ci starts bisection 2023-09-09 05:35:35.887636402 +0000 UTC m=+41389.820414110 bisecting cause commit starting from fa09bc40b21a33937872c4c4cf0f266ec9fa4869 building syzkaller on 696ea0d2f4fdaa17db929e152edba19bf7666d84 ensuring issue is reproducible on original commit fa09bc40b21a33937872c4c4cf0f266ec9fa4869 testing commit fa09bc40b21a33937872c4c4cf0f266ec9fa4869 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 9fc4ad2f95c44b0d048e644c216365a7836505a80d871f4ae6b3951cc5b5e47a all runs: crashed: general protection fault in bpf_prog_offload_verifier_prep representative crash: general protection fault in bpf_prog_offload_verifier_prep, types: [UNKNOWN] check whether we can drop unnecessary instrumentation disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN], they are not needed testing commit fa09bc40b21a33937872c4c4cf0f266ec9fa4869 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 14da071adaf78f8a692b421dd1ef871df3c73714667c0c47022dc615ec7c038e all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep representative crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep, types: [UNKNOWN] the bug reproduces without the instrumentation disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed kconfig minimization: base=3883 full=7650 leaves diff=2000 split chunks (needed=false): <2000> split chunk #0 of len 2000 into 5 parts testing without sub-chunk 1/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit fa09bc40b21a33937872c4c4cf0f266ec9fa4869 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b6966fcddf5e1b9d2e802b3d718ef57f7917e1881fa39d6fa6ba03e4c06a2cb0 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep representative crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed testing commit fa09bc40b21a33937872c4c4cf0f266ec9fa4869 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 0bc10bd147d15a6bd382f4963516c5e01207023b2f6d1b1c0d2429c0a47ebc69 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep representative crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 3/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit fa09bc40b21a33937872c4c4cf0f266ec9fa4869 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 595c955455bbfb74cf5dc91c34d341d5d5e01118f6432da360911669640d913f all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep representative crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 4/5 disabling configs for [UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed testing commit fa09bc40b21a33937872c4c4cf0f266ec9fa4869 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: dd7d47b7327c0dd7d7a4e2397fa56844436095a94ded68345a8c0b9a0ca343a2 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep representative crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 5/5 disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed testing commit fa09bc40b21a33937872c4c4cf0f266ec9fa4869 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: f34bc075de575a15971e1977c843449ecb28928e0eb231bf41c9e3e0235411ea all runs: OK false negative