[BUG] null pointer dereference when loading bpf_preload on Raspberry Pi

[BUG] null pointer dereference when loading bpf_preload on Raspberry Pi

[Stefan Wahren]

Hi,

Jan Palus already reported this NULL pointer dereference on bugzilla 
[1], but i want to make sure this is noticed by the right people.

I've i boot my Raspberry Pi 3 B Plus with multi_v7_defconfig and the 
following config settings:

CONFIG_BPF_SYSCALL=y
CONFIG_BPF_JIT=y
CONFIG_BPF_JIT_ALWAYS_ON=y
CONFIG_BPF_JIT_DEFAULT_ON=y
CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
CONFIG_USERMODE_DRIVER=y
CONFIG_BPF_PRELOAD=y
CONFIG_BPF_PRELOAD_UMD=m

The kernel (Linux 5.18.3) crashes with a null pointer deference:

[    5.551587] Unable to handle kernel NULL pointer dereference at 
virtual address 00000048
[    5.564467] [00000048] *pgd=39a12835
[    5.572700] Internal error: Oops: 17 [#1] SMP ARM
[    5.581249] Modules linked in: bpf_preload(+)
[    5.589400] CPU: 1 PID: 85 Comm: modprobe Not tainted 5.18.3 #1
[    5.597966] usb 1-1.1: new high-speed USB device number 3 using dwc2
[    5.599251] Hardware name: BCM2835
[    5.616839] PC is at mmiocpy+0xc8/0x334
[    5.624534] LR is at copy_from_bpfptr+0x60/0x80
[    5.632973] pc : [<c06e77e8>]    lr : [<c03fee50>]    psr: 60000013
[    5.643146] sp : f1515b30  ip : f1515b48  fp : f1515b30
[    5.652331] r10: c328e040  r9 : f1515b68  r8 : 00000000
[    5.661506] r7 : c328e040  r6 : 00000002  r5 : 00000048  r4 : 00000002
[    5.672037] r3 : 0000003d  r2 : 00000000  r1 : 00000048  r0 : f1515c08
[    5.682572] Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  
Segment none
[    5.693670] Control: 10c5383d  Table: 023c406a  DAC: 00000051
[    5.703426] Register r0 information: 2-page vmalloc region starting 
at 0xf1514000 allocated at kernel_clone+0x98/0x27c
[    5.718310] Register r1 information: non-paged memory
[    5.727454] Register r2 information: NULL pointer
[    5.736205] Register r3 information: non-paged memory
[    5.738825] hub 1-1.1:1.0: USB hub found
[    5.745334] Register r4 information: non-paged memory
[    5.753345] hub 1-1.1:1.0: 3 ports detected
[    5.762358] Register r5 information: non-paged memory
[    5.762364] Register r6 information: non-paged memory
[    5.762368] Register r7 information: slab task_struct start c328e040 
pointer offset 0
[    5.800440] Register r8 information: NULL pointer
[    5.809029] Register r9 information: 2-page vmalloc region starting 
at 0xf1514000 allocated at kernel_clone+0x98/0x27c
[    5.823843] Register r10 information: slab task_struct start c328e040 
pointer offset 0
[    5.835847] Register r11 information: 2-page vmalloc region starting 
at 0xf1514000 allocated at kernel_clone+0x98/0x27c
[    5.850796] Register r12 information: 2-page vmalloc region starting 
at 0xf1514000 allocated at kernel_clone+0x98/0x27c
[    5.865664] Process modprobe (pid: 85, stack limit = 0x(ptrval))
[    5.867961] usb 1-1.3: new low-speed USB device number 4 using dwc2
[    5.875679] Stack: (0xf1515b30 to 0xf1516000)
[    5.894419] 5b20:                                     f1515c08 
00000002 00000000 c03fee50
[    5.906750] 5b40: 00000048 c051aa3d 00000000 c0402520 ef80327c 
ef80328c c2001180 f1515c08
[    5.919097] 5b60: c1a45808 00012cc0 00000048 c051aa3d c3022440 
00000001 c2ee9898 ffffffff
[    5.931435] 5b80: 00000000 f1515bb4 00000000 00000000 c2ee9a48 
5beb87ed c22c4c8c 00000000
[    5.943733] 5ba0: 00000001 c328e040 00000000 00012cc0 00000dc0 
00000000 f1515f38 c048fb58
[    5.956089] 5bc0: f1515c00 00000000 c328e040 c217c000 4a389946 
00000001 00012cc0 ef7ff780
[    5.968456] 5be0: 00000000 4a389946 00000005 00000001 00000001 
c328e2c0 c1804d8c c036a868
[    5.980852] 5c00: 00000801 ef7ff780 00000000 00000000 00000000 
00000000 00000000 00000000
[    5.993238] 5c20: 00000000 00000000 00000000 00000000 00000000 
00000000 00000000 00000000
[    6.005643] 5c40: 00000000 00000000 00000000 00000000 00000000 
00000000 00000000 00000000
[    6.018026] 5c60: 00000000 00000000 00000000 00000000 00000000 
00000000 00000000 00000000
[    6.030371] 5c80: 00000000 00000000 00000000 00000000 00000000 
00000000 00000019 5beb87ed
[    6.042719] 5ca0: c2004208 000017a8 00000048 c328e040 ffffffff 
00000000 c328e040 c328e040
[    6.055020] 5cc0: 00000000 c04043ec 00005dd9 7fffffff c2004208 
00000048 c051aa3d 5beb87ed
[    6.067330] 5ce0: 00005df9 000017a8 c328e040 c328e040 ffffffff 
00000000 c328e040 0000017b
[    6.079612] 5d00: 00000000 bf0031e0 00000002 00000004 000017a8 
00000001 00000000 00000000
[    6.091957] 5d20: 00000000 6f6c5f5f 72656461 70616d2e 00000000 
00000000 00000000 00000000
[    6.104254] 5d40: 00000000 00000000 00000000 00000000 c328e040 
c0380594 c1325856 00000001
[    6.116521] 5d60: c23729a0 c051b97c c23729a0 5beb87ed 00000000 
00000000 c200423c c1a4a551
[    6.117969] usb 1-1.1.2: new low-speed USB device number 5 using dwc2
[    6.128707] 5d80: c2372a50 00000001 c1325856 00000124 c2372a50 
c051b97c c2372a50 5beb87ed
[    6.128716] 5da0: 00000000 c22d1980 f1515e6c bf00322c ffffffff 
00000000 c2372a50 00000000
[    6.163743] 5dc0: 00000030 00000000 c2372a50 c0f179f0 c2348280 
ef87f900 c2001180 c328e040
[    6.176062] 5de0: c04897dc 00000013 c0464698 c22d1980 c22d1980 
00000062 00000cc0 c049d584
[    6.188380] 5e00: 00000cc0 c328e040 c22d1980 5beb87ed 00000001 
00000cc0 00000062 bf00a05c
[    6.200720] 5e20: ffffffff c1a4a9e0 c328e040 0000017b 00000000 
c0464698 c2348280 5beb87ed
[    6.213033] 5e40: 00000002 c328e040 bf007280 5beb87ed c22d1980 
bf007280 c328e040 c2348280
[    6.225441] 5e60: 00000000 bf00a0e0 00000001 c2348280 bf0040b7 
bf005860 000017a8 000008a8
[    6.237841] 5e80: 00000000 5beb87ed c328e040 bf00a000 c23481c0 
00000000 c1a4a9e0 c0301f30
[    6.250269] 5ea0: c357a3c0 c357a3c0 00000000 00000000 00000000 
00000000 c03c17f0 c23481c0
[    6.262591] 5ec0: c2001180 00000cc0 c03c17f0 c049d888 00000cc0 
00000000 c23481c0 5beb87ed
[    6.274942] 5ee0: 00000000 bf007040 0002d064 5beb87ed bf007040 
0002d064 c23481c0 c328e040
[    6.287336] 5f00: c0300324 c03c1810 bf007040 0000008f 00000000 
0002d064 00000000 c03c3ce4
[    6.299841] 5f20: f1515f34 7fffffff 00000000 00000002 c353e040 
f151b000 f151d8cf f151d940
[    6.312151] 5f40: f151b000 00003f1c f151e904 f151e760 f151e25c 
00005000 00005150 00002884
[    6.324534] 5f60: 00005241 00000000 00000000 00000000 00002874 
00000024 00000025 0000001b
[    6.336923] 5f80: 00000000 00000017 00000000 5beb87ed 00000000 
bbbecb00 000417d8 00000000
[    6.349310] 5fa0: 0000017b c03000c0 bbbecb00 000417d8 00000000 
0002d064 00000000 0002ec3c
[    6.361662] 5fc0: bbbecb00 000417d8 00000000 0000017b 00042ce0 
00000000 00042c38 00000000
[    6.374053] 5fe0: be8e3a88 be8e3a78 00022cb8 b6cb3ae0 60000010 
00000000 00000000 00000000
[    6.386437]  mmiocpy from copy_from_bpfptr+0x60/0x80
[    6.395558]  copy_from_bpfptr from __sys_bpf+0x78/0x1d30
[    6.404992]  __sys_bpf from bpf_sys_bpf+0x214/0x238
[    6.413982]  bpf_sys_bpf from skel_map_create.constprop.0+0x60/0x80 
[bpf_preload]
[    6.425677]  skel_map_create.constprop.0 [bpf_preload] from 
bpf_load_and_run.constprop.0+0x2c/0x1f8 [bpf_preload]
[    6.440256]  bpf_load_and_run.constprop.0 [bpf_preload] from 
load+0xe0/0x1000 [bpf_preload]
[    6.452929]  load [bpf_preload] from do_one_initcall+0x68/0x170
[    6.463114]  do_one_initcall from do_init_module+0x3c/0x1e0
[    6.472955]  do_init_module from sys_finit_module+0xc8/0xd4
[    6.482802]  sys_finit_module from ret_fast_syscall+0x0/0x54
[    6.492679] Exception stack(0xf1515fa8 to 0xf1515ff0)
[    6.501975] 5fa0:                   bbbecb00 000417d8 00000000 
0002d064 00000000 0002ec3c
[    6.514476] 5fc0: bbbecb00 000417d8 00000000 0000017b 00042ce0 
00000000 00042c38 00000000
[    6.526999] 5fe0: be8e3a88 be8e3a78 00022cb8 b6cb3ae0
[    6.536392] Code: e480e004 e8bd0360 e1b02f82 14d13001 (24d14001)
[    6.546878] ---[ end trace 0000000000000000 ]---

It would be nice to get a hint, how to narrow down or which commit might 
trigger this issue.

