bisecting fixing commit since db5b9190ff8202b609fe802ccde41cb28669389f building syzkaller on f9b6950728295eb8f52b05a0d9e5dccd99f93eaa testing commit db5b9190ff8202b609fe802ccde41cb28669389f with gcc (GCC) 8.1.0 kernel signature: 247e56de6bdd6331bd1070a4a7c206b4cd231f5780ed531725e57e101d97fa79 all runs: crashed: WARNING in nft_request_module testing current HEAD 9b15f7fae677336e04b9e026ff91854e43165455 testing commit 9b15f7fae677336e04b9e026ff91854e43165455 with gcc (GCC) 8.1.0 kernel signature: 428164fa5519dea5d986e75733221c2dc784feab9e2127e52832552686cbf43a all runs: OK # git bisect start 9b15f7fae677336e04b9e026ff91854e43165455 db5b9190ff8202b609fe802ccde41cb28669389f Bisecting: 647 revisions left to test after this (roughly 9 steps) [1b7081bff268184c82cb811be1cacb9d82dac7a3] ACPI: PM: Introduce "poweroff" callbacks for ACPI PM domain and LPSS testing commit 1b7081bff268184c82cb811be1cacb9d82dac7a3 with gcc (GCC) 8.1.0 kernel signature: 9f2fb4c58e456f9faaea301f44d998ff8675aa0da62e5d6a9d019404fd868c28 all runs: OK # git bisect bad 1b7081bff268184c82cb811be1cacb9d82dac7a3 Bisecting: 323 revisions left to test after this (roughly 8 steps) [5fc07a47308ba169b28ce845e7dfcd244cc8eb9c] crypto: tgr192 - fix unaligned memory access testing commit 5fc07a47308ba169b28ce845e7dfcd244cc8eb9c with gcc (GCC) 8.1.0 kernel signature: 30cba3cbb98dfe1801e9823a749fb9224a18875e5056d80571ef837b09120969 all runs: OK # git bisect bad 5fc07a47308ba169b28ce845e7dfcd244cc8eb9c Bisecting: 161 revisions left to test after this (roughly 7 steps) [565389fc18ebe7c54569f1630a320a3c5dc2cdae] mlxsw: spectrum: Wipe xstats.backlog of down ports testing commit 565389fc18ebe7c54569f1630a320a3c5dc2cdae with gcc (GCC) 8.1.0 kernel signature: 7e1334ae6b732bdf64864b3ff947b103ef44b1946856e904bd9a20139d320026 all runs: OK # git bisect bad 565389fc18ebe7c54569f1630a320a3c5dc2cdae Bisecting: 80 revisions left to test after this (roughly 6 steps) [10d55ea6136b4116623297df3bd156981cc87f7e] ioat: ioat_alloc_ring() failure handling. testing commit 10d55ea6136b4116623297df3bd156981cc87f7e with gcc (GCC) 8.1.0 kernel signature: d9f2ec6536ac75831cc24ff3fdc9914b877c195eb263cb50116abdaefae1e887 run #0: crashed: WARNING in corrupted run #1: crashed: WARNING in nft_request_module run #2: crashed: WARNING in nft_request_module run #3: crashed: WARNING in nft_request_module run #4: crashed: WARNING in nft_request_module run #5: crashed: WARNING in corrupted run #6: crashed: WARNING in nft_request_module run #7: crashed: WARNING in nft_request_module run #8: crashed: WARNING in nft_request_module run #9: crashed: WARNING in nft_request_module # git bisect good 10d55ea6136b4116623297df3bd156981cc87f7e Bisecting: 40 revisions left to test after this (roughly 5 steps) [107fb2906db14ac9fc14f780f2a92418974a0c66] drm/i915: Add missing include file testing commit 107fb2906db14ac9fc14f780f2a92418974a0c66 with gcc (GCC) 8.1.0 kernel signature: d6fe1454281f728408a5047f7b282b95661c93cb9fcaaab12afea0b080227993 run #0: crashed: WARNING in nft_request_module run #1: crashed: WARNING in nft_request_module run #2: crashed: WARNING in nft_request_module run #3: crashed: WARNING in nft_request_module run #4: crashed: WARNING in nft_request_module run #5: crashed: WARNING in nft_request_module run #6: crashed: WARNING in nft_request_module run #7: crashed: WARNING in corrupted run #8: crashed: WARNING in nft_request_module run #9: crashed: WARNING in nft_request_module # git bisect good 107fb2906db14ac9fc14f780f2a92418974a0c66 Bisecting: 20 revisions left to test after this (roughly 4 steps) [5205825195a1af8d98ef2d2e3eb083f2f1bb4724] cfg80211: fix deadlocks in autodisconnect work testing commit 5205825195a1af8d98ef2d2e3eb083f2f1bb4724 with gcc (GCC) 8.1.0 kernel signature: 6686c681e8a3b8ce4d6e4e6291fa353a1012547d74b5dbc0fef88b1c63cad688 