./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2970562261

<...>
Warning: Permanently added '10.128.1.40' (ED25519) to the list of known hosts.
execve("./syz-executor2970562261", ["./syz-executor2970562261"], 0x7ffcd1343aa0 /* 10 vars */) = 0
brk(NULL)                               = 0x5555570be000
brk(0x5555570bed00)                     = 0x5555570bed00
arch_prctl(ARCH_SET_FS, 0x5555570be380) = 0
set_tid_address(0x5555570be650)         = 5004
set_robust_list(0x5555570be660, 24)     = 0
rseq(0x5555570beca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2970562261", 4096) = 28
getrandom("\x87\x70\x37\x76\xa5\xc7\x22\xfb", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555570bed00
brk(0x5555570dfd00)                     = 0x5555570dfd00
brk(0x5555570e0000)                     = 0x5555570e0000
mprotect(0x7fa97b8e9000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
getpid()                                = 5004
openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3
write(3, "10000000000", 11)             = 11
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(1, "", {st_mode=S_IFIFO|0600, st_size=0, ...}, AT_EMPTY_PATH) = 0
openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
write(3, "100", 3)                      = 3
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3
write(3, "7 4 1 3", 7)                  = 7
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3
write(3, "5004", 4)                     = 4
close(3)                                = 0
mkdir("./syzkaller.uQLnQl", 0700)       = 0
chmod("./syzkaller.uQLnQl", 0777)       = 0
chdir("./syzkaller.uQLnQl")             = 0
mkdir("./0", 0777)                      = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5006 attached
, child_tidptr=0x5555570be650) = 5006
[pid  5006] set_robust_list(0x5555570be660, 24) = 0
[pid  5006] chdir("./0")                = 0
[pid  5006] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5006] setpgid(0, 0)               = 0
[pid  5006] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5006] write(3, "1000", 4)         = 4
[pid  5006] close(3)                    = 0
[pid  5006] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5006] openat(AT_FDCWD, "/dev/ttyS3", O_WRONLY|O_CREAT, 000) = 3
[pid  5006] ioctl(3, TIOCMSET, [TIOCM_LE|TIOCM_DTR|TIOCM_ST|TIOCM_SR|TIOCM_OUT2|TIOCM_LOOP|0x400]) = 0
[pid  5006] openat(AT_FDCWD, "/proc/timer_list", O_RDONLY) = 4
[pid  5006] sendfile(3, 4, NULL, 2199023258983) = 5903
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/net/core/bpf_jit_kallsyms failed: No such file or directory
write to /proc/sys/net/core/bpf_jit_harden failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
[pid  5006] write(1, "write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory\nwrite to /"..., 335) = 335
[pid  5006] exit_group(0)               = ?
[  144.685207][ T1031] =====================================================
[  144.693039][ T1031] BUG: KMSAN: uninit-value in n_tty_lookahead_flow_ctrl+0x2cd/0x2f0
[  144.701838][ T1031]  n_tty_lookahead_flow_ctrl+0x2cd/0x2f0
[  144.708164][ T1031]  tty_port_default_lookahead_buf+0x142/0x200
[  144.715432][ T1031]  flush_to_ldisc+0x906/0xdc0
[  144.720780][ T1031]  process_scheduled_works+0x104e/0x1e70
[  144.727229][ T1031]  worker_thread+0xf45/0x1490
[  144.732385][ T1031]  kthread+0x3ed/0x540
[  144.737187][ T1031]  ret_from_fork+0x66/0x80
[  144.742253][ T1031]  ret_from_fork_asm+0x11/0x20
[  144.747829][ T1031] 
[  144.750577][ T1031] Uninit was created at:
[  144.755474][ T1031]  slab_post_alloc_hook+0x129/0xa70
[  144.761243][ T1031]  __kmem_cache_alloc_node+0x5c9/0x970
[  144.767339][ T1031]  __kmalloc+0x121/0x3c0
[  144.772155][ T1031]  __tty_buffer_request_room+0x36e/0x6c0
[  144.778640][ T1031]  __tty_insert_flip_string_flags+0x140/0x560
[  144.785639][ T1031]  uart_insert_char+0x39e/0xa00
[  144.790959][ T1031]  serial8250_read_char+0x1a2/0x5d0
[  144.796844][ T1031]  serial8250_handle_irq+0x77b/0xb30
[  144.802785][ T1031]  serial8250_default_handle_irq+0x11a/0x2a0
[  144.809520][ T1031]  serial8250_interrupt+0xc0/0x350
[  144.815197][ T1031]  __handle_irq_event_percpu+0x113/0xc90
[  144.821283][ T1031]  handle_irq_event+0xef/0x2c0
[  144.826701][ T1031]  handle_edge_irq+0x341/0xf90
[  144.831934][ T1031]  __common_interrupt+0x94/0x1f0
[  144.837498][ T1031]  common_interrupt+0x89/0xa0
[  144.842766][ T1031]  asm_common_interrupt+0x2b/0x40
[  144.848436][ T1031] 
[  144.851143][ T1031] CPU: 0 PID: 1031 Comm: kworker/u4:7 Not tainted 6.7.0-rc2-syzkaller-00095-gd3fa86b1a7b4 #0
[  144.862063][ T1031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  144.872875][ T1031] Workqueue: events_unbound flush_to_ldisc
[  144.879409][ T1031] =====================================================
[  144.886816][ T1031] Disabling lock debugging due to kernel taint
[  144.893478][ T1031] Kernel panic - not syncing: kmsan.panic set ...
