./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1116509716 <...> forked to background, child pid 3184 [ 26.315507][ T3185] 8021q: adding VLAN 0 to HW filter on device bond0 [ 26.331152][ T3185] eql: remember to turn off Van-Jacobson compression on your slave devices [ 26.606030][ T3269] ssh-keygen (3269) used greatest stack depth: 21960 bytes left Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.199' (ECDSA) to the list of known hosts. execve("./syz-executor1116509716", ["./syz-executor1116509716"], 0x7ffda332ce10 /* 10 vars */) = 0 brk(NULL) = 0x555555576000 brk(0x555555576c40) = 0x555555576c40 arch_prctl(ARCH_SET_FS, 0x555555576300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1116509716", 4096) = 28 brk(0x555555597c40) = 0x555555597c40 brk(0x555555598000) = 0x555555598000 mprotect(0x7fac26b81000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555555765d0) = 3608 ./strace-static-x86_64: Process 3608 attached [pid 3607] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3608] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3609 attached [pid 3607] <... clone resumed>, child_tidptr=0x5555555765d0) = 3609 [pid 3607] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3608] <... clone resumed>, child_tidptr=0x5555555765d0) = 3610 [pid 3607] <... clone resumed>, child_tidptr=0x5555555765d0) = 3611 [pid 3607] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3609] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3611 attached ./strace-static-x86_64: Process 3610 attached [pid 3607] <... clone resumed>, child_tidptr=0x5555555765d0) = 3612 [pid 3609] <... clone resumed>, child_tidptr=0x5555555765d0) = 3613 [pid 3611] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3607] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3611] <... clone resumed>, child_tidptr=0x5555555765d0) = 3614 [pid 3607] <... clone resumed>, child_tidptr=0x5555555765d0) = 3615 [pid 3607] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3610] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 3612 attached [pid 3607] <... clone resumed>, child_tidptr=0x5555555765d0) = 3616 [pid 3610] <... prctl resumed>) = 0 [pid 3610] setpgid(0, 0) = 0 [pid 3610] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 3616 attached [pid 3616] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3610] <... openat resumed>) = 3 [pid 3610] write(3, "1000", 4./strace-static-x86_64: Process 3614 attached ) = 4 [pid 3610] close(3) = 0 [pid 3610] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR./strace-static-x86_64: Process 3615 attached ) = 3 [pid 3615] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3610] ioctl(3, USB_RAW_IOCTL_INIT [pid 3614] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 3613 attached [pid 3610] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3612] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3614] <... prctl resumed>) = 0 [pid 3614] setpgid(0, 0) = 0 [pid 3614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3613] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3610] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 3613] <... prctl resumed>) = 0 [pid 3616] <... clone resumed>, child_tidptr=0x5555555765d0) = 3617 [pid 3614] <... openat resumed>) = 3 [pid 3613] setpgid(0, 0) = 0 [pid 3613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3613] write(3, "1000", 4) = 4 [pid 3613] close(3) = 0 [pid 3613] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 ./strace-static-x86_64: Process 3619 attached ./strace-static-x86_64: Process 3618 attached ./strace-static-x86_64: Process 3617 attached [pid 3615] <... clone resumed>, child_tidptr=0x5555555765d0) = 3618 [pid 3614] write(3, "1000", 4 [pid 3613] ioctl(3, USB_RAW_IOCTL_INIT [pid 3612] <... clone resumed>, child_tidptr=0x5555555765d0) = 3619 [pid 3610] <... ioctl resumed>, 0) = 0 [pid 3619] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3618] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3617] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3614] <... write resumed>) = 4 [pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] <... prctl resumed>) = 0 [pid 3618] <... prctl resumed>) = 0 [pid 3617] <... prctl resumed>) = 0 [pid 3614] close(3 [pid 3613] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 3610] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] setpgid(0, 0 [pid 3618] setpgid(0, 0 [pid 3617] setpgid(0, 0 [pid 3614] <... close resumed>) = 0 [pid 3613] <... ioctl resumed>, 0) = 0 [pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] <... setpgid resumed>) = 0 [pid 3618] <... setpgid resumed>) = 0 [pid 3617] <... setpgid resumed>) = 0 [pid 3614] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3618] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3614] <... openat resumed>) = 3 [pid 3613] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] <... openat resumed>) = 3 [pid 3618] <... openat resumed>) = 3 [pid 3617] <... openat resumed>) = 3 [pid 3614] ioctl(3, USB_RAW_IOCTL_INIT [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] write(3, "1000", 4 [pid 3618] write(3, "1000", 4 [pid 3617] write(3, "1000", 4 [pid 3614] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] <... write resumed>) = 4 [pid 3618] <... write resumed>) = 4 [pid 3617] <... write resumed>) = 4 [pid 3614] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 3619] close(3 [pid 3618] close(3 [pid 3617] close(3 [pid 3614] <... ioctl resumed>, 0) = 0 [pid 3619] <... close resumed>) = 0 [pid 3618] <... close resumed>) = 0 [pid 3617] <... close resumed>) = 0 [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 3618] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 3617] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 3614] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] <... openat resumed>) = 3 [pid 3618] <... openat resumed>) = 3 [pid 3617] <... openat resumed>) = 3 [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] ioctl(3, USB_RAW_IOCTL_INIT [pid 3618] ioctl(3, USB_RAW_IOCTL_INIT [pid 3617] ioctl(3, USB_RAW_IOCTL_INIT [pid 3619] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3618] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3617] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 3618] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 3617] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 3619] <... ioctl resumed>, 0) = 0 [pid 3618] <... ioctl resumed>, 0) = 0 [pid 3617] <... ioctl resumed>, 0) = 0 [pid 3619] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3618] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3617] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3618] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3617] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3618] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3617] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3610] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 syzkaller login: [ 48.141594][ T3271] usb 1-1: new high-speed USB device number 2 using dummy_hcd [pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3610] <... ioctl resumed>, 0x7fff3a8a2f70) = 18 [pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3619] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff3a8a2f70) = 18 [pid 3613] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3618] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3617] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3614] <... ioctl resumed>, 0x7fff3a8a2f70) = 18 [pid 3618] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3617] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] <... ioctl resumed>, 0x7fff3a8a2f70) = 18 [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3618] <... ioctl resumed>, 0x7fff3a8a2f70) = 18 [pid 3617] <... ioctl resumed>, 0x7fff3a8a2f70) = 18 [ 48.182481][ T3270] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 48.191575][ T145] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 48.191772][ T143] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 48.202194][ T6] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 48.214308][ T3624] usb 6-1: new high-speed USB device number 2 using dummy_hcd [pid 3618] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3617] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3610] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff3a8a2f70) = 18 [pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff3a8a3f80) = 0 [pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3619] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3610] <... ioctl resumed>, 0x7fff3a8a2f70) = 9 [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] <... ioctl resumed>, 0x7fff3a8a2f70) = 18 [pid 3619] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3618] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3617] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3614] <... ioctl resumed>, 0x7fff3a8a2f70) = 18 [pid 