./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3832388612
<...>
Warning: Permanently added '10.128.0.208' (ED25519) to the list of known hosts.
execve("./syz-executor3832388612", ["./syz-executor3832388612"], 0x7ffe1d981460 /* 10 vars */) = 0
brk(NULL) = 0x555555a7e000
brk(0x555555a7ed00) = 0x555555a7ed00
arch_prctl(ARCH_SET_FS, 0x555555a7e380) = 0
set_tid_address(0x555555a7e650) = 5043
set_robust_list(0x555555a7e660, 24) = 0
rseq(0x555555a7eca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3832388612", 4096) = 28
getrandom("\x90\x55\x2f\xc8\xdc\x9a\xe4\x09", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x555555a7ed00
brk(0x555555a9fd00) = 0x555555a9fd00
brk(0x555555aa0000) = 0x555555aa0000
mprotect(0x7f228e91f000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5044 attached
, child_tidptr=0x555555a7e650) = 5044
[pid 5044] set_robust_list(0x555555a7e660, 24) = 0
[pid 5044] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5044] setpgid(0, 0) = 0
[pid 5044] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5044] write(3, "1000", 4) = 4
[pid 5044] close(3) = 0
[pid 5044] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 5044] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcbd2d8bc0) = 18
[ 78.288368][ T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[ 78.558268][ T9] usb 1-1: Using ep0 maxpacket: 32
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcbd2d8bc0) = 18
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcbd2d8bc0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcbd2d8bc0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcbd2d8bc0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcbd2d8bc0) = 9
[ 78.778926][ T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcbd2d8bc0) = 553
[ 78.888563][ T9] usb 1-1: config 1 has an invalid interface number: 170 but max is 1
[ 78.897798][ T9] usb 1-1: config 1 has an invalid interface number: 234 but max is 1
[ 78.906272][ T9] usb 1-1: config 1 has no interface number 0
[ 78.912406][ T9] usb 1-1: config 1 has no interface number 1
[ 78.918887][ T9] usb 1-1: config 1 interface 170 altsetting 5 endpoint 0x2 has an invalid bInterval 129, changing to 7
[ 78.930145][ T9] usb 1-1: config 1 interface 170 altsetting 5 has a duplicate endpoint with address 0x4, skipping
[ 78.940970][ T9] usb 1-1: config 1 interface 170 altsetting 5 endpoint 0x82 has an invalid bInterval 33, changing to 9
[ 78.952300][ T9] usb 1-1: config 1 interface 170 altsetting 5 has a duplicate endpoint with address 0x4, skipping
[ 78.963048][ T9] usb 1-1: config 1 interface 170 altsetting 5 has 6 endpoint descriptors, different from the interface descriptor's value: 5
[ 78.976142][ T9] usb 1-1: config 1 interface 234 altsetting 1 endpoint 0x8 has invalid maxpacket 1024, setting to 64
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcbd2d8bc0) = 0
[ 78.987135][ T9] usb 1-1: config 1 interface 234 altsetting 1 has an invalid endpoint with address 0x80, skipping
[ 78.997852][ T9] usb 1-1: config 1 interface 234 altsetting 1 has a duplicate endpoint with address 0xC, skipping
[ 79.008893][ T9] usb 1-1: config 1 interface 170 has no altsetting 0
