L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. PANIC: double fault, error_code: 0x0 CPU: 0 PID: 7767 Comm: syz-executor0 Not tainted 4.19.0+ #77 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ================================================================== BUG: KMSAN: uninit-value in atomic_cmpxchg include/asm-generic/atomic-instrumented.h:83 [inline] BUG: KMSAN: uninit-value in queued_spin_lock include/asm-generic/qspinlock.h:85 [inline] BUG: KMSAN: uninit-value in do_raw_spin_lock include/linux/spinlock.h:180 [inline] BUG: KMSAN: uninit-value in __raw_spin_lock include/linux/spinlock_api_smp.h:143 [inline] BUG: KMSAN: uninit-value in _raw_spin_lock+0xec/0x2f0 kernel/locking/spinlock.c:144 CPU: 0 PID: 7767 Comm: syz-executor0 Not tainted 4.19.0+ #77 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: <#DF> __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x32d/0x480 lib/dump_stack.c:113 kmsan_report+0x1a2/0x2e0 mm/kmsan/kmsan.c:911 kmsan_internal_check_memory+0x34c/0x430 mm/kmsan/kmsan.c:991 kmsan_check_memory+0xb/0x10 mm/kmsan/kmsan.c:998 atomic_cmpxchg include/asm-generic/atomic-instrumented.h:83 [inline] queued_spin_lock include/asm-generic/qspinlock.h:85 [inline] do_raw_spin_lock include/linux/spinlock.h:180 [inline] __raw_spin_lock include/linux/spinlock_api_smp.h:143 [inline] _raw_spin_lock+0xec/0x2f0 kernel/locking/spinlock.c:144 vprintk_emit+0x1c7/0x790 kernel/printk/printk.c:1912 vprintk_default+0x90/0xa0 kernel/printk/printk.c:1971 vprintk_func+0x26b/0x2a0 kernel/printk/printk_safe.c:398 printk+0x1a3/0x1f0 kernel/printk/printk.c:2007 show_ip arch/x86/kernel/dumpstack.c:124 [inline] show_iret_regs+0x13c/0x540 arch/x86/kernel/dumpstack.c:131 __show_regs+0xc9/0x1350 arch/x86/kernel/process_64.c:72 show_regs+0xaf/0x170 arch/x86/kernel/dumpstack.c:425 df_debug+0x86/0xb0 arch/x86/kernel/doublefault.c:80 do_double_fault+0x362/0x480 arch/x86/kernel/traps.c:449 double_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1002 RIP: 0010:kmsan_get_origin_address+0xa/0x370 mm/kmsan/kmsan.c:1186 Code: eb fe 0f 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 <41> 54 53 48 83 ec 10 48 89 75 c8 48 89 fb 49 bc 00 00 00 00 00 78 RSP: 0018:fffffe0000002000 EFLAGS: 00010086 RAX: 00000000000001a8 RBX: 0000000000000000 RCX: 0000000000000001 RDX: 0000000000000001 RSI: 0000000000000088 RDI: fffffe0000002150 RBP: fffffe0000002018 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000088 R13: fffffe00000021c0 R14: fffffe00000021a8 R15: fffffe00000021a8 kmsan_memmove_origins+0xbd/0x1d0 mm/kmsan/kmsan.c:439 __msan_memmove+0x6c/0x80 mm/kmsan/kmsan_instr.c:196 fixup_bad_iret+0x9b/0x130 arch/x86/kernel/traps.c:676 error_entry+0xad/0xc0 arch/x86/entry/entry_64.S:1329 RIP: 0000: (null) Code: Bad RIP value. RSP: a3fb7f:00007f31ac2459c0 EFLAGS: 00000000 ORIG_RAX: 0000000000000000 RAX: 0000000000000000 RBX: ffffffff8ae00e58 RCX: 000000000040393c RDX: cf6887050a1d3200 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000072bf08 R10: 000000000072bf00 R11: 000000000072bf0c R12: 0000000000000000 R13: 000000000072bf08 R14: 000000000072bf00 R15: 000000000072bf0c Local variable description: ----v.addr.i.i.i.i@_raw_spin_lock Variable was created at: _raw_spin_lock+0x4b/0x2f0 kernel/locking/spinlock.c:143 vprintk_emit+0x1c7/0x790 kernel/printk/printk.c:1912 Bytes 0-7 of 8 are uninitialized Memory access of size 8 starts at fffffe000000aa30 ==================================================================