./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2747203809
<...>
Warning: Permanently added '10.128.1.151' (ED25519) to the list of known hosts.
execve("./syz-executor2747203809", ["./syz-executor2747203809"], 0x7ffdcb102d70 /* 10 vars */) = 0
brk(NULL) = 0x5555678cd000
brk(0x5555678cdd00) = 0x5555678cdd00
arch_prctl(ARCH_SET_FS, 0x5555678cd380) = 0
set_tid_address(0x5555678cd650) = 5857
set_robust_list(0x5555678cd660, 24) = 0
rseq(0x5555678cdca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2747203809", 4096) = 28
getrandom("\xaf\x25\xa0\x57\x89\xc7\x7a\xf8", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x5555678cdd00
brk(0x5555678eed00) = 0x5555678eed00
brk(0x5555678ef000) = 0x5555678ef000
mprotect(0x7fb3d5829000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555678cd650) = 5858
./strace-static-x86_64: Process 5858 attached
[pid 5857] openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3
[pid 5858] set_robust_list(0x5555678cd660, 24 <unfinished ...>
[pid 5857] write(3, "10000000000", 11 <unfinished ...>
[pid 5858] <... set_robust_list resumed>) = 0
[pid 5857] <... write resumed>) = 11
[pid 5857] close(3) = 0
[pid 5857] openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3
[pid 5857] write(3, "20", 2) = 2
[pid 5857] close(3) = 0
[pid 5857] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3
[pid 5857] write(3, "1", 1) = 1
[pid 5857] close(3) = 0
[pid 5857] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3
[pid 5857] write(3, "0", 1) = 1
[pid 5857] close(3) = 0
[pid 5857] openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3
[pid 5857] write(3, "0", 1) = 1
[pid 5857] close(3) = 0
[pid 5857] openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3
[pid 5857] write(3, "1", 1) = 1
[pid 5857] close(3) = 0
[pid 5857] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
[pid 5857] write(3, "100", 3) = 3
[pid 5857] close(3) = 0
[pid 5857] openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3
[pid 5857] write(3, "0", 1) = 1
[pid 5857] close(3) = 0
[pid 5857] openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3
[pid 5857] write(3, "0", 1) = 1
[pid 5857] close(3) = 0
[pid 5857] openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3
[pid 5857] write(3, "7 4 1 3", 7) = 7
[pid 5857] close(3) = 0
[pid 5857] openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3
[pid 5857] write(3, "1", 1) = 1
[pid 5857] close(3) = 0
[pid 5857] openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3
[pid 5857] write(3, "1", 1) = 1
[pid 5857] close(3) = 0
[pid 5857] openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3
[pid 5857] write(3, "0", 1) = 1
[pid 5857] close(3) = 0
[pid 5857] openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3
[pid 5857] write(3, "5858", 4) = 4
[pid 5857] close(3) = 0
[pid 5857] kill(5858, SIGKILL) = 0
[pid 5858] +++ killed by SIGKILL +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5858, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5859 attached
, child_tidptr=0x5555678cd650) = 5859
[pid 5857] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5859] set_robust_list(0x5555678cd660, 24) = 0
./strace-static-x86_64: Process 5860 attached
[pid 5859] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5860] set_robust_list(0x5555678cd660, 24./strace-static-x86_64: Process 5861 attached
<unfinished ...>
[pid 5857] <... clone resumed>, child_tidptr=0x5555678cd650) = 5860
[pid 5857] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5860] <... set_robust_list resumed>) = 0
[pid 5860] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5859] <... clone resumed>, child_tidptr=0x5555678cd650) = 5861
[pid 5861] set_robust_list(0x5555678cd660, 24) = 0
./strace-static-x86_64: Process 5862 attached
[pid 5862] set_robust_list(0x5555678cd660, 24) = 0
[pid 5862] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5863 attached
<unfinished ...>
[pid 5857] <... clone resumed>, child_tidptr=0x5555678cd650) = 5862
[pid 5861] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid 5863] set_robust_list(0x5555678cd660, 24./strace-static-x86_64: Process 5864 attached
<unfinished ...>
[pid 5857] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5863] <... set_robust_list resumed>) = 0
