./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2464074118
<...>
Warning: Permanently added '10.128.0.2' (ED25519) to the list of known hosts.
execve("./syz-executor2464074118", ["./syz-executor2464074118"], 0x7ffff89bbbb0 /* 10 vars */) = 0
brk(NULL) = 0x5555860d2000
brk(0x5555860d2e00) = 0x5555860d2e00
arch_prctl(ARCH_SET_FS, 0x5555860d2480) = 0
set_tid_address(0x5555860d2750) = 5841
set_robust_list(0x5555860d2760, 24) = 0
rseq(0x5555860d2da0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2464074118", 4096) = 28
getrandom("\x6a\xff\x70\xc8\x6f\x78\x8a\x7d", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x5555860d2e00
brk(0x5555860f3e00) = 0x5555860f3e00
brk(0x5555860f4000) = 0x5555860f4000
mprotect(0x7ff143e16000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGSEGV, {sa_handler=0x7ff143d6d950, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7ff143d76700}, NULL, 8) = 0
rt_sigaction(SIGBUS, {sa_handler=0x7ff143d6d950, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7ff143d76700}, NULL, 8) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5842 attached
, child_tidptr=0x5555860d2750) = 5842
[pid 5842] set_robust_list(0x5555860d2760, 24) = 0
[pid 5842] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5842] setpgid(0, 0) = 0
[pid 5842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5842] write(3, "1000", 4) = 4
[pid 5842] close(3) = 0
executing program
[pid 5842] write(1, "executing program\n", 18) = 18
[pid 5842] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 5842] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffedb44dca0) = 18
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[ 95.129627][ T3080] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffedb44dca0) = 18
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffedb44dca0) = 9
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffedb44dca0) = 18
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffedb44dca0) = 4
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffedb44dca0) = 8
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffedb44dca0) = 8
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffedb44dca0) = 8
[ 95.317452][ T3080] usb 1-1: config 0 has an invalid interface number: 93 but max is 0
[ 95.327434][ T3080] usb 1-1: config 0 has no interface number 0
[ 95.353032][ T3080] usb 1-1: New USB device found, idVendor=10b8, idProduct=1bb4, bcdDevice=34.65
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ecb0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffedb44dca0) = 0
[ 95.363414][ T3080] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 95.373226][ T3080] usb 1-1: Product: syz
[ 95.377786][ T3080] usb 1-1: Manufacturer: syz
[ 95.382642][ T3080] usb 1-1: SerialNumber: syz
[ 95.392110][ T3080] usb 1-1: config 0 descriptor??
[pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffedb44ece0) = 0
[pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffedb44dcd0) = 4
[ 95.615139][ T3080] dvb-usb: found a 'DiBcom TFE7090PVR reference design' in warm state.
[ 95.628763][ T3080] dvb-usb: will use the device's hardware PID filter (table count: 32).
[ 95.641779][ T3080] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[ 95.652720][ T3080] usb 1-1: media controller created
[ 95.661903][ T3080] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 95.703661][ T3080] DVB: Unable to find symbol dib7000p_attach()
[ 95.712411][ T3080] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[ 95.723424][ T3080] dvb-usb: will use the device's hardware PID filter (table count: 32).
[ 95.736932][ T3080] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[ 95.751569][ T3080] usb 1-1: media controller created
[pid 5842] openat(AT_FDCWD, "/dev/i2c-1", O_RDONLY|O_NOATIME) = 4
[ 95.758722][ T3080] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 95.771780][ T3080] dib0700: the master dib7090 has to be initialized first
[ 95.782715][ T3080] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[ 95.829369][ T5842] ------------[ cut here ]------------
[ 95.836878][ T5842] usb 1-1: BOGUS control dir, pipe 80000280 doesn't match bRequestType c0
