./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2391382501
<...>
Warning: Permanently added '10.128.0.23' (ECDSA) to the list of known hosts.
execve("./syz-executor2391382501", ["./syz-executor2391382501"], 0x7fff477d55a0 /* 10 vars */) = 0
brk(NULL) = 0x5555555be000
brk(0x5555555bec40) = 0x5555555bec40
arch_prctl(ARCH_SET_FS, 0x5555555be300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor2391382501", 4096) = 28
brk(0x5555555dfc40) = 0x5555555dfc40
brk(0x5555555e0000) = 0x5555555e0000
mprotect(0x7f6a7ca7e000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff74278520) = 0
ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff74278520) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff74278520) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff74277510) = 18
syzkaller login: [ 40.820222][ T15] usb 1-1: new high-speed USB device number 2 using dummy_hcd
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff74278520) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff74277510) = 18
[ 41.060253][ T15] usb 1-1: Using ep0 maxpacket: 16
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff74278520) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff74277510) = 9
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff74278520) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff74277510) = 36
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff74278520) = 0
ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0
ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f6a7ca843ac) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff74277510) = 0
[ 41.180636][ T15] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 41.191581][ T15] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 41.204516][ T15] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 41.213579][ T15] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 41.223913][ T15] usb 1-1: config 0 descriptor??
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff74278550) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fff74277540) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff74278550) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff74277540) = 34
[ 41.691869][ T15] HID 045e:07da: Invalid code 65791 type 1
[ 41.698640][ T15] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0001/input/input5
[ 41.772437][ T15] microsoft 0003:045E:07DA.0001: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7fff74278560) = 17
[ 41.900184][ C0] microsoft 0003:045E:07DA.0001: hid_field_extract() called with n (128) > 32! (swapper/0)
[ 41.910188][ C0] ================================================================================
[ 41.919468][ C0] UBSAN: shift-out-of-bounds in drivers/hid/hid-core.c:1323:20
[ 41.927015][ C0] shift exponent 127 is too large for 32-bit type 'int'
[ 41.933952][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.0.0-rc6-next-20220923-syzkaller #0
[ 41.943067][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[ 41.953118][ C0] Call Trace:
[ 41.956412][ C0]
[ 41.959371][ C0] dump_stack_lvl+0xcd/0x134
[ 41.963990][ C0] ubsan_epilogue+0xb/0x50
