./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2125419100 <...> Warning: Permanently added '10.128.0.140' (ED25519) to the list of known hosts. execve("./syz-executor2125419100", ["./syz-executor2125419100"], 0x7ffed2c70dd0 /* 10 vars */) = 0 brk(NULL) = 0x555557aa1000 brk(0x555557aa1d00) = 0x555557aa1d00 arch_prctl(ARCH_SET_FS, 0x555557aa1380) = 0 set_tid_address(0x555557aa1650) = 5177 set_robust_list(0x555557aa1660, 24) = 0 rseq(0x555557aa1ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2125419100", 4096) = 28 getrandom("\x41\xde\x7a\x5c\xf1\x6e\x92\x38", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555557aa1d00 brk(0x555557ac2d00) = 0x555557ac2d00 brk(0x555557ac3000) = 0x555557ac3000 mprotect(0x7f391550d000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555557aa1650) = 5178 ./strace-static-x86_64: Process 5178 attached [pid 5178] set_robust_list(0x555557aa1660, 24) = 0 [pid 5178] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5178] setpgid(0, 0) = 0 [pid 5178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5178] write(3, "1000", 4) = 4 [pid 5178] close(3) = 0 executing program [pid 5178] write(1, "executing program\n", 18) = 18 [pid 5178] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5178] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd418d37e0) = 18 [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [ 164.713054][ T1821] usb 1-1: new high-speed USB device number 2 using dummy_hcd [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd418d37e0) = 18 [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd418d37e0) = 9 [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd418d37e0) = 18 [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd418d37e0) = 4 [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd418d37e0) = 8 [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd418d37e0) = 8 [ 164.902994][ T1821] usb 1-1: Using ep0 maxpacket: 8 [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd418d37e0) = 8 [pid 5178] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd418d47f0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 5178] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd418d37e0) = 0 [ 164.936083][ T1821] usb 1-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=ad.59 [ 164.945505][ T1821] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.953792][ T1821] usb 1-1: Product: syz [ 164.958228][ T1821] usb 1-1: Manufacturer: syz [ 164.963092][ T1821] usb 1-1: SerialNumber: syz [ 164.971529][ T1821] usb 1-1: config 0 descriptor?? [ 165.002974][ T1821] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state. [ 165.014420][ T1821] dvb-usb: bulk message failed: -22 (3/0) [ 165.049803][ T1821] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 165.061145][ T1821] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device) [ 165.073081][ T1821] usb 1-1: media controller created [ 165.110044][ T1821] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 165.152410][ T1821] dvb-usb: bulk message failed: -22 (6/0) [ 165.158789][ T1821] ===================================================== [ 165.166205][ T1821] BUG: KMSAN: uninit-value in dib3000mb_attach+0x2d8/0x3c0 [ 165.173668][ T1821] dib3000mb_attach+0x2d8/0x3c0 [ 165.178625][ T1821] dibusb_dib3000mb_frontend_attach+0x155/0x2f0 [ 165.185098][ T1821] dvb_usb_adapter_frontend_init+0xed/0x9a0 [ 165.191175][ T1821] dvb_usb_device_init+0x25a8/0x3760 [ 165.196759][ T1821] dibusb_probe+0x46/0x250 [ 165.201352][ T1821] usb_probe_interface+0xd6f/0x1350 [ 165.206909][ T1821] really_probe+0x4db/0xd90 [ 165.211641][ T1821] __driver_probe_device+0x2ab/0x5d0 [ 165.217332][ T1821] driver_probe_device+0x72/0x890 [ 165.222591][ T1821] __device_attach_driver+0x568/0x9e0 [ 165.228425][ T1821] bus_for_each_drv+0x403/0x620 [ 165.233628][ T1821] __device_attach+0x3c1/0x650 [ 165.238589][ T1821] device_initial_probe+0x32/0x40 [ 165.243937][ T1821] bus_probe_device+0x3dc/0x5c0 [pid 5178] exit_group(0) = ? [ 