./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1342347487 <...> Warning: Permanently added '10.128.1.157' (ECDSA) to the list of known hosts. execve("./syz-executor1342347487", ["./syz-executor1342347487"], 0x7ffd6134d400 /* 10 vars */) = 0 brk(NULL) = 0x555555d3f000 brk(0x555555d3fc40) = 0x555555d3fc40 arch_prctl(ARCH_SET_FS, 0x555555d3f300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1342347487", 4096) = 28 brk(0x555555d60c40) = 0x555555d60c40 brk(0x555555d61000) = 0x555555d61000 mprotect(0x7fdad8284000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555d3f5d0) = 5015 ./strace-static-x86_64: Process 5015 attached [pid 5015] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5015] setpgid(0, 0) = 0 [pid 5015] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5015] write(3, "1000", 4) = 4 [pid 5015] close(3) = 0 [pid 5015] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5015] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff010d0ef0) = 0 [pid 5015] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5015] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0ef0) = 0 [pid 5015] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0ef0) = 0 [pid 5015] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff010cfee0) = 18 [ 139.391999][ T114] usb 1-1: new high-speed USB device number 2 using dummy_hcd [pid 5015] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0ef0) = 0 [ 139.632022][ T114] usb 1-1: Using ep0 maxpacket: 8 [pid 5015] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff010cfee0) = 18 [pid 5015] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0ef0) = 0 [pid 5015] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff010cfee0) = 9 [pid 5015] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0ef0) = 0 [pid 5015] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff010cfee0) = 36 [ 139.752188][ T114] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid maxpacket 6912, setting to 1024 [ 139.763537][ T114] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xE has invalid maxpacket 1024 [ 139.773808][ T114] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 139.783864][ T114] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [pid 5015] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0ef0) = 0 [pid 5015] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0x5b) = 0 [pid 5015] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 5015] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fdad828a46c) = -1 EINVAL (Invalid argument) [pid 5015] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fdad828a47c) = -1 EINVAL (Invalid argument) [pid 5015] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff010cfee0) = 0 [ 139.793958][ T114] usb 1-1: New USB device found, idVendor=07b4, idProduct=010a, bcdDevice= 1.02 [ 139.803325][ T114] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.815121][ T114] usb 1-1: config 0 descriptor?? [ 139.839124][ T5015] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 139.855159][ T114] ums-alauda 1-1:0.0: USB Mass Storage device detected [ 139.867508][ T114] scsi host1: usb-storage 1-1:0.0 [pid 5015] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0f10) = 0 [pid 5015] ioctl(3, USB_RAW_IOCTL_EP0_STALL, 0) = 0 [ 140.883653][ T1247] scsi 1:0:0:0: Direct-Access Olympus MAUSB-10 (Alauda 0102 PQ: 0 ANSI: 0 CCS [ 140.894725][ T1247] scsi 1:0:0:1: Direct-Access Olympus MAUSB-10 (Alauda 0102 PQ: 0 ANSI: 0 CCS [ 140.915472][ T1247] sd 1:0:0:0: Attached scsi generic sg1 type 0 [pid 5015] exit_group(0) = ? [pid 5015] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5015, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5021 attached [ 140.942793][ T1247] sd 1:0:0:1: Attached scsi generic sg2 type 0 [ 140.952433][ T3532] sd 1:0:0:0: [sdb] Media removed, stopped polling [ 140.967207][ T114] usb 1-1: USB disconnect, device number 2 [ 140.975208][ T3265] sd 1:0:0:1: [sdc] Media removed, stopped polling [pid 5021] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5021] setpgid(0, 0) = 0 [pid 5014] <... clone resumed>, child_tidptr=0x555555d3f5d0) = 5021 [pid 