bisecting cause commit starting from 3f16503b7d2274ac8cbab11163047ac0b4c66cfe building syzkaller on b771b17ec95715c24715d730363f6f07bc46fd4f testing commit 3f16503b7d2274ac8cbab11163047ac0b4c66cfe with gcc (GCC) 8.1.0 all runs: crashed: WARNING in enter_vmx_operation testing release v4.18 testing commit 94710cac0ef4ee177a63b5227664b38c95bbf703 with gcc (GCC) 8.1.0 all runs: OK # git bisect start 3f16503b7d2274ac8cbab11163047ac0b4c66cfe v4.18 Bisecting: 6207 revisions left to test after this (roughly 13 steps) [54dbe75bbf1e189982516de179147208e90b5e45] Merge tag 'drm-next-2018-08-15' of git://anongit.freedesktop.org/drm/drm testing commit 54dbe75bbf1e189982516de179147208e90b5e45 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 54dbe75bbf1e189982516de179147208e90b5e45 Bisecting: 3154 revisions left to test after this (roughly 12 steps) [2475c515d4031c494ff452508a8bf8c281ec6e56] Merge tag 'staging-4.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging testing commit 2475c515d4031c494ff452508a8bf8c281ec6e56 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 2475c515d4031c494ff452508a8bf8c281ec6e56 Bisecting: 1577 revisions left to test after this (roughly 11 steps) [433bcf67370bc170a345634aa1be4ee8ac905de9] Merge tag 'xtensa-20180820' of git://github.com/jcmvbkbc/linux-xtensa testing commit 433bcf67370bc170a345634aa1be4ee8ac905de9 with gcc (GCC) 8.1.0 all runs: crashed: WARNING in enter_vmx_operation # git bisect bad 433bcf67370bc170a345634aa1be4ee8ac905de9 Bisecting: 776 revisions left to test after this (roughly 10 steps) [7a324b3f0535ceb0f6676fa20ca2a7b6213008cb] Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid testing commit 7a324b3f0535ceb0f6676fa20ca2a7b6213008cb with gcc (GCC) 8.1.0 run #0: crashed: WARNING in enter_vmx_operation run #1: crashed: WARNING in enter_vmx_operation run #2: crashed: WARNING in enter_vmx_operation run #3: crashed: WARNING in enter_vmx_operation run #4: crashed: WARNING in free_loaded_vmcs run #5: crashed: WARNING in enter_vmx_operation run #6: crashed: WARNING in free_loaded_vmcs run #7: crashed: WARNING in enter_vmx_operation run #8: crashed: WARNING in enter_vmx_operation run #9: crashed: WARNING in enter_vmx_operation # git bisect bad 7a324b3f0535ceb0f6676fa20ca2a7b6213008cb Bisecting: 392 revisions left to test after this (roughly 9 steps) [13bf2cf9e2d1e0e56088ec6342c2726704100647] Merge tag 'dmaengine-4.19-rc1' of git://git.infradead.org/users/vkoul/slave-dma testing commit 13bf2cf9e2d1e0e56088ec6342c2726704100647 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 13bf2cf9e2d1e0e56088ec6342c2726704100647 Bisecting: 171 revisions left to test after this (roughly 8 steps) [e61cf2e3a5b452cfefcb145021f5a8ea88735cc1] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm testing commit e61cf2e3a5b452cfefcb145021f5a8ea88735cc1 with gcc (GCC) 8.1.0 run #0: crashed: WARNING in enter_vmx_operation run #1: crashed: WARNING in enter_vmx_operation run #2: crashed: WARNING in enter_vmx_operation run #3: crashed: WARNING in enter_vmx_operation run #4: crashed: WARNING in enter_vmx_operation run #5: crashed: WARNING in free_loaded_vmcs run #6: crashed: WARNING in enter_vmx_operation run #7: crashed: WARNING in enter_vmx_operation run #8: crashed: WARNING in enter_vmx_operation run #9: crashed: WARNING in enter_vmx_operation # git bisect bad e61cf2e3a5b452cfefcb145021f5a8ea88735cc1 Bisecting: 107 revisions left to test after this (roughly 7 steps) [08b5fa819970c318e58ab638f497633c25971813] Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input testing commit 08b5fa819970c318e58ab638f497633c25971813 