./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2420848702
<...>
Warning: Permanently added '10.128.1.13' (ED25519) to the list of known hosts.
execve("./syz-executor2420848702", ["./syz-executor2420848702"], 0x7ffef8367ae0 /* 10 vars */) = 0
brk(NULL) = 0x55557bbda000
brk(0x55557bbdad00) = 0x55557bbdad00
arch_prctl(ARCH_SET_FS, 0x55557bbda380) = 0
set_tid_address(0x55557bbda650) = 5091
set_robust_list(0x55557bbda660, 24) = 0
rseq(0x55557bbdaca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2420848702", 4096) = 28
getrandom("\xc6\xed\x32\xc4\x5a\xf9\x8f\x9a", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55557bbdad00
brk(0x55557bbfbd00) = 0x55557bbfbd00
brk(0x55557bbfc000) = 0x55557bbfc000
mprotect(0x7f2d231ab000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557bbda650) = 5092
./strace-static-x86_64: Process 5092 attached
[pid 5092] set_robust_list(0x55557bbda660, 24) = 0
[pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5092] setpgid(0, 0) = 0
[pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5092] write(3, "1000", 4) = 4
[pid 5092] close(3) = 0
[pid 5092] write(1, "executing program\n", 18executing program
) = 18
[pid 5092] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 5092] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdde623380) = 18
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[ 60.849920][ T8] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdde623380) = 18
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdde623380) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdde623380) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdde623380) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdde623380) = 9
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdde623380) = 553
[ 61.049618][ T8] usb 1-1: Using ep0 maxpacket: 32
[ 61.062895][ T8] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 61.075372][ T8] usb 1-1: config 1 has an invalid interface number: 170 but max is 1
[ 61.084486][ T8] usb 1-1: config 1 has an invalid interface number: 234 but max is 1
[ 61.092747][ T8] usb 1-1: config 1 has no interface number 0
[ 61.098832][ T8] usb 1-1: config 1 has no interface number 1
[ 61.105009][ T8] usb 1-1: config 1 interface 170 altsetting 5 endpoint 0x2 has an invalid bInterval 129, changing to 7
[ 61.116200][ T8] usb 1-1: config 1 interface 170 altsetting 5 has a duplicate endpoint with address 0x4, skipping
[ 61.126994][ T8] usb 1-1: config 1 interface 170 altsetting 5 endpoint 0x82 has an invalid bInterval 33, changing to 9
[ 61.138239][ T8] usb 1-1: config 1 interface 170 altsetting 5 has a duplicate endpoint with address 0x4, skipping
[ 61.149197][ T8] usb 1-1: config 1 interface 170 altsetting 5 has 6 endpoint descriptors, different from the interface descriptor's value: 5
[ 61.162336][ T8] usb 1-1: config 1 interface 234 altsetting 1 endpoint 0x8 has invalid maxpacket 1024, setting to 64
[ 61.173402][ T8] usb 1-1: config 1 interface 234 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 61.184433][ T8] usb 1-1: config 1 interface 234 altsetting 1 has a duplicate endpoint with address 0xC, skipping
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdde623380) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdde623380) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdde623380) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdde623380) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdde623380) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdde623380) = 0
[ 61.195175][ T8] usb 1-1: config 1 interface 170 has no altsetting 0
[ 61.202009][ T8] usb 1-1: config 1 interface 234 has no altsetting 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdde624390) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0x40) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f2d231b13ec) = -1 EINVAL (Invalid argument)
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f2d231b13fc) = -1 EINVAL (Invalid argument)
