./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor103463403 <...> Warning: Permanently added '10.128.0.146' (ED25519) to the list of known hosts. execve("./syz-executor103463403", ["./syz-executor103463403"], 0x7ffdee4d0780 /* 10 vars */) = 0 brk(NULL) = 0x5555590da000 brk(0x5555590dad00) = 0x5555590dad00 arch_prctl(ARCH_SET_FS, 0x5555590da380) = 0 set_tid_address(0x5555590da650) = 5179 set_robust_list(0x5555590da660, 24) = 0 rseq(0x5555590daca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor103463403", 4096) = 27 getrandom("\x59\xb5\x8e\xa6\x0f\x98\xba\x75", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555590dad00 brk(0x5555590fbd00) = 0x5555590fbd00 brk(0x5555590fc000) = 0x5555590fc000 mprotect(0x7ff04d147000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555590da650) = 5180 ./strace-static-x86_64: Process 5180 attached [pid 5180] set_robust_list(0x5555590da660, 24) = 0 [pid 5180] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5180] setpgid(0, 0) = 0 [pid 5180] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5180] write(3, "1000", 4) = 4 [pid 5180] close(3) = 0 [pid 5180] write(1, "executing program\n", 18executing program ) = 18 [pid 5180] openat(AT_FDCWD, "/dev/ppp", O_RDWR|O_CREAT|O_SYNC, 000) = 3 [pid 5180] ioctl(3, PPPIOCNEWUNIT, 0x20000100) = 0 [pid 5180] ioctl(3, PPPIOCSACTIVE, 0x20000000) = 0 [ 162.524381][ T5180] ===================================================== [ 162.531767][ T5180] BUG: KMSAN: uninit-value in ___bpf_prog_run+0x94d5/0xe0f0 [ 162.539269][ T5180] ___bpf_prog_run+0x94d5/0xe0f0 [ 162.544576][ T5180] __bpf_prog_run32+0xc2/0xf0 [ 162.549454][ T5180] __ppp_xmit_process+0x4fa/0x27b0 [ 162.554873][ T5180] ppp_xmit_process+0x100/0x2b0 [ 162.559918][ T5180] ppp_write+0x723/0x910 [ 162.564449][ T5180] vfs_write+0x493/0x1550 [ 162.568939][ T5180] ksys_write+0x20f/0x4c0 [ 162.573520][ T5180] __x64_sys_write+0x93/0xe0 [ 162.578277][ T5180] x64_sys_call+0x306a/0x3ba0 [ 162.583321][ T5180] do_syscall_64+0xcd/0x1e0 [ 162.588011][ T5180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.594186][ T5180] [ 162.596581][ T5180] Uninit was stored to memory at: [ 162.601901][ T5180] ___bpf_prog_run+0x98e7/0xe0f0 [ 162.607019][ T5180] __bpf_prog_run32+0xc2/0xf0 [ 162.611963][ T5180] __ppp_xmit_process+0x4fa/0x27b0 [ 162.617248][ T5180] ppp_xmit_process+0x100/0x2b0 [ 162.622357][ T5180] ppp_write+0x723/0x910 [ 162.626765][ T5180] vfs_write+0x493/0x1550 [ 162.631324][ T5180] ksys_write+0x20f/0x4c0 [ 162.635793][ T5180] __x64_sys_write+0x93/0xe0 [ 162.640526][ T5180] x64_sys_call+0x306a/0x3ba0 [ 162.645455][ T5180] do_syscall_64+0xcd/0x1e0 [ 162.650116][ T5180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.656277][ T5180] [ 162.658671][ T5180] Uninit was created at: [ 162.663180][ T5180] kmem_cache_alloc_node_noprof+0x6bf/0xb80 [ 162.669239][ T5180] kmalloc_reserve+0x13d/0x4a0 [ 162.674247][ T5180] __alloc_skb+0x363/0x7b0 [ 162.678809][ T5180] ppp_write+0xe5/0x910 [ 162.683215][ T5180] vfs_write+0x493/0x1550 [ 162.687682][ T5180] ksys_write+0x20f/0x4c0 [ 162.692241][ T5180] __x64_sys_write+0x93/0xe0 [ 162.696977][ T5180] x64_sys_call+0x306a/0x3ba0 [ 162.701916][ T5180] do_syscall_64+0xcd/0x1e0 [ 162.706574][ T5180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.712721][ T5180] [ 162.715142][ T5180] CPU: 0 UID: 0 PID: 5180 Comm: syz-executor103 Not tainted 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0 [ 162.726505][ T5180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 162.736848][ T5180] ===================================================== [ 162.743926][ T5180] Disabling lock debugging due to kernel taint [ 162.750168][ T5180] Kernel panic - not syncing: