./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3983489951 <...> Warning: Permanently added '10.128.1.14' (ED25519) to the list of known hosts. execve("./syz-executor3983489951", ["./syz-executor3983489951"], 0x7fffd811dca0 /* 10 vars */) = 0 brk(NULL) = 0x5555739c5000 brk(0x5555739c5d00) = 0x5555739c5d00 arch_prctl(ARCH_SET_FS, 0x5555739c5380) = 0 set_tid_address(0x5555739c5650) = 5834 set_robust_list(0x5555739c5660, 24) = 0 rseq(0x5555739c5ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3983489951", 4096) = 28 getrandom("\x14\xb1\x9c\xf9\x8c\xc8\x1f\x86", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555739c5d00 brk(0x5555739e6d00) = 0x5555739e6d00 brk(0x5555739e7000) = 0x5555739e7000 mprotect(0x7faa6b81e000, 16384, PROT_READ) = 0 mmap(0x3ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ffffffff000 mmap(0x400000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400000000000 mmap(0x400001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5835 attached [pid 5835] set_robust_list(0x5555739c5660, 24 [pid 5834] <... clone resumed>, child_tidptr=0x5555739c5650) = 5835 [pid 5835] <... set_robust_list resumed>) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5837 attached ./strace-static-x86_64: Process 5836 attached , child_tidptr=0x5555739c5650) = 5836 [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5837] set_robust_list(0x5555739c5660, 24 [pid 5835] <... clone resumed>, child_tidptr=0x5555739c5650) = 5837 [pid 5836] set_robust_list(0x5555739c5660, 24) = 0 ./strace-static-x86_64: Process 5838 attached [pid 5837] <... set_robust_list resumed>) = 0 [pid 5836] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5834] <... clone resumed>, child_tidptr=0x5555739c5650) = 5838 [pid 5838] set_robust_list(0x5555739c5660, 24 [pid 5837] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5838] <... set_robust_list resumed>) = 0 [pid 5837] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5839 attached ./strace-static-x86_64: Process 5840 attached [pid 5834] <... clone resumed>, child_tidptr=0x5555739c5650) = 5840 [pid 5839] set_robust_list(0x5555739c5660, 24 [pid 5838] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5837] setpgid(0, 0 [pid 5839] <... set_robust_list resumed>) = 0 [pid 5837] <... setpgid resumed>) = 0 [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5836] <... clone resumed>, child_tidptr=0x5555739c5650) = 5839 [pid 5840] set_robust_list(0x5555739c5660, 24 [pid 5839] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5839] setpgid(0, 0./strace-static-x86_64: Process 5842 attached ./strace-static-x86_64: Process 5841 attached [pid 5840] <... set_robust_list resumed>) = 0 [pid 5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5834] <... clone resumed>, child_tidptr=0x5555739c5650) = 5841 [pid 5842] set_robust_list(0x5555739c5660, 24 [pid 5841] set_robust_list(0x5555739c5660, 24 [pid 5842] <... set_robust_list resumed>) = 0 [pid 5842] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5841] <... set_robust_list resumed>) = 0 [pid 5839] <... setpgid resumed>) = 0 [pid 5840] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5838] <... clone resumed>, child_tidptr=0x5555739c5650) = 5842 [pid 5842] <... prctl resumed>) = 0 [pid 5841] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5837] <... openat resumed>) = 3 [pid 5842] setpgid(0, 0 [pid 5839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5842] <... setpgid resumed>) = 0 [pid 5842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5843 attached ) = 3 [pid 5839] <... openat resumed>) = 3 [pid 5837] write(3, "1000", 4 [pid 5840] <... clone resumed>, child_tidptr=0x5555739c5650) = 5843 [pid 5839] write(3, "1000", 4 [pid 5837] <... write resumed>) = 4 ./strace-static-x86_64: Process 5844 attached [pid 5843] set_robust_list(0x5555739c5660, 24 [pid 5842] write(3, "1000", 4 [pid 5839] <... write resumed>) = 4 [pid 5837] close(3 [pid 5844] set_robust_list(0x5555739c5660, 24 [pid 5843] <... set_robust_list resumed>) = 0 [pid 5842] <... write resumed>) = 4 [pid 5839] close(3 [pid 5837] <... close resumed>) = 0 executing program executing program [pid 5839] <... close resumed>) = 0 [pid 5837] write(1, "executing program\n", 18 [pid 5839] write(1, "executing program\n", 18 [pid 5837] <... write resumed>) = 18 [pid 5839] <... write resumed>) = 18 [pid 5844] <... set_robust_list resumed>) = 0 [pid 5843] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5842] close(3 [pid 5841] <... clone resumed>, child_tidptr=0x5555739c5650) = 5844 [pid 5839] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 5837] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 5844] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5843] <... prctl resumed>) = 0 [pid 5842] <... close resumed>) = 0 [pid 5844] <... prctl resumed>) = 0 [pid 5844] setpgid(0, 0executing program [pid 5842] write(1, "executing program\n", 18 [pid 5837] <... openat resumed>) = 3 [pid 5844] <... setpgid resumed>) = 0 [pid 5842] <... write resumed>) = 18 [pid 5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5843] setpgid(0, 0 [pid 5842] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 5839] <... openat resumed>) = 3 [pid 5837] ioctl(3, USB_RAW_IOCTL_INIT [pid 5839] ioctl(3, USB_RAW_IOCTL_INIT [pid 5844] <... openat resumed>) = 3 [pid 5843] <... setpgid resumed>) = 0 [pid 5842] <... openat resumed>) = 3 [pid 5839] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5837] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 executing program executing