ci starts bisection 2025-10-23 13:26:29.589879778 +0000 UTC m=+59701.707096590
bisecting cause commit starting from aaa9c3550b60d6259d6ea8b1175ade8d1242444e
building syzkaller on c0460fcde7051a8d07612ec2a17718d3c3019bb0
fetch other tags and check if the commit is present
ensuring issue is reproducible on original commit aaa9c3550b60d6259d6ea8b1175ade8d1242444e

testing commit aaa9c3550b60d6259d6ea8b1175ade8d1242444e gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 8ce57542aaacd5da9ad226b08a655b56caaba294ec023034e980c59e5f1f8f41
all runs: crashed: general protection fault in io_uring_show_fdinfo
representative crash: general protection fault in io_uring_show_fdinfo, types: [DoS]
check whether we can drop unnecessary instrumentation
disabling configs for [memleak ubsan bug_or_warning kasan locking atomic_sleep hang], they are not needed
testing commit aaa9c3550b60d6259d6ea8b1175ade8d1242444e gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 94d2e1957b715277a7895344af3dfa8316a1b60d090828ba9bb0af62c7491717
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo
representative crash: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo, types: [NULL-POINTER-DEREFERENCE]
the bug reproduces without the instrumentation
disabling configs for [bug_or_warning kasan locking atomic_sleep hang memleak ubsan], they are not needed
kconfig minimization: base=4116 full=8533 leaves diff=2156
split chunks (needed=false): <2156>
split chunk #0 of len 2156 into 5 parts
testing without sub-chunk 1/5
disabling configs for [hang memleak ubsan bug_or_warning kasan locking atomic_sleep], they are not needed
testing commit aaa9c3550b60d6259d6ea8b1175ade8d1242444e gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 8be2225eb71ffd536d1a98e51c4e0bc6830f26f838e621a639af218d56aa3663
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo
representative crash: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo, types: [NULL-POINTER-DEREFERENCE]
the chunk can be dropped
testing without sub-chunk 2/5
disabling configs for [bug_or_warning kasan locking atomic_sleep hang memleak ubsan], they are not needed
testing commit aaa9c3550b60d6259d6ea8b1175ade8d1242444e gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 426cc25d38d692caa23949e36d59ad507e2b89f534b3927c3f8605b6dd2e8b60
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo
representative crash: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo, types: [NULL-POINTER-DEREFERENCE]
the chunk can be dropped
testing without sub-chunk 3/5
disabling configs for [locking atomic_sleep hang memleak ubsan bug_or_warning kasan], they are not needed
testing commit aaa9c3550b60d6259d6ea8b1175ade8d1242444e gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 2c36d7b68c15016a8b7314230da87847782f1c4bcf0f0b87f862c94787be3110
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo
representative crash: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo, types: [NULL-POINTER-DEREFERENCE]
the chunk can be dropped
testing without sub-chunk 4/5
disabling configs for [memleak ubsan bug_or_warning kasan locking atomic_sleep hang], they are not needed
testing commit aaa9c3550b60d6259d6ea8b1175ade8d1242444e gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 609ad28e87ca42cb4e88da4d06e072e79d12c0854d7319f078d9fefd712a7ddd
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo
representative crash: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo, types: [NULL-POINTER-DEREFERENCE]
the chunk can be dropped
testing without sub-chunk 5/5
disabling configs for [kasan locking atomic_sleep hang memleak ubsan bug_or_warning], they are not needed
testing commit aaa9c3550b60d6259d6ea8b1175ade8d1242444e gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 553bf2d7c646a3ebccdf5ba1bea9cae19271b8eef37327e739772dd22fe1432b
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo
representative crash: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo, types: [NULL-POINTER-DEREFERENCE]
the chunk can be dropped
disabling configs for [kasan locking atomic_sleep hang memleak ubsan bug_or_warning], they are not needed
picked [v6.17 v6.16 v6.15 v6.13 v6.11 v6.9 v6.7 v6.5 v6.2 v5.19 v5.16 v5.13 v5.10 v5.7 v5.4 v5.1 v4.19] out of 40 release tags
testing release v6.17
testing commit e5f0a698b34ed76002dc5cff3804a61c80233a7a gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 10428b3cc43638d25c9653a2645e1e60fd86f9dd74e349c51cc9ce376c69df9c
all runs: OK
false negative chance: 0.000
# git bisect start aaa9c3550b60d6259d6ea8b1175ade8d1242444e e5f0a698b34ed76002dc5cff3804a61c80233a7a
Bisecting: 8149 revisions left to test after this (roughly 13 steps)
[07fdad3a93756b872da7b53647715c48d0f4a2d0] Merge tag 'net-next-6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next

