./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3964060491 <...> Warning: Permanently added '10.128.1.37' (ECDSA) to the list of known hosts. execve("./syz-executor3964060491", ["./syz-executor3964060491"], 0x7ffe991e7bf0 /* 10 vars */) = 0 brk(NULL) = 0x555556a27000 brk(0x555556a27c40) = 0x555556a27c40 arch_prctl(ARCH_SET_FS, 0x555556a27300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor3964060491", 4096) = 28 brk(0x555556a48c40) = 0x555556a48c40 brk(0x555556a49000) = 0x555556a49000 mprotect(0x7fc955ddd000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556a275d0) = 5009 ./strace-static-x86_64: Process 5009 attached [pid 5009] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5009] setpgid(0, 0) = 0 [pid 5009] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5009] write(3, "1000", 4) = 4 [pid 5009] close(3) = 0 [pid 5009] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5009] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffdaf67d400) = 0 [pid 5009] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d400) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d400) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdaf67c3f0) = 18 [ 169.552263][ T1454] usb 1-1: new high-speed USB device number 2 using dummy_hcd [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d400) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdaf67c3f0) = 18 [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d400) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdaf67c3f0) = 9 [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d400) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdaf67c3f0) = 36 [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d400) = 0 [ 169.952552][ T1454] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 169.962756][ T1454] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [pid 5009] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdaf67c3f0) = 4 [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d400) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdaf67c3f0) = 8 [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d400) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdaf67c3f0) = 8 [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d400) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdaf67c3f0) = 8 [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d400) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [ 170.162786][ T1454] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 170.172248][ T1454] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 170.180472][ T1454] usb 1-1: Product: syz [ 170.185019][ T1454] usb 1-1: Manufacturer: syz [ 170.189858][ T1454] usb 1-1: SerialNumber: syz [ 170.199543][ T1454] usb 1-1: config 0 descriptor?? [pid 5009] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fc955de346c) = -1 EINVAL (Invalid argument) [pid 5009] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fc955de347c) = -1 EINVAL (Invalid argument) [pid 5009] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffdaf67c3f0) = 0 [ 170.241589][ T5009] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 170.250290][ T5009] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d420) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0) = -1 EINVAL (Invalid argument) [pid 5009] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0) = -1 EINVAL (Invalid argument) [pid 5009] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fc955de346c) = -1 EINVAL (Invalid argument) [pid 5009] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fc955de347c) = -1 EINVAL (Invalid argument) [pid 5009] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffdaf67c410) = 0 [ 170.491903][ T5009] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 170.502398][ T5009] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d420) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffdaf67c410) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d420) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdaf67c410) = 6 [pid 5009] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d420) = 0 [pid 5009] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdaf67c410) = 1 [pid 5009] exit_group(0) = ? [pid 5009] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5009, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5013 