[ 79.015662][ T9] usb 1-1: config 1 interface 234 has no altsetting 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcbd2d8bc0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcbd2d8bc0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcbd2d8bc0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcbd2d8bc0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffcbd2d8bc0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0x40) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f228e9253ec) = -1 EINVAL (Invalid argument)
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f228e9253fc) = -1 EINVAL (Invalid argument)
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f228e92540c) = -1 EINVAL (Invalid argument)
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f228e92541c) = -1 EINVAL (Invalid argument)
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f228e92542c) = 10
[ 79.318370][ T9] usb 1-1: string descriptor 0 read error: -22
[ 79.325059][ T9] usb 1-1: New USB device found, idVendor=080e, idProduct=4eb9, bcdDevice=d7.f6
[ 79.334212][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[pid 5044] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffcbd2d8bc0) = 0
[ 79.408120][ T9] ================================================================================
[ 79.417953][ T9] UBSAN: array-index-out-of-bounds in drivers/hid/usbhid/hid-core.c:1024:18
[ 79.426766][ T9] index 1 is out of range for type 'hid_class_descriptor [1]'
[ 79.434710][ T9] CPU: 0 PID: 9 Comm: kworker/0:1 Not tainted 6.6.0-rc5-syzkaller-00227-gad7f1baed071 #0
[ 79.444539][ T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 79.454586][ T9] Workqueue: usb_hub_wq hub_event
[ 79.459631][ T9] Call Trace:
[ 79.462902][ T9]
[ 79.465822][ T9] dump_stack_lvl+0x125/0x1b0
[ 79.470498][ T9] __ubsan_handle_out_of_bounds+0x111/0x150
[ 79.476397][ T9] usbhid_parse+0x94a/0xa20
[ 79.480946][ T9] ? usbhid_start+0x2340/0x2340
[ 79.485838][ T9] hid_add_device+0x189/0xa60
[ 79.490509][ T9] ? mark_held_locks+0x9f/0xe0
[ 79.495295][ T9] ? lockdep_init_map_type+0x16d/0x7c0
[ 79.500773][ T9] ? modalias_show+0x150/0x150
[ 79.505579][ T9] ? lockdep_init_map_type+0x16d/0x7c0
[ 79.511058][ T9] ? __raw_spin_lock_init+0x3a/0x110
[ 79.516393][ T9] usbhid_probe+0xd0a/0x1360
[ 79.520994][ T9] usb_probe_interface+0x307/0x930
[ 79.526105][ T9] ? usb_match_dynamic_id+0x1a0/0x1a0
[ 79.531487][ T9] really_probe+0x234/0xc90
[ 79.536020][ T9] __driver_probe_device+0x1de/0x4b0
[ 79.541328][ T9] driver_probe_device+0x4c/0x1a0
[ 79.546379][ T9] __device_attach_driver+0x1d4/0x300
[ 79.551750][ T9] ? driver_probe_device+0x1a0/0x1a0
[pid 5044] exit_group(0) = ?
[ 79.557121][ T9] bus_for_each_drv+0x157/0x1d0
[ 79.561969][ T9] ? bus_for_each_dev+0x1d0/0x1d0
[ 79.566989][ T9] ? lockdep_hardirqs_on+0x7d/0x100
[ 79.572202][ T9] ? _raw_spin_unlock_irqrestore+0x3b/0x70
[ 79.578025][ T9] __device_attach+0x1e8/0x4b0
[ 79.582789][ T9] ? device_driver_attach+0x200/0x200
[ 79.588158][ T9] ? do_raw_spin_unlock+0x173/0x230
[ 79.593386][ T9] bus_probe_device+0x17c/0x1c0
[ 79.598249][ T9] device_add+0x117e/0x1aa0
[pid 5044] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5044, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5047 attached
[pid 5047] set_robust_list(0x555555a7e660, 24) = 0
[pid 5043] <... clone resumed>, child_tidptr=0x555555a7e650) = 5047
[pid 5047] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5047] setpgid(0, 0) = 0
[pid 5047] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5047] write(3, "1000", 4) = 4
