./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2215869921
<...>
Warning: Permanently added '10.128.1.21' (ED25519) to the list of known hosts.
execve("./syz-executor2215869921", ["./syz-executor2215869921"], 0x7ffe24cc1af0 /* 10 vars */) = 0
brk(NULL) = 0x555591297000
brk(0x555591297d00) = 0x555591297d00
arch_prctl(ARCH_SET_FS, 0x555591297380) = 0
set_tid_address(0x555591297650) = 5814
set_robust_list(0x555591297660, 24) = 0
rseq(0x555591297ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2215869921", 4096) = 28
getrandom("\x3d\xb2\xf3\x5c\xde\x3a\x97\x32", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x555591297d00
brk(0x5555912b8d00) = 0x5555912b8d00
brk(0x5555912b9000) = 0x5555912b9000
mprotect(0x7f5c6b1e7000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
[ 62.331966][ T30] audit: type=1400 audit(1750650138.187:62): avc: denied { write } for pid=5811 comm="strace-static-x" path="pipe:[4537]" dev="pipefs" ino=4537 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
write(1, "executing program\n", 18executing program
) = 18
openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc525f0a10) = 0
ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[ 62.369800][ T30] audit: type=1400 audit(1750650138.217:63): avc: denied { execmem } for pid=5814 comm="syz-executor221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 62.392187][ T30] audit: type=1400 audit(1750650138.247:64): avc: denied { read write } for pid=5814 comm="syz-executor221" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a10) = 0
[ 62.417281][ T30] audit: type=1400 audit(1750650138.247:65): avc: denied { open } for pid=5814 comm="syz-executor221" path="/dev/raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 62.440979][ T30] audit: type=1400 audit(1750650138.257:66): avc: denied { ioctl } for pid=5814 comm="syz-executor221" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a10) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a10) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a10) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc525efa00) = 18
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a10) = 0
[ 62.650243][ T916] usb 1-1: new high-speed USB device number 2 using dummy_hcd
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a10) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a10) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc525efa00) = 18
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a10) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc525efa00) = 9
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a10) = 0
[ 62.820151][ T916] usb 1-1: Using ep0 maxpacket: 16
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc525efa00) = 27
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a10) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc525efa00) = 4
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a10) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc525efa00) = 8
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a10) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc525efa00) = 8
[ 62.868580][ T916] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[ 62.876763][ T916] usb 1-1: config 0 has no interface number 0
[ 62.883243][ T916] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 130, changing to 11
[ 62.894378][ T916] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 8260, setting to 1024
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a10) = 0
ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0
ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f5c6b1ed3ec) = 8
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc525efa00) = 0
[ 62.948103][ T916] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 62.957206][ T916] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 62.965277][ T916] usb 1-1: Product: syz
[ 62.969417][ T916] usb 1-1: SerialNumber: syz
[ 62.976276][ T916] usb 1-1: config 0 descriptor??
[ 63.006898][ T916] cm109 1-1:0.8: invalid payload size 1024, expected 4
[ 63.014892][ T916] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input5
openat(AT_FDCWD, "/dev/char/4:1", O_RDWR) = 4
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc525f0a50) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc525efa40) = 4
dup(4) = 5
write(5, "\xfc\x00\x00\x00\xa2\xe3\xad\x21\xed\x0d\x1b\xf9\x1b\x29\x55\x09\x87\xf7\x0e\x06\xd0\x38\xe7\xff\x7f\xc6\xe5\x53\x9b\x0d\x3d\x0e\x8b\x08\x9b\x3f\x3b\x09\x6c\x06\x08\x90\xe0\x87\x8f\x0e\x1a\xc6\xe7\x04\x9b\x09\x6e\x95\x9b\x44\x9a\x24\x0d\x5b\x67\xf3\x98\x8f\x7e\xf3\x19\x52\x01\x00\xff\xe8\xd1\x78\x70\x8c\x52\x3c\x92\x1b\x1b\x5b\x31\x07\x0b\x07\x5d\x0d\x36\xcd\x3b\x78\x13\x0d\xaa\x61\xd8\xe8\x04\x00"..., 4102) = 4102
exit_group(0) = ?
