./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3777090355 <...> forked to background, child pid 3047 no interfaces have a carrier [ 67.475147][ T3048] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.488460][ T3048] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.31' (ECDSA) to the list of known hosts. syzkaller login: [ 95.143195][ T1742] cfg80211: failed to load regulatory.db execve("./syz-executor3777090355", ["./syz-executor3777090355"], 0x7fff48479d60 /* 10 vars */) = 0 brk(NULL) = 0x555555baa000 brk(0x555555baac40) = 0x555555baac40 arch_prctl(ARCH_SET_FS, 0x555555baa300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor3777090355", 4096) = 28 brk(0x555555bcbc40) = 0x555555bcbc40 brk(0x555555bcc000) = 0x555555bcc000 mprotect(0x7f322cb95000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555baa5d0) = 3475 ./strace-static-x86_64: Process 3475 attached [pid 3475] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3475] setpgid(0, 0) = 0 [pid 3475] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3475] write(3, "1000", 4) = 4 [pid 3475] close(3) = 0 [pid 3475] sendmsg(-1, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x6a\x83\xbe\xa6\x19\xd9\xa3\xe2\x2b\x9a\x46\xa3\x1d\x21\x04\x7c\xa0\xb7\x7c\x4d\x64\xd0\x9e\x3d\x6c\xe0\x66\x50\xb2\x76\x44\x82\x85\x11\x27\xf9\x7e\x45\xac\x75\x9e\x92\xaa\x32\xcf\xf3\xea\x2f\x6d\xac\xf3\xb2\x4f\x97\xff\x96\xd5\x33\x21\x0f\xfc\x0b\x78\x80\x82\x37\x68\xa5\x9b\x59\xfb\x03\x97\xf5\xfa\x81\xdc\x67\x17\xd6\xf8\x9d\x75\xa1\x3b\xfa\x12\xaa\x93\xdd\x20\x0c\xde\x47\xd6\xb8\x2c\xfd\x9f\xba"..., iov_len=173}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}], msg_iovlen=9, msg_control=NULL, msg_controllen=320, msg_flags=0}, MSG_NOSIGNAL|0x2000000) = -1 EBADF (Bad file descriptor) [pid 3475] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 3475] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4 [pid 3475] sendto(4, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0b\x00\x02\x00\x54\x49\x50\x43\x76\x32\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32 [pid 3475] recvfrom(4, [{nlmsg_len=548, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=3475}, "\x01\x02\x00\x00\x0b\x00\x02\x00\x54\x49\x50\x43\x76\x32\x00\x00\x06\x00\x01\x00\x31\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x0a\x00\x00\x00\xe4\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x03\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 548 [pid 3475] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3475}, {error=0, msg={nlmsg_len=32, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 3475] close(4) = 0 [ 96.823691][ T3475] netlink: 20 bytes leftover after parsing attributes in process `syz-executor377'. [ 96.833303][ T3475] ===================================================== [ 96.840304][ T3475] BUG: KMSAN: uninit-value in string+0x4f9/0x6f0 [ 96.847082][ T3475] string+0x4f9/0x6f0 [ 96.851079][ T3475] vsnprintf+0x2222/0x3650 [ 96.855508][ T3475] vprintk_store+0x537/0x2150 [ 96.860229][ T3475] vprintk_emit+0x28b/0xab0 [ 96.864753][ T3475] vprintk_default+0x86/0xa0 [ 96.869363][ T3475] vprintk+0x15f/0x180 [ 96.873494][ T3475] _printk+0x18d/0x1cf [ 96.877714][ T3475] __tipc_nl_bearer_enable+0x2022/0x22a0 [ 96.883446][ T3475] tipc_nl_bearer_enable+0x6c/0xb0 [ 96.888609][ T3475] genl_rcv_msg+0x157f/0x1660 [ 96.893384][ T3475] netlink_rcv_skb+0x40c/0x7e0 [ 96.898219][ T3475] genl_rcv+0x63/0x80 [ 96.902303][ T3475] netlink_unicast+0x109c/0x1370 [ 96.907341][ T3475] netlink_sendmsg+0x14dc/0x1720 [ 96.912367][ T3475] ____sys_sendmsg+0xe11/0x12c0 [ 96.917279][ T3475] __sys_sendmsg+0x704/0x840 [ 96.921922][ T3475] __x64_sys_sendmsg+0xe2/0x120 [ 96.926821][ T3475] do_syscall_64+0x51/0xa0 [ 96.931259][ T3475] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 96.937199][ T3475] [ 96.939532][ T3475] Uninit was created at: [ 96.943856][ T3475] __kmalloc_node_track_caller+0xde3/0x14f0 [ 96.949825][ T3475] __alloc_skb+0x545/0xf90 [ 96.954279][ T3475] netlink_sendmsg+0xde3/0x1720 [ 96.959156][ T3475] ____sys_sendmsg+0xe11/0x12c0 [ 96.964053][ T3475] __sys_sendmsg+0x704/0x840 [ 96.968661][ T3475] __x64_sys_sendmsg+0xe2/0x120 [ 96.973541][ T3475] do_syscall_64+0x51/0xa0 [ 96.978002][ T3475] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 96.983919][ T3475] [ 96.986235][ T3475] CPU: 0 PID: 3475 Comm: syz-executor377 Not tainted 5.18.0-rc4-syzkaller #0 [ 96.995009][ T3475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 97.005086][ T3475] ===================================================== [ 97.012015][ T3475] Disabling lock debugging due to kernel taint [ 97.018174][ T3475] Kernel panic - not syncing: kmsan.panic set ... [ 97.024597][ T3475] CPU: 0 PID: 3475 Comm: syz-executor377 Tainted: G B 5.18.0-rc4-syzkaller #0 [ 97.034761][ T3475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 97.044820][ T3475] Call Trace: [ 97.048104][ T3475] [ 97.051043][ T3475] dump_stack_lvl+0x1ff/0x28e [ 97.055753][ T3475] dump_stack+0x25/0x28 [ 97.059958][ T3475] panic+0x4fe/0xc73 [ 97.063919][ T3475] ? add_taint+0x181/0x210 [ 97.068368][ T3475] ? console_unlock+0x1c00/0x2130 [ 97.073428][ T3475] ? _raw_spin_unlock_irqrestore+0x78/0xb0 [ 97.079279][ T3475] kmsan_report+0x2e6/0x2f0 [ 97.083815][ T3475] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 97.089645][ T3475] ? __msan_warning+0x94/0x110 [ 97.094441][ T3475] ? string+0x4f9/0x6f0 [ 97.098629][ T3475] ? vsnprintf+0x2222/0x3650 [ 97.103254][ T3475] ? vprintk_store+0x537/0x2150 [ 97.108126][ T3475] ? vprintk_emit+0x28b/0xab0 [ 97.112844][ T3475] ? vprintk_default+0x86/0xa0 [ 97.117629][ T3475] ? vprintk+0x15f/0x180 [ 97.121915][ T3475] ? _printk+0x18d/0x1cf [ 97.126203][ T3475] ? __tipc_nl_bearer_enable+0x2022/0x22a0 [ 97.132041][ T3475] ? tipc_nl_bearer_enable+0x6c/0xb0 [ 97.137357][ T3475] ? genl_rcv_msg+0x157f/0x1660 [ 97.142256][ T3475] ? netlink_rcv_skb+0x40c/0x7e0 [ 97.147215][ T3475] ? genl_rcv+0x63/0x80 [ 97.151423][ T3475] ? netlink_unicast+0x109c/0x1370 [ 97.156568][ T3475] ? netlink_sendmsg+0x14dc/0x1720 [ 97.161703][ T3475] ? ____sys_sendmsg+0xe11/0x12c0 [ 97.166768][ T3475] ? __sys_sendmsg+0x704/0x840 [ 97.171573][ T3475] ? __x64_sys_sendmsg+0xe2/0x120 [ 97.176627][ T3475] ? do_syscall_64+0x51/0xa0 [ 97.181265][ T3475] ? entry_SYSCALL_64_after_hwframe+0x44/0xae [ 97.187375][ T3475] ? format_decode+0x61/0x1990 [ 97.192162][ T3475] ? filter_irq_stacks+0xb5/0x230 [ 97.197236][ T3475] ? __stack_depot_save+0x21/0x4b0 [ 97.202381][ T3475] ? kmsan_get_metadata+0x33/0x220 [ 97.207530][ T3475] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 97.213830][ T3475] ? kmsan_get_metadata+0x33/0x220 [ 97.218982][ T3475] ? kmsan_get_metadata+0x33/0x220 [ 97.224109][ T3475] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 97.229947][ T3475] __msan_warning+0x94/0x110 [ 97.234569][ T3475] string+0x4f9/0x6f0 [ 97.238573][ T3475] vsnprintf+0x2222/0x3650 [ 97.243030][ T3475] vprintk_store+0x537/0x2150 [ 97.248148][ T3475] ? vprintk_default+0x86/0xa0 [ 97.252966][ T3475] ? kmsan_get_metadata+0x33/0x220 [ 97.258120][ T3475] vprintk_emit+0x28b/0xab0 [ 97.262683][ T3475] vprintk_default+0x86/0xa0 [ 97.267316][ T3475] vprintk+0x15f/0x180 [ 97.271408][ T3475] _printk+0x18d/0x1cf [ 97.275516][ T3475] ? strscpy+0x1ab/0x220 [ 97.279791][ T3475] ? __tipc_nl_bearer_enable+0x6e1/0x22a0 [ 97.285551][ T3475] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 97.291400][ T3475] __tipc_nl_bearer_enable+0x2022/0x22a0 [ 97.297077][ T3475] ? kmsan_get_metadata+0x33/0x220 [ 97.302217][ T3475] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 97.308317][ T3475] ? mutex_lock+0x47/0x90 [ 97.312670][ T3475] tipc_nl_bearer_enable+0x6c/0xb0 [ 97.317814][ T3475] ? __tipc_nl_bearer_enable+0x22a0/0x22a0 [ 97.323633][ T3475] genl_rcv_msg+0x157f/0x1660 [ 97.328349][ T3475] ? __tipc_nl_bearer_enable+0x22a0/0x22a0 [ 97.334195][ T3475] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 97.340492][ T3475] ? kmsan_get_metadata+0x33/0x220 [ 97.346283][ T3475] netlink_rcv_skb+0x40c/0x7e0 [ 97.351088][ T3475] ? genl_bind+0x520/0x520 [ 97.355535][ T3475] genl_rcv+0x63/0x80 [ 97.359554][ T3475] ? genl_pernet_exit+0x90/0x90 [ 97.364444][ T3475] netlink_unicast+0x109c/0x1370 [ 97.369417][ T3475] netlink_sendmsg+0x14dc/0x1720 [ 97.374409][ T3475] ____sys_sendmsg+0xe11/0x12c0 [ 97.379294][ T3475] ? netlink_getsockopt+0x11d0/0x11d0 [ 97.384711][ T3475] __sys_sendmsg+0x704/0x840 [ 97.389355][ T3475] ? kmsan_get_metadata+0x33/0x220 [ 97.394504][ T3475] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 97.400354][ T3475] ? preempt_count_sub+0xf8/0x330 [ 97.405432][ T3475] ? _raw_spin_unlock_irq+0x40/0x60 [ 97.410648][ T3475] ? kmsan_get_metadata+0x33/0x220 [ 97.415795][ T3475] ? kmsan_get_shadow_origin_ptr+0x9b/0xf0 [ 97.421645][ T3475] __x64_sys_sendmsg+0xe2/0x120 [ 97.426556][ T3475] do_syscall_64+0x51/0xa0 [ 97.431009][ T3475] ? exc_page_fault+0x76/0x150 [ 97.435803][ T3475] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 97.441738][ T3475] RIP: 0033:0x7f322cb288b9 [ 97.446177][ T3475] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 97.465824][ T3475] RSP: 002b:00007ffed9da2cd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 97.474254][ T3475] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f322cb288b9 [ 97.482249][ T3475] RDX: 0000000000000000 RSI: 0000000020000740 RDI: 0000000000000003 [ 97.490245][ T3475] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffed9da2e78 [ 97.498243][ T3475] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f322caebbc0 [ 97.506241][ T3475] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 97.514252][ T3475] [ 97.517435][ T3475] Kernel Offset: disabled [ 97.521761][ T3475] Rebooting in 86400 seconds..