[1] - https://bugzilla.kernel.org/show_bug.cgi?id=216105


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [BUG] null pointer dereference when loading bpf_preload on Raspberry Pi

[Russell King (Oracle)]

On Mon, Jun 13, 2022 at 12:22:47AM +0200, Stefan Wahren wrote:
> It would be nice to get a hint, how to narrow down or which commit might
> trigger this issue.

The standard way? git bisect?

So it happens on 5.18.0 and 5.18.3. Presumably it didn't happen with
5.17?

I've tried to trace the code but failed - skel_map_create() doesn't seem
to feature anywhere obvious in my kernels.

It looks to me like some BPF code is being loaded by the bpf_reload
module and is being run. I'm guessing that the BPF code is calling
bpf_sys_bpf, but as I can't find skel_map_create() that's all it is,
a guess.

It looks like copy_from_bpfptr() which calls copy_from_sockptr_offset()
is passing in a source pointer of 0x0048. I'm guessing this is the value
of the pointer that is passed into bpf_sys_bpf() - that's another guess,
there's no information on that in the backtraces.

So, there's really not much to go on here to debug the oops as the
kernel has printed... I'd say its pretty much undebuggable from just
the kernel oops.

Maybe someone on the bpf list will have a better idea.

-- 
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [BUG] null pointer dereference when loading bpf_preload on Raspberry Pi

[Stefan Wahren]

Hi,

Am 13.06.22 um 13:12 schrieb Russell King (Oracle):
> On Mon, Jun 13, 2022 at 12:22:47AM +0200, Stefan Wahren wrote:
>> It would be nice to get a hint, how to narrow down or which commit might
>> trigger this issue.
> The standard way? git bisect?
>
> So it happens on 5.18.0 and 5.18.3. Presumably it didn't happen with
> 5.17?

in 5.17 there is a libelf dependency (was removed in 5.18), which cause 
a compile issue about missing libelf.h which is only available on my 
host system but not available in my Linaro cross toolchain.

Should i copy the libelf.h somewhere, so the cross compiler finds it?


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [BUG] null pointer dereference when loading bpf_preload on Raspberry Pi

[Stefan Wahren]

Hi Peter,

Am 13.06.22 um 00:22 schrieb Stefan Wahren:
> Hi,
>
> Jan Palus already reported this NULL pointer dereference on bugzilla 
> [1], but i want to make sure this is noticed by the right people.
>
> I've i boot my Raspberry Pi 3 B Plus with multi_v7_defconfig and the 
> following config settings:
>
> CONFIG_BPF_SYSCALL=y
> CONFIG_BPF_JIT=y
> CONFIG_BPF_JIT_ALWAYS_ON=y
> CONFIG_BPF_JIT_DEFAULT_ON=y
> CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
> CONFIG_USERMODE_DRIVER=y
> CONFIG_BPF_PRELOAD=y
> CONFIG_BPF_PRELOAD_UMD=m
are you able to see this issue in 5.18.x, too? I'm asking because the 
BPF settings comes from your configuration.
>
> The kernel (Linux 5.18.3) crashes with a null pointer deference:
>
> [    5.551587] Unable to handle kernel NULL pointer dereference at 
> virtual address 00000048
> [    5.564467] [00000048] *pgd=39a12835
> [    5.572700] Internal error: Oops: 17 [#1] SMP ARM
> [    5.581249] Modules linked in: bpf_preload(+)
> [    5.589400] CPU: 1 PID: 85 Comm: modprobe Not tainted 5.18.3 #1
> [    5.597966] usb 1-1.1: new high-speed USB device number 3 using dwc2
> [    5.599251] Hardware name: BCM2835
> [    5.616839] PC is at mmiocpy+0xc8/0x334
> [    5.624534] LR is at copy_from_bpfptr+0x60/0x80
> [    5.632973] pc : [<c06e77e8>]    lr : [<c03fee50>]    psr: 60000013
> [    5.643146] sp : f1515b30  ip : f1515b48  fp : f1515b30
> [    5.652331] r10: c328e040  r9 : f1515b68  r8 : 00000000
> [    5.661506] r7 : c328e040  r6 : 00000002  r5 : 00000048  r4 : 00000002
> [    5.672037] r3 : 0000003d  r2 : 00000000  r1 : 00000048  r0 : f1515c08
> [    5.682572] Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  
> Segment none
> [    5.693670] Control: 10c5383d  Table: 023c406a  DAC: 00000051
> [    5.703426] Register r0 information: 2-page vmalloc region starting 
> at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> [    5.718310] Register r1 information: non-paged memory
> [    5.727454] Register r2 information: NULL pointer
> [    5.736205] Register r3 information: non-paged memory
> [    5.738825] hub 1-1.1:1.0: USB hub found
> [    5.745334] Register r4 information: non-paged memory
> [    5.753345] hub 1-1.1:1.0: 3 ports detected
> [    5.762358] Register r5 information: non-paged memory
> [    5.762364] Register r6 information: non-paged memory
> [    5.762368] Register r7 information: slab task_struct start 
> c328e040 pointer offset 0
> [    5.800440] Register r8 information: NULL pointer
> [    5.809029] Register r9 information: 2-page vmalloc region starting 
> at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> [    5.823843] Register r10 information: slab task_struct start 
> c328e040 pointer offset 0
> [    5.835847] Register r11 information: 2-page vmalloc region 
> starting at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> [    5.850796] Register r12 information: 2-page vmalloc region 
> starting at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> [    5.865664] Process modprobe (pid: 85, stack limit = 0x(ptrval))
> [    5.867961] usb 1-1.3: new low-speed USB device number 4 using dwc2
> [    5.875679] Stack: (0xf1515b30 to 0xf1516000)
> [    5.894419] 5b20:                                     f1515c08 
> 00000002 00000000 c03fee50
> [    5.906750] 5b40: 00000048 c051aa3d 00000000 c0402520 ef80327c 
> ef80328c c2001180 f1515c08
> [    5.919097] 5b60: c1a45808 00012cc0 00000048 c051aa3d c3022440 
> 00000001 c2ee9898 ffffffff
> [    5.931435] 5b80: 00000000 f1515bb4 00000000 00000000 c2ee9a48 
> 5beb87ed c22c4c8c 00000000
> [    5.943733] 5ba0: 00000001 c328e040 00000000 00012cc0 00000dc0 
> 00000000 f1515f38 c048fb58
> [    5.956089] 5bc0: f1515c00 00000000 c328e040 c217c000 4a389946 
> 00000001 00012cc0 ef7ff780
> [    5.968456] 5be0: 00000000 4a389946 00000005 00000001 00000001 
> c328e2c0 c1804d8c c036a868
> [    5.980852] 5c00: 00000801 ef7ff780 00000000 00000000 00000000 
> 00000000 00000000 00000000
> [    5.993238] 5c20: 00000000 00000000 00000000 00000000 00000000 
> 00000000 00000000 00000000
> [    6.005643] 5c40: 00000000 00000000 00000000 00000000 00000000 
> 00000000 00000000 00000000
> [    6.018026] 5c60: 00000000 00000000 00000000 00000000 00000000 
> 00000000 00000000 00000000
> [    6.030371] 5c80: 00000000 00000000 00000000 00000000 00000000 
> 00000000 00000019 5beb87ed
> [    6.042719] 5ca0: c2004208 000017a8 00000048 c328e040 ffffffff 
> 00000000 c328e040 c328e040
> [    6.055020] 5cc0: 00000000 c04043ec 00005dd9 7fffffff c2004208 
> 00000048 c051aa3d 5beb87ed
> [    6.067330] 5ce0: 00005df9 000017a8 c328e040 c328e040 ffffffff 
> 00000000 c328e040 0000017b
> [    6.079612] 5d00: 00000000 bf0031e0 00000002 00000004 000017a8 
> 00000001 00000000 00000000
> [    6.091957] 5d20: 00000000 6f6c5f5f 72656461 70616d2e 00000000 
> 00000000 00000000 00000000
> [    6.104254] 5d40: 00000000 00000000 00000000 00000000 c328e040 
> c0380594 c1325856 00000001
> [    6.116521] 5d60: c23729a0 c051b97c c23729a0 5beb87ed 00000000 
> 00000000 c200423c c1a4a551
> [    6.117969] usb 1-1.1.2: new low-speed USB device number 5 using dwc2
> [    6.128707] 5d80: c2372a50 00000001 c1325856 00000124 c2372a50 
> c051b97c c2372a50 5beb87ed
> [    6.128716] 5da0: 00000000 c22d1980 f1515e6c bf00322c ffffffff 
> 00000000 c2372a50 00000000
> [    6.163743] 5dc0: 00000030 00000000 c2372a50 c0f179f0 c2348280 
> ef87f900 c2001180 c328e040
> [    6.176062] 5de0: c04897dc 00000013 c0464698 c22d1980 c22d1980 
> 00000062 00000cc0 c049d584
> [    6.188380] 5e00: 00000cc0 c328e040 c22d1980 5beb87ed 00000001 
> 00000cc0 00000062 bf00a05c
> [    6.200720] 5e20: ffffffff c1a4a9e0 c328e040 0000017b 00000000 
> c0464698 c2348280 5beb87ed
> [    6.213033] 5e40: 00000002 c328e040 bf007280 5beb87ed c22d1980 
> bf007280 c328e040 c2348280
> [    6.225441] 5e60: 00000000 bf00a0e0 00000001 c2348280 bf0040b7 
> bf005860 000017a8 000008a8
> [    6.237841] 5e80: 00000000 5beb87ed c328e040 bf00a000 c23481c0 
> 00000000 c1a4a9e0 c0301f30
> [    6.250269] 5ea0: c357a3c0 c357a3c0 00000000 00000000 00000000 
> 00000000 c03c17f0 c23481c0
> [    6.262591] 5ec0: c2001180 00000cc0 c03c17f0 c049d888 00000cc0 
> 00000000 c23481c0 5beb87ed
> [    6.274942] 5ee0: 00000000 bf007040 0002d064 5beb87ed bf007040 
> 0002d064 c23481c0 c328e040
> [    6.287336] 5f00: c0300324 c03c1810 bf007040 0000008f 00000000 
> 0002d064 00000000 c03c3ce4
> [    6.299841] 5f20: f1515f34 7fffffff 00000000 00000002 c353e040 
> f151b000 f151d8cf f151d940
> [    6.312151] 5f40: f151b000 00003f1c f151e904 f151e760 f151e25c 
> 00005000 00005150 00002884
> [    6.324534] 5f60: 00005241 00000000 00000000 00000000 00002874 
> 00000024 00000025 0000001b
> [    6.336923] 5f80: 00000000 00000017 00000000 5beb87ed 00000000 
> bbbecb00 000417d8 00000000
> [    6.349310] 5fa0: 0000017b c03000c0 bbbecb00 000417d8 00000000 
> 0002d064 00000000 0002ec3c
> [    6.361662] 5fc0: bbbecb00 000417d8 00000000 0000017b 00042ce0 
> 00000000 00042c38 00000000
> [    6.374053] 5fe0: be8e3a88 be8e3a78 00022cb8 b6cb3ae0 60000010 
> 00000000 00000000 00000000
> [    6.386437]  mmiocpy from copy_from_bpfptr+0x60/0x80
> [    6.395558]  copy_from_bpfptr from __sys_bpf+0x78/0x1d30
> [    6.404992]  __sys_bpf from bpf_sys_bpf+0x214/0x238
> [    6.413982]  bpf_sys_bpf from skel_map_create.constprop.0+0x60/0x80 
> [bpf_preload]
> [    6.425677]  skel_map_create.constprop.0 [bpf_preload] from 
> bpf_load_and_run.constprop.0+0x2c/0x1f8 [bpf_preload]
> [    6.440256]  bpf_load_and_run.constprop.0 [bpf_preload] from 
> load+0xe0/0x1000 [bpf_preload]
> [    6.452929]  load [bpf_preload] from do_one_initcall+0x68/0x170
> [    6.463114]  do_one_initcall from do_init_module+0x3c/0x1e0
> [    6.472955]  do_init_module from sys_finit_module+0xc8/0xd4
> [    6.482802]  sys_finit_module from ret_fast_syscall+0x0/0x54
> [    6.492679] Exception stack(0xf1515fa8 to 0xf1515ff0)
> [    6.501975] 5fa0:                   bbbecb00 000417d8 00000000 
> 0002d064 00000000 0002ec3c
> [    6.514476] 5fc0: bbbecb00 000417d8 00000000 0000017b 00042ce0 
> 00000000 00042c38 00000000
> [    6.526999] 5fe0: be8e3a88 be8e3a78 00022cb8 b6cb3ae0
> [    6.536392] Code: e480e004 e8bd0360 e1b02f82 14d13001 (24d14001)
> [    6.546878] ---[ end trace 0000000000000000 ]---
>
> It would be nice to get a hint, how to narrow down or which commit 
> might trigger this issue.
>
> [1] - https://bugzilla.kernel.org/show_bug.cgi?id=216105
>

