./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3431260750 <...> forked to background, child pid 3061 no interfaces have a carrier [ 87.121083][ T3062] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.159285][ T3062] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 100.263440][ T123] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.0.207' (ECDSA) to the list of known hosts. execve("./syz-executor3431260750", ["./syz-executor3431260750"], 0x7fffdf253aa0 /* 10 vars */) = 0 brk(NULL) = 0x5555569be000 brk(0x5555569bec40) = 0x5555569bec40 arch_prctl(ARCH_SET_FS, 0x5555569be300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor3431260750", 4096) = 28 brk(0x5555569dfc40) = 0x5555569dfc40 brk(0x5555569e0000) = 0x5555569e0000 mprotect(0x7f6886dfd000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555569be5d0) = 3485 ./strace-static-x86_64: Process 3485 attached [pid 3485] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3485] setpgid(0, 0) = 0 [pid 3485] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3485] write(3, "1000", 4) = 4 [pid 3485] close(3) = 0 [pid 3485] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3 [pid 3485] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000 [pid 3485] mmap(0x20003000, 1048576, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20003000 [ 126.466277][ T3485] ===================================================== [ 126.473534][ T3485] BUG: KMSAN: uninit-value in io_rw_fail+0x1a3/0x1b0 [ 126.480326][ T3485] io_rw_fail+0x1a3/0x1b0 [ 126.484928][ T3485] io_req_complete_failed+0x1fe/0x4b0 [ 126.490457][ T3485] io_queue_sqe_fallback+0x218/0x250 [ 126.496007][ T3485] io_submit_sqe+0x185b/0x1be0 [ 126.500901][ T3485] io_submit_sqes+0x542/0xd50 [ 126.505785][ T3485] __se_sys_io_uring_enter+0x4d6/0x2210 [ 126.511573][ T3485] __x64_sys_io_uring_enter+0x117/0x190 [ 126.517380][ T3485] do_syscall_64+0x3d/0xb0 [ 126.522075][ T3485] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.528115][ T3485] [ 126.530470][ T3485] Uninit was created at: [ 126.534991][ T3485] __kmem_cache_alloc_node+0x6ee/0xc90 [ 126.540626][ T3485] __kmalloc+0x11d/0x3c0 [ 126.545090][ T3485] io_req_prep_async+0x356/0x590 [ 126.550172][ T3485] io_queue_sqe_fallback+0xfd/0x250 [ 126.555628][ T3485] io_submit_sqe+0x185b/0x1be0 [ 126.560630][ T3485] io_submit_sqes+0x542/0xd50 [ 126.565542][ T3485] __se_sys_io_uring_enter+0x4d6/0x2210 [ 126.571257][ T3485] __x64_sys_io_uring_enter+0x117/0x190 [ 126.577110][ T3485] do_syscall_64+0x3d/0xb0 [ 126.581758][ T3485] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.587799][ T3485] [ 126.590188][ T3485] CPU: 0 PID: 3485 Comm: syz-executor343 Not tainted 6.1.0-rc8-syzkaller-64144-g30d2727189c5 #0 [ 126.600837][ T3485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 126.611103][ T3485] ===================================================== [ 126.618234][ T3485] Disabling lock debugging due to kernel taint [ 126.624551][ T3485] Kernel panic - not syncing: kmsan.panic set ... [ 126.631049][ T3485] CPU: 0 PID: 3485 Comm: syz-executor343 Tainted: G B 6.1.0-rc8-syzkaller-64144-g30d2727189c5 #0 [ 126.643110][ T3485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 126.653248][ T3485] Call Trace: [ 126.656618][ T3485] [ 126.659612][ T3485] dump_stack_lvl+0x1c8/0x256 [ 126.664416][ T3485] dump_stack+0x1a/0x1f [ 126.668710][ T3485] panic+0x4d3/0xc64 [ 126.672716][ T3485] ? add_taint+0x104/0x1a0 [ 126.677251][ T3485] kmsan_report+0x2ca/0x2d0 [ 126.681914][ T3485] ? kfree+0x16f/0x420 [ 126.686105][ T3485] ? __msan_warning+0x92/0x110 [ 126.690985][ T3485] ? io_rw_fail+0x1a3/0x1b0 [ 126.695631][ T3485] ? io_req_complete_failed+0x1fe/0x4b0 [ 126.701277][ T3485] ? io_queue_sqe_fallback+0x218/0x250 [ 126.706844][ T3485] ? io_submit_sqe+0x185b/0x1be0 [ 126.711903][ T3485] ? io_submit_sqes+0x542/0xd50 [ 126.716876][ T3485] ? __se_sys_io_uring_enter+0x4d6/0x2210 [ 126.722683][ T3485] ? __x64_sys_io_uring_enter+0x117/0x190 [ 126.728490][ T3485] ? do_syscall_64+0x3d/0xb0 [ 126.733187][ T3485] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.739409][ T3485] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 126.745377][ T3485] ? __import_iovec+0xe6/0x730 [ 126.750250][ T3485] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 126.756227][ T3485] ? io_import_iovec+0x752/0x990 [ 126.761325][ T3485] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 126.767328][ T3485] __msan_warning+0x92/0x110 [ 126.772135][ T3485] io_rw_fail+0x1a3/0x1b0 [ 126.776583][ T3485] ? loop_rw_iter+0xa60/0xa60 [ 126.781419][ T3485] io_req_complete_failed+0x1fe/0x4b0 [ 126.786891][ T3485] io_queue_sqe_fallback+0x218/0x250 [ 126.792388][ T3485] io_submit_sqe+0x185b/0x1be0 [ 126.797278][ T3485] io_submit_sqes+0x542/0xd50 [ 126.802101][ T3485] __se_sys_io_uring_enter+0x4d6/0x2210 [ 126.807756][ T3485] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 126.813666][ T3485] __x64_sys_io_uring_enter+0x117/0x190 [ 126.819312][ T3485] do_syscall_64+0x3d/0xb0 [ 126.823840][ T3485] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.829881][ T3485] RIP: 0033:0x7f6886d90029 [ 126.834413][ T3485] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 126.854135][ T3485] RSP: 002b:00007fff54667ee8 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 126.862674][ T3485] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f6886d90029 [ 126.870727][ T3485] RDX: 0000000000000000 RSI: 00000000000002ff RDI: 0000000000000003 [ 126.878803][ T3485] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000001e00 [ 126.886864][ T3485] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6886d538b0 [ 126.894896][ T3485] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 126.902972][ T3485] [ 126.906231][ T3485] Kernel Offset: disabled [ 126.910611][ T3485] Rebooting in 86400 seconds..