[ 41.968426][ C0] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x187
[ 41.975237][ C0] snto32.cold+0x19/0x48
[ 41.979513][ C0] hid_report_raw_event+0x88a/0x1280
[ 41.984814][ C0] hid_input_report+0x35f/0x4c0
[ 41.989670][ C0] ? ktime_get_mono_fast_ns+0x181/0x200
[ 41.995243][ C0] hid_irq_in+0x50e/0x690
[ 41.999608][ C0] __usb_hcd_giveback_urb+0x2b0/0x5c0
[ 42.004998][ C0] usb_hcd_giveback_urb+0x380/0x430
[ 42.010223][ C0] dummy_timer+0x11ff/0x32c0
[ 42.014844][ C0] ? debug_check_no_obj_freed+0x20c/0x420
[ 42.020591][ C0] ? lock_downgrade+0x6e0/0x6e0
[ 42.025463][ C0] ? dummy_dequeue+0x500/0x500
[ 42.030251][ C0] call_timer_fn+0x1da/0x7c0
[ 42.034858][ C0] ? dummy_dequeue+0x500/0x500
[ 42.039633][ C0] ? lock_release+0x5cb/0x810
[ 42.044310][ C0] ? timer_fixup_activate+0x3e0/0x3e0
[ 42.049692][ C0] ? lock_downgrade+0x6e0/0x6e0
[ 42.054545][ C0] ? __next_timer_interrupt+0x234/0x2b0
[ 42.060099][ C0] ? dummy_dequeue+0x500/0x500
[ 42.064870][ C0] ? dummy_dequeue+0x500/0x500
[ 42.069643][ C0] ? dummy_dequeue+0x500/0x500
[ 42.074416][ C0] __run_timers.part.0+0x6a2/0xaf0
[ 42.079539][ C0] ? call_timer_fn+0x7c0/0x7c0
[ 42.084308][ C0] ? cpuacct_stats_show+0x5f0/0x5f0
[ 42.089508][ C0] ? kvm_sched_clock_read+0x14/0x40
[ 42.094709][ C0] ? sched_clock_cpu+0x69/0x2b0
[ 42.099649][ C0] run_timer_softirq+0xb3/0x1d0
[ 42.104510][ C0] __do_softirq+0x1f7/0xad8
[ 42.109021][ C0] __irq_exit_rcu+0x123/0x180
[ 42.113704][ C0] irq_exit_rcu+0x5/0x20
[ 42.117949][ C0] sysvec_apic_timer_interrupt+0x93/0xc0
[ 42.123590][ C0]
[ 42.126518][ C0]
[ 42.129446][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 42.135442][ C0] RIP: 0010:acpi_safe_halt+0x6f/0xb0
[ 42.140735][ C0] Code: f7 84 db 74 06 5b e9 20 db ec f7 e8 1b db ec f7 e8 26 5e f3 f7 66 90 e8 0f db ec f7 0f 00 2d 88 12 c1 00 e8 03 db ec f7 fb f4 <9c> 5b 81 e3 00 02 00 00 fa 31 ff 48 89 de e8 de d7 ec f7 48 85 db
[ 42.160345][ C0] RSP: 0018:ffffffff8bc07d30 EFLAGS: 00000293
[ 42.166499][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 42.174472][ C0] RDX: ffffffff8bcbc9c0 RSI: ffffffff898fb8fd RDI: ffffffff898fb8ea
[ 42.182444][ C0] RBP: ffff888011bfb064 R08: 0000000000000000 R09: 0000000000000000
[ 42.190414][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001
[ 42.198381][ C0] R13: 0000000000000001 R14: ffff888011bfb000 R15: ffff88801814e804
[ 42.206366][ C0] ? acpi_safe_halt+0x6d/0xb0
[ 42.211059][ C0] ? acpi_safe_halt+0x5a/0xb0
[ 42.215763][ C0] acpi_idle_enter+0x524/0x6a0
[ 42.220557][ C0] cpuidle_enter_state+0x1ab/0xd30
[ 42.225694][ C0] cpuidle_enter+0x4a/0xa0
[ 42.230119][ C0] do_idle+0x3f7/0x590
[ 42.234198][ C0] ? arch_cpu_idle_exit+0x30/0x30
[ 42.239237][ C0] cpu_startup_entry+0x14/0x20
[ 42.244009][ C0] rest_init+0x169/0x270
[ 42.248263][ C0] ? trace_init_perf_perm_irq_work_exit+0xe/0xe
[ 42.254512][ C0] arch_call_rest_init+0xf/0x14
[ 42.259380][ C0] start_kernel+0x473/0x494
[ 42.263902][ C0] secondary_startup_64_no_verify+0xce/0xdb
[ 42.269813][ C0]
[ 42.272826][ C0] ================================================================================
[ 42.282094][ C0] Kernel panic - not syncing: panic_on_warn set ...
