./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor529680398 <...> Warning: Permanently added '10.128.1.28' (ED25519) to the list of known hosts. execve("./syz-executor529680398", ["./syz-executor529680398"], 0x7fff56ab7780 /* 10 vars */) = 0 brk(NULL) = 0x555574ded000 brk(0x555574dedd00) = 0x555574dedd00 arch_prctl(ARCH_SET_FS, 0x555574ded380) = 0 set_tid_address(0x555574ded650) = 5051 set_robust_list(0x555574ded660, 24) = 0 rseq(0x555574dedca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor529680398", 4096) = 27 getrandom("\xd8\x5e\x8a\xca\xd2\xed\x9d\xb8", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555574dedd00 brk(0x555574e0ed00) = 0x555574e0ed00 brk(0x555574e0f000) = 0x555574e0f000 mprotect(0x7f74c77c2000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555574ded650) = 5052 ./strace-static-x86_64: Process 5052 attached [pid 5052] set_robust_list(0x555574ded660, 24) = 0 [pid 5052] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5052] setpgid(0, 0) = 0 [pid 5052] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5052] write(3, "1000", 4) = 4 [pid 5052] close(3) = 0 [pid 5052] write(1, "executing program\n", 18executing program ) = 18 [pid 5052] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5052] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff7e8edb90) = 0 [pid 5052] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 18 [pid 5052] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [ 164.994410][ T10] usb 1-1: new high-speed USB device number 2 using dummy_hcd [pid 5052] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 18 [pid 5052] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 9 [pid 5052] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 27 [ 165.184337][ T10] usb 1-1: Using ep0 maxpacket: 32 [ 165.201744][ T10] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 165.210552][ T10] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 165.219642][ T10] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [pid 5052] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f74c77c83ec) = 10 [pid 5052] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff7e8ecb80) = 0 [ 165.228923][ T10] usb 1-1: config 1 has no interface number 0 [ 165.235303][ T10] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 165.246548][ T10] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 165.259785][ T10] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 165.269135][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.310260][ T10] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [pid 5052] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edbc0) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 5052] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f74c77c83ec) = 10 [pid 5052] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff7e8ecbb0) = 0 [ 165.517488][ T10] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached [pid 5052] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7fff7e8edbc0) = 1089 [pid 5052] exit_group(0) = ? [pid 5052] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5052, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555574ded650) = 5055 ./strace-static-x86_64: Process 5055 attached [pid 5055] set_robust_list(0x555574ded660, 24) = 0 [pid 5055] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5055] setpgid(0, 0) = 0 [pid 5055] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5055] write(3, "1000", 4) = 4 [pid 5055] close(3) = 0 [pid 5055] write(1, "executing program\n", 18executing program ) = 18 [pid 5055] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5055] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff7e8edb90) = 0 [pid 5055] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5055] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [ 165.942509][ T44] usb 1-1: USB disconnect, device number 2 [ 165.952070][ T44] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [pid 5055] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5055] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5055] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5055] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 18 [pid 5055] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [ 166.344444][ T44] usb 1-1: new high-speed USB device number 3 using dummy_hcd [pid 5055] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5055] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5055] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 