./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1796312232
<...>
forked to background, child pid 3181
no interfaces have a carrier
[ 23.148307][ T3182] 8021q: adding VLAN 0 to HW filter on device bond0
[ 23.159974][ T3182] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.177' (ECDSA) to the list of known hosts.
execve("./syz-executor1796312232", ["./syz-executor1796312232"], 0x7fff5ce4c200 /* 10 vars */) = 0
brk(NULL) = 0x555556f7a000
brk(0x555556f7ac40) = 0x555556f7ac40
arch_prctl(ARCH_SET_FS, 0x555556f7a300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1796312232", 4096) = 28
brk(0x555556f9bc40) = 0x555556f9bc40
brk(0x555556f9c000) = 0x555556f9c000
mprotect(0x7fb1f964c000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc17a50e30) = 0
ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc17a50e30) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc17a50e30) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc17a4fe20) = 18
syzkaller login: [ 40.621633][ T3329] usb 1-1: new high-speed USB device number 2 using dummy_hcd
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc17a50e30) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc17a4fe20) = 18
[ 40.861525][ T3329] usb 1-1: Using ep0 maxpacket: 16
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc17a50e30) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc17a4fe20) = 9
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc17a50e30) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc17a4fe20) = 36
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc17a50e30) = 0
ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0
ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fb1f96523ac) = 0
[ 40.982552][ T3329] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 40.993765][ T3329] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 41.006615][ T3329] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 41.015902][ T3329] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 41.027555][ T3329] usb 1-1: config 0 descriptor??
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc17a4fe20) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc17a50e60) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc17a4fe50) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc17a50e60) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc17a4fe50) = 34
[ 41.514501][ T3329] HID 045e:07da: Invalid code 65791 type 1
[ 41.522061][ T3329] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0001/input/input5
[ 41.605642][ T3329] microsoft 0003:045E:07DA.0001: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc17a50e70) = 17
[ 41.731703][ C1] microsoft 0003:045E:07DA.0001: hid_field_extract() called with n (128) > 32! (swapper/1)
[ 41.741877][ C1] ================================================================================
[ 41.751132][ C1] UBSAN: shift-out-of-bounds in drivers/hid/hid-core.c:1323:20
[ 41.758815][ C1] shift exponent 127 is too large for 32-bit type 'int'
[ 41.765724][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.0.0-rc3-syzkaller-00107-g42e66b1cc3a0 #0