[  144.900179][ T1031] CPU: 0 PID: 1031 Comm: kworker/u4:7 Tainted: G    B              6.7.0-rc2-syzkaller-00095-gd3fa86b1a7b4 #0
[  144.912025][ T1031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  144.922372][ T1031] Workqueue: events_unbound flush_to_ldisc
[  144.928401][ T1031] Call Trace:
[  144.931760][ T1031]  <TASK>
[  144.934759][ T1031]  dump_stack_lvl+0x1bf/0x240
[  144.939633][ T1031]  dump_stack+0x1e/0x20
[  144.944060][ T1031]  panic+0x4de/0xc90
[  144.948229][ T1031]  ? add_taint+0x108/0x1a0
[  144.952901][ T1031]  kmsan_report+0x2d0/0x2d0
[  144.957795][ T1031]  ? calculate_sizes+0x113c/0x1280
[  144.963154][ T1031]  ? __msan_warning+0x96/0x110
[  144.968375][ T1031]  ? n_tty_lookahead_flow_ctrl+0x2cd/0x2f0
[  144.974470][ T1031]  ? tty_port_default_lookahead_buf+0x142/0x200
[  144.980892][ T1031]  ? flush_to_ldisc+0x906/0xdc0
[  144.985915][ T1031]  ? process_scheduled_works+0x104e/0x1e70
[  144.991874][ T1031]  ? worker_thread+0xf45/0x1490
[  144.996895][ T1031]  ? kthread+0x3ed/0x540
[  145.001355][ T1031]  ? ret_from_fork+0x66/0x80
[  145.006166][ T1031]  ? ret_from_fork_asm+0x11/0x20
[  145.011274][ T1031]  ? kmsan_get_shadow_origin_ptr+0x4d/0xa0
[  145.017327][ T1031]  ? kmsan_get_shadow_origin_ptr+0x4d/0xa0
[  145.023399][ T1031]  ? kmsan_get_shadow_origin_ptr+0x4d/0xa0
[  145.029429][ T1031]  ? kmsan_get_shadow_origin_ptr+0x4d/0xa0
[  145.035400][ T1031]  __msan_warning+0x96/0x110
[  145.040278][ T1031]  n_tty_lookahead_flow_ctrl+0x2cd/0x2f0
[  145.046157][ T1031]  ? n_tty_receive_buf2+0x60/0x60
[  145.051382][ T1031]  tty_port_default_lookahead_buf+0x142/0x200
[  145.057664][ T1031]  ? tty_port_default_receive_buf+0x190/0x190
[  145.063958][ T1031]  flush_to_ldisc+0x906/0xdc0
[  145.068949][ T1031]  ? tty_port_default_receive_buf+0x190/0x190
[  145.075366][ T1031]  ? tty_buffer_init+0x150/0x150
[  145.080527][ T1031]  process_scheduled_works+0x104e/0x1e70
[  145.086383][ T1031]  worker_thread+0xf45/0x1490
[  145.091359][ T1031]  kthread+0x3ed/0x540
[  145.095639][ T1031]  ? pr_cont_work+0xce0/0xce0
[  145.100525][ T1031]  ? kthread_blkcg+0x120/0x120
[  145.105494][ T1031]  ret_from_fork+0x66/0x80
[  145.110051][ T1031]  ? kthread_blkcg+0x120/0x120
[  145.114955][ T1031]  ret_from_fork_asm+0x11/0x20
[  145.119872][ T1031]  </TASK>
[  145.123120][ T1031] Kernel Offset: disabled
[  145.127497][ T1031] Rebooting in 86400 seconds..