bisecting cause commit starting from f7b88d9ae91e6cc52f9a5c21e0eb3eef36bdd5d4 building syzkaller on 744a39e220cece33e207035facce6c5ae161b775 testing commit f7b88d9ae91e6cc52f9a5c21e0eb3eef36bdd5d4 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 73d4a5d0efca790f55eb7fe1dc68f3ad358c63d07846975c4895a1e966c0aa15 all runs: crashed: WARNING in nfnetlink_unbind testing release v5.17 testing commit f443e374ae131c168a065ea1748feac6b2e76613 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 84392581ef32b08e313d2884bee25dc8b8bd03d24a39a2c1764e9ea30aa4f2a1 all runs: OK # git bisect start f7b88d9ae91e6cc52f9a5c21e0eb3eef36bdd5d4 f443e374ae131c168a065ea1748feac6b2e76613 Bisecting: 8215 revisions left to test after this (roughly 13 steps) [b14ffae378aa1db993e62b01392e70d1e585fb23] Merge tag 'drm-next-2022-03-24' of git://anongit.freedesktop.org/drm/drm testing commit b14ffae378aa1db993e62b01392e70d1e585fb23 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 71b5dc8b46bc929fa994f9d362a5b1e6560bc211100cad62544b32dbf3948f06 all runs: OK # git bisect good b14ffae378aa1db993e62b01392e70d1e585fb23 Bisecting: 4078 revisions left to test after this (roughly 12 steps) [95124339875c8d9c092eb2fa3993e4751e1be48d] Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux testing commit 95124339875c8d9c092eb2fa3993e4751e1be48d compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5c842efda5d69b08618101422dcc7c66d63101c5614d827fe9e05645247328bf all runs: OK # git bisect good 95124339875c8d9c092eb2fa3993e4751e1be48d Bisecting: 2039 revisions left to test after this (roughly 11 steps) [249aca0d3d631660aa3583c6a3559b75b6e971b4] Merge tag 'net-5.18-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit 249aca0d3d631660aa3583c6a3559b75b6e971b4 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 13c6fe799750fa2afa3f7085f3a51025637b2c7b130efd842bf5f270ee2a9428 all runs: OK # git bisect good 249aca0d3d631660aa3583c6a3559b75b6e971b4 Bisecting: 973 revisions left to test after this (roughly 10 steps) [f43f0cd2d9b07caf38d744701b0b54d4244da8cc] Merge tag 'wireless-next-2022-05-03' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless-next testing commit f43f0cd2d9b07caf38d744701b0b54d4244da8cc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: b746f5f99f00dfdb8a0105cdad50af8ddbb3b8bd57ed772f1497c854b58ee7be all runs: OK # git bisect good f43f0cd2d9b07caf38d744701b0b54d4244da8cc Bisecting: 486 revisions left to test after this (roughly 9 steps) [39d439047f1dc88f98b755d6f3a53a4ef8f0de21] net: wwan: t7xx: Add control DMA interface testing commit 39d439047f1dc88f98b755d6f3a53a4ef8f0de21 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: b9781bb69340bf7c8232d922c8da066127f9129bbf76d05001a7bafe5e2e45fa all runs: OK # git bisect good 39d439047f1dc88f98b755d6f3a53a4ef8f0de21 Bisecting: 265 revisions left to test after this (roughly 8 steps) [f3f19f939c11925dadd3f4776f99f8c278a7017b] Merge tag 'net-5.18-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit f3f19f939c11925dadd3f4776f99f8c278a7017b compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f5abbf784dbabbf13898bc05d624a85a7288bfa5b0f13be5bf07568842c8d50f all runs: OK # git bisect good f3f19f939c11925dadd3f4776f99f8c278a7017b Bisecting: 132 revisions left to test after this (roughly 7 steps) [7e708760fc114f049df9dccb994e23d20866b310] net: mscc: ocelot: move ocelot_port_private :: chip_port to ocelot_port :: index testing commit 7e708760fc114f049df9dccb994e23d20866b310 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: ee0422f602324127acb931776e423ec95dd37fa9ea0e26c5065253a54fd4bd51 all runs: OK # git bisect good 7e708760fc114f049df9dccb994e23d20866b310 