bisecting cause commit starting from 9ff9b0d392ea08090cd1780fb196f36dbb586529 building syzkaller on fea47c014be7a00a32ab016b946c0a77f32c1f40 testing commit 9ff9b0d392ea08090cd1780fb196f36dbb586529 with gcc (GCC) 8.1.0 kernel signature: ab7713d3d5a567b1561f95687dbfa64db3b60e1558f5895c4dc62bce367bfbf8 run #0: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch run #1: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch run #2: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #3: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch run #4: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch run #5: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch run #6: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch run #7: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch run #8: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch run #9: crashed: BUG: unable to handle kernel paging request in __traceiter_sched_switch testing release v5.9 testing commit bbf5c979011a099af5dc76498918ed7df445635b with gcc (GCC) 8.1.0 kernel signature: c04b7eee2df0f17eacd076233dfcd0a83ff46ba77c4a24e59461d0b3d5af75a0 run #0: crashed: BUG: unable to handle kernel paging request in __schedule run #1: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #2: crashed: BUG: unable to handle kernel paging request in __schedule run #3: crashed: BUG: unable to handle kernel paging request in __schedule run #4: crashed: BUG: unable to handle kernel paging request in __schedule run #5: crashed: BUG: unable to handle kernel paging request in __schedule run #6: crashed: BUG: unable to handle kernel paging request in __schedule run #7: crashed: BUG: unable to handle kernel paging request in __schedule run #8: crashed: BUG: unable to handle kernel paging request in __schedule run #9: crashed: BUG: unable to handle kernel paging request in __schedule testing release v5.8 testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.1.0 kernel signature: 427be199cd702d8f6264bc8bf6abcded0c46f073956e9aa8084aa0b4793f110b run #0: crashed: BUG: unable to handle kernel paging request in __schedule run #1: crashed: BUG: unable to handle kernel paging request in __schedule run #2: crashed: BUG: unable to handle kernel paging request in __schedule run #3: crashed: BUG: unable to handle kernel paging request in __schedule run #4: crashed: BUG: unable to handle kernel paging request in __schedule run #5: crashed: BUG: unable to handle kernel paging request in __schedule run #6: crashed: BUG: unable to handle kernel paging request in __schedule run #7: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #8: crashed: BUG: unable to handle kernel paging request in __schedule run #9: crashed: BUG: unable to handle kernel paging request in __schedule testing release v5.7 testing commit 3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162 with gcc (GCC) 8.1.0 kernel signature: c52adf098b1f911161896c3b74111e59413ee593f8dd5498f2465b8860837531 run #0: crashed: BUG: unable to handle kernel paging request in __schedule run #1: crashed: BUG: unable to handle kernel paging request in __schedule run #2: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #3: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #4: crashed: BUG: unable to handle kernel paging request in __schedule run #5: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #6: crashed: general protection fault in bpf_trace_run3 run #7: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #8: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #9: crashed: BUG: unable to handle kernel paging request in __schedule testing release v5.6 testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.1.0 kernel signature: ed2ea842a42d065378bbb21c0e98c97a8bf78cf76f59fd1e3f7b8facaf66c4d8 run #0: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #1: crashed: BUG: unable to handle kernel paging request in __schedule run #2: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #3: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #4: crashed: BUG: unable to handle kernel paging request in __schedule run #5: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #6: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #7: crashed: BUG: unable to handle kernel paging request in __schedule run #8: crashed: BUG: unable to handle kernel paging request in __schedule run #9: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: b523f839c65fb83bc4e67d42790242421f6ddc89905426c5d95caf32f5911c32 run #0: crashed: KASAN: vmalloc-out-of-bounds Read in bpf_trace_run3 run #1: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #2: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #3: crashed: BUG: unable to handle kernel paging request in __schedule run #4: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #5: crashed: BUG: unable to handle kernel paging request in __schedule run #6: crashed: BUG: unable to handle kernel paging request in __schedule run #7: crashed: BUG: unable to handle kernel paging request in __schedule run #8: crashed: BUG: unable to handle kernel paging