[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.103' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 150.613029][ T58] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 150.983328][ T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 151.003273][ T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 151.019322][ T58] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.40 [ 151.029801][ T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.052835][ T58] usb 1-1: config 0 descriptor?? [ 151.545788][ T58] cm6533_jd 0003:0D8C:0022.0001: No inputs registered, leaving [ 151.607777][ T58] cm6533_jd 0003:0D8C:0022.0001: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0 [ 151.844095][ T8218] ===================================================== [ 151.857359][ T8218] BUG: KMSAN: kernel-usb-infoleak in kmsan_handle_urb+0x28/0x40 [ 151.870680][ T8218] CPU: 1 PID: 8218 Comm: syz-executor502 Not tainted 5.12.0-rc6-syzkaller #0 [ 151.884470][ T8218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 151.896521][ T8218] Call Trace: [ 151.902399][ T8218] dump_stack+0x24c/0x2e0 [ 151.910855][ T8218] kmsan_report+0xfb/0x1e0 [ 151.918064][ T8218] kmsan_internal_check_memory+0x48c/0x520 [ 151.925662][ T8218] kmsan_handle_urb+0x28/0x40 [ 151.932842][ T8218] usb_submit_urb+0x89f/0x2590 [ 151.938185][ T8218] hid_submit_ctrl+0xbe2/0x11e0 [ 151.946224][ T8218] usbhid_restart_ctrl_queue+0x3e9/0x5c0 [ 151.955160][ T8218] usbhid_submit_report+0xa6c/0x13a0 [ 151.964004][ T8218] usbhid_init_reports+0xf1/0x5b0 [ 151.971875][ T8218] hiddev_ioctl+0x1167/0x3a80 [ 151.979467][ T8218] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 151.994071][ T8218] ? security_file_ioctl+0x1bd/0x210 [ 152.002956][ T8218] ? kmsan_get_metadata+0x116/0x180 [ 152.009272][ T8218] ? hiddev_poll+0x3a0/0x3a0 [ 152.014845][ T8218] __se_sys_ioctl+0x311/0x4d0 [ 152.022185][ T8218] __x64_sys_ioctl+0x4a/0x70 [ 152.027837][ T8218] do_syscall_64+0x9f/0x140 [ 152.032650][ T8218] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 152.040041][ T8218] RIP: 0033:0x445269 [ 152.044212][ T8218] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 152.083298][ T8218] RSP: 002b:00007fffe87f8be8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 152.095115][ T8218] RAX: ffffffffffffffda RBX: 00000000004004a0 RCX: 0000000000445269 [ 152.107275][ T8218] RDX: 0000000000000000 RSI: 0000000000004805 RDI: 0000000000000004 [ 152.116768][ T8218] RBP: 0000000000000000 R08: 0000000000000001 R09: 00007fffe87f8d88 [ 152.126278][ T8218] R10: 000000000000000f R11: 0000000000000246 R12: 00000000004042c0 [ 152.136817][ T8218] R13: 431bde82d7b634db R14: 00000000004b3018 R15: 00000000004004a0 [ 152.147163][ T8218] [ 152.152436][ T8218] Uninit was created at: [ 152.157526][ T8218] kmsan_save_stack_with_flags+0x3c/0x90 [ 152.164945][ T8218] kmsan_alloc_page+0xd0/0x1e0 [ 152.171247][ T8218] __alloc_pages_nodemask+0x827/0xf90 [ 152.177777][ T8218] alloc_pages_current+0x7b6/0xb60 [ 152.183698][ T8218] kmalloc_order+0xaa/0x3e0 [ 152.191522][ T8218] kmalloc_order_trace+0x80/0x1f0 [ 152.199682][ T8218] __kmalloc+0x416/0x550 [ 152.204338][ T8218] hcd_buffer_alloc+0x276/0x5e0 [ 152.210379][ T8218] usb_alloc_coherent+0x11a/0x190 [ 152.216502][ T8218] usbhid_start+0x106c/0x3ee0 [ 152.223199][ T8218] hid_hw_start+0xa6/0x2a0 [ 152.232146][ T8218] cmhid_probe+0x218/0x3e0 [ 152.243524][ T8218] hid_device_probe+0x480/0x940 [ 152.255303][ T8218] really_probe+0xd16/0x24d0 [ 152.266417][ T8218] driver_probe_device+0x29d/0x3a0 [ 152.274772][ T8218] __device_attach_driver+0x63f/0x830 [ 152.282976][ T8218] bus_for_each_drv+0x2c8/0x3f0 [ 152.290013][ T8218] __device_attach+0x56a/0x890 [ 152.295688][ T8218] device_initial_probe+0x4a/0x60 [ 152.302209][ T8218] bus_probe_device+0x17e/0x3d0 [ 152.309305][ T8218] device_add+0x2c15/0x31d0 [ 152.318598][ T8218] hid_add_device+0x15f0/0x1760 [ 152.326697][ T8218] usbhid_probe+0x153e/0x1860 [ 152.334482][ T8218] usb_probe_interface+0xfcc/0x1520 [ 152.352296][ T8218] really_probe+0xe15/0x24d0 [ 152.366332][ T8218] driver_probe_device+0x29d/0x3a0 [ 152.375735][ T8218] __device_attach_driver+0x63f/0x830 [ 152.383940][ T8218] bus_for_each_drv+0x2c8/0x3f0 [ 152.392068][ T8218] __device_attach+0x56a/0x890 [ 152.397690][ T8218] device_initial_probe+0x4a/0x60 [ 152.406135][ T8218] bus_probe_device+0x17e/0x3d0 [ 152.415838][ T8218] device_add+0x2c15/0x31d0 [ 152.423130][ T8218] usb_set_configuration+0x3872/0x3eb0 [ 152.430281][ T8218] usb_generic_driver_probe+0x138/0x300 [ 152.440593][ T8218] usb_probe_device+0x317/0x570 [ 152.450297][ T8218] really_probe+0xe15/0x24d0 [ 152.464699][ T8218] driver_probe_device+0x29d/0x3a0 [ 152.479743][ T8218] __device_attach_driver+0x63f/0x830 [ 152.494931][ T8218] bus_for_each_drv+0x2c8/0x3f0 [ 152.504919][ T8218] __device_attach+0x56a/0x890 [ 152.512040][ T8218] device_initial_probe+0x4a/0x60 [ 152.520624][ T8218] bus_probe_device+0x17e/0x3d0 [ 152.526243][ T8218] device_add+0x2c15/0x31d0 [ 152.531315][ T8218] usb_new_device+0x1bd4/0x2a30 [ 152.536921][ T8218] hub_event+0x5b99/0x8870 [ 152.542322][ T8218] process_one_work+0x1219/0x1fe0 [ 152.547717][ T8218] worker_thread+0x10ec/0x2340 [ 152.554640][ T8218] kthread+0x521/0x560 [ 152.561497][ T8218] ret_from_fork+0x1f/0x30 [ 152.567665][ T8218] [ 152.571033][ T8218] Bytes 0-16383 of 16384 are uninitialized [ 152.580503][ T8218] Memory access of size 16384 starts at ffff88811ec2c000 [ 152.592859][ T8218] ===================================================== [ 152.605264][ T8218] Disabling lock debugging due to kernel taint executing program [ 153.253005][ T58] usb 1-1: reset high-speed USB device number 2 using dummy_hcd [ 154.153411][ T8236] ===================================================== [ 154.161620][ T8236] BUG: KMSAN: kernel-usb-infoleak in kmsan_handle_urb+0x28/0x40 [ 154.170728][ T8236] CPU: 1 PID: 8236 Comm: syz-executor502 Tainted: G B 5.12.0-rc6-syzkaller #0 [ 154.182859][ T8236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 154.193845][ T8236] Call Trace: [ 154.198067][ T8236] dump_stack+0x24c/0x2e0 [ 154.203181][ T8236] kmsan_report+0xfb/0x1e0 [ 154.208642][ T8236] kmsan_internal_check_memory+0x48c/0x520 [ 154.215921][ T8236] kmsan_handle_urb+0x28/0x40 [ 154.221854][ T8236] usb_submit_urb+0x89f/0x2590 [ 154.228009][ T8236] hid_submit_ctrl+0xbe2/0x11e0 [ 154.234645][ T8236] usbhid_restart_ctrl_queue+0x3e9/0x5c0 [ 154.242021][ T8236] usbhid_submit_report+0xa6c/0x13a0 [ 154.249599][ T8236] usbhid_init_reports+0xf1/0x5b0 [ 154.254928][ T8236] hiddev_ioctl+0x1167/0x3a80 [ 154.261246][ T8236] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 154.272612][ T8236] ? security_file_ioctl+0x1bd/0x210 [ 154.280630][ T8236] ? kmsan_get_metadata+0x116/0x180 [ 154.287812][ T8236] ? hiddev_poll+0x3a0/0x3a0 [ 154.293014][ T8236] __se_sys_ioctl+0x311/0x4d0 [ 154.299799][ T8236] __x64_sys_ioctl+0x4a/0x70 [ 154.307973][ T8236] do_syscall_64+0x9f/0x140 [ 154.316582][ T8236] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 154.326232][ T8236] RIP: 0033:0x445269 [ 154.331779][ T8236] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 154.375680][ T8236] RSP: 002b:00007fffe87f8be8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 154.385627][ T8236] RAX: ffffffffffffffda RBX: 0000000000024b79 RCX: 0000000000445269 [ 154.394659][ T8236] RDX: 0000000000000000 RSI: 0000000000004805 RDI: 0000000000000004 [ 154.409673][ T8236] RBP: 0000000000000000 R08: 0000000000000001 R09: 00007fffe87f8d88 [ 154.423798][ T8236] R10: 000000000000000f R11: 0000000000000246 R12: 00007fffe87f8bfc [ 154.440857][ T8236] R13: 431bde82d7b634db R14: 00000000004b3018 R15: 00000000004004a0 [ 154.453893][ T8236] [ 154.456796][ T8236] Uninit was created at: [ 154.464155][ T8236] kmsan_save_stack_with_flags+0x3c/0x90 [ 154.474714][ T8236] kmsan_alloc_page+0xd0/0x1e0 [ 154.481628][ T8236] __alloc_pages_nodemask+0x827/0xf90 [ 154.489387][ T8236] alloc_pages_current+0x7b6/0xb60 [ 154.498328][ T8236] kmalloc_order+0xaa/0x3e0 [ 154.507095][ T8236] kmalloc_order_trace+0x80/0x1f0 [ 154.518227][ T8236] __kmalloc+0x416/0x550 [ 154.523466][ T8236] hcd_buffer_alloc+0x276/0x5e0 [ 154.530619][ T8236] usb_alloc_coherent+0x11a/0x190 [ 154.535934][ T8236] usbhid_start+0x106c/0x3ee0 [ 154.541883][ T8236] hid_hw_start+0xa6/0x2a0 [ 154.547537][ T8236] cmhid_probe+0x218/0x3e0 [ 154.553482][ T8236] hid_device_probe+0x480/0x940 [ 154.559149][ T8236] really_probe+0xd16/0x24d0 [ 154.565393][ T8236] driver_probe_device+0x29d/0x3a0 [ 154.573463][ T8236] __device_attach_driver+0x63f/0x830 [ 154.580540][ T8236] bus_for_each_drv+0x2c8/0x3f0 [ 154.588005][ T8236] __device_attach+0x56a/0x890 [ 154.594967][ T8236] device_initial_probe+0x4a/0x60 [ 154.600756][ T8236] bus_probe_device+0x17e/0x3d0 [ 154.606368][ T8236] device_add+0x2c15/0x31d0 [ 154.611210][ T8236] hid_add_device+0x15f0/0x1760 [ 154.617862][ T8236] usbhid_probe+0x153e/0x1860 [ 154.624582][ T8236] usb_probe_interface+0xfcc/0x1520 [ 154.632293][ T8236] really_probe+0xe15/0x24d0 [ 154.638167][ T8236] driver_probe_device+0x29d/0x3a0 [ 154.647024][ T8236] __device_attach_driver+0x63f/0x830 [ 154.656284][ T8236] bus_for_each_drv+0x2c8/0x3f0 [ 154.663129][ T8236] __device_attach+0x56a/0x890 [ 154.676667][ T8236] device_initial_probe+0x4a/0x60 [ 154.692163][ T8236] bus_probe_device+0x17e/0x3d0 [ 154.703120][ T8236] device_add+0x2c15/0x31d0 [ 154.710922][ T8236] usb_set_configuration+0x3872/0x3eb0 [ 154.718878][ T8236] usb_generic_driver_probe+0x138/0x300 [ 154.725762][ T8236] usb_probe_device+0x317/0x570 [ 154.732169][ T8236] really_probe+0xe15/0x24d0 [ 154.738822][ T8236] driver_probe_device+0x29d/0x3a0 [ 154.745981][ T8236] __device_attach_driver+0x63f/0x830 [ 154.755571][ T8236] bus_for_each_drv+0x2c8/0x3f0 [ 154.765053][ T8236] __device_attach+0x56a/0x890 [ 154.773931][ T8236] device_initial_probe+0x4a/0x60 [ 154.781200][ T8236] bus_probe_device+0x17e/0x3d0 [ 154.790746][ T8236] device_add+0x2c15/0x31d0 [ 154.797185][ T8236] usb_new_device+0x1bd4/0x2a30 [ 154.805120][ T8236] hub_event+0x5b99/0x8870 [ 154.810524][ T8236] process_one_work+0x1219/0x1fe0 [ 154.818528][ T8236] worker_thread+0x10ec/0x2340 [ 154.823841][ T8236] kthread+0x521/0x560 [ 154.828906][ T8236] ret_from_fork+0x1f/0x30 [ 154.833536][ T8236] [ 154.836185][ T8236] Bytes 0-16383 of 16384 are uninitialized [ 154.842864][ T8236] Memory access of size 16384 starts at ffff88811ec2c000 [ 154.858914][ T8236] ===================================================== executing program [ 159.272858][ T58] usb 1-1: reset high-speed USB device number 2 using dummy_hcd [ 160.173402][ T8240] ===================================================== [ 160.180394][ T8240] BUG: KMSAN: kernel-usb-infoleak in kmsan_handle_urb+0x28/0x40 [ 160.188035][ T8240] CPU: 1 PID: 8240 Comm: syz-executor502 Tainted: G B 5.12.0-rc6-syzkaller #0 [ 160.198360][ T8240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 160.208605][ T8240] Call Trace: [ 160.211895][ T8240] dump_stack+0x24c/0x2e0 [ 160.216280][ T8240] kmsan_report+0xfb/0x1e0 [ 160.220741][ T8240] kmsan_internal_check_memory+0x48c/0x520 [ 160.226639][ T8240] kmsan_handle_urb+0x28/0x40 [ 160.231325][ T8240] usb_submit_urb+0x89f/0x2590 [ 160.236089][ T8240] hid_submit_ctrl+0xbe2/0x11e0 [ 160.240944][ T8240] usbhid_restart_ctrl_queue+0x3e9/0x5c0 [ 160.246745][ T8240] usbhid_submit_report+0xa6c/0x13a0 [ 160.252136][ T8240] usbhid_init_reports+0xf1/0x5b0 [ 160.257180][ T8240] hiddev_ioctl+0x1167/0x3a80 [ 160.262051][ T8240] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 160.268751][ T8240] ? security_file_ioctl+0x1bd/0x210 [ 160.274138][ T8240] ? kmsan_get_metadata+0x116/0x180 [ 160.279452][ T8240] ? hiddev_poll+0x3a0/0x3a0 [ 160.284064][ T8240] __se_sys_ioctl+0x311/0x4d0 [ 160.288923][ T8240] __x64_sys_ioctl+0x4a/0x70 [ 160.293512][ T8240] do_syscall_64+0x9f/0x140 [ 160.298020][ T8240] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 160.303937][ T8240] RIP: 0033:0x445269 [ 160.307848][ T8240] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 160.327715][ T8240] RSP: 002b:00007fffe87f8be8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 160.336241][ T8240] RAX: ffffffffffffffda RBX: 0000000000025568 RCX: 0000000000445269 [ 160.344299][ T8240] RDX: 0000000000000000 RSI: 0000000000004805 RDI: 0000000000000004 [ 