18 [pid 5055] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5055] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 9 [pid 5055] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [ 166.534408][ T44] usb 1-1: Using ep0 maxpacket: 32 [pid 5055] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 27 [ 166.558464][ T44] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 166.567282][ T44] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 166.577925][ T44] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 166.587159][ T44] usb 1-1: config 1 has no interface number 0 [ 166.593443][ T44] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [pid 5055] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5055] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 5055] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 5055] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f74c77c83ec) = 10 [pid 5055] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff7e8ecb80) = 0 [ 166.604604][ T44] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 166.617910][ T44] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 166.627356][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.660374][ T44] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [pid 5055] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edbc0) = 0 [pid 5055] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 5055] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f74c77c83ec) = 10 [pid 5055] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff7e8ecbb0) = 0 [ 166.863946][ T44] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached [pid 5055] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7fff7e8edbc0) = 1089 [pid 5055] exit_group(0) = ? [pid 5055] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5055, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555574ded650) = 5057 ./strace-static-x86_64: Process 5057 attached [pid 5057] set_robust_list(0x555574ded660, 24) = 0 [pid 5057] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5057] setpgid(0, 0) = 0 [pid 5057] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 167.282494][ T10] usb 1-1: USB disconnect, device number 3 [ 167.290088][ T10] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [pid 5057] write(3, "1000", 4) = 4 [pid 5057] close(3) = 0 [pid 5057] write(1, "executing program\n", 18executing program ) = 18 [pid 5057] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5057] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff7e8edb90) = 0 [pid 5057] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 18 [pid 5057] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [ 167.714463][ T10] usb 1-1: new high-speed USB device number 4 using dummy_hcd [pid 5057] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 18 [pid 5057] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 9 [pid 5057] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 27 [ 167.904401][ T10] usb 1-1: Using ep0 maxpacket: 32 [ 167.921098][ T10] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 167.929785][ T10] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 167.938755][ T10] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 167.948021][ T10] usb 1-1: config 1 has no interface number 0 [ 167.954399][ T10] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 167.965636][ T10] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 167.978867][ T10] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 167.988221][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [pid 5057] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f74c77c83ec) = 10 [pid 5057] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff7e8ecb80) = 0 [ 168.049671][ T10] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [pid 5057] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edbc0) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 5057] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f74c77c83ec) = 10 [pid 5057] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff7e8ecbb0) = 0 [ 168.268208][ T10] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached [pid 5057] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7fff7e8edbc0) = 1089 [pid 5057] exit_group(0) = ? [pid 5057] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5057, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program ./strace-static-x86_64: Process 5059 attached [pid 5059] set_robust_list(0x555574ded660, 