./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2847168168
<...>
Warning: Permanently added '10.128.1.139' (ED25519) to the list of known hosts.
execve("./syz-executor2847168168", ["./syz-executor2847168168"], 0x7ffc270b9c40 /* 10 vars */) = 0
brk(NULL) = 0x55558106b000
brk(0x55558106bd00) = 0x55558106bd00
arch_prctl(ARCH_SET_FS, 0x55558106b380) = 0
set_tid_address(0x55558106b650) = 5226
set_robust_list(0x55558106b660, 24) = 0
rseq(0x55558106bca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2847168168", 4096) = 28
getrandom("\xc5\x79\xb2\x14\x67\x01\x24\xdf", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55558106bd00
brk(0x55558108cd00) = 0x55558108cd00
brk(0x55558108d000) = 0x55558108d000
mprotect(0x7f185b511000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5227 attached
, child_tidptr=0x55558106b650) = 5227
[pid 5227] set_robust_list(0x55558106b660, 24) = 0
[pid 5227] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5227] setpgid(0, 0) = 0
[pid 5227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5227] write(3, "1000", 4) = 4
executing program
[pid 5227] close(3) = 0
[pid 5227] write(1, "executing program\n", 18) = 18
[pid 5227] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 5227] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fffe960aec0) = 0
[pid 5227] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffe960aec0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffe960aec0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffe960aec0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffe960aec0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fffe9609eb0) = 18
[pid 5227] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffe960aec0) = 0
[ 61.638289][ T25] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[pid 5227] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffe960aec0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffe960aec0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fffe9609eb0) = 18
[pid 5227] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffe960aec0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fffe9609eb0) = 9
[pid 5227] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffe960aec0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fffe9609eb0) = 18
[pid 5227] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffe960aec0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fffe9609eb0) = 0
[ 61.862619][ T25] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[ 61.872119][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 61.885824][ T25] usb 1-1: config 0 descriptor??
[pid 5227] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffe960aee0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7fffe9609ed0) = 4
[pid 5227] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffe960aee0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fffe9609ed0) = 8
[pid 5227] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fffe960aee0) = 0
[pid 5227] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fffe9609ed0) = 0
[ 62.534263][ T25] ------------[ cut here ]------------
[ 62.540085][ T25] WARNING: CPU: 1 PID: 25 at drivers/net/wireless/ath/ath6kl/bmi.c:90 ath6kl_bmi_get_target_info+0x44a/0x590
[ 62.540134][ T25] Modules linked in:
[ 62.540152][ T25] CPU: 1 UID: 0 PID: 25 Comm: kworker/1:0 Not tainted 6.10.0-next-20240726-syzkaller #0
