./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3080386906 <...> Warning: Permanently added '10.128.0.84' (ED25519) to the list of known hosts. execve("./syz-executor3080386906", ["./syz-executor3080386906"], 0x7ffd6700a510 /* 10 vars */) = 0 brk(NULL) = 0x55556d8f0000 brk(0x55556d8f0d00) = 0x55556d8f0d00 arch_prctl(ARCH_SET_FS, 0x55556d8f0380) = 0 set_tid_address(0x55556d8f0650) = 412 set_robust_list(0x55556d8f0660, 24) = 0 rseq(0x55556d8f0ca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3080386906", 4096) = 28 getrandom("\xd1\x50\x8d\x53\x2b\x6e\xbc\x83", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55556d8f0d00 brk(0x55556d911d00) = 0x55556d911d00 brk(0x55556d912000) = 0x55556d912000 mprotect(0x7f18efec7000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 mkdir("./syzkaller.rFIAsV", 0700) = 0 chmod("./syzkaller.rFIAsV", 0777) = 0 chdir("./syzkaller.rFIAsV") = 0 mkdir("./0", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 413 ./strace-static-x86_64: Process 413 attached [pid 413] set_robust_list(0x55556d8f0660, 24) = 0 [pid 413] chdir("./0") = 0 [pid 413] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 413] setpgid(0, 0) = 0 [pid 413] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 413] write(3, "1000", 4) = 4 [pid 413] close(3) = 0 [pid 413] symlink("/dev/binderfs", "./binderfs") = 0 [pid 413] write(1, "executing program\n", 18executing program ) = 18 [pid 413] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 413] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 413] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 141.308959][ T30] audit: type=1400 audit(1736627451.180:66): avc: denied { execmem } for pid=412 comm="syz-executor308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 141.331048][ T30] audit: type=1400 audit(1736627451.200:67): avc: denied { read write } for pid=413 comm="syz-executor308" name="raw-gadget" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 141.354575][ T30] audit: type=1400 audit(1736627451.200:68): avc: denied { open } for pid=413 comm="syz-executor308" path="/dev/raw-gadget" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 141.377891][ T30] audit: type=1400 audit(1736627451.200:69): avc: denied { ioctl } for pid=413 comm="syz-executor308" path="/dev/raw-gadget" dev="devtmpfs" ino=250 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [pid 413] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 141.598806][ T20] usb 1-1: new high-speed USB device number 2 using dummy_hcd [pid 413] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 413] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 413] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 413] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 141.958866][ T20] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 413] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 413] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 413] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 413] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 142.048824][ T20] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 142.057822][ T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 142.065664][ T20] usb 1-1: SerialNumber: syz [pid 413] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 413] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 413] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 413] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 142.770222][ T20] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 142.789241][ T30] audit: type=1400 audit(1736627452.660:70): avc: denied { read } for pid=139 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [pid 413] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 413] exit_group(0) = ? [pid 413] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=413, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./0") = 0 mkdir("./1", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 434 ./strace-static-x86_64: Process 434 attached [pid 434] set_robust_list(0x55556d8f0660, 24) = 0 [pid 434] chdir("./1") = 0 [pid 434] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 434] setpgid(0, 0) = 0 [pid 434] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 434] write(3, "1000", 4) = 4 [pid 434] close(3) = 0 [pid 434] symlink("/dev/binderfs", "./binderfs") = 0 [pid 434] write(1, "executing program\n", 18executing program ) = 18 [pid 434] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 434] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 434] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 143.174607][ T20] usb 1-1: USB disconnect, device number 2 [ 143.181382][ T20] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 434] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 143.578792][ T20] usb 1-1: new high-speed USB device number 3 using dummy_hcd [pid 434] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 434] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 434] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 434] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 143.938863][ T20] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 434] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 434] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 434] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 434] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 144.028896][ T20] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 144.037890][ T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 144.045722][ T20] usb 1-1: SerialNumber: syz [pid 434] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 434] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 434] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 434] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 144.749989][ T20] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 434] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 434] exit_group(0) = ? [pid 434] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=434, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./1/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1") = 0 mkdir("./2", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 492 ./strace-static-x86_64: Process 492 attached [pid 492] set_robust_list(0x55556d8f0660, 24) = 0 [pid 492] chdir("./2") = 0 [pid 492] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 492] setpgid(0, 0) = 0 [pid 492] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 492] write(3, "1000", 4) = 4 [pid 492] close(3) = 0 [pid 492] symlink("/dev/binderfs", "./binderfs") = 0 [pid 492] write(1, "executing program\n", 18executing program ) = 18 [pid 492] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 492] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 492] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 145.151312][ T42] usb 1-1: USB disconnect, device number 3 [ 145.205002][ T42] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 492] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 145.618793][ T42] usb 1-1: new high-speed USB device number 4 using dummy_hcd [pid 492] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 492] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 492] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 492] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 145.978843][ T42] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 492] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 492] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 492] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 492] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 146.068897][ T42] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 146.077818][ T42] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 146.086051][ T42] usb 1-1: SerialNumber: syz [pid 492] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 492] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 492] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 492] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 146.790256][ T42] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 492] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 492] exit_group(0) = ? [pid 492] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=492, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./2/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./2") = 0 mkdir("./3", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 537 ./strace-static-x86_64: Process 537 attached [pid 537] set_robust_list(0x55556d8f0660, 24) = 0 [pid 537] chdir("./3") = 0 [pid 537] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 537] setpgid(0, 0) = 0 [pid 537] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 537] write(3, "1000", 4) = 4 [pid 537] close(3) = 0 [pid 537] symlink("/dev/binderfs", "./binderfs") = 0 [pid 537] write(1, "executing program\n", 18executing program ) = 18 [pid 537] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 537] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 537] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 147.191952][ T60] usb 1-1: USB disconnect, device number 4 [ 147.245755][ T60] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 537] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 147.628769][ T60] usb 1-1: new high-speed USB device number 5 using dummy_hcd [pid 537] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 537] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 537] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 537] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 147.998840][ T60] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 537] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 537] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 537] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 537] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 148.088822][ T60] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 148.097800][ T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 148.105532][ T60] usb 1-1: SerialNumber: syz [pid 537] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 537] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 537] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 537] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 148.810475][ T60] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 537] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 537] exit_group(0) = ? [pid 537] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=537, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./3/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./3") = 0 mkdir("./4", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 581 ./strace-static-x86_64: Process 581 attached [pid 581] set_robust_list(0x55556d8f0660, 24) = 0 [pid 581] chdir("./4") = 0 [pid 581] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 581] setpgid(0, 0) = 0 [pid 581] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 581] write(3, "1000", 4) = 4 [pid 581] close(3) = 0 [pid 581] symlink("/dev/binderfs", "./binderfs") = 0 [pid 581] write(1, "executing program\n", 18) = 18 [pid 581] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 581] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 581] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EVENT_FETCHexecuting program [ 149.211046][ T42] usb 1-1: USB disconnect, device number 5 [ 149.241766][ T42] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device , 0x7ffc59c4b4a0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 149.628754][ T42] usb 1-1: new high-speed USB device number 6 using dummy_hcd [pid 581] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 581] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 581] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 581] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 149.988855][ T42] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 581] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 581] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 581] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 581] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 150.078793][ T42] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 150.087683][ T42] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 150.095505][ T42] usb 1-1: SerialNumber: syz [pid 581] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 581] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 581] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 581] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 150.800006][ T42] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 581] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 581] exit_group(0) = ? [pid 581] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=581, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./4/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./4") = 0 mkdir("./5", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 625 ./strace-static-x86_64: Process 625 attached [pid 625] set_robust_list(0x55556d8f0660, 24) = 0 [pid 625] chdir("./5") = 0 [pid 625] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 625] setpgid(0, 0) = 0 [pid 625] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 625] write(3, "1000", 4) = 4 [pid 625] close(3) = 0 executing program [pid 625] symlink("/dev/binderfs", "./binderfs") = 0 [pid 625] write(1, "executing program\n", 18) = 18 [pid 625] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 625] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 625] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 151.200773][ T536] usb 1-1: USB disconnect, device number 6 [ 151.252424][ T536] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 625] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 151.648786][ T536] usb 1-1: new high-speed USB device number 7 using dummy_hcd [pid 625] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 625] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 625] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 625] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 152.008902][ T536] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 625] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 625] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 625] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 625] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 152.098861][ T536] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 152.107842][ T536] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 152.115568][ T536] usb 1-1: SerialNumber: syz [pid 625] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 625] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 625] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 625] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 152.820011][ T536] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 625] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 625] exit_group(0) = ? [pid 625] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=625, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./5/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./5") = 0 mkdir("./6", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 669 ./strace-static-x86_64: Process 669 attached executing program [pid 669] set_robust_list(0x55556d8f0660, 24) = 0 [pid 669] chdir("./6") = 0 [pid 669] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 669] setpgid(0, 0) = 0 [pid 669] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 669] write(3, "1000", 4) = 4 [pid 669] close(3) = 0 [pid 669] symlink("/dev/binderfs", "./binderfs") = 0 [pid 669] write(1, "executing program\n", 18) = 18 [pid 669] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 669] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 669] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 153.222741][ T60] usb 1-1: USB disconnect, device number 7 [ 153.277119][ T60] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 669] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 153.668826][ T60] usb 1-1: new high-speed USB device number 8 using dummy_hcd [pid 669] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 669] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 669] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 669] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 154.028844][ T60] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 669] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 669] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 669] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 669] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 154.118859][ T60] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 154.127848][ T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 154.135701][ T60] usb 1-1: SerialNumber: syz [pid 669] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 669] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 669] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 669] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 154.840318][ T60] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 669] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 669] exit_group(0) = ? [pid 669] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=669, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./6/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./6") = 0 mkdir("./7", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 714 ./strace-static-x86_64: Process 714 attached [pid 714] set_robust_list(0x55556d8f0660, 24) = 0 [pid 714] chdir("./7") = 0 [pid 714] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 714] setpgid(0, 0) = 0 [pid 714] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 714] write(3, "1000", 4) = 4 [pid 714] close(3) = 0 [pid 714] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 714] write(1, "executing program\n", 18) = 18 [pid 714] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 714] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 714] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 155.241531][ T536] usb 1-1: USB disconnect, device number 8 [ 155.263390][ T536] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 714] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 155.648804][ T536] usb 1-1: new high-speed USB device number 9 using dummy_hcd [pid 714] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 714] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 714] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 714] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 156.008874][ T536] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 714] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 714] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 714] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 714] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 156.098833][ T536] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 156.107822][ T536] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 156.115563][ T536] usb 1-1: SerialNumber: syz [pid 714] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 714] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 714] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 714] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 156.820022][ T536] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 714] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 714] exit_group(0) = ? [pid 714] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=714, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./7/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./7") = 0 mkdir("./8", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 771 ./strace-static-x86_64: Process 771 attached [pid 771] set_robust_list(0x55556d8f0660, 24) = 0 [pid 771] chdir("./8") = 0 [pid 771] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 771] setpgid(0, 0) = 0 [pid 771] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 771] write(3, "1000", 4executing program ) = 4 [pid 771] close(3) = 0 [pid 771] symlink("/dev/binderfs", "./binderfs") = 0 [pid 771] write(1, "executing program\n", 18) = 18 [pid 771] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 771] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 771] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 157.221046][ T536] usb 1-1: USB disconnect, device number 9 [ 157.251849][ T536] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 771] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 157.638758][ T536] usb 1-1: new high-speed USB device number 10 using dummy_hcd [pid 771] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 771] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 771] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 771] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 157.998816][ T536] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 771] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 771] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 771] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 771] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 158.088839][ T536] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 158.097898][ T536] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 158.105633][ T536] usb 1-1: SerialNumber: syz [pid 771] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 771] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 771] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 771] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 158.810171][ T536] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 771] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 771] exit_group(0) = ? [pid 771] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=771, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./8/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./8") = 0 mkdir("./9", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 816 ./strace-static-x86_64: Process 816 attached [pid 816] set_robust_list(0x55556d8f0660, 24) = 0 [pid 816] chdir("./9") = 0 [pid 816] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 816] setpgid(0, 0) = 0 [pid 816] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 816] write(3, "1000", 4) = 4 [pid 816] close(3) = 0 [pid 816] symlink("/dev/binderfs", "./binderfs") = 0 [pid 816] write(1, "executing program\n", 18executing program ) = 18 [pid 816] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 816] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 816] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 159.211791][ T536] usb 1-1: USB disconnect, device number 10 [ 159.241527][ T536] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 816] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 159.638775][ T536] usb 1-1: new high-speed USB device number 11 using dummy_hcd [pid 816] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 816] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 816] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 816] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 159.998824][ T536] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 816] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 816] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 816] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 816] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 160.088814][ T536] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 160.097805][ T536] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 160.105637][ T536] usb 1-1: SerialNumber: syz [pid 816] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 816] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 816] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 816] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 160.810332][ T536] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 816] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 816] exit_group(0) = ? [pid 816] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=816, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./9/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./9") = 0 mkdir("./10", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 859 ./strace-static-x86_64: Process 859 attached [pid 859] set_robust_list(0x55556d8f0660, 24) = 0 [pid 859] chdir("./10") = 0 [pid 859] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 859] setpgid(0, 0) = 0 [pid 859] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 859] write(3, "1000", 4) = 4 [pid 859] close(3) = 0 [pid 859] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 859] write(1, "executing program\n", 18) = 18 [pid 859] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 859] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 859] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 161.210819][ T536] usb 1-1: USB disconnect, device number 11 [ 161.241504][ T536] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 859] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 161.628765][ T536] usb 1-1: new high-speed USB device number 12 using dummy_hcd [pid 859] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 859] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 859] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 859] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 161.988902][ T536] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 859] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 859] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 859] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 859] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 162.078838][ T536] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 162.087820][ T536] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 162.095671][ T536] usb 1-1: SerialNumber: syz [pid 859] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 859] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 859] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 859] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 162.800190][ T536] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 859] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 859] exit_group(0) = ? [pid 859] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=859, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./10/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./10") = 0 mkdir("./11", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 903 ./strace-static-x86_64: Process 903 attached [pid 903] set_robust_list(0x55556d8f0660, 24) = 0 [pid 903] chdir("./11") = 0 [pid 903] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 903] setpgid(0, 0) = 0 [pid 903] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 903] write(3, "1000", 4) = 4 executing program [pid 903] close(3) = 0 [pid 903] symlink("/dev/binderfs", "./binderfs") = 0 [pid 903] write(1, "executing program\n", 18) = 18 [pid 903] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 903] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 903] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 163.201922][ T60] usb 1-1: USB disconnect, device number 12 [ 163.258965][ T60] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 903] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 163.648808][ T60] usb 1-1: new high-speed USB device number 13 using dummy_hcd [pid 903] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 903] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 903] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 903] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 164.008881][ T60] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 903] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 903] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 903] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 903] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 164.098791][ T60] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 164.107979][ T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 164.115803][ T60] usb 1-1: SerialNumber: syz [pid 903] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 903] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 903] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 903] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 164.820054][ T60] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 903] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 903] exit_group(0) = ? [pid 903] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=903, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./11/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./11") = 0 mkdir("./12", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 948 ./strace-static-x86_64: Process 948 attached [pid 948] set_robust_list(0x55556d8f0660, 24) = 0 [pid 948] chdir("./12") = 0 [pid 948] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 948] setpgid(0, 0) = 0 [pid 948] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 948] write(3, "1000", 4) = 4 [pid 948] close(3) = 0 [pid 948] symlink("/dev/binderfs", "./binderfs") = 0 [pid 948] write(1, "executing program\n", 18executing program ) = 18 [pid 948] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 948] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 948] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 165.221530][ T433] usb 1-1: USB disconnect, device number 13 [ 165.274177][ T433] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 948] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 165.658750][ T433] usb 1-1: new high-speed USB device number 14 using dummy_hcd [pid 948] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 948] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 948] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 948] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 166.018878][ T433] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 948] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 948] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 948] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 948] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 166.108817][ T433] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 166.117689][ T433] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 166.125530][ T433] usb 1-1: SerialNumber: syz [pid 948] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 948] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 948] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 948] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 166.829975][ T433] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 948] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 948] exit_group(0) = ? [pid 948] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=948, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./12/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./12") = 0 mkdir("./13", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 992 ./strace-static-x86_64: Process 992 attached [pid 992] set_robust_list(0x55556d8f0660, 24) = 0 [pid 992] chdir("./13") = 0 [pid 992] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 992] setpgid(0, 0) = 0 [pid 992] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 992] write(3, "1000", 4) = 4 [pid 992] close(3) = 0 executing program [pid 992] symlink("/dev/binderfs", "./binderfs") = 0 [pid 992] write(1, "executing program\n", 18) = 18 [pid 992] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 992] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 992] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 167.231698][ T60] usb 1-1: USB disconnect, device number 14 [ 167.261717][ T60] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 992] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 167.658776][ T60] usb 1-1: new high-speed USB device number 15 using dummy_hcd [pid 992] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 992] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 992] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 992] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 168.018872][ T60] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 992] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 992] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 992] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 992] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 168.108869][ T60] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 168.117858][ T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 168.125836][ T60] usb 1-1: SerialNumber: syz [pid 992] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 992] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 992] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 992] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 168.830007][ T60] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 992] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 992] exit_group(0) = ? [pid 992] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=992, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./13/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./13") = 0 mkdir("./14", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 1036 ./strace-static-x86_64: Process 1036 attached [pid 1036] set_robust_list(0x55556d8f0660, 24) = 0 [pid 1036] chdir("./14") = 0 [pid 1036] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 executing program [pid 1036] setpgid(0, 0) = 0 [pid 1036] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1036] write(3, "1000", 4) = 4 [pid 1036] close(3) = 0 [pid 1036] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1036] write(1, "executing program\n", 18) = 18 [pid 1036] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 1036] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 1036] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 169.231978][ T536] usb 1-1: USB disconnect, device number 15 [ 169.286195][ T536] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 1036] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 169.678828][ T536] usb 1-1: new high-speed USB device number 16 using dummy_hcd [pid 1036] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 1036] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 1036] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 1036] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 170.038835][ T536] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 1036] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 1036] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 170.128804][ T536] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 170.137849][ T536] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 170.145684][ T536] usb 1-1: SerialNumber: syz [pid 1036] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 170.850163][ T536] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 1036] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 1036] exit_group(0) = ? [pid 1036] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1036, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./14/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./14") = 0 mkdir("./15", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 1080 ./strace-static-x86_64: Process 1080 attached [pid 1080] set_robust_list(0x55556d8f0660, 24) = 0 [pid 1080] chdir("./15") = 0 [pid 1080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1080] setpgid(0, 0) = 0 [pid 1080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 executing program [pid 1080] write(3, "1000", 4) = 4 [pid 1080] close(3) = 0 [pid 1080] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1080] write(1, "executing program\n", 18) = 18 [pid 1080] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 1080] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 1080] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 171.251242][ T433] usb 1-1: USB disconnect, device number 16 [ 171.282217][ T433] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 1080] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 171.668758][ T433] usb 1-1: new high-speed USB device number 17 using dummy_hcd [pid 1080] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 1080] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 1080] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 1080] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 172.028787][ T433] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 1080] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 1080] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 172.118867][ T433] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 172.127854][ T433] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 172.135692][ T433] usb 1-1: SerialNumber: syz [pid 1080] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 172.840277][ T433] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 1080] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 1080] exit_group(0) = ? [pid 1080] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1080, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./15/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./15") = 0 mkdir("./16", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 1124 ./strace-static-x86_64: Process 1124 attached [pid 1124] set_robust_list(0x55556d8f0660, 24) = 0 [pid 1124] chdir("./16") = 0 [pid 1124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1124] setpgid(0, 0) = 0 [pid 1124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1124] write(3, "1000", 4) = 4 [pid 1124] close(3) = 0 [pid 1124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1124] write(1, "executing program\n", 18executing program ) = 18 [pid 1124] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 1124] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 1124] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 173.240750][ T433] usb 1-1: USB disconnect, device number 17 [ 173.272851][ T433] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 1124] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 173.658753][ T433] usb 1-1: new high-speed USB device number 18 using dummy_hcd [pid 1124] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 1124] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 1124] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 1124] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 174.018806][ T433] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 1124] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 1124] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 174.108790][ T433] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 174.117654][ T433] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 174.125527][ T433] usb 1-1: SerialNumber: syz [pid 1124] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 174.829978][ T433] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 1124] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 1124] exit_group(0) = ? [pid 1124] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1124, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./16/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./16") = 0 mkdir("./17", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 1168 ./strace-static-x86_64: Process 1168 attached [pid 1168] set_robust_list(0x55556d8f0660, 24) = 0 [pid 1168] chdir("./17"executing program ) = 0 [pid 1168] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1168] setpgid(0, 0) = 0 [pid 1168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1168] write(3, "1000", 4) = 4 [pid 1168] close(3) = 0 [pid 1168] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1168] write(1, "executing program\n", 18) = 18 [pid 1168] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 1168] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 1168] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 175.230794][ T433] usb 1-1: USB disconnect, device number 18 [ 175.261774][ T433] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 1168] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 175.668813][ T433] usb 1-1: new high-speed USB device number 19 using dummy_hcd [pid 1168] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 1168] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 1168] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 1168] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 176.028805][ T433] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 1168] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 1168] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 176.118858][ T433] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 176.127735][ T433] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 176.135674][ T433] usb 1-1: SerialNumber: syz [pid 1168] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 176.839977][ T433] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 1168] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 1168] exit_group(0) = ? [pid 1168] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1168, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./17/binderfs"executing program ) = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./17") = 0 mkdir("./18", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 1212 ./strace-static-x86_64: Process 1212 attached [pid 1212] set_robust_list(0x55556d8f0660, 24) = 0 [pid 1212] chdir("./18") = 0 [pid 1212] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1212] setpgid(0, 0) = 0 [pid 1212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1212] write(3, "1000", 4) = 4 [pid 1212] close(3) = 0 [pid 1212] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1212] write(1, "executing program\n", 18) = 18 [pid 1212] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 1212] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 1212] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 177.240777][ T433] usb 1-1: USB disconnect, device number 19 [ 177.271817][ T433] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 1212] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 177.668804][ T433] usb 1-1: new high-speed USB device number 20 using dummy_hcd [pid 1212] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 1212] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 1212] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 1212] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 178.028865][ T433] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 1212] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 1212] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 178.118785][ T433] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 178.127645][ T433] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 178.135509][ T433] usb 1-1: SerialNumber: syz [pid 1212] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 178.840307][ T433] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 1212] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 1212] exit_group(0) = ? [pid 1212] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1212, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./18/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./18") = 0 mkdir("./19", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 1256 ./strace-static-x86_64: Process 1256 attached [pid 1256] set_robust_list(0x55556d8f0660, 24) = 0 [pid 1256] chdir("./19") = 0 [pid 1256] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1256] setpgid(0, 0) = 0 [pid 1256] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1256] write(3, "1000", 4) = 4 [pid 1256] close(3) = 0 [pid 1256] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1256] write(1, "executing program\n", 18executing program ) = 18 [pid 1256] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 1256] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 1256] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 179.241493][ T947] usb 1-1: USB disconnect, device number 20 [ 179.298311][ T947] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 1256] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 179.678796][ T947] usb 1-1: new high-speed USB device number 21 using dummy_hcd [pid 1256] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 1256] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 1256] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 1256] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 180.038876][ T947] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 1256] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 1256] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 180.128818][ T947] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 180.137704][ T947] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 180.145529][ T947] usb 1-1: SerialNumber: syz [pid 1256] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 180.850508][ T947] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 1256] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 1256] exit_group(0) = ? [pid 1256] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1256, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./19/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./19") = 0 mkdir("./20", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 1300 ./strace-static-x86_64: Process 1300 attached [pid 1300] set_robust_list(0x55556d8f0660, 24) = 0 [pid 1300] chdir("./20") = 0 [pid 1300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1300] setpgid(0, 0executing program ) = 0 [pid 1300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1300] write(3, "1000", 4) = 4 [pid 1300] close(3) = 0 [pid 1300] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1300] write(1, "executing program\n", 18) = 18 [pid 1300] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 1300] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 1300] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 181.252355][ T60] usb 1-1: USB disconnect, device number 21 [ 181.305957][ T60] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 1300] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 181.698763][ T60] usb 1-1: new high-speed USB device number 22 using dummy_hcd [pid 1300] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 1300] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 1300] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 1300] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 182.058808][ T60] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 1300] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 1300] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 182.148824][ T60] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 182.158027][ T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 182.165991][ T60] usb 1-1: SerialNumber: syz [pid 1300] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 182.870219][ T60] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 1300] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 1300] exit_group(0) = ? [pid 1300] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1300, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./20/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./20") = 0 mkdir("./21", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 