./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2253910187 <...> Warning: Permanently added '10.128.1.178' (ED25519) to the list of known hosts. execve("./syz-executor2253910187", ["./syz-executor2253910187"], 0x7fffc83d9660 /* 10 vars */) = 0 brk(NULL) = 0x55556b3b4000 brk(0x55556b3b4d00) = 0x55556b3b4d00 arch_prctl(ARCH_SET_FS, 0x55556b3b4380) = 0 set_tid_address(0x55556b3b4650) = 5797 set_robust_list(0x55556b3b4660, 24) = 0 rseq(0x55556b3b4ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2253910187", 4096) = 28 getrandom("\xfb\xee\x13\x69\x1c\xe4\xe5\xe6", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55556b3b4d00 brk(0x55556b3d5d00) = 0x55556b3d5d00 brk(0x55556b3d6000) = 0x55556b3d6000 mprotect(0x7f847f196000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556b3b4650) = 5798 ./strace-static-x86_64: Process 5798 attached [pid 5798] set_robust_list(0x55556b3b4660, 24) = 0 [pid 5798] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5798] setpgid(0, 0) = 0 [pid 5798] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5798] write(3, "1000", 4) = 4 executing program [pid 5798] close(3) = 0 [pid 5798] write(1, "executing program\n", 18) = 18 [pid 5798] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5798] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff78842630) = 0 [pid 5798] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5798] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff78842630) = 0 [pid 5798] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff78842630) = 0 [pid 5798] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff78842630) = 0 [pid 5798] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff78842630) = 0 [pid 5798] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff78841620) = 18 [pid 5798] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff78842630) = 0 [ 206.714499][ T8] usb 1-1: new full-speed USB device number 2 using dummy_hcd [pid 5798] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff78842630) = 0 [pid 5798] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff78842630) = 0 [pid 5798] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff78841620) = 18 [pid 5798] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff78842630) = 0 [pid 5798] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff78841620) = 9 [pid 5798] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff78842630) = 0 [pid 5798] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff78841620) = 52 [ 206.887496][ T8] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 206.896006][ T8] usb 1-1: config 0 has no interface number 0 [ 206.902349][ T8] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 206.912468][ T8] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x6 has an invalid bInterval 0, changing to 4 [ 206.923703][ T8] usb 1-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=17.c7 [pid 5798] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff78842630) = 0 [pid 5798] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0x2) = 0 [pid 5798] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 5798] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f847f19c3ec) = -1 EINVAL (Invalid argument) [pid 5798] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f847f19c3fc) = -1 