./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor703531588 <...> forked to background, child pid 3182 no interfaces have a carri[ 23.817640][ T3183] 8021q: adding VLAN 0 to HW filter on device bond0 er [ 23.834886][ T3183] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.100' (ECDSA) to the list of known hosts. execve("./syz-executor703531588", ["./syz-executor703531588"], 0x7ffefa589e00 /* 10 vars */) = 0 brk(NULL) = 0x555556df6000 brk(0x555556df6c40) = 0x555556df6c40 arch_prctl(ARCH_SET_FS, 0x555556df6300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor703531588", 4096) = 27 brk(0x555556e17c40) = 0x555556e17c40 brk(0x555556e18000) = 0x555556e18000 mprotect(0x7f55b57ee000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3605 attached , child_tidptr=0x555556df65d0) = 3605 [pid 3604] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3605] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3604] <... clone resumed>, child_tidptr=0x555556df65d0) = 3606 [pid 3604] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3605] <... clone resumed>, child_tidptr=0x555556df65d0) = 3607 [pid 3604] <... clone resumed>, child_tidptr=0x555556df65d0) = 3608 [pid 3604] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3608 attached , child_tidptr=0x555556df65d0) = 3609 ./strace-static-x86_64: Process 3606 attached [pid 3604] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3608] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3606] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3609 attached [pid 3604] <... clone resumed>, child_tidptr=0x555556df65d0) = 3610 [pid 3604] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3609] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3608] <... clone resumed>, child_tidptr=0x555556df65d0) = 3611 [pid 3606] <... clone resumed>, child_tidptr=0x555556df65d0) = 3613 ./strace-static-x86_64: Process 3610 attached ./strace-static-x86_64: Process 3607 attached [pid 3604] <... clone resumed>, child_tidptr=0x555556df65d0) = 3612 [pid 3607] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 ./strace-static-x86_64: Process 3614 attached ./strace-static-x86_64: Process 3613 attached ./strace-static-x86_64: Process 3612 attached ./strace-static-x86_64: Process 3611 attached [pid 3610] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3609] <... clone resumed>, child_tidptr=0x555556df65d0) = 3614 [pid 3607] setpgid(0, 0) = 0 [pid 3613] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3607] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3613] <... prctl resumed>) = 0 [pid 3613] setpgid(0, 0 [pid 3612] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3611] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3610] <... clone resumed>, child_tidptr=0x555556df65d0) = 3615 [pid 3614] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3607] <... openat resumed>) = 3 ./strace-static-x86_64: Process 3615 attached [pid 3607] write(3, "1000", 4) = 4 [pid 3607] close(3) = 0 [pid 3607] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 3607] ioctl(3, USB_RAW_IOCTL_INIT [pid 3613] <... setpgid resumed>) = 0 [pid 3613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3607] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3607] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 3613] <... openat resumed>) = 3 [pid 3611] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 3616 attached [pid 3615] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3614] <... prctl resumed>) = 0 [pid 3613] write(3, "1000", 4 [pid 3612] <... clone resumed>, child_tidptr=0x555556df65d0) = 3616 [pid 3611] setpgid(0, 0 [pid 3607] <... ioctl resumed>, 0) = 0 [pid 3614] setpgid(0, 0 [pid 3613] <... write resumed>) = 4 [pid 3611] <... setpgid resumed>) = 0 [pid 3614] <... setpgid resumed>) = 0 [pid 3613] close(3 [pid 3611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3607] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3615] <... prctl resumed>) = 0 [pid 3614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3613] <... close resumed>) = 0 [pid 3611] <... openat resumed>) = 3 [pid 3607] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3615] setpgid(0, 0 [pid 3614] <... openat resumed>) = 3 [pid 3613] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 3611] write(3, "1000", 4 [pid 3607] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3615] <... setpgid resumed>) = 0 [pid 3614] write(3, "1000", 4 [pid 3613] <... openat resumed>) = 3 [pid 3611] <... write resumed>) = 4 [pid 3615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3614] <... write resumed>) = 4 [pid 3613] ioctl(3, USB_RAW_IOCTL_INIT [pid 3611] close(3 [pid 3616] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3615] <... openat resumed>) = 3 [pid 3614] close(3 [pid 3613] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3611] <... close resumed>) = 0 [pid 3616] <... prctl