./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor728980542 <...> no interfaces have a carrier [ 93.264620][ T3063] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.280395][ T3063] eql: remember to turn off Van-Jacobson compression on your slave devices [ 94.527778][ T3151] ssh-keygen (3151) used greatest stack depth: 5200 bytes left Starting sshd: OK syzkaller syzkaller login: [ 100.253703][ T25] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.15.192' (ECDSA) to the list of known hosts. execve("./syz-executor728980542", ["./syz-executor728980542"], 0x7ffef2cf7860 /* 10 vars */) = 0 brk(NULL) = 0x555555b82000 brk(0x555555b82c40) = 0x555555b82c40 arch_prctl(ARCH_SET_FS, 0x555555b82300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor728980542", 4096) = 27 brk(0x555555ba3c40) = 0x555555ba3c40 brk(0x555555ba4000) = 0x555555ba4000 mprotect(0x7f7034cdc000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3507 attached , child_tidptr=0x555555b825d0) = 3507 [pid 3507] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3507] setpgid(0, 0) = 0 [pid 3507] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3507] write(3, "1000", 4) = 4 [pid 3507] close(3) = 0 [pid 3507] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 3507] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffcfbda7a20) = 0 [pid 3507] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a20) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a20) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcfbda6a10) = 18 [ 181.081925][ T121] usb 1-1: new high-speed USB device number 2 using dummy_hcd [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a20) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcfbda6a10) = 18 [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a20) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcfbda6a10) = 9 [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a20) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcfbda6a10) = 36 [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a20) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcfbda6a10) = 4 [ 181.442336][ T121] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 181.452462][ T121] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a20) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcfbda6a10) = 8 [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a20) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcfbda6a10) = 8 [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a20) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcfbda6a10) = 8 [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a20) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [ 181.622403][ T121] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4e.32 [ 181.631873][ T121] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.640089][ T121] usb 1-1: Product: syz [ 181.644626][ T121] usb 1-1: Manufacturer: syz [ 181.649414][ T121] usb 1-1: SerialNumber: syz [ 181.657809][ T121] usb 1-1: config 0 descriptor?? [pid 3507] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f7034ce246c) = -1 EINVAL (Invalid argument) [pid 3507] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f7034ce247c) = -1 EINVAL (Invalid argument) [pid 3507] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffcfbda6a10) = 0 [ 181.693491][ T3507] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 181.702640][ T3507] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a40) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0) = -1 EINVAL (Invalid argument) [pid 3507] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0) = -1 EINVAL (Invalid argument) [pid 3507] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f7034ce246c) = -1 EINVAL (Invalid argument) [pid 3507] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f7034ce247c) = -1 EINVAL (Invalid argument) [pid 3507] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffcfbda6a30) = 0 [ 181.929272][ T3507] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 181.939157][ T3507] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a40) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffcfbda6a30) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a40) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcfbda6a30) = 6 [pid 