Warning: Permanently added '10.128.0.142' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   48.181171][ T3600] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
executing program
[   48.262804][ T3604] debugfs: out of free dentries, can not create directory '3604-5'
executing program
[   48.331805][ T3607] debugfs: out of free dentries, can not create directory '3607-5'
executing program
executing program
[   48.500354][ T3613] ==================================================================
[   48.500362][    C1] BUG: unable to handle page fault for address: ffffc900039ca330
[   48.500378][    C1] #PF: supervisor read access in kernel mode
[   48.508431][ T3613] BUG: KASAN: vmalloc-out-of-bounds in kvm_arch_hardware_enable+0x281/0x840
[   48.516147][    C1] #PF: error_code(0x0000) - not-present page
[   48.522098][ T3613] Read of size 4 at addr ffffc900039ca330 by task syz-executor401/3613
[   48.530743][    C1] PGD 11800067 
[   48.536692][ T3613] 
[   48.536699][ T3613] CPU: 0 PID: 3613 Comm: syz-executor401 Not tainted 5.19.0-syzkaller-13930-g7ebfc85e2cd7 #0
[   48.544906][    C1] P4D 11800067 
[   48.548345][ T3613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   48.550649][    C1] PUD 119c9067 PMD 1cd39067 
[   48.560781][ T3613] Call Trace:
[   48.560791][ T3613]  <TASK>
[   48.564217][    C1] PTE 0
[   48.574247][ T3613]  dump_stack_lvl+0xcd/0x134
[   48.578807][    C1] Oops: 0000 [#1] PREEMPT SMP KASAN
[   48.582068][ T3613]  ? kvm_arch_hardware_enable+0x281/0x840
[   48.584978][    C1] CPU: 1 PID: 3614 Comm: kvm Not tainted 5.19.0-syzkaller-13930-g7ebfc85e2cd7 #0
[   48.587724][ T3613]  print_report.cold+0x59/0x719
[   48.592299][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   48.597473][ T3613]  ? kvm_arch_hardware_enable+0x281/0x840
[   48.603188][    C1] RIP: 0010:kvm_arch_hardware_enable+0x2ab/0x840
[   48.612269][ T3613]  kasan_report+0xb1/0x1e0
[   48.617090][    C1] Code: 48 89 e8 48 b9 00 00 00 00 00 fc ff df 48 c1 e8 03 0f b6 14 08 48 89 e8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 ed 04 00 00 <41> 8b 95 30 13 00 00 4d 8d b5 40 12 00 00 b9 08 00 00 00 4c 89 fe
[   48.627122][ T3613]  ? kvm_arch_hardware_enable+0x281/0x840
[   48.632812][    C1] RSP: 0018:ffffc900001e0ea0 EFLAGS: 00010082
[   48.639124][ T3613]  kasan_check_range+0x13d/0x180
[   48.643511][    C1] 
[   48.643516][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81120fe0
[   48.663091][ T3613]  kvm_arch_hardware_enable+0x281/0x840
[   48.668781][    C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffc900039ca330
[   48.674820][ T3613]  ? _flat_send_IPI_mask+0x53/0x60
[   48.680078][    C1] RBP: ffffc900039ca330 R08: 0000000000000000 R09: 0000000000000003
[   48.682387][ T3613]  ? kvm_arch_vcpu_destroy+0x330/0x330
[   48.690332][    C1] R10: fffff52000739466 R11: 0000000000000001 R12: 0000000000000000
[   48.695849][ T3613]  ? send_call_function_single_ipi+0x1b5/0x320
[   48.703795][    C1] R13: ffffc900039c9000 R14: 0023001000000000 R15: ffffc900001e0ef8
[   48.708876][ T3613]  ? sched_ttwu_pending+0x550/0x550
[   48.716837][    C1] FS:  0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
[   48.722277][ T3613]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[   48.730239][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   48.736374][ T3613]  hardware_enable_nolock+0xa7/0x140
[   48.744341][    C1] CR2: ffffc900039ca330 CR3: 0000000070c12000 CR4: 00000000003526e0
[   48.749516][ T3613]  smp_call_function_many_cond+0x10e2/0x1430
[   48.758426][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   48.764210][ T3613]  ? vm_stat_fops_open+0x40/0x40
[   48.770765][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   48.776025][ T3613]  ? smp_call_on_cpu+0x270/0x270
[   48.783970][    C1] Call Trace:
[   48.783978][    C1]  <IRQ>
[   48.789925][ T3613]  ? lockdep_init_map_type+0x21a/0x7f0
[   48.798052][    C1]  ? kvm_arch_vcpu_destroy+0x330/0x330
[   48.802962][ T3613]  ? do_raw_spin_lock+0x120/0x2a0
[   48.810909][    C1]  ? sched_clock_cpu+0x69/0x2b0
[   48.815823][ T3613]  ? rwlock_bug.part.0+0x90/0x90
[   48.819082][    C1]  ? cpuacct_all_seq_show+0x520/0x520
[   48.821910][ T3613]  ? vm_stat_fops_open+0x40/0x40
[   48.827341][    C1]  hardware_enable_nolock+0xa7/0x140
[   48.832769][ T3613]  on_each_cpu_cond_mask+0x56/0xa0
[   48.837764][    C1]  __flush_smp_call_function_queue+0x205/0x9a0
[   48.842586][ T3613]  kvm_dev_ioctl+0x131b/0x1ce0
[   48.847495][    C1]  ? vm_stat_fops_open+0x40/0x40
[   48.852844][ T3613]  ? kvm_stat_data_open+0x380/0x380
[   48.857751][    C1]  __sysvec_call_function_single+0x95/0x3d0
[   48.863011][ T3613]  ? bpf_lsm_file_ioctl+0x5/0x10
[   48.868094][    C1]  sysvec_call_function_single+0x8e/0xc0
