ci2 starts bisection 2023-10-31 22:09:16.090869196 +0000 UTC m=+39434.107690719 bisecting cause commit starting from 82fe654f56524dce8c0600282db927816d2b3451 building syzkaller on 58499c95b09b17b91d98543e0268d0fa17777ff1 ensuring issue is reproducible on original commit 82fe654f56524dce8c0600282db927816d2b3451 testing commit 82fe654f56524dce8c0600282db927816d2b3451 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: c1a13bc4c5f9680b8216dcae51d1d4295315e7c59a77d3c009498a2e8cd51f8e run #0: crashed: invalid opcode in bpf_dispatcher_xdp run #1: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #2: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #3: crashed: invalid opcode in bpf_dispatcher_xdp run #4: crashed: invalid opcode in bpf_dispatcher_xdp run #5: crashed: invalid opcode in bpf_dispatcher_xdp run #6: crashed: invalid opcode in bpf_dispatcher_xdp run #7: crashed: kernel panic: Fatal exception run #8: crashed: BUG: unable to handle kernel paging request in corrupted run #9: crashed: invalid opcode in bpf_dispatcher_xdp run #10: crashed: invalid opcode in bpf_dispatcher_xdp run #11: crashed: invalid opcode in bpf_dispatcher_xdp run #12: crashed: invalid opcode in bpf_dispatcher_xdp run #13: crashed: invalid opcode in bpf_dispatcher_xdp run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: crashed: invalid opcode in bpf_dispatcher_xdp representative crash: invalid opcode in bpf_dispatcher_xdp, types: [UNKNOWN] check whether we can drop unnecessary instrumentation disabling configs for [BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed testing commit 82fe654f56524dce8c0600282db927816d2b3451 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 0b762f7443134c20ea12cfec190e37cdfcd6762b12e783a1bcbd7d90059f4817 run #0: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #1: crashed: invalid opcode in bpf_dispatcher_xdp run #2: crashed: invalid opcode in bpf_dispatcher_xdp run #3: crashed: invalid opcode in bpf_dispatcher_xdp run #4: crashed: PANIC: double fault in bpf_dispatcher_xdp run #5: crashed: invalid opcode in bpf_dispatcher_xdp run #6: crashed: invalid opcode in bpf_dispatcher_xdp run #7: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #8: crashed: invalid opcode in bpf_dispatcher_xdp run #9: OK representative crash: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp, types: [UNKNOWN] the bug reproduces without the instrumentation disabling configs for [BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed kconfig minimization: base=5179 full=6485 leaves diff=250 split chunks (needed=false): <250> split chunk #0 of len 250 into 5 parts testing without sub-chunk 1/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit 82fe654f56524dce8c0600282db927816d2b3451 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 9d5fb939352dac487c4cafe3eb0fc2974b0f27f5af3e674a8b4007d7b7fce3dd run #0: crashed: invalid opcode in bpf_dispatcher_xdp run #1: crashed: invalid opcode in bpf_dispatcher_xdp run #2: crashed: invalid opcode in bpf_dispatcher_xdp run #3: crashed: invalid opcode in bpf_dispatcher_xdp run #4: crashed: invalid opcode in bpf_dispatcher_xdp run #5: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #6: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #7: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #8: OK run #9: crashed: invalid opcode in bpf_dispatcher_xdp representative crash: invalid opcode in bpf_dispatcher_xdp, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed testing commit 82fe654f56524dce8c0600282db927816d2b3451 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 1528bac671aa9d6300263e5f02dafeb6e4e14d38966baf92a4d91fe96a889fc0 run #0: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #1: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #2: crashed: invalid opcode in bpf_dispatcher_xdp run #3: crashed: invalid opcode in