3610] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3618] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3617] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3619] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3618] <... ioctl resumed>, 0x7fff3a8a2f70) = 18 [pid 3617] <... ioctl resumed>, 0x7fff3a8a2f70) = 18 [pid 3614] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3613] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3610] <... ioctl resumed>, 0x7fff3a8a2f70) = 27 [pid 3618] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3617] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] <... ioctl resumed>, 0x7fff3a8a2f70) = 9 [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3619] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] <... ioctl resumed>, 0x7fff3a8a2f70) = 9 [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3618] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3617] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3613] <... ioctl resumed>, 0x7fff3a8a2f70) = 18 [pid 3610] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3618] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3617] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [ 48.502169][ T3271] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3618] <... ioctl resumed>, 0x7fff3a8a2f70) = 9 [pid 3617] <... ioctl resumed>, 0x7fff3a8a2f70) = 9 [pid 3618] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3617] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] <... ioctl resumed>, 0x7fff3a8a2f70) = 27 [pid 3613] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3610] <... ioctl resumed>, 0x7fff3a8a2f70) = 4 [pid 3619] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3618] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3617] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3614] <... ioctl resumed>, 0x7fff3a8a2f70) = 27 [pid 3618] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3617] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] <... ioctl resumed>, 0x7fff3a8a2f70) = 9 [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3618] <... ioctl resumed>, 0x7fff3a8a2f70) = 27 [pid 3617] <... ioctl resumed>, 0x7fff3a8a2f70) = 27 [pid 3610] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3614] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3618] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3617] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [ 48.552031][ T145] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 48.563271][ T3270] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3613] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3619] <... ioctl resumed>, 0x7fff3a8a2f70) = 4 [pid 3614] <... ioctl resumed>, 0x7fff3a8a2f70) = 4 [pid 3610] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3619] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3618] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3617] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3614] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3613] <... ioctl resumed>, 0x7fff3a8a2f70) = 27 [pid 3610] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3619] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3618] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3617] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3619] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3618] <... ioctl resumed>, 0x7fff3a8a2f70) = 4 [pid 3617] <... ioctl resumed>, 0x7fff3a8a2f70) = 4 [pid 3614] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3610] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3619] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3618] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3617] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3618] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3617] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3614] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3613] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3610] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3618] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3617] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [ 48.591853][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 48.603093][ T3624] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 48.631987][ T143] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3619] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3618] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3617] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3614] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3613] <... ioctl