[ 63.438267][ C1] cm109 1-1:0.8: cm109_urb_irq_callback: urb status -71
[ 63.439321][ T974] usb 1-1: USB disconnect, device number 2
[ 63.445354][ C1] ------------[ cut here ]------------
[ 63.445384][ C1] URB ffff8880236c8500 submitted while active
[ 63.445828][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:379 usb_submit_urb+0x152b/0x1790
[ 63.472002][ C1] Modules linked in:
[ 63.475897][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full)
[ 63.487492][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 63.497519][ C1] RIP: 0010:usb_submit_urb+0x152b/0x1790
[ 63.503133][ C1] Code: fd eb cb bb fe ff ff ff e9 70 f3 ff ff e8 8d a9 86 fa c6 05 0f 07 5b 09 01 90 48 c7 c7 00 1b 73 8c 48 89 de e8 86 6c 45 fa 90 <0f> 0b 90 90 e9 b6 fe ff ff bb f8 ff ff ff e9 40 f3 ff ff 48 89 ef
[ 63.522712][ C1] RSP: 0018:ffffc90000a08a88 EFLAGS: 00010086
[ 63.528749][ C1] RAX: 0000000000000000 RBX: ffff8880236c8500 RCX: ffffffff817ae248
[ 63.536691][ C1] RDX: ffff88801e2b2440 RSI: ffffffff817ae255 RDI: 0000000000000001
[ 63.544634][ C1] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[ 63.552593][ C1] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000046
[ 63.560536][ C1] R13: ffff8881437dd858 R14: 000000000000000f R15: 0000000000000001
[ 63.568479][ C1] FS: 0000000000000000(0000) GS:ffff888124853000(0000) knlGS:0000000000000000
[ 63.577394][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 63.583965][ C1] CR2: 0000558d85ef2000 CR3: 000000005dfb6000 CR4: 00000000003526f0
[ 63.591918][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 63.599864][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 63.607807][ C1] Call Trace:
[ 63.611062][ C1]
[ 63.613881][ C1] ? find_held_lock+0x2b/0x80
[ 63.618534][ C1] ? __pfx____ratelimit+0x10/0x10
[ 63.623539][ C1] cm109_urb_irq_callback+0x2e7/0xb70
[ 63.628885][ C1] ? usb_hcd_unmap_urb_for_dma+0x109/0x6d0
[ 63.634665][ C1] ? do_raw_spin_lock+0x12c/0x2b0
[ 63.639667][ C1] __usb_hcd_giveback_urb+0x38a/0x6e0
[ 63.645015][ C1] usb_hcd_giveback_urb+0x39b/0x450
[ 63.650197][ C1] dummy_timer+0x180e/0x3a20
[ 63.654770][ C1] ? find_held_lock+0x2b/0x80
[ 63.659419][ C1] ? debug_object_deactivate+0x1ec/0x3a0
[ 63.665042][ C1] ? debug_object_deactivate+0x1ec/0x3a0
[ 63.670651][ C1] ? __pfx_debug_object_deactivate+0x10/0x10
[ 63.676608][ C1] ? __lock_acquire+0xb8a/0x1c90
[ 63.681533][ C1] ? __pfx_dummy_timer+0x10/0x10
[ 63.686457][ C1] ? rcu_is_watching+0x12/0xc0
[ 63.691193][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 63.696975][ C1] ? __pfx_dummy_timer+0x10/0x10
[ 63.701889][ C1] __hrtimer_run_queues+0x202/0xad0
[ 63.707066][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10
[ 63.712756][ C1] ? read_tsc+0x9/0x20
[ 63.716800][ C1] hrtimer_run_softirq+0x17d/0x350
[ 63.721884][ C1] handle_softirqs+0x216/0x8e0
[ 63.726623][ C1] ? __pfx_handle_softirqs+0x10/0x10
[ 63.731884][ C1] __irq_exit_rcu+0x109/0x170
[ 63.736534][ C1] irq_exit_rcu+0x9/0x30