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 08b5fa819970c318e58ab638f497633c25971813 Bisecting: 53 revisions left to test after this (roughly 6 steps) [c9470a2e28479e97eb44d926ea7bbb5709ad9d6b] kvm: x86: Propagate guest PCIDs to host PCIDs testing commit c9470a2e28479e97eb44d926ea7bbb5709ad9d6b with gcc (GCC) 8.1.0 run #0: crashed: WARNING in enter_vmx_operation run #1: crashed: WARNING in enter_vmx_operation run #2: crashed: WARNING in enter_vmx_operation run #3: crashed: WARNING in enter_vmx_operation run #4: crashed: WARNING in enter_vmx_operation run #5: crashed: WARNING in enter_vmx_operation run #6: crashed: WARNING in enter_vmx_operation run #7: crashed: WARNING in enter_vmx_operation run #8: crashed: WARNING in enter_vmx_operation run #9: boot failed: can't ssh into the instance # git bisect bad c9470a2e28479e97eb44d926ea7bbb5709ad9d6b Bisecting: 26 revisions left to test after this (roughly 5 steps) [8fcc4b5923af5de58b80b53a069453b135693304] kvm: nVMX: Introduce KVM_CAP_NESTED_STATE testing commit 8fcc4b5923af5de58b80b53a069453b135693304 with gcc (GCC) 8.1.0 all runs: crashed: WARNING in free_loaded_vmcs # git bisect bad 8fcc4b5923af5de58b80b53a069453b135693304 Bisecting: 10 revisions left to test after this (roughly 4 steps) [85eae57bbb0612387201635659be543aaac2109e] Merge tag 'kvm-s390-next-4.19-1' of git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux into HEAD testing commit 85eae57bbb0612387201635659be543aaac2109e with gcc (GCC) 8.1.0 all runs: OK # git bisect good 85eae57bbb0612387201635659be543aaac2109e Bisecting: 5 revisions left to test after this (roughly 3 steps) [44883f01fe6ae436a8604c47d8435276fef369b0] KVM: x86: ensure all MSRs can always be KVM_GET/SET_MSR'd testing commit 44883f01fe6ae436a8604c47d8435276fef369b0 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 44883f01fe6ae436a8604c47d8435276fef369b0 Bisecting: 2 revisions left to test after this (roughly 2 steps) [0a505fe6f272c5c1ceebbd266535ad79d9ca6920] kvm: selftests: ensure vcpu file is released testing commit 0a505fe6f272c5c1ceebbd266535ad79d9ca6920 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 0a505fe6f272c5c1ceebbd266535ad79d9ca6920 Bisecting: 0 revisions left to test after this (roughly 1 step) [7f7f1ba33cf2c21d001821313088c231db42ff40] KVM: x86: do not load vmcs12 pages while still in SMM testing commit 7f7f1ba33cf2c21d001821313088c231db42ff40 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 7f7f1ba33cf2c21d001821313088c231db42ff40 8fcc4b5923af5de58b80b53a069453b135693304 is the first bad commit commit 8fcc4b5923af5de58b80b53a069453b135693304 Author: Jim Mattson Date: Tue Jul 10 11:27:20 2018 +0200 kvm: nVMX: Introduce KVM_CAP_NESTED_STATE For nested virtualization L0 KVM is managing a bit of state for L2 guests, this state can not be captured through the currently available IOCTLs. In fact the state captured through all of these IOCTLs is usually a mix of L1 and L2 state. It is also dependent on whether the L2 guest was running at the moment when the process was interrupted to save its state. With this capability, there are two new vcpu ioctls: KVM_GET_NESTED_STATE and KVM_SET_NESTED_STATE. These can be used for saving and restoring a VM that is in VMX operation. Cc: Paolo Bonzini Cc: Radim Krčmář Cc: Thomas Gleixner Cc: Ingo Molnar Cc: H. Peter Anvin Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Jim Mattson [karahmed@ - rename structs and functions and make them ready for AMD and address previous comments. - handle nested.smm state. - rebase & a bit of refactoring. - Merge 7/8 and 8/8 into one patch. ] Signed-off-by: KarimAllah Ahmed