./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3167531922
<...>
Warning: Permanently added '10.128.0.172' (ED25519) to the list of known hosts.
execve("./syz-executor3167531922", ["./syz-executor3167531922"], 0x7fff9b73f650 /* 10 vars */) = 0
brk(NULL) = 0x5555715af000
brk(0x5555715afd00) = 0x5555715afd00
arch_prctl(ARCH_SET_FS, 0x5555715af380) = 0
set_tid_address(0x5555715af650) = 5867
set_robust_list(0x5555715af660, 24) = 0
rseq(0x5555715afca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3167531922", 4096) = 28
getrandom("\x63\xe0\x41\x51\x0c\x22\xe9\xea", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x5555715afd00
brk(0x5555715d0d00) = 0x5555715d0d00
brk(0x5555715d1000) = 0x5555715d1000
mprotect(0x7f274472a000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
write(1, "executing program\n", 18executing program
) = 18
openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffd8415ab00) = 0
ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd84159af0) = 18
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
[ 72.687819][ T44] usb 1-1: new high-speed USB device number 2 using dummy_hcd
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd84159af0) = 18
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd84159af0) = 9
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
[ 72.847794][ T44] usb 1-1: Using ep0 maxpacket: 16
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd84159af0) = 18
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd84159af0) = 4
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd84159af0) = 8
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd84159af0) = 8
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd84159af0) = 8
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab00) = 0
ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0
ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd84159af0) = 0
[ 72.940900][ T44] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 72.950081][ T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 72.958163][ T44] usb 1-1: Product: syz
[ 72.962332][ T44] usb 1-1: Manufacturer: syz
[ 72.966915][ T44] usb 1-1: SerialNumber: syz
[ 72.972957][ T44] usb 1-1: config 0 descriptor??
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab40) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd84159b30) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd8415ab40) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd84159b30) = 0
[ 73.394952][ T44] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[ 73.403999][ T44] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 73.413747][ T44] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[ 73.421784][ T44] usb 1-1: media controller created
[ 73.434902][ T44] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
openat(AT_FDCWD, "/dev/i2c-1", O_RDWR|O_APPEND) = 4
[ 73.977863][ T44] zl10353_read_register: readreg error (reg=127, ret==0)
[ 73.984973][ T44] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[ 73.993022][ T44] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[ 74.010297][ T5867] ------------[ cut here ]------------
[ 74.015804][ T5867] usb 1-1: BOGUS control dir, pipe 80000280 doesn't match bRequestType c0
[ 74.031719][ T5867] WARNING: drivers/usb/core/urb.c:413 at usb_submit_urb+0x112b/0x1830, CPU#0: syz-executor316/5867
[ 74.042621][ T5867] Modules linked in:
[ 74.046590][ T5867] CPU: 0 UID: 0 PID: 5867 Comm: syz-executor316 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full)
[ 74.058840][ T5867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 74.069174][ T5867] RIP: 0010:usb_submit_urb+0x112b/0x1830