resumed>) = 0 [pid 3615] write(3, "1000", 4 [pid 3614] <... close resumed>) = 0 [pid 3613] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 3611] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 3616] setpgid(0, 0 [pid 3615] <... write resumed>) = 4 [pid 3614] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 3616] <... setpgid resumed>) = 0 [pid 3613] <... ioctl resumed>, 0) = 0 [pid 3616] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3611] <... openat resumed>) = 3 [pid 3616] <... openat resumed>) = 3 [pid 3616] write(3, "1000", 4 [pid 3615] close(3 [pid 3614] <... openat resumed>) = 3 [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3611] ioctl(3, USB_RAW_IOCTL_INIT [pid 3616] <... write resumed>) = 4 [pid 3615] <... close resumed>) = 0 [pid 3614] ioctl(3, USB_RAW_IOCTL_INIT [pid 3611] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3616] close(3 [pid 3615] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 3614] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3613] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3611] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 3616] <... close resumed>) = 0 [pid 3615] <... openat resumed>) = 3 [pid 3616] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 3611] <... ioctl resumed>, 0) = 0 [pid 3616] <... openat resumed>) = 3 [pid 3614] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3611] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3616] ioctl(3, USB_RAW_IOCTL_INIT [pid 3615] ioctl(3, USB_RAW_IOCTL_INIT [pid 3616] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3615] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3614] <... ioctl resumed>, 0) = 0 [pid 3611] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3616] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 3615] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3611] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3616] <... ioctl resumed>, 0) = 0 [pid 3615] <... ioctl resumed>, 0) = 0 [pid 3614] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3616] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3615] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3616] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3615] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3616] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3615] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3616] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3616] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe05664450) = 18 [pid 3616] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3607] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3607] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3615] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3613] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3611] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3611] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3615] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3607] <... ioctl resumed>, 0x7ffe05664450) = 18 [pid 3607] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH syzkaller login: [ 42.914603][ T3268] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 42.914603][ T2545] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 42.914799][ T26] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 42.922200][ T144] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 42.944573][ T6] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 42.952268][ T3619] usb 5-1: new high-speed USB device number 2 using dummy_hcd [pid 3615] <... ioctl resumed>, 0x7ffe05664450) = 18 [pid 3614] <... ioctl resumed>, 0x7ffe05664450) = 18 [pid 3613] <... ioctl resumed>, 0x7ffe05664450) = 18 [pid 3611] <... ioctl resumed>, 0x7ffe05664450) = 18 [pid 3615] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3611] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3616] <... ioctl resumed>, 0x7ffe05665460) = 0 [ 43.154611][ T2545] usb 6-1: Using ep0 maxpacket: 16 [pid 3616] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe05664450) = 18 [pid 3616] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3607] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3607] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3616] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3616] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3607] <... ioctl resumed>, 0x7ffe05664450) = 18 [ 43.184565][ T26] usb 1-1: Using ep0 maxpacket: 16 [pid 3607] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3616] <... ioctl resumed>, 0x7ffe05664450) = 9 [pid 3616] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3607] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3607] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3616] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3613] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3616] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3607] <... ioctl