chance: 0.000 minimized to 400 configs; suspects: [ARCH_ENABLE_MEMORY_HOTREMOVE ATM BCMA BLK_DEV_ZONED BPF_SYSCALL CARDBUS CFG80211 CFG80211_WEXT CMA COMMON_CLK CONTIG_ALLOC CRYPTO_842 CRYPTO_LZ4 CRYPTO_LZ4HC CRYPTO_LZO CRYPTO_ZSTD DVB_CORE EXTCON FB GPIOLIB HID_ZEROPLUS I2C_MUX IIO IOMMUFD IRQ_REMAP KVM KVM_INTEL LIBNVDIMM MEDIA_ANALOG_TV_SUPPORT MEDIA_CAMERA_SUPPORT MEDIA_CEC_SUPPORT MEDIA_CONTROLLER MEDIA_DIGITAL_TV_SUPPORT MEDIA_RADIO_SUPPORT MEDIA_SDR_SUPPORT MEDIA_SUPPORT MEDIA_TEST_SUPPORT MEDIA_USB_SUPPORT MEMORY_HOTPLUG MEMORY_HOTREMOVE MFD_VIPERBOARD PARPORT PCCARD PCMCIA PHONET RADIO_ADAPTERS RADIO_SI470X RADIO_SI4713 RC_CORE RFKILL SND SOUND SPI SSB TAP TARGET_CORE TUN USB_AMD5536UDC USB_ATM USB_CONFIGFS USB_CONFIGFS_F_FS USB_CONFIGFS_F_HID USB_CONFIGFS_F_LB_SS USB_CONFIGFS_F_MIDI USB_CONFIGFS_F_PRINTER USB_CONFIGFS_F_TCM USB_CONFIGFS_F_UAC1 USB_CONFIGFS_F_UAC1_LEGACY USB_CONFIGFS_F_UAC2 USB_CONFIGFS_F_UVC USB_CONFIGFS_MASS_STORAGE USB_CONFIGFS_NCM USB_CONFIGFS_OBEX USB_CONFIGFS_PHONET USB_CONFIGFS_RNDIS USB_CONFIGFS_SERIAL USB_CXACRU USB_CYPRESS_CY7C63 USB_CYTHERM USB_DSBR USB_DUMMY_HCD USB_DWC2 USB_DWC2_HOST USB_DWC2_PCI USB_DWC3 USB_DWC3_GADGET USB_DWC3_OF_SIMPLE USB_DWC3_PCI USB_DWC3_ULPI USB_DYNAMIC_MINORS USB_EG20T USB_EHCI_HCD_PLATFORM USB_EHCI_ROOT_HUB_TT USB_EHSET_TEST_FIXTURE USB_EMI26 USB_EMI62 USB_EPSON2888 USB_EZUSB_FX2 USB_FEW_INIT_RETRIES USB_F_ACM USB_F_ECM USB_F_EEM USB_F_FS USB_F_HID USB_F_MASS_STORAGE USB_F_MIDI USB_F_NCM USB_F_OBEX USB_F_PHONET USB_F_PRINTER USB_F_RNDIS USB_F_SERIAL USB_F_SS_LB USB_F_SUBSET USB_F_TCM USB_F_UAC1 USB_F_UAC1_LEGACY USB_F_UAC2 USB_F_UVC USB_GADGET USB_GADGETFS USB_GADGET_DEBUG_FILES USB_GADGET_DEBUG_FS USB_GL860 USB_GOKU USB_GPIO_VBUS USB_GR_UDC USB_GSPCA USB_GSPCA_BENQ USB_GSPCA_CONEX USB_GSPCA_CPIA1 USB_GSPCA_DTCS033 USB_GSPCA_ETOMS USB_GSPCA_FINEPIX USB_GSPCA_JEILINJ USB_GSPCA_JL2005BCD USB_GSPCA_KINECT USB_GSPCA_KONICA USB_GSPCA_MARS USB_GSPCA_MR97310A USB_GSPCA_NW80X USB_GSPCA_OV519 USB_GSPCA_OV534 USB_GSPCA_OV534_9 USB_GSPCA_PAC207 USB_GSPCA_PAC7302 USB_GSPCA_PAC7311 USB_GSPCA_SE401 USB_GSPCA_SN9C2028 USB_GSPCA_SN9C20X USB_GSPCA_SONIXB USB_GSPCA_SONIXJ USB_GSPCA_SPCA1528 USB_GSPCA_SPCA500 USB_GSPCA_SPCA501 USB_GSPCA_SPCA505 USB_GSPCA_SPCA506 USB_GSPCA_SPCA508 USB_GSPCA_SPCA561 USB_GSPCA_SQ905 USB_GSPCA_SQ905C USB_GSPCA_SQ930X USB_GSPCA_STK014 USB_GSPCA_STK1135 USB_GSPCA_STV0680 USB_GSPCA_SUNPLUS USB_GSPCA_T613 USB_GSPCA_TOPRO USB_GSPCA_TOUPTEK USB_GSPCA_TV8532 USB_GSPCA_VC032X USB_GSPCA_VICAM USB_GSPCA_XIRLINK_CIT USB_GSPCA_ZC3XX USB_HACKRF USB_HCD_BCMA USB_HCD_SSB USB_HSIC_USB3503 USB_HSIC_USB4604 USB_HSO USB_HUB_USB251XB USB_IDMOUSE USB_IOWARRIOR USB_IPHETH USB_ISIGHTFW USB_ISP116X_HCD USB_ISP1301 USB_ISP1760 USB_ISP1760_DUAL_ROLE USB_ISP1760_HCD USB_ISP1761_UDC USB_KAWETH USB_KC2190 USB_KEENE USB_LAN78XX USB_LCD USB_LD USB_LEDS_TRIGGER_USBPORT USB_LED_TRIG USB_LEGOTOWER USB_LIBCOMPOSITE USB_LINK_LAYER_TEST USB_M5602 USB_MA901 USB_MAX3421_HCD USB_MDC800 USB_MICROTEK USB_MR800 USB_MSI2500 USB_MUSB_DUAL_ROLE