24) = 0 [pid 5059] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] <... clone resumed>, child_tidptr=0x555574ded650) = 5059 [pid 5059] <... prctl resumed>) = 0 [pid 5059] setpgid(0, 0) = 0 [pid 5059] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5059] write(3, "1000", 4) = 4 [pid 5059] close(3) = 0 [pid 5059] write(1, "executing program\n", 18) = 18 [pid 5059] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5059] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff7e8edb90) = 0 [pid 5059] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5059] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [ 168.680263][ T44] usb 1-1: USB disconnect, device number 4 [ 168.699853][ T44] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [pid 5059] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5059] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5059] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5059] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 18 [pid 5059] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [ 169.094414][ T44] usb 1-1: new high-speed USB device number 5 using dummy_hcd [pid 5059] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5059] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5059] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 18 [pid 5059] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5059] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 9 [pid 5059] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5059] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff7e8ecb80) = 27 [ 169.284422][ T44] usb 1-1: Using ep0 maxpacket: 32 [ 169.306039][ T44] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 169.314791][ T44] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 169.323539][ T44] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 169.333543][ T44] usb 1-1: config 1 has no interface number 0 [ 169.339954][ T44] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [pid 5059] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edb90) = 0 [pid 5059] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 5059] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 5059] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f74c77c83ec) = 10 [pid 5059] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff7e8ecb80) = 0 [ 169.351135][ T44] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 169.364465][ T44] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 169.373874][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.407437][ T44] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [pid 5059] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff7e8edbc0) = 0 [pid 5059] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 5059] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f74c77c83ec) = 10 [pid 5059] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff7e8ecbb0) = 0 [ 169.608230][ T44] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached [ 169.810945][ C1] ===================================================== [ 169.818213][ C1] BUG: KMSAN: uninit-value in line6_midibuf_read+0x40b/0x1050 [ 169.825922][ C1] line6_midibuf_read+0x40b/0x1050 [ 169.831146][ C1] line6_data_received+0x4be/0x7e0 [ 169.836372][ C1] __usb_hcd_giveback_urb+0x572/0x840 [ 169.841837][ C1] usb_hcd_giveback_urb+0x157/0x720 [ 169.847118][ C1] dummy_timer+0xd3f/0x6aa0 [ 169.851728][ C1] __hrtimer_run_queues+0x564/0xe40 [ 169.857091][ C1] hrtimer_interrupt+0x3ab/0x1490 [ 169.862232][ C1] __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 169.868327][ C1] sysvec_apic_timer_interrupt+0x7e/0x90 [ 169.874108][ C1] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 169.880235][ C1] __msan_metadata_ptr_for_load_8+0x0/0x40 [ 169.886266][ C1] unwind_next_frame+0x9d/0x470 [ 169.891207][ C1] arch_stack_walk+0x1ec/0x2d0 [ 169.896086][ C1] stack_trace_save+0xaa/0xe0 [ 169.900945][ C1] kmsan_internal_chain_origin+0x57/0xd0 [ 169.906689][ C1] kmsan_internal_memmove_metadata+0x17b/0x230 [ 169.912958][ C1] __msan_memcpy+0x108/0x1c0 [ 169.917650][ C1] sock_write_iter+0x38e/0x3d0 [ 169.922503][ C1] vfs_write+0xb2f/0x1550 [ 169.926929][ C1] ksys_write+0x20f/0x4c0 [ 169.931355][ C1] __x64_sys_write+0x93/0xe0 [ 169.936047][ C1] x64_sys_call+0x3490/0x3c10 [ 169.940845][ C1] do_syscall_64+0xcd/0x1e0 [ 169.945509][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.951617][ C1] [ 169.953984][ C1] Uninit was created at: [ 169.958367][ C1] __kmalloc_noprof+0x661/0xf30 [ 169.963348][ C1] line6_midibuf_init+0x43/0x180 [ 169.968472][ C1] line6_init_midi+0x3e7/0x670 [ 169.973768][ C1] line6_init_cap_control+0x54e/0x770 [ 169.979244][ C1] line6_probe+0xeae/0x1120 [ 169.983841][ C1] pod_probe+0x79/0x90 [ 169.987982][ C1] usb_probe_interface+0xd6f/0x1350 [ 169.993264][ C1] really_probe+0x4db/0xd90 [ 169.997876][ C1] __driver_probe_device+0x2ab/0x5d0 [ 170.003310][ C1] driver_probe_device+0x72/0x890 [ 170.008631][ C1] __device_attach_driver+0x568/0x9e0 [ 170.014188][ C1] bus_for_each_drv+0x403/0x620 [ 170.019177][ C1] __device_attach+0x3c1/0x650 [ 170.024077][ C1] device_initial_probe+0x32/0x40 [ 170.029227][ C1] bus_probe_device+0x3dc/0x5c0 [ 170.034203][ C1] device_add+0x13aa/0x1ba0 [ 170.038800][ C1] usb_set_configuration+0x31c9/0x38d0 [ 170.044372][ C1] usb_generic_driver_probe+0x109/0x2a0 [ 170.050024][ C1] usb_probe_device+0x3a7/0x690 [ 170.054954][ C1] really_probe+0x4db/0xd90 [ 170.059545][ C1] __driver_probe_device+0x2ab/0x5d0 [ 170.064951][ C1] driver_probe_device+0x72/0x890 [ 170.070649][ C1] __device_attach_driver+0x568/0x9e0 [ 170.076418][ C1] bus_for_each_drv+0x403/0x620 [ 170.081480][ C1] __device_attach+0x3c1/0x650 [ 170.086340][ C1] device_initial_probe+0x32/0x40 [ 170.091460][ C1] bus_probe_device+0x3dc/0x5c0 [ 170.096425][ C1] device_add+0x13aa/0x1ba0 [ 170.101010][ C1] usb_new_device+0x15f4/0x2470 [ 170.105958][ C1] hub_event+0x4ff8/0x72d0 [ 170.110477][ C1] process_scheduled_works+0xae0/0x1c40 [ 170.116122][ C1] worker_thread+0xea5/0x1520 [ 170.120924][ C1] kthread+0x3e2/0x540 [ 170.125151][ C1] ret_from_fork+0x6d/0x90 [ 170.129653][ C1] ret_from_fork_asm+0x1a/0x30 [ 170.134522][ C1] [ 170.136895][ C1] CPU: 1 PID: 5046 Comm: sshd Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0 [ 170.146177][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 170.156302][ C1] ===================================================== [ 170.163308][ C1] Disabling lock debugging due to kernel taint [ 170.169510][ C1] Kernel panic - not syncing: kmsan.panic set ... [ 170.175970][ C1] CPU: 1 PID: 5046 Comm: sshd Tainted: G B 6.10.0-syzkaller-11185-g2c9b3512402e #0 [ 170.186825][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 170.196959][ C1] Call Trace: [ 170.200295][ C1] [ 170.203188][ C1] dump_stack_lvl+0x216/0x2d0 [ 170.207977][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 170.214011][ C1] dump_stack+0x1e/0x30 [ 170.218286][ C1] panic+0x4e2/0xcd0 [ 170.222315][ C1] ? kmsan_get_metadata+0xf1/0x1d0 [ 170.227618][ C1] kmsan_report+0x2d5/0x2e0 [ 170.232267][ C1] ? __msan_warning+0x95/0x120 [ 170.237149][ C1] ? line6_midibuf_read+0x40b/0x1050 [ 170.242547][ C1] ? line6_data_received+0x4be/0x7e0 [ 170.247943][ C1] ? __usb_hcd_giveback_urb+0x572/0x840 [ 170.253667][ C1] ? usb_hcd_giveback_urb+0x157/0x720 [ 170.259127][ C1] ? dummy_timer+0xd3f/0x6aa0 [ 170.263900][ C1] ? __hrtimer_run_queues+0x564/0xe40 [ 170.269377][ C1] ? hrtimer_interrupt+0x3ab/0x1490 [ 170.274678][ C1] ? __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 170.280863][ C1] ? sysvec_apic_timer_interrupt+0x7e/0x90 [ 170.286797][ C1] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 170.293048][ C1] ? __pfx___msan_metadata_ptr_for_load_8+0x10/0x10 [ 170.299780][ C1] ? unwind_next_frame+0x9d/0x470 [ 170.304952][ C1] ? arch_stack_walk+0x1ec/0x2d0 [ 170.309990][ C1] ? stack_trace_save+0xaa/0xe0 [ 170.314963][ C1] ? kmsan_internal_chain_origin+0x57/0xd0 [ 170.320882][ C1] ? kmsan_internal_memmove_metadata+0x17b/0x230 [ 170.327324][ C1] ? __msan_memcpy+0x108/0x1c0 [ 170.332195][ C1] ? sock_write_iter+0x38e/0x3d0 [ 170.337232][ C1] ? vfs_write+0xb2f/0x1550 [ 170.341838][ C1] ? ksys_write+0x20f/0x4c0 [ 170.346444][ C1] ? __x64_sys_write+0x93/0xe0 [ 170.351326][ C1] ? x64_sys_call+0x3490/0x3c10 [ 170.356326][ C1] ? do_syscall_64+0xcd/0x1e0 [ 170.361181][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.367415][ C1] ? filter_irq_stacks+0x60/0x1a0 [ 170.372650][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 170.377971][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 170.383288][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 170.388607][ C1] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 170.394970][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 170.400285][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 170.406219][ C1] __msan_warning+0x95/0x120 [ 170.410918][ C1] line6_midibuf_read+0x40b/0x1050 [ 170.416149][ C1] ? line6_midibuf_write+0x43e/0x4e0 [ 170.421561][ C1] line6_data_received+0x4be/0x7e0 [ 170.426785][ C1] ? __pfx_line6_data_received+0x10/0x10 [ 170.432531][ C1] __usb_hcd_giveback_urb+0x572/0x840 [ 170.438093][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 170.443517][ C1] usb_hcd_giveback_urb+0x157/0x720 [ 170.448824][ C1] dummy_timer+0xd3f/0x6aa0 [ 170.453491][ C1] ? __pfx_dummy_timer+0x10/0x10 [ 170.458534][ C1] __hrtimer_run_queues+0x564/0xe40 [ 170.463864][ C1] hrtimer_interrupt+0x3ab/0x1490 [ 170.469036][ C1] ? __pfx_hrtimer_interrupt+0x10/0x10 [ 170.475079][ C1] ? __pfx_hrtimer_interrupt+0x10/0x10 [ 170.480671][ C1] __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 170.486925][ C1] sysvec_apic_timer_interrupt+0x7e/0x90 [ 170.492672][ C1] [ 170.495649][ C1] [ 170.498623][ C1] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 170.504719][ C1] RIP: 0010:__msan_metadata_ptr_for_load_8+0x0/0x40 [ 170.511452][ C1] Code: 00 48 89 5d f0 ff 75 f0 9d 48 83 c4 10 5b 5d c3 cc cc cc cc 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 53 48 83 ec 10 9c 8f 45 e8 0f 01 ca 48 8b [ 170.531181][ C1] RSP: 0018:ffff888116cfb730 EFLAGS: 00000246 [ 170.537349][ C1] RAX: ffff8881164fb840 RBX: ffff888116cf8000 RCX: 00000001168fb840 [ 170.545397][ C1] RDX: ffff8881168fb840 RSI: ffff88813fff9220 RDI: ffff888116e141a0 [ 170.553451][ C1] RBP: ffff888116cfb7c0 R08: ffffea000000000f R09: ffff888116cf8000 [ 170.561514][ C1] R10: ffff888116cfb818 R11: ffffffff819386f0 R12: 0000000000000000 [ 170.570027][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888116e141a0 [ 170.578126][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 170.584435][ C1] ? is_last_task_frame+0x62/0x420 [ 170.589647][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 170.595598][ C1] unwind_next_frame+0x9d/0x470 [ 170.600549][ C1] arch_stack_walk+0x1ec/0x2d0 [ 170.605426][ C1] ? __x64_sys_write+0x93/0xe0 [ 170.610368][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 170.616666][ C1] stack_trace_save+0xaa/0xe0 [ 170.621475][ C1] kmsan_internal_chain_origin+0x57/0xd0 [ 170.627275][ C1] ? kmsan_internal_chain_origin+0x57/0xd0 [ 170.633283][ C1] ? kmsan_internal_memmove_metadata+0x17b/0x230 [ 170.639894][ C1] ? __msan_memcpy+0x108/0x1c0 [ 170.644772][ C1] ? sock_write_iter+0x38e/0x3d0 [ 170.649829][ C1] ? vfs_write+0xb2f/0x1550 [ 170.654503][ C1] ? ksys_write+0x20f/0x4c0 [ 170.659105][ C1] ? __x64_sys_write+0x93/0xe0 [ 170.663976][ C1] ? tcp_sendmsg_locked+0x2a1/0x6e20 [ 170.669386][ C1] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 170.675839][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 170.681161][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 170.686484][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 170.692416][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 170.697736][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 170.703668][ C1] ? __local_bh_enable_ip+0x74/0xb0 [ 170.708975][ C1] ? _raw_spin_unlock_bh+0x2d/0x40 [ 170.714195][ C1] ? release_sock+0x219/0x250 [ 170.719009][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 170.724332][ C1] kmsan_internal_memmove_metadata+0x17b/0x230 [ 170.730612][ C1] __msan_memcpy+0x108/0x1c0 [ 170.735315][ C1] sock_write_iter+0x38e/0x3d0 [ 170.740203][ C1] vfs_write+0xb2f/0x1550 [ 170.744663][ C1] ? __pfx_sock_write_iter+0x10/0x10 [ 170.750080][ C1] ksys_write+0x20f/0x4c0 [ 170.754591][ C1] __x64_sys_write+0x93/0xe0 [ 170.759294][ C1] x64_sys_call+0x3490/0x3c10 [ 170.764083][ C1] do_syscall_64+0xcd/0x1e0 [ 170.768731][ C1] ? clear_bhb_loop+0x25/0x80 [ 170.773503][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.779532][ C1] RIP: 0033:0x7fa810716bf2 [ 170.784045][ C1] Code: 89 c7 48 89 44 24 08 e8 7b 34 fa ff 48 8b 44 24 08 48 83 c4 28 c3 c3 64 8b 04 25 18 00 00 00 85 c0 75 20 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 6f 48 8b 15 07 a2 0d 00 f7 d8 64 89 02 48 83 [ 170.803820][ C1] RSP: 002b:00007fff308c7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 170.812339][ C1] RAX: ffffffffffffffda RBX: 0000000000000054 RCX: 00007fa810716bf2 [ 170.820388][ C1] RDX: 0000000000000054 RSI: 000055e70ec62b10 RDI: 0000000000000004 [ 170.828457][ C1] RBP: 000055e70ec61e30 R08: 0000000000000000 R09: 0000000000000000 [ 170.836548][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000055e70bf00aa4 [ 170.844681][ C1] R13: 00000000000000a9 R14: 000055e70bf013e8 R15: 00007fff308c70b8 [ 170.852743][ C1] [ 170.855941][ C1] Kernel Offset: disabled [ 170.860322][ C1] Rebooting in 86400 seconds..