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f2d231b140c) = -1 EINVAL (Invalid argument)
[ 61.247461][ T8] usb 1-1: string descriptor 0 read error: -22
[ 61.254104][ T8] usb 1-1: New USB device found, idVendor=080e, idProduct=4eb9, bcdDevice=d7.f6
[ 61.263392][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f2d231b141c) = -1 EINVAL (Invalid argument)
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f2d231b142c) = 10
[pid 5092] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffdde623380) = 0
[ 61.336556][ T8] ------------[ cut here ]------------
[ 61.342224][ T8] UBSAN: array-index-out-of-bounds in drivers/hid/usbhid/hid-core.c:1024:7
[ 61.351298][ T8] index 1 is out of range for type 'struct hid_class_descriptor[1]'
[ 61.359299][ T8] CPU: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.9.0-next-20240517-syzkaller #0
[ 61.368290][ T8] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 61.378342][ T8] Workqueue: usb_hub_wq hub_event
[ 61.383393][ T8] Call Trace:
[ 61.386757][ T8]
[ 61.389767][ T8] dump_stack_lvl+0x241/0x360
[ 61.394491][ T8] ? __pfx_dump_stack_lvl+0x10/0x10
[ 61.399704][ T8] ? __pfx__printk+0x10/0x10
[ 61.404321][ T8] ? trace_contention_end+0x3c/0x120
[ 61.409619][ T8] __ubsan_handle_out_of_bounds+0x121/0x150
[ 61.415527][ T8] usbhid_parse+0x5a7/0xc80
[ 61.420042][ T8] ? __pfx_usbhid_parse+0x10/0x10
[ 61.425080][ T8] ? hid_ignore+0x5dc/0x7a0
[ 61.429588][ T8] hid_add_device+0x132/0x520
[ 61.434268][ T8] usbhid_probe+0xb38/0xea0
[ 61.438790][ T8] usb_probe_interface+0x645/0xbb0
[ 61.443921][ T8] ? __pfx_usb_probe_interface+0x10/0x10
[ 61.449618][ T8] really_probe+0x2b8/0xad0
[ 61.454140][ T8] __driver_probe_device+0x1a2/0x390
[ 61.459433][ T8] driver_probe_device+0x50/0x430
[ 61.464581][ T8] __device_attach_driver+0x2d6/0x530
[ 61.469976][ T8] bus_for_each_drv+0x24e/0x2e0
[ 61.474850][ T8] ? __pfx___device_attach_driver+0x10/0x10
[ 61.480762][ T8] ? __pfx_bus_for_each_drv+0x10/0x10
[ 61.486142][ T8] __device_attach+0x333/0x520
[ 61.490915][ T8] ? __pfx_lock_release+0x10/0x10
[ 61.495948][ T8] ? __pfx___device_attach+0x10/0x10
[ 61.501241][ T8] ? do_raw_spin_unlock+0x13c/0x8b0
[ 61.506462][ T8] bus_probe_device+0x189/0x260
[ 61.511425][ T8] device_add+0x856/0xbf0
[ 61.515778][ T8] usb_set_configuration+0x1976/0x1fb0
[ 61.521267][ T8] usb_generic_driver_probe+0x88/0x140
[ 61.526763][ T8] usb_probe_device+0x1b8/0x380
[ 61.531908][ T8] ? __pfx_usb_probe_device+0x10/0x10
[ 61.537413][ T8] really_probe+0x2b8/0xad0
[ 61.541991][ T8] __driver_probe_device+0x1a2/0x390
[ 61.550800][ T8] driver_probe_device+0x50/0x430
[ 61.555902][ T8] __device_attach_driver+0x2d6/0x530
[ 61.561347][ T8] bus_for_each_drv+0x24e/0x2e0
[ 61.566217][ T8] ? __pfx___device_attach_driver+0x10/0x10
[ 61.572378][ T8] ? __pfx_bus_for_each_drv+0x10/0x10
[ 61.577794][ T8] __device_attach+0x333/0x520
[ 61.582678][ T8] ? __pfx___device_attach+0x10/0x10
[ 61.588061][ T8] bus_probe_device+0x189/0x260
[ 61.593097][ T8] device_add+0x856/0xbf0
[ 61.597589][ T8] usb_new_device+0x104a/0x19a0
[ 61.602620][ T8] ? __pfx_usb_new_device+0x10/0x10
[ 61.607837][ T8] ? _raw_spin_unlock_irq+0x23/0x50
[ 61.613040][ T8] ? lockdep_hardirqs_on+0x99/0x150
[ 61.618241][ T8] hub_event+0x2d6a/0x5150
[ 61.622817][ T8] ? __pfx_hub_event+0x10/0x10
[ 61.627587][ T8] ? __pfx_lock_acquire+0x10/0x10
[ 61.632631][ T8] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 61.638634][ T8] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 61.645086][ T8] ? process_scheduled_works+0x945/0x1830
[ 61.651000][ T8] process_scheduled_works+0xa2c/0x1830
[ 61.656591][ T8] ? __pfx_process_scheduled_works+0x10/0x10
[ 61.662587][ T8] ? assign_work+0x364/0x3d0
[ 61.667223][ T8] worker_thread+0x86d/0xd70
[ 61.671935][ T8] ? __kthread_parkme+0x169/0x1d0
[ 61.677032][ T8] ? __pfx_worker_thread+0x10/0x10
[ 61.682252][ T8] kthread+0x2f0/0x390
[pid 5092] exit_group(0) = ?