USB_MUSB_HDRC USB_MV_U3D USB_MV_UDC USB_NET2272 USB_NET2272_DMA USB_NET2280 USB_NET_AX88179_178A USB_NET_AX8817X USB_NET_CDCETHER USB_NET_CDC_EEM USB_NET_CDC_MBIM USB_NET_CDC_NCM USB_NET_CDC_SUBSET USB_NET_CDC_SUBSET_ENABLE USB_NET_CH9200 USB_NET_CX82310_ETH USB_NET_DM9601 USB_NET_GL620A USB_NET_HUAWEI_CDC_NCM USB_NET_INT51X1 USB_NET_KALMIA USB_NET_MCS7830 USB_NET_NET1080 USB_NET_PLUSB USB_NET_QMI_WWAN USB_NET_RNDIS_HOST USB_NET_RNDIS_WLAN USB_NET_SMSC75XX USB_NET_SMSC95XX USB_NET_SR9700 USB_NET_SR9800 USB_NET_ZAURUS USB_OHCI_HCD_PLATFORM USB_OTG USB_OTG_FSM USB_OXU210HP_HCD USB_PEGASUS USB_PULSE8_CEC USB_PWC USB_PWC_INPUT_EVDEV USB_PXA27X USB_R8A66597 USB_R8A66597_HCD USB_RAINSHADOW_CEC USB_RAREMONO USB_RAW_GADGET USB_RTL8150 USB_RTL8152 USB_RTL8153_ECM USB_S2255 USB_SERIAL USB_SERIAL_AIRCABLE USB_SERIAL_ARK3116 USB_SERIAL_BELKIN USB_SERIAL_CH341 USB_SERIAL_CONSOLE USB_SERIAL_CP210X USB_SERIAL_CYBERJACK USB_SERIAL_CYPRESS_M8 USB_SERIAL_DEBUG USB_SERIAL_DIGI_ACCELEPORT USB_SERIAL_EDGEPORT USB_SERIAL_EDGEPORT_TI USB_SERIAL_EMPEG USB_SERIAL_F81232 USB_SERIAL_F8153X USB_SERIAL_FTDI_SIO USB_SERIAL_GARMIN USB_SERIAL_GENERIC USB_SERIAL_IPAQ USB_SERIAL_IPW USB_SERIAL_IR USB_SERIAL_IUU USB_SERIAL_KEYSPAN USB_SERIAL_KEYSPAN_PDA USB_SERIAL_KLSI USB_SERIAL_KOBIL_SCT USB_SERIAL_MCT_U232 USB_SERIAL_METRO USB_SERIAL_MOS7715_PARPORT USB_SERIAL_MOS7720 USB_SERIAL_MOS7840 USB_SERIAL_MXUPORT USB_SERIAL_NAVMAN USB_SERIAL_OMNINET USB_SERIAL_OPTICON USB_SERIAL_OPTION USB_SERIAL_OTI6858 USB_SERIAL_PL2303 USB_SERIAL_QCAUX USB_SERIAL_QT2 USB_SERIAL_QUALCOMM USB_SERIAL_SAFE USB_SERIAL_SIERRAWIRELESS USB_SERIAL_SIMPLE USB_SERIAL_SPCP8X5 USB_SERIAL_SSU100 USB_SERIAL_SYMBOL USB_SERIAL_TI USB_SERIAL_UPD78F0730 USB_SERIAL_VISOR USB_SERIAL_WHITEHEAT USB_SERIAL_WISHBONE USB_SERIAL_WWAN USB_SERIAL_XR USB_SERIAL_XSENS_MT USB_SEVSEG USB_SI470X USB_SI4713 USB_SIERRA_NET USB_SISUSBVGA USB_SL811_CS USB_SL811_HCD USB_SL811_HCD_ISO USB_SNP_CORE USB_SPEEDTOUCH USB_STORAGE_ALAUDA USB_STORAGE_CYPRESS_ATACB USB_STORAGE_DATAFAB USB_STORAGE_ENE_UB6250 USB_STORAGE_FREECOM USB_STORAGE_ISD200 USB_STORAGE_JUMPSHOT USB_STORAGE_KARMA USB_STORAGE_ONETOUCH USB_STORAGE_SDDR09 USB_STORAGE_SDDR55 USB_STORAGE_USBAT USB_STV06XX USB_TEST USB_TMC USB_TRANCEVIBRATOR USB_UAS USB_UEAGLEATM USB_ULPI_BUS USB_USBNET USB_USS720 USB_U_AUDIO USB_U_ETHER USB_U_SERIAL USB_VIDEO_CLASS USB_VIDEO_CLASS_INPUT_EVDEV USB_VL600 USB_WDM USB_XHCI_DBGCAP USB_XHCI_PLATFORM USB_XUSBATM USB_YUREX USERFAULTFD USERIO USERMODE_DRIVER USER_RETURN_NOTIFIER UVC_COMMON U_SERIAL_CONSOLE V4L2_MEM2MEM_DEV V4L_TEST_DRIVERS VALIDATE_FS_PARSER VDPA VDPA_SIM VDPA_SIM_BLOCK VDPA_SIM_NET VDPA_USER VETH VFIO VFIO_PCI VFIO_PCI_CORE VFIO_PCI_INTX VFIO_PCI_MMAP VFIO_VIRQFD VGASTATE VHOST VHOST_CROSS_ENDIAN_LEGACY VHOST_IOTLB VHOST_NET VHOST_RING VHOST_TASK VHOST_VDPA VHOST_VSOCK VIDEOBUF2_CORE VIDEOBUF2_DMA_CONTIG VIDEOBUF2_DMA_SG VIDEOBUF2_MEMOPS VIDEOBUF2_V4L2 VIDEOBUF2_VMALLOC VIDEOMODE_HELPERS VIDEO_AU0828 VIDEO_AU0828_RC VIDEO_AU0828_V4L2 VIDEO_CMDLINE VIDEO_CS53L32A VIDEO_CX231XX