./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor192167193 <...> Warning: Permanently added '10.128.0.226' (ED25519) to the list of known hosts. execve("./syz-executor192167193", ["./syz-executor192167193"], 0x7ffd3066fb70 /* 10 vars */) = 0 brk(NULL) = 0x5555565b3000 brk(0x5555565b3d00) = 0x5555565b3d00 arch_prctl(ARCH_SET_FS, 0x5555565b3380) = 0 set_tid_address(0x5555565b3650) = 5015 set_robust_list(0x5555565b3660, 24) = 0 rseq(0x5555565b3ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor192167193", 4096) = 27 getrandom("\xd2\xd2\x92\x6a\x9b\x1a\x87\x65", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555565b3d00 brk(0x5555565d4d00) = 0x5555565d4d00 brk(0x5555565d5000) = 0x5555565d5000 mprotect(0x7fef89c56000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555565b3650) = 5016 ./strace-static-x86_64: Process 5016 attached [pid 5016] set_robust_list(0x5555565b3660, 24) = 0 [pid 5016] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5016] setpgid(0, 0) = 0 [pid 5016] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5016] write(3, "1000", 4) = 4 [pid 5016] close(3) = 0 [pid 5016] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3 [pid 5016] socketpair(AF_UNIX, SOCK_STREAM, 0, [4, 5]) = 0 [pid 5016] ioctl(5, SIOCGIFINDEX, {ifr_name="lo", ifr_ifindex=1}) = 0 [pid 5016] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x78\x00\x00\x00\x24\x00\x0b\x0f\x00\x00\x00\x00\x00\x00\x00\x00\x60\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00\x00\x00\x00\x0a\x00\x01\x00\x6e\x65\x74\x65\x6d\x00\x04\x00\x48\x00\x02\x00\x00\x00\x00\x00\x86\x00\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=120}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_MORE}, 0) = 120 [pid 5016] socket(AF_INET6, SOCK_STREAM, IPPROTO_SCTP) = 6 [pid 5016] setsockopt(6, SOL_SCTP, SCTP_PEER_ADDR_PARAMS, "\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 156) = 0 [pid 5016] bind(6, {sa_family=AF_INET6, sin6_port=htons(20003), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_scope_id=0}, 28) = 0 [ 164.229456][ T5016] netlink: 44 bytes leftover after parsing attributes in process `syz-executor192'. [ 164.294067][ T5016] ===================================================== [ 164.301703][ T5016] BUG: KMSAN: uninit-value in sctp_inq_pop+0x15b3/0x1920 [ 164.308884][ T5016] sctp_inq_pop+0x15b3/0x1920 [ 164.313906][ T5016] sctp_assoc_bh_rcv+0x1a7/0xc50 [ 164.319339][ T5016] sctp_inq_push+0x2ec/0x380 [ 164.324132][ T5016] sctp_backlog_rcv+0x397/0xdb0 [ 164.329410][ T5016] __release_sock+0x207/0x570 [ 164.334328][ T5016] release_sock+0x6b/0x200 [ 164.339143][ T5016] sctp_wait_for_connect+0x486/0x810 [ 164.344646][ T5016] sctp_sendmsg_to_asoc+0x1ea7/0x1ee0 [ 164.350417][ T5016] sctp_sendmsg+0x32b4/0x4a70 [ 164.355319][ T5016] inet_sendmsg+0x105/0x190 [ 164.360236][ T5016] __sys_sendto+0x735/0xa10 [ 164.364930][ T5016] __x64_sys_sendto+0x125/0x1c0 [ 164.370155][ T5016] do_syscall_64+0xcf/0x1e0 [ 164.374859][ T5016] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 164.381168][ T5016] [ 164.383601][ T5016] Uninit was stored to memory at: [ 164.388880][ T5016] sctp_inq_pop+0x153a/0x1920 [ 164.394008][ T5016] sctp_assoc_bh_rcv+0x1a7/0xc50 [ 164.399347][ T5016] sctp_inq_push+0x2ec/0x380 [ 164.404143][ T5016] sctp_backlog_rcv+0x397/0xdb0 [ 164.409376][ T5016] __release_sock+0x207/0x570 [ 164.414283][ T5016] release_sock+0x6b/0x200 [ 164.418936][ T5016] sctp_wait_for_connect+0x486/0x810 [ 164.424715][ T5016] sctp_sendmsg_to_asoc+0x1ea7/0x1ee0 [ 164.430395][ T5016] sctp_sendmsg+0x32b4/0x4a70 [ 164.435298][ T5016] inet_sendmsg+0x105/0x190 [ 164.440199][ T5016] __sys_sendto+0x735/0xa10 [ 164.444898][ T5016] __x64_sys_sendto+0x125/0x1c0 [ 164.450117][ T5016] do_syscall_64+0xcf/0x1e0 [ 164.454788][ T5016] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 164.461150][ T5016] [ 164.463573][ T5016] Uninit was created at: [ 164.468027][ T5016] __kmalloc_node_track_caller+0x705/0x1000 [ 164.474252][ T5016] kmalloc_reserve+0x249/0x4a0 [ 164.479313][ T5016] __alloc_skb+0x352/0x790 [ 164.483896][ T5016] sctp_packet_transmit+0x1782/0x4310 [ 164.489574][ T5016] sctp_outq_flush+0x1b2f/0x6540 [ 164.494867][ T5016] sctp_outq_uncork+0x9c/0xb0 [ 164.499874][ T5016] sctp_do_sm+0x8c1a/0x9390 [ 164.504602][ T5016] sctp_assoc_bh_rcv+0x8fe/0xc50 [ 164.509927][ T5016] sctp_inq_push+0x2ec/0x380 [ 164.514725][ T5016] sctp_backlog_rcv+0x397/0xdb0 [ 164.520148][ T5016] __release_sock+0x207/0x570 [ 164.525072][ T5016] release_sock+0x6b/0x200 [ 164.529989][ T5016] sctp_wait_for_connect+0x486/0x810 [ 164.535525][ T5016] sctp_sendmsg_to_asoc+0x1ea7/0x1ee0 [ 164.541379][ T5016] sctp_sendmsg+0x32b4/0x4a70 [ 164.546285][ T5016] inet_sendmsg+0x105/0x190 [ 164.551246][ T5016] __sys_sendto+0x735/0xa10 [ 164.555949][ T5016] __x64_sys_sendto+0x125/0x1c0 [ 164.561234][ T5016] do_syscall_64+0xcf/0x1e0 [ 164.565940][ T5016] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 164.572310][ T5016] [ 164.574742][ T5016] CPU: 0 PID: 5016 Comm: syz-executor192 Not tainted 6.8.0-rc5-syzkaller-00381-g70ff1fe626a1 #0 [ 164.585570][ T5016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 164.595983][ T5016] ===================================================== [ 164.603295][ T5016] Disabling lock debugging due to kernel taint [ 164.609664][ T5016] Kernel panic - not syncing: kmsan.panic set ... [ 164.616188][ T5016] CPU: 0 PID: 5016 Comm: syz-executor192 Tainted: G B 6.8.0-rc5-syzkaller-00381-g70ff1fe626a1 #0 [ 164.628201][ T5016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 164.638350][ T5016] Call Trace: [ 164.641726][ T5016] [ 164.644782][ T5016] dump_stack_lvl+0x1bf/0x240 [ 164.649659][ T5016] dump_stack+0x1e/0x20 [ 164.653980][ T5016] panic+0x4de/0xc90 [ 164.658131][ T5016] kmsan_report+0x2d0/0x2d0 [ 164.662835][ T5016] ? kmsan_internal_chain_origin+0xb0/0xd0 [ 164.668909][ T5016] ? __msan_warning+0x96/0x120 [ 164.673828][ T5016] ? sctp_inq_pop+0x15b3/0x1920 [ 164.678901][ T5016] ? sctp_assoc_bh_rcv+0x1a7/0xc50 [ 164.684293][ T5016] ? sctp_inq_push+0x2ec/0x380 [ 164.689272][ T5016] ? sctp_backlog_rcv+0x397/0xdb0 [ 164.694510][ T5016] ? __release_sock+0x207/0x570 [ 164.699699][ T5016] ? release_sock+0x6b/0x200 [ 164.704521][ T5016] ? sctp_wait_for_connect+0x486/0x810 [ 164.710232][ T5016] ? sctp_sendmsg_to_asoc+0x1ea7/0x1ee0 [ 164.715925][ T5016] ? sctp_sendmsg+0x32b4/0x4a70 [ 