[pid 5861] <... prctl resumed>) = 0
[pid 5860] <... clone resumed>, child_tidptr=0x5555678cd650) = 5863
[pid 5863] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid 5864] set_robust_list(0x5555678cd660, 24 <unfinished ...>
[pid 5863] <... prctl resumed>) = 0
[pid 5861] setpgid(0, 0 <unfinished ...>
[pid 5864] <... set_robust_list resumed>) = 0
[pid 5863] setpgid(0, 0 <unfinished ...>
[pid 5861] <... setpgid resumed>) = 0
[pid 5864] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5865 attached
<unfinished ...>
[pid 5857] <... clone resumed>, child_tidptr=0x5555678cd650) = 5865
[pid 5864] <... prctl resumed>) = 0
[pid 5863] <... setpgid resumed>) = 0
[pid 5862] <... clone resumed>, child_tidptr=0x5555678cd650) = 5864
[pid 5861] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid 5865] set_robust_list(0x5555678cd660, 24) = 0
[pid 5857] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5864] setpgid(0, 0 <unfinished ...>
[pid 5863] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid 5861] <... openat resumed>) = 3
[pid 5861] write(3, "1000", 4./strace-static-x86_64: Process 5867 attached
./strace-static-x86_64: Process 5866 attached
<unfinished ...>
[pid 5864] <... setpgid resumed>) = 0
[pid 5861] <... write resumed>) = 4
[pid 5863] <... openat resumed>) = 3
[pid 5857] <... clone resumed>, child_tidptr=0x5555678cd650) = 5866
[pid 5865] <... clone resumed>, child_tidptr=0x5555678cd650) = 5867
[pid 5864] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid 5863] write(3, "1000", 4 <unfinished ...>
[pid 5861] close(3 <unfinished ...>
[pid 5867] set_robust_list(0x5555678cd660, 24 <unfinished ...>
[pid 5866] set_robust_list(0x5555678cd660, 24 <unfinished ...>
[pid 5863] <... write resumed>) = 4
[pid 5864] <... openat resumed>) = 3
[pid 5863] close(3) = 0
executing program
executing program
[pid 5867] <... set_robust_list resumed>) = 0
[pid 5866] <... set_robust_list resumed>) = 0
[pid 5863] write(1, "executing program\n", 18 <unfinished ...>
[pid 5861] <... close resumed>) = 0
[pid 5864] write(3, "1000", 4 <unfinished ...>
[pid 5863] <... write resumed>) = 18
[pid 5867] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid 5864] <... write resumed>) = 4
[pid 5863] setsockopt(-1, SOL_IP, IP_OPTIONS, "", 0 <unfinished ...>
[pid 5867] <... prctl resumed>) = 0
[pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5864] close(3 <unfinished ...>
[pid 5863] <... setsockopt resumed>) = -1 EBADF (Bad file descriptor)
[pid 5861] write(1, "executing program\n", 18 <unfinished ...>
[pid 5864] <... close resumed>) = 0
[pid 5863] sendmsg(-1, NULL, MSG_DONTROUTE|MSG_WAITALL|MSG_CONFIRM|MSG_FASTOPEN|0x2000000) = -1 EBADF (Bad file descriptor)
executing program
[pid 5864] write(1, "executing program\n", 18 <unfinished ...>
[pid 5863] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR <unfinished ...>
[pid 5861] <... write resumed>) = 18
[pid 5864] <... write resumed>) = 18
[pid 5863] <... openat resumed>) = 3
[pid 5861] setsockopt(-1, SOL_IP, IP_OPTIONS, "", 0 <unfinished ...>
[pid 5867] setpgid(0, 0 <unfinished ...>
[pid 5864] setsockopt(-1, SOL_IP, IP_OPTIONS, "", 0 <unfinished ...>
[pid 5863] ioctl(3, USB_RAW_IOCTL_INIT <unfinished ...>
[pid 5864] <... setsockopt resumed>) = -1 EBADF (Bad file descriptor)
[pid 5864] sendmsg(-1, NULL, MSG_DONTROUTE|MSG_WAITALL|MSG_CONFIRM|MSG_FASTOPEN|0x2000000./strace-static-x86_64: Process 5868 attached
<unfinished ...>
[pid 5867] <... setpgid resumed>) = 0
[pid 5864] <... sendmsg resumed>) = -1 EBADF (Bad file descriptor)
[pid 5863] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] <... setsockopt resumed>) = -1 EBADF (Bad file descriptor)
[pid 5868] set_robust_list(0x5555678cd660, 24 <unfinished ...>
[pid 5867] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid 5866] <... clone resumed>, child_tidptr=0x5555678cd650) = 5868
[pid 5864] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR <unfinished ...>
[pid 5863] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN <unfinished ...>
[pid 5861] sendmsg(-1, NULL, MSG_DONTROUTE|MSG_WAITALL|MSG_CONFIRM|MSG_FASTOPEN|0x2000000 <unfinished ...>
[pid 5868] <... set_robust_list resumed>) = 0
[pid 5867] <... openat resumed>) = 3
[pid 5864] <... openat resumed>) = 3
