./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1119037092 <...> Warning: Permanently added '10.128.1.188' (ED25519) to the list of known hosts. execve("./syz-executor1119037092", ["./syz-executor1119037092"], 0x7ffee3cabc90 /* 10 vars */) = 0 brk(NULL) = 0x555555dee000 brk(0x555555deed00) = 0x555555deed00 arch_prctl(ARCH_SET_FS, 0x555555dee380) = 0 set_tid_address(0x555555dee650) = 4988 set_robust_list(0x555555dee660, 24) = 0 rseq(0x555555deeca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1119037092", 4096) = 28 getrandom("\x16\xcf\xf4\xe9\xb4\xfe\x82\x37", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555555deed00 brk(0x555555e0fd00) = 0x555555e0fd00 brk(0x555555e10000) = 0x555555e10000 mprotect(0x7fc5c1e4a000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555dee650) = 4989 ./strace-static-x86_64: Process 4989 attached [pid 4989] set_robust_list(0x555555dee660, 24) = 0 [pid 4989] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4989] setpgid(0, 0) = 0 [pid 4989] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4989] write(3, "1000", 4) = 4 [pid 4989] close(3) = 0 [pid 4989] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 4989] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffe820eb6b0) = 0 [pid 4989] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6b0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6b0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe820ea6a0) = 18 [ 139.271239][ T4719] usb 1-1: new high-speed USB device number 2 using dummy_hcd [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6b0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe820ea6a0) = 18 [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6b0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe820ea6a0) = 9 [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6b0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe820ea6a0) = 36 [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6b0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe820ea6a0) = 4 [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6b0) = 0 [ 139.632376][ T4719] usb 1-1: config 47 descriptor has 1 excess byte, ignoring [ 139.639901][ T4719] usb 1-1: config 47 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 139.650037][ T4719] usb 1-1: config 47 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [pid 4989] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe820ea6a0) = 8 [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6b0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe820ea6a0) = 8 [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6b0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe820ea6a0) = 8 [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6b0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [ 139.811653][ T4719] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 139.820911][ T4719] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.829353][ T4719] usb 1-1: Product: syz [ 139.833795][ T4719] usb 1-1: Manufacturer: syz [ 139.838590][ T4719] usb 1-1: SerialNumber: syz [pid 4989] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fc5c1e503ec) = -1 EINVAL (Invalid argument) [pid 4989] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fc5c1e503fc) = -1 EINVAL (Invalid argument) [pid 4989] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffe820ea6a0) = 0 [ 139.873794][ T4989] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 139.884424][ T4989] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6d0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0) = -1 EINVAL (Invalid argument) [pid 4989] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0) = -1 EINVAL (Invalid argument) [pid 4989] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fc5c1e503ec) = -1 EINVAL (Invalid argument) [pid 4989] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fc5c1e503fc) = -1 EINVAL (Invalid argument) [pid 4989] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffe820ea6c0) = 0 [ 140.113061][ T4989] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 140.121888][ T4989] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6d0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffe820ea6c0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6d0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe820ea6c0) = 6 [pid 4989] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6d0) = 