bpf_dispatcher_xdp run #4: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #5: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #6: crashed: invalid opcode in bpf_dispatcher_xdp run #7: crashed: invalid opcode in bpf_dispatcher_xdp run #8: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #9: OK representative crash: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 3/5 disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN LOCKDEP], they are not needed testing commit 82fe654f56524dce8c0600282db927816d2b3451 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 7b6e04ae5b987d4e4ed329289f58b28b26693656ca1d6492630a064c4f539a24 run #0: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #1: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #2: crashed: invalid opcode in bpf_dispatcher_xdp run #3: crashed: invalid opcode in bpf_dispatcher_xdp run #4: crashed: invalid opcode in bpf_dispatcher_xdp run #5: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #6: crashed: invalid opcode in bpf_dispatcher_xdp run #7: crashed: invalid opcode in bpf_dispatcher_xdp run #8: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #9: crashed: invalid opcode in bpf_dispatcher_xdp representative crash: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 4/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit 82fe654f56524dce8c0600282db927816d2b3451 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 43a0db19aa574666e64dbcc84a14c713badd55dc6af894309f8ded6c852456fe run #0: crashed: invalid opcode in bpf_dispatcher_xdp run #1: crashed: invalid opcode in bpf_dispatcher_xdp run #2: crashed: invalid opcode in bpf_dispatcher_xdp run #3: crashed: invalid opcode in bpf_dispatcher_xdp run #4: crashed: invalid opcode in bpf_dispatcher_xdp run #5: crashed: invalid opcode in bpf_dispatcher_xdp run #6: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp_func run #7: crashed: invalid opcode in bpf_dispatcher_xdp run #8: OK run #9: OK representative crash: invalid opcode in bpf_dispatcher_xdp, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 5/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit 82fe654f56524dce8c0600282db927816d2b3451 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 failed building 82fe654f56524dce8c0600282db927816d2b3451: net/socket.c:1225: undefined reference to `wext_handle_ioctl' net/socket.c:3420: undefined reference to `compat_wext_handle_ioctl' net/core/net-procfs.c:329: undefined reference to `wext_proc_init' net/core/net-procfs.c:345: undefined reference to `wext_proc_exit' minimized to 50 configs; suspects: [HID_ZEROPLUS USB_NET_CDC_MBIM USB_NET_CDC_SUBSET USB_NET_CDC_SUBSET_ENABLE USB_NET_DM9601 USB_NET_GL620A USB_NET_MCS7830 USB_NET_NET1080 USB_NET_PLUSB USB_NET_RNDIS_HOST USB_NET_SMSC75XX USB_NET_SMSC95XX USB_NET_SR9700 USB_NET_SR9800 USB_NET_ZAURUS USB_OHCI_HCD USB_OHCI_HCD_PCI USB_OHCI_HCD_PLATFORM USB_OTG USB_OTG_FSM USB_PRINTER USB_SERIAL_GENERIC USB_SERIAL_PL2303 USB_STORAGE_ALAUDA USB_STORAGE_CYPRESS_ATACB USB_STORAGE_DATAFAB USB_STORAGE_FREECOM USB_STORAGE_ISD200 USB_STORAGE_JUMPSHOT USB_STORAGE_KARMA USB_STORAGE_ONETOUCH USB_STORAGE_SDDR09 USB_STORAGE_SDDR55 USB_STORAGE_USBAT USB_TRANCEVIBRATOR USB_U_AUDIO USB_U_ETHER USB_U_SERIAL USB_WDM WLAN WLAN_VENDOR_ATH WLAN_VENDOR_ATMEL WLAN_VENDOR_BROADCOM WLAN_VENDOR_INTERSIL WLAN_VENDOR_MARVELL WLAN_VENDOR_MEDIATEK WLAN_VENDOR_MICROCHIP WLAN_VENDOR_PURELIFI WLAN_VENDOR_RALINK WLAN_VENDOR_REALTEK WLAN_VENDOR_RSI WLAN_VENDOR_SILABS WLAN_VENDOR_ZYDAS X86_X32_ABI ZEROPLUS_FF] disabling configs for [BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed picked [v6.1.43 v6.1.42 v6.1.22 v6.1 v6.0 v5.19 v5.17 v5.15 v5.13 v5.11 v5.9 v5.6 v5.3 v5.0 v4.19] out of 67 release tags testing release v6.1.43 testing commit 52a953d0934b17a88f403b4135eb3cdf83d19f91 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 