testing commit 07fdad3a93756b872da7b53647715c48d0f4a2d0 gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 4c17df89dff3a4f2d7e5bab56a7466d0670623fea05dd7143671066402cc7398
all runs: OK
false negative chance: 0.000
# git bisect good 07fdad3a93756b872da7b53647715c48d0f4a2d0
Bisecting: 4071 revisions left to test after this (roughly 12 steps)
[8cc8ea228c4199482cf087fc6ed2d6e31b7a49e2] Merge tag 'parisc-for-6.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux

testing commit 8cc8ea228c4199482cf087fc6ed2d6e31b7a49e2 gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 472ad2cc0e3c5e07b7cb1fdc52c4de6121980af88012116cceefbc982f59ca0d
all runs: OK
false negative chance: 0.000
# git bisect good 8cc8ea228c4199482cf087fc6ed2d6e31b7a49e2
Bisecting: 1952 revisions left to test after this (roughly 11 steps)
[90440ae4edcf25ea2e044703310ebfaf3d1e918d] Merge branch 'main' of https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git

testing commit 90440ae4edcf25ea2e044703310ebfaf3d1e918d gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 0ca5ade2b4e00a805058b55d58f2355a681c9b3939dd4ee5cf3640a8f22f2a33
all runs: OK
false negative chance: 0.000
# git bisect good 90440ae4edcf25ea2e044703310ebfaf3d1e918d
Bisecting: 997 revisions left to test after this (roughly 10 steps)
[2a3b36d4359eb8f177a7bbf5a6eb0244a868b14c] Merge branch 'for-next' of https://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394.git

testing commit 2a3b36d4359eb8f177a7bbf5a6eb0244a868b14c gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 86be2afb2e8f39dbc538469d7e4045798c8296be11c674746f61a21e6b8523b8
all runs: OK
false negative chance: 0.000
# git bisect good 2a3b36d4359eb8f177a7bbf5a6eb0244a868b14c
Bisecting: 505 revisions left to test after this (roughly 9 steps)
[b4e0bbb87f7d8508b403f274d9b7db6eeabcf466] Merge branch 'edac-for-next' of https://git.kernel.org/pub/scm/linux/kernel/git/ras/ras.git

testing commit b4e0bbb87f7d8508b403f274d9b7db6eeabcf466 gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 76b5390a692ef496fd38fb1eb74b13c6a4d645aedccbbac2e582727c2db8d352
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo
representative crash: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo, types: [NULL-POINTER-DEREFERENCE]
# git bisect bad b4e0bbb87f7d8508b403f274d9b7db6eeabcf466
Bisecting: 245 revisions left to test after this (roughly 8 steps)
[d77a7068dda99a5ebfa8b0ce4b6f7ddbce4894a5] Merge branch 'next' of https://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc.git

testing commit d77a7068dda99a5ebfa8b0ce4b6f7ddbce4894a5 gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 35fe33264c0a0895223394a6f99eed93452fdfdadbdc779b563adfcf4b36d2f1
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo
representative crash: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo, types: [NULL-POINTER-DEREFERENCE]
# git bisect bad d77a7068dda99a5ebfa8b0ce4b6f7ddbce4894a5
Bisecting: 122 revisions left to test after this (roughly 7 steps)
[c8e43faeb4a608f45e362c55a1687f3249479a04] ASoC: codecs: wsa881x: use snd_kcontrol_chip() instead of snd_soc_kcontrol_component()