164.721021][ T5016] ? inet_sendmsg+0x105/0x190 [ 164.725896][ T5016] ? __sys_sendto+0x735/0xa10 [ 164.730770][ T5016] ? __x64_sys_sendto+0x125/0x1c0 [ 164.736002][ T5016] ? do_syscall_64+0xcf/0x1e0 [ 164.740884][ T5016] ? entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 164.747241][ T5016] ? entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 164.753562][ T5016] ? kmsan_get_metadata+0x146/0x1c0 [ 164.758898][ T5016] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 164.765421][ T5016] ? kmsan_get_metadata+0x146/0x1c0 [ 164.770739][ T5016] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 164.776695][ T5016] ? kmsan_get_metadata+0x146/0x1c0 [ 164.782090][ T5016] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 164.788074][ T5016] __msan_warning+0x96/0x120 [ 164.792849][ T5016] sctp_inq_pop+0x15b3/0x1920 [ 164.797740][ T5016] sctp_assoc_bh_rcv+0x1a7/0xc50 [ 164.802942][ T5016] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 164.808952][ T5016] ? sctp_assoc_lookup_asconf_ack+0x250/0x250 [ 164.815237][ T5016] ? sctp_assoc_lookup_asconf_ack+0x250/0x250 [ 164.821492][ T5016] sctp_inq_push+0x2ec/0x380 [ 164.826293][ T5016] sctp_backlog_rcv+0x397/0xdb0 [ 164.831337][ T5016] ? kmsan_get_metadata+0x146/0x1c0 [ 164.836710][ T5016] ? kmsan_get_metadata+0x146/0x1c0 [ 164.842020][ T5016] ? sctp_add_backlog+0x7c0/0x7c0 [ 164.847200][ T5016] ? sctp_add_backlog+0x7c0/0x7c0 [ 164.852424][ T5016] __release_sock+0x207/0x570 [ 164.857350][ T5016] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 164.863339][ T5016] release_sock+0x6b/0x200 [ 164.867921][ T5016] sctp_wait_for_connect+0x486/0x810 [ 164.873373][ T5016] ? wake_bit_function+0x3f0/0x3f0 [ 164.878793][ T5016] sctp_sendmsg_to_asoc+0x1ea7/0x1ee0 [ 164.884378][ T5016] ? kmsan_get_metadata+0x146/0x1c0 [ 164.889724][ T5016] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 164.895741][ T5016] sctp_sendmsg+0x32b4/0x4a70 [ 164.900552][ T5016] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 164.907024][ T5016] ? sctp_getsockopt+0x1290/0x1290 [ 164.912343][ T5016] inet_sendmsg+0x105/0x190 [ 164.916980][ T5016] ? inet_send_prepare+0x5c0/0x5c0 [ 164.922205][ T5016] __sys_sendto+0x735/0xa10 [ 164.926821][ T5016] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 164.932791][ T5016] __x64_sys_sendto+0x125/0x1c0 [ 164.937848][ T5016] do_syscall_64+0xcf/0x1e0 [ 164.942558][ T5016] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 164.948682][ T5016] RIP: 0033:0x7fef89be2c79 [ 164.953185][ T5016] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 164.972952][ T5016] RSP: 002b:00007fff32d421e8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 164.981550][ T5016] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fef89be2c79 [ 164.989652][ T5016] RDX: 000000000000fee4 RSI: 0000000020847fff RDI: 0000000000000006 [ 164.997787][ T5016] RBP: 00007fef89c565f0 R08: 000000002005ffe4 R09: 000000000000001c [ 165.005900][ T5016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 165.013986][ T5016] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 165.022145][ T5016] [ 165.025569][ T5016] Kernel Offset: disabled [ 165.029986][ T5016] Rebooting in 86400 seconds..