bisecting cause commit starting from a99163e9e708d5d773b7de6da952fcddc341f977
building syzkaller on c26fb06b75e80ff45e13dc5cc575c8490c44411d
testing commit a99163e9e708d5d773b7de6da952fcddc341f977 with gcc (GCC) 10.2.1 20210217
kernel signature: 6811cb4d0e13c2cffa7912d12a18c04e168d2cf08ca986316e9ff02cc2778e99
all runs: crashed: general protection fault in kvm_hv_irq_routing_update
testing release v5.11
testing commit f40ddce88593482919761f74910f42f4b84c004b with gcc (GCC) 10.2.1 20210217
kernel signature: 3518b14bb905b2366af3799a26d73470031383429a309848eb886f2b8fca3d4d
all runs: OK
# git bisect start a99163e9e708d5d773b7de6da952fcddc341f977 f40ddce88593482919761f74910f42f4b84c004b
Bisecting: 4263 revisions left to test after this (roughly 12 steps)
[5bbb336ba75d95611a7b9456355b48705016bdb1] Merge tag 'for-5.12/io_uring-2021-02-17' of git://git.kernel.dk/linux-block

testing commit 5bbb336ba75d95611a7b9456355b48705016bdb1 with gcc (GCC) 10.2.1 20210217
kernel signature: c8b9bc71988230d50d5a986d3985788bfc0ba2dc86a7f9bdc18b1ff434fc6268
all runs: OK
# git bisect good 5bbb336ba75d95611a7b9456355b48705016bdb1
Bisecting: 2691 revisions left to test after this (roughly 11 steps)
[10e2ec8edece2566b40f69bae035a555ece71ab4] Merge tag 'sound-5.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound

testing commit 10e2ec8edece2566b40f69bae035a555ece71ab4 with gcc (GCC) 10.2.1 20210217
kernel signature: 8c4b8037c9f7e9e9b4ae6a8aceb8615d2faefdb71a37069600e25deb77b736d2
all runs: crashed: general protection fault in kvm_hv_irq_routing_update
# git bisect bad 10e2ec8edece2566b40f69bae035a555ece71ab4
Bisecting: 780 revisions left to test after this (roughly 10 steps)
[df24212a493afda0d4de42176bea10d45825e9a0] Merge tag 's390-5.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux

testing commit df24212a493afda0d4de42176bea10d45825e9a0 with gcc (GCC) 10.2.1 20210217
kernel signature: 8f1f0a41408e4d0fc1b5b01ef7ac53d71a38adf80a972cf48a7420a2b95c6994
all runs: crashed: general protection fault in kvm_hv_irq_routing_update
# git bisect bad df24212a493afda0d4de42176bea10d45825e9a0
Bisecting: 409 revisions left to test after this (roughly 9 steps)
[b811b41024afa1271afc5af84f663515d9227554] Merge tag 'm68k-for-v5.12-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k

testing commit b811b41024afa1271afc5af84f663515d9227554 with gcc (GCC) 10.2.1 20210217
kernel signature: b02d6c1423cbdce7c8878d58b6962506baa9c031e8e7495957bc3f790e9b200d
all runs: OK
# git bisect good b811b41024afa1271afc5af84f663515d9227554
Bisecting: 208 revisions left to test after this (roughly 8 steps)
[8c6e67bec3192f16fa624203c8131e10cc4814ba] Merge tag 'kvmarm-5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD

testing commit 8c6e67bec3192f16fa624203c8131e10cc4814ba with gcc (GCC) 10.2.1 20210217
kernel signature: c10ad5e1f220361a48c1c2cf28962befd8fc2ce42fae0eb0f4f1ed0797739883
all runs: crashed: general protection fault in kvm_hv_irq_routing_update
# git bisect bad 8c6e67bec3192f16fa624203c8131e10cc4814ba
Bisecting: 100 revisions left to test after this (roughly 7 steps)
[aa096aa0a05ff7f1e7b8da95fae7aa71668212c7] KVM: x86/xen: setup pvclock updates

