On Mon, Aug 08, 2022, Coleman Dietsch wrote:
> Stop Xen timer (if it's running) prior to changing the IRQ vector and
> potentially (re)starting the timer. Changing the IRQ vector while the
> timer is still running can result in KVM injecting a garbage event, e.g.
> vm_xen_inject_timer_irqs() could see a non-zero xen.timer_pending from
> a previous timer but inject the new xen.timer_virq.
>
> Fixes: 536395260582 ("KVM: x86/xen: handle PV timers oneshot mode")
> Cc: stable@xxxxxxxxxxxxxxx
> Link: https://syzkaller.appspot.com/bug?id=8234a9dfd3aafbf092cc5a7cd9842e3ebc45fc42
> Reported-by: syzbot+e54f930ed78eb0f85281@xxxxxxxxxxxxxxxxxxxxxxxxx
> Signed-off-by: Coleman Dietsch <dietschc@xxxxxxx>
> ---
Reviewed-by: Sean Christopherson <seanjc@xxxxxxxxxx>