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [BUG] null pointer dereference when loading bpf_preload on Raspberry Pi

[Peter Robinson]

Hi Stefan,

> > Jan Palus already reported this NULL pointer dereference on bugzilla
> > [1], but i want to make sure this is noticed by the right people.
> >
> > I've i boot my Raspberry Pi 3 B Plus with multi_v7_defconfig and the
> > following config settings:
> >
> > CONFIG_BPF_SYSCALL=y
> > CONFIG_BPF_JIT=y
> > CONFIG_BPF_JIT_ALWAYS_ON=y
> > CONFIG_BPF_JIT_DEFAULT_ON=y
> > CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
> > CONFIG_USERMODE_DRIVER=y
> > CONFIG_BPF_PRELOAD=y
> > CONFIG_BPF_PRELOAD_UMD=m
> are you able to see this issue in 5.18.x, too? I'm asking because the
> BPF settings comes from your configuration.

I've not seen it in a standard boot, is there a simple way to test
this, TBH I've never really played with bpf (it's on the todo list) so
if there's an easy test I can certainly check.

> >
> > The kernel (Linux 5.18.3) crashes with a null pointer deference:
> >
> > [    5.551587] Unable to handle kernel NULL pointer dereference at
> > virtual address 00000048
> > [    5.564467] [00000048] *pgd=39a12835
> > [    5.572700] Internal error: Oops: 17 [#1] SMP ARM
> > [    5.581249] Modules linked in: bpf_preload(+)
> > [    5.589400] CPU: 1 PID: 85 Comm: modprobe Not tainted 5.18.3 #1
> > [    5.597966] usb 1-1.1: new high-speed USB device number 3 using dwc2
> > [    5.599251] Hardware name: BCM2835
> > [    5.616839] PC is at mmiocpy+0xc8/0x334
> > [    5.624534] LR is at copy_from_bpfptr+0x60/0x80
> > [    5.632973] pc : [<c06e77e8>]    lr : [<c03fee50>]    psr: 60000013
> > [    5.643146] sp : f1515b30  ip : f1515b48  fp : f1515b30
> > [    5.652331] r10: c328e040  r9 : f1515b68  r8 : 00000000
> > [    5.661506] r7 : c328e040  r6 : 00000002  r5 : 00000048  r4 : 00000002
> > [    5.672037] r3 : 0000003d  r2 : 00000000  r1 : 00000048  r0 : f1515c08
> > [    5.682572] Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM
> > Segment none
> > [    5.693670] Control: 10c5383d  Table: 023c406a  DAC: 00000051
> > [    5.703426] Register r0 information: 2-page vmalloc region starting
> > at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> > [    5.718310] Register r1 information: non-paged memory
> > [    5.727454] Register r2 information: NULL pointer
> > [    5.736205] Register r3 information: non-paged memory
> > [    5.738825] hub 1-1.1:1.0: USB hub found
> > [    5.745334] Register r4 information: non-paged memory
> > [    5.753345] hub 1-1.1:1.0: 3 ports detected
> > [    5.762358] Register r5 information: non-paged memory
> > [    5.762364] Register r6 information: non-paged memory
> > [    5.762368] Register r7 information: slab task_struct start
> > c328e040 pointer offset 0
> > [    5.800440] Register r8 information: NULL pointer
> > [    5.809029] Register r9 information: 2-page vmalloc region starting
> > at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> > [    5.823843] Register r10 information: slab task_struct start
> > c328e040 pointer offset 0
> > [    5.835847] Register r11 information: 2-page vmalloc region
> > starting at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> > [    5.850796] Register r12 information: 2-page vmalloc region
> > starting at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> > [    5.865664] Process modprobe (pid: 85, stack limit = 0x(ptrval))
> > [    5.867961] usb 1-1.3: new low-speed USB device number 4 using dwc2
> > [    5.875679] Stack: (0xf1515b30 to 0xf1516000)
> > [    5.894419] 5b20:                                     f1515c08
> > 00000002 00000000 c03fee50
> > [    5.906750] 5b40: 00000048 c051aa3d 00000000 c0402520 ef80327c
> > ef80328c c2001180 f1515c08
> > [    5.919097] 5b60: c1a45808 00012cc0 00000048 c051aa3d c3022440
> > 00000001 c2ee9898 ffffffff
> > [    5.931435] 5b80: 00000000 f1515bb4 00000000 00000000 c2ee9a48
> > 5beb87ed c22c4c8c 00000000
> > [    5.943733] 5ba0: 00000001 c328e040 00000000 00012cc0 00000dc0
> > 00000000 f1515f38 c048fb58
> > [    5.956089] 5bc0: f1515c00 00000000 c328e040 c217c000 4a389946
> > 00000001 00012cc0 ef7ff780
> > [    5.968456] 5be0: 00000000 4a389946 00000005 00000001 00000001
> > c328e2c0 c1804d8c c036a868
> > [    5.980852] 5c00: 00000801 ef7ff780 00000000 00000000 00000000
> > 00000000 00000000 00000000
> > [    5.993238] 5c20: 00000000 00000000 00000000 00000000 00000000
> > 00000000 00000000 00000000
> > [    6.005643] 5c40: 00000000 00000000 00000000 00000000 00000000
> > 00000000 00000000 00000000
> > [    6.018026] 5c60: 00000000 00000000 00000000 00000000 00000000
> > 00000000 00000000 00000000
> > [    6.030371] 5c80: 00000000 00000000 00000000 00000000 00000000
> > 00000000 00000019 5beb87ed
> > [    6.042719] 5ca0: c2004208 000017a8 00000048 c328e040 ffffffff
> > 00000000 c328e040 c328e040
> > [    6.055020] 5cc0: 00000000 c04043ec 00005dd9 7fffffff c2004208
> > 00000048 c051aa3d 5beb87ed
> > [    6.067330] 5ce0: 00005df9 000017a8 c328e040 c328e040 ffffffff
> > 00000000 c328e040 0000017b
> > [    6.079612] 5d00: 00000000 bf0031e0 00000002 00000004 000017a8
> > 00000001 00000000 00000000
> > [    6.091957] 5d20: 00000000 6f6c5f5f 72656461 70616d2e 00000000
> > 00000000 00000000 00000000
> > [    6.104254] 5d40: 00000000 00000000 00000000 00000000 c328e040
> > c0380594 c1325856 00000001
> > [    6.116521] 5d60: c23729a0 c051b97c c23729a0 5beb87ed 00000000
> > 00000000 c200423c c1a4a551
> > [    6.117969] usb 1-1.1.2: new low-speed USB device number 5 using dwc2
> > [    6.128707] 5d80: c2372a50 00000001 c1325856 00000124 c2372a50
> > c051b97c c2372a50 5beb87ed
> > [    6.128716] 5da0: 00000000 c22d1980 f1515e6c bf00322c ffffffff
> > 00000000 c2372a50 00000000
> > [    6.163743] 5dc0: 00000030 00000000 c2372a50 c0f179f0 c2348280
> > ef87f900 c2001180 c328e040
> > [    6.176062] 5de0: c04897dc 00000013 c0464698 c22d1980 c22d1980
> > 00000062 00000cc0 c049d584
> > [    6.188380] 5e00: 00000cc0 c328e040 c22d1980 5beb87ed 00000001
> > 00000cc0 00000062 bf00a05c
> > [    6.200720] 5e20: ffffffff c1a4a9e0 c328e040 0000017b 00000000
> > c0464698 c2348280 5beb87ed
> > [    6.213033] 5e40: 00000002 c328e040 bf007280 5beb87ed c22d1980
> > bf007280 c328e040 c2348280
> > [    6.225441] 5e60: 00000000 bf00a0e0 00000001 c2348280 bf0040b7
> > bf005860 000017a8 000008a8
> > [    6.237841] 5e80: 00000000 5beb87ed c328e040 bf00a000 c23481c0
> > 00000000 c1a4a9e0 c0301f30
> > [    6.250269] 5ea0: c357a3c0 c357a3c0 00000000 00000000 00000000
> > 00000000 c03c17f0 c23481c0
> > [    6.262591] 5ec0: c2001180 00000cc0 c03c17f0 c049d888 00000cc0
> > 00000000 c23481c0 5beb87ed
> > [    6.274942] 5ee0: 00000000 bf007040 0002d064 5beb87ed bf007040
> > 0002d064 c23481c0 c328e040
> > [    6.287336] 5f00: c0300324 c03c1810 bf007040 0000008f 00000000
> > 0002d064 00000000 c03c3ce4
> > [    6.299841] 5f20: f1515f34 7fffffff 00000000 00000002 c353e040
> > f151b000 f151d8cf f151d940
> > [    6.312151] 5f40: f151b000 00003f1c f151e904 f151e760 f151e25c
> > 00005000 00005150 00002884
> > [    6.324534] 5f60: 00005241 00000000 00000000 00000000 00002874
> > 00000024 00000025 0000001b
> > [    6.336923] 5f80: 00000000 00000017 00000000 5beb87ed 00000000
> > bbbecb00 000417d8 00000000
> > [    6.349310] 5fa0: 0000017b c03000c0 bbbecb00 000417d8 00000000
> > 0002d064 00000000 0002ec3c
> > [    6.361662] 5fc0: bbbecb00 000417d8 00000000 0000017b 00042ce0
> > 00000000 00042c38 00000000
> > [    6.374053] 5fe0: be8e3a88 be8e3a78 00022cb8 b6cb3ae0 60000010
> > 00000000 00000000 00000000
> > [    6.386437]  mmiocpy from copy_from_bpfptr+0x60/0x80
> > [    6.395558]  copy_from_bpfptr from __sys_bpf+0x78/0x1d30
> > [    6.404992]  __sys_bpf from bpf_sys_bpf+0x214/0x238
> > [    6.413982]  bpf_sys_bpf from skel_map_create.constprop.0+0x60/0x80
> > [bpf_preload]
> > [    6.425677]  skel_map_create.constprop.0 [bpf_preload] from
> > bpf_load_and_run.constprop.0+0x2c/0x1f8 [bpf_preload]
> > [    6.440256]  bpf_load_and_run.constprop.0 [bpf_preload] from
> > load+0xe0/0x1000 [bpf_preload]
> > [    6.452929]  load [bpf_preload] from do_one_initcall+0x68/0x170
> > [    6.463114]  do_one_initcall from do_init_module+0x3c/0x1e0
> > [    6.472955]  do_init_module from sys_finit_module+0xc8/0xd4
> > [    6.482802]  sys_finit_module from ret_fast_syscall+0x0/0x54
> > [    6.492679] Exception stack(0xf1515fa8 to 0xf1515ff0)
> > [    6.501975] 5fa0:                   bbbecb00 000417d8 00000000
> > 0002d064 00000000 0002ec3c
> > [    6.514476] 5fc0: bbbecb00 000417d8 00000000 0000017b 00042ce0
> > 00000000 00042c38 00000000
> > [    6.526999] 5fe0: be8e3a88 be8e3a78 00022cb8 b6cb3ae0
> > [    6.536392] Code: e480e004 e8bd0360 e1b02f82 14d13001 (24d14001)
> > [    6.546878] ---[ end trace 0000000000000000 ]---
> >
> > It would be nice to get a hint, how to narrow down or which commit
> > might trigger this issue.
> >
> > [1] - https://bugzilla.kernel.org/show_bug.cgi?id=216105
> >

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [BUG] null pointer dereference when loading bpf_preload on Raspberry Pi

[Stefan Wahren]

Hi Peter,

Am 15.06.22 um 10:31 schrieb Peter Robinson:
> Hi Stefan,
>
>>> Jan Palus already reported this NULL pointer dereference on bugzilla
>>> [1], but i want to make sure this is noticed by the right people.
>>>
>>> I've i boot my Raspberry Pi 3 B Plus with multi_v7_defconfig and the
>>> following config settings:
>>>
>>> CONFIG_BPF_SYSCALL=y
>>> CONFIG_BPF_JIT=y
>>> CONFIG_BPF_JIT_ALWAYS_ON=y
>>> CONFIG_BPF_JIT_DEFAULT_ON=y
>>> CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
>>> CONFIG_USERMODE_DRIVER=y
>>> CONFIG_BPF_PRELOAD=y
>>> CONFIG_BPF_PRELOAD_UMD=m
>> are you able to see this issue in 5.18.x, too? I'm asking because the
>> BPF settings comes from your configuration.
> I've not seen it in a standard boot, is there a simple way to test
> this, TBH I've never really played with bpf (it's on the todo list) so
> if there's an easy test I can certainly check.

it's just during boot. No need to do something special.

I want to figure out, if this is caused by my cross compile environment.

