bisecting fixing commit since 6dd0e32665e591e9debe3edaf73c2f8135bf047e building syzkaller on 17a986e54c507287c078a70fa9eea0be9f191f84 testing commit 6dd0e32665e591e9debe3edaf73c2f8135bf047e with gcc (GCC) 8.1.0 kernel signature: af5a199d071ba43783ea72cbf3c8219ce3c29dc5b44ac57c97c9137f968d97cf all runs: crashed: WARNING in bpf_warn_invalid_xdp_action testing current HEAD 033c4ea49a4ba7a2b13aabf3ec755557924a9cda testing commit 033c4ea49a4ba7a2b13aabf3ec755557924a9cda with gcc (GCC) 8.1.0 kernel signature: 8142f9bb3641ebf586e427d55a0a86ae08d183dfd8740548235fbc82cbaf4876 all runs: crashed: WARNING in bpf_warn_invalid_xdp_action revisions tested: 2, total time: 27m25.686164724s (build: 19m35.888057211s, test: 6m46.235582967s) the crash still happens on HEAD commit msg: Linux 4.19.122 crash: WARNING in bpf_warn_invalid_xdp_action batman_adv: batadv0: Interface activated: batadv_slave_1 IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready ------------[ cut here ]------------ Illegal XDP return value 2997864622, expect packet loss! WARNING: CPU: 1 PID: 6559 at net/core/filter.c:5537 bpf_warn_invalid_xdp_action+0x38/0x40 net/core/filter.c:5535 Kernel panic - not syncing: panic_on_warn set ... CPU: 1 PID: 6559 Comm: syz-execprog Not tainted 4.19.122-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x123/0x177 lib/dump_stack.c:118 panic+0x1cd/0x375 kernel/panic.c:186 __warn.cold.8+0x1b/0x3e kernel/panic.c:541 report_bug+0x1a4/0x200 lib/bug.c:186 fixup_bug arch/x86/kernel/traps.c:178 [inline] do_error_trap+0x200/0x350 arch/x86/kernel/traps.c:296 do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:316 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:1037 RIP: 0010:bpf_warn_invalid_xdp_action+0x38/0x40 net/core/filter.c:5535 Code: c7 c0 e0 13 c0 87 55 89 fa 48 c7 c6 a0 13 c0 87 48 89 e5 48 c7 c7 20 14 c0 87 c6 05 66 d5 b1 03 01 48 0f 46 f0 e8 4b 7a ce fb <0f> 0b 5d c3 0f 1f 40 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 RSP: 0018:ffff8880aeb07c40 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffff88808d36bb46 RCX: 0000000000000000 RDX: 0000000000000004 RSI: ffffffff87677900 RDI: ffffffff8a183960 RBP: ffff8880aeb07c40 R08: ffffed1015d65079 R09: ffffed1015d65078 R10: ffffed1015d65078 R11: ffff8880aeb283c7 R12: ffff88808d36ba80 R13: dffffc0000000000 R14: ffff88808cb76146 R15: ffff88808d36ba80 veth_xdp_rcv_skb drivers/net/veth.c:551 [inline] veth_xdp_rcv drivers/net/veth.c:602 [inline] veth_poll+0x1035/0x2ea0 drivers/net/veth.c:622 napi_poll net/core/dev.c:6267 [inline] net_rx_action+0x470/0xe20 net/core/dev.c:6333 __do_softirq+0x260/0x92d kernel/softirq.c:292 invoke_softirq kernel/softirq.c:372 [inline] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 exiting_irq arch/x86/include/asm/apic.h:544 [inline] smp_apic_timer_interrupt+0x13e/0x540 arch/x86/kernel/apic/apic.c:1094 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:893 RIP: 0010:copy_user_generic_unrolled+0x8c/0xc0 arch/x86/lib/copy_user_64.S:68 Code: 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 <48> 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 8a 06 88 07 RSP: 0018:ffff888087acfba0 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff13 RAX: ffffed1010f59f81 RBX: 0000000000000010 RCX: 0000000000000002 RDX: 0000000000000000 RSI: ffff888087acfbf8 RDI: 000000c420041f08 RBP: ffff888087acfbc8 R08: 0000000000000000 R09: ffffed1010f59f7f R10: ffffed1010f59f80 R11: ffff888087acfc07 R12: 000000c420041f08 R13: ffff888087acfbf8 R14: ffff88808789c680 R15: ffff888087acfc98 copy_to_user include/linux/uaccess.h:155 [inline] put_timespec64+0xa9/0x100 kernel/time/time.c:886 poll_select_copy_remaining+0x263/0x340 fs/select.c:322 do_pselect+0x355/0x3a0 fs/select.c:732 __do_sys_pselect6 fs/select.c:772 [inline] __se_sys_pselect6 fs/select.c:757 [inline] __x64_sys_pselect6+0x167/0x250 fs/select.c:757 do_syscall_64+0xd0/0x4e0 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x455b33 Code: 48 89 44 24 08 bf 00 00 00 00 be 00 00 00 00 ba 00 00 00 00 41 ba 00 00 00 00 49 89 e0 41 b9 00 00 00 00 b8 0e 01 00 00 0f 05 <48> 8b 6c 24 10 48 83 c4 18 c3 cc cc cc b8 ba 00 00 00 0f 05 89 44 RSP: 002b:000000c420041f08 EFLAGS: 00000202 ORIG_RAX: 000000000000010e RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000455b33 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 000000c420041f18 R08: 000000c420041f08 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000202 R12: 000000000042d2f0 R13: 00000000000000f1 R14: 0000000000000011 R15: 0000000000000000 Kernel Offset: disabled Rebooting in 86400 seconds..