request in __schedule run #9: crashed: BUG: unable to handle kernel paging request in __schedule testing release v5.4 testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0 kernel signature: dea2ba18a3c1379e323166153020965b93402dd3e3ef6b05000ab4cdf965d760 run #0: crashed: BUG: unable to handle kernel paging request in __schedule run #1: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #2: crashed: BUG: unable to handle kernel paging request in __schedule run #3: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #4: crashed: BUG: unable to handle kernel paging request in __schedule run #5: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #6: crashed: BUG: unable to handle kernel paging request in __schedule run #7: crashed: BUG: unable to handle kernel paging request in __schedule run #8: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #9: crashed: BUG: unable to handle kernel paging request in __schedule testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0 kernel signature: 1fe81e354cc12cead6b04d8fff8a47be6dd5b4c74ed3e5fb9fed89f321a1a3d6 run #0: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #1: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #2: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #3: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #4: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #5: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #6: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #7: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #8: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #9: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 kernel signature: 4967234e9314f8fc6829344f0f37a933f423e1b919235a699a189e11735af680 run #0: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #1: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #2: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #3: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #4: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #5: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #6: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #7: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #8: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #9: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch testing release v5.1 testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0 kernel signature: 405ca13ad7d977f21d3a43df77d5ab803a6dbd4babe1e71bbab2212b1fdf92e2 all runs: OK # git bisect start 0ecfebd2b52404ae0c54a878c872bb93363ada36 e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd Bisecting: 6966 revisions left to test after this (roughly 13 steps) [a2d635decbfa9c1e4ae15cb05b68b2559f7f827c] Merge tag 'drm-next-2019-05-09' of git://anongit.freedesktop.org/drm/drm testing commit a2d635decbfa9c1e4ae15cb05b68b2559f7f827c with gcc (GCC) 8.1.0 kernel signature: e2fa3386fd9e7f1bf46247502fe68a2e0512c88343ae42cd609135f6d70f0b27 run #0: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #1: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #2: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #3: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #4: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #5: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #6: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #7: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #8: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #9: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch # git bisect bad a2d635decbfa9c1e4ae15cb05b68b2559f7f827c Bisecting: 4612 revisions left to test after this (roughly 12 steps) [82efe439599439a5e1e225ce5740e6cfb777a7dd] Merge tag 'devicetree-for-5.2' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux testing commit 82efe439599439a5e1e225ce5740e6cfb777a7dd with gcc (GCC) 8.1.0 kernel signature: ab651ef654190673c4a6131c2b9a84c97b5cf2bd0b579ec307bcb385dccc8c64 all runs: OK # git bisect good 82efe439599439a5e1e225ce5740e6cfb777a7dd Bisecting: 2416 revisions left to test after this (roughly 11 steps) [b3a5e648f5917ea508ecab9a629028b186d38eae] Merge tag 'tty-5.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty testing commit b3a5e648f5917ea508ecab9a629028b186d38eae with gcc (GCC) 8.1.0 kernel signature: 46e525b7bb04ff01c2187ed09edaeb27934404803f9ea654b873ca3ac712f5d6 run #0: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #1: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #2: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #3: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #4: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #5: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #6: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #7: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #8: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #9: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch # git bisect bad b3a5e648f5917ea508ecab9a629028b186d38eae Bisecting: 1097 revisions left to test after this (roughly 10 steps) [0e33d334df1310d0697f2595833f723e5380359c] Merge