program [pid 5839] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 5837] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 5844] write(3, "1000", 4 [pid 5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5842] ioctl(3, USB_RAW_IOCTL_INIT [pid 5844] <... write resumed>) = 4 [pid 5844] close(3) = 0 [pid 5843] <... openat resumed>) = 3 [pid 5842] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5844] write(1, "executing program\n", 18 [pid 5843] write(3, "1000", 4 [pid 5844] <... write resumed>) = 18 [pid 5843] <... write resumed>) = 4 [pid 5844] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 5843] close(3) = 0 [pid 5843] write(1, "executing program\n", 18 [pid 5844] <... openat resumed>) = 3 [pid 5843] <... write resumed>) = 18 [pid 5842] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 5843] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 5844] ioctl(3, USB_RAW_IOCTL_INIT [pid 5843] <... openat resumed>) = 3 [pid 5844] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] ioctl(3, USB_RAW_IOCTL_INIT [pid 5844] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 5843] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 5839] <... ioctl resumed>, 0) = 0 [pid 5842] <... ioctl resumed>, 0) = 0 [pid 5837] <... ioctl resumed>, 0) = 0 [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5844] <... ioctl resumed>, 0) = 0 [pid 5843] <... ioctl resumed>, 0) = 0 [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5839] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5837] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5843] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5842] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5837] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5844] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5839] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5843] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5837] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5839] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5844] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5842] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5839] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5839] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 18 [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5837] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5842] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5837] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5837] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 18 [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5842] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 18 [pid 5844] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5843] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5842] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 18 [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5844] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5843] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5844] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 18 [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5839] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [ 70.599230][ T10] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 70.599230][ T47] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 70.600521][ T975] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 70.607529][ T26] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 70.630101][ T5846] usb 4-1: new high-speed USB device number 2 using dummy_hcd [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5842] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5837] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5844] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5839] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5839] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 18 [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5839] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 9 [pid 5837] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5837] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5839] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5837] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 18 [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5839] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 27 [pid 5837] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5837] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 9 [ 70.759157][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 70.779041][ T975] usb 1-1: Using ep0 maxpacket: 16 [ 70.788806][ T10] usb 2-1: config 4 has an invalid interface number: 5 but max is 0 [ 70.797078][ T10] usb 2-1: config 4 has no interface number 0 [ 70.799310][ T47] usb 3-1: Using ep0 maxpacket: 16 [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5837] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5842] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5837] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 27 [pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5842] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 18 [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5839] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5842] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 9 [pid 5839] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [ 70.803922][ T10] usb 2-1: config 4 interface 5 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 