[ 41.775350][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[ 41.785386][ C1] Call Trace:
[ 41.788648][ C1]
[ 41.791472][ C1] dump_stack_lvl+0xcd/0x134
[ 41.796075][ C1] ubsan_epilogue+0xb/0x50
[ 41.800472][ C1] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x187
[ 41.807220][ C1] snto32.cold+0x19/0x48
[ 41.811443][ C1] hid_report_raw_event+0x88b/0x1280
[ 41.816718][ C1] hid_input_report+0x360/0x4c0
[ 41.821637][ C1] ? ktime_get_mono_fast_ns+0x181/0x200
[ 41.827166][ C1] hid_irq_in+0x50e/0x690
[ 41.831478][ C1] __usb_hcd_giveback_urb+0x2b0/0x5c0
[ 41.836833][ C1] usb_hcd_giveback_urb+0x380/0x430
[ 41.842018][ C1] dummy_timer+0x11ff/0x32c0
[ 41.846613][ C1] ? dummy_dequeue+0x500/0x500
[ 41.851389][ C1] ? dummy_dequeue+0x500/0x500
[ 41.856200][ C1] call_timer_fn+0x1a0/0x6b0
[ 41.860780][ C1] ? timer_fixup_activate+0x350/0x350
[ 41.866133][ C1] ? lock_downgrade+0x6e0/0x6e0
[ 41.870966][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 41.876143][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 41.881319][ C1] ? dummy_dequeue+0x500/0x500
[ 41.886073][ C1] __run_timers.part.0+0x674/0xa80
[ 41.891184][ C1] ? call_timer_fn+0x6b0/0x6b0
[ 41.896540][ C1] ? cpuacct_all_seq_show+0x520/0x520
[ 41.901895][ C1] ? kvm_sched_clock_read+0x14/0x40
[ 41.907076][ C1] ? sched_clock_cpu+0x69/0x2b0
[ 41.911909][ C1] run_timer_softirq+0xb3/0x1d0
[ 41.916741][ C1] __do_softirq+0x1d3/0x9c6
[ 41.921228][ C1] __irq_exit_rcu+0x123/0x180
[ 41.925891][ C1] irq_exit_rcu+0x5/0x20
[ 41.930112][ C1] sysvec_apic_timer_interrupt+0x93/0xc0
[ 41.935736][ C1]
[ 41.938649][ C1]
[ 41.941559][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 41.947520][ C1] RIP: 0010:acpi_safe_halt+0x6f/0xb0
[ 41.952850][ C1] Code: f7 84 db 74 06 5b e9 d0 7d f9 f7 e8 cb 7d f9 f7 e8 f6 f4 ff f7 eb 0c e8 bf 7d f9 f7 0f 00 2d 68 33 d2 00 e8 b3 7d f9 f7 fb f4 <9c> 5b 81 e3 00 02 00 00 fa 31 ff 48 89 de e8 7e 7a f9 f7 48 85 db
[ 41.972436][ C1] RSP: 0018:ffffc90000177d20 EFLAGS: 00000293
[ 41.978484][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 41.986431][ C1] RDX: ffff888011a89d80 RSI: ffffffff89828c7d RDI: 0000000000000000
[ 41.994386][ C1] RBP: ffff888017821064 R08: 0000000000000001 R09: 0000000000000001
[ 42.002335][ C1] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001
[ 42.010283][ C1] R13: 0000000000000001 R14: ffff888017821000 R15: ffff8881462ec804
[ 42.018242][ C1] ? acpi_safe_halt+0x6d/0xb0
[ 42.022906][ C1] acpi_idle_enter+0x524/0x6a0
[ 42.027659][ C1] cpuidle_enter_state+0x1ab/0xd30
[ 42.032756][ C1] cpuidle_enter+0x4a/0xa0
[ 42.037297][ C1] do_idle+0x3e8/0x590
[ 42.041359][ C1] ? arch_cpu_idle_exit+0x30/0x30
[ 42.046380][ C1] ? do_idle+0x10/0x590
[ 42.050527][ C1] cpu_startup_entry+0x14/0x20
[ 42.055272][ C1] start_secondary+0x21d/0x2b0
[ 42.060090][ C1] ? set_cpu_sibling_map+0x2270/0x2270
[ 42.065537][ C1] secondary_startup_64_no_verify+0xce/0xdb
[ 42.071422][ C1]
[ 42.074420][ C1] ================================================================================
[ 42.083673][ C1] Kernel panic - not syncing: panic_on_warn set ...
