./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4256718591 <...> Warning: Permanently added '10.128.1.6' (ECDSA) to the list of known hosts. execve("./syz-executor4256718591", ["./syz-executor4256718591"], 0x7ffe47bbea00 /* 10 vars */) = 0 brk(NULL) = 0x555556668000 brk(0x555556668c40) = 0x555556668c40 arch_prctl(ARCH_SET_FS, 0x555556668300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor4256718591", 4096) = 28 brk(0x555556689c40) = 0x555556689c40 brk(0x55555668a000) = 0x55555668a000 mprotect(0x7f6834df6000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffd1a8f4210) = 0 ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd1a8f4210) = 0 ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd1a8f4210) = 0 ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd1a8f3200) = 18 [ 51.842560][ T7] usb 1-1: new high-speed USB device number 2 using dummy_hcd ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd1a8f4210) = 0 ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd1a8f3200) = 18 ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd1a8f4210) = 0 ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd1a8f3200) = 9 ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd1a8f4210) = 0 ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd1a8f3200) = 27 ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd1a8f4210) = 0 ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f6834dfc3ac) = 10 ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd1a8f3200) = 0 [ 52.203207][ T7] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 52.213107][ T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 52.225579][ T7] usb 1-1: config 0 descriptor?? ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffd1a8f4250) = 12 [ 52.483556][ T898] ------------[ cut here ]------------ [ 52.489166][ T898] WARNING: CPU: 0 PID: 898 at drivers/net/wireless/ath/ath6kl/htc_pipe.c:963 ath6kl_htc_pipe_rx_complete+0xde9/0xfd0 [ 52.501545][ T898] Modules linked in: [ 52.505622][ T898] CPU: 0 PID: 898 Comm: kworker/0:2 Not tainted 6.2.0-rc1-syzkaller #0 [ 52.514224][ T898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 52.524342][ T898] Workqueue: ath6kl_wq ath6kl_usb_io_comp_work [ 52.530499][ T898] RIP: 0010:ath6kl_htc_pipe_rx_complete+0xde9/0xfd0 [ 52.537162][ T898] Code: 0f 85 fc 01 00 00 89 d8 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 25 25 57 fb 0f 0b bb ea ff ff ff eb ac e8 17 25 57 fb <0f> 0b 48 c7 c7 c0 8b b3 8b 31 c0 e8 17 49 fe ff bb ea ff ff ff eb [ 52.556865][ T898] RSP: 0018:ffffc90004d37a80 EFLAGS: 00010293 [ 52.563023][ T898] RAX: ffffffff8636a2d9 RBX: ffff88807e2f0e50 RCX: ffff88801fa03a80 [ 52.571021][ T898] RDX: 0000000000000000 RSI: ffff8880299a83c0 RDI: ffff88807e2f0de0 [ 52.579318][ T898] RBP: ffffc90004d37bd0 R08: ffffffff863c66d7 R09: fffffbfff212e04a [ 52.587360][ T898] R10: fffffbfff212e04a R11: 1ffffffff212e049 R12: 1ffff920009a6f68 [ 52.595454][ T898] R13: ffff88807b0d2ca0 R14: 0000000000000000 R15: dffffc0000000000 [ 52.603534][ T898] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 52.612671][ T898] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 52.619252][ T898] CR2: 00007ffc0f5f6bf0 CR3: 000000000d28e000 CR4: 00000000003506f0 exit_group(0) = ? +++ exited with 0 +++ [ 52.627323][ T898] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 52.635405][ T898] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 52.643493][ T898] Call Trace: [ 52.646783][ T898] [ 52.649707][ T898] ? do_raw_spin_unlock+0x134/0x8a0 [ 52.655835][ T898] ? _raw_spin_unlock_irqrestore+0x8b/0x130 [ 52.662357][ T898] ? lockdep_hardirqs_on+0x95/0x140 [ 52.674628][ T7] ath6kl: Failed to submit usb control message: -71 [ 52.681397][ T7] ath6kl: unable