>
>>> The kernel (Linux 5.18.3) crashes with a null pointer deference:
>>>
>>> [    5.551587] Unable to handle kernel NULL pointer dereference at
>>> virtual address 00000048
>>> [    5.564467] [00000048] *pgd=39a12835
>>> [    5.572700] Internal error: Oops: 17 [#1] SMP ARM
>>> [    5.581249] Modules linked in: bpf_preload(+)
>>> [    5.589400] CPU: 1 PID: 85 Comm: modprobe Not tainted 5.18.3 #1
>>> [    5.597966] usb 1-1.1: new high-speed USB device number 3 using dwc2
>>> [    5.599251] Hardware name: BCM2835
>>> [    5.616839] PC is at mmiocpy+0xc8/0x334
>>> [    5.624534] LR is at copy_from_bpfptr+0x60/0x80
>>> [    5.632973] pc : [<c06e77e8>]    lr : [<c03fee50>]    psr: 60000013
>>> [    5.643146] sp : f1515b30  ip : f1515b48  fp : f1515b30
>>> [    5.652331] r10: c328e040  r9 : f1515b68  r8 : 00000000
>>> [    5.661506] r7 : c328e040  r6 : 00000002  r5 : 00000048  r4 : 00000002
>>> [    5.672037] r3 : 0000003d  r2 : 00000000  r1 : 00000048  r0 : f1515c08
>>> [    5.682572] Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM
>>> Segment none
>>> [    5.693670] Control: 10c5383d  Table: 023c406a  DAC: 00000051
>>> [    5.703426] Register r0 information: 2-page vmalloc region starting
>>> at 0xf1514000 allocated at kernel_clone+0x98/0x27c
>>> [    5.718310] Register r1 information: non-paged memory
>>> [    5.727454] Register r2 information: NULL pointer
>>> [    5.736205] Register r3 information: non-paged memory
>>> [    5.738825] hub 1-1.1:1.0: USB hub found
>>> [    5.745334] Register r4 information: non-paged memory
>>> [    5.753345] hub 1-1.1:1.0: 3 ports detected
>>> [    5.762358] Register r5 information: non-paged memory
>>> [    5.762364] Register r6 information: non-paged memory
>>> [    5.762368] Register r7 information: slab task_struct start
>>> c328e040 pointer offset 0
>>> [    5.800440] Register r8 information: NULL pointer
>>> [    5.809029] Register r9 information: 2-page vmalloc region starting
>>> at 0xf1514000 allocated at kernel_clone+0x98/0x27c
>>> [    5.823843] Register r10 information: slab task_struct start
>>> c328e040 pointer offset 0
>>> [    5.835847] Register r11 information: 2-page vmalloc region
>>> starting at 0xf1514000 allocated at kernel_clone+0x98/0x27c
>>> [    5.850796] Register r12 information: 2-page vmalloc region
>>> starting at 0xf1514000 allocated at kernel_clone+0x98/0x27c
>>> [    5.865664] Process modprobe (pid: 85, stack limit = 0x(ptrval))
>>> [    5.867961] usb 1-1.3: new low-speed USB device number 4 using dwc2
>>> [    5.875679] Stack: (0xf1515b30 to 0xf1516000)
>>> [    5.894419] 5b20:                                     f1515c08
>>> 00000002 00000000 c03fee50
>>> [    5.906750] 5b40: 00000048 c051aa3d 00000000 c0402520 ef80327c
>>> ef80328c c2001180 f1515c08
>>> [    5.919097] 5b60: c1a45808 00012cc0 00000048 c051aa3d c3022440
>>> 00000001 c2ee9898 ffffffff
>>> [    5.931435] 5b80: 00000000 f1515bb4 00000000 00000000 c2ee9a48
>>> 5beb87ed c22c4c8c 00000000
>>> [    5.943733] 5ba0: 00000001 c328e040 00000000 00012cc0 00000dc0
>>> 00000000 f1515f38 c048fb58
>>> [    5.956089] 5bc0: f1515c00 00000000 c328e040 c217c000 4a389946
>>> 00000001 00012cc0 ef7ff780
>>> [    5.968456] 5be0: 00000000 4a389946 00000005 00000001 00000001
>>> c328e2c0 c1804d8c c036a868
>>> [    5.980852] 5c00: 00000801 ef7ff780 00000000 00000000 00000000
>>> 00000000 00000000 00000000
>>> [    5.993238] 5c20: 00000000 00000000 00000000 00000000 00000000
>>> 00000000 00000000 00000000
>>> [    6.005643] 5c40: 00000000 00000000 00000000 00000000 00000000
>>> 00000000 00000000 00000000
>>> [    6.018026] 5c60: 00000000 00000000 00000000 00000000 00000000
>>> 00000000 00000000 00000000
>>> [    6.030371] 5c80: 00000000 00000000 00000000 00000000 00000000
>>> 00000000 00000019 5beb87ed
>>> [    6.042719] 5ca0: c2004208 000017a8 00000048 c328e040 ffffffff
>>> 00000000 c328e040 c328e040
>>> [    6.055020] 5cc0: 00000000 c04043ec 00005dd9 7fffffff c2004208
>>> 00000048 c051aa3d 5beb87ed
>>> [    6.067330] 5ce0: 00005df9 000017a8 c328e040 c328e040 ffffffff
>>> 00000000 c328e040 0000017b
>>> [    6.079612] 5d00: 00000000 bf0031e0 00000002 00000004 000017a8
>>> 00000001 00000000 00000000
>>> [    6.091957] 5d20: 00000000 6f6c5f5f 72656461 70616d2e 00000000
>>> 00000000 00000000 00000000
>>> [    6.104254] 5d40: 00000000 00000000 00000000 00000000 c328e040
>>> c0380594 c1325856 00000001
>>> [    6.116521] 5d60: c23729a0 c051b97c c23729a0 5beb87ed 00000000
>>> 00000000 c200423c c1a4a551
>>> [    6.117969] usb 1-1.1.2: new low-speed USB device number 5 using dwc2
>>> [    6.128707] 5d80: c2372a50 00000001 c1325856 00000124 c2372a50
>>> c051b97c c2372a50 5beb87ed
>>> [    6.128716] 5da0: 00000000 c22d1980 f1515e6c bf00322c ffffffff
>>> 00000000 c2372a50 00000000
>>> [    6.163743] 5dc0: 00000030 00000000 c2372a50 c0f179f0 c2348280
>>> ef87f900 c2001180 c328e040
>>> [    6.176062] 5de0: c04897dc 00000013 c0464698 c22d1980 c22d1980
>>> 00000062 00000cc0 c049d584
>>> [    6.188380] 5e00: 00000cc0 c328e040 c22d1980 5beb87ed 00000001
>>> 00000cc0 00000062 bf00a05c
>>> [    6.200720] 5e20: ffffffff c1a4a9e0 c328e040 0000017b 00000000
>>> c0464698 c2348280 5beb87ed
>>> [    6.213033] 5e40: 00000002 c328e040 bf007280 5beb87ed c22d1980
>>> bf007280 c328e040 c2348280
>>> [    6.225441] 5e60: 00000000 bf00a0e0 00000001 c2348280 bf0040b7
>>> bf005860 000017a8 000008a8
>>> [    6.237841] 5e80: 00000000 5beb87ed c328e040 bf00a000 c23481c0
>>> 00000000 c1a4a9e0 c0301f30
>>> [    6.250269] 5ea0: c357a3c0 c357a3c0 00000000 00000000 00000000
>>> 00000000 c03c17f0 c23481c0
>>> [    6.262591] 5ec0: c2001180 00000cc0 c03c17f0 c049d888 00000cc0
>>> 00000000 c23481c0 5beb87ed
>>> [    6.274942] 5ee0: 00000000 bf007040 0002d064 5beb87ed bf007040
>>> 0002d064 c23481c0 c328e040
>>> [    6.287336] 5f00: c0300324 c03c1810 bf007040 0000008f 00000000
>>> 0002d064 00000000 c03c3ce4
>>> [    6.299841] 5f20: f1515f34 7fffffff 00000000 00000002 c353e040
>>> f151b000 f151d8cf f151d940
>>> [    6.312151] 5f40: f151b000 00003f1c f151e904 f151e760 f151e25c
>>> 00005000 00005150 00002884
>>> [    6.324534] 5f60: 00005241 00000000 00000000 00000000 00002874
>>> 00000024 00000025 0000001b
>>> [    6.336923] 5f80: 00000000 00000017 00000000 5beb87ed 00000000
>>> bbbecb00 000417d8 00000000
>>> [    6.349310] 5fa0: 0000017b c03000c0 bbbecb00 000417d8 00000000
>>> 0002d064 00000000 0002ec3c
>>> [    6.361662] 5fc0: bbbecb00 000417d8 00000000 0000017b 00042ce0
>>> 00000000 00042c38 00000000
>>> [    6.374053] 5fe0: be8e3a88 be8e3a78 00022cb8 b6cb3ae0 60000010
>>> 00000000 00000000 00000000
>>> [    6.386437]  mmiocpy from copy_from_bpfptr+0x60/0x80
>>> [    6.395558]  copy_from_bpfptr from __sys_bpf+0x78/0x1d30
>>> [    6.404992]  __sys_bpf from bpf_sys_bpf+0x214/0x238
>>> [    6.413982]  bpf_sys_bpf from skel_map_create.constprop.0+0x60/0x80
>>> [bpf_preload]
>>> [    6.425677]  skel_map_create.constprop.0 [bpf_preload] from
>>> bpf_load_and_run.constprop.0+0x2c/0x1f8 [bpf_preload]
>>> [    6.440256]  bpf_load_and_run.constprop.0 [bpf_preload] from
>>> load+0xe0/0x1000 [bpf_preload]
>>> [    6.452929]  load [bpf_preload] from do_one_initcall+0x68/0x170
>>> [    6.463114]  do_one_initcall from do_init_module+0x3c/0x1e0
>>> [    6.472955]  do_init_module from sys_finit_module+0xc8/0xd4
>>> [    6.482802]  sys_finit_module from ret_fast_syscall+0x0/0x54
>>> [    6.492679] Exception stack(0xf1515fa8 to 0xf1515ff0)
>>> [    6.501975] 5fa0:                   bbbecb00 000417d8 00000000
>>> 0002d064 00000000 0002ec3c
>>> [    6.514476] 5fc0: bbbecb00 000417d8 00000000 0000017b 00042ce0
>>> 00000000 00042c38 00000000
>>> [    6.526999] 5fe0: be8e3a88 be8e3a78 00022cb8 b6cb3ae0
>>> [    6.536392] Code: e480e004 e8bd0360 e1b02f82 14d13001 (24d14001)
>>> [    6.546878] ---[ end trace 0000000000000000 ]---
>>>
>>> It would be nice to get a hint, how to narrow down or which commit
>>> might trigger this issue.
>>>
>>> [1] - https://bugzilla.kernel.org/show_bug.cgi?id=216105
>>>
> _______________________________________________
> linux-arm-kernel mailing list
> linux-arm-kernel@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [BUG] null pointer dereference when loading bpf_preload on Raspberry Pi

[Peter Robinson]

Hi Stefan,

> >>> Jan Palus already reported this NULL pointer dereference on bugzilla
> >>> [1], but i want to make sure this is noticed by the right people.
> >>>
> >>> I've i boot my Raspberry Pi 3 B Plus with multi_v7_defconfig and the
> >>> following config settings:
> >>>
> >>> CONFIG_BPF_SYSCALL=y
> >>> CONFIG_BPF_JIT=y
> >>> CONFIG_BPF_JIT_ALWAYS_ON=y
> >>> CONFIG_BPF_JIT_DEFAULT_ON=y
> >>> CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
> >>> CONFIG_USERMODE_DRIVER=y
> >>> CONFIG_BPF_PRELOAD=y
> >>> CONFIG_BPF_PRELOAD_UMD=m
> >> are you able to see this issue in 5.18.x, too? I'm asking because the
> >> BPF settings comes from your configuration.
> > I've not seen it in a standard boot, is there a simple way to test
> > this, TBH I've never really played with bpf (it's on the todo list) so
> > if there's an easy test I can certainly check.
>
> it's just during boot. No need to do something special.
>
> I want to figure out, if this is caused by my cross compile environment.