EINVAL (Invalid argument) [pid 5798] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff78841620) = 0 [ 206.933268][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.946130][ T8] usb 1-1: config 0 descriptor?? [ 206.980905][ T8] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state. [ 206.992727][ T8] dvb-usb: bulk message failed: -22 (3/0) [ 207.021112][ T8] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 207.032004][ T8] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device) [ 207.043938][ T8] usb 1-1: media controller created [ 207.053508][ T8] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 207.072364][ T8] dvb-usb: bulk message failed: -22 (6/0) [ 207.078539][ T8] ===================================================== [ 207.086037][ T8] BUG: KMSAN: uninit-value in dib3000mb_attach+0x2d8/0x3c0 [ 207.093572][ T8] dib3000mb_attach+0x2d8/0x3c0 [ 207.098772][ T8] dibusb_dib3000mb_frontend_attach+0x155/0x2f0 [ 207.105403][ T8] dvb_usb_adapter_frontend_init+0xed/0x9a0 [ 207.111522][ T8] dvb_usb_device_init+0x25a8/0x3760 [ 207.117195][ T8] dibusb_probe+0x46/0x250 [ 207.121806][ T8] usb_probe_interface+0xd6f/0x1350 [ 207.127386][ T8] really_probe+0x4db/0xd90 [ 207.132107][ T8] __driver_probe_device+0x2ab/0x5d0 [ 207.137841][ T8] driver_probe_device+0x72/0x890 [ 207.143129][ T8] __device_attach_driver+0x568/0x9e0 [ 207.148797][ T8] bus_for_each_drv+0x403/0x620 [ 207.153889][ T8] __device_attach+0x3c1/0x650 [ 207.158957][ T8] device_initial_probe+0x32/0x40 [ 207.164319][ T8] bus_probe_device+0x3dc/0x5c0 [ 207.169351][ T8] device_add+0x13aa/0x1ba0 [ 207.174005][ T8] usb_set_configuration+0x31c9/0x38d0 [pid 5798] exit_group(0) = ? [pid 5798] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5798, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [ 207.179908][ T8] usb_generic_driver_probe+0x109/0x2a0 [ 207.185929][ T8] usb_probe_device+0x3a7/0x690 [ 207.191021][ T8] really_probe+0x4db/0xd90 [ 207.195990][ T8] __driver_probe_device+0x2ab/0x5d0 [ 207.201524][ T8] driver_probe_device+0x72/0x890 [ 207.207014][ T8] __device_attach_driver+0x568/0x9e0 [ 207.212691][ T8] bus_for_each_drv+0x403/0x620 [ 207.218048][ T8] __device_attach+0x3c1/0x650 [ 207.223054][ T8] device_initial_probe+0x32/0x40 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5801 attached [pid 5801] set_robust_list(0x55556b3b4660, 24) = 0 [pid 5801] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5801] setpgid(0, 0) = 0 [pid 5801] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 executing program [pid 5801] write(3, "1000", 4) = 4 [pid 5801] close(3) = 0 [pid 5801] write(1, "executing program\n", 18) = 18 [ 207.228520][ T8] bus_probe_device+0x3dc/0x5c0 [ 207.233646][ T8] device_add+0x13aa/0x1ba0 [ 207.238488][ T8] usb_new_device+0x15f4/0x2470 [ 207.243555][ T8] hub_event+0x4ffb/0x72d0 [ 207.248563][ T8] process_scheduled_works+0xae0/0x1c40 [ 207.254459][ T8] worker_thread+0xea7/0x14f0 [ 207.259390][ T8] kthread+0x3e2/0x540 [ 207.263647][ T8] ret_from_fork+0x6d/0x90 [ 207.268455][ T8] ret_from_fork_asm+0x1a/0x30 [ 207.273562][ T8] [ 207.276204][ T8] Local variable rb created at: [pid 5801] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5801] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff78842630) = 0 [pid 