[pid 5047] close(3) = 0
[pid 5047] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 5047] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffcbd2d9bd0) = 0
[pid 5047] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 5047] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffcbd2d9bd0) = 0
[ 79.602772][ T9] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[ 79.609663][ T9] ? usb_cache_string+0xee/0x140
[ 79.614668][ T9] usb_set_configuration+0x10cb/0x1c40
[ 79.620189][ T9] usb_generic_driver_probe+0xca/0x130
[ 79.625701][ T9] usb_probe_device+0xda/0x2c0
[ 79.630502][ T9] ? usb_driver_release_interface+0x190/0x190
[ 79.636608][ T9] really_probe+0x234/0xc90
[ 79.641160][ T9] __driver_probe_device+0x1de/0x4b0
[ 79.646481][ T9] ? usb_driver_applicable+0x1c4/0x220
[ 79.651996][ T9] driver_probe_device+0x4c/0x1a0
[ 79.657070][ T9] __device_attach_driver+0x1d4/0x300
[ 79.662486][ T9] ? driver_probe_device+0x1a0/0x1a0
[ 79.667797][ T9] bus_for_each_drv+0x157/0x1d0
[ 79.672658][ T9] ? bus_for_each_dev+0x1d0/0x1d0
[ 79.677717][ T9] ? lockdep_hardirqs_on+0x7d/0x100
[ 79.682913][ T9] ? _raw_spin_unlock_irqrestore+0x3b/0x70
[ 79.688714][ T9] __device_attach+0x1e8/0x4b0
[ 79.693501][ T9] ? device_driver_attach+0x200/0x200
[ 79.698884][ T9] ? do_raw_spin_unlock+0x173/0x230
[ 79.704138][ T9] bus_probe_device+0x17c/0x1c0
[ 79.709035][ T9] device_add+0x117e/0x1aa0
[ 79.713564][ T9] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[ 79.720440][ T9] ? usb_detect_static_quirks+0x335/0x3e0
[ 79.726193][ T9] usb_new_device+0xd80/0x1960
[ 79.730989][ T9] ? hub_disconnect+0x520/0x520
[ 79.735844][ T9] hub_event+0x2daf/0x4e00
[ 79.740313][ T9] ? hub_port_debounce+0x3d0/0x3d0
[ 79.745451][ T9] ? print_usage_bug.part.0+0x5a1/0x670
[ 79.750993][ T9] ? lock_sync+0x190/0x190
[ 79.755416][ T9] ? reacquire_held_locks+0x4b0/0x4b0
[ 79.760823][ T9] process_one_work+0x884/0x15c0
[ 79.765765][ T9] ? hcd_died_work+0x60/0x60
[ 79.770352][ T9] ? init_worker_pool+0x770/0x770
[ 79.775391][ T9] ? assign_work+0x1a0/0x240
[ 79.779981][ T9] worker_thread+0x8b9/0x1290
[ 79.784663][ T9] ? __kthread_parkme+0x14b/0x220
[ 79.789706][ T9] ? process_one_work+0x15c0/0x15c0
[ 79.794926][ T9] kthread+0x33c/0x440
[ 79.798999][ T9] ? _raw_spin_unlock_irq+0x23/0x50
[ 79.804239][ T9] ? kthread_complete_and_exit+0x40/0x40
[ 79.809895][ T9] ret_from_fork+0x45/0x80
[ 79.814340][ T9] ? kthread_complete_and_exit+0x40/0x40
[ 79.819991][ T9] ret_from_fork_asm+0x11/0x20
[ 79.824764][ T9]
[ 79.827894][ T9] ================================================================================
[ 79.837639][ T9] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[ 79.844855][ T9] CPU: 0 PID: 9 Comm: kworker/0:1 Not tainted 6.6.0-rc5-syzkaller-00227-gad7f1baed071 #0
[ 79.854676][ T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 79.864758][ T9] Workqueue: usb_hub_wq hub_event
[ 79.869802][ T9] Call Trace:
[ 79.873088][ T9]
[ 79.876021][ T9] dump_stack_lvl+0xd9/0x1b0
[ 79.880627][ T9] panic+0x6a6/0x750
[ 79.884534][ T9] ? panic_smp_self_stop+0xa0/0xa0
[ 79.889681][ T9] ? syslog_print_all+0x3f0/0x3f0
[ 79.894737][ T9] check_panic_on_warn+0xab/0xb0
[ 79.899689][ T9] __ubsan_handle_out_of_bounds+0x139/0x150
[ 79.905606][ T9] usbhid_parse+0x94a/0xa20
[ 79.910137][ T9] ? usbhid_start+0x2340/0x2340
[ 79.915049][ T9] hid_add_device+0x189/0xa60