Signed-off-by: Paolo Bonzini :040000 040000 bebd2794f126798c6d96ae75a46e31951122400e 08957b9d318f822a2411e400e858725e3913a05a M Documentation :040000 040000 2b79a65cf06e4945a989b9526b8944230152c0c7 05543a51892598ffb73a3ab0cadee1dd023f2178 M arch :040000 040000 2d941a89cbd12a6b2a52456da84962d94e466dbe d817491cb9566552dae55cb943aeeccdb5ea985b M include revisions tested: 15, total time: 3h34m51.990322198s (build: 1h19m56.756492167s, test: 2h8m24.381519615s) first bad commit: 8fcc4b5923af5de58b80b53a069453b135693304 kvm: nVMX: Introduce KVM_CAP_NESTED_STATE cc: ["hpa@zytor.com" "jmattson@google.com" "karahmed@amazon.de" "kvm@vger.kernel.org" "linux-kernel@vger.kernel.org" "mingo@redhat.com" "pbonzini@redhat.com" "rkrcmar@redhat.com" "tglx@linutronix.de" "x86@kernel.org"] crash: WARNING in free_loaded_vmcs IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 8021q: adding VLAN 0 to HW filter on device team0 8021q: adding VLAN 0 to HW filter on device team0 8021q: adding VLAN 0 to HW filter on device team0 WARNING: CPU: 1 PID: 5627 at arch/x86/kvm/vmx.c:4426 loaded_vmcs_clear arch/x86/kvm/vmx.c:1964 [inline] WARNING: CPU: 1 PID: 5627 at arch/x86/kvm/vmx.c:4426 free_loaded_vmcs+0x11b/0x160 arch/x86/kvm/vmx.c:4421 Kernel panic - not syncing: panic_on_warn set ... CPU: 1 PID: 5627 Comm: syz-executor1 Not tainted 4.18.0-rc6+ #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x16a/0x22a lib/dump_stack.c:113 panic+0x1c6/0x37d kernel/panic.c:184 __warn.cold.8+0x120/0x16c kernel/panic.c:536 report_bug+0x1a4/0x200 lib/bug.c:186 fixup_bug arch/x86/kernel/traps.c:178 [inline] do_error_trap+0x1fc/0x4d0 arch/x86/kernel/traps.c:296 do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:316 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:992 RIP: 0010:free_loaded_vmcs+0x11b/0x160 arch/x86/kvm/vmx.c:4426 Code: c7 c6 90 ff 1a 81 e8 54 7c 4e 00 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 75 3e 4c 8b 23 e9 47 ff ff ff <0f> 0b eb c4 e8 8c 01 94 00 e9 2d ff ff ff e8 a2 01 94 00 e9 f2 fe RSP: 0018:ffff8801ca1773a0 EFLAGS: 00010286 RAX: dffffc0000000000 RBX: ffff8801c4b65768 RCX: 0000000000000000 RDX: 1ffff1003896caee RSI: 0000000000000001 RDI: ffff8801c4b65770 RBP: ffff8801ca1773b0 R08: ffffea00070511c8 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801cf8f9000 R13: ffff8801ca177578 R14: ffffed003942ee97 R15: dffffc0000000000 vmx_free_vcpu+0x19d/0x290 arch/x86/kvm/vmx.c:10304 kvm_arch_vcpu_free arch/x86/kvm/x86.c:8373 [inline] kvm_free_vcpus arch/x86/kvm/x86.c:8822 [inline] kvm_arch_destroy_vm+0x322/0x7e0 arch/x86/kvm/x86.c:8919 kvm_destroy_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:746 [inline] kvm_put_kvm+0x5b4/0xe00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:767 kvm_vcpu_release+0x77/0xa0 arch/x86/kvm/../../../virt/kvm/kvm_main.c:2397 __fput+0x2cb/0x840 fs/file_table.c:209 ____fput+0x9/0x10 fs/file_table.c:243 task_work_run+0x19f/0x250 kernel/task_work.c:113 get_signal+0x10e1/0x1490 kernel/signal.c:2298 do_signal+0x9c/0x21c0 arch/x86/kernel/signal.c:816 exit_to_usermode_loop+0x1d1/0x310 arch/x86/entry/common.c:162 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_64+0x587/0x700 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4571d9 Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f7f29b9ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffe4 RBX: 00007f7f29b9b6d4 RCX: 00000000004571d9 RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 RBP: 0000000000930140 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000004cef48 R14: 00000000004c55c9 R15: 0000000000000001 Kernel Offset: disabled Rebooting in 86400 seconds..