No, not seeing that anywhere, I've got 5.18.3 running on omap/rpi/imx6
32 bit devices without anything like that

We had an issue around BPF on arm32 back in late 2018 and I tried to
turn some of the options on in defconfig so they'd have wider testing
but got push back. I don't remember the exact issue there though (and
it's long been fixed)

Peter

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [BUG] null pointer dereference when loading bpf_preload on Raspberry Pi

[Thorsten Leemhuis]

[TLDR: I'm adding this regression report to the list of tracked
regressions; all text from me you find below is based on a few templates
paragraphs you might have encountered already already in similar form.]

Hi, this is your Linux kernel regression tracker. Top-posting for once,
to make this easily accessible to everyone.

On 13.06.22 00:22, Stefan Wahren wrote:
> 
> Jan Palus already reported this NULL pointer dereference on bugzilla
> [1], but i want to make sure this is noticed by the right people.
> 
> I've i boot my Raspberry Pi 3 B Plus with multi_v7_defconfig and the
> following config settings:
> 
> CONFIG_BPF_SYSCALL=y
> CONFIG_BPF_JIT=y
> CONFIG_BPF_JIT_ALWAYS_ON=y
> CONFIG_BPF_JIT_DEFAULT_ON=y
> CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
> CONFIG_USERMODE_DRIVER=y
> CONFIG_BPF_PRELOAD=y
> CONFIG_BPF_PRELOAD_UMD=m
> 
> The kernel (Linux 5.18.3) crashes with a null pointer deference:
> 
> [    5.551587] Unable to handle kernel NULL pointer dereference at
> virtual address 00000048
> [    5.564467] [00000048] *pgd=39a12835
> [    5.572700] Internal error: Oops: 17 [#1] SMP ARM
> [    5.581249] Modules linked in: bpf_preload(+)
> [    5.589400] CPU: 1 PID: 85 Comm: modprobe Not tainted 5.18.3 #1
> [    5.597966] usb 1-1.1: new high-speed USB device number 3 using dwc2
> [    5.599251] Hardware name: BCM2835
> [    5.616839] PC is at mmiocpy+0xc8/0x334
> [    5.624534] LR is at copy_from_bpfptr+0x60/0x80
> [    5.632973] pc : [<c06e77e8>]    lr : [<c03fee50>]    psr: 60000013
> [    5.643146] sp : f1515b30  ip : f1515b48  fp : f1515b30
> [    5.652331] r10: c328e040  r9 : f1515b68  r8 : 00000000
> [    5.661506] r7 : c328e040  r6 : 00000002  r5 : 00000048  r4 : 00000002
> [    5.672037] r3 : 0000003d  r2 : 00000000  r1 : 00000048  r0 : f1515c08
> [    5.682572] Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM 
> Segment none
> [    5.693670] Control: 10c5383d  Table: 023c406a  DAC: 00000051
> [    5.703426] Register r0 information: 2-page vmalloc region starting
> at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> [    5.718310] Register r1 information: non-paged memory
> [    5.727454] Register r2 information: NULL pointer
> [    5.736205] Register r3 information: non-paged memory
> [    5.738825] hub 1-1.1:1.0: USB hub found
> [    5.745334] Register r4 information: non-paged memory
> [    5.753345] hub 1-1.1:1.0: 3 ports detected
> [    5.762358] Register r5 information: non-paged memory
> [    5.762364] Register r6 information: non-paged memory
> [    5.762368] Register r7 information: slab task_struct start c328e040
> pointer offset 0
> [    5.800440] Register r8 information: NULL pointer
> [    5.809029] Register r9 information: 2-page vmalloc region starting
> at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> [    5.823843] Register r10 information: slab task_struct start c328e040
> pointer offset 0
> [    5.835847] Register r11 information: 2-page vmalloc region starting
> at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> [    5.850796] Register r12 information: 2-page vmalloc region starting
> at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> [    5.865664] Process modprobe (pid: 85, stack limit = 0x(ptrval))
> [    5.867961] usb 1-1.3: new low-speed USB device number 4 using dwc2
> [    5.875679] Stack: (0xf1515b30 to 0xf1516000)
> [    5.894419] 5b20:                                     f1515c08
> 00000002 00000000 c03fee50
> [    5.906750] 5b40: 00000048 c051aa3d 00000000 c0402520 ef80327c
> ef80328c c2001180 f1515c08
> [    5.919097] 5b60: c1a45808 00012cc0 00000048 c051aa3d c3022440
> 00000001 c2ee9898 ffffffff
> [    5.931435] 5b80: 00000000 f1515bb4 00000000 00000000 c2ee9a48
> 5beb87ed c22c4c8c 00000000
> [    5.943733] 5ba0: 00000001 c328e040 00000000 00012cc0 00000dc0
> 00000000 f1515f38 c048fb58
> [    5.956089] 5bc0: f1515c00 00000000 c328e040 c217c000 4a389946
> 00000001 00012cc0 ef7ff780
> [    5.968456] 5be0: 00000000 4a389946 00000005 00000001 00000001
> c328e2c0 c1804d8c c036a868
> [    5.980852] 5c00: 00000801 ef7ff780 00000000 00000000 00000000
> 00000000 00000000 00000000
> [    5.993238] 5c20: 00000000 00000000 00000000 00000000 00000000
> 00000000 00000000 00000000
> [    6.005643] 5c40: 00000000 00000000 00000000 00000000 00000000
> 00000000 00000000 00000000
> [    6.018026] 5c60: 00000000 00000000 00000000 00000000 00000000
> 00000000 00000000 00000000
> [    6.030371] 5c80: 00000000 00000000 00000000 00000000 00000000
> 00000000 00000019 5beb87ed
> [    6.042719] 5ca0: c2004208 000017a8 00000048 c328e040 ffffffff
> 00000000 c328e040 c328e040
> [    6.055020] 5cc0: 00000000 c04043ec 00005dd9 7fffffff c2004208
> 00000048 c051aa3d 5beb87ed
> [    6.067330] 5ce0: 00005df9 000017a8 c328e040 c328e040 ffffffff
> 00000000 c328e040 0000017b
> [    6.079612] 5d00: 00000000 bf0031e0 00000002 00000004 000017a8
> 00000001 00000000 00000000
> [    6.091957] 5d20: 00000000 6f6c5f5f 72656461 70616d2e 00000000
> 00000000 00000000 00000000
> [    6.104254] 5d40: 00000000 00000000 00000000 00000000 c328e040
> c0380594 c1325856 00000001
> [    6.116521] 5d60: c23729a0 c051b97c c23729a0 5beb87ed 00000000
> 00000000 c200423c c1a4a551
> [    6.117969] usb 1-1.1.2: new low-speed USB device number 5 using dwc2
> [    6.128707] 5d80: c2372a50 00000001 c1325856 00000124 c2372a50
> c051b97c c2372a50 5beb87ed
> [    6.128716] 5da0: 00000000 c22d1980 f1515e6c bf00322c ffffffff
> 00000000 c2372a50 00000000
> [    6.163743] 5dc0: 00000030 00000000 c2372a50 c0f179f0 c2348280
> ef87f900 c2001180 c328e040
> [    6.176062] 5de0: c04897dc 00000013 c0464698 c22d1980 c22d1980
> 00000062 00000cc0 c049d584
> [    6.188380] 5e00: 00000cc0 c328e040 c22d1980 5beb87ed 00000001
> 00000cc0 00000062 bf00a05c
> [    6.200720] 5e20: ffffffff c1a4a9e0 c328e040 0000017b 00000000
> c0464698 c2348280 5beb87ed
> [    6.213033] 5e40: 00000002 c328e040 bf007280 5beb87ed c22d1980
> bf007280 c328e040 c2348280
> [    6.225441] 5e60: 00000000 bf00a0e0 00000001 c2348280 bf0040b7
> bf005860 000017a8 000008a8
> [    6.237841] 5e80: 00000000 5beb87ed c328e040 bf00a000 c23481c0
> 00000000 c1a4a9e0 c0301f30
> [    6.250269] 5ea0: c357a3c0 c357a3c0 00000000 00000000 00000000
> 00000000 c03c17f0 c23481c0
> [    6.262591] 5ec0: c2001180 00000cc0 c03c17f0 c049d888 00000cc0
> 00000000 c23481c0 5beb87ed
> [    6.274942] 5ee0: 00000000 bf007040 0002d064 5beb87ed bf007040
> 0002d064 c23481c0 c328e040
> [    6.287336] 5f00: c0300324 c03c1810 bf007040 0000008f 00000000
> 0002d064 00000000 c03c3ce4
> [    6.299841] 5f20: f1515f34 7fffffff 00000000 00000002 c353e040
> f151b000 f151d8cf f151d940
> [    6.312151] 5f40: f151b000 00003f1c f151e904 f151e760 f151e25c
> 00005000 00005150 00002884
> [    6.324534] 5f60: 00005241 00000000 00000000 00000000 00002874
> 00000024 00000025 0000001b
> [    6.336923] 5f80: 00000000 00000017 00000000 5beb87ed 00000000
> bbbecb00 000417d8 00000000
> [    6.349310] 5fa0: 0000017b c03000c0 bbbecb00 000417d8 00000000
> 0002d064 00000000 0002ec3c
> [    6.361662] 5fc0: bbbecb00 000417d8 00000000 0000017b 00042ce0
> 00000000 00042c38 00000000
> [    6.374053] 5fe0: be8e3a88 be8e3a78 00022cb8 b6cb3ae0 60000010
> 00000000 00000000 00000000
> [    6.386437]  mmiocpy from copy_from_bpfptr+0x60/0x80
> [    6.395558]  copy_from_bpfptr from __sys_bpf+0x78/0x1d30
> [    6.404992]  __sys_bpf from bpf_sys_bpf+0x214/0x238
> [    6.413982]  bpf_sys_bpf from skel_map_create.constprop.0+0x60/0x80
> [bpf_preload]
> [    6.425677]  skel_map_create.constprop.0 [bpf_preload] from
> bpf_load_and_run.constprop.0+0x2c/0x1f8 [bpf_preload]
> [    6.440256]  bpf_load_and_run.constprop.0 [bpf_preload] from
> load+0xe0/0x1000 [bpf_preload]
> [    6.452929]  load [bpf_preload] from do_one_initcall+0x68/0x170
> [    6.463114]  do_one_initcall from do_init_module+0x3c/0x1e0
> [    6.472955]  do_init_module from sys_finit_module+0xc8/0xd4
> [    6.482802]  sys_finit_module from ret_fast_syscall+0x0/0x54
> [    6.492679] Exception stack(0xf1515fa8 to 0xf1515ff0)
> [    6.501975] 5fa0:                   bbbecb00 000417d8 00000000
> 0002d064 00000000 0002ec3c
> [    6.514476] 5fc0: bbbecb00 000417d8 00000000 0000017b 00042ce0
> 00000000 00042c38 00000000
> [    6.526999] 5fe0: be8e3a88 be8e3a78 00022cb8 b6cb3ae0
> [    6.536392] Code: e480e004 e8bd0360 e1b02f82 14d13001 (24d14001)
> [    6.546878] ---[ end trace 0000000000000000 ]---
> 
> It would be nice to get a hint, how to narrow down or which commit might
> trigger this issue.
> 
> [1] - https://bugzilla.kernel.org/show_bug.cgi?id=216105

