tree: https://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git queue-5.4 head: de62e075613ad8d1b4979186b1962e3ae58156f2 commit: aec6ff2b4f2de4a2a013bc22ed8dab66660f47e5 [99/290] bpf: Add probe_read_{user, kernel} and probe_read_{user, kernel}_str helpers config: sparc-allyesconfig (attached as .config) compiler: sparc64-linux-gcc (GCC) 9.3.0 reproduce: wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross git checkout aec6ff2b4f2de4a2a013bc22ed8dab66660f47e5 # save the attached .config to linux build tree COMPILER_INSTALL_PATH=$HOME/0day GCC_VERSION=9.3.0 make.cross ARCH=sparc If you fix the issue, kindly add following tag as appropriate Reported-by: kbuild test robot <lkp(a)intel.com&gt; Note: the sashal-linux-stable/queue-5.4 HEAD de62e075613ad8d1b4979186b1962e3ae58156f2 builds fine. It only hurts bisectibility. All errors (new ones prefixed by >>, old ones prefixed by <<): kernel/trace/bpf_trace.c: In function 'bpf_probe_read_kernel_common': 190 | probe_kernel_read_strict(dst, unsafe_ptr, size); | ^~~~~~~~~~~~~~~~~~~~~~~~ | probe_kernel_read kernel/trace/bpf_trace.c: In function 'bpf_probe_read_kernel_str_common': 245 | strncpy_from_unsafe_strict(dst, unsafe_ptr, size); | ^~~~~~~~~~~~~~~~~~~~~~~~~~ | strncpy_from_unsafe_user cc1: some warnings being treated as errors vim +190 kernel/trace/bpf_trace.c 180 181 static __always_inline int 182 bpf_probe_read_kernel_common(void *dst, u32 size, const void *unsafe_ptr, 183 const bool compat) 184 { 185 int ret = security_locked_down(LOCKDOWN_BPF_READ); 186 187 if (unlikely(ret < 0)) 188 goto out; 189 ret = compat ? probe_kernel_read(dst, unsafe_ptr, size) : 191 if (unlikely(ret < 0)) 192 out: 193 memset(dst, 0, size); 194 return ret; 195 } 196 197 BPF_CALL_3(bpf_probe_read_kernel, void *, dst, u32, size, 198 const void *, unsafe_ptr) 199 { 200 return bpf_probe_read_kernel_common(dst, size, unsafe_ptr, false); 201 } 202 203 static const struct bpf_func_proto bpf_probe_read_kernel_proto = { 204 .func = bpf_probe_read_kernel, 205 .gpl_only = true, 206 .ret_type = RET_INTEGER, 207 .arg1_type = ARG_PTR_TO_UNINIT_MEM, 208 .arg2_type = ARG_CONST_SIZE_OR_ZERO, 209 .arg3_type = ARG_ANYTHING, 210 }; 211 212 BPF_CALL_3(bpf_probe_read_compat, void *, dst, u32, size, 213 const void *, unsafe_ptr) 214 { 215 return bpf_probe_read_kernel_common(dst, size, unsafe_ptr, true); 216 } 217 218 static const struct bpf_func_proto bpf_probe_read_compat_proto = { 219 .func = bpf_probe_read_compat, 220 .gpl_only = true, 221 .ret_type = RET_INTEGER, 222 .arg1_type = ARG_PTR_TO_UNINIT_MEM, 223 .arg2_type = ARG_CONST_SIZE_OR_ZERO, 224 .arg3_type = ARG_ANYTHING, 225 }; 226 227 static __always_inline int 228 bpf_probe_read_kernel_str_common(void *dst, u32 size, const void *unsafe_ptr, 229 const bool compat) 230 { 231 int ret = security_locked_down(LOCKDOWN_BPF_READ); 232 233 if (unlikely(ret < 0)) 234 goto out; 235 /* 236 * The strncpy_from_unsafe_*() call will likely not fill the entire 237 * buffer, but that's okay in this circumstance as we're probing 238 * arbitrary memory anyway similar to bpf_probe_read_*() and might 239 * as well probe the stack. Thus, memory is explicitly cleared 240 * only in error case, so that improper users ignoring return 241 * code altogether don't copy garbage; otherwise length of string 242 * is returned that can be used for bpf_perf_event_output() et al. 243 */ 244 ret = compat ? strncpy_from_unsafe(dst, unsafe_ptr, size) : 246 if (unlikely(ret < 0)) 247 out: 248 memset(dst, 0, size); 249 return ret; 250 } 251 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org