bisecting cause commit starting from 4f8a3cc1183c442daee6cc65360e3385021131e4 building syzkaller on 36b0b05078430cbedb73c32bed7f78056ce77536 testing commit 4f8a3cc1183c442daee6cc65360e3385021131e4 with gcc (GCC) 8.1.0 kernel signature: 2e417cb635cdcc6858ead94e9076a25e5a03548586ce2fa85e7b550967bbaa99 all runs: crashed: WARNING in set_precision testing release v5.6 testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.1.0 kernel signature: b9efe4734711ba8f918cf77923da3ca7f07fa0f7b89faaec9de7a887b9f862e6 all runs: OK # git bisect start 4f8a3cc1183c442daee6cc65360e3385021131e4 7111951b8d4973bda27ff663f2cf18b663d15b48 Bisecting: 6924 revisions left to test after this (roughly 13 steps) [4646de87d32526ee87b46c2e0130413367fb5362] Merge tag 'mailbox-v5.7' of git://git.linaro.org/landing-teams/working/fujitsu/integration testing commit 4646de87d32526ee87b46c2e0130413367fb5362 with gcc (GCC) 8.1.0 kernel signature: c4a30015efa0351f13f96fd4651eab7e8e8ef0f1f040e497c37a2a5d548e21c2 all runs: crashed: WARNING in set_precision # git bisect bad 4646de87d32526ee87b46c2e0130413367fb5362 Bisecting: 2893 revisions left to test after this (roughly 12 steps) [5b67fbfc32b544daa7f4e0f4e0ecdec4e4895938] Merge tag 'kbuild-v5.7' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild testing commit 5b67fbfc32b544daa7f4e0f4e0ecdec4e4895938 with gcc (GCC) 8.1.0 kernel signature: fa555d7686a8e389417ac150b6d2316cc84c562a3423bff988981b43609ea543 all runs: OK # git bisect good 5b67fbfc32b544daa7f4e0f4e0ecdec4e4895938 Bisecting: 1446 revisions left to test after this (roughly 11 steps) [53e96632ab934b28d6237c85b851f09e1595b76f] net: bridge: vlan tunnel: constify bridge and port arguments testing commit 53e96632ab934b28d6237c85b851f09e1595b76f with gcc (GCC) 8.1.0 kernel signature: 9172d41435c1f5d425bf739a8b999e45a911d6159b5358ddb9a91616c6ea2af4 all runs: OK # git bisect good 53e96632ab934b28d6237c85b851f09e1595b76f Bisecting: 722 revisions left to test after this (roughly 10 steps) [2d39eab45b2cd0392515d5e442c4fcb02a751c51] Merge branch 'split-phylink-PCS-operations' testing commit 2d39eab45b2cd0392515d5e442c4fcb02a751c51 with gcc (GCC) 8.1.0 kernel signature: 1dd43f02993557839de342214d518f5e152f9064f475001ffe057194b5f63261 all runs: crashed: WARNING in set_precision # git bisect bad 2d39eab45b2cd0392515d5e442c4fcb02a751c51 Bisecting: 321 revisions left to test after this (roughly 9 steps) [5ef8c665416b9815113042e0edebe8ff66a45e2e] Merge tag 'wireless-drivers-next-2020-03-24' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next testing commit 5ef8c665416b9815113042e0edebe8ff66a45e2e with gcc (GCC) 8.1.0 kernel signature: 689e4370cfda8e7fa520c76cbd25531b6533ba3ed9aeb548bbb4e21d79b2c15c all runs: OK # git bisect good 5ef8c665416b9815113042e0edebe8ff66a45e2e Bisecting: 176 revisions left to test after this (roughly 7 steps) [0b992b898c9e52e274af1c4b6c3de21632199b4d] Merge branch 's390-qeth-next' testing commit 0b992b898c9e52e274af1c4b6c3de21632199b4d with gcc (GCC) 8.1.0 kernel signature: 0be530a10293a31bbb29ab5c5da1e2bc7d648fd7e90216fa2ba6e6d473b29d65 all runs: OK # git bisect good 0b992b898c9e52e274af1c4b6c3de21632199b4d Bisecting: 88 revisions left to test after this (roughly 7 steps) [fc518953bc9c8d7d33c6ab261995f5038f3c87f9] mptcp: add and use MIB counter infrastructure testing commit fc518953bc9c8d7d33c6ab261995f5038f3c87f9 with gcc (GCC) 8.1.0 kernel signature: 0218ae9b32fa66c60b355985d3a64f31fcc94a02521d4e332436fd45e8ac3301 all runs: OK # git bisect good