[   48.874221][ T3613]  ? kvm_stat_data_open+0x380/0x380
[   48.878956][    C1]  </IRQ>
[   48.883864][ T3613]  __do_compat_sys_ioctl+0x1c7/0x290
[   48.889031][    C1]  <TASK>
[   48.889039][    C1]  asm_sysvec_call_function_single+0x16/0x20
[   48.894916][ T3613]  __do_fast_syscall_32+0x65/0xf0
[   48.899822][    C1] RIP: 0010:finish_task_switch.isra.0+0x2bf/0xc70
[   48.905452][ T3613]  do_fast_syscall_32+0x2f/0x70
[   48.910636][    C1] Code: 8b 3a 4c 89 e7 48 c7 02 00 00 00 00 ff d1 4d 85 ff 75 bf 4c 89 e7 e8 60 f8 ff ff e8 1b 45 2f 00 fb 65 48 8b 1c 25 80 6f 02 00 <48> 8d bb 98 15 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1
[   48.913552][ T3613]  entry_SYSENTER_compat_after_hwframe+0x70/0x82
[   48.918807][    C1] RSP: 0018:ffffc90003967d58 EFLAGS: 00000202
[   48.921719][ T3613] RIP: 0023:0xf7e79549
[   48.927666][    C1] 
[   48.927671][    C1] RAX: 000000000000000b RBX: ffff888018199d80 RCX: 1ffffffff1bbcaf1
[   48.932678][ T3613] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   48.939059][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   48.943886][ T3613] RSP: 002b:00000000ffada3cc EFLAGS: 00000246
[   48.963478][    C1] RBP: ffffc90003967da0 R08: 0000000000000001 R09: 0000000000000001
[   48.969779][ T3613]  ORIG_RAX: 0000000000000036
[   48.975814][    C1] R10: ffffed10173673f0 R11: 0000000000000000 R12: ffff8880b9b39f80
[   48.979853][ T3613] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000ae01
[   48.982157][    C1] R13: ffff888011a89d80 R14: 0000000000000000 R15: ffff8880b9b3a9b8
[   48.990103][ T3613] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000040000
[   49.009693][    C1]  ? finish_task_switch.isra.0+0x2b5/0xc70
[   49.017802][ T3613] RBP: 000000000000bd05 R08: 0000000000000000 R09: 0000000000000000
[   49.023838][    C1]  ? __switch_to+0x5cc/0x1050
[   49.031799][ T3613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   49.036450][    C1]  __schedule+0xae7/0x52b0
[   49.044393][ T3613] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   49.052347][    C1]  ? kthread+0x150/0x3a0
[   49.060294][ T3613]  </TASK>
[   49.068234][    C1]  ? io_schedule_timeout+0x140/0x140
[   49.074016][ T3613] 
[   49.074025][ T3613] Memory state around the buggy address:
[   49.081966][    C1]  schedule+0xda/0x1b0
[   49.086618][ T3613]  ffffc900039ca200: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   49.094558][    C1]  ? worker_thread+0x1080/0x1080
[   49.098955][ T3613]  ffffc900039ca280: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   49.106895][    C1]  schedule_preempt_disabled+0xf/0x20
[   49.111111][ T3613] >ffffc900039ca300: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   49.114105][    C1]  kthread+0x221/0x3a0
[   49.119358][ T3613]                                      ^
[   49.121676][    C1]  ? kthread_complete_and_exit+0x40/0x40
[   49.127304][ T3613]  ffffc900039ca380: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   49.131343][    C1]  ret_from_fork+0x1f/0x30
[   49.139400][ T3613]  ffffc900039ca400: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   49.144308][    C1]  </TASK>
[   49.152452][ T3613] ==================================================================
[   49.152462][ T3613] Kernel panic - not syncing: panic_on_warn set ...
[   49.157801][    C1] Modules linked in:
[   49.169886][    C1] CR2: ffffc900039ca330
[   49.182231][    C1] ---[ end trace 0000000000000000 ]---
[   49.190268][    C1] RIP: 0010:kvm_arch_hardware_enable+0x2ab/0x840
[   49.194679][    C1] Code: 48 89 e8 48 b9 00 00 00 00 00 fc ff df 48 c1 e8 03 0f b6 14 08 48 89 e8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 ed 04 00 00 <41> 8b 95 30 13 00 00 4d 8d b5 40 12 00 00 b9 08 00 00 00 4c 89 fe
[   49.203080][    C1] RSP: 0018:ffffc900001e0ea0 EFLAGS: 00010082
[   49.214124][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81120fe0
[   49.220708][    C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffc900039ca330
[   49.224598][    C1] RBP: ffffc900039ca330 R08: 0000000000000000 R09: 0000000000000003
[   49.228740][    C1] R10: fffff52000739466 R11: 0000000000000001 R12: 0000000000000000
[   49.234614][    C1] R13: ffffc900039c9000 R14: 0023001000000000 R15: ffffc900001e0ef8
[   49.240940][    C1] FS:  0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
[   49.260549][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   49.266601][    C1] CR2: ffffc900039ca330 CR3: 0000000070c12000 CR4: 00000000003526e0
[   49.274565][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   49.282522][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   50.241385][ T3613] Shutting down cpus with NMI
[   50.302647][ T3613] Kernel Offset: disabled
[   50.306968][ T3613] Rebooting in 86400 seconds..