5801] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5801] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff78842630) = 0 [ 207.281196][ T8] dib3000_read_reg+0x86/0x4e0 [ 207.286450][ T8] dib3000mb_attach+0x123/0x3c0 [ 207.291535][ T8] [ 207.294021][ T8] CPU: 0 UID: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0 [ 207.304672][ T8] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 207.315223][ T8] Workqueue: usb_hub_wq hub_event [ 207.320552][ T8] ===================================================== [pid 5801] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5797] <... clone resumed>, child_tidptr=0x55556b3b4650) = 5801 [ 207.327867][ T8] Disabling lock debugging due to kernel taint [ 207.334351][ T8] Kernel panic - not syncing: kmsan.panic set ... [ 207.340954][ T8] CPU: 0 UID: 0 PID: 8 Comm: kworker/0:0 Tainted: G B 6.12.0-syzkaller-09073-g9f16d5e6f220 #0 [ 207.352858][ T8] Tainted: [B]=BAD_PAGE [ 207.357172][ T8] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 207.367443][ T8] Workqueue: usb_hub_wq hub_event [ 207.373004][ T8] Call Trace: [ 207.376445][ T8] [ 207.379522][ T8] dump_stack_lvl+0x216/0x2d0 [ 207.384449][ T8] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 207.390581][ T8] dump_stack+0x1e/0x30 [ 207.394994][ T8] panic+0x4e2/0xcf0 [ 207.399112][ T8] ? kmsan_get_metadata+0x81/0x1c0 [ 207.404537][ T8] kmsan_report+0x2c7/0x2d0 [ 207.409317][ T8] ? dibusb_i2c_xfer+0xe29/0xf30 [ 207.414530][ T8] ? __msan_warning+0x95/0x120 [ 207.419555][ T8] ? dib3000mb_attach+0x2d8/0x3c0 [ 207.424826][ T8] ? dibusb_dib3000mb_frontend_attach+0x155/0x2f0 [ 207.431462][ T8] ? dvb_usb_adapter_frontend_init+0xed/0x9a0 [ 207.437687][ T8] ? dvb_usb_device_init+0x25a8/0x3760 [ 207.443282][ T8] ? dibusb_probe+0x46/0x250 [ 207.447992][ T8] ? usb_probe_interface+0xd6f/0x1350 [ 207.453543][ T8] ? really_probe+0x4db/0xd90 [ 207.458469][ T8] ? __driver_probe_device+0x2ab/0x5d0 [ 207.464144][ T8] ? driver_probe_device+0x72/0x890 [ 207.469550][ T8] ? __device_attach_driver+0x568/0x9e0 [ 207.475359][ T8] ? bus_for_each_drv+0x403/0x620 [ 207.480578][ T8] ? __device_attach+0x3c1/0x650 [ 207.485735][ T8] ? device_initial_probe+0x32/0x40 [ 207.491281][ T8] ? bus_probe_device+0x3dc/0x5c0 [ 207.496469][ T8] ? device_add+0x13aa/0x1ba0 [ 207.501285][ T8] ? usb_set_configuration+0x31c9/0x38d0 [ 207.507061][ T8] ? usb_generic_driver_probe+0x109/0x2a0 [ 207.512922][ T8] ? usb_probe_device+0x3a7/0x690 [ 207.518090][ T8] ? really_probe+0x4db/0xd90 [ 207.522903][ T8] ? __driver_probe_device+0x2ab/0x5d0 [ 207.528536][ T8] ? driver_probe_device+0x72/0x890 [ 207.533979][ T8] ? __device_attach_driver+0x568/0x9e0 [ 207.539709][ T8] ? bus_for_each_drv+0x403/0x620 [ 207.545018][ T8] ? __device_attach+0x3c1/0x650 [ 207.550098][ T8] ? device_initial_probe+0x32/0x40 [ 207.555452][ T8] ? bus_probe_device+0x3dc/0x5c0 [ 207.560659][ T8] ? device_add+0x13aa/0x1ba0 [ 207.565492][ T8] ? usb_new_device+0x15f4/0x2470 [ 207.570651][ T8] ? hub_event+0x4ffb/0x72d0 [ 207.575412][ T8] ? process_scheduled_works+0xae0/0x1c40 [ 207.581387][ T8] ? worker_thread+0xea7/0x14f0 [ 207.586422][ T8] ? kthread+0x3e2/0x540 [ 207.590956][ T8] ? ret_from_fork+0x6d/0x90 [ 207.595674][ T8] ? ret_from_fork_asm+0x1a/0x30 [ 207.600799][ T8] ? rt_mutex_unlock+0x2a/0x50 [ 207.605700][ T8] ? kmsan_get_metadata+0x13e/0x1c0 [ 207.611105][ T8] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 207.617087][ T8] ? dib3000_read_reg+0x32b/0x4e0 [ 207.622430][ T8] ? kmsan_get_metadata+0x13e/0x1c0 [ 207.627818][ T8] __msan_warning+0x95/0x120 [ 207.633287][ T8] dib3000mb_attach+0x2d8/0x3c0 [ 207.638374][ T8] ? __pfx_dib3000mb_attach+0x10/0x10 [ 207.643920][ T8] dibusb_dib3000mb_frontend_attach+0x155/0x2f0 [ 207.650389][ T8] ? __pfx_dibusb_dib3000mb_frontend_attach+0x10/0x10 [ 207.657330][ T8] dvb_usb_adapter_frontend_init+0xed/0x9a0 [ 207.663401][ T8] dvb_usb_device_init+0x25a8/0x3760 [ 207.668932][ T8] ? __pfx_dibusb_probe+0x10/0x10 [ 207.674086][ T8] dibusb_probe+0x46/0x250 [ 207.678644][ T8] ? __pfx_dibusb_probe+0x10/0x10 [ 207.683815][ T8] usb_probe_interface+0xd6f/0x1350 [ 207.689198][ T8] ? __pfx_usb_probe_interface+0x10/0x10 [ 207.695184][ T8] really_probe+0x4db/0xd90 [ 207.699840][ T8] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 207.705868][ T8] __driver_probe_device+0x2ab/0x5d0 [ 207.711328][ T8] driver_probe_device+0x72/0x890 [ 207.716505][ T8] ? kmsan_get_metadata+0x13e/0x1c0 [ 207.721876][ T8] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 207.727880][ T8] __device_attach_driver+0x568/0x9e0 [ 207.733435][ T8] bus_for_each_drv+0x403/0x620 [ 207.738505][ T8] ? __pfx___device_attach_driver+0x10/0x10 [ 207.744741][ T8] __device_attach+0x3c1/0x650 [ 207.749693][ T8] device_initial_probe+0x32/0x40 [ 207.754944][ T8] bus_probe_device+0x3dc/0x5c0 [ 207.759971][ T8] device_add+0x13aa/0x1ba0 [ 207.764795][ T8] usb_set_configuration+0x31c9/0x38d0 [ 207.770440][ T8] ? usb_set_configuration+0x8c1/0x38d0 [ 207.776159][ T8] usb_generic_driver_probe+0x109/0x2a0 [ 207.781862][ T8] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 207.787866][ T8] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 207.794073][ T8] usb_probe_device+0x3a7/0x690 [ 207.799115][ T8] ? __pfx_usb_probe_device+0x10/0x10 [ 207.804671][ T8] really_probe+0x4db/0xd90 [ 207.809351][ T8] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 207.815349][ T8] __driver_probe_device+0x2ab/0x5d0 [ 207.820796][ T8] driver_probe_device+0x72/0x890 [ 207.825979][ T8] ? kmsan_get_metadata+0x13e/0x1c0 [ 207.831369][ T8] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 207.837444][ T8] __device_attach_driver+0x568/0x9e0 [ 207.843016][ T8] bus_for_each_drv+0x403/0x620 [ 207.848211][ T8] ? __pfx___device_attach_driver+0x10/0x10 [ 207.854304][ T8] __device_attach+0x3c1/0x650 [ 207.859288][ T8] device_initial_probe+0x32/0x40 [ 207.864490][ T8] bus_probe_device+0x3dc/0x5c0 [ 207.869537][ T8] device_add+0x13aa/0x1ba0 [ 207.874232][ T8] usb_new_device+0x15f4/0x2470 [ 207.879266][ T8] hub_event+0x4ffb/0x72d0 [ 207.883869][ T8] ? __pfx_hub_event+0x10/0x10 [ 207.888797][ T8] process_scheduled_works+0xae0/0x1c40 [ 207.894639][ T8] worker_thread+0xea7/0x14f0 [ 207.899492][ T8] kthread+0x3e2/0x540 [ 207.903679][ T8] ? __pfx_worker_thread+0x10/0x10 [ 207.908978][ T8] ? __pfx_kthread+0x10/0x10 [ 207.913780][ T8] ret_from_fork+0x6d/0x90 [ 207.918334][ T8] ? __pfx_kthread+0x10/0x10 [ 207.923046][ T8] ret_from_fork_asm+0x1a/0x30 [ 207.927974][ T8] [ 207.931427][ T8] Kernel Offset: disabled [ 207.935849][ T8] Rebooting in 86400 seconds..