3507] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a40) = 0 [pid 3507] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcfbda6a30) = 1 [pid 3507] exit_group(0) = ? [pid 3507] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3507, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b825d0) = 3510 ./strace-static-x86_64: Process 3510 attached [pid 3510] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3510] setpgid(0, 0) = 0 [pid 3510] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3510] write(3, "1000", 4) = 4 [pid 3510] close(3) = 0 [pid 3510] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 3510] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffcfbda7a20) = 0 [pid 3510] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 3510] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcfbda7a20) = 0 [ 182.962279][ T121] ===================================================== [ 182.969516][ T121] BUG: KMSAN: uninit-value in mii_nway_restart+0x117/0x1d0 [ 182.977013][ T121] mii_nway_restart+0x117/0x1d0 [ 182.982145][ T121] dm9601_bind+0xa17/0xb50 [ 182.986723][ T121] usbnet_probe+0xf8e/0x3d80 [ 182.991452][ T121] usb_probe_interface+0xc4b/0x11f0 [ 182.996898][ T121] really_probe+0x506/0x1000 [ 183.001660][ T121] __driver_probe_device+0x2fa/0x3d0 [ 183.007279][ T121] driver_probe_device+0x72/0x7a0 [ 183.012567][ T121] __device_attach_driver+0x548/0x8e0 [ 183.018111][ T121] bus_for_each_drv+0x1fc/0x360 [ 183.023279][ T121] __device_attach+0x42a/0x720 [ 183.028187][ T121] device_initial_probe+0x2e/0x40 [ 183.033513][ T121] bus_probe_device+0x13c/0x3b0 [ 183.038511][ T121] device_add+0x1d4b/0x26c0 [ 183.043261][ T121] usb_set_configuration+0x30f8/0x37e0 [ 183.048884][ T121] usb_generic_driver_probe+0x105/0x290 [ 183.054736][ T121] usb_probe_device+0x288/0x490 [ 183.059745][ T121] really_probe+0x506/0x1000 [ 183.064616][ T121] __driver_probe_device+0x2fa/0x3d0 [ 183.070071][ T121] driver_probe_device+0x72/0x7a0 [ 183.075355][ T121] __device_attach_driver+0x548/0x8e0 [ 183.080899][ T121] bus_for_each_drv+0x1fc/0x360 [ 183.086068][ T121] __device_attach+0x42a/0x720 [ 183.090988][ T121] device_initial_probe+0x2e/0x40 [ 183.096271][ T121] bus_probe_device+0x13c/0x3b0 [ 183.101264][ T121] device_add+0x1d4b/0x26c0 [ 183.106088][ T121] usb_new_device+0x17ac/0x2370 [ 183.111108][ T121] hub_event+0x5571/0x8070 [ 183.115783][ T121] process_one_work+0xb27/0x13e0 [ 183.120884][ T121] worker_thread+0x1076/0x1d60 [ 183.125961][ T121] kthread+0x31b/0x430 [ 183.130140][ T121] ret_from_fork+0x1f/0x30 [ 183.134776][ T121] [ 183.137152][ T121] Local variable res created at: [ 183.142343][ T121] dm9601_mdio_read+0x49/0xf0 [ 183.147170][ T121] mii_nway_restart+0x84/0x1d0 [ 183.152163][ T121] [ 183.154541][ T121] CPU: 1 PID: 121 Comm: kworker/1:2 Not tainted 6.1.0-rc6-syzkaller-63553-gddce02aa9c40 #0 [ 183.164725][ T121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 183.174956][ T121] Workqueue: usb_hub_wq hub_event [ 183.180116][ T121] ===================================================== [ 183.187242][ T121] Disabling lock debugging due to kernel taint [ 183.193564][ T121] Kernel panic - not syncing: kmsan.panic set ... [ 183.200022][ T121] CPU: 1 PID: 121 Comm: kworker/1:2 Tainted: G B 6.1.0-rc6-syzkaller-63553-gddce02aa9c40 #0 [ 183.211556][ T121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 183.221688][ T121] Workqueue: usb_hub_wq hub_event [ 183.226889][ T121] Call Trace: [ 183.230232][ T121] [ 183.233232][ T121] dump_stack_lvl+0x1c8/0x256 [ 183.238034][ T121] dump_stack+0x1a/0x1d [ 183.242326][ T121] panic+0x4d3/0xc64 [ 183.246329][ T121] ? add_taint+0x104/0x1a0 [ 183.250856][ T121] kmsan_report+0x2ca/0x2d0 [ 183.255497][ T121] ? __msan_warning+0x92/0x110 [ 183.260401][ T121] ? mii_nway_restart+0x117/0x1d0 [ 183.265531][ T121] ? dm9601_bind+0xa17/0xb50 [ 183.270256][ T121] ? usbnet_probe+0xf8e/0x3d80 [ 183.275117][ T121] ? usb_probe_interface+0xc4b/0x11f0 [ 183.280659][ T121] ? really_probe+0x506/0x1000 [ 183.286007][ T121] ? __driver_probe_device+0x2fa/0x3d0 [ 183.291568][ T121] ? driver_probe_device+0x72/0x7a0 [ 183.296884][ T121] ? __device_attach_driver+0x548/0x8e0 [ 183.302606][ T121] ? bus_for_each_drv+0x1fc/0x360 [ 183.307770][ T121] ? __device_attach+0x42a/0x720 [ 183.312941][ T121] ? device_initial_probe+0x2e/0x40 [ 183.318251][ T121] ? bus_probe_device+0x13c/0x3b0 [ 183.323412][ T121] ? device_add+0x1d4b/0x26c0 [ 183.328217][ T121] ? usb_set_configuration+0x30f8/0x37e0 [ 183.334012][ T121] ? usb_generic_driver_probe+0x105/0x290 [ 183.339888][ T121] ? usb_probe_device+0x288/0x490 [ 183.345079][ T121] ? really_probe+0x506/0x1000 [ 183.349989][ T121] ? __driver_probe_device+0x2fa/0x3d0 [ 183.355577][ T121] ? driver_probe_device+0x72/0x7a0 [ 183.360934][ T121] ? __device_attach_driver+0x548/0x8e0 [ 183.366653][ T121] ? bus_for_each_drv+0x1fc/0x360 [ 183.371818][ T121] ? __device_attach+0x42a/0x720 [ 183.376874][ T121] ? device_initial_probe+0x2e/0x40 [ 183.382243][ T121] ? bus_probe_device+0x13c/0x3b0 [ 183.387404][ T121] ? device_add+0x1d4b/0x26c0 [ 183.392170][ T121] ? usb_new_device+0x17ac/0x2370 [ 183.397353][ T121] ? hub_event+0x5571/0x8070 [ 183.402068][ T121] ? process_one_work+0xb27/0x13e0 [ 183.407324][ T121] ? worker_thread+0x1076/0x1d60 [ 183.412368][ T121] ? kthread+0x31b/0x430 [ 183.416722][ T121] ? ret_from_fork+0x1f/0x30 [ 183.421422][ T121] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 183.427668][ T121] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 183.433653][ T121] ? mutex_unlock+0x24/0x40 [ 183.438299][ T121] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 183.444223][ T121] __msan_warning+0x92/0x110 [ 183.448924][ T121] mii_nway_restart+0x117/0x1d0 [ 183.453926][ T121] dm9601_bind+0xa17/0xb50 [ 183.458474][ T121] ? eem_linkcmd_complete+0x50/0x50 [ 183.463850][ T121] usbnet_probe+0xf8e/0x3d80 [ 183.468591][ T121] ? usbnet_disconnect+0x7b0/0x7b0 [ 183.473869][ T121] usb_probe_interface+0xc4b/0x11f0 [ 183.479216][ T121] ? usb_register_driver+0x5f0/0x5f0 [ 183.484628][ T121] really_probe+0x506/0x1000 [ 183.489375][ T121] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 183.495548][ T121] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 183.501464][ T121] __driver_probe_device+0x2fa/0x3d0 [ 183.506864][ T121] driver_probe_device+0x72/0x7a0 [ 183.512015][ T121] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 183.518014][ T121] __device_attach_driver+0x548/0x8e0 [ 183.523562][ T121] bus_for_each_drv+0x1fc/0x360 [ 183.528527][ T121] ? coredump_store+0xa0/0xa0 [ 183.533365][ T121] __device_attach+0x42a/0x720 [ 183.538264][ T121] device_initial_probe+0x2e/0x40 [ 183.543443][ T121] bus_probe_device+0x13c/0x3b0 [ 183.548417][ T121] device_add+0x1d4b/0x26c0 [ 183.553052][ T121] usb_set_configuration+0x30f8/0x37e0 [ 183.558687][ T121] usb_generic_driver_probe+0x105/0x290 [ 183.564382][ T121] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 183.570372][ T121] ? usb_choose_configuration+0xdc0/0xdc0 [ 183.576250][ T121] ? usb_choose_configuration+0xdc0/0xdc0 [ 183.582131][ T121] usb_probe_device+0x288/0x490 [ 183.587153][ T121] ? usb_register_device_driver+0x440/0x440 [ 183.593224][ T121] really_probe+0x506/0x1000 [ 183.597994][ T121] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 183.604167][ T121] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 183.610082][ T121] __driver_probe_device+0x2fa/0x3d0 [ 183.615488][ T121] driver_probe_device+0x72/0x7a0 [ 183.620637][ T121] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 183.626634][ T121] __device_attach_driver+0x548/0x8e0 [ 183.632203][ T121] bus_for_each_drv+0x1fc/0x360 [ 183.637192][ T121] ? coredump_store+0xa0/0xa0 [ 183.641999][ T121] __device_attach+0x42a/0x720 [ 183.646920][ T121] device_initial_probe+0x2e/0x40 [ 183.652071][ T121] bus_probe_device+0x13c/0x3b0 [ 183.657080][ T121] device_add+0x1d4b/0x26c0 [ 183.661676][ T121] usb_new_device+0x17ac/0x2370 [ 183.666725][ T121] hub_event+0x5571/0x8070 [ 183.671351][ T121] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 183.677264][ T121] ? led_work+0x730/0x730 [ 183.681721][ T121] ? led_work+0x730/0x730 [ 183.686226][ T121] process_one_work+0xb27/0x13e0 [ 183.691336][ T121] worker_thread+0x1076/0x1d60 [ 183.696253][ T121] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 183.702189][ T121] ? __kthread_parkme+0xf0/0x1b0 [ 183.707237][ T121] kthread+0x31b/0x430 [ 183.711439][ T121] ? worker_clr_flags+0x2b0/0x2b0 [ 183.716617][ T121] ? kthread_blkcg+0x120/0x120 [ 183.721520][ T121] ret_from_fork+0x1f/0x30 [ 183.726221][ T121] [ 183.729501][ T121] Kernel Offset: disabled [ 183.733875][ T121] Rebooting in 86400 seconds..