resumed>, 0x7ffe05664450) = 9 [ 43.224584][ T6] usb 4-1: Using ep0 maxpacket: 16 [ 43.229962][ T144] usb 3-1: Using ep0 maxpacket: 16 [ 43.235140][ T3268] usb 2-1: Using ep0 maxpacket: 16 [ 43.240490][ T3619] usb 5-1: Using ep0 maxpacket: 16 [pid 3607] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3616] <... ioctl resumed>, 0x7ffe05664450) = 27 [pid 3614] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3613] <... ioctl resumed>, 0x7ffe05664450) = 18 [pid 3611] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3616] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3611] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3615] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3615] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3607] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3607] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3616] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3615] <... ioctl resumed>, 0x7ffe05664450) = 18 [pid 3614] <... ioctl resumed>, 0x7ffe05664450) = 18 [pid 3613] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3611] <... ioctl resumed>, 0x7ffe05664450) = 18 [pid 3616] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3615] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3611] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3607] <... ioctl resumed>, 0x7ffe05664450) = 27 [pid 3607] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3616] <... ioctl resumed>, 0x7ffe05664450) = 4 [pid 3616] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3615] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3614] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3613] <... ioctl resumed>, 0x7ffe05664450) = 9 [pid 3611] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3607] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3615] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3611] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3607] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3616] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3616] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3615] <... ioctl resumed>, 0x7ffe05664450) = 9 [pid 3614] <... ioctl resumed>, 0x7ffe05664450) = 9 [pid 3613] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3611] <... ioctl resumed>, 0x7ffe05664450) = 9 [pid 3607] <... ioctl resumed>, 0x7ffe05664450) = 4 [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3611] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [ 43.275365][ T2545] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 43.304634][ T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [pid 3615] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3607] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3616] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3616] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe05665460) = 0 [pid 3615] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3614] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3613] <... ioctl resumed>, 0x7ffe05664450) = 27 [pid 3611] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3607] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3616] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3615] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3611] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3607] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffe05664450) = 8 [pid 3607] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3616] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3615] <... ioctl resumed>, 0x7ffe05664450) = 27 [pid 3614] <... ioctl resumed>, 0x7ffe05664450) = 27 [pid 3613] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3611] <... ioctl resumed>, 0x7ffe05664450) = 27 [pid 3607] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3616] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3615] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3611] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3607] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3616] <... ioctl resumed>, 0x7ffe05665460) = 0 [ 43.374742][ T3268] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 43.404683][ T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3616] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3607] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3607] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] <... ioctl resumed>, 0x7ffe05664450) = 4 [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3616] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3616] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3607] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3607] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3613] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3615] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3614] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3611] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3615] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [ 43.415924][ T144] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 43.426871][ T3619] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 43.444849][ T2545] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=b6.8f [ 43.454039][ T2545] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.462430][ T2545] usb 6-1: Product: syz [ 43.466824][ T2545] usb 6-1: Manufacturer: syz [pid 3611] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3607] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3607] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3615] <... ioctl resumed>, 0x7ffe05664450) = 4 [pid 3614] <... ioctl resumed>, 0x7ffe05664450) = 4 [pid 3613] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3611] <... ioctl resumed>, 0x7ffe05664450) = 4 [pid 3615] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3611] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3615] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3614] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3613] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3611] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3615] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3611] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3616] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3615] <... ioctl resumed>, 0x7ffe05664450) = 8 [ 43.471443][ T2545] usb 6-1: SerialNumber: syz [ 43.476295][ T26] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=b6.8f [ 43.492419][ T2545] usb 6-1: config 0 descriptor?? [ 43.497606][ T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.506377][ T26] usb 1-1: Product: syz [ 43.510604][ T26] usb 1-1: Manufacturer: syz [ 43.515549][ T26] usb 1-1: SerialNumber: syz [pid 3614] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3613] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3611] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3616] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW [pid 3615] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3611] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3616] <... ioctl resumed>, 0) = 0 [pid 3616] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 3616] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f55b57f446c) = 12 [pid 3616] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffe05664450) = 0 [pid 3607] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3607] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [ 43.525384][ T26] usb 1-1: config 0 descriptor?? [pid 3607] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 3607] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f55b57f446c) = 12 [pid 3607] ioctl(3, USB_RAW_IOCTL_EP0_READ [pid 3615] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3614] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3613] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3611] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3615] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3611] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3615] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3614] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3613] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3607] <... ioctl resumed>, 0x7ffe05664450) = 0 [pid 3615] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3611] <... ioctl resumed>, 0x7ffe05664450) = 8 [ 43.545995][ T2545] cm109 6-1:0.0: invalid payload size 250, expected 4 [ 43.553513][ T2545] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input5 [ 43.565606][ T3268] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=b6.8f [ 43.566470][ T26] cm109 1-1:0.0: invalid payload size 250, expected 4 [ 43.579697][ T3268] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [pid 3611] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3615] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3614] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3611] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3615] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [ 43.589793][ T26] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input6 [ 43.595955][ T3268] usb 2-1: Product: syz [ 43.604489][ T3268] usb 2-1: Manufacturer: syz [ 43.611649][ T3268] usb 2-1: SerialNumber: syz [ 43.631200][ T3268] usb 2-1: config 0 descriptor?? [ 43.636499][ T144] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=b6.8f [pid 3611] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 3615] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3614] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3611] <... ioctl resumed>, 0x7ffe05664450) = 8 [pid 