To be sure below issue doesn't fall through the cracks unnoticed, I'm
adding it to regzbot, my Linux kernel regression tracking bot:

#regzbot ^introduced v5.17..v5.18
#regzbot title bet: bpf: null pointer dereference when loading
bpf_preload on Raspberry Pi
#regzbot ignore-activity
#regzbot link: https://bugzilla.kernel.org/show_bug.cgi?id=216105
This isn't a regression? This issue or a fix for it are already
discussed somewhere else? It was fixed already? You want to clarify when
the regression started to happen? Or point out I got the title or
something else totally wrong? Then just reply -- ideally with also
telling regzbot about it, as explained here:
https://linux-regtracking.leemhuis.info/tracked-regression/

Reminder for developers: When fixing the issue, add 'Link:' tags
pointing to the report (the mail this one replied to), as the kernel's
documentation call for; above page explains why this is important for
tracked regressions.

Ciao, Thorsten (wearing his 'the Linux kernel's regression tracker' hat)

P.S.: As the Linux kernel's regression tracker I deal with a lot of
reports and sometimes miss something important when writing mails like
this. If that's the case here, don't hesitate to tell me in a public
reply, it's in everyone's interest to set the public record straight.


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [BUG] null pointer dereference when loading bpf_preload on Raspberry Pi

[Thorsten Leemhuis]

Hi, this is your Linux kernel regression tracker. Top-posting for once,
to make this easily accessible to everyone.

This looks stuck. And the report on bugzilla didn't even get a single
reply. What can we do to get this resolved? Has anyone tried to bisect
this? Or has some progress been made and I simply missed it?