fc518953bc9c8d7d33c6ab261995f5038f3c87f9 Bisecting: 44 revisions left to test after this (roughly 6 steps) [ee91a83e0849f5fae99983343813aa35b8a295a1] net: dsa: Simplify 'dsa_tag_protocol_to_str()' testing commit ee91a83e0849f5fae99983343813aa35b8a295a1 with gcc (GCC) 8.1.0 kernel signature: 523d8266163d834a184ccf929fbe6d99feb22342e9a5f341ee98b7909733f295 all runs: crashed: WARNING in set_precision # git bisect bad ee91a83e0849f5fae99983343813aa35b8a295a1 Bisecting: 21 revisions left to test after this (roughly 5 steps) [5b071c59ede04db200d9eccb97701261461e89bf] ethtool: provide timestamping information with TSINFO_GET request testing commit 5b071c59ede04db200d9eccb97701261461e89bf with gcc (GCC) 8.1.0 kernel signature: a4c397e70b90bd868d3c988d9ea30e98002c9e644f2caa6220472badf9b086e9 all runs: crashed: WARNING in set_precision # git bisect bad 5b071c59ede04db200d9eccb97701261461e89bf Bisecting: 10 revisions left to test after this (roughly 4 steps) [b51fb7711a6d0e325d0fdb299cf67c4ec4b88b4b] ethtool: fix reference leak in ethnl_set_privflags() testing commit b51fb7711a6d0e325d0fdb299cf67c4ec4b88b4b with gcc (GCC) 8.1.0 kernel signature: 984965630beaebbda590e8dacb3c4cefd0d0727fc01851ef03b885368bcbd8cf all runs: crashed: WARNING in set_precision # git bisect bad b51fb7711a6d0e325d0fdb299cf67c4ec4b88b4b Bisecting: 5 revisions left to test after this (roughly 3 steps) [cfa933d938d896c37ca0b952437875886d84f3f5] include: uapi: linux: add rpl sr header definition testing commit cfa933d938d896c37ca0b952437875886d84f3f5 with gcc (GCC) 8.1.0 kernel signature: 16a9f7f437c2ca2473b103379328188a87d248831ab43eb51ea05d0659619f4a all runs: crashed: WARNING in set_precision # git bisect bad cfa933d938d896c37ca0b952437875886d84f3f5 Bisecting: 2 revisions left to test after this (roughly 1 step) [eedbc685321b38fea58a14c9fbd258c4b2c2747c] selftests: add PM netlink functional tests testing commit eedbc685321b38fea58a14c9fbd258c4b2c2747c with gcc (GCC) 8.1.0 kernel signature: 6e4cbdbd15b70824ef5c020312b5b9e1949b505f4b87e3cf2b99fad7a3122af3 all runs: crashed: WARNING in set_precision # git bisect bad eedbc685321b38fea58a14c9fbd258c4b2c2747c Bisecting: 0 revisions left to test after this (roughly 0 steps) [01cacb00b35cb62b139f07d5f84bcf0eeda8eff6] mptcp: add netlink-based PM testing commit 01cacb00b35cb62b139f07d5f84bcf0eeda8eff6 with gcc (GCC) 8.1.0 kernel signature: 68c49c0b40c27e07272ce98ce88c0a6c8db6f440aa547895d5139a549b54260b all runs: crashed: WARNING in set_precision # git bisect bad 01cacb00b35cb62b139f07d5f84bcf0eeda8eff6 01cacb00b35cb62b139f07d5f84bcf0eeda8eff6 is the first bad commit commit 01cacb00b35cb62b139f07d5f84bcf0eeda8eff6 Author: Paolo Abeni Date: Fri Mar 27 14:48:51 2020 -0700 mptcp: add netlink-based PM Expose a new netlink family to userspace to control the PM, setting: - list of local addresses to be signalled. - list of local addresses used to created subflows. - maximum number of add_addr option to react When the msk is fully established, the PM netlink attempts to announce the 'signal' list via the ADD_ADDR option. Since we currently lack the ADD_ADDR echo (and related event) only the first addr is sent. After exhausting the 'announce' list, the PM tries to create subflow for each addr in 'local' list, waiting for each connection to be completed before attempting the next one. Idea is to add an additional PM hook for ADD_ADDR echo, to allow the PM netlink announcing multiple addresses, in sequence. Co-developed-by: Matthieu Baerts Signed-off-by: Matthieu Baerts Signed-off-by: Paolo Abeni Signed-off-by: Mat Martineau Signed-off-by: David S. Miller include/uapi/linux/mptcp.h | 54 +++ net/mptcp/Makefile | 3 +- net/mptcp/pm.c | 9 +- net/mptcp/pm_netlink.c | 857 +++++++++++++++++++++++++++++++++++++++++++++ net/mptcp/protocol.h | 7 + 5 files changed, 928 insertions(+), 2 deletions(-) create mode 100644 net/mptcp/pm_netlink.c culprit signature: 68c49c0b40c27e07272ce98ce88c0a6c8db6f440aa547895d5139a549b54260b parent signature: 0218ae9b32fa66c60b355985d3a64f31fcc94a02521d4e332436fd45e8ac3301 revisions tested: 15, total time: 3h0m18.727485247s (build: 1h29m30.075763945s, test: 1h29m51.400153328s) first bad commit: 01cacb00b35cb62b139f07d5f84bcf0eeda8eff6 mptcp: add netlink-based PM cc: ["davem@davemloft.net" "mathew.j.martineau@linux.intel.com" "matthieu.baerts@tessares.net" "pabeni@redhat.com"] crash: WARNING in set_precision netlink: 98586 bytes leftover after parsing attributes in process `syz-executor.3'. ------------[ cut here ]------------ precision 33020 too large WARNING: CPU: 1 PID: 8552 at lib/vsprintf.c:2471 set_precision+0x10d/0x150 lib/vsprintf.c:2471 Kernel panic - not syncing: panic_on_warn set ... CPU: 1 PID: 8552 Comm: syz-executor.3 Not tainted 5.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x128/0x182 lib/dump_stack.c:118 panic+0x22a/0x4e3 kernel/panic.c:221 __warn.cold.10+0x25/0x26 kernel/panic.c:582 report_bug+0x1ad/0x270 lib/bug.c:195 fixup_bug arch/x86/kernel/traps.c:174 [inline] do_error_trap+0x123/0x210 arch/x86/kernel/traps.c:267 do_invalid_op+0x31/0x40 arch/x86/kernel/traps.c:286 invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027 RIP: 0010:set_precision+0x10d/0x150 lib/vsprintf.c:2471 Code: 95 c2 84 d1 75 49 88 43 06 0f b6 c4 88 43 07 eb 83 89 c6 48 c7 c7 00 cd 2a 88 89 44 24 04 c6 05 3e 7c 7d 02 01 e8 2f f8 24 fa <0f> 0b 8b 44 24 04 e9 71 ff ff ff be 08 00 00 00 48 89 df 89 44 24 RSP: 0018:ffffc900045b7380 EFLAGS: 00010286 RAX: 0000000000000000 RBX: ffffc900045b7400 RCX: 0000000000000006 RDX: 1ffffffff1166b88 RSI: 0000000000000008 RDI: 0000000000000286 RBP: ffffc900045b7407 R08: fffffbfff165eb9b R09: fffffbfff165eb9b R10: fffffbfff165eb9a R11: ffffffff8b2f5cd7 R12: 00000000000080fc R13: dffffc0000000000 R14: ffffc900045b7580 R15: 0000000000000000 vsnprintf+0x252/0x1190 lib/vsprintf.c:2547 kvasprintf+0x8d/0x120 lib/kasprintf.c:22 kasprintf+0x96/0xc0 lib/kasprintf.c:59 hwsim_new_radio_nl+0x73b/0xdf0 drivers/net/wireless/mac80211_hwsim.c:3672 genl_family_rcv_msg_doit net/netlink/genetlink.c:673 [inline] genl_family_rcv_msg net/netlink/genetlink.c:718 [inline] genl_rcv_msg+0x5a9/0xf30 net/netlink/genetlink.c:735 netlink_rcv_skb+0x119/0x340 net/netlink/af_netlink.c:2469 genl_rcv+0x1f/0x30 net/netlink/genetlink.c:746 netlink_unicast_kernel net/netlink/af_netlink.c:1303 [inline] netlink_unicast+0x434/0x630 net/netlink/af_netlink.c:1329 netlink_sendmsg+0x714/0xc60 net/netlink/af_netlink.c:1918 sock_sendmsg_nosec net/socket.c:652 [inline] sock_sendmsg+0xac/0xe0 net/socket.c:672 ____sys_sendmsg+0x54e/0x750 net/socket.c:2345 ___sys_sendmsg+0xe4/0x160 net/socket.c:2399 __sys_sendmsg+0xce/0x170 net/socket.c:2432 do_syscall_64+0xc6/0x620 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45c889 Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f0df1834c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f0df18356d4 RCX: 000000000045c889 RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000000009f5 R14: 00000000004ccb09 R15: 000000000076bf0c Kernel Offset: disabled Rebooting in 86400 seconds..