./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3928666999 <...> forked to background, child pid 3057 no interfaces have a carrier [ 81.042687][ T3058] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.058430][ T3058] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 105.383673][ T124] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.0.160' (ECDSA) to the list of known hosts. execve("./syz-executor3928666999", ["./syz-executor3928666999"], 0x7fffc7c32600 /* 10 vars */) = 0 brk(NULL) = 0x555555b36000 brk(0x555555b36c40) = 0x555555b36c40 arch_prctl(ARCH_SET_FS, 0x555555b36300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor3928666999", 4096) = 28 brk(0x555555b57c40) = 0x555555b57c40 brk(0x555555b58000) = 0x555555b58000 mprotect(0x7fde80303000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b365d0) = 3490 ./strace-static-x86_64: Process 3490 attached [pid 3490] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3490] setpgid(0, 0) = 0 [pid 3490] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3490] write(3, "1000", 4) = 4 [pid 3490] close(3) = 0 [pid 3490] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 3490] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fffaa2cdc30) = 0 [pid 3490] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 3490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffaa2cdc30) = 0 [pid 3490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffaa2cdc30) = 0 [pid 3490] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fffaa2ccc20) = 18 [ 115.371865][ T122] usb 1-1: new high-speed USB device number 2 using dummy_hcd [pid 3490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffaa2cdc30) = 0 [ 115.631868][ T122] usb 1-1: Using ep0 maxpacket: 8 [pid 3490] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fffaa2ccc20) = 18 [pid 3490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffaa2cdc30) = 0 [pid 3490] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fffaa2ccc20) = 9 [pid 3490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffaa2cdc30) = 0 [pid 3490] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fffaa2ccc20) = 18 [pid 3490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffaa2cdc30) = 0 [pid 3490] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 3490] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [ 115.772275][ T122] usb 1-1: config 0 has an invalid interface number: 124 but max is 0 [ 115.780679][ T122] usb 1-1: config 0 has no interface number 0 [ 115.787079][ T122] usb 1-1: New USB device found, idVendor=14aa, idProduct=0002, bcdDevice=5e.eb [ 115.796369][ T122] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.809358][ T122] usb 1-1: config 0 descriptor?? [pid 3490] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fffaa2ccc20) = 0 [ 115.858210][ T122] dvb-usb: found a 'AVerMedia AverTV DVBT USB1.1' in warm state. [ 115.866334][ T122] dvb-usb: bulk message failed: -22 (3/0) [ 115.907293][ T122] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 115.933218][ T122] dvbdev: DVB: registering new adapter (AVerMedia AverTV DVBT USB1.1) [ 115.941587][ T122] usb 1-1: media controller created [ 115.975171][ T122] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 116.014174][ T122] dvb-usb: bulk message failed: -22 (6/0) [pid 3490] exit_group(0) = ? [ 116.020114][ T122] ===================================================== [ 116.027537][ T122] BUG: KMSAN: uninit-value in dib3000mb_attach+0x2e4/0x3d0 [ 116.034925][ T122] dib3000mb_attach+0x2e4/0x3d0 [ 116.039883][ T122] dibusb_dib3000mb_frontend_attach+0x15a/0x300 [ 116.046413][ T122] dvb_usb_adapter_frontend_init+0xe6/0x990 [ 116.052554][ T122] dvb_usb_device_init+0x2697/0x3790 [ 116.057987][ T122] dibusb_probe+0x42/0x250 [ 116.062666][ T122] usb_probe_interface+0xc4b/0x11f0 [ 116.068033][ T122] really_probe+0x499/0xf50 [pid 3490] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3490, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b365d0) = 3492 ./strace-static-x86_64: Process 3492 attached [pid 3492] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 116.072740][ T122] __driver_probe_device+0x2fa/0x3d0 [ 116.078164][ T122] driver_probe_device+0x72/0x7a0 [ 116.083383][ T122] __device_attach_driver+0x6f1/0x890 [ 116.088901][ T122] bus_for_each_drv+0x1fc/0x360 [ 116.094019][ T122] __device_attach+0x42a/0x720 [ 116.098919][ T122] device_initial_probe+0x2e/0x40 [ 116.104175][ T122] bus_probe_device+0x13c/0x3b0 [ 116.109150][ T122] device_add+0x1d4b/0x26c0 [ 116.114047][ T122] usb_set_configuration+0x30f8/0x37e0 [ 116.119669][ T122] usb_generic_driver_probe+0x105/0x290 [ 116.125431][ T122] usb_probe_device+0x288/0x490 [ 116.130435][ T122] really_probe+0x499/0xf50 [ 116.135145][ T122] __driver_probe_device+0x2fa/0x3d0 [ 116.140570][ T122] driver_probe_device+0x72/0x7a0 [ 116.145834][ T122] __device_attach_driver+0x6f1/0x890 [ 116.151346][ T122] bus_for_each_drv+0x1fc/0x360 [ 116.156377][ T122] __device_attach+0x42a/0x720 [ 116.161270][ T122] device_initial_probe+0x2e/0x40 [ 116.166496][ T122] bus_probe_device+0x13c/0x3b0 [ 116.171474][ T122] device_add+0x1d4b/0x26c0 [pid 3492] setpgid(0, 0) = 0 [pid 3492] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3492] write(3, "1000", 4) = 4 [pid 3492] close(3) = 0 [pid 3492] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 3492] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fffaa2cdc30) = 0 [pid 3492] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 3492] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffaa2cdc30) = 0 [ 116.176182][ T122] usb_new_device+0x17a1/0x2360 [ 116.181157][ T122] hub_event+0x5559/0x8050 [ 116.185758][ T122] process_one_work+0xb27/0x13e0 [ 116.190850][ T122] worker_thread+0x1076/0x1d60 [ 116.195826][ T122] kthread+0x31b/0x430 [ 116.200016][ T122] ret_from_fork+0x1f/0x30 [ 116.204782][ T122] [ 116.207172][ T122] Local variable rb created at: [ 116.212176][ T122] dib3000_read_reg+0x94/0x510 [ 116.217067][ T122] dib3000mb_attach+0x10d/0x3d0 [ 116.222211][ T122] [ 116.224601][ T122] CPU: 0 PID: 122 Comm: kworker/0:2 Not tainted 5.19.0-syzkaller-32655-g1b070a5d1a2c #0 [ 116.234579][ T122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 116.244820][ T122] Workqueue: usb_hub_wq hub_event [ 116.249942][ T122] ===================================================== [ 116.257045][ T122] Disabling lock debugging due to kernel taint [ 116.263315][ T122] Kernel panic - not syncing: kmsan.panic set ... [ 116.269766][ T122] CPU: 0 PID: 122 Comm: kworker/0:2 Tainted: G B 5.19.0-syzkaller-32655-g1b070a5d1a2c #0 [ 116.280968][ T122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 116.291081][ T122] Workqueue: usb_hub_wq hub_event [ 116.296230][ T122] Call Trace: [ 116.299585][ T122] [ 116.302595][ T122] dump_stack_lvl+0x1c8/0x256 [ 116.307396][ T122] dump_stack+0x1a/0x1c [ 116.311706][ T122] panic+0x4d3/0xc69 [ 116.315747][ T122] kmsan_report+0x2cc/0x2d0 [ 116.320368][ T122] ? __msan_warning+0x92/0x110 [ 116.325251][ T122] ? dib3000mb_attach+0x2e4/0x3d0 [ 116.330387][ T122] ? dibusb_dib3000mb_frontend_attach+0x15a/0x300 [ 116.336960][ T122] ? dvb_usb_adapter_frontend_init+0xe6/0x990 [ 116.343130][ T122] ? dvb_usb_device_init+0x2697/0x3790 [ 116.348709][ T122] ? dibusb_probe+0x42/0x250 [ 116.353451][ T122] ? usb_probe_interface+0xc4b/0x11f0 [ 116.358961][ T122] ? really_probe+0x499/0xf50 [ 116.363754][ T122] ? __driver_probe_device+0x2fa/0x3d0 [ 116.369329][ T122] ? driver_probe_device+0x72/0x7a0 [ 116.374602][ T122] ? __device_attach_driver+0x6f1/0x890 [ 116.380227][ T122] ? bus_for_each_drv+0x1fc/0x360 [ 116.385338][ T122] ? __device_attach+0x42a/0x720 [ 116.390411][ T122] ? device_initial_probe+0x2e/0x40 [ 116.395708][ T122] ? bus_probe_device+0x13c/0x3b0 [ 116.400821][ T122] ? device_add+0x1d4b/0x26c0 [ 116.405601][ T122] ? usb_set_configuration+0x30f8/0x37e0 [ 116.411405][ T122] ? usb_generic_driver_probe+0x105/0x290 [ 116.417300][ T122] ? usb_probe_device+0x288/0x490 [ 