0 [pid 4989] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe820ea6c0) = 1 [pid 4989] exit_group(0) = ? [pid 4989] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4989, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 4991 attached , child_tidptr=0x555555dee650) = 4991 [pid 4991] set_robust_list(0x555555dee660, 24) = 0 [pid 4991] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4991] setpgid(0, 0) = 0 [pid 4991] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4991] write(3, "1000", 4) = 4 [pid 4991] close(3) = 0 [pid 4991] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 4991] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffe820eb6b0) = 0 [pid 4991] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 4991] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe820eb6b0) = 0 [ 141.142384][ T4719] ===================================================== [ 141.149551][ T4719] BUG: KMSAN: uninit-value in mii_nway_restart+0x11b/0x1e0 [ 141.156985][ T4719] mii_nway_restart+0x11b/0x1e0 [ 141.162113][ T4719] dm9601_bind+0xa10/0xb30 [ 141.166688][ T4719] usbnet_probe+0x100b/0x4060 [ 141.171634][ T4719] usb_probe_interface+0xc75/0x1210 [ 141.177017][ T4719] really_probe+0x506/0xf40 [ 141.181723][ T4719] __driver_probe_device+0x2a7/0x5d0 [ 141.187169][ T4719] driver_probe_device+0x72/0x7b0 [ 141.192495][ T4719] __device_attach_driver+0x55a/0x8f0 [ 141.198035][ T4719] bus_for_each_drv+0x3ff/0x620 [ 141.203155][ T4719] __device_attach+0x3bd/0x640 [ 141.208072][ T4719] device_initial_probe+0x32/0x40 [ 141.213326][ T4719] bus_probe_device+0x3d8/0x5a0 [ 141.218306][ T4719] device_add+0x1700/0x1f20 [ 141.223031][ T4719] usb_set_configuration+0x31c9/0x38c0 [ 141.228673][ T4719] usb_generic_driver_probe+0x109/0x2a0 [ 141.234473][ T4719] usb_probe_device+0x290/0x4a0 [ 141.239476][ T4719] really_probe+0x506/0xf40 [ 141.244163][ T4719] __driver_probe_device+0x2a7/0x5d0 [ 141.249616][ T4719] driver_probe_device+0x72/0x7b0 [ 141.254975][ T4719] __device_attach_driver+0x55a/0x8f0 [ 141.260517][ T4719] bus_for_each_drv+0x3ff/0x620 [ 141.265676][ T4719] __device_attach+0x3bd/0x640 [ 141.270592][ T4719] device_initial_probe+0x32/0x40 [ 141.275863][ T4719] bus_probe_device+0x3d8/0x5a0 [ 141.280838][ T4719] device_add+0x1700/0x1f20 [ 141.285538][ T4719] usb_new_device+0x15f6/0x22f0 [ 141.290560][ T4719] hub_event+0x53bc/0x7290 [ 141.295158][ T4719] process_scheduled_works+0x104e/0x1e70 [ 141.300938][ T4719] worker_thread+0xf45/0x1490 [ 141.305815][ T4719] kthread+0x3e8/0x540 [ 141.310007][ T4719] ret_from_fork+0x66/0x80 [ 141.314722][ T4719] ret_from_fork_asm+0x11/0x20 [ 141.319638][ T4719] [ 141.322103][ T4719] Local variable res created at: [ 141.327106][ T4719] dm9601_mdio_read+0x3d/0xd0 [ 141.332060][ T4719] mii_nway_restart+0x88/0x1e0 [ 141.336977][ T4719] [ 141.339356][ T4719] CPU: 0 PID: 4719 Comm: kworker/0:3 Not tainted 6.6.0-rc2-syzkaller-00244-g27bbf45eae9c #0 [ 141.349649][ T4719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 141.359923][ T4719] Workqueue: usb_hub_wq hub_event [ 141.365189][ T4719] ===================================================== [ 141.372277][ T4719] Disabling lock debugging due to kernel taint [ 141.378558][ T4719] Kernel panic - not syncing: kmsan.panic set ... [ 141.385021][ T4719] CPU: 0 PID: 4719 Comm: kworker/0:3 Tainted: G B 6.6.0-rc2-syzkaller-00244-g27bbf45eae9c #0 [ 141.396672][ T4719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 141.406843][ T4719] Workqueue: usb_hub_wq hub_event [ 141.412025][ T4719] Call Trace: [ 141.415394][ T4719] [ 141.418409][ T4719] dump_stack_lvl+0x1bf/0x240 [ 141.423244][ T4719] dump_stack+0x1e/0x20 [ 141.427469][ T4719] panic+0x4d5/0xc70 [ 141.431469][ T4719] ? add_taint+0x108/0x1a0 [ 141.435973][ T4719] kmsan_report+0x2d0/0x2d0 [ 141.440573][ T4719] ? __msan_warning+0x96/0x110 [ 141.445433][ T4719] ? mii_nway_restart+0x11b/0x1e0 [ 141.450634][ T4719] ? dm9601_bind+0xa10/0xb30 [ 141.455354][ T4719] ? usbnet_probe+0x100b/0x4060 [ 141.460294][ T4719] ? usb_probe_interface+0xc75/0x1210 [ 141.465833][ T4719] ? really_probe+0x506/0xf40 [ 141.470600][ T4719] ? __driver_probe_device+0x2a7/0x5d0 [ 141.476168][ T4719] ? driver_probe_device+0x72/0x7b0 [ 141.481527][ T4719] ? __device_attach_driver+0x55a/0x8f0 [ 141.487231][ T4719] ? bus_for_each_drv+0x3ff/0x620 [ 141.492336][ T4719] ? __device_attach+0x3bd/0x640 [ 141.497428][ T4719] ? device_initial_probe+0x32/0x40 [ 141.502766][ T4719] ? bus_probe_device+0x3d8/0x5a0 [ 141.507909][ T4719] ? device_add+0x1700/0x1f20 [ 141.512760][ T4719] ? usb_set_configuration+0x31c9/0x38c0 [ 141.518528][ T4719] ? usb_generic_driver_probe+0x109/0x2a0 [ 141.524402][ T4719] ? usb_probe_device+0x290/0x4a0 [ 141.529560][ T4719] ? really_probe+0x506/0xf40 [ 141.534387][ T4719] ? __driver_probe_device+0x2a7/0x5d0 [ 141.539961][ T4719] ? driver_probe_device+0x72/0x7b0 [ 141.545306][ T4719] ? __device_attach_driver+0x55a/0x8f0 [ 141.550969][ T4719] ? bus_for_each_drv+0x3ff/0x620 [ 141.556130][ T4719] ? __device_attach+0x3bd/0x640 [ 141.561174][ T4719] ? device_initial_probe+0x32/0x40 [ 141.566509][ T4719] ? bus_probe_device+0x3d8/0x5a0 [ 141.571638][ T4719] ? device_add+0x1700/0x1f20 [ 141.576484][ T4719] ? usb_new_device+0x15f6/0x22f0 [ 141.581678][ T4719] ? hub_event+0x53bc/0x7290 [ 141.586345][ T4719] ? process_scheduled_works+0x104e/0x1e70 [ 141.592262][ T4719] ? worker_thread+0xf45/0x1490 [ 141.597194][ T4719] ? kthread+0x3e8/0x540 [ 141.601532][ T4719] ? ret_from_fork+0x66/0x80 [ 141.606257][ T4719] ? ret_from_fork_asm+0x11/0x20 [ 141.611380][ T4719] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 141.617609][ T4719] ? mutex_unlock+0x28/0x50 [ 141.622276][ T4719] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 141.628215][ T4719] __msan_warning+0x96/0x110 [ 141.632963][ T4719] mii_nway_restart+0x11b/0x1e0 [ 141.637989][ T4719] dm9601_bind+0xa10/0xb30 [ 141.642510][ T4719] ? eem_linkcmd_complete+0x50/0x50 [ 141.647823][ T4719] usbnet_probe+0x100b/0x4060 [ 141.652659][ T4719] ? usbnet_disconnect+0x7c0/0x7c0 [ 141.657869][ T4719] usb_probe_interface+0xc75/0x1210 [ 141.663273][ T4719] ? usb_register_driver+0x600/0x600 [ 141.668687][ T4719] really_probe+0x506/0xf40 [ 141.673352][ T4719] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 141.679587][ T4719] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 141.685545][ T4719] __driver_probe_device+0x2a7/0x5d0 [ 141.690954][ T4719] driver_probe_device+0x72/0x7b0 [ 141.696129][ T4719] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 141.702052][ T4719] __device_attach_driver+0x55a/0x8f0 [ 141.707597][ T4719] bus_for_each_drv+0x3ff/0x620 [ 141.712592][ T4719] ? coredump_store+0xa0/0xa0 [ 141.717412][ T4719] __device_attach+0x3bd/0x640 [ 141.722271][ T4719] device_initial_probe+0x32/0x40 [ 141.727405][ T4719] bus_probe_device+0x3d8/0x5a0 [ 141.732394][ T4719] device_add+0x1700/0x1f20 [ 141.737038][ T4719] usb_set_configuration+0x31c9/0x38c0 [ 141.742630][ T4719] ? usb_set_configuration+0x8b1/0x38c0 [ 141.748361][ T4719] usb_generic_driver_probe+0x109/0x2a0 [ 141.754058][ T4719] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 141.759981][ T4719] ? usb_choose_configuration+0xde0/0xde0 [ 141.765876][ T4719] ? usb_choose_configuration+0xde0/0xde0 [ 141.771750][ T4719] usb_probe_device+0x290/0x4a0 [ 141.776738][ T4719] ? usb_register_device_driver+0x450/0x450 [ 141.782799][ T4719] really_probe+0x506/0xf40 [ 141.787415][ T4719] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 141.793649][ T4719] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 141.799591][ T4719] __driver_probe_device+0x2a7/0x5d0 [ 141.805005][ T4719] driver_probe_device+0x72/0x7b0 [ 141.810178][ T4719] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 141.816105][ T4719] __device_attach_driver+0x55a/0x8f0 [ 141.821633][ T4719] bus_for_each_drv+0x3ff/0x620 [ 141.826622][ T4719] ? coredump_store+0xa0/0xa0 [ 141.831469][ T4719] __device_attach+0x3bd/0x640 [ 141.836378][ T4719] device_initial_probe+0x32/0x40 [ 141.841512][ T4719] bus_probe_device+0x3d8/0x5a0 [ 141.846521][ T4719] device_add+0x1700/0x1f20 [ 141.851193][ T4719] usb_new_device+0x15f6/0x22f0 [ 141.856167][ T4719] hub_event+0x53bc/0x7290 [ 141.860733][ T4719] ? led_work+0x740/0x740 [ 141.865199][ T4719] process_scheduled_works+0x104e/0x1e70 [ 141.871003][ T4719] worker_thread+0xf45/0x1490 [ 141.875804][ T4719] kthread+0x3e8/0x540 [ 141.879983][ T4719] ? pr_cont_work+0xce0/0xce0 [ 141.884751][ T4719] ? kthread_blkcg+0x120/0x120 [ 141.889688][ T4719] ret_from_fork+0x66/0x80 [ 141.894280][ T4719] ? kthread_blkcg+0x120/0x120 [ 141.899198][ T4719] ret_from_fork_asm+0x11/0x20 [ 141.904091][ T4719] [ 141.907461][ T4719] Kernel Offset: disabled [ 141.911832][ T4719] Rebooting in 86400 seconds..