./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3109885009

<...>
Warning: Permanently added '10.128.0.153' (ECDSA) to the list of known hosts.
execve("./syz-executor3109885009", ["./syz-executor3109885009"], 0x7ffc72981820 /* 10 vars */) = 0
brk(NULL)                               = 0x555555f81000
brk(0x555555f81c40)                     = 0x555555f81c40
arch_prctl(ARCH_SET_FS, 0x555555f81300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3109885009", 4096) = 28
brk(0x555555fa2c40)                     = 0x555555fa2c40
brk(0x555555fa3000)                     = 0x555555fa3000
mprotect(0x7f4cdf045000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f815d0) = 3608
./strace-static-x86_64: Process 3608 attached
[pid  3608] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3608] setpgid(0, 0)               = 0
[pid  3608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3608] write(3, "1000", 4)         = 4
[pid  3608] close(3)                    = 0
[pid  3608] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid  3608] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffe1f9dac60) = 0
[pid  3608] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid  3608] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe1f9dac60) = 0
[pid  3608] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe1f9dac60) = 0
[pid  3608] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe1f9d9c50) = 18
[   43.224810][  T141] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[pid  3608] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe1f9dac60) = 0
[pid  3608] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe1f9d9c50) = 18
[pid  3608] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe1f9dac60) = 0
[pid  3608] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe1f9d9c50) = 9
[pid  3608] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe1f9dac60) = 0
[pid  3608] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe1f9d9c50) = 224
[   43.585149][  T141] usb 1-1: config 0 has an invalid interface number: 72 but max is 0
[   43.593430][  T141] usb 1-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[   43.602925][  T141] usb 1-1: config 0 has an invalid interface association descriptor of length 2, skipping
[   43.613092][  T141] usb 1-1: config 0 has an invalid interface association descriptor of length 2, skipping
[   43.623202][  T141] usb 1-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[   43.632481][  T141] usb 1-1: config 0 has no interface number 0
[   43.638762][  T141] usb 1-1: config 0 interface 72 altsetting 0 has an invalid endpoint with address 0x80, skipping
[   43.649712][  T141] usb 1-1: config 0 interface 72 altsetting 0 endpoint 0xA has invalid maxpacket 1023, setting to 64
[   43.660794][  T141] usb 1-1: config 0 interface 72 altsetting 0 endpoint 0x4 has invalid maxpacket 512, setting to 64
[   43.671818][  T141] usb 1-1: config 0 interface 72 altsetting 0 has a duplicate endpoint with address 0xC, skipping
[   43.682662][  T141] usb 1-1: config 0 interface 72 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 8
[   43.692734][  T141] usb 1-1: config 0 interface 72 altsetting 0 has a duplicate endpoint with address 0x4, skipping
[   43.703558][  T141] usb 1-1: config 0 interface 72 altsetting 0 has a duplicate endpoint with address 0xC, skipping
[   43.714616][  T141] usb 1-1: config 0 interface 72 altsetting 0 has a duplicate endpoint with address 0x3, skipping
[   43.725645][  T141] usb 1-1: config 0 interface 72 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8
[   43.735438][  T141] usb 1-1: config 0 interface 72 altsetting 0 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[   43.746458][  T141] usb 1-1: config 0 interface 72 altsetting 0 has a duplicate endpoint with address 0x3, skipping
[   43.757122][  T141] usb 1-1: New USB device found, idVendor=0846, idProduct=9010, bcdDevice=a0.e4
[   43.766331][  T141] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[pid  3608] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe1f9dac60) = 0
[pid  3608] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0
[pid  3608] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid  3608] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f4cdf04b46c) = -1 EINVAL (Invalid argument)
[   43.783559][  T141] usb 1-1: config 0 descriptor??
[pid  3608] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffe1f9d9c50) = 0
[pid  3608] exit_group(0)               = ?