[ 79.919768][ T9] ? mark_held_locks+0x9f/0xe0
[ 79.924551][ T9] ? lockdep_init_map_type+0x16d/0x7c0
[ 79.930029][ T9] ? modalias_show+0x150/0x150
[ 79.934805][ T9] ? lockdep_init_map_type+0x16d/0x7c0
[ 79.940282][ T9] ? __raw_spin_lock_init+0x3a/0x110
[ 79.945591][ T9] usbhid_probe+0xd0a/0x1360
[ 79.950207][ T9] usb_probe_interface+0x307/0x930
[ 79.955334][ T9] ? usb_match_dynamic_id+0x1a0/0x1a0
[ 79.960733][ T9] really_probe+0x234/0xc90
[ 79.965258][ T9] __driver_probe_device+0x1de/0x4b0
[ 79.970564][ T9] driver_probe_device+0x4c/0x1a0
[ 79.975606][ T9] __device_attach_driver+0x1d4/0x300
[ 79.981001][ T9] ? driver_probe_device+0x1a0/0x1a0
[ 79.986306][ T9] bus_for_each_drv+0x157/0x1d0
[ 79.991172][ T9] ? bus_for_each_dev+0x1d0/0x1d0
[ 79.996227][ T9] ? lockdep_hardirqs_on+0x7d/0x100
[ 80.001474][ T9] ? _raw_spin_unlock_irqrestore+0x3b/0x70
[ 80.007305][ T9] __device_attach+0x1e8/0x4b0
[ 80.012092][ T9] ? device_driver_attach+0x200/0x200
[ 80.017481][ T9] ? do_raw_spin_unlock+0x173/0x230
[ 80.022714][ T9] bus_probe_device+0x17c/0x1c0
[ 80.027583][ T9] device_add+0x117e/0x1aa0
[ 80.032127][ T9] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[ 80.038989][ T9] ? usb_cache_string+0xee/0x140
[ 80.043964][ T9] usb_set_configuration+0x10cb/0x1c40
[ 80.049453][ T9] usb_generic_driver_probe+0xca/0x130
[ 80.054936][ T9] usb_probe_device+0xda/0x2c0
[ 80.059710][ T9] ? usb_driver_release_interface+0x190/0x190
[ 80.065788][ T9] really_probe+0x234/0xc90
[ 80.070321][ T9] __driver_probe_device+0x1de/0x4b0
[ 80.075621][ T9] ? usb_driver_applicable+0x1c4/0x220
[ 80.081092][ T9] driver_probe_device+0x4c/0x1a0
[ 80.086136][ T9] __device_attach_driver+0x1d4/0x300
[ 80.091555][ T9] ? driver_probe_device+0x1a0/0x1a0
[ 80.096852][ T9] bus_for_each_drv+0x157/0x1d0
[ 80.101719][ T9] ? bus_for_each_dev+0x1d0/0x1d0
[ 80.106755][ T9] ? lockdep_hardirqs_on+0x7d/0x100
[ 80.111987][ T9] ? _raw_spin_unlock_irqrestore+0x3b/0x70
[ 80.117807][ T9] __device_attach+0x1e8/0x4b0
[ 80.122587][ T9] ? device_driver_attach+0x200/0x200
[ 80.127976][ T9] ? do_raw_spin_unlock+0x173/0x230
[ 80.133203][ T9] bus_probe_device+0x17c/0x1c0
[ 80.138072][ T9] device_add+0x117e/0x1aa0
[ 80.142588][ T9] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[ 80.149450][ T9] ? usb_detect_static_quirks+0x335/0x3e0
[ 80.155201][ T9] usb_new_device+0xd80/0x1960
[ 80.159990][ T9] ? hub_disconnect+0x520/0x520
[ 80.164866][ T9] hub_event+0x2daf/0x4e00
[ 80.169330][ T9] ? hub_port_debounce+0x3d0/0x3d0
[ 80.174467][ T9] ? print_usage_bug.part.0+0x5a1/0x670
[ 80.180031][ T9] ? lock_sync+0x190/0x190
[ 80.184460][ T9] ? reacquire_held_locks+0x4b0/0x4b0
[ 80.189862][ T9] process_one_work+0x884/0x15c0
[ 80.194822][ T9] ? hcd_died_work+0x60/0x60
[ 80.199429][ T9] ? init_worker_pool+0x770/0x770
[ 80.204477][ T9] ? assign_work+0x1a0/0x240
[ 80.209084][ T9] worker_thread+0x8b9/0x1290
[ 80.213782][ T9] ? __kthread_parkme+0x14b/0x220
[ 80.218817][ T9] ? process_one_work+0x15c0/0x15c0
[ 80.224033][ T9] kthread+0x33c/0x440
[ 80.228110][ T9] ? _raw_spin_unlock_irq+0x23/0x50
[ 80.233317][ T9] ? kthread_complete_and_exit+0x40/0x40
[ 80.238962][ T9] ret_from_fork+0x45/0x80
[ 80.243389][ T9] ? kthread_complete_and_exit+0x40/0x40
[ 80.249041][ T9] ret_from_fork_asm+0x11/0x20
[ 80.253838][ T9]
[ 80.257051][ T9] Kernel Offset: disabled
[ 80.261438][ T9] Rebooting in 86400 seconds..