Bisecting: 66 revisions left to test after this (roughly 6 steps) [a7931ac16128bb3af5c4ac482057a711da117856] dt-bindings: net: renesas,etheravb: Document RZ/V2M SoC testing commit a7931ac16128bb3af5c4ac482057a711da117856 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: ce1dab00e6f0dd89911a1ce026bff99c8c838e665380cfbda62d924177b1edb0 all runs: crashed: WARNING in nfnetlink_unbind # git bisect bad a7931ac16128bb3af5c4ac482057a711da117856 Bisecting: 32 revisions left to test after this (roughly 5 steps) [a65cc84355407d1b149d4fd6843ac5cd18168bcc] Merge branch 'bnxt_en-next' testing commit a65cc84355407d1b149d4fd6843ac5cd18168bcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a8926cf6b4a2df8bf56d6469f0b4ef8c63f111673986a2d9cec96d6f3cfe8b26 all runs: OK # git bisect good a65cc84355407d1b149d4fd6843ac5cd18168bcc Bisecting: 16 revisions left to test after this (roughly 4 steps) [3412e16418286bdc12561827cbd22f94cb8af5e1] netfilter: flowtable: nft_flow_route use more data for reverse route testing commit 3412e16418286bdc12561827cbd22f94cb8af5e1 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 31518c1b52896cc925eeb45e81e98c88f7ec267dbb4f3b941fb54c37cdc7120e all runs: crashed: WARNING in nfnetlink_unbind # git bisect bad 3412e16418286bdc12561827cbd22f94cb8af5e1 Bisecting: 7 revisions left to test after this (roughly 3 steps) [ace53fdc262fa6751acd3d61f3236f84ae3340f1] netfilter: conntrack: remove __nf_ct_unconfirmed_destroy testing commit ace53fdc262fa6751acd3d61f3236f84ae3340f1 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 64db999633f28319d0b6cdaef36ffcc2398a18a6bd67ea040460cd264eb35e49 all runs: OK # git bisect good ace53fdc262fa6751acd3d61f3236f84ae3340f1 Bisecting: 3 revisions left to test after this (roughly 2 steps) [2794cdb0b97bfe62d25c996c8afe4832207e78bc] netfilter: nfnetlink: allow to detect if ctnetlink listeners exist testing commit 2794cdb0b97bfe62d25c996c8afe4832207e78bc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1faa3a5ecea6bb4d895ed3adea971368d979f1ce751023f26e74a1cdae8f02a6 all runs: crashed: WARNING in nfnetlink_unbind # git bisect bad 2794cdb0b97bfe62d25c996c8afe4832207e78bc Bisecting: 1 revision left to test after this (roughly 1 step) [0bcfbafbcd345f285db0c3788e6359ceac6a008c] netfilter: conntrack: avoid unconditional local_bh_disable testing commit 0bcfbafbcd345f285db0c3788e6359ceac6a008c compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c4feab04748c75fdee8b33c9f168d0a94f5d0e3b8fb589109a74f2ba9eaff9e2 all runs: OK # git bisect good 0bcfbafbcd345f285db0c3788e6359ceac6a008c Bisecting: 0 revisions left to test after this (roughly 0 steps) [8169ff584003c871a226719e998bb034231954d6] netfilter: conntrack: add nf_ct_iter_data object for nf_ct_iterate_cleanup*() testing commit 8169ff584003c871a226719e998bb034231954d6 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 62961c98fbb08f1455155faecba273ddf7ba1757317190de7720737ac7989df6 all runs: OK # git bisect good 8169ff584003c871a226719e998bb034231954d6 2794cdb0b97bfe62d25c996c8afe4832207e78bc is the first bad commit commit 2794cdb0b97bfe62d25c996c8afe4832207e78bc Author: Florian Westphal Date: Mon Apr 25 15:15:41 2022 +0200 netfilter: nfnetlink: allow to detect if ctnetlink listeners exist At this time, every new conntrack gets the 'event cache extension' enabled for it. This is because the 'net.netfilter.nf_conntrack_events' sysctl defaults to 1. Changing the default to 0 means that commands that rely on the event notification extension, e.g. 