resumed>, 0x7fff3a8a2f70) = 4 [pid 3610] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3619] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3618] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3617] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3619] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3618] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3617] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3614] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3618] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3617] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3613] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [ 48.691817][ T3271] usb 1-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=87.5d [ 48.700882][ T3271] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 48.711761][ T3271] usb 1-1: Product: syz [ 48.716657][ T3271] usb 1-1: Manufacturer: syz [ 48.721409][ T3271] usb 1-1: SerialNumber: syz [ 48.735990][ T3271] usb 1-1: config 0 descriptor?? [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3618] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3617] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3614] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3619] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3618] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3617] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7fff3a8a2f70) = 8 [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3618] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3617] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3610] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3618] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3617] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3610] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 3610] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [ 48.741861][ T3270] usb 3-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=87.5d [ 48.750939][ T3270] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 48.759134][ T145] usb 4-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=87.5d [ 48.770208][ T145] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 48.778328][ T3270] usb 3-1: Product: syz [ 48.783287][ T3270] usb 3-1: Manufacturer: syz [pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ [pid 3613] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3618] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3617] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3610] <... ioctl resumed>, 0x7fff3a8a2f70) = 0 [pid 3618] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [ 48.789040][ T3270] usb 3-1: SerialNumber: syz [ 48.794066][ T145] usb 4-1: Product: syz [ 48.798261][ T145] usb 4-1: Manufacturer: syz [ 48.803187][ T6] usb 5-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=87.5d [ 48.812371][ T3624] usb 6-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=87.5d [ 48.821454][ T3624] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 48.821915][ T143] usb 2-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=87.5d [pid 3617] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] <... ioctl resumed>, 0x7fff3a8a2f70) = 8 [ 48.825948][ T3271] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input5 [ 48.831028][ T143] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 48.840907][ T145] usb 4-1: SerialNumber: syz [ 48.853494][ T143] usb 2-1: Product: syz [ 48.857998][ T6] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 48.864496][ T143] usb 2-1: Manufacturer: syz [ 48.866452][ T3624] usb 6-1: Product: syz [ 48.866471][ T3624] usb 6-1: Manufacturer: syz [ 48.866489][ T3624] usb 6-1: SerialNumber: syz [ 48.868160][ T3624] usb 6-1: config 0 descriptor?? [ 48.879704][ T143] usb 2-1: SerialNumber: syz [ 48.894499][ T3270] usb 3-1: config 0 descriptor?? [ 48.907646][ T6] usb 5-1: Product: syz [ 48.916021][ T6] usb 5-1: Manufacturer: syz [ 48.920664][ T6] usb 5-1: SerialNumber: syz [ 48.924417][ T143] usb 2-1: config 0 descriptor?? [ 48.937666][ T145] usb 4-1: config 0 descriptor?? [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3614] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 3614] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_READ [pid 