[ 63.740749][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0
[ 63.746355][ C1]
[ 63.749258][ C1]
[ 63.752162][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 63.758113][ C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 63.763720][ C1] Code: 6b 72 02 e9 03 fb 02 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d a3 f0 29 00 fb f4 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 63.783298][ C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c2
[ 63.789345][ C1] RAX: 0000000000052c21 RBX: 0000000000000001 RCX: ffffffff8b801c19
[ 63.797291][ C1] RDX: 0000000000000000 RSI: ffffffff8de1a168 RDI: ffffffff8c157aa0
[ 63.805233][ C1] RBP: ffffed1003c56488 R08: 0000000000000001 R09: ffffed10170a6645
[ 63.813176][ C1] R10: ffff8880b853322b R11: 0000000000000001 R12: 0000000000000001
[ 63.821120][ C1] R13: ffff88801e2b2440 R14: ffffffff90a81150 R15: 0000000000000000
[ 63.829081][ C1] ? ct_kernel_exit+0x139/0x190
[ 63.833929][ C1] default_idle+0x13/0x20
[ 63.838242][ C1] default_idle_call+0x6d/0xb0
[ 63.842981][ C1] do_idle+0x391/0x510
[ 63.847030][ C1] ? __pfx_do_idle+0x10/0x10
[ 63.851610][ C1] ? trace_sched_exit_tp+0x31/0x130
[ 63.856789][ C1] cpu_startup_entry+0x4f/0x60
[ 63.861528][ C1] start_secondary+0x21d/0x2b0
[ 63.866270][ C1] ? __pfx_start_secondary+0x10/0x10
[ 63.871533][ C1] common_startup_64+0x13e/0x148
[ 63.876450][ C1]
[ 63.879455][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 63.886707][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full)
[ 63.898305][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 63.908419][ C1] Call Trace:
[ 63.911675][ C1]
[ 63.914494][ C1] dump_stack_lvl+0x3d/0x1f0
[ 63.919065][ C1] panic+0x71c/0x800
[ 63.922939][ C1] ? __pfx_panic+0x10/0x10
[ 63.927331][ C1] ? show_trace_log_lvl+0x29b/0x3e0
[ 63.932510][ C1] ? check_panic_on_warn+0x1f/0xb0
[ 63.937599][ C1] ? usb_submit_urb+0x152b/0x1790
[ 63.942602][ C1] check_panic_on_warn+0xab/0xb0
[ 63.947526][ C1] __warn+0xf6/0x3c0
[ 63.951400][ C1] ? usb_submit_urb+0x152b/0x1790
[ 63.956414][ C1] report_bug+0x3c3/0x580
[ 63.960721][ C1] ? usb_submit_urb+0x152b/0x1790
[ 63.965723][ C1] handle_bug+0x184/0x210
[ 63.970033][ C1] exc_invalid_op+0x17/0x50
[ 63.974511][ C1] asm_exc_invalid_op+0x1a/0x20
[ 63.979334][ C1] RIP: 0010:usb_submit_urb+0x152b/0x1790
[ 63.984946][ C1] Code: fd eb cb bb fe ff ff ff e9 70 f3 ff ff e8 8d a9 86 fa c6 05 0f 07 5b 09 01 90 48 c7 c7 00 1b 73 8c 48 89 de e8 86 6c 45 fa 90 <0f> 0b 90 90 e9 b6 fe ff ff bb f8 ff ff ff e9 40 f3 ff ff 48 89 ef
[ 64.004528][ C1] RSP: 0018:ffffc90000a08a88 EFLAGS: 00010086
[ 64.010568][ C1] RAX: 0000000000000000 RBX: ffff8880236c8500 RCX: ffffffff817ae248
[ 64.018512][ C1] RDX: ffff88801e2b2440 RSI: ffffffff817ae255 RDI: 0000000000000001
[ 64.026456][ C1] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[ 64.034400][ C1] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000046