[pid 5092] +++ exited with 0 +++
[ 61.686342][ T8] ? __pfx_worker_thread+0x10/0x10
[ 61.691550][ T8] ? __pfx_kthread+0x10/0x10
[ 61.696166][ T8] ret_from_fork+0x4b/0x80
[ 61.700684][ T8] ? __pfx_kthread+0x10/0x10
[ 61.705361][ T8] ret_from_fork_asm+0x1a/0x30
[ 61.711116][ T8]
[ 61.714359][ T8] ---[ end trace ]---
[ 61.718374][ T8] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[ 61.725590][ T8] CPU: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.9.0-next-20240517-syzkaller #0
[ 61.734627][ T8] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 61.745191][ T8] Workqueue: usb_hub_wq hub_event
[ 61.750232][ T8] Call Trace:
[ 61.753594][ T8]
[ 61.756519][ T8] dump_stack_lvl+0x241/0x360
[ 61.761198][ T8] ? __pfx_dump_stack_lvl+0x10/0x10
[ 61.766404][ T8] ? __pfx__printk+0x10/0x10
[ 61.771169][ T8] ? vprintk_emit+0x631/0x770
[ 61.775855][ T8] ? vscnprintf+0x5d/0x90
[ 61.780546][ T8] panic+0x349/0x860
[ 61.784442][ T8] ? check_panic_on_warn+0x21/0xb0
[ 61.789571][ T8] ? __pfx_panic+0x10/0x10
[ 61.794080][ T8] ? _printk+0xd5/0x120
[ 61.798237][ T8] ? __pfx__printk+0x10/0x10
[ 61.802921][ T8] check_panic_on_warn+0x86/0xb0
[ 61.807863][ T8] __ubsan_handle_out_of_bounds+0x141/0x150
[ 61.813862][ T8] usbhid_parse+0x5a7/0xc80
[ 61.818487][ T8] ? __pfx_usbhid_parse+0x10/0x10
[ 61.823696][ T8] ? hid_ignore+0x5dc/0x7a0
[ 61.828209][ T8] hid_add_device+0x132/0x520
[ 61.832887][ T8] usbhid_probe+0xb38/0xea0
[ 61.837403][ T8] usb_probe_interface+0x645/0xbb0
[ 61.842793][ T8] ? __pfx_usb_probe_interface+0x10/0x10
[ 61.848512][ T8] really_probe+0x2b8/0xad0
[ 61.853180][ T8] __driver_probe_device+0x1a2/0x390
[ 61.858498][ T8] driver_probe_device+0x50/0x430
[ 61.863630][ T8] __device_attach_driver+0x2d6/0x530
[ 61.869791][ T8] bus_for_each_drv+0x24e/0x2e0
[ 61.874641][ T8] ? __pfx___device_attach_driver+0x10/0x10
[ 61.880619][ T8] ? __pfx_bus_for_each_drv+0x10/0x10
[ 61.886100][ T8] __device_attach+0x333/0x520
[ 61.890963][ T8] ? __pfx_lock_release+0x10/0x10
[ 61.895990][ T8] ? __pfx___device_attach+0x10/0x10
[ 61.901377][ T8] ? do_raw_spin_unlock+0x13c/0x8b0
[ 61.906584][ T8] bus_probe_device+0x189/0x260
[ 61.911432][ T8] device_add+0x856/0xbf0
[ 61.915805][ T8] usb_set_configuration+0x1976/0x1fb0
[ 61.923328][ T8] usb_generic_driver_probe+0x88/0x140
[ 61.929270][ T8] usb_probe_device+0x1b8/0x380
[ 61.934154][ T8] ? __pfx_usb_probe_device+0x10/0x10
[ 61.939621][ T8] really_probe+0x2b8/0xad0
[ 61.944161][ T8] __driver_probe_device+0x1a2/0x390
[ 61.949490][ T8] driver_probe_device+0x50/0x430
[ 61.954547][ T8] __device_attach_driver+0x2d6/0x530
[ 61.960134][ T8] bus_for_each_drv+0x24e/0x2e0
[ 61.964993][ T8] ? __pfx___device_attach_driver+0x10/0x10
[ 61.970886][ T8] ? __pfx_bus_for_each_drv+0x10/0x10
[ 61.976258][ T8] __device_attach+0x333/0x520
[ 61.981127][ T8] ? __pfx___device_attach+0x10/0x10
[ 61.986443][ T8] bus_probe_device+0x189/0x260
[ 61.991320][ T8] device_add+0x856/0xbf0
[ 61.996354][ T8] usb_new_device+0x104a/0x19a0
[ 62.001307][ T8] ? __pfx_usb_new_device+0x10/0x10
[ 62.006515][ T8] ? _raw_spin_unlock_irq+0x23/0x50
[ 62.011714][ T8] ? lockdep_hardirqs_on+0x99/0x150
[ 62.016917][ T8] hub_event+0x2d6a/0x5150
[ 62.021372][ T8] ? __pfx_hub_event+0x10/0x10
[ 62.026171][ T8] ? __pfx_lock_acquire+0x10/0x10
[ 62.031368][ T8] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 62.037345][ T8] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 62.043679][ T8] ? process_scheduled_works+0x945/0x1830
[ 62.049405][ T8] process_scheduled_works+0xa2c/0x1830
[ 62.055232][ T8] ? __pfx_process_scheduled_works+0x10/0x10
[ 62.061218][ T8] ? assign_work+0x364/0x3d0
[ 62.066108][ T8] worker_thread+0x86d/0xd70
[ 62.070887][ T8] ? __kthread_parkme+0x169/0x1d0
[ 62.075910][ T8] ? __pfx_worker_thread+0x10/0x10
[ 62.081105][ T8] kthread+0x2f0/0x390
[ 62.085175][ T8] ? __pfx_worker_thread+0x10/0x10
[ 62.090282][ T8] ? __pfx_kthread+0x10/0x10
[ 62.094866][ T8] ret_from_fork+0x4b/0x80
[ 62.099368][ T8] ? __pfx_kthread+0x10/0x10
[ 62.104042][ T8] ret_from_fork_asm+0x1a/0x30
[ 62.108816][ T8]
[ 62.111909][ T8] Kernel Offset: disabled
[ 62.116264][ T8] Rebooting in 86400 seconds..