testing commit aa096aa0a05ff7f1e7b8da95fae7aa71668212c7 with gcc (GCC) 10.2.1 20210217
kernel signature: 518c51e9fdeedf8999663471ecc50dbfa6f2c662c202666b7dc52b628b7016c4
all runs: OK
# git bisect good aa096aa0a05ff7f1e7b8da95fae7aa71668212c7
Bisecting: 50 revisions left to test after this (roughly 6 steps)
[d9a47edabc4f948102753fa9d41f2dc1dbeb28be] KVM: PPC: Book3S HV: Introduce new capability for 2nd DAWR

testing commit d9a47edabc4f948102753fa9d41f2dc1dbeb28be with gcc (GCC) 10.2.1 20210217
kernel signature: 56b5052eae79ab74b296ba1c62a5364d96bde764f15bf8ff1936c68ca6269cd1
all runs: crashed: general protection fault in kvm_hv_irq_routing_update
# git bisect bad d9a47edabc4f948102753fa9d41f2dc1dbeb28be
Bisecting: 24 revisions left to test after this (roughly 5 steps)
[29d6ca41992a771e2441424099695c329d735c28] KVM: x86: reading DR cannot fail

testing commit 29d6ca41992a771e2441424099695c329d735c28 with gcc (GCC) 10.2.1 20210217
kernel signature: ce7d7b751c11adfc7a1852d82d84afd087dbe6fcacdc67e1c4390ba59247a22f
all runs: OK
# git bisect good 29d6ca41992a771e2441424099695c329d735c28
Bisecting: 12 revisions left to test after this (roughly 4 steps)
[72167a9d7da2c295caf1d4a2d58128406786505d] KVM: x86: hyper-v: Stop shadowing global 'current_vcpu' variable

testing commit 72167a9d7da2c295caf1d4a2d58128406786505d with gcc (GCC) 10.2.1 20210217
kernel signature: f677e64d53c67157aa7922514f516a06076d7659724ef3cb0c8ddc4586a22ac4
all runs: OK
# git bisect good 72167a9d7da2c295caf1d4a2d58128406786505d
Bisecting: 6 revisions left to test after this (roughly 3 steps)
[b9ce0f86d91942596bce0267bfa7db3bbd7b434f] KVM: x86: hyper-v: Drop hv_vcpu_to_vcpu() helper

testing commit b9ce0f86d91942596bce0267bfa7db3bbd7b434f with gcc (GCC) 10.2.1 20210217
kernel signature: 138907f9af7accea4cd765f32dfc1d31ccfada61b6add21f12db9011d8971dae
all runs: crashed: general protection fault in kvm_hv_irq_routing_update
# git bisect bad b9ce0f86d91942596bce0267bfa7db3bbd7b434f
Bisecting: 2 revisions left to test after this (roughly 2 steps)
[4592b7eaa87d3525825d4ab2a35308bcec9e5ff9] KVM: x86: hyper-v: Allocate 'struct kvm_vcpu_hv' dynamically

testing commit 4592b7eaa87d3525825d4ab2a35308bcec9e5ff9 with gcc (GCC) 10.2.1 20210217
kernel signature: aceb8555203d0e4380a0a9ed2a6352d8a2a0efbd45c1a5343fc7219ff0d1451e
all runs: OK
# git bisect good 4592b7eaa87d3525825d4ab2a35308bcec9e5ff9
Bisecting: 0 revisions left to test after this (roughly 1 step)
[fc08b628d7c96d9a6d6bca488c3fa9c92bee6cc8] KVM: x86: hyper-v: Allocate Hyper-V context lazily

testing commit fc08b628d7c96d9a6d6bca488c3fa9c92bee6cc8 with gcc (GCC) 10.2.1 20210217
kernel signature: 7a4e4a53ee571d276531ec663a4ffbe8f138cfdb85bb334d2af3fab4a1f249be
all runs: crashed: general protection fault in kvm_hv_irq_routing_update
# git bisect bad fc08b628d7c96d9a6d6bca488c3fa9c92bee6cc8
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[8f014550dfb114cc7f42a517d20d2cf887a0b771] KVM: x86: hyper-v: Make Hyper-V emulation enablement conditional