VIDEO_CX231XX_ALSA VIDEO_CX231XX_DVB VIDEO_CX231XX_RC VIDEO_CX2341X VIDEO_CX25840 VIDEO_DEV VIDEO_EM28XX VIDEO_EM28XX_ALSA VIDEO_EM28XX_DVB VIDEO_EM28XX_RC VIDEO_EM28XX_V4L2 VIDEO_GO7007 VIDEO_GO7007_LOADER VIDEO_GO7007_USB VIDEO_GO7007_USB_S2250_BOARD VIDEO_HDPVR VIDEO_MSP3400 VIDEO_NOMODESET VIDEO_PVRUSB2 VIDEO_PVRUSB2_DVB VIDEO_PVRUSB2_SYSFS VIDEO_SAA711X VIDEO_STK1160 VIDEO_TUNER VIDEO_TVEEPROM VIDEO_USBTV VIDEO_V4L2_I2C VIDEO_V4L2_SUBDEV_API VIDEO_V4L2_TPG VIDEO_VICODEC VIDEO_VIM2M VIDEO_VIMC VIDEO_VIVID VIDEO_VIVID_CEC VIDEO_WM8775 VIPERBOARD_ADC VIRTIO_BALLOON VIRTIO_DMA_SHARED_BUFFER VIRTIO_MEM VIRTIO_MMIO VIRTIO_MMIO_CMDLINE_DEVICES VIRTIO_PMEM VIRTIO_VDPA VIRTIO_VSOCKETS VIRTIO_VSOCKETS_COMMON VIRT_WIFI VLAN_8021Q VLAN_8021Q_GVRP VLAN_8021Q_MVRP VMAP_PFN VMWARE_VMCI VMXNET3 VP_VDPA VSOCKETS VSOCKETS_DIAG VSOCKETS_LOOPBACK VSOCKMON VT_HW_CONSOLE_BINDING VXFS_FS WANT_DEV_COREDUMP WEXT_CORE WEXT_PRIV WEXT_PROC WIREGUARD WIRELESS WIRELESS_EXT WLAN WLAN_VENDOR_ADMTEK WLAN_VENDOR_PURELIFI WLAN_VENDOR_SILABS X86_SGX X86_SGX_KVM X86_X2APIC X86_X32_ABI XARRAY_MULTI XDP_SOCKETS XDP_SOCKETS_DIAG XFRM_ESPINTCP XFRM_INTERFACE XFRM_IPCOMP XFRM_MIGRATE XFRM_OFFLOAD XFRM_STATISTICS XFRM_SUB_POLICY XFRM_USER_COMPAT XFS_FS XFS_POSIX_ACL XFS_QUOTA XFS_RT XOR_BLOCKS YENTA YENTA_ENE_TUNE YENTA_O2 YENTA_RICOH YENTA_TI YENTA_TOSHIBA ZBUD ZEROPLUS_FF ZLIB_DEFLATE ZONEFS_FS ZPOOL ZRAM ZRAM_DEF_COMP_LZORLE ZSMALLOC ZSTD_COMPRESS ZSWAP ZSWAP_COMPRESSOR_DEFAULT_LZO ZSWAP_DEFAULT_ON ZSWAP_ZPOOL_DEFAULT_ZBUD] disabling configs for [LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed picked [v6.5 v6.4 v6.3 v6.1 v5.19 v5.17 v5.15 v5.13 v5.10 v5.7 v5.4 v5.1 v4.19] out of 28 release tags testing release v6.5 testing commit 2dde18cd1d8fac735875f2e4987f11817cc0bc2c gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: fb00e182b8902c3c63d08b25d10dda386b09613842932c15cad8ea4f83044a38 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep representative crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep, types: [UNKNOWN] testing release v6.4 testing commit 6995e2de6891c724bfeb2db33d7b87775f913ad1 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: dbe6a69c33a2df7637df6653ccc4cee392201c66c45f89ed9dc026ca6d64a8b1 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep representative crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep, types: [UNKNOWN] testing release v6.3 testing commit 457391b0380335d5e9a5babdec90ac53928b23b4 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 15c7ca31b5514325a114c1ac1cf85f4fcfed47d170097ee64e054b15140f5920 all runs: OK false negative chance: 0.000 # git bisect start 6995e2de6891c724bfeb2db33d7b87775f913ad1 457391b0380335d5e9a5babdec90ac53928b23b4 Bisecting: 8012 revisions left to test after this (roughly 13 steps) [d42b1c47570eb2ed818dc3fe94b2678124af109d] Merge tag 'devicetree-for-6.4-1' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux testing commit d42b1c47570eb2ed818dc3fe94b2678124af109d gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 