testing commit c8e43faeb4a608f45e362c55a1687f3249479a04 gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 580cd92e7fcd392746c22f0c6bbe2bc539e9d40eb34015b4af558af6e745bcc3
all runs: OK
false negative chance: 0.000
# git bisect good c8e43faeb4a608f45e362c55a1687f3249479a04
Bisecting: 60 revisions left to test after this (roughly 6 steps)
[e0fb9464295bca2aa92835d02147d3265a83689a] ASoC: use snd_kcontrol_chip() instead of

testing commit e0fb9464295bca2aa92835d02147d3265a83689a gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: 5a51c3841826e97a63c319d8e49b1a4ca5a608edfe242a2d7ba63488d6236725
all runs: OK
false negative chance: 0.000
# git bisect good e0fb9464295bca2aa92835d02147d3265a83689a
Bisecting: 32 revisions left to test after this (roughly 5 steps)
[b3d21c45acdd1e3c9d532cb333f74be9fb448b70] Merge branch 'for-6.19/io_uring' into for-next

testing commit b3d21c45acdd1e3c9d532cb333f74be9fb448b70 gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: d3cf25467c15222806ebf4228021cde298a1fefcb5e2a20105a63ff1fbf00384
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo
representative crash: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo, types: [NULL-POINTER-DEREFERENCE]
# git bisect bad b3d21c45acdd1e3c9d532cb333f74be9fb448b70
Bisecting: 16 revisions left to test after this (roughly 4 steps)
[31dc41afdef21f264364288a30013b538c46152e] io_uring: add support for IORING_SETUP_SQE_MIXED

testing commit 31dc41afdef21f264364288a30013b538c46152e gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: a581d787384994a1065ec3dc955830e3c19635b5affac6a819151c10db624957
all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo
representative crash: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo, types: [NULL-POINTER-DEREFERENCE]
# git bisect bad 31dc41afdef21f264364288a30013b538c46152e
Bisecting: 5 revisions left to test after this (roughly 3 steps)
[284306f6e6045e3f7b932914d1368df90033e87e] io_uring: sanity check sizes before attempting allocation

testing commit 284306f6e6045e3f7b932914d1368df90033e87e gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: ca66747fc9da376f1a9e4cd50bd87f2c39bc4a8f1c3d89d3e00c7d2f5d52e676
all runs: OK
false negative chance: 0.000
# git bisect good 284306f6e6045e3f7b932914d1368df90033e87e
Bisecting: 2 revisions left to test after this (roughly 2 steps)
[6e9752977caa47c200f88d7df1ff114955a03bad] io_uring: don't free never created regions

testing commit 6e9752977caa47c200f88d7df1ff114955a03bad gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: c26066917bdf04ffd599d05538d156f0d2ca63d7d44f31ba796d3798cb750a83
all runs: OK
false negative chance: 0.000
# git bisect good 6e9752977caa47c200f88d7df1ff114955a03bad
Bisecting: 0 revisions left to test after this (roughly 1 step)
[5b6d8a032e807c48a843fb81d9e3d74391f731ea] io_uring: only publish fully handled mem region

testing commit 5b6d8a032e807c48a843fb81d9e3d74391f731ea gcc
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
kernel signature: a3f836e9b942a12d228cc86d4e64fb73b48b7e7bb1fbbefd69a0c6604061402b
all runs: OK
false negative chance: 0.000
# git bisect good 5b6d8a032e807c48a843fb81d9e3d74391f731ea
31dc41afdef21f264364288a30013b538c46152e is the first bad commit
commit 31dc41afdef21f264364288a30013b538c46152e
Author: Keith Busch <kbusch@kernel.org>
Date:   Thu Oct 16 11:09:38 2025 -0700

    io_uring: add support for IORING_SETUP_SQE_MIXED
    
    Normal rings support 64b SQEs for posting submissions, while certain
    features require the ring to be configured with IORING_SETUP_SQE128, as
    they need to convey more information per submission. This, in turn,
    makes ALL the SQEs be 128b in size. This is somewhat wasteful and
    inefficient, particularly when only certain SQEs need to be of the
    bigger variant.
    