testing commit 8f014550dfb114cc7f42a517d20d2cf887a0b771 with gcc (GCC) 10.2.1 20210217
kernel signature: b3f865bc27603f58868266b02dcf5200c95bc185bdacf673559192e48c895cdc
run #0: crashed: SYZFAIL: wrong response packet
run #1: OK
run #2: OK
run #3: OK
run #4: OK
run #5: OK
run #6: OK
run #7: OK
run #8: OK
run #9: OK
reproducer seems to be flaky
# git bisect bad 8f014550dfb114cc7f42a517d20d2cf887a0b771
8f014550dfb114cc7f42a517d20d2cf887a0b771 is the first bad commit
commit 8f014550dfb114cc7f42a517d20d2cf887a0b771
Author: Vitaly Kuznetsov <vkuznets@redhat.com>
Date:   Tue Jan 26 14:48:14 2021 +0100

    KVM: x86: hyper-v: Make Hyper-V emulation enablement conditional
    
    Hyper-V emulation is enabled in KVM unconditionally. This is bad at least
    from security standpoint as it is an extra attack surface. Ideally, there
    should be a per-VM capability explicitly enabled by VMM but currently it
    is not the case and we can't mandate one without breaking backwards
    compatibility. We can, however, check guest visible CPUIDs and only enable
    Hyper-V emulation when "Hv#1" interface was exposed in
    HYPERV_CPUID_INTERFACE.
    
    Note, VMMs are free to act in any sequence they like, e.g. they can try
    to set MSRs first and CPUIDs later so we still need to allow the host
    to read/write Hyper-V specific MSRs unconditionally.
    
    Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
    Message-Id: <20210126134816.1880136-14-vkuznets@redhat.com>
    [Add selftest vcpu_set_hv_cpuid API to avoid breaking xen_vmcall_test. - Paolo]
    Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

 arch/x86/include/asm/kvm_host.h                    |  1 +
 arch/x86/kvm/cpuid.c                               |  2 ++
 arch/x86/kvm/hyperv.c                              | 27 ++++++++++++---
 arch/x86/kvm/hyperv.h                              |  3 +-
 arch/x86/kvm/x86.c                                 |  2 +-
 arch/x86/kvm/xen.c                                 |  2 +-
 .../selftests/kvm/include/x86_64/processor.h       |  1 +
 tools/testing/selftests/kvm/lib/x86_64/processor.c | 35 +++++++++++++++++++
 tools/testing/selftests/kvm/x86_64/evmcs_test.c    | 40 ++--------------------
 .../testing/selftests/kvm/x86_64/xen_vmcall_test.c |  2 +-
 10 files changed, 69 insertions(+), 46 deletions(-)

culprit signature: b3f865bc27603f58868266b02dcf5200c95bc185bdacf673559192e48c895cdc
parent  signature: aceb8555203d0e4380a0a9ed2a6352d8a2a0efbd45c1a5343fc7219ff0d1451e
Reproducer flagged being flaky
revisions tested: 15, total time: 3h20m47.734676123s (build: 1h45m34.258340342s, test: 1h33m40.479138506s)
first bad commit: 8f014550dfb114cc7f42a517d20d2cf887a0b771 KVM: x86: hyper-v: Make Hyper-V emulation enablement conditional
recipients (to): ["linux-kselftest@vger.kernel.org" "pbonzini@redhat.com" "shuah@kernel.org" "vkuznets@redhat.com"]
recipients (cc): ["aaronlewis@google.com" "bp@alien8.de" "drjones@redhat.com" "graf@amazon.com" "hpa@zytor.com" "jmattson@google.com" "joro@8bytes.org" "kvm@vger.kernel.org" "linux-kernel@vger.kernel.org" "makarandsonare@google.com" "mingo@redhat.com" "pbonzini@redhat.com" "seanjc@google.com" "tglx@linutronix.de" "vkuznets@redhat.com" "wanpengli@tencent.com" "x86@kernel.org"]
crash: SYZFAIL: wrong response packet
2021/02/23 18:48:45 result: hanged=false err=executor 4: failed to write control pipe: write |1: broken pipe
 (errno 16: Device or resource busy)
SYZFAIL: wrong response packet
loop exited with status 67
2021/02/23 18:48:48 executed programs: 34
2021/02/23 18:48:53 executed programs: 163