32 [ 70.818412][ T975] usb 1-1: config 4 has an invalid interface number: 5 but max is 0 [ 70.826517][ T10] usb 2-1: config 4 interface 5 has no altsetting 0 [ 70.828995][ T5846] usb 4-1: Using ep0 maxpacket: 16 [ 70.834200][ T975] usb 1-1: config 4 has no interface number 0 [ 70.839446][ T26] usb 5-1: Using ep0 maxpacket: 16 [pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 27 [pid 5839] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 4 [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5839] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5843] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 18 [pid 5844] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5844] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5843] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5839] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 8 [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5839] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5844] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 18 [pid 5839] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 8 [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5843] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 9 [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5837] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5844] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5839] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5839] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5844] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 9 [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5839] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 8 [pid 5837] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5839] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5844] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [ 70.846044][ T975] usb 1-1: config 4 interface 5 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 32 [ 70.857033][ T47] usb 3-1: config 4 has an invalid interface number: 5 but max is 0 [ 70.860955][ T975] usb 1-1: config 4 interface 5 has no altsetting 0 [ 70.877146][ T47] usb 3-1: config 4 has no interface number 0 [ 70.884522][ T47] usb 3-1: config 4 interface 5 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 32 [ 70.889365][ T10] usb 2-1: New USB device found, idVendor=eb1a, idProduct=e300, bcdDevice=bd.41 [ 70.895633][ T47] usb 3-1: config 4 interface 5 has no altsetting 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 27 [pid 5843] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5843] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5837] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 4 [pid 5843] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 27 [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5842] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5837] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5837] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 8 [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [ 70.906101][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.910393][ T26] usb 5-1: config 4 has an invalid interface number: 5 but max is 0 [ 70.918820][ T10] usb 2-1: Product: syz [ 70.926634][ T26] usb 5-1: config 4 has no interface number 0 [ 70.932071][ T10] usb 2-1: Manufacturer: syz [ 70.937249][ T26] usb 5-1: config 4 interface 5 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 32 [ 70.942495][ T10] usb 2-1: SerialNumber: syz [pid 5837] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 8 [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5837] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5842] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 4 [pid 5837] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 8 [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5837] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5842] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5839] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5839] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 5839] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 5842] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 8 [pid 5839] ioctl(3, USB_RAW_IOCTL_EP_ENABLE [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 8 [pid 5839] <... ioctl resumed>, 0x7faa6b8243ec) = -1 EINVAL (Invalid argument) [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 8 [ 70.951720][ T5846] usb 4-1: config 4 has an invalid interface number: 5 but max is 0 [ 70.962289][ T975] usb 1-1: New USB device found, idVendor=eb1a, idProduct=e300, bcdDevice=bd.41 [ 70.964384][ T5846] usb 4-1: config 4 has no interface number 0 [ 70.981000][ T5839] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 70.981300][ T26] usb 5-1: config 4 interface 5 has no altsetting 0 [ 70.995182][ T47] usb 3-1: New USB device found, idVendor=eb1a, idProduct=e300, bcdDevice=bd.41 [pid 5842] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5839] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd3bc5b2d0) = 0 [ 70.997517][ T975] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.012335][ T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.013730][ T975] usb 1-1: Product: syz [ 71.024746][ T47] usb 3-1: Product: syz [ 71.028493][ T10] em28xx 2-1:4.5: New device syz syz @ 480 Mbps (eb1a:e300, interface 5, class 5) [ 71.029538][ T5846] usb 4-1: config 4 interface 5 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 32 [ 71.038440][ T10] em28xx 2-1:4.5: Video interface 5 found: bulk [ 71.048271][ T47] usb 3-1: Manufacturer: syz [pid 5844] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 4 [pid 5837] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5837] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 5837] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 5837] ioctl(3, USB_RAW_IOCTL_EP_ENABLE [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5842] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5842] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW [pid 5837] <... ioctl resumed>, 0x7faa6b8243ec) = -1 EINVAL (Invalid argument) [pid 5842] <... ioctl resumed>, 0) = 0 [pid 5843] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 4 [pid 5837] ioctl(3, USB_RAW_IOCTL_EP0_READ [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5842] ioctl(3, USB_RAW_IOCTL_CONFIGURE [pid 5844] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 8 [pid 5843] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5842] <... ioctl resumed>, 0) = 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5843] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5842] ioctl(3, USB_RAW_IOCTL_EP_ENABLE [pid 5837] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 8 [ 71.056061][ T975] usb 1-1: Manufacturer: syz [ 71.059739][ T47] usb 3-1: SerialNumber: syz [ 71.066035][ T975] usb 1-1: SerialNumber: syz [ 71.069165][ T5846] usb 4-1: config 4 interface 5 has no altsetting 0 [ 71.081623][ T5837] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 71.094918][ T975] em28xx 1-1:4.5: New device syz syz @ 480 Mbps (eb1a:e300, interface 5, class 5) [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_EP0_WRITE [pid 5842] <... ioctl resumed>, 0x7faa6b8243ec) = -1 EINVAL (Invalid argument) [pid 5844] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 8 [pid 5844] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5843] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 8 [pid 5842] ioctl(3, USB_RAW_IOCTL_EP0_READ [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5843] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 8 [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5842] <... ioctl resumed>, 0x7ffd3bc5b2d0) = 0 [pid 5843] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5843] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd3bc5b2d0) = 8 [ 71.106502][ T5842] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22 [ 71.110245][ T26] usb 5-1: New USB device found, idVendor=eb1a, idProduct=e300, bcdDevice=bd.41 [ 71.114421][ T975] em28xx 1-1:4.5: Video interface 5 found: bulk [ 71.127115][ T26] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.141487][ T47] em28xx 3-1:4.5: New device syz syz @ 480 Mbps (eb1a:e300, interface 5, class 5) [ 71.151135][ T5846] usb 4-1: New USB device found, idVendor=eb1a, idProduct=e300, bcdDevice=bd.41 [pid 5843] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5843] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 5843] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [ 71.160353][ T5846] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.168386][ T47] em28xx 3-1:4.5: Video interface 5 found: bulk [ 71.174712][ T5846] usb 4-1: Product: syz [ 71.178895][ T5846] usb 4-1: Manufacturer: syz [ 71.183662][ T5846] usb 4-1: SerialNumber: syz [ 71.189079][ T26] usb 5-1: Product: syz [ 71.193317][ T26] usb 5-1: Manufacturer: syz [ 71.197954][ T26] usb 5-1: SerialNumber: syz [pid 5843] ioctl(3, USB_RAW_IOCTL_EP_ENABLE [pid 5844] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 5844] ioctl(3, USB_RAW_IOCTL_EP_ENABLE [pid 5843] <... ioctl resumed>, 0x7faa6b8243ec) = -1 EINVAL (Invalid argument) [pid 5843] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd3bc5b2d0) = 0 [pid 5844] <... ioctl resumed>, 0x7faa6b8243ec) = -1 EINVAL (Invalid argument) [pid 5844] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd3bc5b2d0) = 0 [ 71.209186][ T5843] raw-gadget.4 gadget.3: fail, usb_ep_enable returned -22 [ 71.215706][ T5844] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22 [ 71.230779][ T5846] em28xx 4-1:4.5: New device syz syz @ 480 Mbps (eb1a:e300, interface 5, class 5) [ 71.240642][ T5846] em28xx 4-1:4.5: Video interface 5 found: bulk [ 71.250454][ T26] em28xx 5-1:4.5: New device syz syz @ 480 Mbps (eb1a:e300, interface 5, class 5) [pid 5839] exit_group(0) = ? [pid 5839] +++ exited with 0 +++ [pid 5836] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5839, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5836] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 71.259783][ T26] em28xx 5-1:4.5: Video interface 5 found: bulk [pid 5836] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5856 attached , child_tidptr=0x5555739c5650) = 5856 [pid 5856] set_robust_list(0x5555739c5660, 24) = 0 [pid 5856] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5837] exit_group(0 [pid 5856] setpgid(0, 0 [pid 5837] <... exit_group resumed>) = ? [pid 5856] <... setpgid resumed>) = 0 [pid 5856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5856] write(3, "1000", 4) = 4 [pid 5856] close(3) = 0 [pid 5837] +++ exited with 0 +++ [pid 5856] write(1, "executing program\n", 18executing program ) = 18 [pid 5856] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5856] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffd3bc5c2e0) = 0 [pid 5856] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5856] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5837, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5856] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5858 