[ 64.042344][ C1] R13: ffff8881437dd858 R14: 000000000000000f R15: 0000000000000001
[ 64.050293][ C1] ? __warn_printk+0x198/0x350
[ 64.055034][ C1] ? __warn_printk+0x1a5/0x350
[ 64.059774][ C1] ? usb_submit_urb+0x152a/0x1790
[ 64.064775][ C1] ? find_held_lock+0x2b/0x80
[ 64.069428][ C1] ? __pfx____ratelimit+0x10/0x10
[ 64.074433][ C1] cm109_urb_irq_callback+0x2e7/0xb70
[ 64.079781][ C1] ? usb_hcd_unmap_urb_for_dma+0x109/0x6d0
[ 64.085562][ C1] ? do_raw_spin_lock+0x12c/0x2b0
[ 64.090563][ C1] __usb_hcd_giveback_urb+0x38a/0x6e0
[ 64.095910][ C1] usb_hcd_giveback_urb+0x39b/0x450
[ 64.101097][ C1] dummy_timer+0x180e/0x3a20
[ 64.105670][ C1] ? find_held_lock+0x2b/0x80
[ 64.110333][ C1] ? debug_object_deactivate+0x1ec/0x3a0
[ 64.115948][ C1] ? debug_object_deactivate+0x1ec/0x3a0
[ 64.121560][ C1] ? __pfx_debug_object_deactivate+0x10/0x10
[ 64.127516][ C1] ? __lock_acquire+0xb8a/0x1c90
[ 64.132431][ C1] ? __pfx_dummy_timer+0x10/0x10
[ 64.137346][ C1] ? rcu_is_watching+0x12/0xc0
[ 64.142084][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 64.147869][ C1] ? __pfx_dummy_timer+0x10/0x10
[ 64.152783][ C1] __hrtimer_run_queues+0x202/0xad0
[ 64.157980][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10
[ 64.163671][ C1] ? read_tsc+0x9/0x20
[ 64.167721][ C1] hrtimer_run_softirq+0x17d/0x350
[ 64.172808][ C1] handle_softirqs+0x216/0x8e0
[ 64.177555][ C1] ? __pfx_handle_softirqs+0x10/0x10
[ 64.182818][ C1] __irq_exit_rcu+0x109/0x170
[ 64.187478][ C1] irq_exit_rcu+0x9/0x30
[ 64.191697][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0
[ 64.197307][ C1]
[ 64.200221][ C1]
[ 64.203140][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 64.209092][ C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 64.214701][ C1] Code: 6b 72 02 e9 03 fb 02 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d a3 f0 29 00 fb f4 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 64.234292][ C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c2
[ 64.240332][ C1] RAX: 0000000000052c21 RBX: 0000000000000001 RCX: ffffffff8b801c19
[ 64.248274][ C1] RDX: 0000000000000000 RSI: ffffffff8de1a168 RDI: ffffffff8c157aa0
[ 64.256218][ C1] RBP: ffffed1003c56488 R08: 0000000000000001 R09: ffffed10170a6645
[ 64.264161][ C1] R10: ffff8880b853322b R11: 0000000000000001 R12: 0000000000000001
[ 64.272103][ C1] R13: ffff88801e2b2440 R14: ffffffff90a81150 R15: 0000000000000000
[ 64.280054][ C1] ? ct_kernel_exit+0x139/0x190
[ 64.284884][ C1] default_idle+0x13/0x20
[ 64.289183][ C1] default_idle_call+0x6d/0xb0
[ 64.293918][ C1] do_idle+0x391/0x510
[ 64.297962][ C1] ? __pfx_do_idle+0x10/0x10
[ 64.302527][ C1] ? trace_sched_exit_tp+0x31/0x130
[ 64.307702][ C1] cpu_startup_entry+0x4f/0x60
[ 64.312438][ C1] start_secondary+0x21d/0x2b0
[ 64.317176][ C1] ? __pfx_start_secondary+0x10/0x10
[ 64.322439][ C1] common_startup_64+0x13e/0x148
[ 64.327353][ C1]
[ 64.330537][ C1] Kernel Offset: disabled
[ 64.334839][ C1] Rebooting in 86400 seconds..