1344 ./strace-static-x86_64: Process 1344 attached [pid 1344] set_robust_list(0x55556d8f0660, 24) = 0 [pid 1344] chdir("./21") = 0 [pid 1344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1344] setpgid(0, 0) = 0 [pid 1344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1344] write(3, "1000", 4) = 4 [pid 1344] close(3) = 0 [pid 1344] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1344] write(1, "executing program\n", 18executing program ) = 18 [pid 1344] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 1344] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 1344] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 183.270898][ T433] usb 1-1: USB disconnect, device number 22 [ 183.325650][ T433] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 1344] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 183.708741][ T433] usb 1-1: new high-speed USB device number 23 using dummy_hcd [pid 1344] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 1344] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 1344] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 1344] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 184.068879][ T433] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 1344] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 1344] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 184.158806][ T433] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 184.167685][ T433] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 184.175520][ T433] usb 1-1: SerialNumber: syz [pid 1344] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 184.880159][ T433] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 1344] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [ 185.108715][ T139] BUG: using smp_processor_id() in preemptible [00000000] code: dhcpcd/139 [ 185.117146][ T139] caller is debug_smp_processor_id+0x17/0x20 [ 185.123033][ T139] CPU: 1 PID: 139 Comm: dhcpcd Not tainted 5.15.175-syzkaller-00803-g19092c8155b4 #0 [ 185.132246][ T139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 185.142148][ T139] Call Trace: [ 185.145264][ T139] [ 185.148043][ T139] dump_stack_lvl+0x151/0x1c0 [ 185.152582][ T139] ? io_uring_drop_tctx_refs+0x190/0x190 [ 185.158018][ T139] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 185.163343][ T139] ? _raw_spin_lock+0x1b0/0x1b0 [ 185.168009][ T139] dump_stack+0x15/0x20 [ 185.172000][ T139] check_preemption_disabled+0x109/0x110 [ 185.177463][ T139] debug_smp_processor_id+0x17/0x20 [ 185.182493][ T139] usbnet_skb_return+0x6f/0x290 [ 185.187189][ T139] usbnet_resume_rx+0x4d/0xd0 [ 185.191697][ T139] usbnet_change_mtu+0x4ed/0x670 [ 185.196468][ T139] dev_set_mtu_ext+0x458/0x690 [ 185.201181][ T139] ? dev_validate_mtu+0x180/0x180 [ 185.206018][ T139] ? avc_has_perm_noaudit+0x2dd/0x430 [ 185.211345][ T139] dev_set_mtu+0xa0/0x180 [ 185.215477][ T139] ? call_netdevice_notifiers_mtu+0x220/0x220 [ 185.221379][ T139] ? full_name_hash+0xa0/0xf0 [ 185.225894][ T139] dev_ifsioc+0x4ad/0x10c0 [ 185.230146][ T139] ? dev_ioctl+0xe70/0xe70 [ 185.234396][ T139] ? mutex_lock+0xb6/0x1e0 [ 185.238651][ T139] ? wait_for_completion_killable_timeout+0x10/0x10 [ 185.245074][ T139] dev_ioctl+0x54d/0xe70 [ 185.249316][ T139] sock_do_ioctl+0x34f/0x5a0 [ 185.253706][ T139] ? sock_show_fdinfo+0xa0/0xa0 [ 185.258386][ T139] ? selinux_file_ioctl+0x3cc/0x540 [ 185.263420][ T139] sock_ioctl+0x455/0x740 [ 185.267587][ T139] ? sock_poll+0x400/0x400 [ 185.271846][ T139] ? fd_install+0x144/0x250 [ 185.276180][ T139] ? __sys_socket+0x1d2/0x370 [ 185.280700][ T139] ? security_file_ioctl+0x84/0xb0 [ 185.285641][ T139] ? sock_poll+0x400/0x400 [ 185.289913][ T139] __se_sys_ioctl+0x114/0x190 [ 185.294406][ T139] __x64_sys_ioctl+0x7b/0x90 [ 185.298838][ T139] x64_sys_call+0x98/0x9a0 [ 185.303084][ T139] do_syscall_64+0x3b/0xb0 [ 185.307336][ T139] ? clear_bhb_loop+0x35/0x90 [ 185.311851][ T139] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 185.317587][ T139] RIP: 0033:0x7fb739a4ad49 [ 185.321835][ T139] Code: 5c c3 48 8d 44 24 08 48 89 54 24 e0 48 89 44 24 c0 48 8d 44 24 d0 48 89 44 24 c8 b8 10 00 00 00 c7 44 24 b8 10 00 00 00 0f 05 <41> 89 c0 3d 00 f0 ff ff 76 10 48 8b 15 ae 60 0d 00 f7 d8 41 83 c8 [ 185.341282][ T139] RSP: 002b:00007fff53dfebe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 185.349521][ T139] RAX: ffffffffffffffda RBX: 00007fb73997c6c0 RCX: 00007fb739a4ad49 [pid 1344] exit_group(0) = ? [pid 1344] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1344, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./21/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./21") = 0 mkdir("./22", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 1389 ./strace-static-x86_64: Process 1389 attached [pid 1389] set_robust_list(0x55556d8f0660, 24) = 0 [pid 1389] chdir("./22") = 0 [pid 1389] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1389] setpgid(0, 0) = 0 [pid 1389] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1389] write(3, "1000", 4) = 4 [pid 1389] close(3) = 0 [pid 1389] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 1389] write(1, "executing program\n", 18) = 18 [pid 1389] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 1389] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 1389] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 185.357333][ T139] RDX: 00007fff53e0edd8 RSI: 0000000000008922 RDI: 0000000000000012 [ 185.365141][ T139] RBP: 00007fff53e1ef98 R08: 00007fff53e0ed98 R09: 00007fff53e0ed48 [ 185.372976][ T139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 185.380799][ T139] R13: 00007fff53e0edd8 R14: 0000000000000028 R15: 0000000000008922 [ 185.388578][ T139] [ 185.394442][ T433] usb 1-1: USB disconnect, device number 23 [ 185.425449][ T433] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 1389] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 185.828830][ T433] usb 1-1: new high-speed USB device number 24 using dummy_hcd [pid 1389] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 1389] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 1389] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 1389] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 186.188835][ T433] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 1389] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 1389] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 186.278854][ T433] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 186.287749][ T433] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 186.295579][ T433] usb 1-1: SerialNumber: syz [pid 1389] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 186.999921][ T433] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 1389] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 1389] exit_group(0) = ? [pid 1389] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1389, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./22/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./22") = 0 mkdir("./23", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 1446 ./strace-static-x86_64: Process 1446 attached [pid 1446] set_robust_list(0x55556d8f0660, 24) = 0 [pid 1446] chdir("./23") = 0 [pid 1446] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1446] setpgid(0, 0) = 0 [pid 1446] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1446] write(3, "1000", 4) = 4 [pid 1446] close(3) = 0 [pid 1446] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1446] write(1, "executing program\n", 18executing program ) = 18 [pid 1446] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 1446] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 1446] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 187.401435][ T947] usb 1-1: USB disconnect, device number 24 [ 187.455432][ T947] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 1446] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 187.838767][ T947] usb 1-1: new high-speed USB device number 25 using dummy_hcd [pid 1446] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 1446] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 1446] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 1446] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 188.198837][ T947] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 1446] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 1446] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 188.288841][ T947] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 188.297766][ T947] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 188.305811][ T947] usb 1-1: SerialNumber: syz [pid 1446] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 189.010145][ T947] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 1446] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 1446] exit_group(0) = ? [pid 1446] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1446, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./23/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 executing program rmdir("./23") = 0 mkdir("./24", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 1490 ./strace-static-x86_64: Process 1490 attached [pid 1490] set_robust_list(0x55556d8f0660, 24) = 0 [pid 1490] chdir("./24") = 0 [pid 1490] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1490] setpgid(0, 0) = 0 [pid 1490] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1490] write(3, "1000", 4) = 4 [pid 1490] close(3) = 0 [pid 1490] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1490] write(1, "executing program\n", 18) = 18 [pid 1490] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 1490] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 1490] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 189.411773][ T536] usb 1-1: USB disconnect, device number 25 [ 189.465857][ T536] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 1490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 189.848784][ T536] usb 1-1: new high-speed USB device number 26 using dummy_hcd [pid 1490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 1490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 1490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 1490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 190.208826][ T536] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 1490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 1490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 190.298921][ T536] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 190.307921][ T536] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 190.315760][ T536] usb 1-1: SerialNumber: syz [pid 1490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 191.019993][ T536] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [pid 1490] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 1490] exit_group(0) = ? [pid 1490] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1490, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./24/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./24") = 0 mkdir("./25", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 1534 ./strace-static-x86_64: Process 1534 attached [pid 1534] set_robust_list(0x55556d8f0660, 24) = 0 [pid 1534] chdir("./25") = 0 [pid 1534] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1534] setpgid(0, 0) = 0 [pid 1534] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1534] write(3, "1000", 4) = 4 [pid 1534] close(3) = 0 [pid 1534] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1534] write(1, "executing program\n", 18executing program ) = 18 [pid 1534] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 1534] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 1534] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 191.420995][ T947] usb 1-1: USB disconnect, device number 26 [ 191.452431][ T947] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 1534] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 191.848749][ T947] usb 1-1: new high-speed USB device number 27 using dummy_hcd [pid 1534] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 1534] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 1534] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 1534] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 192.208827][ T947] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 1534] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 1534] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 192.298803][ T947] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 192.307692][ T947] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 192.315523][ T947] usb 1-1: SerialNumber: syz [pid 1534] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 193.019956][ T947] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 193.119551][ T30] audit: type=1400 audit(1736627502.990:71): avc: denied { remove_name } for pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 193.141863][ T30] audit: type=1400 audit(1736627502.990:72): avc: denied { rename } for pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [pid 1534] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc59c4b4d0) = 29 [pid 1534] exit_group(0) = ? [pid 1534] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1534, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556d8f16f0 /* 3 entries */, 32768) = 80 umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./25/binderfs") = 0 getdents64(3, 0x55556d8f16f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./25") = 0 mkdir("./26", 0777) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556d8f0650) = 1578 ./strace-static-x86_64: Process 1578 attached [pid 1578] set_robust_list(0x55556d8f0660, 24) = 0 [pid 1578] chdir("./26") = 0 [pid 1578] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1578] setpgid(0, 0) = 0 [pid 1578] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1578] write(3, "1000", 4) = 4 [pid 1578] close(3) = 0 [pid 1578] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1578] write(1, "executing program\n", 18executing program ) = 18 [pid 1578] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 [pid 1578] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc59c4b4a0) = 0 [pid 1578] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [ 193.421166][ T536] usb 1-1: USB disconnect, device number 27 [ 193.451767][ T536] cdc_ether 1-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [pid 1578] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [ 193.858766][ T536] usb 1-1: new high-speed USB device number 28 using dummy_hcd [pid 1578] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 18 [pid 1578] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 9 [pid 1578] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 59 [pid 1578] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 4 [ 194.218830][ T536] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [pid 1578] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a490) = 8 [pid 1578] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4a0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a490) = 0 [ 194.308797][ T536] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 194.317788][ T536] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 194.325703][ T536] usb 1-1: SerialNumber: syz [pid 1578] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xa) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP_DISABLE, 0xb) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3ec) = 10 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f18efecd3fc) = 11 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc59c4a4b0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc59c4b4c0) = 0 [pid 1578] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc59c4a4b0) = 26 [ 195.030381][ T536] cdc_ether 1-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42