attached [pid 5858] set_robust_list(0x5555739c5660, 24 [pid 5835] <... clone resumed>, child_tidptr=0x5555739c5650) = 5858 [pid 5858] <... set_robust_list resumed>) = 0 [pid 5842] exit_group(0 [pid 5858] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5842] <... exit_group resumed>) = ? [pid 5858] <... prctl resumed>) = 0 [pid 5858] setpgid(0, 0) = 0 [pid 5842] +++ exited with 0 +++ [pid 5838] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5842, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5858] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5838] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5859 attached [pid 5858] write(3, "1000", 4 [pid 5838] <... clone resumed>, child_tidptr=0x5555739c5650) = 5859 [pid 5859] set_robust_list(0x5555739c5660, 24) = 0 [pid 5858] <... write resumed>) = 4 [pid 5858] close(3 [pid 5859] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 71.329408][ T10] em28xx 2-1:4.5: unknown em28xx chip ID (0) [pid 5858] <... close resumed>) = 0 executing program [pid 5859] setpgid(0, 0 [pid 5858] write(1, "executing program\n", 18 [pid 5859] <... setpgid resumed>) = 0 [pid 5858] <... write resumed>) = 18 [pid 5858] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5859] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5858] ioctl(3, USB_RAW_IOCTL_INIT [pid 5859] <... openat resumed>) = 3 [pid 5858] <... ioctl resumed>, 0x7ffd3bc5c2e0) = 0 [pid 5859] write(3, "1000", 4) = 4 [pid 5859] close(3 [pid 5858] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 5859] <... close resumed>) = 0 [pid 5858] <... ioctl resumed>, 0) = 0 [pid 5858] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5858] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH executing program [pid 5859] write(1, "executing program\n", 18) = 18 [pid 5859] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5859] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffd3bc5c2e0) = 0 [pid 5859] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN [pid 5843] exit_group(0) = ? [pid 5859] <... ioctl resumed>, 0) = 0 [pid 5859] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5859] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5843] +++ exited with 0 +++ [pid 5840] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5843, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5840] restart_syscall(<... resuming interrupted clone ...> [pid 5844] exit_group(0 [pid 5840] <... restart_syscall resumed>) = 0 [pid 5844] <... exit_group resumed>) = ? [ 71.400304][ T975] em28xx 1-1:4.5: unknown em28xx chip ID (0) [ 71.429504][ T47] em28xx 3-1:4.5: unknown em28xx chip ID (0) [pid 5840] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5860 attached , child_tidptr=0x5555739c5650) = 5860 [pid 5844] +++ exited with 0 +++ [pid 5841] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5844, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5841] restart_syscall(<... resuming interrupted clone ...> [pid 5860] set_robust_list(0x5555739c5660, 24) = 0 [pid 5860] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5860] setpgid(0, 0) = 0 [pid 5860] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5841] <... restart_syscall resumed>) = 0 [pid 5841] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555739c5650) = 5862 ./strace-static-x86_64: Process 5862 attached [pid 5860] write(3, "1000", 4 [pid 5862] set_robust_list(0x5555739c5660, 24 [pid 5860] <... write resumed>) = 4 [pid 5860] close(3) = 0 [pid 5860] write(1, "executing program\n", 18executing program [pid 5862] <... set_robust_list resumed>) = 0 [pid 5860] <... write resumed>) = 18 [ 71.455340][ T10] em28xx 2-1:4.5: reading from i2c device at 0xa0 failed (error=-5) [ 71.466141][ T10] em28xx 2-1:4.5: board has no eeprom [pid 5860] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR [pid 5862] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5860] <... openat resumed>) = 3 [pid 5860] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffd3bc5c2e0) = 0 [pid 5860] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5860] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [pid 5860] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH [pid 5862] <... prctl resumed>) = 0 [pid 5862] setpgid(0, 0) = 0 [pid 5862] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5862] write(3, "1000", 4) = 4 [pid 5862] close(3) = 0 [pid 5862] write(1, "executing program\n", 18executing program ) = 18 [pid 5862] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 5862] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffd3bc5c2e0) = 0 [ 71.497994][ T975] em28xx 1-1:4.5: reading from i2c device at 0xa0 failed (error=-5) [ 71.506577][ T5846] em28xx 4-1:4.5: unknown em28xx chip ID (0) [ 71.506617][ T975] em28xx 1-1:4.5: board has no eeprom [ 71.518127][ T26] em28xx 5-1:4.5: unknown em28xx chip ID (0) [ 71.530489][ T10] em28xx 2-1:4.5: Identified as KWorld PVRTV 300U (card=39) [ 71.537923][ T10] em28xx 2-1:4.5: [ 71.537923][ T10] [pid 5862] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 5862] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd3bc5c2e0) = 0 [ 71.537923][ T10] The support for this board weren't valid yet. [ 71.537923][ T10] Please send a report of having this working [ 71.537923][ T10] not to V4L mailing list (and/or to other addresses) [ 71.537923][ T10] [ 71.554719][ T47] em28xx 3-1:4.5: reading from i2c device at 0xa0 failed (error=-5) [ 71.566581][ T10] em28xx 