80e08ddd429a901643cd493f2489d5fd984d9e223c76f06f9cf4a0683ea40237 run #0: crashed: PANIC: double fault in bpf_prog_ADDR run #1: crashed: invalid opcode in bpf_dispatcher_xdp run #2: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #3: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #4: crashed: invalid opcode in bpf_dispatcher_xdp run #5: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #6: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #7: crashed: BUG: unable to handle kernel paging request in sk_reuseport_convert_ctx_access run #8: crashed: invalid opcode in bpf_dispatcher_xdp run #9: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp representative crash: PANIC: double fault in bpf_prog_ADDR, types: [UNKNOWN] testing release v6.1.42 testing commit d2a6dc4eaf6d50ba32a9b39b4c6ec713a92072ab gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 30dbc6af5810c46a3096aa3931ec460209bde23483dc89d3ced310e71b27398c run #0: crashed: invalid opcode in bpf_dispatcher_xdp run #1: crashed: kernel panic: Fatal exception run #2: crashed: invalid opcode in bpf_dispatcher_xdp run #3: crashed: invalid opcode in bpf_dispatcher_xdp run #4: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #5: crashed: invalid opcode in bpf_dispatcher_xdp run #6: crashed: invalid opcode in bpf_dispatcher_xdp run #7: crashed: invalid opcode in bpf_dispatcher_xdp run #8: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #9: OK representative crash: invalid opcode in bpf_dispatcher_xdp, types: [UNKNOWN] testing release v6.1.22 testing commit 3b29299e5f604550faf3eff811d6cd60b4c6cae6 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: cca89d91210e41eb6fcfe2ac3f4da6d7bcdaeb4251f9ee80701ee96960ccbde2 run #0: crashed: invalid opcode in bpf_dispatcher_xdp run #1: crashed: invalid opcode in bpf_dispatcher_xdp run #2: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #3: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #4: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #5: crashed: invalid opcode in bpf_dispatcher_xdp run #6: crashed: invalid opcode in bpf_dispatcher_xdp run #7: crashed: invalid opcode in bpf_dispatcher_xdp run #8: crashed: invalid opcode in bpf_dispatcher_xdp run #9: crashed: invalid opcode in bpf_dispatcher_xdp representative crash: invalid opcode in bpf_dispatcher_xdp, types: [UNKNOWN] testing release v6.1 testing commit 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 22da296ec4d0acd24e60f2f804229e5b5813f9a2846154b57f626de269a282ba run #0: crashed: invalid opcode in bpf_dispatcher_xdp run #1: crashed: invalid opcode in bpf_dispatcher_xdp run #2: crashed: invalid opcode in bpf_dispatcher_xdp run #3: crashed: BUG: unable to handle kernel paging request in bpf_test_run run #4: crashed: invalid opcode in bpf_dispatcher_xdp run #5: crashed: invalid opcode in bpf_dispatcher_xdp run #6: crashed: general protection fault in bpf_dispatcher_xdp run #7: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #8: crashed: invalid opcode in bpf_dispatcher_xdp run #9: crashed: BUG: unable to handle kernel paging request in sk_reuseport_convert_ctx_access representative crash: invalid opcode in bpf_dispatcher_xdp, types: [UNKNOWN] testing release v6.0 testing commit 4fe89d07dcc2804c8b562f6c7896a45643d34b2f gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 22b33532c0c877fc25ddc9d3859a107de0a5e2f37a2d276611d76ad39b551220 all runs: OK false negative chance: 0.000 # git bisect start 830b3c68c1fb1e9176028d02ef86f3cf76aa2476 4fe89d07dcc2804c8b562f6c7896a45643d34b2f Bisecting: 7514 revisions left to test after this (roughly 13 steps) [33e591dee915832c618cf68bb1058c8e7d296128] Merge tag 'phy-for-6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/phy/linux-phy testing commit 33e591dee915832c618cf68bb1058c8e7d296128 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: e1cc1063621789da7cb3063f0ab1809ed111c047740f091de015d7e27a19d2a4 