[ 62.540164][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 62.540171][ T25] Workqueue: usb_hub_wq hub_event
[ 62.540189][ T25] RIP: 0010:ath6kl_bmi_get_target_info+0x44a/0x590
[ 62.540206][ T25] Code: 04 30 84 c0 0f 85 3a 01 00 00 48 8b 44 24 08 8b 30 48 c7 c7 e0 50 a4 8c 89 da e8 a1 1b fe ff e9 04 fe ff ff e8 e7 62 c9 fa 90 <0f> 0b 90 bb ea ff ff ff e9 f1 fd ff ff e8 d4 62 c9 fa 31 db e9 e5
[ 62.540219][ T25] RSP: 0018:ffffc900001f6b60 EFLAGS: 00010293
[ 62.540228][ T25] RAX: ffffffff86ca6839 RBX: 0000000000000000 RCX: ffff888018289e00
[ 62.540236][ T25] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000c
[ 62.540242][ T25] RBP: ffffc900001f6c30 R08: ffffffff86ca6790 R09: 1ffffffff26e6f0e
[ 62.540250][ T25] R10: dffffc0000000000 R11: fffffbfff26e6f0f R12: ffffc900001f6ce4
[ 62.540258][ T25] R13: ffff8880464f0e40 R14: dffffc0000000000 R15: 1ffff9200003ed74
[ 62.540265][ T25] FS: 0000000000000000(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[ 62.540274][ T25] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 62.540281][ T25] CR2: 00005595688b6268 CR3: 000000007c27a000 CR4: 00000000003506f0
[ 62.540291][ T25] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 62.540297][ T25] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 62.540304][ T25] Call Trace:
[ 62.540309][ T25]
[ 62.540315][ T25] ? __warn+0x168/0x4e0
[ 62.540327][ T25] ? ath6kl_bmi_get_target_info+0x44a/0x590
[ 62.540345][ T25] ? report_bug+0x2b3/0x500
[ 62.540363][ T25] ? ath6kl_bmi_get_target_info+0x44a/0x590
[ 62.540381][ T25] ? handle_bug+0x3e/0x70
[ 62.540391][ T25] ? exc_invalid_op+0x1a/0x50
[ 62.540402][ T25] ? asm_exc_invalid_op+0x1a/0x20
[ 62.540417][ T25] ? ath6kl_bmi_get_target_info+0x3a0/0x590
[ 62.540431][ T25] ? ath6kl_bmi_get_target_info+0x449/0x590
[ 62.540448][ T25] ? ath6kl_bmi_get_target_info+0x44a/0x590
[ 62.540469][ T25] ? __pfx_ath6kl_bmi_get_target_info+0x10/0x10
[ 62.540484][ T25] ? ath6kl_bmi_init+0x6d/0xf0
[ 62.540493][ T25] ? __kmalloc_noprof+0x21a/0x400
[ 62.540512][ T25] ath6kl_core_init+0x1eb/0x1140
[ 62.540528][ T25] ? __pfx_lockdep_init_map_type+0x10/0x10
[ 62.540547][ T25] ? __kasan_kmalloc+0x98/0xb0
[ 62.540559][ T25] ? __pfx_ath6kl_core_init+0x10/0x10
[ 62.540573][ T25] ? ath6kl_core_create+0x7d8/0x950
[ 62.540593][ T25] ath6kl_usb_probe+0x129b/0x1390
[ 62.540610][ T25] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 62.540628][ T25] ? usb_disable_lpm+0x77/0x380
[ 62.540644][ T25] usb_probe_interface+0x645/0xbb0
[ 62.540667][ T25] ? __pfx_usb_probe_interface+0x10/0x10
[ 62.540681][ T25] really_probe+0x2b8/0xad0
[ 62.540699][ T25] __driver_probe_device+0x1a2/0x390
[ 62.540714][ T25] driver_probe_device+0x50/0x430
[ 62.540743][ T25] __device_attach_driver+0x2d6/0x530
[ 62.540758][ T25] bus_for_each_drv+0x24e/0x2e0
[ 62.540774][ T25] ? __pfx___device_attach_driver+0x10/0x10
[ 62.540786][ T25] ? __pfx_bus_for_each_drv+0x10/0x10
[ 62.540807][ T25] __device_attach+0x333/0x520
[ 62.540819][ T25] ? __pfx_lock_release+0x10/0x10
[ 62.540835][ T25] ? __pfx___device_attach+0x10/0x10
[ 62.540847][ T25] ? do_raw_spin_unlock+0x13c/0x8b0
[ 62.540865][ T25] bus_probe_device+0x189/0x260
[ 62.540882][ T25] device_add+0x856/0xbf0
[ 62.540897][ T25] usb_set_configuration+0x1976/0x1fb0
[ 62.540925][ T25] usb_generic_driver_probe+0x88/0x140
[ 62.540940][ T25] usb_probe_device+0x1b8/0x380
[ 62.540956][ T25] ? __pfx_usb_probe_device+0x10/0x10
[ 62.540970][ T25] really_probe+0x2b8/0xad0
[ 62.540987][ T25] __driver_probe_device+0x1a2/0x390