[ 74.074866][ T5867] Code: 0f b6 44 05 00 84 c0 0f 85 e8 05 00 00 45 0f b6 45 00 48 c7 c7 80 b1 56 8c 48 8b 74 24 10 4c 89 fa 44 89 f1 e8 b6 67 4e fa 90 <0f> 0b 90 90 49 bc 00 00 00 00 00 fc ff df e9 17 f4 ff ff 89 e9 80
[ 74.095006][ T5867] RSP: 0018:ffffc90003f27830 EFLAGS: 00010246
[ 74.101303][ T5867] RAX: 92e0c64ac81ceb00 RBX: ffff888021e83800 RCX: ffff88803305bc00
[ 74.109358][ T5867] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 74.117353][ T5867] RBP: 1ffff110051fd90c R08: 0000000000000003 R09: 0000000000000004
[ 74.125395][ T5867] R10: dffffc0000000000 R11: fffffbfff1c7a1ec R12: dffffc0000000000
[ 74.133414][ T5867] R13: ffff888028fec860 R14: 0000000080000280 R15: ffff888028d14b40
[ 74.141427][ T5867] FS: 00005555715af380(0000) GS:ffff8881257d6000(0000) knlGS:0000000000000000
[ 74.150501][ T5867] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 74.157221][ T5867] CR2: 00007ffda9202bcc CR3: 00000000632b8000 CR4: 00000000003526f0
[ 74.165234][ T5867] Call Trace:
[ 74.168549][ T5867]
[ 74.171518][ T5867] usb_start_wait_urb+0x114/0x4c0
[ 74.176553][ T5867] ? __pfx_usb_start_wait_urb+0x10/0x10
[ 74.182182][ T5867] usb_control_msg+0x232/0x3e0
[ 74.186988][ T5867] dtv5100_i2c_msg+0x250/0x330
[ 74.191790][ T5867] dtv5100_i2c_xfer+0x1a4/0x3c0
[ 74.196693][ T5867] __i2c_transfer+0x874/0x2170
[ 74.201506][ T5867] ? lock_acquire+0x5f/0x360
[ 74.206118][ T5867] ? __pfx___i2c_transfer+0x10/0x10
[ 74.211354][ T5867] ? rt_mutex_lock_nested+0x172/0x1e0
[ 74.216840][ T5867] ? i2c_transfer+0x11d/0x3a0
[ 74.221555][ T5867] i2c_transfer+0x25b/0x3a0
[ 74.226074][ T5867] ? lock_release+0x4b/0x3e0
[ 74.230717][ T5867] ? __pfx_i2c_transfer+0x10/0x10
[ 74.235778][ T5867] ? __might_fault+0xcc/0x130
[ 74.240505][ T5867] ? _copy_from_user+0x94/0xb0
[ 74.245291][ T5867] i2cdev_ioctl_rdwr+0x460/0x740
[ 74.250288][ T5867] i2cdev_ioctl+0x64b/0x7f0
[ 74.254817][ T5867] ? __pfx_i2cdev_ioctl+0x10/0x10
[ 74.259903][ T5867] ? bpf_lsm_file_ioctl+0x9/0x20
[ 74.264874][ T5867] ? __pfx_i2cdev_ioctl+0x10/0x10
[ 74.269966][ T5867] __se_sys_ioctl+0xfc/0x170
[ 74.274597][ T5867] do_syscall_64+0xfa/0x3b0
[ 74.279181][ T5867] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 74.285264][ T5867] ? clear_bhb_loop+0x60/0xb0
[ 74.290003][ T5867] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 74.295953][ T5867] RIP: 0033:0x7f27446b7199
[ 74.300422][ T5867] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 31 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 74.320109][ T5867] RSP: 002b:00007ffd8415bb58 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 74.328562][ T5867] RAX: ffffffffffffffda RBX: 00007ffd8415bd28 RCX: 00007f27446b7199
[ 74.336564][ T5867] RDX: 0000200000000200 RSI: 0000000000000707 RDI: 0000000000000004
[ 74.344584][ T5867] RBP: 00007f274472a610 R08: 00000000ffffd010 R09: 00007ffd8415bd28
[ 74.352594][ T5867] R10: 00000000fffffffc R11: 0000000000000246 R12: 0000000000000001
[ 74.360610][ T5867] R13: 00007ffd8415bd18 R14: 0000000000000001 R15: 0000000000000001
[ 74.368646][ T5867]
[ 74.371697][ T5867] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 74.379146][ T5867] CPU: 0 UID: 0 PID: 5867 Comm: syz-executor316 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full)
[ 74.391064][ T5867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 74.401124][ T5867] Call Trace:
[ 74.404417][ T5867]
[ 74.407363][ T5867] dump_stack_lvl+0x99/0x250
[ 74.411968][ T5867] ? __asan_memcpy+0x40/0x70
[ 74.416575][ T5867] ? __pfx_dump_stack_lvl+0x10/0x10
[ 74.421789][ T5867] ? __pfx__printk+0x10/0x10
[ 74.426428][ T5867] vpanic+0x281/0x750
[ 74.430420][ T5867] ? __pfx__printk+0x10/0x10
[ 74.435025][ T5867] ? __pfx_vpanic+0x10/0x10
[ 74.439535][ T5867] ? is_bpf_text_address+0x292/0x2b0
[ 74.444825][ T5867] ? is_bpf_text_address+0x26/0x2b0
[ 74.450032][ T5867] panic+0xb9/0xc0
[ 74.453801][ T5867] ? __pfx_panic+0x10/0x10
[ 74.458225][ T5867] __warn+0x334/0x4c0
[ 74.462431][ T5867] ? usb_submit_urb+0x112b/0x1830
[ 74.467483][ T5867] ? usb_submit_urb+0x112b/0x1830
[ 74.472532][ T5867] report_bug+0x2be/0x4f0
[ 74.476869][ T5867] ? usb_submit_urb+0x112b/0x1830
[ 74.481899][ T5867] ? usb_submit_urb+0x112b/0x1830
[ 74.486929][ T5867] ? usb_submit_urb+0x112d/0x1830
[ 74.491960][ T5867] handle_bug+0x84/0x160
[ 74.496206][ T5867] exc_invalid_op+0x1a/0x50
[ 74.500711][ T5867] asm_exc_invalid_op+0x1a/0x20
[ 74.505557][ T5867] RIP: 0010:usb_submit_urb+0x112b/0x1830
[ 74.511190][ T5867] Code: 0f b6 44 05 00 84 c0 0f 85 e8 05 00 00 45 0f b6 45 00 48 c7 c7 80 b1 56 8c 48 8b 74 24 10 4c 89 fa 44 89 f1 e8 b6 67 4e fa 90 <0f> 0b 90 90 49 bc 00 00 00 00 00 fc ff df e9 17 f4 ff ff 89 e9 80
[ 74.530796][ T5867] RSP: 0018:ffffc90003f27830 EFLAGS: 00010246
[ 74.536865][ T5867] RAX: 92e0c64ac81ceb00 RBX: ffff888021e83800 RCX: ffff88803305bc00
[ 74.544935][ T5867] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 74.552903][ T5867] RBP: 1ffff110051fd90c R08: 0000000000000003 R09: 0000000000000004
[ 74.560872][ T5867] R10: dffffc0000000000 R11: fffffbfff1c7a1ec R12: dffffc0000000000
[ 74.568843][ T5867] R13: ffff888028fec860 R14: 0000000080000280 R15: ffff888028d14b40
[ 74.576823][ T5867] usb_start_wait_urb+0x114/0x4c0
[ 74.581854][ T5867] ? __pfx_usb_start_wait_urb+0x10/0x10
[ 74.587406][ T5867] usb_control_msg+0x232/0x3e0
[ 74.592173][ T5867] dtv5100_i2c_msg+0x250/0x330
[ 74.596944][ T5867] dtv5100_i2c_xfer+0x1a4/0x3c0
[ 74.601818][ T5867] __i2c_transfer+0x874/0x2170
[ 74.606667][ T5867] ? lock_acquire+0x5f/0x360
[ 74.611298][ T5867] ? __pfx___i2c_transfer+0x10/0x10
[ 74.616520][ T5867] ? rt_mutex_lock_nested+0x172/0x1e0
[ 74.621904][ T5867] ? i2c_transfer+0x11d/0x3a0
[ 74.626648][ T5867] i2c_transfer+0x25b/0x3a0
[ 74.631328][ T5867] ? lock_release+0x4b/0x3e0
[ 74.635928][ T5867] ? __pfx_i2c_transfer+0x10/0x10
[ 74.640950][ T5867] ? __might_fault+0xcc/0x130
[ 74.645725][ T5867] ? _copy_from_user+0x94/0xb0
[ 74.650507][ T5867] i2cdev_ioctl_rdwr+0x460/0x740
[ 74.655489][ T5867] i2cdev_ioctl+0x64b/0x7f0
[ 74.660003][ T5867] ? __pfx_i2cdev_ioctl+0x10/0x10
[ 74.665032][ T5867] ? bpf_lsm_file_ioctl+0x9/0x20
[ 74.669974][ T5867] ? __pfx_i2cdev_ioctl+0x10/0x10
[ 74.675022][ T5867] __se_sys_ioctl+0xfc/0x170
[ 74.679616][ T5867] do_syscall_64+0xfa/0x3b0
[ 74.684120][ T5867] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 74.690183][ T5867] ? clear_bhb_loop+0x60/0xb0
[ 74.694860][ T5867] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 74.700746][ T5867] RIP: 0033:0x7f27446b7199
[ 74.705155][ T5867] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 31 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 74.724758][ T5867] RSP: 002b:00007ffd8415bb58 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 74.733172][ T5867] RAX: ffffffffffffffda RBX: 00007ffd8415bd28 RCX: 00007f27446b7199
[ 74.741142][ T5867] RDX: 0000200000000200 RSI: 0000000000000707 RDI: 0000000000000004
[ 74.749135][ T5867] RBP: 00007f274472a610 R08: 00000000ffffd010 R09: 00007ffd8415bd28
[ 74.757116][ T5867] R10: 00000000fffffffc R11: 0000000000000246 R12: 0000000000000001
[ 74.765095][ T5867] R13: 00007ffd8415bd18 R14: 0000000000000001 R15: 0000000000000001
[ 74.773071][ T5867]
[ 74.776421][ T5867] Kernel Offset: disabled
[ 74.780747][ T5867] Rebooting in 86400 seconds..