branch 'libbpf-fixes' testing commit 0e33d334df1310d0697f2595833f723e5380359c with gcc (GCC) 8.1.0 kernel signature: 8ecf1ca168a8d143e49e65231c07dfe85d22de647670e0ef3a1bd69cda88b893 all runs: OK # git bisect good 0e33d334df1310d0697f2595833f723e5380359c Bisecting: 634 revisions left to test after this (roughly 9 steps) [64439f8f0bc4e9da1c6cb31c2ee642e3139f5731] ice: Disable sniffing VF traffic on PF testing commit 64439f8f0bc4e9da1c6cb31c2ee642e3139f5731 with gcc (GCC) 8.1.0 kernel signature: 3947886a655b7f33b98e3d1ba5779000665725d8f57100cce992c42757d5a8cc run #0: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #1: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #2: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #3: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #4: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #5: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #6: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #7: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #8: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #9: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch # git bisect bad 64439f8f0bc4e9da1c6cb31c2ee642e3139f5731 Bisecting: 228 revisions left to test after this (roughly 8 steps) [5f0d736e7f7db586141f974821b6ca6c1d906d5b] Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next testing commit 5f0d736e7f7db586141f974821b6ca6c1d906d5b with gcc (GCC) 8.1.0 kernel signature: 14e0e9c2626970634ba952e20f1aebf1df9448faa115aeabd8162ea44790f3f9 run #0: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #1: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #2: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #3: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #4: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #5: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #6: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #7: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #8: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #9: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch # git bisect bad 5f0d736e7f7db586141f974821b6ca6c1d906d5b Bisecting: 116 revisions left to test after this (roughly 7 steps) [b7048d324b5ebcb99022e2e7296f03918e5f38c4] net: hns3: use a reserved byte to identify need_resp flag testing commit b7048d324b5ebcb99022e2e7296f03918e5f38c4 with gcc (GCC) 8.1.0 kernel signature: 380f359bc6fb6e761d3a546bfe796880bd91cfb9892d441527672b13920d8098 all runs: OK # git bisect good b7048d324b5ebcb99022e2e7296f03918e5f38c4 Bisecting: 58 revisions left to test after this (roughly 6 steps) [56738f460841761abc70347c919d5c45f6f05a42] netlink: add strict parsing for future attributes testing commit 56738f460841761abc70347c919d5c45f6f05a42 with gcc (GCC) 8.1.0 kernel signature: d2ee74bed8991dde7eed3f727fd991bac62702beb1097267b9798cef87d4fe50 all runs: OK # git bisect good 56738f460841761abc70347c919d5c45f6f05a42 Bisecting: 28 revisions left to test after this (roughly 5 steps) [6acda8fbbda585acc44efd0f66f34a21b4dd2d31] Merge branch 'mv88e6060-cleanups' testing commit 6acda8fbbda585acc44efd0f66f34a21b4dd2d31 with gcc (GCC) 8.1.0 kernel signature: 3d9d00e7c335c4948fe8e819fe81b311f1c92bb1cb9e0c59b1cbbc708fbf4667 all runs: OK # git bisect good 6acda8fbbda585acc44efd0f66f34a21b4dd2d31 Bisecting: 14 revisions left to test after this (roughly 4 steps) [ea106722c76f08002b69a6983ed84dc18958ba48] nbd: trace sending nbd requests testing commit ea106722c76f08002b69a6983ed84dc18958ba48 with gcc (GCC) 8.1.0 kernel signature: 65cedd5bf8caa5d86baa5bb7e7b95265090a0aa54c9bb3a9d5b7e7c2336741f3 run #0: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #1: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #2: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #3: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #4: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #5: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #6: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #7: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #8: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #9: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch # git bisect bad ea106722c76f08002b69a6983ed84dc18958ba48 Bisecting: 6 revisions left to test after this (roughly 3 steps) [ca253339af928528ceb34770b076d3230ed7d629] bpftool/docs: add btf sub-command documentation testing commit ca253339af928528ceb34770b076d3230ed7d629 with gcc (GCC) 8.1.0 kernel signature: 761afe5a7cf6ab44bae9c4eb7b98d304c4c7aa3135831a6c3bed5e89b37ce296 all runs: OK # git bisect good ca253339af928528ceb34770b076d3230ed7d629 Bisecting: 3 revisions left to test after this (roughly 2 steps) [0c0cad2c2824ac38106ad0649263eca30954beb6] Merge branch 'btf-dump' testing commit 0c0cad2c2824ac38106ad0649263eca30954beb6 with gcc (GCC) 8.1.0 kernel signature: 761afe5a7cf6ab44bae9c4eb7b98d304c4c7aa3135831a6c3bed5e89b37ce296 all runs: OK # git bisect good 0c0cad2c2824ac38106ad0649263eca30954beb6 Bisecting: 1 revision left to test after this (roughly 1 