3618] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3613] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3619] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3617] <... ioctl resumed>, 0x7fff3a8a3f80) = 0 [pid 3618] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW [pid 3613] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW [pid 3619] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW [pid 3617] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW [pid 3619] <... ioctl resumed>, 0) = 0 [pid 3618] <... ioctl resumed>, 0) = 0 [pid 3617] <... ioctl resumed>, 0) = 0 [pid 3613] <... ioctl resumed>, 0) = 0 [pid 3619] ioctl(3, USB_RAW_IOCTL_CONFIGURE [pid 3618] ioctl(3, USB_RAW_IOCTL_CONFIGURE [pid 3617] ioctl(3, USB_RAW_IOCTL_CONFIGURE [pid 3613] ioctl(3, USB_RAW_IOCTL_CONFIGURE [pid 3619] <... ioctl resumed>, 0) = 0 [pid 3618] <... ioctl resumed>, 0) = 0 [pid 3617] <... ioctl resumed>, 0) = 0 [pid 3619] ioctl(3, USB_RAW_IOCTL_EP0_READ [pid 3618] ioctl(3, USB_RAW_IOCTL_EP0_READ [pid 3617] ioctl(3, USB_RAW_IOCTL_EP0_READ [pid 3613] <... ioctl resumed>, 0) = 0 [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_READ [pid 3614] <... ioctl resumed>, 0x7fff3a8a2f70) = 0 [ 48.944860][ T6] usb 5-1: config 0 descriptor?? [pid 3619] <... ioctl resumed>, 0x7fff3a8a2f70) = 0 [pid 3618] <... ioctl resumed>, 0x7fff3a8a2f70) = 0 [pid 3617] <... ioctl resumed>, 0x7fff3a8a2f70) = 0 [pid 3613] <... ioctl resumed>, 0x7fff3a8a2f70) = 0 [pid 3610] openat(AT_FDCWD, "/dev/usbmon0", O_RDWR|O_TRUNC|O_NONBLOCK|O_DSYNC) = 4 [pid 3610] dup(4) = 5 [pid 3610] mmap(0x20000000, 8388608, PROT_READ|PROT_WRITE|PROT_GROWSDOWN|0x800000, MAP_SHARED|MAP_FIXED, 4, 0) = 0x20000000 [pid 3610] setsockopt(-1, SOL_IP, IPT_SO_SET_REPLACE, "\x6d\x61\x6e\x67\x6c\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x44\x00\x00\x00\x06\x00\x00\x00\x10\x04\x00\x00\x98\x00\x00\x00\xb0\x02\x00\x00\x98\x00\x00\x00\x98\x00\x00\x00\xc8\x01\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff"..., 1136) = -1 EBADF (Bad file descriptor) [pid 3610] ioctl(5, _IOC(_IOC_READ|_IOC_WRITE, 0x92, 0x7, 0x10), 0x200005c0) = -1 EAGAIN (Resource temporarily unavailable) [pid 3610] exit_group(0) = ? [ 48.974969][ T3270] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input6 [ 48.987654][ T3624] input: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input7 [ 48.994122][ T143] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input8 [ 48.999240][ T145] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input9 [pid 3610] +++ exited with 0 +++ [pid 3608] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3610, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 3608] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555555765d0) = 3630 ./strace-static-x86_64: Process 3630 attached [pid 3630] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3630] setpgid(0, 0) = 0 [ 49.019085][ T6] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input10 [pid 3630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3630] write(3, "1000", 4) = 4 [pid 3630] close(3) = 0 [pid 3630] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 3630] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff3a8a3f80) = 0 [pid 3630] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 3630] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7fff3a8a3f80) = 0 [ 49.058893][ T26] usb 1-1: USB disconnect, device number 2 [pid 3630] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3619] openat(AT_FDCWD, "/dev/usbmon0", O_RDWR|O_TRUNC|O_NONBLOCK|O_DSYNC [pid 3618] openat(AT_FDCWD, "/dev/usbmon0", O_RDWR|O_TRUNC|O_NONBLOCK|O_DSYNC [pid 3617] openat(AT_FDCWD, "/dev/usbmon0", O_RDWR|O_TRUNC|O_NONBLOCK|O_DSYNC [pid 3618] <... openat resumed>) = 4 [pid 3617] <... openat resumed>) = 4 [pid 3619] <... openat resumed>) = 4 [pid 3617] dup(4 [pid 3618] dup(4 [pid 3619] dup(4) = 5 [pid 3619] mmap(0x20000000, 8388608, PROT_READ|PROT_WRITE|PROT_GROWSDOWN|0x800000, MAP_SHARED|MAP_FIXED, 4, 0) = 0x20000000 [pid 3619] setsockopt(-1, SOL_IP, IPT_SO_SET_REPLACE, "\x6d\x61\x6e\x67\x6c\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x44\x00\x00\x00\x06\x00\x00\x00\x10\x04\x00\x00\x98\x00\x00\x00\xb0\x02\x00\x00\x98\x00\x00\x00\x98\x00\x00\x00\xc8\x01\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff"..., 1136) = -1 EBADF (Bad file descriptor) [pid 3619] ioctl(5, _IOC(_IOC_READ|_IOC_WRITE, 0x92, 0x7, 0x10), 0x200005c0) = -1 EAGAIN (Resource temporarily unavailable) [pid 3619] exit_group(0) = ? [pid 3618] <... dup resumed>) = 5 [pid 3617] <... dup resumed>) = 