./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor435926804
<...>
Warning: Permanently added '10.128.1.187' (ED25519) to the list of known hosts.
execve("./syz-executor435926804", ["./syz-executor435926804"], 0x7fff1bda6580 /* 10 vars */) = 0
brk(NULL) = 0x55559177b000
brk(0x55559177bd00) = 0x55559177bd00
arch_prctl(ARCH_SET_FS, 0x55559177b380) = 0
set_tid_address(0x55559177b650) = 5090
set_robust_list(0x55559177b660, 24) = 0
rseq(0x55559177bca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor435926804", 4096) = 27
getrandom("\x07\x8b\x17\x81\xde\xce\x13\xdc", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55559177bd00
brk(0x55559179cd00) = 0x55559179cd00
brk(0x55559179d000) = 0x55559179d000
mprotect(0x7fb95a64b000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5091 attached
, child_tidptr=0x55559177b650) = 5091
[pid 5091] set_robust_list(0x55559177b660, 24) = 0
[pid 5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5091] setpgid(0, 0) = 0
[pid 5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5091] write(3, "1000", 4) = 4
[pid 5091] close(3) = 0
executing program
[pid 5091] write(1, "executing program\n", 18) = 18
[pid 5091] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 5091] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc2f6d1930) = 0
[pid 5091] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 5091] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2f6d1930) = 0
[pid 5091] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2f6d1930) = 0
[pid 5091] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2f6d1930) = 0
[pid 5091] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2f6d1930) = 0
[pid 5091] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc2f6d0920) = 18
[pid 5091] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2f6d1930) = 0
[ 62.054266][ T1803] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[pid 5091] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2f6d1930) = 0
[pid 5091] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2f6d1930) = 0
[pid 5091] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc2f6d0920) = 18
[pid 5091] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2f6d1930) = 0
[pid 5091] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc2f6d0920) = 9
[pid 5091] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2f6d1930) = 0
[ 62.244103][ T1803] usb 1-1: Using ep0 maxpacket: 8
[pid 5091] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc2f6d0920) = 45
[ 62.275253][ T1803] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9B has an invalid bInterval 42, changing to 9
[ 62.286538][ T1803] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 62.296424][ T1803] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 62.306115][ T1803] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 35857, setting to 1024
[pid 5091] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2f6d1930) = 0
[pid 5091] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0
[pid 5091] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid 5091] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fb95a6513ec) = 6
[pid 5091] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fb95a6513fc) = -1 EINVAL (Invalid argument)
[ 62.317365][ T1803] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 62.327469][ T1803] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 62.336660][ T1803] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 62.347970][ T1803] usb 1-1: config 0 descriptor??
[pid 5091] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fb95a65140c) = -1 EINVAL (Invalid argument)
[pid 5091] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2f6d0920) = 0
[ 62.388838][ T5091] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 62.406537][ T4491] ------------[ cut here ]------------
[ 62.412091][ T4491] usb 1-1: BOGUS urb xfer, pipe 1 != type 3
[ 62.418854][ T4491] WARNING: CPU: 0 PID: 4491 at drivers/usb/core/urb.c:504 usb_submit_urb+0xc4e/0x18c0
[ 62.428576][ T4491] Modules linked in:
[ 62.432514][ T4491] CPU: 0 PID: 4491 Comm: kworker/u9:1 Not tainted 6.10.0-rc4-syzkaller-00164-g66cc544fd75c #0
[ 62.442850][ T4491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 62.453101][ T4491] Workqueue: hci0 hci_power_on
[ 62.457976][ T4491] RIP: 0010:usb_submit_urb+0xc4e/0x18c0
[ 62.463553][ T4491] Code: f8 48 c1 e8 03 0f b6 04 18 84 c0 0f 85 b1 08 00 00 45 8b 07 48 c7 c7 40 90 6d 8c 48 8b 34 24 4c 89 e2 89 e9 e8 23 9a 3c fa 90 <0f> 0b 90 90 48 8b 5c 24 30 41 89 dc 4c 89 e7 48 c7 c6 b0 4b f2 8e
[ 62.483260][ T4491] RSP: 0018:ffffc9000d817798 EFLAGS: 00010246
[ 62.489400][ T4491] RAX: 6d750bdfc6b7f400 RBX: dffffc0000000000 RCX: ffff888030053c00
[ 62.497453][ T4491] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 62.505470][ T4491] RBP: 0000000000000001 R08: ffffffff81585822 R09: fffffbfff1c39994
[ 62.513438][ T4491] R10: dffffc0000000000 R11: fffffbfff1c39994 R12: ffff88801c2e7560
[ 62.521619][ T4491] R13: ffff88801a2af400 R14: 0000000000000001 R15: ffffffff8c6d8e28
[ 62.529645][ T4491] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[ 62.538689][ T4491] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 62.545316][ T4491] CR2: 0000559f0e1c6bd8 CR3: 000000002e10e000 CR4: 00000000003506f0
[ 62.553305][ T4491] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 62.561346][ T4491] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 62.569370][ T4491] Call Trace:
[ 62.572638][ T4491]
[ 62.575634][ T4491] ? __warn+0x163/0x4e0
[ 62.579809][ T4491] ? usb_submit_urb+0xc4e/0x18c0
[ 62.584839][ T4491] ? report_bug+0x2b3/0x500
[pid 5091] exit_group(0) = ?
