syzbot

kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
------------[ cut here ]------------
kvm_is_error_gpa(gpa) == kvm_is_error_hva(uhva)
WARNING: arch/x86/kvm/../../../virt/kvm/pfncache.c:267 at __kvm_gpc_refresh+0x1219/0x13a0 virt/kvm/pfncache.c:267, CPU#0: syz.0.17/6008
Modules linked in:
CPU: 0 UID: 0 PID: 6008 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
RIP: 0010:__kvm_gpc_refresh+0x1219/0x13a0 virt/kvm/pfncache.c:267
Code: c6 05 72 ab ba 0e 01 48 c7 c7 18 36 ee 8d be 34 04 00 00 48 c7 c2 00 3d c2 8b e8 62 e0 60 00 e9 6a f1 ff ff e8 18 bf 84 00 90 <0f> 0b 90 bb ea ff ff ff e9 a4 f8 ff ff e8 05 bf 84 00 90 0f 0b 90
RSP: 0018:ffffc90002f271c0 EFLAGS: 00010293
RAX: ffffffff814100d8 RBX: ffff888000000000 RCX: ffff888035479e80
RDX: 0000000000000000 RSI: ffff888000000000 RDI: ffff888000000000
RBP: ffffc90002f27348 R08: ffffffff9011dab7 R09: 1ffffffff2023b56
R10: dffffc0000000000 R11: fffffbfff2023b57 R12: ffff888078391290
R13: dffffc0000000000 R14: ffff888000000000 R15: ffffffffffffff01
FS:  000055556a986500(0000) GS:ffff888125454000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000000000 CR3: 0000000036cb6000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 kvm_gpc_refresh+0xe1/0x140 virt/kvm/pfncache.c:382
 kvm_xen_set_evtchn+0x163/0x230 arch/x86/kvm/xen.c:1942
 kvm_xen_hvm_evtchn_send+0x120/0x1e0 arch/x86/kvm/xen.c:2033
 kvm_arch_vm_ioctl+0xfb1/0x1a10 arch/x86/kvm/x86.c:7518
 kvm_vm_ioctl+0x905/0xd50 virt/kvm/kvm_main.c:5387
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:597 [inline]
 __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:583
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f92ca59c819
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff43137188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f92ca815fa0 RCX: 00007f92ca59c819
RDX: 0000200000000400 RSI: 00000000400caed0 RDI: 0000000000000005
RBP: 00007f92ca632c91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f92ca815fac R14: 00007f92ca815fa0 R15: 00007f92ca815fa0
 </TASK>