165.248976][ T1821] device_add+0x13aa/0x1ba0 [ 165.253830][ T1821] usb_set_configuration+0x31c9/0x38d0 [ 165.259502][ T1821] usb_generic_driver_probe+0x109/0x2a0 [ 165.265372][ T1821] usb_probe_device+0x3a7/0x690 [ 165.270393][ T1821] really_probe+0x4db/0xd90 [ 165.275230][ T1821] __driver_probe_device+0x2ab/0x5d0 [ 165.280709][ T1821] driver_probe_device+0x72/0x890 [ 165.286032][ T1821] __device_attach_driver+0x568/0x9e0 [ 165.291606][ T1821] bus_for_each_drv+0x403/0x620 [ 165.296743][ T1821] __device_attach+0x3c1/0x650 [ 165.301679][ T1821] device_initial_probe+0x32/0x40 [ 165.306995][ T1821] bus_probe_device+0x3dc/0x5c0 [ 165.311998][ T1821] device_add+0x13aa/0x1ba0 [ 165.316742][ T1821] usb_new_device+0x15f4/0x2470 [ 165.321785][ T1821] hub_event+0x4ffb/0x72d0 [ 165.326407][ T1821] process_scheduled_works+0xae0/0x1c40 [ 165.332138][ T1821] worker_thread+0xea5/0x1520 [ 165.337102][ T1821] kthread+0x3dd/0x540 [ 165.341332][ T1821] ret_from_fork+0x6d/0x90 [ 165.346013][ T1821] ret_from_fork_asm+0x1a/0x30 [ 165.350950][ T1821] [ 165.353432][ T1821] Local variable rb created at: [ 165.358358][ T1821] dib3000_read_reg+0x86/0x4e0 [ 165.363340][ T1821] dib3000mb_attach+0x123/0x3c0 [ 165.368350][ T1821] [ 165.370729][ T1821] CPU: 1 UID: 0 PID: 1821 Comm: kworker/1:2 Not tainted 6.11.0-rc3-syzkaller-00144-ge724918b3786 #0 [ 165.381796][ T1821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 165.392058][ T1821] Workqueue: usb_hub_wq hub_event [ 165.397271][ T1821] ===================================================== [ 165.404451][ T1821] Disabling lock debugging due to kernel taint [ 165.410776][ T1821] Kernel panic - not syncing: kmsan.panic set ... [ 165.417467][ T1821] CPU: 1 UID: 0 PID: 1821 Comm: kworker/1:2 Tainted: G B 6.11.0-rc3-syzkaller-00144-ge724918b3786 #0 [ 165.429907][ T1821] Tainted: [B]=BAD_PAGE [ 165.434137][ T1821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 165.444510][ T1821] Workqueue: usb_hub_wq hub_event [ 165.449694][ T1821] Call Trace: [ 165.453054][ T1821] [ 165.456060][ T1821] dump_stack_lvl+0x216/0x2d0 [ 165.460941][ T1821] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 165.466906][ T1821] dump_stack+0x1e/0x30 [ 165.471236][ T1821] panic+0x4e2/0xcd0 [ 165.475234][ T1821] ? kmsan_get_metadata+0xe1/0x1c0 [ 165.480474][ T1821] kmsan_report+0x2c7/0x2d0 [ 165.485132][ T1821] ? dibusb_i2c_xfer+0xe29/0xf30 [ 165.490237][ T1821] ? kmsan_report+0x280/0x2d0 [ 165.495186][ T1821] ? __msan_warning+0x95/0x120 [ 165.500063][ T1821] ? dib3000mb_attach+0x2d8/0x3c0 [ 165.505196][ T1821] ? dibusb_dib3000mb_frontend_attach+0x155/0x2f0 [ 165.511746][ T1821] ? dvb_usb_adapter_frontend_init+0xed/0x9a0 [ 165.517996][ T1821] ? dvb_usb_device_init+0x25a8/0x3760 [ 165.523582][ T1821] ? dibusb_probe+0x46/0x250 [ 165.528321][ T1821] ? usb_probe_interface+0xd6f/0x1350 [ 165.533872][ T1821] ? really_probe+0x4db/0xd90 [ 165.538790][ T1821] ? __driver_probe_device+0x2ab/0x5d0 [ 165.544451][ T1821] ? driver_probe_device+0x72/0x890 [ 165.549761][ T1821] ? __device_attach_driver+0x568/0x9e0 [ 165.555523][ T1821] ? bus_for_each_drv+0x403/0x620 [ 165.560664][ T1821] ? __device_attach+0x3c1/0x650 [ 165.565715][ T1821] ? device_initial_probe+0x32/0x40 [ 165.571031][ T1821] ? bus_probe_device+0x3dc/0x5c0 [ 165.576148][ T1821] ? device_add+0x13aa/0x1ba0 [ 165.580927][ T1821] ? usb_set_configuration+0x31c9/0x38d0 [ 165.586650][ T1821] ? usb_generic_driver_probe+0x109/0x2a0 [ 165.592487][ T1821] ? usb_probe_device+0x3a7/0x690 [ 165.597599][ T1821] ? really_probe+0x4db/0xd90 [ 165.602410][ T1821] ? __driver_probe_device+0x2ab/0x5d0 [ 165.608050][ T1821] ? driver_probe_device+0x72/0x890 [ 165.613385][ T1821] ? __device_attach_driver+0x568/0x9e0 [ 165.619118][ T1821] ? bus_for_each_drv+0x403/0x620 [ 165.624232][ T1821] ? __device_attach+0x3c1/0x650 [ 165.629278][ T1821] ? device_initial_probe+0x32/0x40 [ 165.634583][ T1821] ? bus_probe_device+0x3dc/0x5c0 [ 165.639709][ T1821] ? device_add+0x13aa/0x1ba0 [ 165.644488][ T1821] ? usb_new_device+0x15f4/0x2470 [ 165.649619][ T1821] ? hub_event+0x4ffb/0x72d0 [ 165.654288][ T1821] ? process_scheduled_works+0xae0/0x1c40 [ 165.660113][ T1821] ? worker_thread+0xea5/0x1520 [ 165.665078][ T1821] ? kthread+0x3dd/0x540 [ 165.669442][ T1821] ? ret_from_fork+0x6d/0x90 [ 165.674172][ T1821] ? ret_from_fork_asm+0x1a/0x30 [ 165.679217][ T1821] ? rt_mutex_unlock+0x2a/0x50 [ 165.684103][ T1821] ? kmsan_get_metadata+0x13e/0x1c0 [ 165.689424][ T1821] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 165.695364][ T1821] ? dib3000_read_reg+0x32b/0x4e0 [ 165.700499][ T1821] ? kmsan_get_metadata+0x13e/0x1c0 [ 165.705816][ T1821] __msan_warning+0x95/0x120 [ 165.710507][ T1821] dib3000mb_attach+0x2d8/0x3c0 [ 165.715493][ T1821] ? __pfx_dib3000mb_attach+0x10/0x10 [ 165.721011][ T1821] dibusb_dib3000mb_frontend_attach+0x155/0x2f0 [ 165.727367][ T1821] ? __pfx_dibusb_dib3000mb_frontend_attach+0x10/0x10 [ 165.734244][ T1821] dvb_usb_adapter_frontend_init+0xed/0x9a0 [ 165.740268][ T1821] dvb_usb_device_init+0x25a8/0x3760 [ 165.745693][ T1821] ? __pfx_dibusb_probe+0x10/0x10 [ 165.750816][ T1821] dibusb_probe+0x46/0x250 [ 165.755322][ T1821] ? __pfx_dibusb_probe+0x10/0x10 [ 165.760445][ T1821] usb_probe_interface+0xd6f/0x1350 [ 165.765841][ T1821] ? __pfx_usb_probe_interface+0x10/0x10 [ 165.771596][ T1821] really_probe+0x4db/0xd90 [ 165.776223][ T1821] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 165.782172][ T1821] __driver_probe_device+0x2ab/0x5d0 [ 165.787661][ T1821] driver_probe_device+0x72/0x890 [ 165.792820][ T1821] ? kmsan_get_metadata+0x13e/0x1c0 [ 165.798197][ T1821] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 165.804149][ T1821] __device_attach_driver+0x568/0x9e0 [ 165.809724][ T1821] bus_for_each_drv+0x403/0x620 [ 165.814666][ T1821] ? __pfx___device_attach_driver+0x10/0x10 [ 165.820696][ T1821] __device_attach+0x3c1/0x650 [ 165.825577][ T1821] device_initial_probe+0x32/0x40 [ 165.830713][ T1821] bus_probe_device+0x3dc/0x5c0 [ 165.835663][ T1821] device_add+0x13aa/0x1ba0 [ 165.840288][ T1821] usb_set_configuration+0x31c9/0x38d0 [ 165.845844][ T1821] ? usb_set_configuration+0x921/0x38d0 [ 165.851505][ T1821] usb_generic_driver_probe+0x109/0x2a0 [ 165.857173][ T1821] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 165.863103][ T1821] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 165.869293][ T1821] usb_probe_device+0x3a7/0x690 [ 165.874335][ T1821] ? __pfx_usb_probe_device+0x10/0x10 [ 165.879807][ T1821] really_probe+0x4db/0xd90 [ 165.884427][ T1821] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 165.890350][ T1821] __driver_probe_device+0x2ab/0x5d0 [ 165.895758][ T1821] driver_probe_device+0x72/0x890 [ 165.900895][ T1821] ? kmsan_get_metadata+0x13e/0x1c0 [ 165.906208][ T1821] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 165.912135][ T1821] __device_attach_driver+0x568/0x9e0 [ 165.917640][ T1821] bus_for_each_drv+0x403/0x620 [ 165.922589][ T1821] ? __pfx___device_attach_driver+0x10/0x10 [ 165.928628][ T1821] __device_attach+0x3c1/0x650 [ 165.933511][ T1821] device_initial_probe+0x32/0x40 [ 165.938668][ T1821] bus_probe_device+0x3dc/0x5c0 [ 165.943688][ T1821] device_add+0x13aa/0x1ba0 [ 165.948310][ T1821] usb_new_device+0x15f4/0x2470 [ 165.953287][ T1821] hub_event+0x4ffb/0x72d0 [ 165.957827][ T1821] ? __pfx_hub_event+0x10/0x10 [ 165.962666][ T1821] process_scheduled_works+0xae0/0x1c40 [ 165.968386][ T1821] worker_thread+0xea5/0x1520 [ 165.973195][ T1821] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 165.979197][ T1821] kthread+0x3dd/0x540 [ 165.983400][ T1821] ? __pfx_worker_thread+0x10/0x10 [ 165.988692][ T1821] ? __pfx_kthread+0x10/0x10 [ 165.993387][ T1821] ret_from_fork+0x6d/0x90 [ 165.997886][ T1821] ? __pfx_kthread+0x10/0x10 [ 166.002583][ T1821] ret_from_fork_asm+0x1a/0x30 [ 166.007465][ T1821] [ 166.010800][ T1821] Kernel Offset: disabled [ 166.015185][ T1821] Rebooting in 86400 seconds..