all runs: OK false negative chance: 0.000 # git bisect good 33e591dee915832c618cf68bb1058c8e7d296128 Bisecting: 3770 revisions left to test after this (roughly 12 steps) [de492c83cae0af72de370b9404aacda93dafcad5] prandom: remove unused functions testing commit de492c83cae0af72de370b9404aacda93dafcad5 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 0f374673b9ab97ffa1d09b8074194bc141179e498c7a7f235b54b0e6c61f06a6 all runs: OK false negative chance: 0.000 # git bisect good de492c83cae0af72de370b9404aacda93dafcad5 Bisecting: 1895 revisions left to test after this (roughly 11 steps) [c4d25ce6e9de47f6d9fb6cc1a34b47ce5f0a46ab] Merge tag 'usb-6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb testing commit c4d25ce6e9de47f6d9fb6cc1a34b47ce5f0a46ab gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: dacf3cc261bf89cf2de8f2f862a1bfaeea48ac1b042effadefc576d0a3cba825 run #0: crashed: general protection fault in bpf_dispatcher_xdp run #1: crashed: BUG: unable to handle kernel paging request in bpf_test_run run #2: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #3: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #4: crashed: BUG: unable to handle kernel paging request in bpf_test_run run #5: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #6: crashed: invalid opcode in bpf_dispatcher_xdp run #7: crashed: BUG: unable to handle kernel paging request in bpf_test_run run #8: crashed: invalid opcode in bpf_dispatcher_xdp run #9: crashed: invalid opcode in bpf_dispatcher_xdp representative crash: general protection fault in bpf_dispatcher_xdp, types: [UNKNOWN] # git bisect bad c4d25ce6e9de47f6d9fb6cc1a34b47ce5f0a46ab Bisecting: 926 revisions left to test after this (roughly 10 steps) [8636df94ec917019c4cb744ba0a1f94cf9057790] Merge tag 'perf-tools-for-v6.1-2-2022-10-16' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux testing commit 8636df94ec917019c4cb744ba0a1f94cf9057790 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: ed822ce67014af99056d909d4fb63cfb0fa628ec4a14af409782795c8f70e237 all runs: OK false negative chance: 0.000 # git bisect good 8636df94ec917019c4cb744ba0a1f94cf9057790 Bisecting: 468 revisions left to test after this (roughly 9 steps) [ca4582c286aa4465f9d1a72bef34b04ee907d42e] Revert "mfd: syscon: Remove repetition of the regmap_get_val_endian()" testing commit ca4582c286aa4465f9d1a72bef34b04ee907d42e gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 294f8ab4e8d7b3b21f6a67cdc1099dbdd6349967dd29b8a86b1ef382c5145c0f all runs: OK false negative chance: 0.000 # git bisect good ca4582c286aa4465f9d1a72bef34b04ee907d42e Bisecting: 214 revisions left to test after this (roughly 8 steps) [e3493d682516e2b7ef69587ddf91b0371a1511d0] Merge tag 'drm-fixes-2022-10-28' of git://anongit.freedesktop.org/drm/drm testing commit e3493d682516e2b7ef69587ddf91b0371a1511d0 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b30416da25c4cf17cb3e9330b89cf5fdd9e695374028041f59ea607c05f742b7 run #0: crashed: invalid opcode in bpf_dispatcher_xdp run #1: crashed: invalid opcode in bpf_dispatcher_xdp run #2: crashed: invalid opcode in bpf_dispatcher_xdp run #3: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #4: crashed: invalid opcode in bpf_dispatcher_xdp run #5: crashed: invalid opcode in bpf_dispatcher_xdp run #6: crashed: invalid opcode in bpf_dispatcher_xdp run #7: crashed: invalid opcode in bpf_dispatcher_xdp run #8: crashed: invalid opcode in bpf_dispatcher_xdp run #9: crashed: invalid opcode in bpf_dispatcher_xdp representative crash: invalid opcode in bpf_dispatcher_xdp, types: [UNKNOWN] # git bisect bad e3493d682516e2b7ef69587ddf91b0371a1511d0 Bisecting: 126 revisions left to test after this (roughly 7 steps) [888be6b279b7257b5f6e4c9527675bff0a335596] net/mlx5e: Do not increment ESN when updating IPsec ESN state testing commit 