./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2718285194 <...> Warning: Permanently added '10.128.1.173' (ED25519) to the list of known hosts. execve("./syz-executor2718285194", ["./syz-executor2718285194"], 0x7ffd08f0bab0 /* 10 vars */) = 0 brk(NULL) = 0x5555574f6000 brk(0x5555574f6d00) = 0x5555574f6d00 arch_prctl(ARCH_SET_FS, 0x5555574f6380) = 0 set_tid_address(0x5555574f6650) = 5008 set_robust_list(0x5555574f6660, 24) = 0 rseq(0x5555574f6ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2718285194", 4096) = 28 getrandom("\xc9\xc9\x48\xd3\x09\xc6\xbb\xa7", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555574f6d00 brk(0x555557517d00) = 0x555557517d00 brk(0x555557518000) = 0x555557518000 mprotect(0x7f2c58401000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555574f6650) = 5009 ./strace-static-x86_64: Process 5009 attached [pid 5009] set_robust_list(0x5555574f6660, 24) = 0 [pid 5009] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5009] setpgid(0, 0) = 0 [pid 5009] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5009] write(3, "1000", 4) = 4 [pid 5009] close(3) = 0 [pid 5009] socket(AF_IEEE802154, SOCK_DGRAM, 0) = 3 [pid 5009] setsockopt(3, SOL_IP, IP_TOS, [2], 4) = 0 [pid 5009] setsockopt(3, SOL_IP, IP_TOS, [0], 4) = 0 [ 159.687666][ T5009] ===================================================== [ 159.695106][ T5009] BUG: KMSAN: uninit-value in ieee802154_hdr_push+0x971/0xb90 [ 159.703422][ T5009] ieee802154_hdr_push+0x971/0xb90 [ 159.708797][ T5009] ieee802154_header_create+0x9c0/0xc00 [ 159.714811][ T5009] dgram_sendmsg+0xd1d/0x1500 [ 159.719713][ T5009] ieee802154_sock_sendmsg+0x91/0xc0 [ 159.725360][ T5009] ____sys_sendmsg+0x9c2/0xd60 [ 159.730374][ T5009] ___sys_sendmsg+0x28d/0x3c0 [ 159.735512][ T5009] __x64_sys_sendmsg+0x307/0x490 [ 159.740688][ T5009] do_syscall_64+0x44/0x110 [ 159.745581][ T5009] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 159.751797][ T5009] [ 159.754257][ T5009] Local variable hdr created at: [ 159.759327][ T5009] ieee802154_header_create+0x4e/0xc00 [ 159.765190][ T5009] dgram_sendmsg+0xd1d/0x1500 [ 159.770095][ T5009] [ 159.772661][ T5009] CPU: 1 PID: 5009 Comm: syz-executor271 Not tainted 6.7.0-rc8-syzkaller #0 [ 159.781688][ T5009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 159.791954][ T5009] ===================================================== [ 159.798966][ T5009] Disabling lock debugging due to kernel taint [ 159.805473][ T5009] Kernel panic - not syncing: kmsan.panic set ... [ 159.812014][ T5009] CPU: 1 PID: 5009 Comm: syz-executor271 Tainted: G B 6.7.0-rc8-syzkaller #0 [ 159.822333][ T5009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 159.832550][ T5009] Call Trace: [ 159.836117][ T5009] [ 159.839343][ T5009] dump_stack_lvl+0x1bf/0x240 [ 159.844179][ T5009] dump_stack+0x1e/0x20 [ 159.848499][ T5009] panic+0x4de/0xc90 [ 159.852670][ T5009] ? add_taint+0x108/0x1a0 [ 159.857310][ T5009] kmsan_report+0x2d0/0x2d0 [ 159.862074][ T5009] ? kmsan_internal_chain_origin+0xba/0xd0 [ 159.868142][ T5009] ? __msan_warning+0x96/0x110 [ 159.873061][ T5009] ? ieee802154_hdr_push+0x971/0xb90 [ 159.878532][ T5009] ? ieee802154_header_create+0x9c0/0xc00 [ 159.884497][ T5009] ? dgram_sendmsg+0xd1d/0x1500 [ 159.889486][ T5009] ? ieee802154_sock_sendmsg+0x91/0xc0 [ 159.895122][ T5009] ? ____sys_sendmsg+0x9c2/0xd60 [ 159.900315][ T5009] ? ___sys_sendmsg+0x28d/0x3c0 [ 159.905408][ T5009] ? __x64_sys_sendmsg+0x307/0x490 [ 159.910727][ T5009] ? do_syscall_64+0x44/0x110 [ 159.915573][ T5009] ? entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 159.921874][ T5009] ? entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 159.928124][ T5009] ? ieee802154_header_create+0x9a3/0xc00 [ 159.934110][ T5009] ? dgram_sendmsg+0xd1d/0x1500 [ 159.939190][ T5009] ? ieee802154_sock_sendmsg+0x91/0xc0 [ 159.944893][ T5009] ? ____sys_sendmsg+0x9c2/0xd60 [ 159.950081][ T5009] ? ___sys_sendmsg+0x28d/0x3c0 [ 159.955090][ T5009] ? __x64_sys_sendmsg+0x307/0x490 [ 159.960375][ T5009] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 159.966878][ T5009] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 159.972901][ T5009] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 159.978956][ T5009] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 159.985442][ T5009] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 159.991506][ T5009] __msan_warning+0x96/0x110 [ 159.996255][ T5009] ieee802154_hdr_push+0x971/0xb90 [ 160.001581][ T5009] ieee802154_header_create+0x9c0/0xc00 [ 160.007475][ T5009] ? drv_set_promiscuous_mode+0x490/0x490 [ 160.013475][ T5009] dgram_sendmsg+0xd1d/0x1500 [ 160.018351][ T5009] ? dgram_getsockopt+0x5d0/0x5d0 [ 160.023567][ T5009] ieee802154_sock_sendmsg+0x91/0xc0 [ 160.029100][ T5009] ? ieee802154_sock_ioctl+0x650/0x650 [ 160.034798][ T5009] ____sys_sendmsg+0x9c2/0xd60 [ 160.039736][ T5009] ___sys_sendmsg+0x28d/0x3c0 [ 160.044598][ T5009] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 160.050607][ T5009] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 160.056709][ T5009] __x64_sys_sendmsg+0x307/0x490 [ 160.061932][ T5009] do_syscall_64+0x44/0x110 [ 160.066665][ T5009] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 160.072806][ T5009] RIP: 0033:0x7f2c5838eab9 [ 160.077346][ T5009] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 160.097166][ T5009] RSP: 002b:00007ffc157f8408 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 160.105740][ T5009] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2c5838eab9 [ 160.113873][ T5009] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 160.121971][ T5009] RBP: 00007f2c584015f0 R08: 0000000000000006 R09: 0000000000000006 [ 160.130093][ T5009] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 160.138201][ T5009] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 160.146382][ T5009] [ 160.149962][ T5009] Kernel Offset: disabled [ 160.154362][ T5009] Rebooting in 86400 seconds..