5021] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5021] write(3, "1000", 4) = 4 [pid 5021] close(3) = 0 [pid 5021] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5021] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff010d0ef0) = 0 [pid 5021] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5021] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0ef0) = 0 [ 141.024033][ T3265] sd 1:0:0:1: [sdc] Attached SCSI removable disk [ 141.036345][ T3532] sd 1:0:0:0: [sdb] Attached SCSI removable disk [ 141.581673][ T5025] udevd[5025]: inotify_add_watch(7, /dev/sdb, 10) failed: No such file or directory [ 141.598406][ T5026] udevd[5026]: inotify_add_watch(7, /dev/sdc, 10) failed: No such file or directory [pid 5021] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0ef0) = 0 [pid 5021] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff010cfee0) = 18 [ 141.773027][ T114] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 141.851404][ T5023] udevd[5023]: inotify_add_watch(7, /dev/sdc, 10) failed: No such file or directory [ 141.880209][ T5025] udevd[5025]: inotify_add_watch(7, /dev/sdb, 10) failed: No such file or directory [pid 5021] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0ef0) = 0 [ 142.011971][ T114] usb 1-1: Using ep0 maxpacket: 8 [pid 5021] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff010cfee0) = 18 [pid 5021] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0ef0) = 0 [pid 5021] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff010cfee0) = 9 [pid 5021] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0ef0) = 0 [pid 5021] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff010cfee0) = 36 [ 142.132189][ T114] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid maxpacket 6912, setting to 1024 [ 142.143479][ T114] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xE has invalid maxpacket 1024 [ 142.153716][ T114] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 142.163725][ T114] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [pid 5021] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0ef0) = 0 [pid 5021] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0x5b) = 0 [pid 5021] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 5021] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fdad828a46c) = -1 EINVAL (Invalid argument) [pid 5021] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fdad828a47c) = -1 EINVAL (Invalid argument) [pid 5021] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff010cfee0) = 0 [ 142.173839][ T114] usb 1-1: New USB device found, idVendor=07b4, idProduct=010a, bcdDevice= 1.02 [ 142.183158][ T114] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.194557][ T114] usb 1-1: config 0 descriptor?? [ 142.214982][ T5021] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 142.235111][ T114] ums-alauda 1-1:0.0: USB Mass Storage device detected [ 142.246959][ T114] scsi host1: usb-storage 1-1:0.0 [pid 5021] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0f10) = 0 [pid 5021] ioctl(3, USB_RAW_IOCTL_EP0_STALL, 0) = 0 [pid 5021] exit_group(0) = ? [ 143.283428][ T3532] scsi 1:0:0:0: Direct-Access Olympus MAUSB-10 (Alauda 0102 PQ: 0 ANSI: 0 CCS [ 143.294409][ T3532] scsi 1:0:0:1: Direct-Access Olympus MAUSB-10 (Alauda 0102 PQ: 0 ANSI: 0 CCS [ 143.316131][ T3532] sd 1:0:0:0: Attached scsi generic sg1 type 0 [pid 5021] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5021, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555d3f5d0) = 5035 ./strace-static-x86_64: Process 5035 attached [pid 5035] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5035] setpgid(0, 0) = 0 [ 143.349116][ T114] usb 1-1: USB disconnect, device number 3 [ 143.357141][ T3265] sd 1:0:0:0: [sdb] Media removed, stopped polling [ 143.370503][ T5034] ===================================================== [ 143.377819][ T5034] BUG: KMSAN: uninit-value in alauda_check_media+0x294/0x2770 [ 143.385572][ T5034] alauda_check_media+0x294/0x2770 [ 143.390861][ T5034] alauda_transport+0x10b/0x4f90 [pid 5035] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5035] write(3, "1000", 4) = 4 [pid 5035] close(3) = 0 [pid 