./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1233451157 <...> Warning: Permanently added '10.128.15.201' (ED25519) to the list of known hosts. execve("./syz-executor1233451157", ["./syz-executor1233451157"], 0x7ffe2ab0c5e0 /* 10 vars */) = 0 brk(NULL) = 0x5555557ac000 brk(0x5555557acd00) = 0x5555557acd00 arch_prctl(ARCH_SET_FS, 0x5555557ac380) = 0 set_tid_address(0x5555557ac650) = 5805 set_robust_list(0x5555557ac660, 24) = 0 rseq(0x5555557acca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1233451157", 4096) = 28 getrandom("\xa8\x17\x01\x1f\xd5\x60\x41\x3e", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555557acd00 brk(0x5555557cdd00) = 0x5555557cdd00 brk(0x5555557ce000) = 0x5555557ce000 mprotect(0x7f75ced4f000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557ac650) = 5806 ./strace-static-x86_64: Process 5806 attached [pid 5806] set_robust_list(0x5555557ac660, 24) = 0 [pid 5806] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5806] setpgid(0, 0) = 0 [pid 5806] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5806] write(3, "1000", 4) = 4 [pid 5806] close(3executing program ) = 0 [pid 5806] write(1, "executing program\n", 18) = 18 [pid 5806] openat(AT_FDCWD, "/dev/ppp", O_RDWR|O_CREAT|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000) = 3 [pid 5806] ioctl(3, PPPIOCNEWUNIT, 0x20000140) = 0 [pid 5806] ioctl(3, PPPIOCSPASS, 0x20002a40) = 0 [ 179.000175][ T5806] ===================================================== [ 179.007643][ T5806] BUG: KMSAN: uninit-value in ___bpf_prog_run+0x94d5/0xe0f0 [ 179.015297][ T5806] ___bpf_prog_run+0x94d5/0xe0f0 [ 179.020417][ T5806] __bpf_prog_run32+0xc2/0xf0 [ 179.025385][ T5806] __ppp_xmit_process+0x416/0x2840 [ 179.030715][ T5806] ppp_xmit_process+0x100/0x2b0 [ 179.035888][ T5806] ppp_write+0x71d/0x910 [ 179.040325][ T5806] vfs_write+0x48a/0x1540 [ 179.044945][ T5806] ksys_write+0x240/0x4b0 [ 179.049446][ T5806] __x64_sys_write+0x93/0xe0 [ 179.054325][ T5806] x64_sys_call+0x3161/0x3c30 [ 179.059203][ T5806] do_syscall_64+0xcd/0x1e0 [ 179.064028][ T5806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.070112][ T5806] [ 179.072624][ T5806] Uninit was stored to memory at: [ 179.077866][ T5806] ___bpf_prog_run+0x98e7/0xe0f0 [ 179.083093][ T5806] __bpf_prog_run32+0xc2/0xf0 [ 179.087955][ T5806] __ppp_xmit_process+0x416/0x2840 [ 179.093355][ T5806] ppp_xmit_process+0x100/0x2b0 [ 179.098389][ T5806] ppp_write+0x71d/0x910 [ 179.102899][ T5806] vfs_write+0x48a/0x1540 [ 179.107381][ T5806] ksys_write+0x240/0x4b0 [ 179.111946][ T5806] __x64_sys_write+0x93/0xe0 [ 179.116689][ T5806] x64_sys_call+0x3161/0x3c30 [ 179.121633][ T5806] do_syscall_64+0xcd/0x1e0 [ 179.126322][ T5806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.132480][ T5806] [ 179.134883][ T5806] Uninit was created at: [ 179.139345][ T5806] kmem_cache_alloc_node_noprof+0x6bf/0xb80 [ 179.145515][ T5806] kmalloc_reserve+0x13d/0x4a0 [ 179.150464][ T5806] __alloc_skb+0x363/0x7b0 [ 179.155145][ T5806] ppp_write+0xdf/0x910 [ 179.159481][ T5806] vfs_write+0x48a/0x1540 [ 179.164042][ T5806] ksys_write+0x240/0x4b0 [ 179.168522][ T5806] __x64_sys_write+0x93/0xe0 [ 179.173360][ T5806] x64_sys_call+0x3161/0x3c30 [ 179.178217][ T5806] do_syscall_64+0xcd/0x1e0 [ 179.182997][ T5806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.189067][ T5806] [ 179.191613][ T5806] CPU: 1 UID: 0 PID: 5806 Comm: syz-executor123 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0 [ 179.202693][ T5806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 179.212977][ T5806] ===================================================== [ 179.220006][ T5806] Disabling lock debugging due to kernel taint [ 179.226356][ T5806] Kernel panic - not syncing: kmsan.panic set ... [ 179.232907][ T5806] CPU: 1 UID: 0 PID: 5806 Comm: syz-executor123 Tainted: G B 6.12.0-syzkaller-07834-g06afb0f36106 #0 [ 179.245531][ T5806] Tainted: [B]=BAD_PAGE [ 179.249780][ T5806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 179.259967][ T5806] Call Trace: [ 179.263352][ T5806] [ 179.266380][ T5806] dump_stack_lvl+0x216/0x2d0 [ 179.271265][ T5806] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 179.277292][ T5806] dump_stack+0x1e/0x30 [ 179.281639][ T5806] panic+0x4e2/0xcf0 [ 179.285720][ T5806] ? kmsan_get_metadata+0x71/0x1c0 [ 179.291058][ T5806] kmsan_report+0x2c7/0x2d0 [ 179.295755][ T5806] ? kmsan_internal_chain_origin+0xb0/0xd0 [ 179.301745][ T5806] ? __msan_warning+0x95/0x120 [ 179.306686][ T5806] ? ___bpf_prog_run+0x94d5/0xe0f0 [ 179.311964][ T5806] ? __bpf_prog_run32+0xc2/0xf0 [ 179.316979][ T5806] ? __ppp_xmit_process+0x416/0x2840 [ 179.322468][ T5806] ? ppp_xmit_process+0x100/0x2b0 [ 179.327694][ T5806] ? ppp_write+0x71d/0x910 [ 179.332311][ T5806] ? vfs_write+0x48a/0x1540 [ 179.337072][ T5806] ? ksys_write+0x240/0x4b0 [ 179.341741][ T5806] ? __x64_sys_write+0x93/0xe0 [ 179.346673][ T5806] ? x64_sys_call+0x3161/0x3c30 [ 179.351728][ T5806] ? do_syscall_64+0xcd/0x1e0 [ 179.356625][ T5806] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.362886][ T5806] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.369153][ T5806] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 179.375184][ T5806] ? filter_irq_stacks+0x60/0x1a0 [ 179.380397][ T5806] ? kmsan_get_metadata+0x13e/0x1c0 [ 179.385798][ T5806] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 179.392327][ T5806] ? kmsan_get_metadata+0x13e/0x1c0 [ 179.397726][ T5806] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 179.403736][ T5806] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 179.409747][ T5806] __msan_warning+0x95/0x120 [ 179.414520][ T5806] ___bpf_prog_run+0x94d5/0xe0f0 [ 179.419654][ T5806] __bpf_prog_run32+0xc2/0xf0 [ 179.424514][ T5806] ? __pfx___bpf_prog_run32+0x10/0x10 [ 179.430054][ T5806] __ppp_xmit_process+0x416/0x2840 [ 179.435375][ T5806] ? kmsan_get_metadata+0x13e/0x1c0 [ 179.440788][ T5806] ppp_xmit_process+0x100/0x2b0 [ 179.445830][ T5806] ? ppp_xmit_process+0x2d/0x2b0 [ 179.450966][ T5806] ppp_write+0x71d/0x910 [ 179.455417][ T5806] ? __pfx_ppp_write+0x10/0x10 [ 179.460375][ T5806] vfs_write+0x48a/0x1540 [ 179.464871][ T5806] ? kmsan_get_metadata+0x13e/0x1c0 [ 179.470266][ T5806] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 179.476790][ T5806] ? kmsan_get_metadata+0x13e/0x1c0 [ 179.482183][ T5806] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 179.488200][ T5806] ksys_write+0x240/0x4b0 [ 179.492689][ T5806] ? kmsan_get_metadata+0x13e/0x1c0 [ 179.498112][ T5806] __x64_sys_write+0x93/0xe0 [ 179.502875][ T5806] x64_sys_call+0x3161/0x3c30 [ 179.507756][ T5806] do_syscall_64+0xcd/0x1e0 [ 179.512464][ T5806] ? clear_bhb_loop+0x25/0x80 [ 179.517324][ T5806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.523414][ T5806] RIP: 0033:0x7f75cecdcab9 [ 179.527967][ T5806] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 179.547758][ T5806] RSP: 002b:00007fffe6d42b78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 179.556358][ T5806] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f75cecdcab9 [ 179.564478][ T5806] RDX: 0000000000000002 RSI: 0000000020000900 RDI: 0000000000000003 [ 179.572580][ T5806] RBP: 00007f75ced4f5f0 R08: 0000000000000006 R09: 0000000000000006 [ 179.580684][ T5806] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 179.588781][ T5806] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 179.596907][ T5806] [ 179.600292][ T5806] Kernel Offset: disabled [ 179.604680][ T5806] Rebooting in 86400 seconds..