syzbot: bpf subsystem

bpf subsystem

List(s): bpf@vger.kernel.org
Maintainer(s): andrii@kernel.org, ast@kernel.org, daniel@iogearbox.net
Fixed bugs: 275
Parent subsystem(s): kernel (73)

open (44):
Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Discussions
KASAN: slab-out-of-bounds Read in bpf_inode_storage_free bpf				2	6d19h	4d13h
possible deadlock in debug_check_no_obj_freed bpf				1	9d10h	5d10h
KASAN: slab-use-after-free Read in bpf_trace_run2 (2) trace bpf	syz			87	2d15h	5d17h	PATCH [now]
KASAN: slab-use-after-free Read in page_pool_put_unrefed_netmem bpf net				1	14d	10d
WARNING in push_jmp_history bpf	C	done		5	16d	16d	PATCH [2d16h]
WARNING in acquire_reference_state bpf	C	done		9	19d	16d
KFENCE: memory corruption in pskb_expand_head bpf net	C	done		5	16d	18d	💬 1 [18d]
possible deadlock in __put_partials bpf				1	23d	19d
BUG: MAX_STACK_TRACE_ENTRIES too low! (4) bpf	syz	done		4	8d05h	26d
possible deadlock in __mod_timer (4) bpf trace	C			4	20d	31d	💬 6 [8d10h]
possible deadlock in htab_map_delete_elem bpf	C			3	32d	42d
KASAN: slab-use-after-free Read in sk_filter_trim_cap bpf net				1	49d	49d
WARNING: locking bug in search_bpf_extables bpf				1	57d	53d
WARNING in sock_map_destroy net bpf	C	error		6	26d	57d	PATCH [26d]
BUG: unable to handle kernel NULL pointer dereference in tcp_bpf_sendmsg bpf net				2	60d	57d
WARNING in bpf_get_stack_raw_tp bpf trace	C	error		33	1d22h	58d	💬 6 [8d10h]
INFO: rcu detected stall in kcov_close mm bpf				56	5d09h	72d
BUG: spinlock recursion in bpf_lru_push_free bpf				1	79d	79d	💬 1 [78d]
possible deadlock in htab_lock_bucket (2) bpf	C	error		3	17d	79d
possible deadlock in deactivate_slab bpf				2	90d	138d
INFO: rcu detected stall in sys_bpf (9) bpf	C	error		45	2d05h	148d
possible deadlock in __lock_task_sighand (3) bpf	C	done	inconclusive	112	86d	149d
possible deadlock in get_partial_node bpf				19	7d22h	154d
KMSAN: uninit-value in dev_map_hash_lookup_elem bpf net	C			20	132d	158d
WARNING in bpf_map_lookup_percpu_elem bpf	C	done		2116	22d	177d
possible deadlock in stack_depot_save_flags bpf				7	30d	181d
INFO: rcu detected stall in sys_close (7) bpf	C	error		5	2d03h	187d
possible deadlock in __stack_map_get bpf	C	error		48	1d19h	188d	💬 2 [8d02h]
possible deadlock in queue_stack_map_push_elem bpf	C	error		54	13d	189d
possible deadlock in get_page_from_freelist bpf				17	29d	191d	💬 5 [156d]
possible deadlock in __queue_map_get bpf	C	error		159	2d18h	193d	PATCH [159d]
possible deadlock in trie_update_elem bpf				136	3d17h	210d
INFO: rcu detected stall in kauditd_thread (4) audit bpf	C	error		15	4d00h	210d	💬 6 [206d]
possible deadlock in trie_delete_elem bpf	C	done		20470	15h52m	217d	PATCH [138d]
possible deadlock in sock_map_delete_elem net bpf	C	error	done	869	134d	219d
UBSAN: array-index-out-of-bounds in bpf_prog_select_runtime bpf	C	done		11	17d	223d	PATCH [170d]
possible deadlock in __bpf_ringbuf_reserve bpf	C	error		1669	1d05h	225d	💬 6 [8d02h]
KASAN: slab-out-of-bounds Read in btf_datasec_check_meta bpf	C	done		16010	32d	226d	PATCH [226d]
INFO: rcu detected stall in sys_syslog (2) mm bpf	syz	error		21	23h25m	246d
KMSAN: uninit-value in ___bpf_prog_run (4) bpf	C			247	8d09h	302d
WARNING in format_decode (3) bpf trace	C	done		1209	1d04h	337d	PATCH [14d]
INFO: rcu detected stall in sys_unshare (9) bpf	C	inconclusive		8	16d	348d	💬 1 [226d]
possible deadlock in task_fork_fair bpf	C	done		9106	29d	381d	💬 1 [39d]
INFO: rcu detected stall in watchdog bpf usb	C	error		6	21d	797d

moderation (6):
Title	Repro	Count	Last	Reported
KCSAN: data-race in __queue_delayed_work / kvfree_call_rcu bpf		3	6d14h	22d
KCSAN: data-race in bpf_lru_pop_free / htab_lru_percpu_map_lookup_elem (3) bpf		1	25d	25d
general protection fault in drain_mem_cache (2) bpf		1	47d	43d
KASAN: slab-use-after-free Read in cpu_map_enqueue bpf net		3	88d	101d
KCSAN: data-race in pcpu_alloc_noprof / pcpu_block_update_hint_alloc netfilter bpf	syz	165	1d19h	157d
KCSAN: data-race in pcpu_alloc / pcpu_block_update_hint_alloc netfilter bpf	syz	1228	158d	1812d