bisecting cause commit starting from 6d028043b55e54f48fbdf62ea8ce11a4ad830cac building syzkaller on a60cb4cd840ce786236a00480e8bb1025e0c5fef testing commit 6d028043b55e54f48fbdf62ea8ce11a4ad830cac with gcc (GCC) 8.1.0 all runs: crashed: WARNING in handle_desc testing release v5.2 testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.1.0 all runs: crashed: WARNING in handle_desc testing release v5.1 testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0 all runs: crashed: WARNING in handle_desc testing release v5.0 testing commit 1c163f4c7b3f621efff9b28a47abb36f7378d783 with gcc (GCC) 8.1.0 run #0: crashed: WARNING in handle_desc run #1: crashed: WARNING in handle_desc run #2: crashed: WARNING in handle_desc run #3: crashed: WARNING in handle_desc run #4: crashed: WARNING in handle_desc run #5: crashed: WARNING in handle_desc run #6: crashed: WARNING in handle_desc run #7: crashed: WARNING in corrupted run #8: crashed: WARNING in handle_desc run #9: crashed: WARNING in handle_desc testing release v4.20 testing commit 8fe28cb58bcb235034b64cbbb7550a8a43fd88be with gcc (GCC) 8.1.0 run #0: crashed: WARNING in handle_desc run #1: crashed: WARNING in handle_desc run #2: crashed: WARNING in handle_desc run #3: crashed: WARNING in handle_desc run #4: crashed: WARNING in handle_desc run #5: crashed: WARNING in handle_desc run #6: crashed: WARNING in handle_desc run #7: crashed: WARNING in corrupted run #8: crashed: WARNING in handle_desc run #9: crashed: WARNING in handle_desc testing release v4.19 testing commit 84df9525b0c27f3ebc2ebb1864fa62a97fdedb7d with gcc (GCC) 8.1.0 run #0: crashed: WARNING in handle_desc run #1: crashed: WARNING in handle_desc run #2: crashed: WARNING in handle_desc run #3: crashed: WARNING in handle_desc run #4: crashed: WARNING in handle_desc run #5: crashed: WARNING in handle_desc run #6: crashed: WARNING in handle_desc run #7: crashed: WARNING in corrupted run #8: crashed: WARNING in corrupted run #9: crashed: WARNING in corrupted testing release v4.18 testing commit 94710cac0ef4ee177a63b5227664b38c95bbf703 with gcc (GCC) 8.1.0 all runs: crashed: WARNING in handle_desc testing release v4.17 testing commit 29dcea88779c856c7dc92040a0c01233263101d4 with gcc (GCC) 8.1.0 run #0: crashed: WARNING in handle_desc run #1: crashed: WARNING in handle_desc run #2: crashed: WARNING in handle_desc run #3: crashed: WARNING in handle_desc run #4: crashed: WARNING in corrupted run #5: crashed: WARNING in handle_desc run #6: crashed: WARNING in handle_desc run #7: crashed: WARNING in handle_desc run #8: crashed: WARNING in handle_desc run #9: crashed: WARNING in corrupted testing release v4.16 testing commit 0adb32858b0bddf4ada5f364a84ed60b196dbcda with gcc (GCC) 8.1.0 all runs: crashed: WARNING in handle_desc testing release v4.15 testing commit d8a5b80568a9cb66810e75b182018e9edb68e8ff with gcc (GCC) 8.1.0 all runs: OK # git bisect start v4.16 v4.15 Bisecting: 7566 revisions left to test after this (roughly 13 steps) [c14376de3a1befa70d9811ca2872d47367b48767] printk: Wake klogd when passing console_lock owner testing commit c14376de3a1befa70d9811ca2872d47367b48767 with gcc (GCC) 8.1.0 all runs: OK # git bisect good c14376de3a1befa70d9811ca2872d47367b48767 Bisecting: 3893 revisions left to test after this (roughly 12 steps) [2246edfaf88dc368e8671b04afd54412625df60a] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma testing commit 2246edfaf88dc368e8671b04afd54412625df60a with gcc (GCC) 8.1.0 all runs: OK # git bisect good 2246edfaf88dc368e8671b04afd54412625df60a Bisecting: 1946 revisions left to test after this (roughly 11 steps) [dfe8db22372873d205c78a9fd5370b1b088a2b87] Merge tag 'drm-misc-fixes-2018-02-21' of git://anongit.freedesktop.org/drm/drm-misc into drm-fixes testing commit dfe8db22372873d205c78a9fd5370b1b088a2b87 with gcc (GCC) 8.1.0 all runs: crashed: WARNING in handle_desc # git bisect bad dfe8db22372873d205c78a9fd5370b1b088a2b87 Bisecting: 956 revisions left to test after this (roughly 10 steps) [c0136321924dd338bb8fc5661c4b0e27441a8d04] Merge tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux testing commit c0136321924dd338bb8fc5661c4b0e27441a8d04 