    This adds support for setting up a ring with mixed SQE sizes, using
    IORING_SETUP_SQE_MIXED. When setup in this mode, SQEs posted to the ring
    may be either 64b or 128b in size. If a SQE is 128b in size, then opcode
    will be set to a variante to indicate that this is the case. Any other
    non-128b opcode will assume the SQ's default size.
    
    SQEs on these types of mixed rings may also utilize NOP with skip
    success set.  This can happen if the ring is one (small) SQE entry away
    from wrapping, and an attempt is made to get a 128b SQE. As SQEs must be
    contiguous in the SQ ring, a 128b SQE cannot wrap the ring. For this
    case, a single NOP SQE should be inserted with the SKIP_SUCCESS flag
    set. The kernel will process this as a normal NOP and without posting a
    CQE.
    
    Signed-off-by: Keith Busch <kbusch@kernel.org>
    Signed-off-by: Jens Axboe <axboe@kernel.dk>

 include/uapi/linux/io_uring.h |  8 ++++++++
 io_uring/fdinfo.c             | 34 +++++++++++++++++++++++++++-------
 io_uring/io_uring.c           | 37 +++++++++++++++++++++++++++++++++----
 io_uring/io_uring.h           | 14 ++------------
 io_uring/opdef.c              | 26 ++++++++++++++++++++++++++
 io_uring/opdef.h              |  2 ++
 io_uring/register.c           |  2 +-
 io_uring/uring_cmd.c          | 17 +++++++++++++++--
 8 files changed, 114 insertions(+), 26 deletions(-)