On 13.06.22 00:22, Stefan Wahren wrote:
> Hi,
> 
> Jan Palus already reported this NULL pointer dereference on bugzilla
> [1], but i want to make sure this is noticed by the right people.
> 
> I've i boot my Raspberry Pi 3 B Plus with multi_v7_defconfig and the
> following config settings:
> 
> CONFIG_BPF_SYSCALL=y
> CONFIG_BPF_JIT=y
> CONFIG_BPF_JIT_ALWAYS_ON=y
> CONFIG_BPF_JIT_DEFAULT_ON=y
> CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
> CONFIG_USERMODE_DRIVER=y
> CONFIG_BPF_PRELOAD=y
> CONFIG_BPF_PRELOAD_UMD=m
> 
> The kernel (Linux 5.18.3) crashes with a null pointer deference:
> 
> [    5.551587] Unable to handle kernel NULL pointer dereference at
> virtual address 00000048
> [    5.564467] [00000048] *pgd=39a12835
> [    5.572700] Internal error: Oops: 17 [#1] SMP ARM
> [    5.581249] Modules linked in: bpf_preload(+)
> [    5.589400] CPU: 1 PID: 85 Comm: modprobe Not tainted 5.18.3 #1
> [    5.597966] usb 1-1.1: new high-speed USB device number 3 using dwc2
> [    5.599251] Hardware name: BCM2835
> [    5.616839] PC is at mmiocpy+0xc8/0x334
> [    5.624534] LR is at copy_from_bpfptr+0x60/0x80
> [    5.632973] pc : [<c06e77e8>]    lr : [<c03fee50>]    psr: 60000013
> [    5.643146] sp : f1515b30  ip : f1515b48  fp : f1515b30
> [    5.652331] r10: c328e040  r9 : f1515b68  r8 : 00000000
> [    5.661506] r7 : c328e040  r6 : 00000002  r5 : 00000048  r4 : 00000002
> [    5.672037] r3 : 0000003d  r2 : 00000000  r1 : 00000048  r0 : f1515c08
> [    5.682572] Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM 
> Segment none
> [    5.693670] Control: 10c5383d  Table: 023c406a  DAC: 00000051
> [    5.703426] Register r0 information: 2-page vmalloc region starting
> at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> [    5.718310] Register r1 information: non-paged memory
> [    5.727454] Register r2 information: NULL pointer
> [    5.736205] Register r3 information: non-paged memory
> [    5.738825] hub 1-1.1:1.0: USB hub found
> [    5.745334] Register r4 information: non-paged memory
> [    5.753345] hub 1-1.1:1.0: 3 ports detected
> [    5.762358] Register r5 information: non-paged memory
> [    5.762364] Register r6 information: non-paged memory
> [    5.762368] Register r7 information: slab task_struct start c328e040
> pointer offset 0
> [    5.800440] Register r8 information: NULL pointer
> [    5.809029] Register r9 information: 2-page vmalloc region starting
> at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> [    5.823843] Register r10 information: slab task_struct start c328e040
> pointer offset 0
> [    5.835847] Register r11 information: 2-page vmalloc region starting
> at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> [    5.850796] Register r12 information: 2-page vmalloc region starting
> at 0xf1514000 allocated at kernel_clone+0x98/0x27c
> [    5.865664] Process modprobe (pid: 85, stack limit = 0x(ptrval))
> [    5.867961] usb 1-1.3: new low-speed USB device number 4 using dwc2
> [    5.875679] Stack: (0xf1515b30 to 0xf1516000)
> [    5.894419] 5b20:                                     f1515c08
> 00000002 00000000 c03fee50
> [    5.906750] 5b40: 00000048 c051aa3d 00000000 c0402520 ef80327c
> ef80328c c2001180 f1515c08
> [    5.919097] 5b60: c1a45808 00012cc0 00000048 c051aa3d c3022440
> 00000001 c2ee9898 ffffffff
> [    5.931435] 5b80: 00000000 f1515bb4 00000000 00000000 c2ee9a48
> 5beb87ed c22c4c8c 00000000
> [    5.943733] 5ba0: 00000001 c328e040 00000000 00012cc0 00000dc0
> 00000000 f1515f38 c048fb58
> [    5.956089] 5bc0: f1515c00 00000000 c328e040 c217c000 4a389946
> 00000001 00012cc0 ef7ff780
> [    5.968456] 5be0: 00000000 4a389946 00000005 00000001 00000001
> c328e2c0 c1804d8c c036a868
> [    5.980852] 5c00: 00000801 ef7ff780 00000000 00000000 00000000
> 00000000 00000000 00000000
> [    5.993238] 5c20: 00000000 00000000 00000000 00000000 00000000
> 00000000 00000000 00000000
> [    6.005643] 5c40: 00000000 00000000 00000000 00000000 00000000
> 00000000 00000000 00000000
> [    6.018026] 5c60: 00000000 00000000 00000000 00000000 00000000
> 00000000 00000000 00000000
> [    6.030371] 5c80: 00000000 00000000 00000000 00000000 00000000
> 00000000 00000019 5beb87ed
> [    6.042719] 5ca0: c2004208 000017a8 00000048 c328e040 ffffffff
> 00000000 c328e040 c328e040
> [    6.055020] 5cc0: 00000000 c04043ec 00005dd9 7fffffff c2004208
> 00000048 c051aa3d 5beb87ed
> [    6.067330] 5ce0: 00005df9 000017a8 c328e040 c328e040 ffffffff
> 00000000 c328e040 0000017b
> [    6.079612] 5d00: 00000000 bf0031e0 00000002 00000004 000017a8
> 00000001 00000000 00000000
> [    6.091957] 5d20: 00000000 6f6c5f5f 72656461 70616d2e 00000000
> 00000000 00000000 00000000
> [    6.104254] 5d40: 00000000 00000000 00000000 00000000 c328e040
> c0380594 c1325856 00000001
> [    6.116521] 5d60: c23729a0 c051b97c c23729a0 5beb87ed 00000000
> 00000000 c200423c c1a4a551
> [    6.117969] usb 1-1.1.2: new low-speed USB device number 5 using dwc2
> [    6.128707] 5d80: c2372a50 00000001 c1325856 00000124 c2372a50
> c051b97c c2372a50 5beb87ed
> [    6.128716] 5da0: 00000000 c22d1980 f1515e6c bf00322c ffffffff
> 00000000 c2372a50 00000000
> [    6.163743] 5dc0: 00000030 00000000 c2372a50 c0f179f0 c2348280
> ef87f900 c2001180 c328e040
> [    6.176062] 5de0: c04897dc 00000013 c0464698 c22d1980 c22d1980
> 00000062 00000cc0 c049d584
> [    6.188380] 5e00: 00000cc0 c328e040 c22d1980 5beb87ed 00000001
> 00000cc0 00000062 bf00a05c
> [    6.200720] 5e20: ffffffff c1a4a9e0 c328e040 0000017b 00000000
> c0464698 c2348280 5beb87ed
> [    6.213033] 5e40: 00000002 c328e040 bf007280 5beb87ed c22d1980
> bf007280 c328e040 c2348280
> [    6.225441] 5e60: 00000000 bf00a0e0 00000001 c2348280 bf0040b7
> bf005860 000017a8 000008a8
> [    6.237841] 5e80: 00000000 5beb87ed c328e040 bf00a000 c23481c0
> 00000000 c1a4a9e0 c0301f30
> [    6.250269] 5ea0: c357a3c0 c357a3c0 00000000 00000000 00000000
> 00000000 c03c17f0 c23481c0
> [    6.262591] 5ec0: c2001180 00000cc0 c03c17f0 c049d888 00000cc0