5035] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5035] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff010d0ef0) = 0 [pid 5035] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5035] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff010d0ef0) = 0 [ 143.396061][ T5034] usb_stor_invoke_transport+0x8d/0x3230 [ 143.401979][ T5034] usb_stor_transparent_scsi_command+0x22/0x30 [ 143.408308][ T5034] usb_stor_control_thread+0x685/0xbc0 [ 143.414033][ T5034] kthread+0x31b/0x430 [ 143.418240][ T5034] ret_from_fork+0x1f/0x30 [ 143.422970][ T5034] [ 143.425355][ T5034] Local variable status created at: [ 143.430623][ T5034] alauda_check_media+0x6f/0x2770 [ 143.435901][ T5034] alauda_transport+0x10b/0x4f90 [ 143.441006][ T5034] [ 143.443522][ T5034] CPU: 0 PID: 5034 Comm: usb-storage Not tainted 6.2.0-rc6-syzkaller-80422-geda666ff2276 #0 [ 143.448296][ T3532] sd 1:0:0:1: Attached scsi generic sg2 type 0 [ 143.453761][ T5034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 143.470641][ T5034] ===================================================== [ 143.477815][ T5034] Disabling lock debugging due to kernel taint [ 143.484354][ T5034] Kernel panic - not syncing: kmsan.panic set ... [ 143.490870][ T5034] CPU: 0 PID: 5034 Comm: usb-storage Tainted: G B 6.2.0-rc6-syzkaller-80422-geda666ff2276 #0 [ 143.502568][ T5034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 143.512734][ T5034] Call Trace: [ 143.516101][ T5034] [ 143.519117][ T5034] dump_stack_lvl+0x1c8/0x260 [ 143.523978][ T5034] dump_stack+0x1a/0x20 [ 143.528310][ T5034] panic+0x4d3/0xc70 [ 143.532402][ T5034] ? add_taint+0x104/0x1a0 [ 143.536995][ T5034] kmsan_report+0x2cc/0x2d0 [ 143.541642][ T5034] ? trace_event_raw_event_kcompactd_wake_template+0x129/0x290 [ 143.549391][ T5034] ? __msan_warning+0x92/0x110 [ 143.554297][ T5034] ? alauda_check_media+0x294/0x2770 [ 143.559790][ T5034] ? alauda_transport+0x10b/0x4f90 [ 143.565061][ T5034] ? usb_stor_invoke_transport+0x8d/0x3230 [ 143.571020][ T5034] ? usb_stor_transparent_scsi_command+0x22/0x30 [ 143.576545][ T3265] sd 1:0:0:0: [sdb] Attached SCSI removable disk [ 143.583875][ T5034] ? usb_stor_control_thread+0x685/0xbc0 [ 143.589669][ T5034] ? kthread+0x31b/0x430 [ 143.594053][ T5034] ? ret_from_fork+0x1f/0x30 [ 143.598807][ T5034] ? __stack_depot_save+0x21/0x4b0 [ 143.604087][ T5034] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 143.610070][ T5034] ? interpret_urb_result+0x11c/0x620 [ 143.615620][ T5034] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 143.621605][ T5034] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 143.627574][ T5034] __msan_warning+0x92/0x110 [ 143.632308][ T5034] alauda_check_media+0x294/0x2770 [ 143.637685][ T5034] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 143.643927][ T5034] alauda_transport+0x10b/0x4f90 [ 143.649038][ T5034] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 143.655010][ T5034] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 143.660986][ T5034] ? finish_task_switch+0x226/0xa20 [ 143.666370][ T5034] ? __switch_to+0x28f/0x570 [ 143.671111][ T5034] ? __schedule+0x16d4/0x22a0 [ 143.675948][ T5034] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 143.681917][ T5034] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 143.687881][ T5034] ? alauda_probe+0x230/0x230 [ 143.692726][ T5034] ? alauda_probe+0x230/0x230 [ 143.697565][ T5034] usb_stor_invoke_transport+0x8d/0x3230 [ 143.703360][ T5034] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 143.709315][ T5034] ? preempt_count_sub+0x7d/0x280 [ 143.714492][ T5034] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 143.720472][ T5034] usb_stor_transparent_scsi_command+0x22/0x30 [ 143.726794][ T5034] ? usb_stor_ufi_command+0x1c0/0x1c0 [ 143.732306][ T5034] usb_stor_control_thread+0x685/0xbc0 [ 143.737905][ T5034] ? __kthread_parkme+0x18c/0x1b0 [ 143.743064][ T5034] kthread+0x31b/0x430 [ 143.747210][ T5034] ? usb_stor_disconnect+0x3b0/0x3b0 [ 143.752600][ T5034] ? kthread_blkcg+0x120/0x120 [ 143.757472][ T5034] ret_from_fork+0x1f/0x30 [ 143.762065][ T5034] [ 143.765330][ T5034] Kernel Offset: disabled [ 143.769711][ T5034] Rebooting in 86400 seconds..