee80211_free_keys -1 1 432d 432d 0/3 auto-obsoleted due to no activity on 2025/08/17 18:26

Sample crash report:
------------[ cut here ]------------
sdata->crypto_tx_tailroom_needed_cnt != master->crypto_tx_tailroom_needed_cnt
WARNING: net/mac80211/key.c:1172 at ieee80211_free_keys+0x56e/0x680 net/mac80211/key.c:1171, CPU#1: syz.4.6986/543
Modules linked in:
CPU: 1 UID: 0 PID: 543 Comm: syz.4.6986 Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
RIP: 0010:ieee80211_free_keys+0x56e/0x680 net/mac80211/key.c:1171
Code: 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d e9 f2 08 e0 f5 cc e8 81 f8 95 f6 90 0f 0b 90 e9 22 fc ff ff e8 73 f8 95 f6 90 <0f> 0b 90 e9 30 fe ff ff e8 65 f8 95 f6 e9 1b fe ff ff 48 c7 c1 00
RSP: 0018:ffffc90004c26b80 EFLAGS: 00010287
RAX: ffffffff8b30382d RBX: ffff8880532c4ec0 RCX: 0000000000080000
RDX: ffffc90006bde000 RSI: 0000000000000f34 RDI: 0000000000000f35
RBP: ffffc90004c26c50 R08: ffffc90004c26967 R09: 1ffff92000984d2c
R10: dffffc0000000000 R11: fffff52000984d2d R12: dffffc0000000000
R13: 1ffff92000984d78 R14: 0000000000000001 R15: 0000000000000000
FS:  00007ff5843ee6c0(0000) GS:ffff888125327000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f0a435a56c8 CR3: 0000000077789000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 ieee80211_do_stop+0x1019/0x2220 net/mac80211/iface.c:612
 ieee80211_stop+0x1ab/0x200 net/mac80211/iface.c:862
 __dev_close_many+0x366/0x6e0 net/core/dev.c:1776
 netif_close_many+0x222/0x410 net/core/dev.c:1802
 netif_close+0x160/0x220 net/core/dev.c:1819
 dev_close+0xf7/0x210 net/core/dev_api.c:221
 ieee80211_stop+0xc7/0x200 net/mac80211/iface.c:849
 __dev_close_many+0x366/0x6e0 net/core/dev.c:1776
 netif_close_many+0x222/0x410 net/core/dev.c:1802
 netif_close+0x160/0x220 net/core/dev.c:1819
 dev_close+0xf7/0x210 net/core/dev_api.c:221
 nl80211_del_interface+0xcd/0x140 net/wireless/nl80211.c:5261
 genl_family_rcv_msg_doit+0x233/0x340 net/netlink/genetlink.c:1114
 genl_family_rcv_msg net/netlink/genetlink.c:1194 [inline]
 genl_rcv_msg+0x614/0x7a0 net/netlink/genetlink.c:1209
 netlink_rcv_skb+0x226/0x4a0 net/netlink/af_netlink.c:2556
 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1218
 netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]
 netlink_unicast+0x7bb/0x940 net/netlink/af_netlink.c:1345
 netlink_sendmsg+0x813/0xb40 net/netlink/af_netlink.c:1900
 sock_sendmsg_nosec+0x13a/0x180 net/socket.c:775
 __sock_sendmsg net/socket.c:790 [inline]
 ____sys_sendmsg+0x54e/0x850 net/socket.c:2684
 ___sys_sendmsg+0x2a5/0x360 net/socket.c:2738
 __sys_sendmsg net/socket.c:2770 [inline]
 __do_sys_sendmsg net/socket.c:2775 [inline]
 __se_sys_sendmsg net/socket.c:2773 [inline]
 __x64_sys_sendmsg+0x1b1/0x290 net/socket.c:2773
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x174/0x580 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff58619ce59
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ff5843ee028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007ff586415fa0 RCX: 00007ff58619ce59
RDX: 0000000004000000 RSI: 0000200000000200 RDI: 0000000000000003
RBP: 00007ff586232e6f R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ff586416038 R14: 00007ff586415fa0 R15: 00007fffe4b9e518
 </TASK>

Crashes (22):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/06/25 03:52 upstream ab9de95c9cf9 cfa969bf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in ieee80211_free_keys
2026/06/21 01:17 upstream 1a3746ccbb0a 43bfcdb0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING in ieee80211_free_keys
2026/06/15 11:39 upstream 8cd9520d35a6 1d2f3589 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING in ieee80211_free_keys
2026/02/11 22:01 upstream 192c0159402e 75707236 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in ieee80211_free_keys
2026/02/07 06:44 upstream 2687c848e578 f20fc9f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in ieee80211_free_keys
2025/08/05 10:05 upstream d2eedaa3909b abdcb213 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in ieee80211_free_keys
2026/06/02 09:47 upstream 6f3ed7fec72f 1095583b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 WARNING in ieee80211_free_keys
2026/06/24 12:42 upstream 840ef6c78e6a c1da772e .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING in ieee80211_free_keys
2026/04/13 01:31 upstream 028ef9c96e96 38c8e246 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING in ieee80211_free_keys
2026/06/05 08:58 upstream 9154c4af7829 197909be .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 WARNING in ieee80211_free_keys
2026/05/26 20:26 upstream d60ec36cab33 2b01f00e .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 WARNING in ieee80211_free_keys
2026/04/11 20:08 upstream e774d5f1bc27 38c8e246 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 WARNING in ieee80211_free_keys
2026/07/11 21:54 net 3f1f75536668 d78ea535 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in ieee80211_free_keys
2026/07/11 06:32 net 1cd23ca80784 d78ea535 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in ieee80211_free_keys
2026/06/15 21:14 net 62821d481975 50bb0618 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in ieee80211_free_keys
2026/06/14 19:24 net 47186409c092 1d2f3589 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in ieee80211_free_keys
2026/06/14 18:34 net 47186409c092 1d2f3589 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in ieee80211_free_keys
2026/06/13 01:19 net e26657fe3b85 1d2f3589 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in ieee80211_free_keys
2025/12/27 13:46 net 6402078bd9d1 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in ieee80211_free_keys
2025/09/30 10:12 net b9bd25f47eb7 86341da6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in ieee80211_free_keys
2026/06/18 11:03 net-next b85966adbf5d a776b0d0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in ieee80211_free_keys
2026/05/18 02:28 net-next 627ac78f2741 de5aae85 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in ieee80211_free_keys
* Struck through repros no longer work on HEAD.