accumulated error probability: 0.00
culprit signature: a581d787384994a1065ec3dc955830e3c19635b5affac6a819151c10db624957
parent  signature: a3f836e9b942a12d228cc86d4e64fb73b48b7e7bb1fbbefd69a0c6604061402b
revisions tested: 21, total time: 6h52m30.890775116s (build: 4h2m37.202729888s, test: 2h19m13.226227449s)
first bad commit: 31dc41afdef21f264364288a30013b538c46152e io_uring: add support for IORING_SETUP_SQE_MIXED
recipients (to): ["axboe@kernel.dk" "axboe@kernel.dk" "io-uring@vger.kernel.org" "kbusch@kernel.org"]
recipients (cc): ["linux-kernel@vger.kernel.org"]
crash: BUG: unable to handle kernel NULL pointer dereference in io_uring_show_fdinfo
BUG: kernel NULL pointer dereference, address: 0000000000000000
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 8000000101f82067 P4D 8000000101f82067 PUD 0 
Oops: Oops: 0000 [#1] SMP PTI
CPU: 0 UID: 0 PID: 2884 Comm: syz.3.17 Not tainted syzkaller #0 PREEMPT(none) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
RIP: 0010:__io_uring_show_fdinfo io_uring/fdinfo.c:104 [inline]
RIP: 0010:io_uring_show_fdinfo+0x1b2/0x790 io_uring/fdinfo.c:254
Code: 0a 89 44 24 18 41 8b 07 0f ba e0 10 0f 82 93 01 00 00 49 8b 8f d0 00 00 00 89 ea 21 f2 44 8b 2c 91 41 39 f5 0f 87 72 01 00 00 <0f> b6 3c 25 00 00 00 00 44 89 eb 8b 4c 24 18 d3 e3 48 c1 e3 06 49
RSP: 0018:ffffc90001893c08 EFLAGS: 00010293
RAX: 0000000000000008 RBX: 00000000fffffffc RCX: ffff88810df80040
RDX: 0000000000000000 RSI: 00000000000001ff RDI: ffff888105ea30aa
RBP: 0000000000000000 R08: 00000000fffffffc R09: 0000000000000032
R10: 0000000000000037 R11: 0000000000000003 R12: 0000000000000000
R13: 0000000000000000 R14: ffff88810eefe570 R15: ffff8881076a5000
FS:  00007f65a42bf6c0(0000) GS:ffff8882b4a14000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000011165c000 CR4: 00000000003506f0
Call Trace:
 <TASK>
 seq_show+0x18e/0x1d0 fs/proc/fd.c:68
 seq_read_iter+0x195/0x480 fs/seq_file.c:230
 seq_read+0x132/0x160 fs/seq_file.c:162
 vfs_read+0xe2/0x360 fs/read_write.c:570
 ksys_read+0x74/0xf0 fs/read_write.c:715
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x8f/0x250 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f65a444efc9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f65a42bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 00007f65a46a5fa0 RCX: 00007f65a444efc9
RDX: 0000000000002020 RSI: 00002000000040c0 RDI: 0000000000000004
RBP: 00007f65a44d1f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f65a46a6038 R14: 00007f65a46a5fa0 R15: 00007ffe9a1e8848
 </TASK>
Modules linked in:
CR2: 0000000000000000
---[ end trace 0000000000000000 ]---
RIP: 0010:__io_uring_show_fdinfo io_uring/fdinfo.c:104 [inline]
RIP: 0010:io_uring_show_fdinfo+0x1b2/0x790 io_uring/fdinfo.c:254
Code: 0a 89 44 24 18 41 8b 07 0f ba e0 10 0f 82 93 01 00 00 49 8b 8f d0 00 00 00 89 ea 21 f2 44 8b 2c 91 41 39 f5 0f 87 72 01 00 00 <0f> b6 3c 25 00 00 00 00 44 89 eb 8b 4c 24 18 d3 e3 48 c1 e3 06 49
RSP: 0018:ffffc90001893c08 EFLAGS: 00010293
RAX: 0000000000000008 RBX: 00000000fffffffc RCX: ffff88810df80040
RDX: 0000000000000000 RSI: 00000000000001ff RDI: ffff888105ea30aa
RBP: 0000000000000000 R08: 00000000fffffffc R09: 0000000000000032
R10: 0000000000000037 R11: 0000000000000003 R12: 0000000000000000
R13: 0000000000000000 R14: ffff88810eefe570 R15: ffff8881076a5000
FS:  00007f65a42bf6c0(0000) GS:ffff8882b4a14000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000011165c000 CR4: 00000000003506f0
----------------
Code disassembly (best guess):
   0:	0a 89 44 24 18 41    	or     0x41182444(%rcx),%cl
   6:	8b 07                	mov    (%rdi),%eax
   8:	0f ba e0 10          	bt     $0x10,%eax
   c:	0f 82 93 01 00 00    	jb     0x1a5
  12:	49 8b 8f d0 00 00 00 	mov    0xd0(%r15),%rcx
  19:	89 ea                	mov    %ebp,%edx
  1b:	21 f2                	and    %esi,%edx
  1d:	44 8b 2c 91          	mov    (%rcx,%rdx,4),%r13d
  21:	41 39 f5             	cmp    %esi,%r13d
  24:	0f 87 72 01 00 00    	ja     0x19c
* 2a:	0f b6 3c 25 00 00 00 	movzbl 0x0,%edi <-- trapping instruction
  31:	00
  32:	44 89 eb             	mov    %r13d,%ebx
  35:	8b 4c 24 18          	mov    0x18(%rsp),%ecx
  39:	d3 e3                	shl    %cl,%ebx
  3b:	48 c1 e3 06          	shl    $0x6,%rbx
  3f:	49                   	rex.WB