888be6b279b7257b5f6e4c9527675bff0a335596 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: f98ad17fa8bf71e8be056ad3c217d4b37314be9e1a7f07bd617d18d4f2305316 run #0: crashed: invalid opcode in bpf_dispatcher_xdp run #1: crashed: invalid opcode in bpf_dispatcher_xdp run #2: crashed: invalid opcode in bpf_dispatcher_xdp run #3: crashed: invalid opcode in bpf_dispatcher_xdp run #4: crashed: invalid opcode in bpf_dispatcher_xdp run #5: crashed: invalid opcode in bpf_dispatcher_xdp run #6: crashed: invalid opcode in bpf_dispatcher_xdp run #7: crashed: invalid opcode in bpf_dispatcher_xdp run #8: crashed: general protection fault in bpf_dispatcher_xdp run #9: crashed: invalid opcode in bpf_dispatcher_xdp representative crash: invalid opcode in bpf_dispatcher_xdp, types: [UNKNOWN] # git bisect bad 888be6b279b7257b5f6e4c9527675bff0a335596 Bisecting: 47 revisions left to test after this (roughly 6 steps) [337a0a0b63f1c30195733eaacf39e4310a592a68] Merge tag 'net-6.1-rc3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit 337a0a0b63f1c30195733eaacf39e4310a592a68 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 59cca2728f08afe188bb8710fdbb43c2393b3b3fa3c2ea36184cc832765eb6e2 all runs: crashed: invalid opcode in bpf_dispatcher_xdp representative crash: invalid opcode in bpf_dispatcher_xdp, types: [UNKNOWN] # git bisect bad 337a0a0b63f1c30195733eaacf39e4310a592a68 Bisecting: 36 revisions left to test after this (roughly 5 steps) [e28c44450b14474009a7ac84eb2bd631357c9635] Merge tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf testing commit e28c44450b14474009a7ac84eb2bd631357c9635 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 024a2a97711a6cd692a55a278c1120f617a8d951dd1e36c628929de636a12a22 run #0: crashed: invalid opcode in bpf_dispatcher_xdp run #1: crashed: invalid opcode in bpf_dispatcher_xdp run #2: crashed: general protection fault in bpf_dispatcher_xdp run #3: crashed: invalid opcode in bpf_dispatcher_xdp run #4: crashed: invalid opcode in bpf_dispatcher_xdp run #5: crashed: invalid opcode in bpf_dispatcher_xdp run #6: crashed: invalid opcode in bpf_dispatcher_xdp run #7: crashed: invalid opcode in bpf_dispatcher_xdp run #8: crashed: invalid opcode in bpf_dispatcher_xdp run #9: crashed: invalid opcode in bpf_dispatcher_xdp representative crash: invalid opcode in bpf_dispatcher_xdp, types: [UNKNOWN] # git bisect bad e28c44450b14474009a7ac84eb2bd631357c9635 Bisecting: 20 revisions left to test after this (roughly 4 steps) [0a09f01f11e7c5493ec87a1f9c8824c3fc010751] Merge branch 'amd-xgbe-miscellaneous-fixes' testing commit 0a09f01f11e7c5493ec87a1f9c8824c3fc010751 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 56ba5245a357b08c7e3a7267b3408f4efbfe6eb5ce932f6e612f71b6d9f1380d all runs: OK false negative chance: 0.000 # git bisect good 0a09f01f11e7c5493ec87a1f9c8824c3fc010751 Bisecting: 10 revisions left to test after this (roughly 3 steps) [9c1eaa27ec599fcc25ed4970c0b73c247d147a2b] net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY testing commit 9c1eaa27ec599fcc25ed4970c0b73c247d147a2b gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: d6d94ba295d7bab37d52ac5441c50ac9004ed5b214cedc50706bbdc8f663d523 all runs: OK false negative chance: 0.000 # git bisect good 9c1eaa27ec599fcc25ed4970c0b73c247d147a2b Bisecting: 5 revisions left to test after this (roughly 3 steps) [ea68376c8bed5cd156900852aada20c3a0874d17] bpf: prevent decl_tag from being referenced in func_proto testing commit ea68376c8bed5cd156900852aada20c3a0874d17 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 5bc7c3f7497b8ac911455343557d9f0eef81ebf6226f31eb46321b5aef0cfdf5 all runs: OK false negative chance: 0.000 # git bisect good ea68376c8bed5cd156900852aada20c3a0874d17 Bisecting: 2 revisions left to test after this (roughly 2 steps) [fa4447cb73b2bfe7175f1b7ffdc70580fcfcb991] bpf: Use __llist_del_all() whenever