[   43.984763][  T141] usb 1-1: reset high-speed USB device number 2 using dummy_hcd
[pid  3608] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3608, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3612 attached
, child_tidptr=0x555555f815d0) = 3612
[pid  3612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3612] setpgid(0, 0)               = 0
[pid  3612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3612] write(3, "1000", 4)         = 4
[pid  3612] close(3)                    = 0
[pid  3612] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid  3612] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffe1f9dac60) = 0
[pid  3612] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid  3612] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe1f9dac60) = 0
[   44.414752][  T141] usb 1-1: device descriptor read/64, error -71
[pid  3612] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe1f9dac60) = 0
[pid  3612] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe1f9d9c50) = 18
[   44.684738][  T141] usb 1-1: reset high-speed USB device number 2 using dummy_hcd
[pid  3612] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe1f9dac60) = 0
[pid  3612] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe1f9d9c50) = 18
[pid  3612] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe1f9dac60) = 0
[pid  3612] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe1f9d9c50) = 224
[pid  3612] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe1f9dac60) = 0
[pid  3612] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0
[pid  3612] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid  3612] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f4cdf04b46c) = -1 EINVAL (Invalid argument)
[pid  3612] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffe1f9d9c50) = 0
[   45.074767][  T141] usb 1-1: driver   API: 1.9.9 2016-02-15 [1-1]
[   45.081078][  T141] usb 1-1: firmware API: 1.9.6 2012-07-07
[   45.087184][  T141] ------------[ cut here ]------------
[   45.092728][  T141] usb 1-1: BOGUS urb xfer, pipe 1 != type 3
[   45.099446][  T141] WARNING: CPU: 0 PID: 141 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x1880
[   45.109261][  T141] Modules linked in:
[   45.113178][  T141] CPU: 0 PID: 141 Comm: kworker/0:2 Not tainted 6.0.0-rc5-syzkaller-00017-gd1221cea11fc #0
[   45.123525][  T141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[   45.133882][  T141] Workqueue: events request_firmware_work_func
[   45.140281][  T141] RIP: 0010:usb_submit_urb+0xed2/0x1880
[   45.146036][  T141] Code: 7c 24 18 e8 90 0a ee fb 48 8b 7c 24 18 e8 36 5c 03 ff 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 80 f6 8f 8a e8 10 fe ac 03 <0f> 0b e9 58 f8 ff ff e8 62 0a ee fb 48 81 c5 c0 05 00 00 e9 84 f7
[   45.165923][  T141] RSP: 0018:ffffc900029afba0 EFLAGS: 00010282
[   45.172013][  T141] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
[   45.180276][  T141] RDX: ffff88801b719d80 RSI: ffffffff8161f408 RDI: fffff52000535f66
[   45.188900][  T141] RBP: ffff88802748e140 R08: 0000000000000005 R09: 0000000000000000
[   45.197094][  T141] R10: 0000000080000000 R11: 0000000000000000 R12: 0000000000000001
[   45.205268][  T141] R13: ffff888020e0bbe0 R14: 0000000000000002 R15: ffff888016b0ee00
[   45.213342][  T141] FS:  0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
[pid  3612] exit_group(0)               = ?
[pid  3612] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3612, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555f815d0) = 3613
./strace-static-x86_64: Process 3613 attached
[   45.222617][  T141] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   45.229427][  T141] CR2: 000055ae73c0c138 CR3: 0000000026adc000 CR4: 00000000003506f0
[   45.237689][  T141] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   45.246397][  T141] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   45.253842][ T3271] usb 1-1: USB disconnect, device number 2
[   45.254385][  T141] Call Trace:
[   45.264356][  T141]  <TASK>
[   45.267755][  T141]  ? _raw_spin_unlock+0x12/0x40
[pid  3613] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3613] setpgid(0, 0)               = 0
[pid  3613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3613] write(3, "1000", 4)         = 4
[pid  3613] close(3)                    = 0
[pid  3613] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid  3613] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffe1f9dac60) = 0
[pid  3613] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid  3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe1f9dac60) = 0
[   45.273246][  T141]  carl9170_usb_send_rx_irq_urb+0x273/0x340
[   45.279487][  T141]  carl9170_usb_firmware_step2+0x171/0x240
[   45.285648][  T141]  ? carl9170_usb_resume+0x170/0x170
[   45.291159][  T141]  request_firmware_work_func+0x12c/0x230
[   45.297304][  T141]  ? request_partial_firmware_into_buf+0xa0/0xa0
[   45.303684][  T141]  process_one_work+0x991/0x1610
[   45.310596][  T141]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[   45.316286][  T141]  ? rwlock_bug.part.0+0x90/0x90
[   45.321249][  T141]  ? _raw_spin_lock_irq+0x41/0x50
[   45.326534][  T141]  worker_thread+0x665/0x1080
[   45.331253][  T141]  ? __kthread_parkme+0x15f/0x220
[   45.336574][  T141]  ? process_one_work+0x1610/0x1610
[   45.341775][  T141]  kthread+0x2e4/0x3a0
[   45.346363][  T141]  ? kthread_complete_and_exit+0x40/0x40
[   45.352005][  T141]  ret_from_fork+0x1f/0x30
[   45.356735][  T141]  </TASK>
[   45.359751][  T141] Kernel panic - not syncing: panic_on_warn set ...
