bisecting cause commit starting from 0f4498cef9f5cd18d7c6639a2a902ec1edc5be4e building syzkaller on a8529b82fb3bb45832b08a099e7eb51707da9b37 testing commit 0f4498cef9f5cd18d7c6639a2a902ec1edc5be4e with gcc (GCC) 10.2.1 20210217 kernel signature: 9014f1b7a13eeef537248d2f9ffac6f1ea8b9b1440e90089d6ecd78e3ad87cf3 run #0: basic kernel testing failed: BUG: program execution failed: executor 0: failed to write control pipe: write |1: broken pipe run #1: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #2: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #3: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #4: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #5: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #6: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #7: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #8: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #9: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #10: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #11: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #12: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #13: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #14: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #15: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #16: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #17: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #18: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run run #19: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run testing release v5.11 testing commit f40ddce88593482919761f74910f42f4b84c004b with gcc (GCC) 10.2.1 20210217 kernel signature: 5041c5e4049bf1496846dff0bc8c1e488837e1e9c6e82df31b117c7aeef8d38d all runs: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run testing release v5.10 testing commit 2c85ebc57b3e1817b6ce1a6b703928e113a90442 with gcc (GCC) 10.2.1 20210217 kernel signature: cad6104ee5980da34c3147fcdeebab7e6b35e0f7c839f4d4d2112d2f2bee77c0 all runs: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run testing release v5.9 testing commit bbf5c979011a099af5dc76498918ed7df445635b with gcc (GCC) 10.2.1 20210217 kernel signature: 8011b81eac33d29863e8e6e9224c1819fb5876602e14041359f4ac54ea240288 all runs: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run testing release v5.8 testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.4.1 20210217 kernel signature: d8f57bd5b53f069bc735bc65429ec4535ce5dc4401373f0667d0b8813566dc3b all runs: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run testing release v5.7 testing commit 3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162 with gcc (GCC) 8.4.1 20210217 kernel signature: 8103b649235ef690d76ad91a10c3e74f1da2f0eaf4bd50666d0c4e05907f0559 all runs: crashed: UBSAN: shift-out-of-bounds in ___bpf_prog_run testing release v5.6 testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.4.1 20210217 kernel signature: 9b17e2ec3e1b2c92c99d58e88fb54f7650d8f7885ac9d85a995974f42bdb3b58 all runs: crashed: UBSAN: undefined-behaviour in ___bpf_prog_run testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.4.1 20210217 kernel signature: a6eae11aa7dc44d264794066a79704fe26ce52b1e6bbcb60eeca63fe929715da all runs: crashed: UBSAN: undefined-behaviour in ___bpf_prog_run testing release v5.4 testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.4.1 20210217 kernel signature: f3bde1e5dba43d0c5ce48edbd823c1145148bca4cfaa5bbcbee5433e90f307f6 all runs: crashed: UBSAN: undefined-behaviour in ___bpf_prog_run testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.4.1 20210217 kernel signature: 93d096ab303fad0939b15e39cac0bffaafc609b83e6783aec63302c79775d462 all runs: crashed: UBSAN: undefined-behaviour in ___bpf_prog_run testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.4.1 20210217 kernel signature: 1ca9516baf0ae7e0054d49c007bc81aa0d3578ed4b05495ad6af8f2f65aa2bc7 all runs: OK # git bisect start 4d856f72c10ecb060868ed10ff1b1453943fc6c8 0ecfebd2b52404ae0c54a878c872bb93363ada36 Bisecting: 7848 revisions left to test after this (roughly 13 steps) [43c95d3694cc448fdf50bd53b7ff3a5bb4655883] Merge tag 'pinctrl-v5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl testing commit 43c95d3694cc448fdf50bd53b7ff3a5bb4655883 with gcc (GCC) 8.4.1 20210217 kernel signature: c0238633ce5842d3ce2d6856f9416fd89c2c160a342ebe868fceac66bdef3cd3 