[ 95.848826][ T3080] rc_core: IR keymap rc-dib0700-rc5 not found
[ 95.856835][ T5842] WARNING: CPU: 1 PID: 5842 at drivers/usb/core/urb.c:413 usb_submit_urb+0x11d9/0x18c0
[ 95.869060][ T5842] Modules linked in:
[ 95.875223][ T5842] CPU: 1 UID: 0 PID: 5842 Comm: syz-executor246 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[ 95.888500][ T5842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 95.900438][ T5842] RIP: 0010:usb_submit_urb+0x11d9/0x18c0
[ 95.906996][ T5842] Code: 48 8b 4c 24 08 0f b6 04 01 84 c0 0f 85 52 05 00 00 45 0f b6 07 48 c7 c7 e0 4b d1 8c 4c 89 f6 48 89 da 89 e9 e8 e8 9b 09 fa 90 <0f> 0b 90 90 e9 c9 f3 ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 57
[ 95.936315][ T5842] RSP: 0018:ffffc90003b8f808 EFLAGS: 00010246
[ 95.943111][ T5842] RAX: 442847a0229ea300 RBX: ffff88803296e480 RCX: ffff88803549bc00
[ 95.952099][ T5842] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 95.962795][ T5842] RBP: 0000000080000280 R08: ffffffff81819e52 R09: 1ffff92000771e9c
[ 95.971635][ T5842] R10: dffffc0000000000 R11: fffff52000771e9d R12: ffff8881452fb0a8
[ 95.980690][ T5842] R13: ffff888020291000 R14: ffffffff8cd1b600 R15: ffff88803296ee20
[ 95.992275][ T5842] FS: 00005555860d2480(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 96.003361][ T5842] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 96.011941][ T5842] CR2: 00007f1f85112440 CR3: 0000000034144000 CR4: 00000000003526f0
[ 96.022482][ T5842] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 96.034042][ T5842] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 96.043341][ T5842] Call Trace:
[ 96.048603][ T5842]
[ 96.052433][ T5842] ? __warn+0x165/0x4d0
[ 96.057226][ T5842] ? usb_submit_urb+0x11d9/0x18c0
[ 96.062816][ T5842] ? report_bug+0x2b3/0x500
[ 96.068820][ T5842] ? usb_submit_urb+0x11d9/0x18c0
[ 96.075210][ T5842] ? handle_bug+0x60/0x90
[ 96.080436][ T5842] ? exc_invalid_op+0x1a/0x50
[ 96.085765][ T5842] ? asm_exc_invalid_op+0x1a/0x20
[ 96.091568][ T5842] ? __warn_printk+0x292/0x360
[ 96.097741][ T5842] ? usb_submit_urb+0x11d9/0x18c0
[ 96.103639][ T5842] ? usb_submit_urb+0x11d8/0x18c0
[ 96.110723][ T5842] ? __init_swait_queue_head+0xae/0x150
[ 96.117404][ T5842] usb_start_wait_urb+0x113/0x520
[ 96.123446][ T5842] ? __pfx_usb_start_wait_urb+0x10/0x10
[ 96.130832][ T5842] usb_control_msg+0x2b1/0x4c0
[ 96.137695][ T5842] ? __pfx_usb_control_msg+0x10/0x10
[ 96.143524][ T5842] ? dib0700_i2c_xfer+0x928/0x1060
[ 96.150230][ T5842] dib0700_i2c_xfer+0xc53/0x1060
[ 96.159007][ T5842] ? __pfx_dib0700_i2c_xfer+0x10/0x10
[ 96.165111][ T5842] __i2c_transfer+0x866/0x2220
[ 96.173204][ T5842] ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 96.180176][ T5842] ? lockdep_hardirqs_on+0x99/0x150
[ 96.185988][ T5842] ? __pfx___i2c_transfer+0x10/0x10
[ 96.191865][ T5842] ? rt_mutex_lock_nested+0x15e/0x1e0
[ 96.198195][ T5842] ? i2c_transfer+0x119/0x3b0
[ 96.203154][ T5842] i2c_transfer+0x271/0x3b0
[ 96.210374][ T5842] ? __pfx_i2c_transfer+0x10/0x10
[ 96.225139][ T5842] ? i2cdev_ioctl_rdwr+0x229/0x710
[ 96.230618][ T5842] i2cdev_ioctl_rdwr+0x452/0x710
[ 96.236772][ T5842] i2cdev_ioctl+0x759/0x9f0
[ 96.241798][ T5842] ? __pfx_i2cdev_ioctl+0x10/0x10
[ 96.247276][ T5842] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 96.254484][ T5842] ? __pfx_i2cdev_ioctl+0x10/0x10
[ 96.260121][ T5842] __se_sys_ioctl+0xf5/0x170
[ 96.264930][ T5842] do_syscall_64+0xf3/0x230
[ 96.271310][ T5842] ? clear_bhb_loop+0x35/0x90
[ 96.277131][ T5842] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 96.283236][ T5842] RIP: 0033:0x7ff143da39b9
[ 96.289575][ T5842] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 96.314681][ T5842] RSP: 002b:00007ffedb44fcf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 96.323771][ T5842] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff143da39b9
[ 96.334606][ T5842] RDX: 00002000000004c0 RSI: 0000000000000707 RDI: 0000000000000004
[ 96.343627][ T5842] RBP: 0000000000000000 R08: 00232d6332692f76 R09: 0000000000000000
[ 96.354027][ T5842] R10: 000000000000001f R11: 0000000000000246 R12: 0000000000000001
[ 96.363100][ T5842] R13: 431bde82d7b634db R14: 00007ffedb44fd40 R15: 0000000000000001