[pid 5861] <... sendmsg resumed>) = -1 EBADF (Bad file descriptor)
[pid 5868] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid 5867] write(3, "1000", 4 <unfinished ...>
[pid 5864] ioctl(3, USB_RAW_IOCTL_INIT <unfinished ...>
[pid 5861] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR <unfinished ...>
[pid 5868] <... prctl resumed>) = 0
[pid 5867] <... write resumed>) = 4
[pid 5864] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] <... openat resumed>) = 3
[pid 5868] setpgid(0, 0 <unfinished ...>
[pid 5867] close(3 <unfinished ...>
[pid 5861] ioctl(3, USB_RAW_IOCTL_INIT <unfinished ...>
[pid 5868] <... setpgid resumed>) = 0
[pid 5867] <... close resumed>) = 0
[pid 5864] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN <unfinished ...>
[pid 5868] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid 5867] write(1, "executing program\n", 18 <unfinished ...>
[pid 5864] <... ioctl resumed>, 0) = 0
[pid 5863] <... ioctl resumed>, 0) = 0
[pid 5861] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCHexecuting program
<unfinished ...>
[pid 5867] <... write resumed>) = 18
[pid 5863] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5868] <... openat resumed>) = 3
[pid 5867] setsockopt(-1, SOL_IP, IP_OPTIONS, "", 0 <unfinished ...>
[pid 5861] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN <unfinished ...>
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] <... setsockopt resumed>) = -1 EBADF (Bad file descriptor)
[pid 5867] sendmsg(-1, NULL, MSG_DONTROUTE|MSG_WAITALL|MSG_CONFIRM|MSG_FASTOPEN|0x2000000 <unfinished ...>
[pid 5861] <... ioctl resumed>, 0) = 0
[pid 5867] <... sendmsg resumed>) = -1 EBADF (Bad file descriptor)
[pid 5867] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR <unfinished ...>
[pid 5868] write(3, "1000", 4 <unfinished ...>
[pid 5867] <... openat resumed>) = 3
[pid 5868] <... write resumed>) = 4
[pid 5867] ioctl(3, USB_RAW_IOCTL_INIT <unfinished ...>
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] close(3 <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5864] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] <... close resumed>) = 0
[pid 5868] write(1, "executing program\n", 18 <unfinished ...>
[pid 5867] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUNexecuting program
<unfinished ...>
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5861] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5868] <... write resumed>) = 18
[pid 5868] setsockopt(-1, SOL_IP, IP_OPTIONS, "", 0 <unfinished ...>
[pid 5867] <... ioctl resumed>, 0) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] <... setsockopt resumed>) = -1 EBADF (Bad file descriptor)
[pid 5868] sendmsg(-1, NULL, MSG_DONTROUTE|MSG_WAITALL|MSG_CONFIRM|MSG_FASTOPEN|0x2000000) = -1 EBADF (Bad file descriptor)
[pid 5868] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] ioctl(3, USB_RAW_IOCTL_INIT <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5868] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5863] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5864] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5863] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5864] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5861] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5867] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5863] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5863] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd29c2dfc0) = 18
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5864] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5867] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5864] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5861] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2dfc0) = 18
[pid 5864] <... ioctl resumed>, 0x7ffd29c2dfc0) = 18
[pid 5861] <... ioctl resumed>, 0x7ffd29c2dfc0) = 18
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5864] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5861] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[ 129.544796][ T918] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 129.554540][ T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 129.562294][ T976] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 129.570242][ T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5863] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd29c2dfc0) = 18
