Warning: Permanently added '10.128.1.70' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program syzkaller login: [ 158.802053][ T113] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 158.812760][ T25] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 158.822115][ T1739] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 158.830475][ T32] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 158.833076][ T20] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 158.846859][ T5026] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 159.052462][ T113] usb 3-1: Using ep0 maxpacket: 8 [ 159.058272][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 159.072648][ T1739] usb 2-1: Using ep0 maxpacket: 8 [ 159.083205][ T32] usb 1-1: Using ep0 maxpacket: 8 [ 159.092654][ T20] usb 6-1: Using ep0 maxpacket: 8 [ 159.099028][ T5026] usb 5-1: Using ep0 maxpacket: 8 [ 159.172598][ T113] usb 3-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 48, changing to 9 [ 159.184574][ T113] usb 3-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 8240, setting to 1024 [ 159.196316][ T113] usb 3-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 159.205747][ T113] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.215986][ T25] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 48, changing to 9 [ 159.216518][ T1739] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 48, changing to 9 [ 159.227321][ T25] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 8240, setting to 1024 [ 159.227537][ T25] usb 4-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 159.238718][ T1739] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 8240, setting to 1024 [ 159.250058][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.259296][ T1739] usb 2-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 159.259443][ T1739] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.261988][ T32] usb 1-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 48, changing to 9 [ 159.308320][ T32] usb 1-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 8240, setting to 1024 [ 159.320049][ T32] usb 1-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 159.329552][ T32] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.354531][ T20] usb 6-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 48, changing to 9 [ 159.366111][ T20] usb 6-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 8240, setting to 1024 [ 159.377988][ T20] usb 6-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 159.387405][ T20] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.397710][ T5026] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 48, changing to 9 [ 159.405145][ T1739] hub 2-1:32.0: USB hub found [ 159.409864][ T5026] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 8240, setting to 1024 [ 159.425309][ T5026] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 159.434811][ T5026] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.447232][ T113] hub 3-1:32.0: USB hub found [ 159.455461][ T25] hub 4-1:32.0: USB hub found [ 159.492828][ T32] hub 1-1:32.0: USB hub found [ 159.545472][ T20] hub 6-1:32.0: USB hub found [ 159.555253][ T5026] hub 5-1:32.0: USB hub found [ 159.613355][ T113] hub 3-1:32.0: config failed, can't read hub descriptor (err -22) [ 159.666160][ T1739] hub 2-1:32.0: config failed, can't read hub descriptor (err -22) [ 159.695509][ T25] hub 4-1:32.0: config failed, can't read hub descriptor (err -22) [ 159.752692][ T32] hub 1-1:32.0: config failed, can't read hub descriptor (err -22) [ 159.767470][ T113] usb 3-1: USB disconnect, device number 2 [ 159.812943][ T20] hub 6-1:32.0: config failed, can't read hub descriptor (err -22) [ 159.838463][ T1739] usb 2-1: USB disconnect, device number 2 [ 159.842537][ T5026] hub 5-1:32.0: config failed, can't read hub descriptor (err -22) [ 160.020213][ T5030] udevd[5030]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:32.0/sound/card4/controlC4/../uevent} for