[pid 5091] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5091, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
[ 62.589358][ T4491] ? usb_submit_urb+0xc4e/0x18c0
[ 62.594374][ T4491] ? handle_bug+0x3e/0x70
[ 62.598748][ T4491] ? exc_invalid_op+0x1a/0x50
[ 62.603442][ T4491] ? asm_exc_invalid_op+0x1a/0x20
[ 62.608569][ T4491] ? __warn_printk+0x292/0x360
[ 62.613370][ T4491] ? usb_submit_urb+0xc4e/0x18c0
[ 62.618399][ T4491] ? usb_submit_urb+0xc4d/0x18c0
[ 62.623396][ T4491] btusb_submit_intr_urb+0x3dd/0x7b0
[ 62.623841][ T1803] usb 1-1: USB disconnect, device number 2
[ 62.628762][ T4491] btusb_open+0x1a1/0x770
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55559177b650) = 5095
./strace-static-x86_64: Process 5095 attached
[pid 5095] set_robust_list(0x55559177b660, 24) = 0
[pid 5095] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5095] setpgid(0, 0) = 0
[pid 5095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5095] write(3, "1000", 4) = 4
[pid 5095] close(3executing program
) = 0
[pid 5095] write(1, "executing program\n", 18) = 18
[pid 5095] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 5095] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc2f6d1930) = 0
[pid 5095] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 5095] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2f6d1930) = 0
[ 62.638981][ T4491] hci_dev_open_sync+0x2cc/0x2b40
[ 62.644102][ T4491] ? rcu_is_watching+0x15/0xb0
[ 62.648897][ T4491] ? trace_contention_end+0x3c/0x120
[ 62.654305][ T4491] ? __pfx_hci_dev_open_sync+0x10/0x10
[ 62.659809][ T4491] ? hci_power_on+0x1bf/0x6b0
[ 62.664592][ T4491] ? __pfx___mutex_lock+0x10/0x10
[ 62.669659][ T4491] hci_power_on+0x1c7/0x6b0
[ 62.674351][ T4491] ? __pfx_hci_power_on+0x10/0x10
[ 62.679435][ T4491] ? process_scheduled_works+0x945/0x1830
[ 62.685239][ T4491] process_scheduled_works+0xa2c/0x1830
[ 62.690818][ T4491] ? __pfx_process_scheduled_works+0x10/0x10
[ 62.696879][ T4491] ? assign_work+0x364/0x3d0
[ 62.701490][ T4491] worker_thread+0x86d/0xd70
[ 62.707750][ T4491] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 62.713684][ T4491] ? __kthread_parkme+0x169/0x1d0
[ 62.718789][ T4491] ? __pfx_worker_thread+0x10/0x10
[ 62.723908][ T4491] kthread+0x2f0/0x390
[ 62.728131][ T4491] ? __pfx_worker_thread+0x10/0x10
[ 62.733262][ T4491] ? __pfx_kthread+0x10/0x10
[ 62.737955][ T4491] ret_from_fork+0x4b/0x80
[ 62.742386][ T4491] ? __pfx_kthread+0x10/0x10
[ 62.747198][ T4491] ret_from_fork_asm+0x1a/0x30
[ 62.751996][ T4491]
[ 62.755100][ T4491] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 62.762384][ T4491] CPU: 0 PID: 4491 Comm: kworker/u9:1 Not tainted 6.10.0-rc4-syzkaller-00164-g66cc544fd75c #0
[ 62.772613][ T4491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 62.783394][ T4491] Workqueue: hci0 hci_power_on
[ 62.788172][ T4491] Call Trace:
[ 62.791451][ T4491]
[ 62.794376][ T4491] dump_stack_lvl+0x241/0x360