run #0: crashed: WARNING in nft_request_module run #1: crashed: WARNING in nft_request_module run #2: crashed: WARNING in nft_request_module run #3: crashed: WARNING in corrupted run #4: crashed: WARNING in corrupted run #5: crashed: WARNING in nft_request_module run #6: crashed: WARNING in nft_request_module run #7: crashed: WARNING in nft_request_module run #8: crashed: WARNING in nft_request_module run #9: crashed: WARNING in nft_request_module # git bisect good 5205825195a1af8d98ef2d2e3eb083f2f1bb4724 Bisecting: 10 revisions left to test after this (roughly 3 steps) [da319f060b853a2cf4df3bc6119083813aaa1976] batman-adv: Fix DAT candidate selection on little endian systems testing commit da319f060b853a2cf4df3bc6119083813aaa1976 with gcc (GCC) 8.1.0 kernel signature: 9b14e06b176e4276df67d7278d82abc2b2bd80cc53aa10cde265e3db2c99d5fe all runs: OK # git bisect bad da319f060b853a2cf4df3bc6119083813aaa1976 Bisecting: 4 revisions left to test after this (roughly 2 steps) [6de941ce70cd5c6d672f8af2d0a6dc83039a283c] netfilter: nft_tunnel: fix null-attribute check testing commit 6de941ce70cd5c6d672f8af2d0a6dc83039a283c with gcc (GCC) 8.1.0 kernel signature: d6f437d644d93b33d4ede557534023df0fe706945a1e5e7017c6175753e276e9 run #0: crashed: WARNING in nft_request_module run #1: crashed: WARNING in nft_request_module run #2: crashed: WARNING in nft_request_module run #3: crashed: WARNING in nft_request_module run #4: crashed: WARNING in nft_request_module run #5: crashed: WARNING in nft_request_module run #6: crashed: WARNING in nft_request_module run #7: crashed: WARNING in nft_request_module run #8: crashed: WARNING in corrupted run #9: crashed: WARNING in corrupted # git bisect good 6de941ce70cd5c6d672f8af2d0a6dc83039a283c Bisecting: 2 revisions left to test after this (roughly 1 step) [7ed065bd8a20f8348af3098508ae9a11f02bf258] netfilter: nf_tables: store transaction list locally while requesting module testing commit 7ed065bd8a20f8348af3098508ae9a11f02bf258 with gcc (GCC) 8.1.0 kernel signature: ef3403e4f65bec36f47dfb990e4ecb08518a376d310d5ed9b08f2af283f44134 all runs: OK # git bisect bad 7ed065bd8a20f8348af3098508ae9a11f02bf258 Bisecting: 0 revisions left to test after this (roughly 0 steps) [1632efb3553b7e79ffc666ff5291705b4b87eb6c] netfilter: nf_tables: remove WARN and add NLA_STRING upper limits testing commit 1632efb3553b7e79ffc666ff5291705b4b87eb6c with gcc (GCC) 8.1.0 kernel signature: b037c78801e61b50f26b99c8bcef4cdb704b8cc180c868877ca9010b9e51671f all runs: OK # git bisect bad 1632efb3553b7e79ffc666ff5291705b4b87eb6c 1632efb3553b7e79ffc666ff5291705b4b87eb6c is the first bad commit commit 1632efb3553b7e79ffc666ff5291705b4b87eb6c Author: Florian Westphal Date: Thu Jan 16 09:06:50 2020 +0100 netfilter: nf_tables: remove WARN and add NLA_STRING upper limits commit 9332d27d7918182add34e8043f6a754530fdd022 upstream. This WARN can trigger because some of the names fed to the module autoload function can be of arbitrary length. Remove the WARN and add limits for all NLA_STRING attributes. Reported-by: syzbot+0e63ae76d117ae1c3a01@syzkaller.appspotmail.com Fixes: 452238e8d5ffd8 ("netfilter: nf_tables: add and use helper for module autoload") Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso Signed-off-by: Greg Kroah-Hartman net/netfilter/nf_tables_api.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) culprit signature: b037c78801e61b50f26b99c8bcef4cdb704b8cc180c868877ca9010b9e51671f parent signature: d6f437d644d93b33d4ede557534023df0fe706945a1e5e7017c6175753e276e9 revisions tested: 12, total time: 3h17m17.755469019s (build: 1h48m51.527444446s, test: 1h27m24.145678088s) first good commit: 1632efb3553b7e79ffc666ff5291705b4b87eb6c netfilter: nf_tables: remove WARN and add NLA_STRING upper limits cc: ["fw@strlen.de" "gregkh@linuxfoundation.org" "pablo@netfilter.org"]