step) [34b8ab091f9ef57a2bb3c8c8359a0a03a8abf2f9] bpf, arm64: use more scalable stadd over ldxr / stxr loop in xadd testing commit 34b8ab091f9ef57a2bb3c8c8359a0a03a8abf2f9 with gcc (GCC) 8.1.0 kernel signature: 761afe5a7cf6ab44bae9c4eb7b98d304c4c7aa3135831a6c3bed5e89b37ce296 all runs: OK # git bisect good 34b8ab091f9ef57a2bb3c8c8359a0a03a8abf2f9 Bisecting: 0 revisions left to test after this (roughly 0 steps) [9df1c28bb75217b244257152ab7d788bb2a386d0] bpf: add writable context for raw tracepoints testing commit 9df1c28bb75217b244257152ab7d788bb2a386d0 with gcc (GCC) 8.1.0 kernel signature: c4a2b13ca66b67e4fb9f541e0b1b3275b8dd8cf2cdc472485314bdc044a3b45c run #0: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #1: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #2: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #3: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #4: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #5: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #6: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #7: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch run #8: crashed: BUG: unable to handle kernel paging request in bpf_trace_run3 run #9: crashed: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch # git bisect bad 9df1c28bb75217b244257152ab7d788bb2a386d0 9df1c28bb75217b244257152ab7d788bb2a386d0 is the first bad commit commit 9df1c28bb75217b244257152ab7d788bb2a386d0 Author: Matt Mullins Date: Fri Apr 26 11:49:47 2019 -0700 bpf: add writable context for raw tracepoints This is an opt-in interface that allows a tracepoint to provide a safe buffer that can be written from a BPF_PROG_TYPE_RAW_TRACEPOINT program. The size of the buffer must be a compile-time constant, and is checked before allowing a BPF program to attach to a tracepoint that uses this feature. The pointer to this buffer will be the first argument of tracepoints that opt in; the pointer is valid and can be bpf_probe_read() by both BPF_PROG_TYPE_RAW_TRACEPOINT and BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE programs that attach to such a tracepoint, but the buffer to which it points may only be written by the latter. Signed-off-by: Matt Mullins Acked-by: Yonghong Song Signed-off-by: Alexei Starovoitov include/linux/bpf.h | 2 ++ include/linux/bpf_types.h | 1 + include/linux/tracepoint-defs.h | 1 + include/trace/bpf_probe.h | 27 +++++++++++++++++++++++++-- include/uapi/linux/bpf.h | 1 + kernel/bpf/syscall.c | 8 ++++++-- kernel/bpf/verifier.c | 31 +++++++++++++++++++++++++++++++ kernel/trace/bpf_trace.c | 24 ++++++++++++++++++++++++ 8 files changed, 91 insertions(+), 4 deletions(-) culprit signature: c4a2b13ca66b67e4fb9f541e0b1b3275b8dd8cf2cdc472485314bdc044a3b45c parent signature: 761afe5a7cf6ab44bae9c4eb7b98d304c4c7aa3135831a6c3bed5e89b37ce296 revisions tested: 24, total time: 5h27m13.618865131s (build: 2h56m46.458463668s, test: 2h27m39.617789923s) first bad commit: 9df1c28bb75217b244257152ab7d788bb2a386d0 bpf: add writable context for raw tracepoints recipients (to): ["ast@kernel.org" "mmullins@fb.com" "yhs@fb.com"] recipients (cc): [] crash: BUG: unable to handle kernel paging request in __bpf_trace_sched_switch BUG: unable to handle kernel paging request at ffffffffa00882df #PF error: [INSTR] PGD 8874067 P4D 8874067 PUD 8875063 PMD a92b3067 PTE 0 Oops: 0010 [#1] PREEMPT SMP KASAN CPU: 1 PID: 6871 Comm: kworker/1:3 Not tainted 5.1.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: (null) (events) RIP: 0010:0xffffffffa00882df Code: Bad RIP value. RSP: 0018:ffff88808e3b7cd8 EFLAGS: 00010046 RAX: dffffc0000000000 RBX: ffffc90001a50000 RCX: 1ffffffff11245ad RDX: 1ffff9200034a006 RSI: ffffc90001a50038 RDI: ffff88808e3b7d08 RBP: ffff88808e3b7d68 R08: ffffed1015d25bd0 R09: ffffed1015d25bcf R10: ffffed1015d25bcf R11: ffff8880ae92de7b R12: 1ffff11011c76f9d R13: dffffc0000000000 R14: ffff88808e3b7d48 R15: ffff888087998380 FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffa00882b5 CR3: 0000000096041000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __bpf_trace_sched_switch+0xd/0x10 include/trace/events/sched.h:138 trace_sched_switch include/trace/events/sched.h:138 [inline] __schedule+0xdf1/0x1f40 kernel/sched/core.c:3515 schedule+0x7f/0x180 kernel/sched/core.c:3562 worker_thread+0x1de/0xb60 kernel/workqueue.c:2436 kthread+0x324/0x3e0 kernel/kthread.c:253 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352 Modules linked in: CR2: ffffffffa00882df ---[ end trace 02e18ff9feed474a ]--- RIP: 0010:0xffffffffa00882df Code: Bad RIP value. RSP: 0018:ffff88808e3b7cd8 EFLAGS: 00010046 RAX: dffffc0000000000 RBX: ffffc90001a50000 RCX: 1ffffffff11245ad RDX: 1ffff9200034a006 RSI: ffffc90001a50038 RDI: ffff88808e3b7d08 RBP: ffff88808e3b7d68 R08: ffffed1015d25bd0 R09: ffffed1015d25bcf R10: ffffed1015d25bcf R11: ffff8880ae92de7b R12: 1ffff11011c76f9d R13: dffffc0000000000 R14: ffff88808e3b7d48 R15: ffff888087998380 FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffa00882b5 CR3: 0000000096041000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400