Re: [syzbot] [fs?] KASAN: slab-use-after-free Read in lockref_get

From: Edward Adam Davis
Date: Wed Jul 17 2024 - 07:39:28 EST

Next message: Ma Ke: "[PATCH] ASoC: ak4642: Return of_clk_add_provider to transfer the error"
Previous message: Jan Kara: "Re: [PATCH v6 9/9] tmpfs: add support for multigrain timestamps"
In reply to: syzbot: "Re: [syzbot] [fs?] KASAN: slab-use-after-free Read in lockref_get"
Next in thread: syzbot: "Re: [syzbot] [fs?] KASAN: slab-use-after-free Read in lockref_get"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

before remove debugfs_dir set reference pointer to NULL

#syz test: linux-next 58f9416d413a

diff --git a/net/mac80211/driver-ops.c b/net/mac80211/driver-ops.c
index fe868b521622..fe29ba561599 100644
--- a/net/mac80211/driver-ops.c
+++ b/net/mac80211/driver-ops.c
@@ -113,11 +113,10 @@ void drv_remove_interface(struct ieee80211_local *local,
if (!check_sdata_in_driver(sdata))
return;

- sdata->flags &= ~IEEE80211_SDATA_IN_DRIVER;
-
/* Remove driver debugfs entries */
ieee80211_debugfs_recreate_netdev(sdata, sdata->vif.valid_links);

+ sdata->flags &= ~IEEE80211_SDATA_IN_DRIVER;
trace_drv_remove_interface(local, sdata);
local->ops->remove_interface(&local->hw, &sdata->vif);
trace_drv_return_void(local);

Next message: Ma Ke: "[PATCH] ASoC: ak4642: Return of_clk_add_provider to transfer the error"
Previous message: Jan Kara: "Re: [PATCH v6 9/9] tmpfs: add support for multigrain timestamps"
In reply to: syzbot: "Re: [syzbot] [fs?] KASAN: slab-use-after-free Read in lockref_get"
Next in thread: syzbot: "Re: [syzbot] [fs?] KASAN: slab-use-after-free Read in lockref_get"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]