> 00000000 c23481c0 5beb87ed
> [    6.274942] 5ee0: 00000000 bf007040 0002d064 5beb87ed bf007040
> 0002d064 c23481c0 c328e040
> [    6.287336] 5f00: c0300324 c03c1810 bf007040 0000008f 00000000
> 0002d064 00000000 c03c3ce4
> [    6.299841] 5f20: f1515f34 7fffffff 00000000 00000002 c353e040
> f151b000 f151d8cf f151d940
> [    6.312151] 5f40: f151b000 00003f1c f151e904 f151e760 f151e25c
> 00005000 00005150 00002884
> [    6.324534] 5f60: 00005241 00000000 00000000 00000000 00002874
> 00000024 00000025 0000001b
> [    6.336923] 5f80: 00000000 00000017 00000000 5beb87ed 00000000
> bbbecb00 000417d8 00000000
> [    6.349310] 5fa0: 0000017b c03000c0 bbbecb00 000417d8 00000000
> 0002d064 00000000 0002ec3c
> [    6.361662] 5fc0: bbbecb00 000417d8 00000000 0000017b 00042ce0
> 00000000 00042c38 00000000
> [    6.374053] 5fe0: be8e3a88 be8e3a78 00022cb8 b6cb3ae0 60000010
> 00000000 00000000 00000000
> [    6.386437]  mmiocpy from copy_from_bpfptr+0x60/0x80
> [    6.395558]  copy_from_bpfptr from __sys_bpf+0x78/0x1d30
> [    6.404992]  __sys_bpf from bpf_sys_bpf+0x214/0x238
> [    6.413982]  bpf_sys_bpf from skel_map_create.constprop.0+0x60/0x80
> [bpf_preload]
> [    6.425677]  skel_map_create.constprop.0 [bpf_preload] from
> bpf_load_and_run.constprop.0+0x2c/0x1f8 [bpf_preload]
> [    6.440256]  bpf_load_and_run.constprop.0 [bpf_preload] from
> load+0xe0/0x1000 [bpf_preload]
> [    6.452929]  load [bpf_preload] from do_one_initcall+0x68/0x170
> [    6.463114]  do_one_initcall from do_init_module+0x3c/0x1e0
> [    6.472955]  do_init_module from sys_finit_module+0xc8/0xd4
> [    6.482802]  sys_finit_module from ret_fast_syscall+0x0/0x54
> [    6.492679] Exception stack(0xf1515fa8 to 0xf1515ff0)
> [    6.501975] 5fa0:                   bbbecb00 000417d8 00000000
> 0002d064 00000000 0002ec3c
> [    6.514476] 5fc0: bbbecb00 000417d8 00000000 0000017b 00042ce0
> 00000000 00042c38 00000000
> [    6.526999] 5fe0: be8e3a88 be8e3a78 00022cb8 b6cb3ae0
> [    6.536392] Code: e480e004 e8bd0360 e1b02f82 14d13001 (24d14001)
> [    6.546878] ---[ end trace 0000000000000000 ]---
> 
> It would be nice to get a hint, how to narrow down or which commit might
> trigger this issue.
> 
> [1] - https://bugzilla.kernel.org/show_bug.cgi?id=216105
> 
> 
> 

Ciao, Thorsten (wearing his 'the Linux kernel's regression tracker' hat)

P.S.: As the Linux kernel's regression tracker I deal with a lot of
reports and sometimes miss something important when writing mails like
this. If that's the case here, don't hesitate to tell me in a public
reply, it's in everyone's interest to set the public record straight.

#regzbot poke
#regzbot title net: bpf: null pointer dereference when loading
bpf_preload on Raspberry Pi
#regzbot unlink: https://bugzilla.kernel.org/show_bug.cgi?id=216105
#regzbot link: https://bugzilla.kernel.org/show_bug.cgi?id=216105

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [BUG] null pointer dereference when loading bpf_preload on Raspberry Pi

[Stefan Wahren]

Hi Thorsten,

Am 19.06.22 um 19:06 schrieb Thorsten Leemhuis:
> [TLDR: I'm adding this regression report to the list of tracked
> regressions; all text from me you find below is based on a few templates
> paragraphs you might have encountered already already in similar form.]

as reported by Jan on Bugzilla [1] the issue has been resolved by

e2dcac2f58f5 ("BPF: Fix potential bad pointer dereference in 
bpf_sys_bpf()")|
|

|I can confirm the fix.
|

|#regzbot fixed-by: |e2dcac2f58f5
||

||


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [BUG] null pointer dereference when loading bpf_preload on Raspberry Pi

[Stefan Wahren]

Am 03.09.22 um 16:17 schrieb Stefan Wahren:
> Hi Thorsten,
>
> Am 19.06.22 um 19:06 schrieb Thorsten Leemhuis:
>> [TLDR: I'm adding this regression report to the list of tracked
>> regressions; all text from me you find below is based on a few templates
>> paragraphs you might have encountered already already in similar form.]
>
> as reported by Jan on Bugzilla [1] the issue has been resolved by
>
> e2dcac2f58f5 ("BPF: Fix potential bad pointer dereference in 
> bpf_sys_bpf()")
>
> I can confirm the fix.

sorry missed the link.

[1] - https://bugzilla.kernel.org/show_bug.cgi?id=216105

> #regzbot fixed-by: |e2dcac2f58f5
>
> _______________________________________________
> linux-arm-kernel mailing list
> linux-arm-kernel@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [BUG] null pointer dereference when loading bpf_preload on Raspberry Pi

[Thorsten Leemhuis]

On 03.09.22 16:44, Stefan Wahren wrote:
> Am 03.09.22 um 16:17 schrieb Stefan Wahren:
>>
>> Am 19.06.22 um 19:06 schrieb Thorsten Leemhuis:
>>> [TLDR: I'm adding this regression report to the list of tracked
>>> regressions; all text from me you find below is based on a few templates
>>> paragraphs you might have encountered already already in similar form.]
>>
>> as reported by Jan on Bugzilla [1] the issue has been resolved by
>>
>> e2dcac2f58f5 ("BPF: Fix potential bad pointer dereference in
>> bpf_sys_bpf()")
>>
>> I can confirm the fix.
> 
> sorry missed the link.
> 
> [1] - https://bugzilla.kernel.org/show_bug.cgi?id=216105
> 
>> #regzbot fixed-by: |e2dcac2f58f5

Sorry, I'm totally behind with tracking the progress for some
regressions because I'm busy preparing three talks :-/ Many thx for
letting me know!

FWIW, this is how you mail looked like here:

```
|I can confirm the fix.
|

|#regzbot fixed-by: |e2dcac2f58f5
||
"""

Regzbot ignored it, as the "#" has to be the first character in a new
paragraph. And the "|" before e2dcac2f58f5 would have confused it as
well. No worries, happens, that is easily fixed up:

#regzbot fixed-by: e2dcac2f58f5

But I wanted to tell you, as it's not the first time you tried to
interact with regzbot in a way that failed. I suspect you mailer does
something odd.

But as I said: no worries, things like that happen. :-D

Ciao, Thorsten

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel