bisecting cause commit starting from 5076190daded2197f62fe92cf69674488be44175 building syzkaller on 2c31c529a9a44be5d99e769204b7a4b84b93eec1 testing commit 5076190daded2197f62fe92cf69674488be44175 with gcc (GCC) 8.1.0 kernel signature: 531547b8acb4b828d93bf677e01d66ed4cc8cc0eddfcca988f72e1d1f98858e0 all runs: crashed: WARNING in kvm_arch_vcpu_ioctl_run testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: 8e2252365148913efe413e232cb2a4b30434d67f33017d56d099f8ce4610b260 all runs: OK # git bisect start 5076190daded2197f62fe92cf69674488be44175 d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 Bisecting: 5637 revisions left to test after this (roughly 13 steps) [9f68e3655aae6d49d6ba05dd263f99f33c2567af] Merge tag 'drm-next-2020-01-30' of git://anongit.freedesktop.org/drm/drm testing commit 9f68e3655aae6d49d6ba05dd263f99f33c2567af with gcc (GCC) 8.1.0 kernel signature: 642e8e75b3165c626d6a1eb340e1c457aa4980ad077664249c282971c98dc591 all runs: OK # git bisect good 9f68e3655aae6d49d6ba05dd263f99f33c2567af Bisecting: 2883 revisions left to test after this (roughly 12 steps) [469030d454bd1620c7b2651d9ec8cdcbaa74deb9] Merge tag 'armsoc-soc' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc testing commit 469030d454bd1620c7b2651d9ec8cdcbaa74deb9 with gcc (GCC) 8.1.0 kernel signature: a557c404bea72ea62ce5caa852f9a3da6e8fd083d172088cbb72975b3b617e9d all runs: OK # git bisect good 469030d454bd1620c7b2651d9ec8cdcbaa74deb9 Bisecting: 1438 revisions left to test after this (roughly 11 steps) [db70e26e33eef1b148ca1c9f50de92203ec7e82e] Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input testing commit db70e26e33eef1b148ca1c9f50de92203ec7e82e with gcc (GCC) 8.1.0 kernel signature: f2c100a823dc2b32a9269be36ff178e00811cdd4e75d586ffae3ea42f9acb89c all runs: OK # git bisect good db70e26e33eef1b148ca1c9f50de92203ec7e82e Bisecting: 718 revisions left to test after this (roughly 10 steps) [2edc78b9a4b868d7bfee4f87ea29f2df19b6e955] Merge tag 'block-5.6-2020-02-28' of git://git.kernel.dk/linux-block testing commit 2edc78b9a4b868d7bfee4f87ea29f2df19b6e955 with gcc (GCC) 8.1.0 kernel signature: b67f2742595901b2e0fba8f7e5dc66722964b9f7edebe97911c51fc5d69207c1 all runs: crashed: WARNING in kvm_arch_vcpu_ioctl_run # git bisect bad 2edc78b9a4b868d7bfee4f87ea29f2df19b6e955 Bisecting: 365 revisions left to test after this (roughly 9 steps) [cee853e825a9ab64b54bd53f991e98f832c47317] Merge tag 'usb-5.6-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb testing commit cee853e825a9ab64b54bd53f991e98f832c47317 with gcc (GCC) 8.1.0 kernel signature: fa5c360a4d328cd0c1b9ddc6eed36a81a3df1d5ea9c93ba7b71ea54707c94a54 all runs: crashed: WARNING in kvm_arch_vcpu_ioctl_run # git bisect bad cee853e825a9ab64b54bd53f991e98f832c47317 Bisecting: 192 revisions left to test after this (roughly 8 steps) [b0dd1eb220c06892e0a4098378c4296650f3f8db] Merge branch 'akpm' (patches from Andrew) testing commit b0dd1eb220c06892e0a4098378c4296650f3f8db with gcc (GCC) 8.1.0 kernel signature: debe281ee8086aa0da39fa22f6be66476f7c348a43866d5386101e118ce00ec3 all runs: crashed: WARNING in kvm_arch_vcpu_ioctl_run # git bisect bad b0dd1eb220c06892e0a4098378c4296650f3f8db Bisecting: 82 revisions left to test after this (roughly 6 steps) [44024adb4aabefd275c6f9c00cac323473447dd5] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm testing commit 44024adb4aabefd275c6f9c00cac323473447dd5 with gcc (GCC) 8.1.0 kernel signature: f9e234f7aebc4aa1d87f681d5982795a7bd108febefc49c5cef6737f56f30612 all runs: crashed: WARNING in kvm_arch_vcpu_ioctl_run # git bisect bad 44024adb4aabefd275c6f9c00cac323473447dd5 Bisecting: 38 revisions left to test after this (roughly 5 steps) [320f3f74d9a1a4a193d515de0549eafc82369f47] docs: kvm: Convert nested-vmx.txt to ReST format testing commit 320f3f74d9a1a4a193d515de0549eafc82369f47 with gcc (GCC) 8.1.0 kernel signature: 7979c4e3c4c55b9f4f4a57fb171851f4bbe6ea3c1d44da8937126dadcd5caf90 all runs: crashed: WARNING in kvm_arch_vcpu_ioctl_run # git bisect bad 320f3f74d9a1a4a193d515de0549eafc82369f47 Bisecting: 19 revisions left to test after this (roughly 4 steps) [72f8a49dc8b9e97a7986b0e6eced00a1a2e28996] docs: virt: user_mode_linux.rst: update compiling instructions testing commit 72f8a49dc8b9e97a7986b0e6eced00a1a2e28996 with gcc (GCC) 8.1.0 kernel signature: ede6652b48447eac40e8175b71c650ccda3dd6ab21a7bbdca6e2c6ee5ccedcf9 all runs: crashed: WARNING in kvm_arch_vcpu_ioctl_run # git bisect bad 72f8a49dc8b9e97a7986b0e6eced00a1a2e28996 Bisecting: 9 revisions left to test after this (roughly 3 steps) [20796447a1abee9afd0c136d5c60651bfbaf46b8] KVM: x86: remove duplicated KVM_REQ_EVENT request testing commit 20796447a1abee9afd0c136d5c60651bfbaf46b8 with gcc (GCC) 8.1.0 kernel signature: 708d070b358e68b34cfa56d995c85853386fb1a80d5b2b62658ed94d78968f65 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: boot failed: can't ssh into the instance # git bisect good 20796447a1abee9afd0c136d5c60651bfbaf46b8 Bisecting: 4 revisions left to test after this (roughly 2 steps) [f6ab0107a4942dbf9a5cf0cca3f37e184870a360] KVM: x86/mmu: Fix struct guest_walker arrays for 5-level paging testing commit f6ab0107a4942dbf9a5cf0cca3f37e184870a360 with gcc (GCC) 8.1.0 kernel signature: 4726c819d95dae2e9d8ca7593e6a2bd6aba0711f71c48a40db737ac4954db7d4 all runs: OK # git bisect good f6ab0107a4942dbf9a5cf0cca3f37e184870a360 Bisecting: 2 revisions left to test after this (roughly 1 step) [9446e6fce0ab9dfd44b96f630b4e3a0a0ab879fd] KVM: x86: fix WARN_ON check of an unsigned less than zero testing commit 9446e6fce0ab9dfd44b96f630b4e3a0a0ab879fd with gcc (GCC) 8.1.0 kernel signature: 4e05c08c0d3c6db5240be1adcaca8a3a872dc540cc308d0103bf206d21e4a9d2 all runs: crashed: WARNING in kvm_arch_vcpu_ioctl_run # git bisect bad 9446e6fce0ab9dfd44b96f630b4e3a0a0ab879fd Bisecting: 0 revisions left to test after this (roughly 0 steps) [ff479025349cef3106e165a761281851fd018282] selftests: KVM: Remove unused x86_register enum testing commit ff479025349cef3106e165a761281851fd018282 with gcc (GCC) 8.1.0 kernel signature: 3adec46a8bb9131e72bf06fcd2c896f7b19501aa60576233bd045db8d4d9d1cc all runs: OK # git bisect good ff479025349cef3106e165a761281851fd018282 9446e6fce0ab9dfd44b96f630b4e3a0a0ab879fd is the first bad commit commit 9446e6fce0ab9dfd44b96f630b4e3a0a0ab879fd Author: Paolo Bonzini Date: Wed Feb 12 13:27:10 2020 +0100 KVM: x86: fix WARN_ON check of an unsigned less than zero The check cpu->hv_clock.system_time < 0 is redundant since system_time is a u64 and hence can never be less than zero. But what was actually meant is to check that the result is positive, since kernel_ns and v->kvm->arch.kvmclock_offset are both s64. Reported-by: Colin King Suggested-by: Sean Christopherson Addresses-Coverity: ("Macro compares unsigned to 0") Reviewed-by: Miaohe Lin Signed-off-by: Paolo Bonzini arch/x86/kvm/x86.