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5861] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5864] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[ 129.624640][ T5870] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5863] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd29c2dfc0) = 18
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd29c2dfc0) = 9
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd29c2dfc0) = 27
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5861] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd29c2dfc0) = 18
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[ 129.714536][ T918] usb 2-1: Using ep0 maxpacket: 32
[ 129.734638][ T976] usb 1-1: Using ep0 maxpacket: 32
[ 129.740206][ T10] usb 3-1: Using ep0 maxpacket: 32
[ 129.742597][ T918] usb 2-1: config 0 has an invalid interface number: 132 but max is 0
[ 129.745733][ T9] usb 4-1: Using ep0 maxpacket: 32
[ 129.756243][ T918] usb 2-1: config 0 has no interface number 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5864] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5863] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5867] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5864] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5863] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5861] <... ioctl resumed>, 0x7ffd29c2dfc0) = 9
[pid 5863] <... ioctl resumed>, 0x7ffd29c2dfc0) = 4
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5863] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2dfc0) = 18
[pid 5863] <... ioctl resumed>, 0x7ffd29c2dfc0) = 8
[pid 5861] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5861] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5864] <... ioctl resumed>, 0x7ffd29c2dfc0) = 18
[pid 5863] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd29c2dfc0) = 8
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5863] <... ioctl resumed>, 0x7ffd29c2dfc0) = 8
[pid 5861] <... ioctl resumed>, 0x7ffd29c2dfc0) = 27
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5864] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[ 129.764963][ T918] usb 2-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 129.779528][ T976] usb 1-1: config 0 has an invalid interface number: 132 but max is 0
[ 129.780889][ T918] usb 2-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[ 129.787903][ T5870] usb 5-1: Using ep0 maxpacket: 32
[ 129.797954][ T918] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[pid 5864] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd29c2dfc0) = 9
[pid 5867] <... ioctl resumed>, 0x7ffd29c2dfc0) = 9
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5867] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2dfc0) = 27
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5864] <... ioctl resumed>, 0x7ffd29c2dfc0) = 27
[ 129.802641][ T976] usb 1-1: config 0 has no interface number 0
[ 129.812465][ T918] usb 2-1: Product: syz
[ 129.817159][ T976] usb 1-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 129.825323][ T918] usb 2-1: Manufacturer: syz
[ 129.831549][ T10] usb 3-1: config 0 has an invalid interface number: 132 but max is 0
[ 129.837381][ T918] usb 2-1: SerialNumber: syz
[ 129.843214][ T9] usb 4-1: config 0 has an invalid interface number: 132 but max is 0
[ 129.843239][ T9] usb 4-1: config 0 has no interface number 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5863] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0x2) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fb3d582f3ec) = -1 EINVAL (Invalid argument)
[pid 5863] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd29c2dfc0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5861] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd29c2dfc0) = 4
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2dfc0) = 18
[pid 5861] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[ 129.844054][ T9] usb 4-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 129.872377][ T10] usb 3-1: config 0 has no interface number 0
[ 129.874225][ T918] usb 2-1: config 0 descriptor??