59aff2184bbac2fcbdf64eb0b3919899b1f0b5e5b0ae7475da02471580f06c5a all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep representative crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep, types: [UNKNOWN] # git bisect bad d42b1c47570eb2ed818dc3fe94b2678124af109d Bisecting: 4005 revisions left to test after this (roughly 12 steps) [088e0c188513b58a0056a488cf5b7df094a8a48a] Merge tag 'platform-drivers-x86-v6.4-1' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86 testing commit 088e0c188513b58a0056a488cf5b7df094a8a48a gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: df3ea662fb741e4efda890e015f1a2f5e35cdd05de52e07685fc9ee7323cc6c2 all runs: OK false negative chance: 0.000 # git bisect good 088e0c188513b58a0056a488cf5b7df094a8a48a Bisecting: 2003 revisions left to test after this (roughly 11 steps) [c3c060adc0249355411a93e61888051e6902b8a1] netfilter: nf_tables: extended netlink error reporting for netdevice testing commit c3c060adc0249355411a93e61888051e6902b8a1 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 114af8ab0a4d32a87fb2390d88cd9dab436d3900a2cd5b7254715d76d6cdc011 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep representative crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep, types: [UNKNOWN] # git bisect bad c3c060adc0249355411a93e61888051e6902b8a1 Bisecting: 1000 revisions left to test after this (roughly 10 steps) [9ecc00164dc2300dfcd40afe549a8ee951dfea9f] net: dsa: mt7530: refactor SGMII PCS creation testing commit 9ecc00164dc2300dfcd40afe549a8ee951dfea9f gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 237d1b9144bc93ff904449085d52a60841b85870aeedc086bf6569ec62c1a9eb all runs: OK false negative chance: 0.000 # git bisect good 9ecc00164dc2300dfcd40afe549a8ee951dfea9f Bisecting: 505 revisions left to test after this (roughly 9 steps) [f7d29571ab0ad8b0251d8f2fe433b21ac045091c] Merge branch 'add-kernel-tc-mqprio-and-tc-taprio-support-for-preemptible-traffic-classes' testing commit f7d29571ab0ad8b0251d8f2fe433b21ac045091c gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 8060c3ac4a793373851a754f2b1dbe5f3bc07fbdba80b07ecdea09683ff64182 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep representative crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep, types: [UNKNOWN] # git bisect bad f7d29571ab0ad8b0251d8f2fe433b21ac045091c Bisecting: 247 revisions left to test after this (roughly 8 steps) [eafa92152e2ec6318e32b6ddda9c1d95d161000a] bpf: Remove extra whitespace in SPDX tag for syscall/helpers man pages testing commit eafa92152e2ec6318e32b6ddda9c1d95d161000a gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: d134db5189e2cba550ba656391eadaac3bef5fc6834ba4bd516ccbc856ab2601 all runs: OK false negative chance: 0.000 # git bisect good eafa92152e2ec6318e32b6ddda9c1d95d161000a Bisecting: 123 revisions left to test after this (roughly 7 steps) [48b7ea1d22ddf657e2692fb2b399138a02d31c17] net: make SO_BUSY_POLL available to all users testing commit 48b7ea1d22ddf657e2692fb2b399138a02d31c17 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 