[ 62.799062][ T4491] ? __pfx_dump_stack_lvl+0x10/0x10
[ 62.804272][ T4491] ? __pfx__printk+0x10/0x10
[ 62.808848][ T4491] ? _printk+0xd5/0x120
[ 62.812993][ T4491] ? vscnprintf+0x5d/0x90
[ 62.817311][ T4491] panic+0x349/0x860
[ 62.821203][ T4491] ? __warn+0x172/0x4e0
[ 62.825372][ T4491] ? __pfx_panic+0x10/0x10
[ 62.829773][ T4491] ? show_trace_log_lvl+0x4e6/0x520
[ 62.834967][ T4491] ? ret_from_fork_asm+0x1a/0x30
[ 62.839999][ T4491] __warn+0x346/0x4e0
[ 62.843995][ T4491] ? usb_submit_urb+0xc4e/0x18c0
[ 62.848929][ T4491] report_bug+0x2b3/0x500
[ 62.853333][ T4491] ? usb_submit_urb+0xc4e/0x18c0
[ 62.858259][ T4491] handle_bug+0x3e/0x70
[ 62.862403][ T4491] exc_invalid_op+0x1a/0x50
[ 62.866992][ T4491] asm_exc_invalid_op+0x1a/0x20
[ 62.871851][ T4491] RIP: 0010:usb_submit_urb+0xc4e/0x18c0
[ 62.877397][ T4491] Code: f8 48 c1 e8 03 0f b6 04 18 84 c0 0f 85 b1 08 00 00 45 8b 07 48 c7 c7 40 90 6d 8c 48 8b 34 24 4c 89 e2 89 e9 e8 23 9a 3c fa 90 <0f> 0b 90 90 48 8b 5c 24 30 41 89 dc 4c 89 e7 48 c7 c6 b0 4b f2 8e
[ 62.896993][ T4491] RSP: 0018:ffffc9000d817798 EFLAGS: 00010246
[ 62.903070][ T4491] RAX: 6d750bdfc6b7f400 RBX: dffffc0000000000 RCX: ffff888030053c00
[ 62.911043][ T4491] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 62.919025][ T4491] RBP: 0000000000000001 R08: ffffffff81585822 R09: fffffbfff1c39994
[ 62.927000][ T4491] R10: dffffc0000000000 R11: fffffbfff1c39994 R12: ffff88801c2e7560
[ 62.934962][ T4491] R13: ffff88801a2af400 R14: 0000000000000001 R15: ffffffff8c6d8e28
[ 62.942932][ T4491] ? __warn_printk+0x292/0x360
[ 62.947702][ T4491] ? usb_submit_urb+0xc4d/0x18c0
[ 62.952642][ T4491] btusb_submit_intr_urb+0x3dd/0x7b0
[ 62.957924][ T4491] btusb_open+0x1a1/0x770
[ 62.962263][ T4491] hci_dev_open_sync+0x2cc/0x2b40
[ 62.967284][ T4491] ? rcu_is_watching+0x15/0xb0
[ 62.972040][ T4491] ? trace_contention_end+0x3c/0x120
[ 62.977324][ T4491] ? __pfx_hci_dev_open_sync+0x10/0x10
[ 62.982779][ T4491] ? hci_power_on+0x1bf/0x6b0
[ 62.987448][ T4491] ? __pfx___mutex_lock+0x10/0x10
[ 62.992480][ T4491] hci_power_on+0x1c7/0x6b0
[ 62.996983][ T4491] ? __pfx_hci_power_on+0x10/0x10
[ 63.002007][ T4491] ? process_scheduled_works+0x945/0x1830
[ 63.007713][ T4491] process_scheduled_works+0xa2c/0x1830
[ 63.013356][ T4491] ? __pfx_process_scheduled_works+0x10/0x10
[ 63.019419][ T4491] ? assign_work+0x364/0x3d0
[ 63.024010][ T4491] worker_thread+0x86d/0xd70
[ 63.028597][ T4491] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 63.034487][ T4491] ? __kthread_parkme+0x169/0x1d0
[ 63.039503][ T4491] ? __pfx_worker_thread+0x10/0x10
[ 63.044634][ T4491] kthread+0x2f0/0x390
[ 63.048694][ T4491] ? __pfx_worker_thread+0x10/0x10
[ 63.053790][ T4491] ? __pfx_kthread+0x10/0x10
[ 63.058368][ T4491] ret_from_fork+0x4b/0x80
[ 63.062783][ T4491] ? __pfx_kthread+0x10/0x10
[ 63.067362][ T4491] ret_from_fork_asm+0x1a/0x30
[ 63.072126][ T4491]
[ 63.075354][ T4491] Kernel Offset: disabled
[ 63.079709][ T4491] Rebooting in 86400 seconds..