./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1566278634 <...> Warning: Permanently added '10.128.1.36' (ED25519) to the list of known hosts. execve("./syz-executor1566278634", ["./syz-executor1566278634"], 0x7fffc8d0e540 /* 10 vars */) = 0 brk(NULL) = 0x55555667d000 brk(0x55555667dd00) = 0x55555667dd00 arch_prctl(ARCH_SET_FS, 0x55555667d380) = 0 set_tid_address(0x55555667d650) = 4989 set_robust_list(0x55555667d660, 24) = 0 rseq(0x55555667dca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1566278634", 4096) = 28 getrandom("\xd4\x3a\xe7\x77\xf2\xef\xdd\x59", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555667dd00 brk(0x55555669ed00) = 0x55555669ed00 brk(0x55555669f000) = 0x55555669f000 mprotect(0x7ff293941000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555667d650) = 4990 ./strace-static-x86_64: Process 4990 attached [pid 4990] set_robust_list(0x55555667d660, 24) = 0 [pid 4990] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4990] setpgid(0, 0) = 0 [pid 4990] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4990] write(3, "1000", 4) = 4 [pid 4990] close(3) = 0 [pid 4990] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 4990] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff1ec4f8c0) = 0 [pid 4990] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8c0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8c0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff1ec4e8b0) = 18 [ 145.741240][ T773] usb 1-1: new high-speed USB device number 2 using dummy_hcd [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8c0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff1ec4e8b0) = 18 [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8c0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff1ec4e8b0) = 9 [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8c0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff1ec4e8b0) = 36 [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8c0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff1ec4e8b0) = 4 [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8c0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff1ec4e8b0) = 8 [ 146.101566][ T773] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 16 [ 146.112928][ T773] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8c0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff1ec4e8b0) = 8 [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8c0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff1ec4e8b0) = 8 [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8c0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff1ec4e8b0) = 0 [ 146.281650][ T773] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=6f.8d [ 146.291595][ T773] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.299769][ T773] usb 1-1: Product: syz [ 146.304282][ T773] usb 1-1: Manufacturer: syz [ 146.309168][ T773] usb 1-1: SerialNumber: syz [ 146.318549][ T773] usb 1-1: config 0 descriptor?? [ 146.365743][ T773] smsc95xx v2.0.0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8e0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff1ec4e8d0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8e0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EP0_STALL, 0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8e0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff1ec4e8d0) = 4 [ 146.801754][ T773] smsc95xx 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 146.812780][ T773] smsc95xx 1-1:0.0 (unnamed net_device) (uninitialized): Error reading E2P_CMD [pid 4990] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8e0) = 0 [pid 4990] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff1ec4e8d0) = 0 [ 147.072161][ T773] ===================================================== [ 147.080231][ T773] BUG: KMSAN: uninit-value in smsc95xx_reset+0x409/0x25f0 [ 147.087681][ T773] smsc95xx_reset+0x409/0x25f0 [ 147.092768][ T773] smsc95xx_bind+0x9bc/0x22e0 [ 147.097654][ T773] usbnet_probe+0x100b/0x4060 [ 147.102673][ T773] usb_probe_interface+0xc75/0x1210 [ 147.107988][ T773] really_probe+0x506/0xf40 [ 147.112693][ T773] __driver_probe_device+0x2a7/0x5d0 [ 147.118132][ T773] driver_probe_device+0x72/0x7b0 [ 147.123464][ T773] __device_attach_driver+0x55a/0x8f0 [ 147.129012][ T773] bus_for_each_drv+0x3ff/0x620 [ 147.134068][ T773] __device_attach+0x3bd/0x640 [ 147.138976][ T773] device_initial_probe+0x32/0x40 [ 147.144281][ T773] bus_probe_device+0x3d8/0x5a0 [ 147.149292][ T773] device_add+0x16ae/0x1f20 [ 147.154168][ T773] usb_set_configuration+0x31c9/0x38c0 [ 147.159805][ T773] usb_generic_driver_probe+0x109/0x2a0 [ 147.165637][ T773] usb_probe_device+0x290/0x4a0 [pid 4990] exit_group(0) = ? [ 147.170656][ T773] really_probe+0x506/0xf40 [ 147.175350][ T773] __driver_probe_device+0x2a7/0x5d0 [ 147.180849][ T773] driver_probe_device+0x72/0x7b0 [ 147.186175][ T773] __device_attach_driver+0x55a/0x8f0 [ 147.191749][ T773] bus_for_each_drv+0x3ff/0x620 [ 147.196703][ T773] __device_attach+0x3bd/0x640 [ 147.201824][ T773] device_initial_probe+0x32/0x40 [ 147.206999][ T773] bus_probe_device+0x3d8/0x5a0 [ 147.212223][ T773] device_add+0x16ae/0x1f20 [ 147.216923][ T773] usb_new_device+0x15f6/0x22f0 [pid 4990] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4990, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555667d650) = 4992 [ 147.222052][ T773] hub_event+0x53bc/0x7290 [ 147.226630][ T773] process_scheduled_works+0x104e/0x1e70 [ 147.232562][ T773] worker_thread+0xf45/0x1490 [ 147.237396][ T773] kthread+0x3e8/0x540 [ 147.241802][ T773] ret_from_fork+0x66/0x80 [ 147.246382][ T773] ret_from_fork_asm+0x11/0x20 [ 147.251471][ T773] [ 147.253862][ T773] Local variable buf.i225 created at: [ 147.259300][ T773] smsc95xx_reset+0x203/0x25f0 [ 147.264456][ T773] smsc95xx_bind+0x9bc/0x22e0 [ 147.269323][ T773] [ 147.271908][ T773] CPU: 1 PID: 773 Comm: kworker/1:2 Not tainted 6.6.0-rc1-syzkaller-00125-ge42bebf6db29 #0 [ 147.282261][ T773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 147.293385][ T773] Workqueue: usb_hub_wq hub_event [ 147.298599][ T773] ===================================================== [ 147.305755][ T773] Disabling lock debugging due to kernel taint [ 147.313930][ T773] Kernel panic - not syncing: kmsan.panic set ... ./strace-static-x86_64: Process 4992 attached [pid 4992] set_robust_list(0x55555667d660, 24) = 0 [pid 4992] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4992] setpgid(0, 0) = 0 [pid 4992] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4992] write(3, "1000", 4) = 4 [pid 4992] close(3) = 0 [ 147.320463][ T773] CPU: 1 PID: 773 Comm: kworker/1:2 Tainted: G B 6.6.0-rc1-syzkaller-00125-ge42bebf6db29 #0 [ 147.332094][ T773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 147.342285][ T773] Workqueue: usb_hub_wq hub_event [ 147.347483][ T773] Call Trace: [ 147.350852][ T773] [ 147.353876][ T773] dump_stack_lvl+0x1bf/0x240 [ 147.358771][ T773] dump_stack+0x1e/0x20 [ 147.363100][ T773] panic+0x4d5/0xc70 [ 147.367163][ T773] ? add_taint+0x108/0x1a0 [pid 4992] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 4992] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff1ec4f8c0) = 0 [pid 4992] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 4992] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff1ec4f8c0) = 0 [ 147.371743][ T773] kmsan_report+0x2d0/0x2d0 [ 147.376431][ T773] ? __msan_warning+0x96/0x110 [ 147.381352][ T773] ? smsc95xx_reset+0x409/0x25f0 [ 147.386489][ T773] ? smsc95xx_bind+0x9bc/0x22e0 [ 147.391533][ T773] ? usbnet_probe+0x100b/0x4060 [ 147.396543][ T773] ? usb_probe_interface+0xc75/0x1210 [ 147.402118][ T773] ? really_probe+0x506/0xf40 [ 147.406977][ T773] ? __driver_probe_device+0x2a7/0x5d0 [ 147.412617][ T773] ? driver_probe_device+0x72/0x7b0 [ 147.418001][ T773] ? __device_attach_driver+0x55a/0x8f0 [ 147.423729][ T773] ? bus_for_each_drv+0x3ff/0x620 [ 147.428920][ T773] ? __device_attach+0x3bd/0x640 [ 147.434034][ T773] ? device_initial_probe+0x32/0x40 [ 147.439407][ T773] ? bus_probe_device+0x3d8/0x5a0 [ 147.444587][ T773] ? device_add+0x16ae/0x1f20 [ 147.449452][ T773] ? usb_set_configuration+0x31c9/0x38c0 [ 147.455287][ T773] ? usb_generic_driver_probe+0x109/0x2a0 [ 147.461204][ T773] ? usb_probe_device+0x290/0x4a0 [ 147.466428][ T773] ? really_probe+0x506/0xf40 [ 147.471277][ T773] ? __driver_probe_device+0x2a7/0x5d0 [ 147.476916][ T773] ? driver_probe_device+0x72/0x7b0 [ 147.482298][ T773] ? __device_attach_driver+0x55a/0x8f0 [ 147.488027][ T773] ? bus_for_each_drv+0x3ff/0x620 [ 147.493210][ T773] ? __device_attach+0x3bd/0x640 [ 147.498293][ T773] ? device_initial_probe+0x32/0x40 [ 147.503602][ T773] ? bus_probe_device+0x3d8/0x5a0 [ 147.508781][ T773] ? device_add+0x16ae/0x1f20 [ 147.513574][ T773] ? usb_new_device+0x15f6/0x22f0 [ 147.518708][ T773] ? hub_event+0x53bc/0x7290 [ 147.523458][ T773] ? process_scheduled_works+0x104e/0x1e70 [ 147.529418][ T773] ? worker_thread+0xf45/0x1490 [ 147.534426][ T773] ? kthread+0x3e8/0x540 [ 147.538843][ T773] ? ret_from_fork+0x66/0x80 [ 147.543620][ T773] ? ret_from_fork_asm+0x11/0x20 [ 147.548716][ T773] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 147.554627][ T773] ? __pm_runtime_idle+0x251/0x400 [ 147.559855][ T773] ? usb_autopm_put_interface+0xa3/0xe0 [ 147.565596][ T773] ? usbnet_read_cmd+0x354/0x3b0 [ 147.570653][ T773] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 147.576645][ T773] __msan_warning+0x96/0x110 [ 147.581333][ T773] smsc95xx_reset+0x409/0x25f0 [ 147.586221][ T773] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 147.592190][ T773] smsc95xx_bind+0x9bc/0x22e0 [ 147.596990][ T773] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 147.602909][ T773] ? remove_migration_pte+0xa27/0x1bd0 [ 147.608499][ T773] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 147.614465][ T773] ? smsc95xx_start_tx_path+0x5f0/0x5f0 [ 147.620150][ T773] ? smsc95xx_start_tx_path+0x5f0/0x5f0 [ 147.625883][ T773] usbnet_probe+0x100b/0x4060 [ 147.630734][ T773] ? ktime_get_mono_fast_ns+0x337/0x400 [ 147.636486][ T773] ? usbnet_disconnect+0x7c0/0x7c0 [ 147.641736][ T773] usb_probe_interface+0xc75/0x1210 [ 147.647126][ T773] ? usb_register_driver+0x600/0x600 [ 147.652543][ T773] really_probe+0x506/0xf40 [ 147.657225][ T773] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 147.663473][ T773] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 147.669448][ T773] __driver_probe_device+0x2a7/0x5d0 [ 147.674941][ T773] driver_probe_device+0x72/0x7b0 [ 147.680132][ T773] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 147.686072][ T773] __device_attach_driver+0x55a/0x8f0 [ 147.691639][ T773] bus_for_each_drv+0x3ff/0x620 [ 147.696652][ T773] ? coredump_store+0xa0/0xa0 [ 147.701519][ T773] __device_attach+0x3bd/0x640 [ 147.706420][ T773] device_initial_probe+0x32/0x40 [ 147.711660][ T773] bus_probe_device+0x3d8/0x5a0 [ 147.716683][ T773] device_add+0x16ae/0x1f20 [ 147.721349][ T773] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 147.727356][ T773] usb_set_configuration+0x31c9/0x38c0 [ 147.733016][ T773] ? usb_set_configuration+0x8c1/0x38c0 [ 147.738742][ T773] usb_generic_driver_probe+0x109/0x2a0 [ 147.744479][ T773] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 147.750450][ T773] ? usb_choose_configuration+0xde0/0xde0 [ 147.756307][ T773] ? usb_choose_configuration+0xde0/0xde0 [ 147.762183][ T773] usb_probe_device+0x290/0x4a0 [ 147.767231][ T773] ? usb_register_device_driver+0x450/0x450 [ 147.773295][ T773] really_probe+0x506/0xf40 [ 147.777984][ T773] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 147.784241][ T773] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 147.790224][ T773] __driver_probe_device+0x2a7/0x5d0 [ 147.795657][ T773] driver_probe_device+0x72/0x7b0 [ 147.800846][ T773] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 147.806779][ T773] __device_attach_driver+0x55a/0x8f0 [ 147.812327][ T773] bus_for_each_drv+0x3ff/0x620 [ 147.817285][ T773] ? coredump_store+0xa0/0xa0 [ 147.822239][ T773] __device_attach+0x3bd/0x640 [ 147.827162][ T773] device_initial_probe+0x32/0x40 [ 147.832297][ T773] bus_probe_device+0x3d8/0x5a0 [ 147.837320][ T773] device_add+0x16ae/0x1f20 [ 147.842030][ T773] usb_new_device+0x15f6/0x22f0 [ 147.847042][ T773] hub_event+0x53bc/0x7290 [ 147.851603][ T773] ? led_work+0x740/0x740 [ 147.856017][ T773] process_scheduled_works+0x104e/0x1e70 [ 147.861824][ T773] worker_thread+0xf45/0x1490 [ 147.866673][ T773] kthread+0x3e8/0x540 [ 147.870960][ T773] ? pr_cont_work+0xce0/0xce0 [ 147.875794][ T773] ? kthread_blkcg+0x120/0x120 [ 147.880689][ T773] ret_from_fork+0x66/0x80 [ 147.885296][ T773] ? kthread_blkcg+0x120/0x120 [ 147.890253][ T773] ret_from_fork_asm+0x11/0x20 [ 147.895188][ T773] [ 147.898620][ T773] Kernel Offset: disabled [ 147.903025][ T773] Rebooting in 86400 seconds..