[ 62.541001][ T25] driver_probe_device+0x50/0x430
[ 62.541015][ T25] __device_attach_driver+0x2d6/0x530
[ 62.541029][ T25] bus_for_each_drv+0x24e/0x2e0
[ 62.541044][ T25] ? __pfx___device_attach_driver+0x10/0x10
[ 62.541057][ T25] ? __pfx_bus_for_each_drv+0x10/0x10
[ 62.541077][ T25] __device_attach+0x333/0x520
[ 62.541092][ T25] ? __pfx___device_attach+0x10/0x10
[ 62.541109][ T25] bus_probe_device+0x189/0x260
[ 62.541126][ T25] device_add+0x856/0xbf0
[ 62.541141][ T25] usb_new_device+0x104a/0x19a0
[ 62.541164][ T25] ? __pfx_usb_new_device+0x10/0x10
[ 62.541178][ T25] ? _raw_spin_unlock_irq+0x23/0x50
[ 62.541191][ T25] ? lockdep_hardirqs_on+0x99/0x150
[ 62.541207][ T25] hub_event+0x2d6d/0x5150
[ 62.541249][ T25] ? __pfx_hub_event+0x10/0x10
[ 62.541265][ T25] ? __pfx_lock_acquire+0x10/0x10
[ 62.541280][ T25] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 62.541296][ T25] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 62.541317][ T25] ? process_scheduled_works+0x945/0x1830
[ 62.541331][ T25] process_scheduled_works+0xa2c/0x1830
[ 62.541361][ T25] ? __pfx_process_scheduled_works+0x10/0x10
[ 62.541380][ T25] ? assign_work+0x364/0x3d0
[ 62.541397][ T25] worker_thread+0x86d/0xd40
[ 62.541420][ T25] ? __kthread_parkme+0x169/0x1d0
[ 62.541437][ T25] ? __pfx_worker_thread+0x10/0x10
[ 62.541451][ T25] kthread+0x2f0/0x390
[ 62.541461][ T25] ? __pfx_worker_thread+0x10/0x10
[ 62.541475][ T25] ? __pfx_kthread+0x10/0x10
[ 62.541485][ T25] ret_from_fork+0x4b/0x80
[ 62.541500][ T25] ? __pfx_kthread+0x10/0x10
[ 62.541510][ T25] ret_from_fork_asm+0x1a/0x30
[ 62.541535][ T25]
[ 62.541541][ T25] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 63.088926][ T25] CPU: 1 UID: 0 PID: 25 Comm: kworker/1:0 Not tainted 6.10.0-next-20240726-syzkaller #0
[ 63.098751][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 63.108803][ T25] Workqueue: usb_hub_wq hub_event
[ 63.113960][ T25] Call Trace:
[ 63.117243][ T25]
[ 63.120172][ T25] dump_stack_lvl+0x241/0x360
[ 63.124858][ T25] ? __pfx_dump_stack_lvl+0x10/0x10
[ 63.130092][ T25] ? __pfx__printk+0x10/0x10
[ 63.134687][ T25] ? vscnprintf+0x5d/0x90
[ 63.139112][ T25] panic+0x349/0x870
[ 63.143012][ T25] ? __warn+0x177/0x4e0
[ 63.147186][ T25] ? __pfx_panic+0x10/0x10
[ 63.151619][ T25] ? ret_from_fork_asm+0x1a/0x30
[ 63.156562][ T25] __warn+0x34b/0x4e0
[ 63.160540][ T25] ? ath6kl_bmi_get_target_info+0x44a/0x590
[ 63.166463][ T25] report_bug+0x2b3/0x500
[ 63.170792][ T25] ? ath6kl_bmi_get_target_info+0x44a/0x590
[ 63.176693][ T25] handle_bug+0x3e/0x70
[ 63.180843][ T25] exc_invalid_op+0x1a/0x50
[ 63.185353][ T25] asm_exc_invalid_op+0x1a/0x20
[ 63.190200][ T25] RIP: 0010:ath6kl_bmi_get_target_info+0x44a/0x590
[ 63.196710][ T25] Code: 04 30 84 c0 0f 85 3a 01 00 00 48 8b 44 24 08 8b 30 48 c7 c7 e0 50 a4 8c 89 da e8 a1 1b fe ff e9 04 fe ff ff e8 e7 62 c9 fa 90 <0f> 0b 90 bb ea ff ff ff e9 f1 fd ff ff e8 d4 62 c9 fa 31 db e9 e5
[ 63.216313][ T25] RSP: 0018:ffffc900001f6b60 EFLAGS: 00010293
[ 63.222387][ T25] RAX: ffffffff86ca6839 RBX: 0000000000000000 RCX: ffff888018289e00
[ 63.230357][ T25] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000c
[ 63.238319][ T25] RBP: ffffc900001f6c30 R08: ffffffff86ca6790 R09: 1ffffffff26e6f0e
[ 63.246287][ T25] R10: dffffc0000000000 R11: fffffbfff26e6f0f R12: ffffc900001f6ce4
[ 63.254275][ T25] R13: ffff8880464f0e40 R14: dffffc0000000000 R15: 1ffff9200003ed74
[ 63.262353][ T25] ? ath6kl_bmi_get_target_info+0x3a0/0x590