160.352378][ T8240] RBP: 0000000000000000 R08: 0000000000000001 R09: 00007fffe87f8d88 [ 160.361481][ T8240] R10: 000000000000000f R11: 0000000000000246 R12: 00007fffe87f8bfc [ 160.371120][ T8240] R13: 431bde82d7b634db R14: 00000000004b3018 R15: 00000000004004a0 [ 160.379862][ T8240] [ 160.382309][ T8240] Uninit was created at: [ 160.386544][ T8240] kmsan_save_stack_with_flags+0x3c/0x90 [ 160.392577][ T8240] kmsan_alloc_page+0xd0/0x1e0 [ 160.397387][ T8240] __alloc_pages_nodemask+0x827/0xf90 [ 160.402884][ T8240] alloc_pages_current+0x7b6/0xb60 [ 160.408008][ T8240] kmalloc_order+0xaa/0x3e0 [ 160.412795][ T8240] kmalloc_order_trace+0x80/0x1f0 [ 160.417873][ T8240] __kmalloc+0x416/0x550 [ 160.422239][ T8240] hcd_buffer_alloc+0x276/0x5e0 [ 160.427138][ T8240] usb_alloc_coherent+0x11a/0x190 [ 160.432165][ T8240] usbhid_start+0x106c/0x3ee0 [ 160.437329][ T8240] hid_hw_start+0xa6/0x2a0 [ 160.442286][ T8240] cmhid_probe+0x218/0x3e0 [ 160.446711][ T8240] hid_device_probe+0x480/0x940 [ 160.451953][ T8240] really_probe+0xd16/0x24d0 [ 160.456615][ T8240] driver_probe_device+0x29d/0x3a0 [ 160.461944][ T8240] __device_attach_driver+0x63f/0x830 [ 160.468099][ T8240] bus_for_each_drv+0x2c8/0x3f0 [ 160.472960][ T8240] __device_attach+0x56a/0x890 [ 160.477753][ T8240] device_initial_probe+0x4a/0x60 [ 160.482778][ T8240] bus_probe_device+0x17e/0x3d0 [ 160.487656][ T8240] device_add+0x2c15/0x31d0 [ 160.492156][ T8240] hid_add_device+0x15f0/0x1760 [ 160.497024][ T8240] usbhid_probe+0x153e/0x1860 [ 160.501881][ T8240] usb_probe_interface+0xfcc/0x1520 [ 160.507167][ T8240] really_probe+0xe15/0x24d0 [ 160.511796][ T8240] driver_probe_device+0x29d/0x3a0 [ 160.517034][ T8240] __device_attach_driver+0x63f/0x830 [ 160.522503][ T8240] bus_for_each_drv+0x2c8/0x3f0 [ 160.527452][ T8240] __device_attach+0x56a/0x890 [ 160.532342][ T8240] device_initial_probe+0x4a/0x60 [ 160.537550][ T8240] bus_probe_device+0x17e/0x3d0 [ 160.543481][ T8240] device_add+0x2c15/0x31d0 [ 160.548125][ T8240] usb_set_configuration+0x3872/0x3eb0 [ 160.554383][ T8240] usb_generic_driver_probe+0x138/0x300 [ 160.559991][ T8240] usb_probe_device+0x317/0x570 [ 160.564846][ T8240] really_probe+0xe15/0x24d0 [ 160.569565][ T8240] driver_probe_device+0x29d/0x3a0 [ 160.574682][ T8240] __device_attach_driver+0x63f/0x830 [ 160.580099][ T8240] bus_for_each_drv+0x2c8/0x3f0 [ 160.585041][ T8240] __device_attach+0x56a/0x890 [ 160.589961][ T8240] device_initial_probe+0x4a/0x60 [ 160.595133][ T8240] bus_probe_device+0x17e/0x3d0 [ 160.599993][ T8240] device_add+0x2c15/0x31d0 [ 160.604558][ T8240] usb_new_device+0x1bd4/0x2a30 [ 160.609623][ T8240] hub_event+0x5b99/0x8870 [ 160.614080][ T8240] process_one_work+0x1219/0x1fe0 [ 160.619215][ T8240] worker_thread+0x10ec/0x2340 [ 160.623975][ T8240] kthread+0x521/0x560 [ 160.628043][ T8240] ret_from_fork+0x1f/0x30 [ 160.632461][ T8240] [ 160.634778][ T8240] Bytes 0-16383 of 16384 are uninitialized [ 160.640690][ T8240] Memory access of size 16384 starts at ffff88811ec2c000 [ 160.647699][ T8240] =====================================================