[ 42.090234][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.0.0-rc3-syzkaller-00107-g42e66b1cc3a0 #0
[ 42.099926][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[ 42.109961][ C1] Call Trace:
[ 42.113221][ C1]
[ 42.116047][ C1] dump_stack_lvl+0xcd/0x134
[ 42.120621][ C1] panic+0x2c8/0x627
[ 42.124501][ C1] ? panic_print_sys_info.part.0+0x10b/0x10b
[ 42.130466][ C1] ? secondary_startup_64_no_verify+0xce/0xdb
[ 42.136540][ C1] ? ubsan_epilogue+0x3e/0x50
[ 42.141204][ C1] ubsan_epilogue+0x4a/0x50
[ 42.145693][ C1] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x187
[ 42.152449][ C1] snto32.cold+0x19/0x48
[ 42.156956][ C1] hid_report_raw_event+0x88b/0x1280
[ 42.162235][ C1] hid_input_report+0x360/0x4c0
[ 42.167503][ C1] ? ktime_get_mono_fast_ns+0x181/0x200
[ 42.173039][ C1] hid_irq_in+0x50e/0x690
[ 42.177358][ C1] __usb_hcd_giveback_urb+0x2b0/0x5c0
[ 42.182717][ C1] usb_hcd_giveback_urb+0x380/0x430
[ 42.187898][ C1] dummy_timer+0x11ff/0x32c0
[ 42.192490][ C1] ? dummy_dequeue+0x500/0x500
[ 42.197239][ C1] ? dummy_dequeue+0x500/0x500
[ 42.201984][ C1] call_timer_fn+0x1a0/0x6b0
[ 42.206557][ C1] ? timer_fixup_activate+0x350/0x350
[ 42.211907][ C1] ? lock_downgrade+0x6e0/0x6e0
[ 42.216741][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 42.221921][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 42.227096][ C1] ? dummy_dequeue+0x500/0x500
[ 42.231846][ C1] __run_timers.part.0+0x674/0xa80
[ 42.236942][ C1] ? call_timer_fn+0x6b0/0x6b0
[ 42.241689][ C1] ? cpuacct_all_seq_show+0x520/0x520
[ 42.247040][ C1] ? kvm_sched_clock_read+0x14/0x40
[ 42.252216][ C1] ? sched_clock_cpu+0x69/0x2b0
[ 42.257047][ C1] run_timer_softirq+0xb3/0x1d0
[ 42.261879][ C1] __do_softirq+0x1d3/0x9c6
[ 42.266370][ C1] __irq_exit_rcu+0x123/0x180
[ 42.271031][ C1] irq_exit_rcu+0x5/0x20
[ 42.275262][ C1] sysvec_apic_timer_interrupt+0x93/0xc0
[ 42.280882][ C1]
[ 42.283815][ C1]
[ 42.286727][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 42.292686][ C1] RIP: 0010:acpi_safe_halt+0x6f/0xb0
[ 42.297952][ C1] Code: f7 84 db 74 06 5b e9 d0 7d f9 f7 e8 cb 7d f9 f7 e8 f6 f4 ff f7 eb 0c e8 bf 7d f9 f7 0f 00 2d 68 33 d2 00 e8 b3 7d f9 f7 fb f4 <9c> 5b 81 e3 00 02 00 00 fa 31 ff 48 89 de e8 7e 7a f9 f7 48 85 db
[ 42.317619][ C1] RSP: 0018:ffffc90000177d20 EFLAGS: 00000293
[ 42.323664][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 42.331618][ C1] RDX: ffff888011a89d80 RSI: ffffffff89828c7d RDI: 0000000000000000
[ 42.339589][ C1] RBP: ffff888017821064 R08: 0000000000000001 R09: 0000000000000001
[ 42.347542][ C1] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001
[ 42.355663][ C1] R13: 0000000000000001 R14: ffff888017821000 R15: ffff8881462ec804
[ 42.363837][ C1] ? acpi_safe_halt+0x6d/0xb0
[ 42.368592][ C1] acpi_idle_enter+0x524/0x6a0
[ 42.373339][ C1] cpuidle_enter_state+0x1ab/0xd30
[ 42.378441][ C1] cpuidle_enter+0x4a/0xa0
[ 42.382854][ C1] do_idle+0x3e8/0x590
[ 42.386909][ C1] ? arch_cpu_idle_exit+0x30/0x30
[ 42.391930][ C1] ? do_idle+0x10/0x590
[ 42.396068][ C1] cpu_startup_entry+0x14/0x20
[ 42.400813][ C1] start_secondary+0x21d/0x2b0
[ 42.405558][ C1] ? set_cpu_sibling_map+0x2270/0x2270
[ 42.410998][ C1] secondary_startup_64_no_verify+0xce/0xdb
[ 42.416883][ C1]
[ 42.420446][ C1] Kernel Offset: disabled
[ 42.424817][ C1] Rebooting in 86400 seconds..