A quick check shows it's also affecting GKE 5.0 Passed on 5.0.0-1037.38. Failed on 5.0.0-1038.39 with the same failure.
** Tags removed: bionic ** Tags added: gke -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1881263 Title: bpf_get_stack from test_verifier in ubuntu_bpf failed on Bionic 5.0 Status in ubuntu-kernel-tests: New Status in linux package in Ubuntu: Incomplete Bug description: Issue found on 5.0.0-49.53~18.04.1-generic in proposed, but passed with 5.0.0-48.52~18.04.1-generic #724/p bpf_get_stack return R0 within range FAIL Failed to load prog 'Success'! 0: (bf) r6 = r1 1: (7a) *(u64 *)(r10 -8) = 0 2: (bf) r2 = r10 3: (07) r2 += -8 4: (18) r1 = 0xffffa0ca73b8d400 6: (85) call bpf_map_lookup_elem#1 7: (15) if r0 == 0x0 goto pc+28 R0=map_value(id=0,off=0,ks=8,vs=48,imm=0) R6=ctx(id=0,off=0,imm=0) R10=fp0,call_-1 fp-8=mmmmmmmm 8: (bf) r7 = r0 9: (b7) r9 = 48 10: (bf) r1 = r6 11: (bf) r2 = r7 12: (b7) r3 = 48 13: (b7) r4 = 256 14: (85) call bpf_get_stack#67 R0=map_value(id=0,off=0,ks=8,vs=48,imm=0) R1_w=ctx(id=0,off=0,imm=0) R2_w=map_value(id=0,off=0,ks=8,vs=48,imm=0) R3_w=inv48 R4_w=inv256 R6=ctx(id=0,off=0,imm=0) R7_w=map_value(id=0,off=0,ks=8,vs=48,imm=0) R9_w=inv48 R10=fp0,call_-1 fp-8=mmmmmmmm 15: (b7) r1 = 0 16: (bf) r8 = r0 17: (67) r8 <<= 32 18: (c7) r8 s>>= 32 19: (cd) if r1 s< r8 goto pc+16 R0=inv(id=0,umax_value=48,var_off=(0x0; 0x3f)) R1=inv0 R6=ctx(id=0,off=0,imm=0) R7=map_value(id=0,off=0,ks=8,vs=48,imm=0) R8=inv0 R9=inv48 R10=fp0,call_-1 fp-8=mmmmmmmm 20: (1f) r9 -= r8 21: (bf) r2 = r7 22: (0f) r2 += r8 23: (bf) r1 = r9 24: (67) r1 <<= 32 25: (c7) r1 s>>= 32 26: (bf) r3 = r2 27: (0f) r3 += r1 28: (bf) r1 = r7 29: (b7) r5 = 48 30: (0f) r1 += r5 31: (3d) if r3 >= r1 goto pc+4 R0=inv(id=0,umax_value=48,var_off=(0x0; 0x3f)) R1=map_value(id=0,off=48,ks=8,vs=48,imm=0) R2=map_value(id=0,off=0,ks=8,vs=48,imm=0) R3=map_value(id=0,off=48,ks=8,vs=48,imm=0) R5=inv48 R6=ctx(id=0,off=0,imm=0) R7=map_value(id=0,off=0,ks=8,vs=48,imm=0) R8=inv0 R9=inv48 R10=fp0,call_-1 fp-8=mmmmmmmm 32: (bf) r1 = r6 33: (bf) r3 = r9 34: (b7) r4 = 0 35: (85) call bpf_get_stack#67 R0=inv(id=0,umax_value=48,var_off=(0x0; 0x3f)) R1_w=ctx(id=0,off=0,imm=0) R2=map_value(id=0,off=0,ks=8,vs=48,imm=0) R3_w=inv48 R4_w=inv0 R5=inv48 R6=ctx(id=0,off=0,imm=0) R7=map_value(id=0,off=0,ks=8,vs=48,imm=0) R8=inv0 R9=inv48 R10=fp0,call_-1 fp-8=mmmmmmmm 36: (95) exit from 35 to 36: R0=inv(id=0,umin_value=18446744071562067968,var_off=(0xffffffff80000000; 0x7fffffff)) R6=ctx(id=0,off=0,imm=0) R7=map_value(id=0,off=0,ks=8,vs=48,imm=0) R8=inv0 R9=inv48 R10=fp0,call_-1 fp-8=mmmmmmmm 36: (95) exit from 31 to 36: safe from 19 to 36: safe from 14 to 15: R0=inv(id=0,umin_value=18446744071562067968,var_off=(0xffffffff80000000; 0x7fffffff)) R6=ctx(id=0,off=0,imm=0) R7=map_value(id=0,off=0,ks=8,vs=48,imm=0) R9=inv48 R10=fp0,call_-1 fp-8=mmmmmmmm 15: (b7) r1 = 0 16: (bf) r8 = r0 17: (67) r8 <<= 32 18: (c7) r8 s>>= 32 19: (cd) if r1 s< r8 goto pc+16 R0=inv(id=0,umin_value=18446744071562067968,var_off=(0xffffffff80000000; 0x7fffffff)) R1=inv0 R6=ctx(id=0,off=0,imm=0) R7=map_value(id=0,off=0,ks=8,vs=48,imm=0) R8=inv(id=0,umin_value=18446744071562067968,var_off=(0xffffffff80000000; 0x7fffffff)) R9=inv48 R10=fp0,call_-1 fp-8=mmmmmmmm 20: (1f) r9 -= r8 21: (bf) r2 = r7 22: (0f) r2 += r8 value -2147483648 makes map_value pointer be out of bounds With 5.0.0-48.52~18.04.1-generic the test will pass: #724/p bpf_get_stack return R0 within range OK To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1881263/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
