Hello:
This series was applied to bpf/bpf-next.git (master) by Alexei Starovoitov ast@kernel.org:
On Fri, 14 Feb 2025 17:18:20 +0800 you wrote:
Syzbot caught an array out-of-bounds bug [1]. It turns out that when the BPF program runs through do_misc_fixups(), it allocates an extra 8 bytes on the call stack, which eventually causes stack_depth to exceed 512.
I was able to reproduce this issue probabilistically by enabling CONFIG_UBSAN=y and disabling CONFIG_BPF_JIT_ALWAYS_ON with the selfttest I provide in second patch(although it doesn't happen every time - I didn't dig deeper into why UBSAN behaves this way).
[...]
Here is the summary with links: - [bpf-next,v3,1/3] bpf: Fix array bounds error with may_goto https://git.kernel.org/bpf/bpf-next/c/6ebc5030e0c5 - [bpf-next,v3,2/3] selftests/bpf: Introduce __load_if_JITed annotation for tests https://git.kernel.org/bpf/bpf-next/c/b38c72ab808c - [bpf-next,v3,3/3] selftests/bpf: Add selftest for may_goto https://git.kernel.org/bpf/bpf-next/c/72266ee83fed
You are awesome, thank you!