5 [pid 3618] mmap(0x20000000, 8388608, PROT_READ|PROT_WRITE|PROT_GROWSDOWN|0x800000, MAP_SHARED|MAP_FIXED, 4, 0 [pid 3617] mmap(0x20000000, 8388608, PROT_READ|PROT_WRITE|PROT_GROWSDOWN|0x800000, MAP_SHARED|MAP_FIXED, 4, 0 [pid 3618] <... mmap resumed>) = 0x20000000 [pid 3618] setsockopt(-1, SOL_IP, IPT_SO_SET_REPLACE, "\x00\x21\x27\x17\x80\x88\xff\xff\x43\x01\x83\x02\x04\x00\x2d\x00\xb1\x7a\x26\x63\x00\x00\x00\x00\x5d\x66\x00\x00\xfe\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x04\x02\x00\x00\x00\x00\x00\x00\x00\x21\x27\x17\x80\x88\xff\xff\x53\x01\x83\x02\x04\x00\x2d\x3c\xb1\x7a\x26\x63\x00\x00\x00\x00\x64\x77\x00\x00\x8d\xff\xff\xff\x07\x00\x00\x00"..., 1136 [pid 3617] <... mmap resumed>) = 0x20000000 [pid 3618] <... setsockopt resumed>) = -1 EBADF (Bad file descriptor) [pid 3617] setsockopt(-1, SOL_IP, IPT_SO_SET_REPLACE, "\x6d\x61\x6e\x67\x6c\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x44\x00\x00\x00\x06\x00\x00\x00\x10\x04\x00\x00\x98\x00\x00\x00\xb0\x02\x00\x00\x98\x00\x00\x00\x98\x00\x00\x00\xc8\x01\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff"..., 1136 [pid 3614] openat(AT_FDCWD, "/dev/usbmon0", O_RDWR|O_TRUNC|O_NONBLOCK|O_DSYNC [pid 3613] openat(AT_FDCWD, "/dev/usbmon0", O_RDWR|O_TRUNC|O_NONBLOCK|O_DSYNC [pid 3618] ioctl(5, _IOC(_IOC_READ|_IOC_WRITE, 0x92, 0x7, 0x10) [pid 3617] <... setsockopt resumed>) = -1 EBADF (Bad file descriptor) [pid 3618] <... ioctl resumed>, 0x200005c0) = -1 EAGAIN (Resource temporarily unavailable) [pid 3617] ioctl(5, _IOC(_IOC_READ|_IOC_WRITE, 0x92, 0x7, 0x10) [pid 3614] <... openat resumed>) = 4 [pid 3613] <... openat resumed>) = 4 [pid 3618] exit_group(0 [pid 3617] <... ioctl resumed>, 0x200005c0) = -1 EAGAIN (Resource temporarily unavailable) [pid 3614] dup(4 [pid 3613] dup(4 [pid 3618] <... exit_group resumed>) = ? [pid 3617] exit_group(0 [pid 3614] <... dup resumed>) = 5 [pid 3613] <... dup resumed>) = 5 [pid 3613] mmap(0x20000000, 8388608, PROT_READ|PROT_WRITE|PROT_GROWSDOWN|0x800000, MAP_SHARED|MAP_FIXED, 4, 0) = 0x20000000 [pid 3613] setsockopt(-1, SOL_IP, IPT_SO_SET_REPLACE, "\x6d\x61\x6e\x67\x6c\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x44\x00\x00\x00\x06\x00\x00\x00\x10\x04\x00\x00\x98\x00\x00\x00\xb0\x02\x00\x00\x98\x00\x00\x00\x98\x00\x00\x00\xc8\x01\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff"..., 1136) = -1 EBADF (Bad file descriptor) [pid 3613] ioctl(5, _IOC(_IOC_READ|_IOC_WRITE, 0x92, 0x7, 0x10) [pid 3617] <... exit_group resumed>) = ? [pid 3614] mmap(0x20000000, 8388608, PROT_READ|PROT_WRITE|PROT_GROWSDOWN|0x800000, MAP_SHARED|MAP_FIXED, 4, 0 [pid 3613] <... ioctl resumed>, 0x200005c0) = -1 EAGAIN (Resource temporarily unavailable) [pid 3613] exit_group(0) = ? [pid 3614] <... mmap resumed>) = 0x20000000 [pid 3614] setsockopt(-1, SOL_IP, IPT_SO_SET_REPLACE, "\x6d\x61\x6e\x67\x6c\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x44\x00\x00\x00\x06\x00\x00\x00\x10\x04\x00\x00\x98\x00\x00\x00\xb0\x02\x00\x00\x98\x00\x00\x00\x98\x00\x00\x00\xc8\x01\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x78\x03\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff"..., 1136 [pid 3618] +++ exited with 0 +++ [pid 3615] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3618, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 3615] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 3615] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555555765d0) = 3634 ./strace-static-x86_64: Process 3634 attached [pid 3634] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3634] setpgid(0, 0) = 0 [pid 3634] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3634] write(3, "1000", 4) = 4 [pid 3619] +++ exited with 0 +++ [pid 3614] <... setsockopt resumed>) = -1 EBADF (Bad file descriptor) [pid 3617] +++ exited with 0 +++ [pid 3613] +++ exited with 0 +++ [pid 3612] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3619, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 3612] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3634] close(3 [pid 3612] <... clone resumed>, child_tidptr=0x5555555765d0) = 3635 [pid 3634] <... close resumed>) = 0 [pid 3634] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 3634] ioctl(3, USB_RAW_IOCTL_INIT, 0x7fff3a8a3f80) = 0 [ 49.236593][ T145] usb 2-1: USB disconnect, device number 2 [ 49.244120][ T143] usb 5-1: USB disconnect, device number 2 [ 49.251347][ T6] usb 6-1: USB disconnect, device number 2 [pid 3634] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 