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) culprit signature: 4e05c08c0d3c6db5240be1adcaca8a3a872dc540cc308d0103bf206d21e4a9d2 parent signature: 3adec46a8bb9131e72bf06fcd2c896f7b19501aa60576233bd045db8d4d9d1cc revisions tested: 15, total time: 3h24m55.281569623s (build: 1h36m33.454614021s, test: 1h47m18.202261794s) first bad commit: 9446e6fce0ab9dfd44b96f630b4e3a0a0ab879fd KVM: x86: fix WARN_ON check of an unsigned less than zero cc: ["bp@alien8.de" "hpa@zytor.com" "jmattson@google.com" "joro@8bytes.org" "kvm@vger.kernel.org" "linmiaohe@huawei.com" "linux-kernel@vger.kernel.org" "mingo@redhat.com" "pbonzini@redhat.com" "sean.j.christopherson@intel.com" "tglx@linutronix.de" "vkuznets@redhat.com" "wanpengli@tencent.com" "x86@kernel.org"] crash: WARNING in kvm_arch_vcpu_ioctl_run ------------[ cut here ]------------ WARNING: CPU: 1 PID: 13444 at arch/x86/kvm/x86.c:2447 kvm_guest_time_update arch/x86/kvm/x86.c:2441 [inline] WARNING: CPU: 1 PID: 13444 at arch/x86/kvm/x86.c:2447 vcpu_enter_guest arch/x86/kvm/x86.c:8171 [inline] WARNING: CPU: 1 PID: 13444 at arch/x86/kvm/x86.c:2447 vcpu_run arch/x86/kvm/x86.c:8509 [inline] WARNING: CPU: 1 PID: 13444 at arch/x86/kvm/x86.c:2447 kvm_arch_vcpu_ioctl_run+0x3b25/0x5e80 arch/x86/kvm/x86.c:8731 Kernel panic - not syncing: panic_on_warn set ... CPU: 1 PID: 13444 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x128/0x182 lib/dump_stack.c:118 panic+0x22a/0x4e3 kernel/panic.c:221 __warn.cold.10+0x25/0x26 kernel/panic.c:582 report_bug+0x1ad/0x270 lib/bug.c:195 fixup_bug arch/x86/kernel/traps.c:174 [inline] do_error_trap+0x123/0x210 arch/x86/kernel/traps.c:267 do_invalid_op+0x31/0x40 arch/x86/kernel/traps.c:286 invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027 RIP: 0010:kvm_guest_time_update arch/x86/kvm/x86.c:2447 [inline] RIP: 0010:vcpu_enter_guest arch/x86/kvm/x86.c:8171 [inline] RIP: 0010:vcpu_run arch/x86/kvm/x86.c:8509 [inline] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x3b25/0x5e80 arch/x86/kvm/x86.c:8731 Code: e2 07 83 c2 03 38 ca 7c 08 84 c9 0f 85 7a 21 00 00 41 89 87 80 24 00 00 8b 85 58 fe ff ff 41 89 87 88 24 00 00 e9 5b e0 ff ff <0f> 0b e9 f9 e0 ff ff 4c 89 fe bf 1c 00 00 00 e8 37 62 fd ff 84 c0 RSP: 0018:ffffc900016afb00 EFLAGS: 00010282 RAX: fffffffffffffa23 RBX: 0000000001377e75 RCX: 1ffffffff1166b17 RDX: 1ffff11013404508 RSI: ffff8880914eea00 RDI: ffff88809a022840 RBP: ffffc900016afcd0 R08: fffffbfff165cd9b R09: fffffbfff165cd9b R10: fffffbfff165cd9a R11: ffffffff8b2e6cd7 R12: dffffc0000000000 R13: ffffc900017f9000 R14: ffff88809a020378 R15: ffff88809a020340 kvm_vcpu_ioctl+0x499/0xa20 arch/x86/kvm/../../../virt/kvm/kvm_main.c:2932 vfs_ioctl fs/ioctl.c:47 [inline] ksys_ioctl+0xb8/0x110 fs/ioctl.c:763 __do_sys_ioctl fs/ioctl.c:772 [inline] __se_sys_ioctl fs/ioctl.c:770 [inline] __x64_sys_ioctl+0x6a/0xb0 fs/ioctl.c:770 do_syscall_64+0xc6/0x5e0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45c849 Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ff5d809dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007ff5d809e6d4 RCX: 000000000045c849 RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000000003be R14: 00000000004c647e R15: 000000000076bf0c Kernel Offset: disabled Rebooting in 86400 seconds..