3611] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3615] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [ 43.645688][ T3619] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=b6.8f [ 43.654906][ T6] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=b6.8f [ 43.663957][ T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.673636][ T144] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.681855][ T3619] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.690086][ T144] usb 3-1: Product: syz [pid 3614] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3613] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3613] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 3613] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 3613] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f55b57f446c) = 12 [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffe05664450) = 0 [ 43.694357][ T144] usb 3-1: Manufacturer: syz [ 43.699010][ T6] usb 4-1: Product: syz [ 43.703339][ T3619] usb 5-1: Product: syz [ 43.707615][ T6] usb 4-1: Manufacturer: syz [ 43.714300][ T6] usb 4-1: SerialNumber: syz [ 43.718987][ T3619] usb 5-1: Manufacturer: syz [ 43.723769][ T3619] usb 5-1: SerialNumber: syz [ 43.729786][ T3268] cm109 2-1:0.0: invalid payload size 250, expected 4 [pid 3616] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe05665480) = 0 [pid 3616] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffe05664470) = 4 [pid 3615] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3614] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3611] <... ioctl resumed>, 0x7ffe05665460) = 0 [pid 3615] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW [pid 3614] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW [pid 3607] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3614] <... ioctl resumed>, 0) = 0 [pid 3611] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW [pid 3607] <... ioctl resumed>, 0x7ffe05665480) = 0 [pid 3614] ioctl(3, USB_RAW_IOCTL_CONFIGURE [pid 3607] ioctl(3, USB_RAW_IOCTL_EP0_READ [pid 3615] <... ioctl resumed>, 0) = 0 [pid 3614] <... ioctl resumed>, 0) = 0 [pid 3611] <... ioctl resumed>, 0) = 0 [pid 3614] ioctl(3, USB_RAW_IOCTL_EP_ENABLE [pid 3615] ioctl(3, USB_RAW_IOCTL_CONFIGURE [pid 3614] <... ioctl resumed>, 0x7f55b57f446c) = 12 [pid 3611] ioctl(3, USB_RAW_IOCTL_CONFIGURE [pid 3615] <... ioctl resumed>, 0) = 0 [pid 3614] ioctl(3, USB_RAW_IOCTL_EP0_READ [pid 3611] <... ioctl resumed>, 0) = 0 [pid 3615] ioctl(3, USB_RAW_IOCTL_EP_ENABLE [pid 3611] ioctl(3, USB_RAW_IOCTL_EP_ENABLE [pid 3615] <... ioctl resumed>, 0x7f55b57f446c) = 12 [pid 3611] <... ioctl resumed>, 0x7f55b57f446c) = 12 [pid 3615] ioctl(3, USB_RAW_IOCTL_EP0_READ [pid 3611] ioctl(3, USB_RAW_IOCTL_EP0_READ [pid 3607] <... ioctl resumed>, 0x7ffe05664470) = 4 [ 43.738381][ T3268] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input7 [ 43.748991][ T6] usb 4-1: config 0 descriptor?? [ 43.755239][ T144] usb 3-1: SerialNumber: syz [ 43.761400][ T3619] usb 5-1: config 0 descriptor?? [ 43.766947][ T144] usb 3-1: config 0 descriptor?? [pid 3615] <... ioctl resumed>, 0x7ffe05664450) = 0 [pid 3611] <... ioctl resumed>, 0x7ffe05664450) = 0 [pid 3614] <... ioctl resumed>, 0x7ffe05664450) = 0 [ 43.815613][ T144] cm109 3-1:0.0: invalid payload size 250, expected 4 [ 43.822960][ T144] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input8 [ 43.833970][ T3619] cm109 5-1:0.0: invalid payload size 250, expected 4 [ 43.841936][ T6] cm109 4-1:0.0: invalid payload size 250, expected 4 [ 43.850514][ T3619] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input9 [ 43.861592][ T6] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input10 [pid 3613] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe05665480) = 0 [pid 3613] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffe05664470) = 4 [pid 3616] openat(AT_FDCWD, "/dev/char/4:1", O_RDWR) = 4 [pid 3616] write(4, "\x1b\x9b\x07\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x38\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 120) = 120 [pid 3616] exit_group(0) = ? [pid 3616] +++ exited with 0 +++ [pid 3612] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3616, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 3612] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556df65d0) = 3626 ./strace-static-x86_64: Process 3626 attached [pid 3626] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3626] setpgid(0, 0) = 0 [pid 3626] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3626] write(3, "1000", 4) = 4 [pid 3626] close(3) = 0 [pid 3626] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 3626] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffe05665460) = 0 [pid 3626] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 3626] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe05665460) = 0 [pid 