[ 96.371854][ T5842]
[ 96.376261][ T5842] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 96.384541][ T5842] CPU: 1 UID: 0 PID: 5842 Comm: syz-executor246 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[ 96.400310][ T5842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 96.412631][ T5842] Call Trace:
[ 96.416508][ T5842]
[ 96.419884][ T5842] dump_stack_lvl+0x241/0x360
[ 96.425376][ T5842] ? __pfx_dump_stack_lvl+0x10/0x10
[ 96.431634][ T5842] ? __pfx__printk+0x10/0x10
[ 96.437295][ T5842] ? _printk+0xd5/0x120
[ 96.441656][ T5842] ? __init_begin+0x41000/0x41000
[ 96.446956][ T5842] ? vscnprintf+0x5d/0x90
[ 96.452229][ T5842] panic+0x349/0x880
[ 96.456930][ T5842] ? __warn+0x174/0x4d0
[ 96.461420][ T5842] ? __pfx_panic+0x10/0x10
[ 96.468111][ T5842] __warn+0x344/0x4d0
[ 96.472576][ T5842] ? usb_submit_urb+0x11d9/0x18c0
[ 96.479678][ T5842] report_bug+0x2b3/0x500
[ 96.484472][ T5842] ? usb_submit_urb+0x11d9/0x18c0
[ 96.489950][ T5842] handle_bug+0x60/0x90
[ 96.494353][ T5842] exc_invalid_op+0x1a/0x50
[ 96.499915][ T5842] asm_exc_invalid_op+0x1a/0x20
[ 96.506117][ T5842] RIP: 0010:usb_submit_urb+0x11d9/0x18c0
[ 96.511965][ T5842] Code: 48 8b 4c 24 08 0f b6 04 01 84 c0 0f 85 52 05 00 00 45 0f b6 07 48 c7 c7 e0 4b d1 8c 4c 89 f6 48 89 da 89 e9 e8 e8 9b 09 fa 90 <0f> 0b 90 90 e9 c9 f3 ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 57
[ 96.541299][ T5842] RSP: 0018:ffffc90003b8f808 EFLAGS: 00010246
[ 96.547773][ T5842] RAX: 442847a0229ea300 RBX: ffff88803296e480 RCX: ffff88803549bc00
[ 96.557079][ T5842] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 96.566233][ T5842] RBP: 0000000080000280 R08: ffffffff81819e52 R09: 1ffff92000771e9c
[ 96.574779][ T5842] R10: dffffc0000000000 R11: fffff52000771e9d R12: ffff8881452fb0a8
[ 96.584414][ T5842] R13: ffff888020291000 R14: ffffffff8cd1b600 R15: ffff88803296ee20
[ 96.593941][ T5842] ? __warn_printk+0x292/0x360
[ 96.598885][ T5842] ? usb_submit_urb+0x11d8/0x18c0
[ 96.604455][ T5842] ? __init_swait_queue_head+0xae/0x150
[ 96.610953][ T5842] usb_start_wait_urb+0x113/0x520
[ 96.622224][ T5842] ? __pfx_usb_start_wait_urb+0x10/0x10
[ 96.630192][ T5842] usb_control_msg+0x2b1/0x4c0
[ 96.635941][ T5842] ? __pfx_usb_control_msg+0x10/0x10
[ 96.641691][ T5842] ? dib0700_i2c_xfer+0x928/0x1060
[ 96.647098][ T5842] dib0700_i2c_xfer+0xc53/0x1060
[ 96.652529][ T5842] ? __pfx_dib0700_i2c_xfer+0x10/0x10
[ 96.659835][ T5842] __i2c_transfer+0x866/0x2220
[ 96.665099][ T5842] ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 96.672276][ T5842] ? lockdep_hardirqs_on+0x99/0x150
[ 96.677806][ T5842] ? __pfx___i2c_transfer+0x10/0x10
[ 96.683095][ T5842] ? rt_mutex_lock_nested+0x15e/0x1e0
[ 96.688879][ T5842] ? i2c_transfer+0x119/0x3b0
[ 96.693963][ T5842] i2c_transfer+0x271/0x3b0
[ 96.699168][ T5842] ? __pfx_i2c_transfer+0x10/0x10
[ 96.706369][ T5842] ? i2cdev_ioctl_rdwr+0x229/0x710
[ 96.712490][ T5842] i2cdev_ioctl_rdwr+0x452/0x710
[ 96.718015][ T5842] i2cdev_ioctl+0x759/0x9f0
[ 96.723006][ T5842] ? __pfx_i2cdev_ioctl+0x10/0x10
[ 96.728513][ T5842] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 96.735013][ T5842] ? __pfx_i2cdev_ioctl+0x10/0x10
[ 96.741052][ T5842] __se_sys_ioctl+0xf5/0x170
[ 96.746339][ T5842] do_syscall_64+0xf3/0x230
[ 96.751327][ T5842] ? clear_bhb_loop+0x35/0x90
[ 96.756306][ T5842] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 96.762504][ T5842] RIP: 0033:0x7ff143da39b9
[ 96.767435][ T5842] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 96.789109][ T5842] RSP: 002b:00007ffedb44fcf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 96.797658][ T5842] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff143da39b9
[ 96.806461][ T5842] RDX: 00002000000004c0 RSI: 0000000000000707 RDI: 0000000000000004
[ 96.817294][ T5842] RBP: 0000000000000000 R08: 00232d6332692f76 R09: 0000000000000000
[ 96.826881][ T5842] R10: 000000000000001f R11: 0000000000000246 R12: 0000000000000001
[ 96.840890][ T5842] R13: 431bde82d7b634db R14: 00007ffedb44fd40 R15: 0000000000000001
[ 96.849435][ T5842]
[ 96.853905][ T5842] Kernel Offset: disabled
[ 96.858861][ T5842] Rebooting in 86400 seconds..