kmsan.panic set ... [ 162.756687][ T5180] CPU: 0 UID: 0 PID: 5180 Comm: syz-executor103 Tainted: G B 6.11.0-rc2-syzkaller-00257-g5189dafa4cf9 #0 [ 162.769461][ T5180] Tainted: [B]=BAD_PAGE [ 162.773702][ T5180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 162.783884][ T5180] Call Trace: [ 162.787259][ T5180] [ 162.790280][ T5180] dump_stack_lvl+0x216/0x2d0 [ 162.795131][ T5180] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 162.801140][ T5180] dump_stack+0x1e/0x30 [ 162.805454][ T5180] panic+0x4e2/0xcd0 [ 162.809508][ T5180] ? kmsan_get_metadata+0x61/0x1c0 [ 162.814818][ T5180] kmsan_report+0x2c7/0x2d0 [ 162.819503][ T5180] ? kmsan_internal_chain_origin+0xb0/0xd0 [ 162.825483][ T5180] ? __msan_warning+0x95/0x120 [ 162.830410][ T5180] ? ___bpf_prog_run+0x94d5/0xe0f0 [ 162.835712][ T5180] ? __bpf_prog_run32+0xc2/0xf0 [ 162.840747][ T5180] ? __ppp_xmit_process+0x4fa/0x27b0 [ 162.846216][ T5180] ? ppp_xmit_process+0x100/0x2b0 [ 162.851420][ T5180] ? ppp_write+0x723/0x910 [ 162.856008][ T5180] ? vfs_write+0x493/0x1550 [ 162.860658][ T5180] ? ksys_write+0x20f/0x4c0 [ 162.865310][ T5180] ? __x64_sys_write+0x93/0xe0 [ 162.870226][ T5180] ? x64_sys_call+0x306a/0x3ba0 [ 162.875250][ T5180] ? do_syscall_64+0xcd/0x1e0 [ 162.880089][ T5180] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.886338][ T5180] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.892604][ T5180] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 162.898617][ T5180] ? bpf_skb_load_helper_16+0x40/0x1e0 [ 162.904243][ T5180] ? filter_irq_stacks+0x60/0x1a0 [ 162.909435][ T5180] ? kmsan_get_metadata+0x13e/0x1c0 [ 162.914825][ T5180] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 162.921343][ T5180] ? kmsan_get_metadata+0x13e/0x1c0 [ 162.926734][ T5180] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 162.932734][ T5180] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 162.938733][ T5180] __msan_warning+0x95/0x120 [ 162.943490][ T5180] ___bpf_prog_run+0x94d5/0xe0f0 [ 162.948645][ T5180] __bpf_prog_run32+0xc2/0xf0 [ 162.953528][ T5180] ? __pfx___bpf_prog_run32+0x10/0x10 [ 162.959111][ T5180] __ppp_xmit_process+0x4fa/0x27b0 [ 162.964446][ T5180] ? kmsan_get_metadata+0x13e/0x1c0 [ 162.969853][ T5180] ppp_xmit_process+0x100/0x2b0 [ 162.974890][ T5180] ? ppp_xmit_process+0x2d/0x2b0 [ 162.980023][ T5180] ppp_write+0x723/0x910 [ 162.984466][ T5180] ? __pfx_ppp_write+0x10/0x10 [ 162.989412][ T5180] vfs_write+0x493/0x1550 [ 162.993902][ T5180] ? kmsan_get_metadata+0x13e/0x1c0 [ 162.999295][ T5180] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 163.005814][ T5180] ? kmsan_get_metadata+0x13e/0x1c0 [ 163.011205][ T5180] ksys_write+0x20f/0x4c0 [ 163.015704][ T5180] __x64_sys_write+0x93/0xe0 [ 163.020460][ T5180] x64_sys_call+0x306a/0x3ba0 [ 163.025321][ T5180] do_syscall_64+0xcd/0x1e0 [ 163.029993][ T5180] ? clear_bhb_loop+0x25/0x80 [ 163.034844][ T5180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.040925][ T5180] RIP: 0033:0x7ff04d0d4ab9 [ 163.045467][ T5180] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 163.065252][ T5180] RSP: 002b:00007ffd8b0fe608 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 163.073826][ T5180] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff04d0d4ab9 [ 163.081932][ T5180] RDX: 0000000000000002 RSI: 0000000020000300 RDI: 0000000000000003 [ 163.090025][ T5180] RBP: 00007ff04d1475f0 R08: 0000000000000006 R09: 0000000000000006 [ 163.098120][ T5180] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 163.106211][ T5180] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 163.114328][ T5180] [ 163.117668][ T5180] Kernel Offset: disabled [ 163.122048][ T5180] Rebooting in 86400 seconds..