4eee33ffb1d2af8c5ca415f62e5ef33e2b8aacfe0611202da207a02e247937f2 all runs: OK false negative chance: 0.000 # git bisect good 48b7ea1d22ddf657e2692fb2b399138a02d31c17 Bisecting: 67 revisions left to test after this (roughly 6 steps) [800e68c44ffe71f9715f745b38fd1af6910b3773] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit 800e68c44ffe71f9715f745b38fd1af6910b3773 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 82bd368ce39f1bd0e78141176c24c53d66d125e99d268403b38066a09000b579 all runs: OK false negative chance: 0.000 # git bisect good 800e68c44ffe71f9715f745b38fd1af6910b3773 Bisecting: 33 revisions left to test after this (roughly 5 steps) [de6d014a09bf12a9a8959d60c0a1d4a41d394a89] selftests/bpf: Use read_perf_max_sample_freq() in perf_event_stackmap testing commit de6d014a09bf12a9a8959d60c0a1d4a41d394a89 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 18042005be94fd17e819da3c2734f28849b97705237208f3835bbadd45a38f35 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep representative crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep, types: [UNKNOWN] # git bisect bad de6d014a09bf12a9a8959d60c0a1d4a41d394a89 Bisecting: 16 revisions left to test after this (roughly 4 steps) [5787540827a9e2cdecf38166e648b2924a57443f] selftests/bpf: Add tests to validate log_true_size feature testing commit 5787540827a9e2cdecf38166e648b2924a57443f gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 39cf1e0f23c8419bfecee3213b8a0ff3888a5fda2a9e23b5ad6631c3061e4256 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep representative crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep, types: [UNKNOWN] # git bisect bad 5787540827a9e2cdecf38166e648b2924a57443f Bisecting: 8 revisions left to test after this (roughly 3 steps) [971fb5057d787d0a7e7c8cb910207c82e2db920e] bpf: Fix missing -EFAULT return on user log buf error in btf_parse() testing commit 971fb5057d787d0a7e7c8cb910207c82e2db920e gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 6d5778508b0a135f7a3a27a654e5df3784b11cd409487ab6d75aa5aa46a5ccfb all runs: OK false negative chance: 0.000 # git bisect good 971fb5057d787d0a7e7c8cb910207c82e2db920e Bisecting: 4 revisions left to test after this (roughly 2 steps) [47a71c1f9af0a334c9dfa97633c41de4feda4287] bpf: Add log_true_size output field to return necessary log buffer size testing commit 47a71c1f9af0a334c9dfa97633c41de4feda4287 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: bf55c543f844c3445e3da1ff5f2beef9ca0e6b93b1d77de8cbd740b5d608044a all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep representative crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep, types: [UNKNOWN] # git bisect bad 47a71c1f9af0a334c9dfa97633c41de4feda4287 Bisecting: 1 revision left to test after this (roughly 1 step) [8a6ca6bc553e3c878fa53c506bc6ec281efdc039] bpf: Simplify logging-related error conditions handling testing commit 8a6ca6bc553e3c878fa53c506bc6ec281efdc039 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: a9296bdc523e601ce5511aea3d80140cd1c6a484e04e05e4a8c8448b744f8808 all runs: OK false negative chance: 0.000 # git bisect good 8a6ca6bc553e3c878fa53c506bc6ec281efdc039 Bisecting: 0 revisions left to test after this (roughly 0 steps) [fa1c7d5cc404ac3b6e6b4ab6d00b07c76bd819be] bpf: Keep track of total log content size in both fixed and rolling modes testing commit fa1c7d5cc404ac3b6e6b4ab6d00b07c76bd819be gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 61eeaedf3118fce111fed1d41c696e8c3ba68a750ddf95e917ce68d527475793 all runs: OK false negative chance: 0.000 # git bisect good fa1c7d5cc404ac3b6e6b4ab6d00b07c76bd819be 47a71c1f9af0a334c9dfa97633c41de4feda4287 is the first bad commit commit 47a71c1f9af0a334c9dfa97633c41de4feda4287 Author: Andrii Nakryiko Date: Thu Apr 6 16:41:58 2023 -0700 bpf: Add log_true_size output field to return necessary log buffer size Add output-only log_true_size and btf_log_true_size field to BPF_PROG_LOAD and BPF_BTF_LOAD commands, respectively. It will return the size of log buffer necessary to fit in all the log contents at specified log_level. This is very useful for BPF loader libraries like libbpf to be able to size log buffer correctly, but could be used by users directly, if necessary, as well. This patch plumbs all this through the code, taking into account actual bpf_attr size provided by user to determine if these new fields are expected by users. And if they are, set them from kernel on return. We refactory btf_parse() function to accommodate this, moving attr and uattr handling inside it. The rest is very straightforward code, which is split from the logging accounting changes in the previous patch to make it simpler to review logic vs UAPI changes. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Lorenz Bauer Link: https://lore.kernel.org/bpf/20230406234205.323208-13-andrii@kernel.org include/linux/bpf.h | 2 +- include/linux/btf.h | 2 +- include/uapi/linux/bpf.h | 10 ++++++++++ kernel/bpf/btf.c | 32 ++++++++++++++++++-------------- kernel/bpf/syscall.c | 16 ++++++++-------- kernel/bpf/verifier.c | 8 +++++++- tools/include/uapi/linux/bpf.h | 12 +++++++++++- 7 files changed, 56 insertions(+), 26 deletions(-) accumulated error probability: 0.00 culprit signature: bf55c543f844c3445e3da1ff5f2beef9ca0e6b93b1d77de8cbd740b5d608044a parent signature: 61eeaedf3118fce111fed1d41c696e8c3ba68a750ddf95e917ce68d527475793 revisions tested: 24, total time: 10h35m58.017487328s (build: 6h37m51.776884813s, test: 3h40m13.232196242s) first bad commit: 47a71c1f9af0a334c9dfa97633c41de4feda4287 bpf: Add log_true_size output field to return necessary log buffer size recipients (to): ["andrii@kernel.org" "daniel@iogearbox.net" "lmb@isovalent.com"] recipients (cc): [] crash: BUG: unable to handle kernel NULL pointer dereference in bpf_prog_offload_verifier_prep BUG: kernel NULL pointer dereference, address: 0000000000000000 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 11c5c6067 P4D 11c5c6067 PUD 11c5cb067 PMD 0 Oops: 0000 [#1] PREEMPT SMP CPU: 1 PID: 2781 Comm: syz-executor.0 Not tainted 6.2.