with gcc (GCC) 8.1.0 all runs: OK # git bisect good c0136321924dd338bb8fc5661c4b0e27441a8d04 Bisecting: 551 revisions left to test after this (roughly 9 steps) [9a61df9e5f7471fe5be3e02bd0bed726b2761a54] Merge tag 'kbuild-v4.16-2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild testing commit 9a61df9e5f7471fe5be3e02bd0bed726b2761a54 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 9a61df9e5f7471fe5be3e02bd0bed726b2761a54 Bisecting: 275 revisions left to test after this (roughly 8 steps) [ee622fe757f6de612dad0f01805eea815a5b3025] drm/i915: Fix DSI panels with v1 MIPI sequences without a DEASSERT sequence v3 testing commit ee622fe757f6de612dad0f01805eea815a5b3025 with gcc (GCC) 8.1.0 all runs: crashed: WARNING in handle_desc # git bisect bad ee622fe757f6de612dad0f01805eea815a5b3025 Bisecting: 139 revisions left to test after this (roughly 7 steps) [810f4600ec5ee79c68dcbb136ed26a652df46348] Merge tag 'kvm-s390-next-4.16-3' of git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux testing commit 810f4600ec5ee79c68dcbb136ed26a652df46348 with gcc (GCC) 8.1.0 run #0: crashed: WARNING in handle_desc run #1: crashed: WARNING in handle_desc run #2: crashed: WARNING in handle_desc run #3: crashed: WARNING in handle_desc run #4: crashed: WARNING in handle_desc run #5: crashed: WARNING in handle_desc run #6: crashed: WARNING in handle_desc run #7: crashed: WARNING in corrupted run #8: crashed: WARNING in handle_desc run #9: crashed: WARNING in handle_desc # git bisect bad 810f4600ec5ee79c68dcbb136ed26a652df46348 Bisecting: 57 revisions left to test after this (roughly 6 steps) [65e38583c3bbbba78a081c808e2d58a8454a821e] Merge branch 'sev-v9-p2' of https://github.com/codomania/kvm testing commit 65e38583c3bbbba78a081c808e2d58a8454a821e with gcc (GCC) 8.1.0 all runs: crashed: WARNING in handle_desc # git bisect bad 65e38583c3bbbba78a081c808e2d58a8454a821e Bisecting: 38 revisions left to test after this (roughly 5 steps) [476b7adaa3272557168b287175b1e9e943913404] KVM: x86: avoid unnecessary XSETBV on guest entry testing commit 476b7adaa3272557168b287175b1e9e943913404 with gcc (GCC) 8.1.0 run #0: basic kernel testing failed: failed to copy test binary to VM: failed to run ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/jobs/linux/workdir/image/key" "/tmp/syz-executor984777756" "root@10.128.1.57:./syz-executor984777756"]: exit status 1 Connection timed out during banner exchange lost connection run #1: crashed: WARNING in handle_desc run #2: crashed: WARNING in handle_desc run #3: crashed: WARNING in handle_desc run #4: crashed: WARNING in handle_desc run #5: crashed: WARNING in handle_desc run #6: crashed: WARNING in handle_desc run #7: crashed: WARNING in handle_desc run #8: crashed: WARNING in corrupted run #9: crashed: WARNING in handle_desc # git bisect bad 476b7adaa3272557168b287175b1e9e943913404 Bisecting: 19 revisions left to test after this (roughly 4 steps) [ec7660ccdd2b71d8c7f0243f8590253713e9b75d] KVM: Take vcpu->mutex outside vcpu_load testing commit ec7660ccdd2b71d8c7f0243f8590253713e9b75d with gcc (GCC) 8.1.0 all runs: crashed: WARNING in handle_desc # git bisect bad ec7660ccdd2b71d8c7f0243f8590253713e9b75d Bisecting: 9 revisions left to test after this (roughly 3 steps) [346f48fa311ceee7478b5b810ba050a4a22e0b2e] KVM: x86: drop bogus MWAIT check testing commit 346f48fa311ceee7478b5b810ba050a4a22e0b2e with gcc (GCC) 8.1.0 run #0: crashed: WARNING in handle_desc run #1: crashed: WARNING in handle_desc run #2: crashed: WARNING in handle_desc run #3: crashed: WARNING in handle_desc run #4: crashed: WARNING in handle_desc run #5: crashed: WARNING in handle_desc run #6: crashed: WARNING in handle_desc run #7: crashed: WARNING in handle_desc run #8: crashed: WARNING in corrupted run #9: crashed: WARNING in handle_desc # git bisect bad 346f48fa311ceee7478b5b810ba050a4a22e0b2e Bisecting: 4 revisions left to test after this (roughly 2 steps) [0367f205a3b7c0efe774634eef1f4697c79a4132] KVM: vmx: add support for emulating UMIP testing commit 0367f205a3b7c0efe774634eef1f4697c79a4132 with gcc (GCC) 8.1.0 run #0: crashed: WARNING in handle_desc run #1: crashed: WARNING in handle_desc run #2: crashed: WARNING in handle_desc run #3: crashed: WARNING in handle_desc run #4: crashed: WARNING in handle_desc run #5: crashed: WARNING in handle_desc run #6: crashed: WARNING in handle_desc run #7: crashed: WARNING in corrupted run #8: crashed: WARNING in handle_desc run #9: crashed: WARNING in handle_desc # git bisect bad 0367f205a3b7c0efe774634eef1f4697c79a4132 Bisecting: 1 revision left to test after this (roughly 1 step) [dd307d017b445a3af4379c7ff548cb3da5ecde31] KVM: x86: emulate sldt and str testing commit dd307d017b445a3af4379c7ff548cb3da5ecde31 with gcc (GCC) 8.1.0 all runs: OK # git bisect good dd307d017b445a3af4379c7ff548cb3da5ecde31 Bisecting: 0 revisions left to test after this (roughly 0 steps) [66336cab3531d3325ebde36a04725dddd0c42cb5] KVM: x86: add support for emulating UMIP testing commit 66336cab3531d3325ebde36a04725dddd0c42cb5 with gcc (GCC) 8.1.0 all runs: OK # git bisect good 66336cab3531d3325ebde36a04725dddd0c42cb5 0367f205a3b7c0efe774634eef1f4697c79a4132 is the first bad commit commit 0367f205a3b7c0efe774634eef1f4697c79a4132 Author: Paolo Bonzini Date: Tue Jul 12 10:44:55 2016 +0200 KVM: vmx: add support for emulating UMIP UMIP can be emulated almost perfectly on Intel processor by enabling descriptor-table exits. SMSW does not cause a vmexit and hence it cannot be changed into a #GP fault, but all in all it's the most "innocuous" of the unprivileged instructions that UMIP blocks. In fact, Linux is _also_ emulating SMSW instructions on behalf of the program that executes them, because some 16-bit programs expect to use SMSW to detect vm86 mode, so this is an even smaller issue. Reviewed-by: Wanpeng Li Signed-off-by: Paolo Bonzini :040000 040000 1021125c7f78bdf2748bb86cc95aec3f4f43bccc 3de55890279a8e923e993760e7ad140af12bf8e2 M arch revisions tested: 24, total time: 4h16m10.010526946s (build: 2h0m37.832556417s, test: 2h8m54.185943883s) first bad commit: 0367f205a3b7c0efe774634eef1f4697c79a4132 KVM: vmx: add support for emulating UMIP cc: ["hpa@zytor.com" "kvm@vger.kernel.org" "linux-kernel@vger.kernel.org" "mingo@redhat.com" "pbonzini@redhat.com" "rkrcmar@redhat.com" "tglx@linutronix.de" "wanpeng.li@hotmail.com" "x86@kernel.org"] crash: WARNING in handle_desc IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready WARNING: CPU: 1 PID: 6669 at arch/x86/kvm/vmx.c:6121 handle_desc+0x4e/0x60 arch/x86/kvm/vmx.c:6123 Kernel panic - not syncing: panic_on_warn set ... CPU: 1 PID: 6669 Comm: syz-executor.0 Not tainted 4.15.0-rc3+ #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x145/0x1e1 lib/dump_stack.c:53 panic+0x1a9/0x34e kernel/panic.c:183 __warn.cold.8+0x120/0x156 kernel/panic.c:547 report_bug+0x1a3/0x230 lib/bug.c:184 fixup_bug arch/x86/kernel/traps.c:177 [inline] do_error_trap+0x1bd/0x460 arch/x86/kernel/traps.c:295 do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:314 invalid_op+0x18/0x20 arch/x86/entry/entry_64.S:930 RIP: 0010:handle_desc+0x4e/0x60 arch/x86/kvm/vmx.c:6121 RSP: 0018:ffff8800a54ef568 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffff8800a49a8040 RCX: 0000000000000000 RDX: 1ffff1001493507e RSI: ffffffff885997c0 RDI: ffff8800a49a83f0 RBP: ffff8800a54ef570 R08: 0000000000000000 R09: 0000000000000001 R10: 9a739d309a8f5012 R11: ffff8800882c6040 R12: 000000000000002f R13: ffff8800a54ef648 R14: ffff8800a49a8040 R15: 0000000000000000 vmx_handle_exit+0x222/0x1140 arch/x86/kvm/vmx.c:8910 vcpu_enter_guest+0xedb/0x4ff0 arch/x86/kvm/x86.c:7084 vcpu_run arch/x86/kvm/x86.c:7146 [inline] kvm_arch_vcpu_ioctl_run+0x221/0xe80 arch/x86/kvm/x86.c:7313 kvm_vcpu_ioctl+0x5d6/0xe60 arch/x86/kvm/../../../virt/kvm/kvm_main.c:2582 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x183/0x15c0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x74/0x80 fs/ioctl.c:692 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x4598e9 RSP: 002b:00007f858eb75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000004598e9 RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f858eb766d4 R13: 00000000004c898f R14: 00000000004df8e8 R15: 00000000ffffffff Kernel Offset: disabled Rebooting in 86400 seconds..