attached , child_tidptr=0x555556a275d0) = 5013 [pid 5013] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5013] setpgid(0, 0) = 0 [pid 5013] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5013] write(3, "1000", 4) = 4 [pid 5013] close(3) = 0 [pid 5013] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5013] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffdaf67d400) = 0 [pid 5013] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5013] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdaf67d400) = 0 [ 171.572637][ T1454] ===================================================== [ 171.579964][ T1454] BUG: KMSAN: uninit-value in mii_nway_restart+0x11b/0x1e0 [ 171.587631][ T1454] mii_nway_restart+0x11b/0x1e0 [ 171.592791][ T1454] dm9601_bind+0xa1d/0xb60 [ 171.597363][ T1454] usbnet_probe+0xf94/0x3df0 [ 171.602215][ T1454] usb_probe_interface+0xc75/0x1210 [ 171.607662][ T1454] really_probe+0x507/0x1000 [ 171.612578][ T1454] __driver_probe_device+0x300/0x3e0 [ 171.618135][ T1454] driver_probe_device+0x72/0x7b0 [ 171.623481][ T1454] __device_attach_driver+0x55a/0x8f0 [ 171.629110][ T1454] bus_for_each_drv+0x200/0x360 [ 171.634381][ T1454] __device_attach+0x42b/0x720 [ 171.639368][ T1454] device_initial_probe+0x32/0x40 [ 171.644710][ T1454] bus_probe_device+0x141/0x3b0 [ 171.649755][ T1454] device_add+0x1d3c/0x26b0 [ 171.654491][ T1454] usb_set_configuration+0x30b9/0x37b0 [ 171.660170][ T1454] usb_generic_driver_probe+0x109/0x2a0 [ 171.666042][ T1454] usb_probe_device+0x290/0x4a0 [ 171.671094][ T1454] really_probe+0x507/0x1000 [ 171.675942][ T1454] __driver_probe_device+0x300/0x3e0 [ 171.681437][ T1454] driver_probe_device+0x72/0x7b0 [ 171.686841][ T1454] __device_attach_driver+0x55a/0x8f0 [ 171.692567][ T1454] bus_for_each_drv+0x200/0x360 [ 171.697626][ T1454] __device_attach+0x42b/0x720 [ 171.702722][ T1454] device_initial_probe+0x32/0x40 [ 171.707974][ T1454] bus_probe_device+0x141/0x3b0 [ 171.713085][ T1454] device_add+0x1d3c/0x26b0 [ 171.717768][ T1454] usb_new_device+0x163b/0x2340 [ 171.722898][ T1454] hub_event+0x5777/0x7890 [ 171.727491][ T1454] process_one_work+0xb0d/0x1410 [ 171.732770][ T1454] worker_thread+0x107b/0x1d60 [ 171.737771][ T1454] kthread+0x31f/0x430 [ 171.742115][ T1454] ret_from_fork+0x1f/0x30 [ 171.746749][ T1454] [ 171.749162][ T1454] Local variable res created at: [ 171.754325][ T1454] dm9601_mdio_read+0x4d/0xf0 [ 171.759232][ T1454] mii_nway_restart+0x88/0x1e0 [ 171.764307][ T1454] [ 171.766746][ T1454] CPU: 1 PID: 1454 Comm: kworker/1:2 Not tainted 6.2.0-syzkaller-81157-g944070199c5e #0 [ 171.776771][ T1454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 171.787094][ T1454] Workqueue: usb_hub_wq hub_event [ 171.792471][ T1454] ===================================================== [ 171.799540][ T1454] Disabling lock debugging due to kernel taint [ 171.805954][ T1454] Kernel panic - not syncing: kmsan.panic set ... [ 171.812501][ T1454] CPU: 1 PID: 1454 Comm: kworker/1:2 Tainted: G B 6.2.0-syzkaller-81157-g944070199c5e #0 [ 171.823889][ T1454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 171.834087][ T1454] Workqueue: usb_hub_wq hub_event [ 171.839310][ T1454] Call Trace: [ 171.842690][ T1454] [ 171.845722][ T1454] dump_stack_lvl+0x1cc/0x260 [ 171.850550][ T1454] dump_stack+0x1e/0x20 [ 171.854840][ T1454] panic+0x4e1/0xc60 [ 171.858887][ T1454] ? kmsan_get_shadow_origin_ptr+0x10/0xa0 [ 171.864917][ T1454] ? add_taint+0x108/0x1a0 [ 171.869498][ T1454] kmsan_report+0x2d0/0x2d0 [ 171.874169][ T1454] ? __msan_warning+0x96/0x110 [ 171.879104][ T1454] ? mii_nway_restart+0x11b/0x1e0 [ 171.884343][ T1454] ? dm9601_bind+0xa1d/0xb60 [ 171.889101][ T1454] ? usbnet_probe+0xf94/0x3df0 [ 171.893990][ T1454] ? usb_probe_interface+0xc75/0x1210 [ 171.899540][ T1454] ? really_probe+0x507/0x1000 [ 171.904498][ T1454] ? __driver_probe_device+0x300/0x3e0 [ 171.910139][ T1454] ? driver_probe_device+0x72/0x7b0 [ 171.915590][ T1454] ? __device_attach_driver+0x55a/0x8f0 [ 171.921334][ T1454] ? bus_for_each_drv+0x200/0x360 [ 171.926564][ T1454] ? __device_attach+0x42b/0x720 [ 171.931663][ T1454] ? device_initial_probe+0x32/0x40 [ 171.937160][ T1454] ? bus_probe_device+0x141/0x3b0 [ 171.942348][ T1454] ? device_add+0x1d3c/0x26b0 [ 171.947228][ T1454] ? usb_set_configuration+0x30b9/0x37b0 [ 171.953122][ T1454] ? usb_generic_driver_probe+0x109/0x2a0 [ 171.959058][ T1454] ? usb_probe_device+0x290/0x4a0 [ 171.964255][ T1454] ? really_probe+0x507/0x1000 [ 171.969282][ T1454] ? __driver_probe_device+0x300/0x3e0 [ 171.974997][ T1454] ? driver_probe_device+0x72/0x7b0 [ 171.980473][ T1454] ? __device_attach_driver+0x55a/0x8f0 [ 171.986340][ T1454] ? bus_for_each_drv+0x200/0x360 [ 171.991600][ T1454] ? __device_attach+0x42b/0x720 [ 171.996705][ T1454] ? device_initial_probe+0x32/0x40 [ 172.002089][ T1454] ? bus_probe_device+0x141/0x3b0 [ 172.007368][ T1454] ? device_add+0x1d3c/0x26b0 [ 172.012448][ T1454] ? usb_new_device+0x163b/0x2340 [ 172.017728][ T1454] ? hub_event+0x5777/0x7890 [ 172.022516][ T1454] ? process_one_work+0xb0d/0x1410 [ 172.027842][ T1454] ? worker_thread+0x107b/0x1d60 [ 172.033016][ T1454] ? kthread+0x31f/0x430 [ 172.037467][ T1454] ? ret_from_fork+0x1f/0x30 [ 172.042267][ T1454] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 172.048519][ T1454] ? mutex_unlock+0x28/0x50 [ 172.053203][ T1454] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 172.059211][ T1454] __msan_warning+0x96/0x110 [ 172.064016][ T1454] mii_nway_restart+0x11b/0x1e0 [ 172.069035][ T1454] dm9601_bind+0xa1d/0xb60 [ 172.073626][ T1454] ? eem_linkcmd_complete+0x50/0x50 [ 172.079029][ T1454] usbnet_probe+0xf94/0x3df0 [ 172.083816][ T1454] ? usbnet_disconnect+0x7c0/0x7c0 [ 172.089075][ T1454] usb_probe_interface+0xc75/0x1210 [ 172.094510][ T1454] ? usb_register_driver+0x600/0x600 [ 172.099973][ T1454] really_probe+0x507/0x1000 [ 172.104813][ T1454] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 172.111087][ T1454] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 172.117142][ T1454] __driver_probe_device+0x300/0x3e0 [ 172.122772][ T1454] driver_probe_device+0x72/0x7b0 [ 172.128062][ T1454] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 172.134140][ T1454] __device_attach_driver+0x55a/0x8f0 [ 172.139757][ T1454] bus_for_each_drv+0x200/0x360 [ 172.144848][ T1454] ? coredump_store+0xa0/0xa0 [ 172.149780][ T1454] __device_attach+0x42b/0x720 [ 172.154787][ T1454] device_initial_probe+0x32/0x40 [ 172.159983][ T1454] bus_probe_device+0x141/0x3b0 [ 172.165171][ T1454] device_add+0x1d3c/0x26b0 [ 172.169833][ T1454] usb_set_configuration+0x30b9/0x37b0 [ 172.175470][ T1454] ? usb_set_configuration+0x8e1/0x37b0 [ 172.181325][ T1454] usb_generic_driver_probe+0x109/0x2a0 [ 172.187164][ T1454] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 172.193152][ T1454] ? usb_choose_configuration+0xde0/0xde0 [ 172.199095][ T1454] ? usb_choose_configuration+0xde0/0xde0 [ 172.205044][ T1454] usb_probe_device+0x290/0x4a0 [ 172.210167][ T1454] ? usb_register_device_driver+0x450/0x450 [ 172.216328][ T1454] really_probe+0x507/0x1000 [ 172.221234][ T1454] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 172.227524][ T1454] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 172.233596][ T1454] __driver_probe_device+0x300/0x3e0 [ 172.239107][ T1454] driver_probe_device+0x72/0x7b0 [ 172.244497][ T1454] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 172.250562][ T1454] __device_attach_driver+0x55a/0x8f0 [ 172.256178][ T1454] bus_for_each_drv+0x200/0x360 [ 172.261179][ T1454] ? coredump_store+0xa0/0xa0 [ 172.266120][ T1454] __device_attach+0x42b/0x720 [ 172.271159][ T1454] device_initial_probe+0x32/0x40 [ 172.276381][ T1454] bus_probe_device+0x141/0x3b0 [ 172.281406][ T1454] device_add+0x1d3c/0x26b0 [ 172.286139][ T1454] usb_new_device+0x163b/0x2340 [ 172.291224][ T1454] hub_event+0x5777/0x7890 [ 172.295819][ T1454] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 172.301822][ T1454] ? led_work+0x740/0x740 [ 172.306308][ T1454] ? led_work+0x740/0x740 [ 172.310750][ T1454] process_one_work+0xb0d/0x1410 [ 172.315920][ T1454] worker_thread+0x107b/0x1d60 [ 172.320942][ T1454] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 172.326938][ T1454] ? __kthread_parkme+0x170/0x1b0 [ 172.332193][ T1454] kthread+0x31f/0x430 [ 172.336451][ T1454] ? worker_clr_flags+0x2b0/0x2b0 [ 172.341656][ T1454] ? kthread_blkcg+0x120/0x120 [ 172.346648][ T1454] ret_from_fork+0x1f/0x30 [ 172.351271][ T1454] [ 172.354577][ T1454] Kernel Offset: disabled [ 172.358983][ T1454] Rebooting in 86400 seconds..