./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor58704760 <...> Warning: Permanently added '10.128.0.131' (ECDSA) to the list of known hosts. execve("./syz-executor58704760", ["./syz-executor58704760"], 0x7ffc5045f880 /* 10 vars */) = 0 brk(NULL) = 0x555555e2c000 brk(0x555555e2cc40) = 0x555555e2cc40 arch_prctl(ARCH_SET_FS, 0x555555e2c300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor58704760", 4096) = 26 brk(0x555555e4dc40) = 0x555555e4dc40 brk(0x555555e4e000) = 0x555555e4e000 mprotect(0x7f1f86e85000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555e2c5d0) = 3487 ./strace-static-x86_64: Process 3487 attached [pid 3487] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3487] setpgid(0, 0) = 0 [pid 3487] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3487] write(3, "1000", 4) = 4 [pid 3487] close(3) = 0 [pid 3487] openat(AT_FDCWD, "/sys/kernel/profiling", O_RDWR|O_CREAT|O_LARGEFILE|O_CLOEXEC, 000) = 3 syzkaller login: [ 103.668403][ T3487] kernel profiling enabled (shift: 0) [ 103.962838][ C1] ===================================================== [ 103.962927][ C1] BUG: KMSAN: uninit-value in profile_tick+0x1ca/0x1d0 [ 103.962985][ C1] profile_tick+0x1ca/0x1d0 [ 103.963033][ C1] tick_sched_timer+0x5e4/0x700 [ 103.963088][ C1] __run_hrtimer+0x298/0x910 [ 103.963134][ C1] hrtimer_interrupt+0x78d/0x1440 [ 103.963179][ C1] __sysvec_apic_timer_interrupt+0x14b/0x5b0 [ 103.963224][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 103.963272][ C1] asm_sysvec_apic_timer_interrupt+0x20/0x30 [ 103.963330][ C1] _raw_spin_unlock_irqrestore+0x2f/0x50 [ 103.963380][ C1] do_notify_parent_cldstop+0x7d2/0x870 [ 103.963422][ C1] ptrace_stop+0x6bd/0xeb0 [ 103.963464][ C1] ptrace_notify+0x247/0x340 [ 103.963500][ C1] syscall_enter_from_user_mode+0x6f/0x190 [ 103.963547][ C1] do_syscall_64+0x1e/0xb0 [ 103.963601][ C1] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 103.963655][ C1] [ 103.963662][ C1] Local variable rf created at: [ 103.963673][ C1] __schedule+0x44/0x21d0 [ 103.963706][ C1] schedule+0x182/0x250 [ 103.963737][ C1] [ 103.963744][ C1] CPU: 1 PID: 3486 Comm: syz-executor587 Not tainted 5.19.0-rc3-syzkaller-30868-g4b28366af7d9 #0 [ 103.963795][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.963817][ C1] ===================================================== [ 103.963828][ C1] Disabling lock debugging due to kernel taint [ 103.963841][ C1] Kernel panic - not syncing: kmsan.panic set ... [ 104.109051][ C1] CPU: 1 PID: 3486 Comm: syz-executor587 Tainted: G B 5.19.0-rc3-syzkaller-30868-g4b28366af7d9 #0 [ 104.121253][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.131333][ C1] Call Trace: [ 104.134645][ C1] [ 104.137514][ C1] dump_stack_lvl+0x1c8/0x256 [ 104.142266][ C1] dump_stack+0x1a/0x1c [ 104.146469][ C1] panic+0x4d3/0xc7d [ 104.150440][ C1] ? print_tainted+0x1d1/0x1e0 [ 104.155254][ C1] ? add_taint+0x104/0x1a0 [ 104.159715][ C1] ? printk_sprint+0x29b/0x4d0 [ 104.164524][ C1] kmsan_report+0x2cc/0x2d0 [ 104.169079][ C1] ? __stack_depot_save+0x21/0x4b0 [ 104.174234][ C1] ? __msan_warning+0x92/0x110 [ 104.179040][ C1] ? profile_tick+0x1ca/0x1d0 [ 104.183764][ C1] ? tick_sched_timer+0x5e4/0x700 [ 104.188846][ C1] ? __run_hrtimer+0x298/0x910 [ 104.193659][ C1] ? hrtimer_interrupt+0x78d/0x1440 [ 104.198902][ C1] ? __sysvec_apic_timer_interrupt+0x14b/0x5b0 [ 104.205100][ C1] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 104.210954][ C1] ? asm_sysvec_apic_timer_interrupt+0x20/0x30 [ 104.217163][ C1] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 104.223016][ C1] ? do_notify_parent_cldstop+0x7d2/0x870 [ 104.228779][ C1] ? ptrace_stop+0x6bd/0xeb0 [ 104.233416][ C1] ? ptrace_notify+0x247/0x340 [ 104.238212][ C1] ? syscall_enter_from_user_mode+0x6f/0x190 [ 104.244237][ C1] ? do_syscall_64+0x1e/0xb0 [ 104.248884][ C1] ? entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 104.255008][ C1] ? kmsan_get_metadata+0x33/0x220 [ 104.260164][ C1] ? kmsan_get_shadow_origin_ptr+0x9a/0xf0 [ 104.266020][ C1] ? kmsan_get_metadata+0x33/0x220 [ 104.271175][ C1] ? kmsan_get_shadow_origin_ptr+0x9a/0xf0 [ 104.277045][ C1] ? run_posix_cpu_timers+0x4f4/0x8a0 [ 104.282464][ C1] ? kmsan_get_metadata+0x33/0x220 [ 104.287621][ C1] ? kmsan_get_shadow_origin_ptr+0x9a/0xf0 [ 104.293476][ C1] ? kmsan_get_metadata+0x33/0x220 [ 104.298631][ C1] ? kmsan_get_shadow_origin_ptr+0x9a/0xf0 [ 104.304487][ C1] __msan_warning+0x92/0x110 [ 104.309120][ C1] profile_tick+0x1ca/0x1d0 [ 104.313670][ C1] ? do_notify_parent_cldstop+0x7d2/0x870 [ 104.319435][ C1] tick_sched_timer+0x5e4/0x700 [ 104.324347][ C1] ? tick_setup_sched_timer+0x750/0x750 [ 104.329957][ C1] __run_hrtimer+0x298/0x910 [ 104.334607][ C1] hrtimer_interrupt+0x78d/0x1440 [ 104.339698][ C1] ? hrtimer_init+0x370/0x370 [ 104.344418][ C1] ? hrtimer_init+0x370/0x370 [ 104.349136][ C1] __sysvec_apic_timer_interrupt+0x14b/0x5b0 [ 104.355165][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 104.360847][ C1] [ 104.363828][ C1] [ 104.366795][ C1] asm_sysvec_apic_timer_interrupt+0x20/0x30 [ 104.372872][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0x2f/0x50 [ 104.379352][ C1] Code: 56 53 49 89 f6 48 89 fb e8 0e d4 72 f4 48 89 df e8 46 c8 72 f4 c6 00 00 c6 03 00 41 f7 c6 00 02 00 00 74 01 fb bf 01 00 00 00 8c d1 b4 f3 65 8b 05 ad 53 4d 72 85 c0 74 05 5b 41 5e 5d c3 0f [ 104.399027][ C1] RSP: 0018:ffff8881123fbcf0 EFLAGS: 00000206 [ 104.405147][ C1] RAX: ffff8881157c1080 RBX: ffff888115fc1080 RCX: 000000000056cac5 [ 104.413162][ C1] RDX: ffff888115bc1080 RSI: 00000000056dec50 RDI: 0000000000000001 [ 104.421180][ C1] RBP: ffff8881123fbd00 R08: ffff88810c0e8b40 R09: ffff8881123fbc80 [ 104.429202][ C1] R10: ffff8881123fbbd8 R11: 0000000000000000 R12: 0000000000000282 [ 104.437248][ C1] R13: ffff88810c0e8000 R14: 0000000000000282 R15: 0000000000000000 [ 104.445278][ C1] do_notify_parent_cldstop+0x7d2/0x870 [ 104.450894][ C1] ptrace_stop+0x6bd/0xeb0 [ 104.455370][ C1] ptrace_notify+0x247/0x340 [ 104.460021][ C1] syscall_enter_from_user_mode+0x6f/0x190 [ 104.465883][ C1] do_syscall_64+0x1e/0xb0 [ 104.470356][ C1] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 104.476210][ C1] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 104.482177][ C1] RIP: 0033:0x7f1f86e17736 [ 104.486624][ C1] Code: 0f 1f 40 00 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 104.506281][ C1] RSP: 002b:00007fff75d13858 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [ 104.514768][ C1] RAX: ffffffffffffffda RBX: 000000000001951b RCX: 00007f1f86e17736 [ 104.522795][ C1] RDX: 0000000040000001 RSI: 00007fff75d1386c RDI: 00000000ffffffff [ 104.530833][ C1] RBP: 0000000000000d9f R08: 00007fff75dd50b0 R09: 0000000000000010 [ 104.538878][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff75d1386c [ 104.546890][ C1] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 104.555002][ C1] [ 104.558232][ C1] Kernel Offset: disabled [ 104.562581][ C1] Rebooting in 86400 seconds..