[   45.366318][  T141] CPU: 0 PID: 141 Comm: kworker/0:2 Not tainted 6.0.0-rc5-syzkaller-00017-gd1221cea11fc #0
[   45.376279][  T141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[   45.386341][  T141] Workqueue: events request_firmware_work_func
[   45.392492][  T141] Call Trace:
[   45.395768][  T141]  <TASK>
[   45.398695][  T141]  dump_stack_lvl+0xcd/0x134
[   45.403284][  T141]  panic+0x2c8/0x627
[   45.407171][  T141]  ? panic_print_sys_info.part.0+0x10b/0x10b
[   45.413149][  T141]  ? __warn.cold+0x248/0x2c4
[   45.417737][  T141]  ? usb_submit_urb+0xed2/0x1880
[   45.422671][  T141]  __warn.cold+0x259/0x2c4
[   45.427084][  T141]  ? __wake_up_klogd.part.0+0x99/0xf0
[   45.432458][  T141]  ? usb_submit_urb+0xed2/0x1880
[   45.437424][  T141]  report_bug+0x1bc/0x210
[   45.441749][  T141]  handle_bug+0x3c/0x60
[   45.445894][  T141]  exc_invalid_op+0x14/0x40
[   45.450409][  T141]  asm_exc_invalid_op+0x16/0x20
[   45.455249][  T141] RIP: 0010:usb_submit_urb+0xed2/0x1880
[   45.460792][  T141] Code: 7c 24 18 e8 90 0a ee fb 48 8b 7c 24 18 e8 36 5c 03 ff 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 80 f6 8f 8a e8 10 fe ac 03 <0f> 0b e9 58 f8 ff ff e8 62 0a ee fb 48 81 c5 c0 05 00 00 e9 84 f7
[   45.480402][  T141] RSP: 0018:ffffc900029afba0 EFLAGS: 00010282
[   45.486498][  T141] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
[   45.494466][  T141] RDX: ffff88801b719d80 RSI: ffffffff8161f408 RDI: fffff52000535f66
[   45.502443][  T141] RBP: ffff88802748e140 R08: 0000000000000005 R09: 0000000000000000
[   45.510408][  T141] R10: 0000000080000000 R11: 0000000000000000 R12: 0000000000000001
[   45.518366][  T141] R13: ffff888020e0bbe0 R14: 0000000000000002 R15: ffff888016b0ee00
[   45.526339][  T141]  ? vprintk+0x88/0x90
[   45.530406][  T141]  ? _raw_spin_unlock+0x12/0x40
[   45.535257][  T141]  carl9170_usb_send_rx_irq_urb+0x273/0x340
[   45.541158][  T141]  carl9170_usb_firmware_step2+0x171/0x240
[   45.547019][  T141]  ? carl9170_usb_resume+0x170/0x170
[   45.552327][  T141]  request_firmware_work_func+0x12c/0x230
[   45.558044][  T141]  ? request_partial_firmware_into_buf+0xa0/0xa0
[   45.564372][  T141]  process_one_work+0x991/0x1610
[   45.569310][  T141]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[   45.574696][  T141]  ? rwlock_bug.part.0+0x90/0x90
[   45.579630][  T141]  ? _raw_spin_lock_irq+0x41/0x50
[   45.584675][  T141]  worker_thread+0x665/0x1080
[   45.589357][  T141]  ? __kthread_parkme+0x15f/0x220
[   45.594372][  T141]  ? process_one_work+0x1610/0x1610
[   45.599581][  T141]  kthread+0x2e4/0x3a0
[   45.603710][  T141]  ? kthread_complete_and_exit+0x40/0x40
[   45.609350][  T141]  ret_from_fork+0x1f/0x30
[   45.613785][  T141]  </TASK>
[   45.617104][  T141] Kernel Offset: disabled
[   45.621501][  T141] Rebooting in 86400 seconds..