[ 42.288675][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.0.0-rc6-next-20220923-syzkaller #0
[ 42.297783][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[ 42.307851][ C0] Call Trace:
[ 42.311398][ C0]
[ 42.314246][ C0] dump_stack_lvl+0xcd/0x134
[ 42.318876][ C0] panic+0x2c8/0x622
[ 42.322794][ C0] ? panic_print_sys_info.part.0+0x110/0x110
[ 42.328798][ C0] ? secondary_startup_64_no_verify+0xce/0xdb
[ 42.334884][ C0] ? ubsan_epilogue+0x3e/0x50
[ 42.339584][ C0] ubsan_epilogue+0x4a/0x50
[ 42.344114][ C0] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x187
[ 42.350921][ C0] snto32.cold+0x19/0x48
[ 42.355185][ C0] hid_report_raw_event+0x88a/0x1280
[ 42.360494][ C0] hid_input_report+0x35f/0x4c0
[ 42.365355][ C0] ? ktime_get_mono_fast_ns+0x181/0x200
[ 42.370917][ C0] hid_irq_in+0x50e/0x690
[ 42.375264][ C0] __usb_hcd_giveback_urb+0x2b0/0x5c0
[ 42.380655][ C0] usb_hcd_giveback_urb+0x380/0x430
[ 42.385869][ C0] dummy_timer+0x11ff/0x32c0
[ 42.390501][ C0] ? debug_check_no_obj_freed+0x20c/0x420
[ 42.396250][ C0] ? lock_downgrade+0x6e0/0x6e0
[ 42.401199][ C0] ? dummy_dequeue+0x500/0x500
[ 42.405984][ C0] call_timer_fn+0x1da/0x7c0
[ 42.415461][ C0] ? dummy_dequeue+0x500/0x500
[ 42.420249][ C0] ? lock_release+0x5cb/0x810
[ 42.424931][ C0] ? timer_fixup_activate+0x3e0/0x3e0
[ 42.430318][ C0] ? lock_downgrade+0x6e0/0x6e0
[ 42.435181][ C0] ? __next_timer_interrupt+0x234/0x2b0
[ 42.440741][ C0] ? dummy_dequeue+0x500/0x500
[ 42.445518][ C0] ? dummy_dequeue+0x500/0x500
[ 42.450295][ C0] ? dummy_dequeue+0x500/0x500
[ 42.455071][ C0] __run_timers.part.0+0x6a2/0xaf0
[ 42.460196][ C0] ? call_timer_fn+0x7c0/0x7c0
[ 42.464975][ C0] ? cpuacct_stats_show+0x5f0/0x5f0
[ 42.470267][ C0] ? kvm_sched_clock_read+0x14/0x40
[ 42.475479][ C0] ? sched_clock_cpu+0x69/0x2b0
[ 42.480336][ C0] run_timer_softirq+0xb3/0x1d0
[ 42.485194][ C0] __do_softirq+0x1f7/0xad8
[ 42.489798][ C0] __irq_exit_rcu+0x123/0x180
[ 42.494480][ C0] irq_exit_rcu+0x5/0x20
[ 42.498726][ C0] sysvec_apic_timer_interrupt+0x93/0xc0
[ 42.504365][ C0]
[ 42.507295][ C0]
[ 42.510226][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 42.516225][ C0] RIP: 0010:acpi_safe_halt+0x6f/0xb0
[ 42.521522][ C0] Code: f7 84 db 74 06 5b e9 20 db ec f7 e8 1b db ec f7 e8 26 5e f3 f7 66 90 e8 0f db ec f7 0f 00 2d 88 12 c1 00 e8 03 db ec f7 fb f4 <9c> 5b 81 e3 00 02 00 00 fa 31 ff 48 89 de e8 de d7 ec f7 48 85 db
[ 42.541138][ C0] RSP: 0018:ffffffff8bc07d30 EFLAGS: 00000293
[ 42.547223][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 42.555198][ C0] RDX: ffffffff8bcbc9c0 RSI: ffffffff898fb8fd RDI: ffffffff898fb8ea
[ 42.563181][ C0] RBP: ffff888011bfb064 R08: 0000000000000000 R09: 0000000000000000
[ 42.571151][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001
[ 42.579121][ C0] R13: 0000000000000001 R14: ffff888011bfb000 R15: ffff88801814e804
[ 42.587095][ C0] ? acpi_safe_halt+0x6d/0xb0
[ 42.591782][ C0] ? acpi_safe_halt+0x5a/0xb0
[ 42.596469][ C0] acpi_idle_enter+0x524/0x6a0
[ 42.601258][ C0] cpuidle_enter_state+0x1ab/0xd30
[ 42.606383][ C0] cpuidle_enter+0x4a/0xa0
[ 42.610803][ C0] do_idle+0x3f7/0x590
[ 42.614881][ C0] ? arch_cpu_idle_exit+0x30/0x30
[ 42.619916][ C0] cpu_startup_entry+0x14/0x20
[ 42.624687][ C0] rest_init+0x169/0x270
[ 42.628939][ C0] ? trace_init_perf_perm_irq_work_exit+0xe/0xe
[ 42.635190][ C0] arch_call_rest_init+0xf/0x14
[ 42.640058][ C0] start_kernel+0x473/0x494
[ 42.644575][ C0] secondary_startup_64_no_verify+0xce/0xdb
[ 42.650496][ C0]
[ 42.653679][ C0] Kernel Offset: disabled
[ 42.658023][ C0] Rebooting in 86400 seconds..