3626] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3607] openat(AT_FDCWD, "/dev/char/4:1", O_RDWR) = 4 [pid 3607] write(4, "\x1b\x9b\x07\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x38\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 120) = 120 [pid 3607] exit_group(0) = ? [pid 3607] +++ exited with 0 +++ [pid 3605] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3607, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3605] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 43.980770][ T6] usb 6-1: USB disconnect, device number 2 [ 43.994590][ C1] cm109 6-1:0.0: cm109_urb_ctl_callback: urb status -71 [ 44.001681][ C1] cm109 6-1:0.0: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 44.011840][ T6] cm109 6-1:0.0: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [pid 3605] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3627 attached [pid 3627] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3627] setpgid(0, 0) = 0 [pid 3627] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3627] write(3, "1000", 4) = 4 [pid 3627] close(3) = 0 [pid 3627] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 3627] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffe05665460) = 0 [pid 3627] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 3627] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffe05665460) = 0 [pid 3627] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 3605] <... clone resumed>, child_tidptr=0x555556df65d0) = 3627 [ 44.024550][ C1] cm109 1-1:0.0: cm109_urb_irq_callback: urb status -71 [ 44.031546][ C1] ------------[ cut here ]------------ [ 44.032922][ T3619] usb 1-1: USB disconnect, device number 2 [ 44.036993][ C1] URB ffff888017150e00 submitted while active [ 44.037552][ C1] WARNING: CPU: 1 PID: 3622 at drivers/usb/core/urb.c:378 usb_submit_urb+0x14e8/0x1880 [ 44.058541][ C1] Modules linked in: [ 44.062465][ C1] CPU: 1 PID: 3622 Comm: udevd Not tainted 6.0.0-rc3-next-20220901-syzkaller #0 [ 44.071531][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 44.081694][ C1] RIP: 0010:usb_submit_urb+0x14e8/0x1880 [ 44.087347][ C1] Code: 89 de e8 2b 3a e9 fb 84 db 0f 85 a3 f3 ff ff e8 8e 3d e9 fb 4c 89 fe 48 c7 c7 c0 6e 90 8a c6 05 0a f9 36 08 01 e8 fc 85 aa 03 <0f> 0b e9 81 f3 ff ff 48 89 7c 24 40 e8 67 3d e9 fb 48 8b 7c 24 40 [ 44.107017][ C1] RSP: 0018:ffffc900001e09d8 EFLAGS: 00010086 [ 44.113122][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 44.121104][ C1] RDX: ffff888077fed7c0 RSI: ffffffff81620448 RDI: fffff5200003c12d [pid 3613] openat(AT_FDCWD, "/dev/char/4:1", O_RDWR) = 4 [ 44.129093][ C1] RBP: ffff8880173ae1e0 R08: 0000000000000005 R09: 0000000000000000 [ 44.137095][ C1] R10: 0000000080000101 R11: 0000000000000001 R12: 0000000000000046 [ 44.145090][ C1] R13: ffff88802287a058 R14: 00000000fffffff0 R15: ffff888017150e00 [ 44.153093][ C1] FS: 00007f7dfe3ce840(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 44.162072][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.162091][ C1] CR2: 00007ffe05666488 CR3: 000000007d7ea000 CR4: 00000000003506e0 [ 44.162104][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 44.162115][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 44.162127][ C1] Call Trace: [ 44.162133][ C1] [ 44.162141][ C1] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 44.162168][ C1] cm109_urb_irq_callback+0x2e6/0xaa0 [ 44.162199][ C1] __usb_hcd_giveback_urb+0x2b0/0x5c0 [ 44.162225][ C1] usb_hcd_giveback_urb+0x380/0x430 [ 44.162249][ C1] dummy_timer+0x11ff/0x32c0 [ 44.162279][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.162299][ C1] ? lock_release+0x560/0x780 [ 44.162322][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.162342][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.162361][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.162379][ C1] ? lock_acquire+0x480/0x570 [ 44.162400][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 44.162423][ C1] ? dummy_dequeue+0x500/0x500 [ 44.162449][ C1] ? scheduler_tick+0x25f/0x5e0 [ 44.162476][ C1] ? dummy_dequeue+0x500/0x500 [ 44.162502][ C1] call_timer_fn+0x1a0/0x6b0 [ 44.162526][ C1] ? timer_fixup_activate+0x350/0x350 [ 44.162551][ C1] ? lock_downgrade+0x6e0/0x6e0 [ 44.162578][ C1] ? __next_timer_interrupt+0x244/0x2c0 [ 44.162601][ C1] ? dummy_dequeue+0x500/0x500 [ 44.162628][ C1] ? dummy_dequeue+0x500/0x500 [ 44.162654][ C1] ? dummy_dequeue+0x500/0x500 [ 44.162682][ C1] __run_timers.part.0+0x674/0xa80 [ 44.162709][ C1] ? call_timer_fn+0x6b0/0x6b0 [ 44.162733][ C1] ? cpuacct_all_seq_show+0x520/0x520 [ 44.162755][ C1] ? kvm_sched_clock_read+0x14/0x40 [ 44.162780][ C1] ? sched_clock_cpu+0x69/0x2b0 [ 44.162797][ C1] run_timer_softirq+0xb3/0x1d0 [ 44.162813][ C1] __do_softirq+0x1d3/0x9c6 [ 44.162831][ C1] __irq_exit_rcu+0x123/0x180 [ 44.162848][ C1] irq_exit_rcu+0x5/0x20 [ 44.162862][ C1] sysvec_apic_timer_interrupt+0x93/0xc0 [ 44.162882][ C1] [ 44.162886][ C1] [ 