116.422486][ T122] ? really_probe+0x499/0xf50 [ 116.427251][ T122] ? __driver_probe_device+0x2fa/0x3d0 [ 116.432849][ T122] ? driver_probe_device+0x72/0x7a0 [ 116.438184][ T122] ? __device_attach_driver+0x6f1/0x890 [ 116.443871][ T122] ? bus_for_each_drv+0x1fc/0x360 [ 116.449004][ T122] ? __device_attach+0x42a/0x720 [ 116.454030][ T122] ? device_initial_probe+0x2e/0x40 [ 116.459340][ T122] ? bus_probe_device+0x13c/0x3b0 [ 116.464487][ T122] ? device_add+0x1d4b/0x26c0 [ 116.469314][ T122] ? usb_new_device+0x17a1/0x2360 [ 116.474429][ T122] ? hub_event+0x5559/0x8050 [ 116.479137][ T122] ? process_one_work+0xb27/0x13e0 [ 116.484339][ T122] ? worker_thread+0x1076/0x1d60 [ 116.489379][ T122] ? kthread+0x31b/0x430 [ 116.493742][ T122] ? ret_from_fork+0x1f/0x30 [ 116.498456][ T122] ? i2c_adapter_trylock_bus+0x40/0x40 [ 116.504018][ T122] ? rt_mutex_unlock+0x25/0x50 [ 116.508885][ T122] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 116.514807][ T122] ? dib3000_read_reg+0x33d/0x510 [ 116.519943][ T122] __msan_warning+0x92/0x110 [ 116.524651][ T122] dib3000mb_attach+0x2e4/0x3d0 [ 116.529607][ T122] ? as102_fe_ts_bus_ctrl+0x140/0x140 [ 116.535132][ T122] dibusb_dib3000mb_frontend_attach+0x15a/0x300 [ 116.541533][ T122] ? dibusb_probe+0x238/0x250 [ 116.546320][ T122] ? dibusb_probe+0x250/0x250 [ 116.551142][ T122] dvb_usb_adapter_frontend_init+0xe6/0x990 [ 116.557160][ T122] dvb_usb_device_init+0x2697/0x3790 [ 116.562559][ T122] dibusb_probe+0x42/0x250 [ 116.567061][ T122] ? a800_rc_query+0x420/0x420 [ 116.571946][ T122] usb_probe_interface+0xc4b/0x11f0 [ 116.577333][ T122] ? usb_register_driver+0x5f0/0x5f0 [ 116.582784][ T122] really_probe+0x499/0xf50 [ 116.587423][ T122] __driver_probe_device+0x2fa/0x3d0 [ 116.592810][ T122] driver_probe_device+0x72/0x7a0 [ 116.597976][ T122] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 116.603946][ T122] __device_attach_driver+0x6f1/0x890 [ 116.609476][ T122] ? kmsan_report+0x270/0x2d0 [ 116.614288][ T122] bus_for_each_drv+0x1fc/0x360 [ 116.619227][ T122] ? deferred_probe_work_func+0x4d0/0x4d0 [ 116.625117][ T122] __device_attach+0x42a/0x720 [ 116.630013][ T122] device_initial_probe+0x2e/0x40 [ 116.635115][ T122] bus_probe_device+0x13c/0x3b0 [ 116.640073][ T122] device_add+0x1d4b/0x26c0 [ 116.644727][ T122] usb_set_configuration+0x30f8/0x37e0 [ 116.650316][ T122] usb_generic_driver_probe+0x105/0x290 [ 116.655969][ T122] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 116.661887][ T122] ? usb_choose_configuration+0xdc0/0xdc0 [ 116.667696][ T122] ? usb_choose_configuration+0xdc0/0xdc0 [ 116.673506][ T122] usb_probe_device+0x288/0x490 [ 116.678471][ T122] ? usb_register_device_driver+0x440/0x440 [ 116.684516][ T122] really_probe+0x499/0xf50 [ 116.689109][ T122] __driver_probe_device+0x2fa/0x3d0 [ 116.694486][ T122] driver_probe_device+0x72/0x7a0 [ 116.699616][ T122] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 116.705583][ T122] __device_attach_driver+0x6f1/0x890 [ 116.711059][ T122] ? kmsan_report+0x270/0x2d0 [ 116.715881][ T122] bus_for_each_drv+0x1fc/0x360 [ 116.720808][ T122] ? deferred_probe_work_func+0x4d0/0x4d0 [ 116.726617][ T122] __device_attach+0x42a/0x720 [ 116.731487][ T122] device_initial_probe+0x2e/0x40 [ 116.736652][ T122] bus_probe_device+0x13c/0x3b0 [ 116.741603][ T122] device_add+0x1d4b/0x26c0 [ 116.746262][ T122] usb_new_device+0x17a1/0x2360 [ 116.751245][ T122] hub_event+0x5559/0x8050 [ 116.755841][ T122] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 116.761753][ T122] ? led_work+0x730/0x730 [ 116.766227][ T122] ? led_work+0x730/0x730 [ 116.770680][ T122] process_one_work+0xb27/0x13e0 [ 116.775769][ T122] worker_thread+0x1076/0x1d60 [ 116.780710][ T122] kthread+0x31b/0x430 [ 116.784908][ T122] ? worker_clr_flags+0x2b0/0x2b0 [ 116.790084][ T122] ? kthread_blkcg+0x120/0x120 [ 116.794944][ T122] ret_from_fork+0x1f/0x30 [ 116.799512][ T122] [ 116.802758][ T122] Kernel Offset: disabled [ 116.807143][ T122] Rebooting in 86400 seconds..