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 RIP: 0010:bpf_prog_offload_verifier_prep+0x2c/0x60 kernel/bpf/offload.c:294 Code: 1f 00 55 53 48 89 fb 48 c7 c7 40 4e fa 82 e8 fb 38 f7 00 48 8b 43 38 48 8b a8 88 04 00 00 48 85 ed 74 26 48 8b 45 10 48 89 df <48> 8b 00 ff 50 20 85 c0 89 c3 0f 94 45 30 48 c7 c7 40 4e fa 82 e8 RSP: 0018:ffffc90000e9bba8 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffffc90000369000 RCX: 00000000f691650d RDX: 0000000000000001 RSI: 0000000000000002 RDI: ffffc90000369000 RBP: ffff888112b2a840 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 R13: 0000000000000000 R14: ffff888112f24000 R15: ffffc90000369060 FS: 00007f8b6a1c76c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 000000011c5c7000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: bpf_check+0x1883/0x2bf0 kernel/bpf/verifier.c:18803 bpf_prog_load+0x6ae/0xbc0 kernel/bpf/syscall.c:2656 __sys_bpf+0xa8d/0x2890 kernel/bpf/syscall.c:5062 __do_sys_bpf kernel/bpf/syscall.c:5166 [inline] __se_sys_bpf kernel/bpf/syscall.c:5164 [inline] __x64_sys_bpf+0x19/0x20 kernel/bpf/syscall.c:5164 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x38/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f8b6a644ae9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f8b6a1c70c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 RAX: ffffffffffffffda RBX: 00007f8b6a763f80 RCX: 00007f8b6a644ae9 RDX: 0000000000000090 RSI: 0000000020000940 RDI: 0000000000000005 RBP: 00007f8b6a69047a R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 000000000000000b R14: 00007f8b6a763f80 R15: 00007ffea2ac54c8 Modules linked in: CR2: 0000000000000000 ---[ end trace 0000000000000000 ]--- RIP: 0010:bpf_prog_offload_verifier_prep+0x2c/0x60 kernel/bpf/offload.c:294 Code: 1f 00 55 53 48 89 fb 48 c7 c7 40 4e fa 82 e8 fb 38 f7 00 48 8b 43 38 48 8b a8 88 04 00 00 48 85 ed 74 26 48 8b 45 10 48 89 df <48> 8b 00 ff 50 20 85 c0 89 c3 0f 94 45 30 48 c7 c7 40 4e fa 82 e8 RSP: 0018:ffffc90000e9bba8 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffffc90000369000 RCX: 00000000f691650d RDX: 0000000000000001 RSI: 0000000000000002 RDI: ffffc90000369000 RBP: ffff888112b2a840 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 R13: 0000000000000000 R14: ffff888112f24000 R15: ffffc90000369060 FS: 00007f8b6a1c76c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 000000011c5c7000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess), 1 bytes skipped: 0: 00 55 53 add %dl,0x53(%rbp) 3: 48 89 fb mov %rdi,%rbx 6: 48 c7 c7 40 4e fa 82 mov $0xffffffff82fa4e40,%rdi d: e8 fb 38 f7 00 call 0xf7390d 12: 48 8b 43 38 mov 0x38(%rbx),%rax 16: 48 8b a8 88 04 00 00 mov 0x488(%rax),%rbp 1d: 48 85 ed test %rbp,%rbp 20: 74 26 je 0x48 22: 48 8b 45 10 mov 0x10(%rbp),%rax 26: 48 89 df mov %rbx,%rdi * 29: 48 8b 00 mov (%rax),%rax <-- trapping instruction 2c: ff 50 20 call *0x20(%rax) 2f: 85 c0 test %eax,%eax 31: 89 c3 mov %eax,%ebx 33: 0f 94 45 30 sete 0x30(%rbp) 37: 48 c7 c7 40 4e fa 82 mov $0xffffffff82fa4e40,%rdi 3e: e8 .byte 0xe8