2-1:4.5: analog set to bulk mode. [ 71.576259][ T47] em28xx 3-1:4.5: board has no eeprom [ 71.580848][ T5845] em28xx 2-1:4.5: Registering V4L2 extension [ 71.599614][ T10] usb 2-1: USB disconnect, device number 2 [ 71.606507][ T10] em28xx 2-1:4.5: Disconnecting em28xx [ 71.619025][ T975] em28xx 1-1:4.5: Identified as KWorld PVRTV 300U (card=39) [ 71.621732][ T5846] em28xx 4-1:4.5: reading from i2c device at 0xa0 failed (error=-5) [ 71.626337][ T975] em28xx 1-1:4.5: [ 71.626337][ T975] [ 71.626337][ T975] The support for this board weren't valid yet. [ 71.626337][ T975] Please send a report of having this working [ 71.626337][ T975] not to V4L mailing list (and/or to other addresses) [ 71.626337][ T975] [ 71.635035][ T26] em28xx 5-1:4.5: reading from i2c device at 0xa0 failed (error=-5) [ 71.671418][ T47] em28xx 3-1:4.5: Identified as KWorld PVRTV 300U (card=39) [ 71.678772][ T47] em28xx 3-1:4.5: [ 71.678772][ T47] [ 71.678772][ T47] The support for this board weren't valid yet. [ 71.678772][ T47] Please send a report of having this working [ 71.678772][ T47] not to V4L mailing list (and/or to other addresses) [ 71.678772][ T47] [ 71.709580][ T5846] em28xx 4-1:4.5: board has no eeprom [ 71.716071][ T26] em28xx 5-1:4.5: board has no eeprom [ 71.722946][ T47] em28xx 3-1:4.5: analog set to bulk mode. [ 71.729284][ T975] em28xx 1-1:4.5: analog set to bulk mode. [ 71.740572][ T975] usb 1-1: USB disconnect, device number 2 [ 71.747251][ T975] em28xx 1-1:4.5: Disconnecting em28xx [ 71.759536][ T47] usb 3-1: USB disconnect, device number 2 [ 71.768848][ T5845] em28xx 2-1:4.5: Config register raw data: 0xffffffed [ 71.769906][ T47] em28xx 3-1:4.5: Disconnecting em28xx [ 71.782342][ T5845] em28xx 2-1:4.5: AC97 chip type couldn't be determined [ 71.782704][ T5846] em28xx 4-1:4.5: Identified as KWorld PVRTV 300U (card=39) [ 71.789738][ T5845] em28xx 2-1:4.5: No AC97 audio processor [ 71.796660][ T26] em28xx 5-1:4.5: Identified as KWorld PVRTV 300U (card=39) [ 71.805486][ T5845] usb 2-1: Decoder not found [ 71.810202][ T5846] em28xx 4-1:4.5: [ 71.810202][ T5846] [ 71.810202][ T5846] The support for this board weren't valid yet. [ 71.810202][ T5846] Please send a report of having this working [ 71.810202][ T5846] not to V4L mailing list (and/or to other addresses) [ 71.810202][ T5846] [ 71.814496][ T5845] em28xx 2-1:4.5: failed to create media graph [ 71.841767][ T26] em28xx 5-1:4.5: [ 71.841767][ T26] [ 71.841767][ T26] The support for this board weren't valid yet. [ 71.841767][ T26] Please send a report of having this working [ 71.841767][ T26] not to V4L mailing list (and/or to other addresses) [ 71.841767][ T26] [ 71.874382][ T5845] em28xx 2-1:4.5: V4L2 device video103 deregistered [ 71.881673][ T5846] em28xx 4-1:4.5: analog set to bulk mode. [ 71.882716][ T5845] em28xx 2-1:4.5: Remote control support is not available for this card. [ 71.897470][ T26] em28xx 5-1:4.5: analog set to bulk mode. [ 71.903783][ T5864] em28xx 1-1:4.5: Registering V4L2 extension [ 71.909003][ T5846] usb 4-1: USB disconnect, device number 2 [ 71.929588][ T26] usb 5-1: USB disconnect, device number 2 [ 71.936274][ T26] em28xx 5-1:4.5: Disconnecting em28xx [ 71.943029][ T5846] em28xx 4-1:4.5: Disconnecting em28xx [ 71.984852][ T5864] em28xx 1-1:4.5: Config register raw data: 0xffffffed [ 71.993103][ T5864] em28xx 1-1:4.5: AC97 chip type couldn't be determined [ 72.000123][ T5864] em28xx 1-1:4.5: No AC97 audio processor [ 72.007140][ T5864] usb 1-1: Decoder not found [ 72.012462][ T5864] em28xx 1-1:4.5: failed to create media graph [ 72.018647][ T5864] em28xx 1-1:4.5: V4L2 device video103 deregistered [ 72.026409][ T5864] em28xx 1-1:4.5: Remote control support is not available for this card. [ 72.034961][ T5851] em28xx 3-1:4.5: Registering V4L2 extension [ 72.074894][ T5851] em28xx 3-1:4.5: Config register raw data: 0xffffffed [ 72.082090][ T5851] em28xx 3-1:4.5: AC97 chip type couldn't be determined [ 72.089140][ T5851] em28xx 3-1:4.5: No AC97 audio processor [ 72.096177][ T5851] usb 3-1: Decoder not found [ 72.100876][ T5851] em28xx 3-1:4.5: failed to create media graph [ 72.107063][ T5851] em28xx 3-1:4.5: V4L2 device video103 deregistered [ 72.116542][ T5851] em28xx 3-1:4.5: Remote control support is not available for this card. [ 72.125168][ T5867] em28xx 4-1:4.5: Registering V4L2 extension [ 72.164339][ T5867] em28xx 4-1:4.5: Config register raw data: 0xffffffed [ 72.171856][ T5867] em28xx 4-1:4.5: AC97 chip type couldn't be determined [ 72.178791][ T5867] em28xx 4-1:4.5: No AC97 audio processor [ 72.185614][ T5867] usb 4-1: Decoder not found [ 72.190290][ T5867] em28xx 4-1:4.5: failed to create media graph [ 72.196480][ T5867] em28xx 4-1:4.5: V4L2 device video103 deregistered [ 72.206178][ T5867] em28xx 4-1:4.5: Remote control support is not available for this card. [ 72.214743][ T10] em28xx 2-1:4.5: Closing input extension [ 72.220807][ T5847] em28xx 5-1:4.5: Registering V4L2 extension [ 72.230386][ T10] em28xx 2-1:4.5: Freeing device [ 72.284876][ T5847] em28xx 5-1:4.5: Config register raw data: 0xffffffed [ 72.292767][ T5847] em28xx 5-1:4.5: AC97 chip type couldn't be determined [ 72.300327][ T5847] em28xx 5-1:4.5: No AC97 audio processor [ 72.307500][ T5847] usb 5-1: Decoder not found [ 72.313634][ T5847] em28xx 5-1:4.5: failed to create media graph [ 72.320176][ T5847] em28xx 5-1:4.5: V4L2 device video103 deregistered [ 72.328057][ T5847] em28xx 5-1:4.5: Remote control support is not available for this card. [ 72.328167][ T5877] ================================================================== [ 72.337977][ T26] em28xx 5-1:4.5: Closing input extension [ 72.344550][ T5877] BUG: KASAN: slab-use-after-free in v4l2_fh_open+0xc8/0x430 [ 72.357699][ T5877] Read of size 8 at addr ffff88807ea5c738 by task v4l_id/5877 [ 72.365161][ T5877] [ 72.367481][ T5877] CPU: 0 UID: 0 PID: 5877 Comm: v4l_id Not tainted 6.14.0-rc6-syzkaller-00003-g4d872d51bc9d #0 [ 72.367494][ T5877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 72.367501][ T5877] Call Trace: [ 72.367506][ T5877] [ 72.367511][ T5877] dump_stack_lvl+0x241/0x360 [ 72.367527][ T5877] ? __pfx_dump_stack_lvl+0x10/0x10 [ 72.367539][ T5877] ? __pfx__printk+0x10/0x10 [ 72.367549][ T5877] ? _printk+0xd5/0x120 [ 72.367558][ T5877] ? __virt_addr_valid+0x183/0x530 [ 72.367569][ T5877] ? __virt_addr_valid+0x183/0x530 [ 72.367579][ T5877] print_report+0x16e/0x5b0 [ 72.367593][ T5877] ? __virt_addr_valid+0x183/0x530 [ 72.367602][ T5877] ? __virt_addr_valid+0x183/0x530 [ 72.367611][ T5877] ? __virt_addr_valid+0x45f/0x530 [ 72.367621][ T5877] ? __phys_addr+0xba/0x170 [ 72.367630][ T5877] ? v4l2_fh_open+0xc8/0x430 [ 72.367642][ T5877] kasan_report+0x143/0x180 [ 72.367655][ T5877] ? v4l2_fh_open+0xc8/0x430 [ 72.367668][ T5877] v4l2_fh_open+0xc8/0x430 [ 72.367681][ T5877] em28xx_v4l2_open+0x14c/0x9d0 [ 72.367703][ T5877] v4l2_open+0x22f/0x370 [ 72.367715][ T5877] chrdev_open+0x521/0x600 [ 72.367730][ T5877] ? __pfx_chrdev_open+0x10/0x10 [ 72.367744][ T5877] ? file_set_fsnotify_mode_from_watchers+0x123/0x640 [ 72.367768][ T5877] ? __pfx_chrdev_open+0x10/0x10 [ 72.367781][ T5877] do_dentry_open+0xdec/0x1960 [ 72.367797][ T5877] ? vfs_open+0x31/0x370 [ 72.367811][ T5877] vfs_open+0x3b/0x370 [ 72.367824][ T5877] path_openat+0x2c81/0x3590 [ 72.367842][ T5877] ? __pfx_path_openat+0x10/0x10 [ 72.367856][ T5877] do_filp_open+0x27f/0x4e0 [ 72.367867][ T5877] ? __pfx_do_filp_open+0x10/0x10 [ 72.367878][ T5877] ? do_raw_spin_lock+0x14f/0x370 [ 72.367898][ T5877] do_sys_openat2+0x13e/0x1d0 [ 72.367913][ T5877] ? __pfx_do_sys_openat2+0x10/0x10 [ 72.367930][ T5877] __x64_sys_openat+0x247/0x2a0 [ 72.367945][ T5877] ? __pfx___x64_sys_openat+0x10/0x10 [ 72.367961][ T5877] ? exc_page_fault+0x590/0x8b0 [ 72.367976][ T5877] ? do_syscall_64+0xb6/0x230 [ 72.367991][ T5877] do_syscall_64+0xf3/0x230 [ 72.368006][ T5877] ? clear_bhb_loop+0x35/0x90 [ 72.368021][ T5877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.368036][ T5877] RIP: 0033:0x7fb3031169a4 [ 72.368046][ T5877] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83 [ 72.368056][ T5877] RSP: 002b:00007fff445f6f00 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 72.368069][ T5877] RAX: ffffffffffffffda RBX: 00007fff445f7118 RCX: 00007fb3031169a4 [ 72.368078][ T5877] RDX: 0000000000000000 RSI: 00007fff445f8f1f RDI: 00000000ffffff9c [ 72.368085][ T5877] RBP: 00007fff445f8f1f R08: 0000000000000000 R09: 0000000000000000 [ 72.368092][ T5877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 72.368099][ T5877] R13: 00007fff445f7130 R14: 000055cf50c05670 R15: 00007fb3035cea80 [ 72.368109][ T5877] [ 72.368113][ T5877] [ 72.654818][ T5877] Allocated by task 5847: [ 72.659148][ T5877] kasan_save_track+0x3f/0x80 [ 72.663833][ T5877] __kasan_kmalloc+0x98/0xb0 [ 72.668422][ T5877] __kmalloc_cache_noprof+0x243/0x390 [ 72.673804][ T5877] em28xx_v4l2_init+0xfd/0x2f40 [ 72.678669][ T5877] em28xx_init_extension+0x120/0x1c0 [ 72.683960][ T5877] process_scheduled_works+0xabe/0x18e0 [ 72.689508][ T5877] worker_thread+0x870/0xd30 [ 72.694098][ T5877] kthread+0x7a9/0x920 [ 72.698172][ T5877] ret_from_fork+0x4b/0x80 [ 72.702597][ T5877] ret_from_fork_asm+0x1a/0x30 [ 72.707362][ T5877] [ 72.709696][ T5877] Freed by task 5847: [ 72.713673][ T5877] kasan_save_track+0x3f/0x80 [ 72.718357][ T5877] kasan_save_free_info+0x40/0x50 [ 72.723386][ T5877] __kasan_slab_free+0x59/0x70 [ 72.728152][ T5877] kfree+0x196/0x430 [ 72.732050][ T5877] em28xx_v4l2_init+0x16d7/0x2f40 [ 72.737072][ T5877] em28xx_init_extension+0x120/0x1c0 [ 72.742373][ T5877] process_scheduled_works+0xabe/0x18e0 [ 72.747921][ T5877] worker_thread+0x870/0xd30 [ 72.752516][ T5877] kthread+0x7a9/0x920 [ 72.756597][ T5877] ret_from_fork+0x4b/0x80 [ 72.761018][ T5877] ret_from_fork_asm+0x1a/0x30 [ 72.765785][ T5877] [ 72.768107][ T5877] The buggy address belongs to the object at ffff88807ea5c000 [ 72.768107][ T5877] which belongs to the cache kmalloc-8k of size 8192 [ 72.782163][ T5877] The buggy address is located 1848 bytes inside of [ 72.782163][ T5877] freed 8192-byte region [ffff88807ea5c000, ffff88807ea5e000) [ 72.796134][ T5877] [ 72.798455][ T5877] The buggy address belongs to the physical page: [ 72.804858][ T5877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7ea58 [ 72.813616][ T5877] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 72.822114][ T5877] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 72.829657][ T5877] page_type: f5(slab) [ 72.833645][ T5877] raw: 00fff00000000040 ffff88801b042280 ffffea0001f90c00 0000000000000006 [ 72.842224][ T5877] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 72.850804][ T5877] head: 00fff00000000040 ffff88801b042280 ffffea0001f90c00 0000000000000006 [ 72.859470][ T5877] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 72.868140][ T5877] head: 00fff00000000003 ffffea0001fa9601 ffffffffffffffff 0000000000000000 [ 72.876806][ T5877] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 72.885471][ T5877] page dumped because: kasan: bad access detected [ 72.891878][ T5877] page_owner tracks the page as allocated [ 72.897589][ T5877] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5518, tgid 5518 (dhcpcd-run-hook), ts 43663058904, free_ts 43621473114 [ 72.918427][ T5877] post_alloc_hook+0x1f4/0x240 [ 72.923197][ T5877] get_page_from_freelist+0x365c/0x37a0 [ 72.928742][ T5877] __alloc_frozen_pages_noprof+0x292/0x710 [ 72.934546][ T5877] alloc_pages_mpol+0x311/0x660 [ 72.939400][ T5877] allocate_slab+0x8f/0x3a0 [ 72.943901][ T5877] ___slab_alloc+0xc27/0x14a0 [ 72.948580][ T5877] __slab_alloc+0x58/0xa0 [ 72.952914][ T5877] __kmalloc_cache_noprof+0x27b/0x390 [ 72.958290][ T5877] tomoyo_init_log+0x11f4/0x20d0 [ 72.963225][ T5877] tomoyo_supervisor+0x3b2/0x1860 [ 72.968248][ T5877] tomoyo_find_next_domain+0x4f6/0x1dd0 [ 72.973797][ T5877] tomoyo_bprm_check_security+0x117/0x180 [ 72.979522][ T5877] security_bprm_check+0x86/0x250 [ 72.984548][ T5877] bprm_execve+0x8d3/0x1430 [ 72.989049][ T5877] do_execveat_common+0x57f/0x710 [ 72.994076][ T5877] __x64_sys_execve+0x92/0xb0 [ 72.998753][ T5877] page last free pid 5516 tgid 5516 stack trace: [ 73.005075][ T5877] free_frozen_pages+0xe0d/0x10e0 [ 73.010098][ T5877] __put_partials+0x160/0x1c0 [ 73.014775][ T5877] put_cpu_partial+0x17c/0x250 [ 73.019535][ T5877] __slab_free+0x290/0x380 [ 73.023948][ T5877] qlist_free_all+0x9a/0x140 [ 73.028535][ T5877] kasan_quarantine_reduce+0x14f/0x170 [ 73.033993][ T5877] __kasan_slab_alloc+0x23/0x80 [ 73.038846][ T5877] kmem_cache_alloc_noprof+0x1d9/0x380 [ 73.044304][ T5877] getname_flags+0xb7/0x540 [ 73.048808][ T5877] do_sys_openat2+0xd2/0x1d0 [ 73.053400][ T5877] __x64_sys_openat+0x247/0x2a0 [ 73.058253][ T5877] do_syscall_64+0xf3/0x230 [ 73.062761][ T5877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.068658][ T5877] [ 73.070984][ T5877] Memory state around the buggy address: [ 73.076607][ T5877] ffff88807ea5c600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 73.084690][ T5877] ffff88807ea5c680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 73.092756][ T5877] >ffff88807ea5c700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 73.100813][ T5877] ^ [ 73.106707][ T5877] ffff88807ea5c780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 73.114769][ T5877] ffff88807ea5c800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 73.122829][ T5877] ================================================================== [ 73.131379][ T975] em28xx 1-1:4.5: Closing input extension [ 73.137606][ T47] em28xx 3-1:4.5: Closing input extension [ 73.140773][ T5877] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 73.140788][ T5877] CPU: 0 UID: 0 PID: 5877 Comm: v4l_id Not tainted 6.14.0-rc6-syzkaller-00003-g4d872d51bc9d #0 [ 73.140808][ T5877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 73.140817][ T5877] Call Trace: [ 73.140824][ T5877] [ 73.140832][ T5877] dump_stack_lvl+0x241/0x360 [ 73.140855][ T5877] ? __pfx_dump_stack_lvl+0x10/0x10 [ 73.140873][ T5877] ? __pfx__printk+0x10/0x10 [ 73.140887][ T5877] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 73.140913][ T5877] ? vscnprintf+0x5d/0x90 [ 73.140933][ T5877] panic+0x349/0x880 [ 73.140949][ T5877] ? check_panic_on_warn+0x21/0xb0 [ 73.140973][ T5877] ? __pfx_panic+0x10/0x10 [ 73.140990][ T5877] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 73.141011][ T5877] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 73.141034][ T5877] check_panic_on_warn+0x86/0xb0 [ 73.141057][ T5877] ? v4l2_fh_open+0xc8/0x430 [ 73.141076][ T5877] end_report+0x77/0x160 [ 73.141095][ T5877] kasan_report+0x154/0x180 [ 73.141115][ T5877] ? v4l2_fh_open+0xc8/0x430 [ 73.141136][ T5877] v4l2_fh_open+0xc8/0x430 [ 73.141157][ T5877] em28xx_v4l2_open+0x14c/0x9d0 [ 73.141182][ T5877] v4l2_open+0x22f/0x370 [ 73.141200][ T5877] chrdev_open+0x521/0x600 [ 73.141223][ T5877] ? __pfx_chrdev_open+0x10/0x10 [ 73.141245][ T5877] ? file_set_fsnotify_mode_from_watchers+0x123/0x640 [ 73.141269][ T5877] ? __pfx_chrdev_open+0x10/0x10 [ 73.141289][ T5877] do_dentry_open+0xdec/0x1960 [ 73.141313][ T5877] ? vfs_open+0x31/0x370 [ 73.141336][ T5877] vfs_open+0x3b/0x370 [ 73.141357][ T5877] path_openat+0x2c81/0x3590 [ 73.141384][ T5877] ? __pfx_path_openat+0x10/0x10 [ 73.141407][ T5877] do_filp_open+0x27f/0x4e0 [ 73.141424][ T5877] ? __pfx_do_filp_open+0x10/0x10 [ 73.141441][ T5877] ? do_raw_spin_lock+0x14f/0x370 [ 73.141472][ T5877] do_sys_openat2+0x13e/0x1d0 [ 73.141495][ T5877] ? __pfx_do_sys_openat2+0x10/0x10 [ 73.141521][ T5877] __x64_sys_openat+0x247/0x2a0 [ 73.141544][ T5877] ? __pfx___x64_sys_openat+0x10/0x10 [ 73.141568][ T5877] ? exc_page_fault+0x590/0x8b0 [ 73.141591][ T5877] ? do_syscall_64+0xb6/0x230 [ 73.141615][ T5877] do_syscall_64+0xf3/0x230 [ 73.141638][ T5877] ? clear_bhb_loop+0x35/0x90 [ 73.141661][ T5877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.141690][ T5877] RIP: 0033:0x7fb3031169a4 [ 73.141705][ T5877] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83 [ 73.141718][ T5877] RSP: 002b:00007fff445f6f00 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 73.141738][ T5877] RAX: ffffffffffffffda RBX: 00007fff445f7118 RCX: 00007fb3031169a4 [ 73.141751][ T5877] RDX: 0000000000000000 RSI: 00007fff445f8f1f RDI: 00000000ffffff9c [ 73.141762][ T5877] RBP: 00007fff445f8f1f R08: 0000000000000000 R09: 0000000000000000 [ 73.141773][ T5877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 73.141783][ T5877] R13: 00007fff445f7130 R14: 000055cf50c05670 R15: 00007fb3035cea80 [ 73.141801][ T5877] [ 73.143475][ T5877] Kernel Offset: disabled