possbile during memory draining testing commit fa4447cb73b2bfe7175f1b7ffdc70580fcfcb991 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: c341380618cc2d97cb6e4ab499d835a3c9dbd6da2edf162df08d26dc269780cd run #0: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #1: crashed: invalid opcode in bpf_dispatcher_xdp run #2: crashed: invalid opcode in bpf_dispatcher_xdp run #3: crashed: invalid opcode in bpf_dispatcher_xdp run #4: crashed: invalid opcode in bpf_dispatcher_xdp run #5: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #6: crashed: invalid opcode in bpf_dispatcher_xdp run #7: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #8: crashed: invalid opcode in bpf_dispatcher_xdp run #9: crashed: invalid opcode in bpf_dispatcher_xdp representative crash: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp, types: [UNKNOWN] # git bisect bad fa4447cb73b2bfe7175f1b7ffdc70580fcfcb991 Bisecting: 0 revisions left to test after this (roughly 1 step) [3d05818707bb2cf133ccdcd29f2d5585b5bc1298] bpf: Wait for busy refill_work when destroying bpf memory allocator testing commit 3d05818707bb2cf133ccdcd29f2d5585b5bc1298 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 55353056c7bb257055e8d1a521c8326381a6e6bfc0ba5b81078d2cc87ed30199 run #0: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #1: crashed: invalid opcode in bpf_dispatcher_xdp run #2: crashed: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp run #3: crashed: invalid opcode in bpf_dispatcher_xdp run #4: crashed: invalid opcode in bpf_dispatcher_xdp run #5: crashed: invalid opcode in bpf_dispatcher_xdp run #6: crashed: invalid opcode in bpf_dispatcher_xdp run #7: crashed: BUG: unable to handle kernel paging request in bpf_test_run run #8: crashed: invalid opcode in bpf_dispatcher_xdp run #9: crashed: invalid opcode in bpf_dispatcher_xdp representative crash: BUG: unable to handle kernel paging request in bpf_dispatcher_xdp, types: [UNKNOWN] # git bisect bad 3d05818707bb2cf133ccdcd29f2d5585b5bc1298 Bisecting: 0 revisions left to test after this (roughly 0 steps) [dbe69b29988465b011f198f2797b1c2b6980b50e] bpf: Fix dispatcher patchable function entry to 5 bytes nop testing commit dbe69b29988465b011f198f2797b1c2b6980b50e gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: e5bae0ce2c0ec18f1fa7a848e73a6b26da18d5bde14846ad3dd15ed958767cb5 run #0: crashed: invalid opcode in bpf_dispatcher_xdp run #1: crashed: BUG: unable to handle kernel paging request in bpf_test_run run #2: crashed: invalid opcode in bpf_dispatcher_xdp run #3: crashed: invalid opcode in bpf_dispatcher_xdp run #4: crashed: invalid opcode in bpf_dispatcher_xdp run #5: crashed: invalid opcode in bpf_dispatcher_xdp run #6: crashed: invalid opcode in bpf_dispatcher_xdp run #7: crashed: invalid opcode in bpf_dispatcher_xdp run #8: crashed: invalid opcode in bpf_dispatcher_xdp run #9: OK representative crash: invalid opcode in bpf_dispatcher_xdp, types: [UNKNOWN] # git bisect bad dbe69b29988465b011f198f2797b1c2b6980b50e dbe69b29988465b011f198f2797b1c2b6980b50e is the first bad commit commit dbe69b29988465b011f198f2797b1c2b6980b50e Author: Jiri Olsa Date: Tue Oct 18 09:59:34 2022 +0200 bpf: Fix dispatcher patchable function entry to 5 bytes nop The patchable_function_entry(5) might output 5 single nop instructions (depends on toolchain), which will clash with bpf_arch_text_poke check for 5 bytes nop instruction. Adding early init call for dispatcher that checks and change the patchable entry into expected 5 nop instruction if needed. There's no need to take text_mutex, because we are using it in early init call which is called at pre-smp time. Fixes: ceea991a019c ("bpf: Move bpf_dispatcher function out of ftrace locations") Signed-off-by: Jiri Olsa Acked-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20221018075934.574415-1-jolsa@kernel.org Signed-off-by: Alexei Starovoitov arch/x86/net/bpf_jit_comp.c | 13 +++++++++++++ include/linux/bpf.h | 14 +++++++++++++- kernel/bpf/dispatcher.c | 6 ++++++ 3 files changed, 32 insertions(+), 1 deletion(-) accumulated error probability: 0.00 culprit signature: e5bae0ce2c0ec18f1fa7a848e73a6b26da18d5bde14846ad3dd15ed958767cb5 parent signature: 5bc7c3f7497b8ac911455343557d9f0eef81ebf6226f31eb46321b5aef0cfdf5 revisions tested: 26, total time: 5h7m13.07658177s (build: 1h31m19.598582542s, test: 3h23m52.414355151s) first bad commit: dbe69b29988465b011f198f2797b1c2b6980b50e bpf: Fix dispatcher patchable function entry to 5 bytes nop recipients (to): ["ast@kernel.org" "jolsa@kernel.org" "peterz@infradead.org"] recipients (cc): [] crash: invalid opcode in bpf_dispatcher_xdp invalid opcode: 0000 [#1] PREEMPT SMP CPU: 0 PID: 757 Comm: syz-executor.5 Not tainted 6.0.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 RIP: 0010:bpf_dispatcher_xdp+0x81d/0x1000 Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 48 81 fa a4 06 00 a0 7f 37 48 81 fa 54 06 00 a0 7f 1e 48 81 fa 54 06 00 a0 0f 84 75 c5 ff ff e2 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 81 fa RSP: 0018:ffffc90001643c98 EFLAGS: 00010246 RAX: ffffc90001643d08 RBX: 0000000000000001 RCX: 00000000fffffffc RDX: ffffffffa00006a4 RSI: ffffc90001635048 RDI: ffffc90001643da8 RBP: ffffc90001643d50 R08: ffffc90001643de0 R09: 0000000000745d1e R10: ffff8881159e0c00 R11: 0000000000004800 R12: 0000000000000000 R13: 0000000007000000 R14: ffffc90001635000 R15: ffffc90001635048 FS: 00007fe33a7b76c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f6586fffd58 CR3: 0000000116013000 CR4: 00000000003506b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: bpf_prog_test_run_xdp+0x28e/0x4b0 net/bpf/test_run.c:1391 bpf_prog_test_run+0xdf/0x100 kernel/bpf/syscall.c:3630 __sys_bpf+0x2a7/0x490 kernel/bpf/syscall.c:4983 __do_sys_bpf kernel/bpf/syscall.c:5069 [inline] __se_sys_bpf kernel/bpf/syscall.c:5067 [inline] __x64_sys_bpf+0x17/0x20 kernel/bpf/syscall.c:5067 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fe339a7cae9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fe33a7b70c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 RAX: ffffffffffffffda RBX: 00007fe339b9bf80 RCX: 00007fe339a7cae9 RDX: 0000000000000048 RSI: 0000000020001480 RDI: 000000000000000a RBP: 00007fe339ac847a R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 000000000000000b R14: 00007fe339b9bf80 R15: 00007ffdcfc89cb8 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:bpf_dispatcher_xdp+0x81d/0x1000 Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 48 81 fa a4 06 00 a0 7f 37 48 81 fa 54 06 00 a0 7f 1e 48 81 fa 54 06 00 a0 0f 84 75 c5 ff ff e2 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 81 fa RSP: 0018:ffffc90001643c98 EFLAGS: 00010246 RAX: ffffc90001643d08 RBX: 0000000000000001 RCX: 00000000fffffffc RDX: ffffffffa00006a4 RSI: ffffc90001635048 RDI: ffffc90001643da8 RBP: ffffc90001643d50 R08: ffffc90001643de0 R09: 0000000000745d1e R10: ffff8881159e0c00 R11: 0000000000004800 R12: 0000000000000000 R13: 0000000007000000 R14: ffffc90001635000 R15: ffffc90001635048 FS: 00007fe33a7b76c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffe36345b98 CR3: 0000000116013000 CR4: 00000000003506b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): c: 00 48 81 add %cl,-0x7f(%rax) f: fa cli 10: a4 movsb %ds:(%rsi),%es:(%rdi) 11: 06 (bad) 12: 00 a0 7f 37 48 81 add %ah,-0x7eb7c881(%rax) 18: fa cli 19: 54 push %rsp 1a: 06 (bad) 1b: 00 a0 7f 1e 48 81 add %ah,-0x7eb7e181(%rax) 21: fa cli 22: 54 push %rsp 23: 06 (bad) 24: 00 a0 0f 84 75 c5 add %ah,-0x3a8a7bf1(%rax) * 2a: ff (bad) <-- trapping instruction 2b: ff (bad) 2c: ff e2 jmp *%rdx 2e: 0f 1f 84 00 00 00 00 nopl 0x0(%rax,%rax,1) 35: 00 36: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 3d: 48 rex.W 3e: 81 .byte 0x81 3f: fa cli