3614] ioctl(5, _IOC(_IOC_READ|_IOC_WRITE, 0x92, 0x7, 0x10) [pid 3616] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3617, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [ 49.278593][ T3624] usb 4-1: USB disconnect, device number 2 [ 49.285271][ T3614] general protection fault, probably for non-canonical address 0xdffffc00000001fc: 0000 [#1] PREEMPT SMP KASAN [ 49.297014][ T3614] KASAN: null-ptr-deref in range [0x0000000000000fe0-0x0000000000000fe7] [ 49.305414][ T3614] CPU: 1 PID: 3614 Comm: syz-executor111 Not tainted 6.0.0-rc5-syzkaller-00094-ga335366bad13 #0 [ 49.315806][ T3614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 49.325854][ T3614] RIP: 0010:mon_bin_flush+0x131/0x290 [ 49.331230][ T3614] Code: 48 c1 e9 03 42 80 3c 29 00 0f 85 4f 01 00 00 44 89 f1 81 e1 ff 0f 00 00 48 03 48 08 48 8d 79 24 49 89 cf 48 89 f9 48 c1 e9 03 <42> 0f b6 34 29 48 89 f9 83 e1 07 83 c1 03 40 38 f1 7c 09 40 84 f6 [ 49.350844][ T3614] RSP: 0018:ffffc90003bbfd98 EFLAGS: 00010007 [ 49.356899][ T3614] RAX: ffff88801d023b60 RBX: ffff888078923000 RCX: 00000000000001fc [ 49.364859][ T3614] RDX: 0000000000000000 RSI: ffffffff859cd539 RDI: 0000000000000fe4 [ 49.372828][ T3614] RBP: 00000000fcffee00 R08: 0000000000000005 R09: 0000000000000000 [ 49.380794][ T3614] R10: 00000000fcffee00 R11: 0000000000000000 R12: 0000000000000003 [ 49.388769][ T3614] R13: dffffc0000000000 R14: 0000000002fb6fc0 R15: 0000000000000fc0 [ 49.396740][ T3614] FS: 0000555555576300(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 49.405655][ T3614] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 49.412222][ T3614] CR2: 00007ff7d93dc736 CR3: 000000001db18000 CR4: 00000000003506e0 [ 49.420192][ T3614] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 49.428149][ T3614] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 49.436116][ T3614] Call Trace: [ 49.439383][ T3614] [ 49.442353][ T3614] mon_bin_ioctl+0x198/0xcc0 [ 49.446960][ T3614] ? calibrate_delay+0x370/0x1120 [ 49.451992][ T3614] ? mon_bin_get_event+0x410/0x410 [ 49.457189][ T3614] ? _raw_spin_unlock_irq+0x1f/0x40 [ 49.462379][ T3614] ? bpf_lsm_file_ioctl+0x5/0x10 [ 49.467322][ T3614] ? mon_bin_get_event+0x410/0x410 [ 49.472539][ T3614] __x64_sys_ioctl+0x193/0x200 [ 49.477321][ T3614] do_syscall_64+0x35/0xb0 [ 49.481738][ T3614] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 49.487642][ T3614] RIP: 0033:0x7fac26b14639 [ 49.492053][ T3614] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 49.511662][ T3614] RSP: 002b:00007fff3a8a4fb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 49.520058][ T3614] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fac26b14639 [ 49.528011][ T3614] RDX: 00000000200005c0 RSI: 00000000c0109207 RDI: 0000000000000005 [ 49.535966][ T3614] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 49.543918][ T3614] R10: 0000000000000470 R11: 0000000000000246 R12: 00007fac26ad35e0 [ 49.551888][ T3614] R13: 0000000000000000 R14: 00007fff3a8a4ff0 R15: 00007fff3a8a4fe0 [ 49.559857][ T3614] [ 49.562859][ T3614] Modules linked in: [ 49.566743][ T3614] ---[ end trace 0000000000000000 ]--- [ 49.572183][ T3614] RIP: 0010:mon_bin_flush+0x131/0x290 [ 49.577541][ T3614] Code: 48 c1 e9 03 42 80 3c 29 00 0f 85 4f 01 00 00 44 89 f1 81 e1 ff 0f 00 00 48 03 48 08 48 8d 79 24 49 89 cf 48 89 f9 48 c1 e9 03 <42> 0f b6 34 29 48 89 f9 83 e1 07 83 c1 03 40 38 f1 7c 09 40 84 f6 [ 49.597316][ T3614] RSP: 0018:ffffc90003bbfd98 EFLAGS: 00010007 [ 49.603372][ T3614] RAX: ffff88801d023b60 RBX: ffff888078923000 RCX: 00000000000001fc [ 49.611351][ T3614] RDX: 0000000000000000 RSI: ffffffff859cd539 RDI: 0000000000000fe4 [ 49.619318][ T3614] RBP: 00000000fcffee00 R08: 0000000000000005 R09: 0000000000000000 [ 49.627296][ T3614] R10: 00000000fcffee00 R11: 0000000000000000 R12: 0000000000000003 [ 49.635255][ T3614] R13: dffffc0000000000 R14: 0000000002fb6fc0 R15: 0000000000000fc0 [ 49.643227][ T3614] FS: 0000555555576300(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 49.652140][ T3614] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 49.658706][ T3614] CR2: 00007ff7d93dc736 CR3: 000000001db18000 CR4: 00000000003506e0 [ 49.666661][ T3614] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 49.674624][ T3614] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 49.682591][ T3614] Kernel panic - not syncing: Fatal exception [ 50.761462][ T3614] Shutting down cpus with NMI [ 50.766545][ T3614] Kernel Offset: disabled [ 50.770861][ T3614] Rebooting in 86400 seconds..