44.162889][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 44.162905][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x5c/0x60 [ 44.162927][ C1] Code: 82 70 15 00 00 83 f8 02 75 20 48 8b 8a 78 15 00 00 8b 92 74 15 00 00 48 8b 01 48 83 c0 01 48 39 c2 76 07 48 89 01 48 89 34 c1 0f 1f 00 41 55 41 54 49 89 fc 55 48 bd eb 83 b5 80 46 86 c8 61 [ 44.162939][ C1] RSP: 0018:ffffc90003e4fa78 EFLAGS: 00000293 [ 44.162951][ C1] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000000000 [ 44.162958][ C1] RDX: ffff888077fed7c0 RSI: ffffffff83bf76d6 RDI: 0000000000000005 [ 44.162967][ C1] RBP: 1ffff920007c9f54 R08: 0000000000000005 R09: 0000000000000000 [ 44.162974][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 44.162982][ C1] R13: ffffc90003e4fd38 R14: dffffc0000000000 R15: ffff888077389100 [ 44.162992][ C1] ? tomoyo_path_perm+0x96/0x400 [ 44.163009][ C1] tomoyo_path_perm+0x96/0x400 [ 44.163022][ C1] ? complete_walk+0x1b0/0x320 [ 44.163035][ C1] ? tomoyo_check_open_permission+0x380/0x380 [ 44.163049][ C1] ? path_lookupat+0x25a/0x840 [ 44.163062][ C1] ? filename_lookup+0x3cd/0x590 [ 44.163075][ C1] ? may_linkat+0x510/0x510 [ 44.163086][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.163098][ C1] ? lock_acquire+0x480/0x570 [ 44.163112][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.163126][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.163139][ C1] ? lock_acquire+0x480/0x570 [ 44.163152][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.163164][ C1] ? lock_release+0x560/0x780 [ 44.163177][ C1] ? __might_fault+0xd1/0x170 [ 44.163191][ C1] ? lock_downgrade+0x6e0/0x6e0 [ 44.163204][ C1] ? debug_check_no_obj_freed+0x20c/0x420 [ 44.163218][ C1] ? __virt_addr_valid+0x5d/0x2d0 [ 44.163231][ C1] ? __phys_addr+0xc4/0x140 [ 44.163244][ C1] security_inode_getattr+0xcf/0x140 [ 44.163260][ C1] vfs_statx+0x16a/0x390 [ 44.163276][ C1] ? inode_sub_bytes+0x100/0x100 [ 44.163289][ C1] ? getname_flags.part.0+0x1dd/0x4f0 [ 44.163304][ C1] vfs_fstatat+0x8c/0xb0 [ 44.163318][ C1] __do_sys_newfstatat+0x91/0x110 [ 44.163333][ C1] ? __do_compat_sys_newlstat+0x110/0x110 [ 44.163349][ C1] ? lock_downgrade+0x6e0/0x6e0 [ 44.163362][ C1] ? __ct_user_enter+0x19f/0x1d0 [ 44.163382][ C1] ? vtime_user_exit+0x218/0x6c0 [ 44.163402][ C1] ? trace_hardirqs_on+0x2d/0x120 [ 44.163415][ C1] do_syscall_64+0x35/0xb0 [ 44.163430][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 44.163445][ C1] RIP: 0033:0x7f7dfe7b31da [ 44.163458][ C1] Code: 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 0b 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 90 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 8b 15 69 fc 0c 00 f7 [ 44.163470][ C1] RSP: 002b:00007ffcf209a8a8 EFLAGS: 00000202 ORIG_RAX: 0000000000000106 [ 44.163481][ C1] RAX: ffffffffffffffda RBX: 00007f7dfe880380 RCX: 00007f7dfe7b31da [ 44.163490][ C1] RDX: 00007ffcf209a8b0 RSI: 00007f7dfe84975a RDI: 0000000000000008 [ 44.163498][ C1] RBP: 000056418c898970 R08: 0000000000000001 R09: 0000000000000000 [ 44.163506][ C1] R10: 0000000000001000 R11: 0000000000000202 R12: 000056418c898970 [ 44.163513][ C1] R13: 0000000000000000 R14: 00007ffcf209ae88 R15: 0000000000003fff [ 44.163525][ C1] [ 44.163530][ C1] Kernel panic - not syncing: panic_on_warn set ... [ 44.163537][ C1] CPU: 1 PID: 3622 Comm: udevd Not tainted 6.0.0-rc3-next-20220901-syzkaller #0 [ 44.163551][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 44.163562][ C1] Call Trace: [ 44.163566][ C1] [ 44.163569][ C1] dump_stack_lvl+0xcd/0x134 [ 44.163584][ C1] panic+0x2c8/0x622 [ 44.163602][ C1] ? panic_print_sys_info.part.0+0x110/0x110 [ 44.163623][ C1] ? __warn.cold+0x248/0x2c4 [ 44.163642][ C1] ? usb_submit_urb+0x14e8/0x1880 [ 44.163658][ C1] __warn.cold+0x259/0x2c4 [ 44.163676][ C1] ? usb_submit_urb+0x14e8/0x1880 [ 44.163692][ C1] report_bug+0x1bc/0x210 [ 44.163706][ C1] handle_bug+0x3c/0x60 [ 44.163721][ C1] exc_invalid_op+0x14/0x40 [ 44.163736][ C1] asm_exc_invalid_op+0x16/0x20 [ 44.163749][ C1] RIP: 0010:usb_submit_urb+0x14e8/0x1880 [ 44.163766][ C1] Code: 89 de e8 2b 3a e9 fb 84 db 0f 85 a3 f3 ff ff e8 8e 3d e9 fb 4c 89 fe 48 c7 c7 c0 6e 90 8a c6 05 0a f9 36 08 01 e8 fc 85 aa 03 <0f> 0b e9 81 f3 ff ff 48 89 7c 24 40 e8 67 3d e9 fb 48 8b 7c 24 40 [ 44.163777][ C1] RSP: 0018:ffffc900001e09d8 EFLAGS: 00010086 [ 44.163786][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 44.163794][ C1] RDX: ffff888077fed7c0 RSI: ffffffff81620448 RDI: fffff5200003c12d [ 44.163802][ C1] RBP: ffff8880173ae1e0 R08: 0000000000000005 R09: 0000000000000000 [ 44.163809][ C1] R10: 0000000080000101 R11: 0000000000000001 R12: 0000000000000046 [ 44.163817][ C1] R13: ffff88802287a058 R14: 00000000fffffff0 R15: ffff888017150e00 [ 44.163827][ C1] ? vprintk+0x88/0x90 [ 44.163842][ C1] ? usb_submit_urb+0x14e8/0x1880 [ 44.163858][ C1] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 44.163873][ C1] cm109_urb_irq_callback+0x2e6/0xaa0 [ 44.163892][ C1] __usb_hcd_giveback_urb+0x2b0/0x5c0 [ 44.163908][ C1] usb_hcd_giveback_urb+0x380/0x430 [ 44.163924][ C1] dummy_timer+0x11ff/0x32c0 [ 44.163942][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.163955][ C1] ? lock_release+0x560/0x780 [ 44.163970][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.163983][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.163996][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.164008][ C1] ? lock_acquire+0x480/0x570 [ 44.164022][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 44.164037][ C1] ? dummy_dequeue+0x500/0x500 [ 44.164054][ C1] ? scheduler_tick+0x25f/0x5e0 [ 44.164071][ C1] ? dummy_dequeue+0x500/0x500 [ 44.164088][ C1] call_timer_fn+0x1a0/0x6b0 [ 44.164104][ C1] ? timer_fixup_activate+0x350/0x350 [ 44.164120][ C1] ? lock_downgrade+0x6e0/0x6e0 [ 44.164134][ C1] ? __next_timer_interrupt+0x244/0x2c0 [ 44.164150][ C1] ? dummy_dequeue+0x500/0x500 [ 44.164167][ C1] ? dummy_dequeue+0x500/0x500 [ 44.164184][ C1] ? dummy_dequeue+0x500/0x500 [ 44.164202][ C1] __run_timers.part.0+0x674/0xa80 [ 44.164220][ C1] ? call_timer_fn+0x6b0/0x6b0 [ 44.164236][ C1] ? cpuacct_all_seq_show+0x520/0x520 [ 44.164250][ C1] ? kvm_sched_clock_read+0x14/0x40 [ 44.164265][ C1] ? sched_clock_cpu+0x69/0x2b0 [ 44.164280][ C1] run_timer_softirq+0xb3/0x1d0 [ 44.164296][ C1] __do_softirq+0x1d3/0x9c6 [ 44.164312][ C1] __irq_exit_rcu+0x123/0x180 [ 44.164327][ C1] irq_exit_rcu+0x5/0x20 [ 44.164340][ C1] sysvec_apic_timer_interrupt+0x93/0xc0 [ 44.164358][ C1] [ 44.164361][ C1] [ 44.164365][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 44.164380][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x5c/0x60 [ 44.164399][ C1] Code: 82 70 15 00 00 83 f8 02 75 20 48 8b 8a 78 15 00 00 8b 92 74 15 00 00 48 8b 01 48 83 c0 01 48 39 c2 76 07 48 89 01 48 89 34 c1 0f 1f 00 41 55 41 54 49 89 fc 55 48 bd eb 83 b5 80 46 86 c8 61 [ 44.164410][ C1] RSP: 0018:ffffc90003e4fa78 EFLAGS: 00000293 [ 44.164419][ C1] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000000000 [ 44.164426][ C1] RDX: ffff888077fed7c0 RSI: ffffffff83bf76d6 RDI: 0000000000000005 [ 44.164434][ C1] RBP: 1ffff920007c9f54 R08: 0000000000000005 R09: 0000000000000000 [ 44.164441][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 44.164448][ C1] R13: ffffc90003e4fd38 R14: dffffc0000000000 R15: ffff888077389100 [ 44.164458][ C1] ? tomoyo_path_perm+0x96/0x400 [ 44.164473][ C1] tomoyo_path_perm+0x96/0x400 [ 44.164486][ C1] ? complete_walk+0x1b0/0x320 [ 44.164502][ C1] ? tomoyo_check_open_permission+0x380/0x380 [ 44.164522][ C1] ? path_lookupat+0x25a/0x840 [ 44.164535][ C1] ? filename_lookup+0x3cd/0x590 [ 44.164547][ C1] ? may_linkat+0x510/0x510 [ 44.164563][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.164575][ C1] ? lock_acquire+0x480/0x570 [ 44.164588][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.164602][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.164614][ C1] ? lock_acquire+0x480/0x570 [ 44.164628][ C1] ? rcu_read_lock_sched_held+0xd/0x70 [ 44.164640][ C1] ? lock_release+0x560/0x780 [ 44.164653][ C1] ? __might_fault+0xd1/0x170 [ 44.164665][ C1] ? lock_downgrade+0x6e0/0x6e0 [ 44.164678][ C1] ? debug_check_no_obj_freed+0x20c/0x420 [ 44.164692][ C1] ? __virt_addr_valid+0x5d/0x2d0 [ 44.164704][ C1] ? __phys_addr+0xc4/0x140 [ 44.164717][ C1] security_inode_getattr+0xcf/0x140 [ 44.164732][ C1] vfs_statx+0x16a/0x390 [ 44.164746][ C1] ? inode_sub_bytes+0x100/0x100 [ 44.164759][ C1] ? getname_flags.part.0+0x1dd/0x4f0 [ 44.164774][ C1] vfs_fstatat+0x8c/0xb0 [ 44.164788][ C1] __do_sys_newfstatat+0x91/0x110 [ 44.164802][ C1] ? __do_compat_sys_newlstat+0x110/0x110 [ 44.164818][ C1] ? lock_downgrade+0x6e0/0x6e0 [ 44.164831][ C1] ? __ct_user_enter+0x19f/0x1d0 [ 44.164850][ C1] ? vtime_user_exit+0x218/0x6c0 [ 44.164869][ C1] ? trace_hardirqs_on+0x2d/0x120 [ 44.164882][ C1] do_syscall_64+0x35/0xb0 [ 44.164896][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 44.164910][ C1] RIP: 0033:0x7f7dfe7b31da [ 44.164919][ C1] Code: 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 0b 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 90 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 8b 15 69 fc 0c 00 f7 [ 44.164930][ C1] RSP: 002b:00007ffcf209a8a8 EFLAGS: 00000202 ORIG_RAX: 0000000000000106 [ 44.164941][ C1] RAX: ffffffffffffffda RBX: 00007f7dfe880380 RCX: 00007f7dfe7b31da [ 44.164949][ C1] RDX: 00007ffcf209a8b0 RSI: 00007f7dfe84975a RDI: 0000000000000008 [ 44.164957][ C1] RBP: 000056418c898970 R08: 0000000000000001 R09: 0000000000000000 [ 44.164964][ C1] R10: 0000000000001000 R11: 0000000000000202 R12: 000056418c898970 [ 44.164972][ C1] R13: 0000000000000000 R14: 00007ffcf209ae88 R15: 0000000000003fff [ 44.164983][ C1] [ 45.248766][ C1] Shutting down cpus with NMI [ 45.249074][ C1] Kernel Offset: disabled [ 46.418324][ C1] Rebooting in 86400 seconds..