[ 63.268258][ T25] ? ath6kl_bmi_get_target_info+0x449/0x590
[ 63.274164][ T25] ? __pfx_ath6kl_bmi_get_target_info+0x10/0x10
[ 63.280403][ T25] ? ath6kl_bmi_init+0x6d/0xf0
[ 63.285162][ T25] ? __kmalloc_noprof+0x21a/0x400
[ 63.290187][ T25] ath6kl_core_init+0x1eb/0x1140
[ 63.295131][ T25] ? __pfx_lockdep_init_map_type+0x10/0x10
[ 63.302032][ T25] ? __kasan_kmalloc+0x98/0xb0
[ 63.307323][ T25] ? __pfx_ath6kl_core_init+0x10/0x10
[ 63.312796][ T25] ? ath6kl_core_create+0x7d8/0x950
[ 63.318112][ T25] ath6kl_usb_probe+0x129b/0x1390
[ 63.323323][ T25] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 63.329839][ T25] ? usb_disable_lpm+0x77/0x380
[ 63.335032][ T25] usb_probe_interface+0x645/0xbb0
[ 63.340352][ T25] ? __pfx_usb_probe_interface+0x10/0x10
[ 63.345996][ T25] really_probe+0x2b8/0xad0
[ 63.350510][ T25] __driver_probe_device+0x1a2/0x390
[ 63.355825][ T25] driver_probe_device+0x50/0x430
[ 63.360855][ T25] __device_attach_driver+0x2d6/0x530
[ 63.366227][ T25] bus_for_each_drv+0x24e/0x2e0
[ 63.371078][ T25] ? __pfx___device_attach_driver+0x10/0x10
[ 63.376964][ T25] ? __pfx_bus_for_each_drv+0x10/0x10
[ 63.382437][ T25] __device_attach+0x333/0x520
[ 63.387198][ T25] ? __pfx_lock_release+0x10/0x10
[ 63.392871][ T25] ? __pfx___device_attach+0x10/0x10
[ 63.398158][ T25] ? do_raw_spin_unlock+0x13c/0x8b0
[ 63.403368][ T25] bus_probe_device+0x189/0x260
[ 63.408224][ T25] device_add+0x856/0xbf0
[ 63.412649][ T25] usb_set_configuration+0x1976/0x1fb0
[ 63.418138][ T25] usb_generic_driver_probe+0x88/0x140
[ 63.423596][ T25] usb_probe_device+0x1b8/0x380
[ 63.428459][ T25] ? __pfx_usb_probe_device+0x10/0x10
[ 63.433828][ T25] really_probe+0x2b8/0xad0
[ 63.438424][ T25] __driver_probe_device+0x1a2/0x390
[ 63.443708][ T25] driver_probe_device+0x50/0x430
[ 63.448753][ T25] __device_attach_driver+0x2d6/0x530
[ 63.454390][ T25] bus_for_each_drv+0x24e/0x2e0
[ 63.459274][ T25] ? __pfx___device_attach_driver+0x10/0x10
[ 63.465168][ T25] ? __pfx_bus_for_each_drv+0x10/0x10
[ 63.470551][ T25] __device_attach+0x333/0x520
[ 63.475336][ T25] ? __pfx___device_attach+0x10/0x10
[ 63.480975][ T25] bus_probe_device+0x189/0x260
[ 63.485834][ T25] device_add+0x856/0xbf0
[ 63.490286][ T25] usb_new_device+0x104a/0x19a0
[ 63.495174][ T25] ? __pfx_usb_new_device+0x10/0x10
[ 63.500460][ T25] ? _raw_spin_unlock_irq+0x23/0x50
[ 63.505789][ T25] ? lockdep_hardirqs_on+0x99/0x150
[ 63.511175][ T25] hub_event+0x2d6d/0x5150
[ 63.515844][ T25] ? __pfx_hub_event+0x10/0x10
[ 63.520712][ T25] ? __pfx_lock_acquire+0x10/0x10
[ 63.525846][ T25] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 63.531865][ T25] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 63.538420][ T25] ? process_scheduled_works+0x945/0x1830
[ 63.544181][ T25] process_scheduled_works+0xa2c/0x1830
[ 63.549753][ T25] ? __pfx_process_scheduled_works+0x10/0x10
[ 63.555915][ T25] ? assign_work+0x364/0x3d0
[ 63.560793][ T25] worker_thread+0x86d/0xd40
[ 63.565411][ T25] ? __kthread_parkme+0x169/0x1d0
[ 63.570475][ T25] ? __pfx_worker_thread+0x10/0x10
[ 63.575615][ T25] kthread+0x2f0/0x390
[ 63.579746][ T25] ? __pfx_worker_thread+0x10/0x10
[ 63.584897][ T25] ? __pfx_kthread+0x10/0x10
[ 63.589491][ T25] ret_from_fork+0x4b/0x80
[ 63.593907][ T25] ? __pfx_kthread+0x10/0x10
[ 63.598580][ T25] ret_from_fork_asm+0x1a/0x30
[ 63.603361][ T25]
[ 63.606695][ T25] Kernel Offset: disabled
[ 63.611050][ T25] Rebooting in 86400 seconds..