all runs: OK # git bisect good 43c95d3694cc448fdf50bd53b7ff3a5bb4655883 Bisecting: 3922 revisions left to test after this (roughly 12 steps) [0e2a5b5bd9a6aaec85df347dd71432a1d2d10763] Merge branch 'parisc-5.3-2' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux testing commit 0e2a5b5bd9a6aaec85df347dd71432a1d2d10763 with gcc (GCC) 8.4.1 20210217 kernel signature: d0466a2983e0163a574373d6dcf9a396af5ba6e0ca718ab4bc67f6a6a3a3c55b all runs: OK # git bisect good 0e2a5b5bd9a6aaec85df347dd71432a1d2d10763 Bisecting: 1961 revisions left to test after this (roughly 11 steps) [12a6d2940b5f02b4b9f71ce098e3bb02bc24a9ea] perf record: Fix module size on s390 testing commit 12a6d2940b5f02b4b9f71ce098e3bb02bc24a9ea with gcc (GCC) 8.4.1 20210217 kernel signature: 7952c99fa8b64a49b6cc9c9af8a422a62183c0f67a2b7a62bfb1c62b3b1b67aa all runs: OK # git bisect good 12a6d2940b5f02b4b9f71ce098e3bb02bc24a9ea Bisecting: 984 revisions left to test after this (roughly 10 steps) [85d8d3b172eb37b23dcdbe9fa7a85e343642bfea] Merge tag 'hyperv-fixes-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux testing commit 85d8d3b172eb37b23dcdbe9fa7a85e343642bfea with gcc (GCC) 8.4.1 20210217 kernel signature: e61fe433193e01a11784dec676c1a416dd0893204ed91c19bdf0d55ebe8d5978 all runs: OK # git bisect good 85d8d3b172eb37b23dcdbe9fa7a85e343642bfea Bisecting: 496 revisions left to test after this (roughly 9 steps) [6525771f58cbc6ab97b5cff9069865cde8283346] Merge tag 'arc-5.3-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc testing commit 6525771f58cbc6ab97b5cff9069865cde8283346 with gcc (GCC) 8.4.1 20210217 kernel signature: 7c9f02b3e5c7b30eb63617702de44a136acc907bf241b56f0c3332a7df8c1c7e all runs: OK # git bisect good 6525771f58cbc6ab97b5cff9069865cde8283346 Bisecting: 251 revisions left to test after this (roughly 8 steps) [345464fb760d1b772e891538b498e111c588b692] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit 345464fb760d1b772e891538b498e111c588b692 with gcc (GCC) 8.4.1 20210217 kernel signature: a808565369ea9b9a967ab52eab3b8d38d23663419b066933b9a0ee46c24246b8 all runs: OK # git bisect good 345464fb760d1b772e891538b498e111c588b692 Bisecting: 126 revisions left to test after this (roughly 7 steps) [840ce8f8073edb3ff3d2c2c7a6ef211f4176961c] Merge tag 'pinctrl-v5.3-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl testing commit 840ce8f8073edb3ff3d2c2c7a6ef211f4176961c with gcc (GCC) 8.4.1 20210217 kernel signature: 78c4741ec63cba76554bbec55a339921b2756f28653c04bec15f7fe50d6ca10c all runs: OK # git bisect good 840ce8f8073edb3ff3d2c2c7a6ef211f4176961c Bisecting: 63 revisions left to test after this (roughly 6 steps) [c3dc1fa72249e4472b90ecef4dbafe25f0f07889] net: hns3: fix spelling mistake "undeflow" -> "underflow" testing commit c3dc1fa72249e4472b90ecef4dbafe25f0f07889 with gcc (GCC) 8.4.1 20210217 kernel signature: 6144e8bf3eec7dcab93c2d38af7b8b152780633bf19bcddc089661521f7ed834 all runs: OK # git bisect good c3dc1fa72249e4472b90ecef4dbafe25f0f07889 Bisecting: 30 revisions left to test after this (roughly 5 steps) [1c4c5e2528af0c803fb1171632074f4070229a75] Merge tag 'mmc-v5.3-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc testing commit 1c4c5e2528af0c803fb1171632074f4070229a75 with gcc (GCC) 8.4.1 20210217 kernel signature: 3756eb711fefe4f579f956fdfc03e128cbb4d07b29cd9ec3eed2eb7ef37b97a2 all runs: OK # git bisect good 1c4c5e2528af0c803fb1171632074f4070229a75 Bisecting: 14 revisions left to test after this (roughly 4 steps) [ae3b06ed55b1554e9a91bf959c6b0b5e212e7f4d] Merge branch 'sctp_do_bind-leak' testing commit ae3b06ed55b1554e9a91bf959c6b0b5e212e7f4d with gcc (GCC) 8.4.1 20210217 kernel signature: 2cf62afa8be0c88f0d63cc50e031e4541ab1c268d5f771a30639a2f8c727c1ab all runs: OK # git bisect good ae3b06ed55b1554e9a91bf959c6b0b5e212e7f4d Bisecting: 8 revisions left to test after this (roughly 3 steps) [a9c20bb0206ae9384bd470a6832dd8913730add9] Merge tag 'kvm-s390-master-5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux into kvm-master testing commit a9c20bb0206ae9384bd470a6832dd8913730add9 with gcc (GCC) 8.4.1 20210217 kernel signature: 539c9a75f727074f6e616277081d857b01f7dda7e0f0139e60856296edcc2293 all runs: OK # git bisect good a9c20bb0206ae9384bd470a6832dd8913730add9 Bisecting: 4 revisions left to test after this (roughly 2 