'conntrack -E' or conntrackd, stop working. We COULD detect if there is a listener by means of 'nfnetlink_has_listeners()' and only add the extension if this is true. The downside is a dependency from conntrack module to nfnetlink module. This adds a different way: inc/dec a counter whenever a ctnetlink group is being (un)subscribed and toggle a flag in struct net. Next patches will take advantage of this and will only add the event extension if the flag is set. Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso include/net/netns/conntrack.h | 1 + net/netfilter/nfnetlink.c | 40 +++++++++++++++++++++++++++++++++++++--- 2 files changed, 38 insertions(+), 3 deletions(-) culprit signature: 1faa3a5ecea6bb4d895ed3adea971368d979f1ce751023f26e74a1cdae8f02a6 parent signature: 62961c98fbb08f1455155faecba273ddf7ba1757317190de7720737ac7989df6 revisions tested: 16, total time: 3h35m22.69650504s (build: 1h37m55.739233195s, test: 1h55m53.43868837s) first bad commit: 2794cdb0b97bfe62d25c996c8afe4832207e78bc netfilter: nfnetlink: allow to detect if ctnetlink listeners exist recipients (to): ["coreteam@netfilter.org" "davem@davemloft.net" "fw@strlen.de" "fw@strlen.de" "kadlec@netfilter.org" "kuba@kernel.org" "netdev@vger.kernel.org" "netfilter-devel@vger.kernel.org" "pabeni@redhat.com" "pablo@netfilter.org" "pablo@netfilter.org"] recipients (cc): ["ali.abdallah@suse.com" "linux-kernel@vger.kernel.org" "ozsh@nvidia.com" "paulb@nvidia.com"] crash: WARNING in nfnetlink_unbind ------------[ cut here ]------------ WARNING: CPU: 0 PID: 4084 at net/netfilter/nfnetlink.c:703 rcu_read_lock include/linux/rcupdate.h:695 [inline] WARNING: CPU: 0 PID: 4084 at net/netfilter/nfnetlink.c:703 net_generic include/net/netns/generic.h:44 [inline] WARNING: CPU: 0 PID: 4084 at net/netfilter/nfnetlink.c:703 nfnl_pernet net/netfilter/nfnetlink.c:89 [inline] WARNING: CPU: 0 PID: 4084 at net/netfilter/nfnetlink.c:703 nfnetlink_unbind net/netfilter/nfnetlink.c:700 [inline] WARNING: CPU: 0 PID: 4084 at net/netfilter/nfnetlink.c:703 nfnetlink_unbind+0x259/0x2c0 net/netfilter/nfnetlink.c:694 Modules linked in: CPU: 1 PID: 4084 Comm: syz-executor.0 Not tainted 5.18.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:nfnetlink_unbind net/netfilter/nfnetlink.c:703 [inline] RIP: 0010:nfnetlink_unbind+0x259/0x2c0 net/netfilter/nfnetlink.c:694 Code: 0f 85 61 fe ff ff 48 c7 c2 20 18 e9 89 be b7 02 00 00 48 c7 c7 80 18 e9 89 c6 05 36 ee cc 05 01 e8 9d a3 71 01 e9 3d fe ff ff <0f> 0b c7 45 00 ff ff ff ff e9 24 ff ff ff 48 89 34 24 e8 50 90 c6 RSP: 0018:ffffc9000476fd00 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff88801d719b80 RCX: 0000000000000000 RDX: 1ffff11003933fa8 RSI: 0000000000000008 RDI: 0000000000000001 RBP: ffff88801c99fd40 R08: 0000000000000000 R09: ffffc9000476fc3f R10: fffff520008edf87 R11: 0000000000000001 R12: ffff88807cc3e800 R13: ffff88801f343f78 R14: ffff88807a870000 R15: 0000000000000000 FS: 00007ff9b8dfe700(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffc2361c048 CR3: 000000001c969000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: netlink_setsockopt+0x7a6/0xb50 net/netlink/af_netlink.c:1661 __sys_setsockopt+0x1fd/0x550 net/socket.c:2180 __do_sys_setsockopt net/socket.c:2191 [inline] __se_sys_setsockopt net/socket.c:2188 [inline] __x64_sys_setsockopt+0xb5/0x150 net/socket.c:2188 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7ff9b96890e9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ff9b8dfe168 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007ff9b979bf60 RCX: 00007ff9b96890e9 RDX: 0000000000000002 RSI: 000000000000010e RDI: 0000000000000003 RBP: 00007ff9b96e308d R08: 0000000000000004 R09: 0000000000000000 R10: 0000000020001280 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc2361bd1f R14: 00007ff9b8dfe300 R15: 0000000000022000