writing: No such file or directory [ 160.142339][ T32] usb 1-1: reset high-speed USB device number 2 using dummy_hcd [ 160.203723][ T25] usb 4-1: reset high-speed USB device number 2 using dummy_hcd executing program [ 160.302498][ T20] usb 6-1: reset high-speed USB device number 2 using dummy_hcd [ 160.327503][ T5026] usb 5-1: reset high-speed USB device number 2 using dummy_hcd executing program [ 160.382421][ T1739] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 160.402455][ T32] usb 1-1: Using ep0 maxpacket: 8 [ 160.443181][ T113] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 160.452585][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 160.473002][ T5018] syz-executor188[5018]: segfault at 10 ip 00007fc77ca58bc9 sp 00007fc77ca4b260 error 4 in syz-executor1880603413[7fc77ca57000+9b000] likely on CPU 1 (core 0, socket 0) executing program [ 160.491377][ T5018] Code: 85 34 01 00 00 85 c9 0f 84 44 ff ff ff 0f b6 06 88 02 f6 c1 02 0f 84 36 ff ff ff 0f b7 44 0e fe 66 89 44 0a fe e9 27 ff ff ff <49> 8b 75 10 41 8b 4d 0c c7 44 24 40 00 00 00 00 45 31 e4 81 f9 00 executing program executing program [ 160.552758][ T25] usb 4-1: device descriptor read/all, error -71 [ 160.564261][ T20] usb 6-1: Using ep0 maxpacket: 8 executing program [ 160.622873][ T20] usb 6-1: device descriptor read/all, error -71 [ 160.663319][ T5029] ===================================================== [ 160.670618][ T5029] BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x870/0x1fd0 [ 160.678278][ T5029] _copy_to_iter+0x870/0x1fd0 [ 160.682701][ T32] usb 1-1: unable to get BOS descriptor or descriptor too short [ 160.683265][ T5029] kernfs_fop_read_iter+0x578/0x970 [ 160.690903][ T32] usb 1-1: device firmware changed [ 160.696118][ T5029] vfs_read+0x8cd/0xf40 [ 160.696221][ T5029] ksys_read+0x21f/0x4f0 [ 160.696315][ T5029] __x64_sys_read+0x93/0xd0 [ 160.696417][ T5029] do_syscall_64+0x41/0xc0 [ 160.719921][ T5029] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 160.726372][ T5029] [ 160.728798][ T5029] Uninit was stored to memory at: [ 160.734266][ T5029] read_descriptors+0x331/0x560 [ 160.739329][ T5029] sysfs_kf_bin_read+0x33d/0x400 [ 160.744738][ T5029] kernfs_fop_read_iter+0x45b/0x970 [ 160.746849][ T32] usb 1-1: USB disconnect, device number 2 [ 160.750121][ T5029] vfs_read+0x8cd/0xf40 [ 160.750229][ T5029] ksys_read+0x21f/0x4f0 [ 160.750329][ T5029] __x64_sys_read+0x93/0xd0 [ 160.769625][ T5029] do_syscall_64+0x41/0xc0 [ 160.774450][ T5029] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 160.780587][ T5029] [ 160.783161][ T5029] Uninit was created at: [ 160.787624][ T5029] slab_post_alloc_hook+0x12d/0xb60 [ 160.793178][ T5029] __kmem_cache_alloc_node+0x518/0x920 [ 160.798870][ T5029] __kmalloc_node_track_caller+0x118/0x3c0 [ 160.805163][ T5029] kvasprintf+0xce/0x220 [ 160.809609][ T5029] kvasprintf_const+0xe1/0x2b0 [ 160.814803][ T5029] kobject_set_name_vargs+0x8e/0x2c0 [ 160.820307][ T5029] dev_set_name+0x1b2/0x200 [ 160.825198][ T5029] usb_create_ep_devs+0x1c1/0x460 [ 160.830421][ T5029] usb_set_configuration+0x3392/0x37b0 [ 160.836302][ T5029] usb_generic_driver_probe+0x109/0x2a0 [ 160.842183][ T5029] usb_probe_device+0x290/0x4a0 [ 160.847250][ T5029] really_probe+0x507/0xf40 [ 160.852106][ T5029] __driver_probe_device+0x300/0x3e0 [ 160.857633][ T5029] driver_probe_device+0x72/0x7b0 [ 160.863211][ T5029] __device_attach_driver+0x55a/0x8f0 [ 160.868781][ T5029] bus_for_each_drv+0x433/0x680 [ 160.874040][ T5029] __device_attach+0x406/0x660 [ 160.879009][ T5029] device_initial_probe+0x32/0x40 [ 160.884372][ T5029] bus_probe_device+0x3d8/0x5a0 [ 160.889422][ T5029] device_add+0x1cb0/0x25e0 [ 160.894307][ T5029] usb_new_device+0x163b/0x2340 [ 160.899353][ T5029] hub_event+0x5777/0x7890 [ 160.904145][ T5029] process_one_work+0xb0d/0x1410 [ 160.909266][ T5029] worker_thread+0x107e/0x1d60 [ 160.914380][ T5029] kthread+0x31f/0x430 [ 160.918673][ T5029] ret_from_fork+0x1f/0x30 [ 160.923429][ T5029] [ 160.925847][ T5029] Byte 115 of 4096 is uninitialized [ 160.931167][ T5029] Memory access of size 4096 starts at ffff888119891000 [ 160.938401][ T5029] Data copied to user address 00007fff7db6a207 [ 160.940053][ T1739] usb 2-1: device descriptor read/64, error -71 [ 160.944743][ T5029] [ 160.944765][ T5029] CPU: 1 PID: 5029 Comm: udevd Not tainted 6.3.0-rc1-syzkaller-ge61893130d87 #0 [ 160.944872][ T5029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 160.944930][ T5029] ===================================================== [ 160.944959][ T5029] Disabling lock debugging due to kernel taint [ 160.944992][ T5029] Kernel panic - not syncing: kmsan.panic set ... [ 160.945031][ T5029] CPU: 1 PID: 5029 Comm: udevd Tainted: G B 6.3.0-rc1-syzkaller-ge61893130d87 #0 [ 160.945134][ T5029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 160.945187][ T5029] Call Trace: [ 160.945221][ T5029] [ 160.945267][ T5029] dump_stack_lvl+0x1cc/0x260 [ 160.945413][ T5029] dump_stack+0x1e/0x20 [ 160.945527][ T5029] panic+0x4e2/0xc70 [ 160.945703][ T5029] ? add_taint+0x108/0x1a0 [ 160.945818][ T5029] kmsan_report+0x2d0/0x2d0 [ 160.945934][ T5029] ? kernfs_fop_read_iter+0x45b/0x970 [ 160.946098][ T5029] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 160.946260][ T5029] ? kernfs_fop_read_iter+0x252/0x970 [ 160.946396][ T5029] ? vfs_read+0x8cd/0xf40 [ 160.946497][ T5029] ? ksys_read+0x21f/0x4f0 [ 160.946598][ T5029] ? kmsan_internal_check_memory+0x252/0x530 [ 160.946784][ T5029] ? kmsan_copy_to_user+0xd3/0xf0 [ 160.946893][ T5029] ? _copy_to_iter+0x870/0x1fd0 [ 160.947036][ T5029] ? kernfs_fop_read_iter+0x578/0x970 [ 160.947175][ T5029] ? vfs_read+0x8cd/0xf40 [ 160.947277][ T5029] ? ksys_read+0x21f/0x4f0 [ 160.947383][ T5029] ? __x64_sys_read+0x93/0xd0 [ 160.947491][ T5029] ? do_syscall_64+0x41/0xc0 [ 160.947612][ T5029] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 160.947780][ T5029] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 160.947905][ T5029] ? do_syscall_64+0x41/0xc0 [ 160.948037][ T5029] ? filter_irq_stacks+0x60/0x1a0 [ 160.948183][ T5029] ? __kmem_cache_alloc_node+0x70/0x920 [ 160.948323][ T5029] ? kmsan_metadata_is_contiguous+0x66/0x1e0 [ 160.948506][ T5029] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 160.948644][ T5029] kmsan_internal_check_memory+0x252/0x530 [ 160.948838][ T5029] kmsan_copy_to_user+0xd3/0xf0 [ 160.948949][ T5029] ? should_fail_usercopy+0x2e/0x40 [ 160.949062][ T5029] _copy_to_iter+0x870/0x1fd0 [ 160.949227][ T5029] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 160.949409][ T5029] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 160.949599][ T5029] kernfs_fop_read_iter+0x578/0x970 [ 160.949777][ T5029] ? kernfs_notify_workfn+0xbc0/0xbc0 [ 160.949922][ T5029] vfs_read+0x8cd/0xf40 [ 160.950061][ T5029] ksys_read+0x21f/0x4f0 [ 160.950189][ T5029] __x64_sys_read+0x93/0xd0 [ 160.950306][ T5029] do_syscall_64+0x41/0xc0 [ 160.950427][ T5029] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 160.950583][ T5029] RIP: 0033:0x7fd0757258fe [ 160.950654][ T5029] Code: c0 e9 e6 fe ff ff 50 48 8d 3d 0e c7 09 00 e8 c9 cf 01 00 66 0f 1f 84 00 00 00 00 00 64 8b 04 25 18 00 00 00 85 c0 75 14 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 66 0f 1f 84 00 00 00 00 00 48 83 ec 28 [ 160.950751][ T5029] RSP: 002b:00007fff7db6a1d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 160.950847][ T5029] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd0757258fe [ 160.950925][ T5029] RDX: 0000000000010011 RSI: 00007fff7db6a207 RDI: 0000000000000008 [ 160.951012][ T5029] RBP: 00007fff7db7a8d8 R08: 00007fd0757f5a00 R09: 000055802e8dcf90 [ 160.951090][ T5029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 160.951152][ T5029] R13: 0000000000000000 R14: 00007fff7db6a207 R15: 000055802e0e1a7c [ 160.951252][ T5029] [ 160.951658][ T5029] Kernel Offset: disabled [ 161.292969][ T5029] Rebooting in 86400 seconds..