steps) [b03c036e6f96340dd311817c7b964dad183c4141] Merge tag 'riscv/for-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux testing commit b03c036e6f96340dd311817c7b964dad183c4141 with gcc (GCC) 8.4.1 20210217 kernel signature: f8fac50a6b86112ae47006f21b2de957bbc5e1b8816836315ee32735d7f3e386 all runs: OK # git bisect good b03c036e6f96340dd311817c7b964dad183c4141 Bisecting: 2 revisions left to test after this (roughly 1 step) [1f9c632cde0c3d781463a88ce430a8dd4a7c1a0e] Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost testing commit 1f9c632cde0c3d781463a88ce430a8dd4a7c1a0e with gcc (GCC) 8.4.1 20210217 kernel signature: ccca05bd6ce27efacb9fc2d1fc97273ba42cfbdea726e36e08bf187d6920eea0 all runs: OK # git bisect good 1f9c632cde0c3d781463a88ce430a8dd4a7c1a0e Bisecting: 0 revisions left to test after this (roughly 1 step) [72dbcf72156641fde4d8ea401e977341bfd35a05] Revert "ext4: make __ext4_get_inode_loc plug" testing commit 72dbcf72156641fde4d8ea401e977341bfd35a05 with gcc (GCC) 8.4.1 20210217 kernel signature: 54f4ff5a0dd414176b99160a282685ae1020cb4b1121e3f2129a0f7a96606d3e all runs: OK # git bisect good 72dbcf72156641fde4d8ea401e977341bfd35a05 4d856f72c10ecb060868ed10ff1b1453943fc6c8 is the first bad commit commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 Author: Linus Torvalds Date: Sun Sep 15 14:19:32 2019 -0700 Linux 5.3 Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) culprit signature: 93d096ab303fad0939b15e39cac0bffaafc609b83e6783aec63302c79775d462 parent signature: 54f4ff5a0dd414176b99160a282685ae1020cb4b1121e3f2129a0f7a96606d3e revisions tested: 25, total time: 5h28m55.757798583s (build: 2h39m58.496316147s, test: 2h45m21.977850278s) first bad commit: 4d856f72c10ecb060868ed10ff1b1453943fc6c8 Linux 5.3 recipients (to): ["linux-kbuild@vger.kernel.org" "michal.lkml@markovi.net" "torvalds@linux-foundation.org" "yamada.masahiro@socionext.com"] recipients (cc): ["linux-kernel@vger.kernel.org"] crash: UBSAN: undefined-behaviour in ___bpf_prog_run ================================================================================ UBSAN: Undefined behaviour in kernel/bpf/core.c:1343:2 shift exponent 248 is too large for 32-bit type 'unsigned int' CPU: 1 PID: 10064 Comm: syz-executor.2 Not tainted 5.3.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x86/0xca lib/dump_stack.c:113 ubsan_epilogue+0xd/0x3a lib/ubsan.c:158 __ubsan_handle_shift_out_of_bounds.cold.14+0x21/0x68 lib/ubsan.c:404 ___bpf_prog_run.cold.1+0x23/0x4da kernel/bpf/core.c:1343 __bpf_trace_run kernel/trace/bpf_trace.c:1310 [inline] bpf_trace_run2+0xfe/0x3e0 kernel/trace/bpf_trace.c:1348 __bpf_trace_tlb_flush+0xb/0x10 include/trace/events/tlb.h:38 trace_tlb_flush_rcuidle include/trace/events/tlb.h:38 [inline] switch_mm_irqs_off+0xa08/0x1620 arch/x86/mm/tlb.c:427 unuse_temporary_mm arch/x86/include/asm/mmu_context.h:405 [inline] __text_poke+0x5b0/0xb10 arch/x86/kernel/alternative.c:871 text_poke+0x53/0xa0 arch/x86/kernel/alternative.c:912 text_poke_bp_batch+0x1f0/0x320 arch/x86/kernel/alternative.c:1079 arch_jump_label_transform_apply+0x2f/0x50 arch/x86/kernel/jump_label.c:167 __jump_label_update+0x154/0x1e0 kernel/jump_label.c:447 jump_label_update+0x15c/0x330 kernel/jump_label.c:806 static_key_slow_inc_cpuslocked+0x15f/0x200 kernel/jump_label.c:144 static_key_slow_inc+0x15/0x20 kernel/jump_label.c:159 tracepoint_add_func kernel/tracepoint.c:255 [inline] tracepoint_probe_register_prio+0x4f8/0x770 kernel/tracepoint.c:315 tracepoint_probe_register+0xe/0x10 kernel/tracepoint.c:335 __bpf_probe_register kernel/trace/bpf_trace.c:1374 [inline] bpf_probe_register+0x134/0x1c0 kernel/trace/bpf_trace.c:1379 bpf_raw_tracepoint_open+0x22f/0x330 kernel/bpf/syscall.c:1828 __do_sys_bpf kernel/bpf/syscall.c:2893 [inline] __se_sys_bpf+0xc6a/0x34c0 kernel/bpf/syscall.c:2814 __x64_sys_bpf+0x6e/0xb0 kernel/bpf/syscall.c:2814 do_syscall_64+0xa3/0x4b0 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x466459 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f8a5e183188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459 RDX: 0000000000000010 RSI: 0000000020000080 RDI: 0000000000000011 RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60 R13: 00007ffca3af3c2f R14: 00007f8a5e183300 R15: 0000000000022000 ================================================================================