[ 129.878542][ T10] usb 3-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 129.901899][ T976] usb 1-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[pid 5861] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5867] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] <... ioctl resumed>, 0x7ffd29c2dfc0) = 8
[pid 5867] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5864] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5867] <... ioctl resumed>, 0x7ffd29c2dfc0) = 4
[pid 5864] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2dfc0) = 9
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5861] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5864] <... ioctl resumed>, 0x7ffd29c2dfc0) = 4
[pid 5861] <... ioctl resumed>, 0x7ffd29c2dfc0) = 8
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd29c2dfc0) = 8
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd29c2dfc0) = 27
[pid 5864] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5864] <... ioctl resumed>, 0x7ffd29c2dfc0) = 8
[pid 5867] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[ 129.905460][ T918] em28xx 2-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[ 129.911120][ T976] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 129.922714][ T918] em28xx 2-1:0.132: Video interface 132 found:
[ 129.930210][ T5870] usb 5-1: config 0 has an invalid interface number: 132 but max is 0
[ 129.944342][ T5870] usb 5-1: config 0 has no interface number 0
[ 129.950574][ T976] usb 1-1: Product: syz
[ 129.955647][ T5870] usb 5-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2dfc0) = 8
[pid 5864] <... ioctl resumed>, 0x7ffd29c2dfc0) = 8
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5864] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5867] <... ioctl resumed>, 0x7ffd29c2dfc0) = 8
[pid 5868] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5867] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5864] <... ioctl resumed>, 0x7ffd29c2dfc0) = 8
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2dfc0) = 4
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2dfc0) = 8
[ 129.966385][ T976] usb 1-1: Manufacturer: syz
[ 129.971465][ T976] usb 1-1: SerialNumber: syz
[ 129.981577][ T976] usb 1-1: config 0 descriptor??
[ 129.987634][ T10] usb 3-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[ 129.997429][ T9] usb 4-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[ 130.008159][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5861] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EP0_WRITE <unfinished ...>
[pid 5861] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0x2) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fb3d582f3ec) = -1 EINVAL (Invalid argument)
[pid 5861] ioctl(3, USB_RAW_IOCTL_EP0_READ <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2dfc0) = 8
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5861] <... ioctl resumed>, 0x7ffd29c2dfc0) = 0
[pid 5868] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd29c2dfc0) = 8
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffd29c2dfc0) = 8
[ 130.016270][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 130.029007][ T976] em28xx 1-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[ 130.039390][ T9] usb 4-1: Product: syz
[ 130.043631][ T9] usb 4-1: Manufacturer: syz
[ 130.048748][ T10] usb 3-1: Product: syz
[ 130.052940][ T10] usb 3-1: Manufacturer: syz
[ 130.057825][ T9] usb 4-1: SerialNumber: syz
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2f000) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd29c2dff0) = 1
[pid 5864] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0x2) = 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fb3d582f3ec) = -1 EINVAL (Invalid argument)
[pid 5864] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd29c2dfc0) = 0
[ 130.063444][ T5870] usb 5-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[ 130.072799][ T10] usb 3-1: SerialNumber: syz
[ 130.077556][ T976] em28xx 1-1:0.132: Video interface 132 found:
[ 130.083874][ T5870] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 130.097132][ T10] usb 3-1: config 0 descriptor??
[ 130.104253][ T9] usb 4-1: config 0 descriptor??
[ 130.110599][ T5870] usb 5-1: Product: syz
[pid 5867] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5867] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0x2) = 0
[pid 5867] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid 5867] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fb3d582f3ec) = -1 EINVAL (Invalid argument)
[pid 5867] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd29c2dfc0) = 0
[pid 5868] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[ 130.118447][ T10] em28xx 3-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[ 130.128732][ T5870] usb 5-1: Manufacturer: syz
[ 130.133811][ T5870] usb 5-1: SerialNumber: syz
[ 130.141947][ T9] em28xx 4-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[ 130.152018][ T10] em28xx 3-1:0.132: Video interface 132 found:
[ 130.159855][ T9] em28xx 4-1:0.132: Video interface 132 found:
[pid 5868] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0x2) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fb3d582f3ec) = -1 EINVAL (Invalid argument)
[pid 5868] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd29c2dfc0) = 0
[ 130.167503][ T5870] usb 5-1: config 0 descriptor??
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2f000) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd29c2dff0) = 1
[ 130.194340][ T5870] em28xx 5-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[ 130.204227][ T5870] em28xx 5-1:0.132: Video interface 132 found:
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2f000) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EP0_STALL, 0) = 0
[pid 5863] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5863] <... ioctl resumed>, 0x7ffd29c2f000) = 0
[pid 5864] <... ioctl resumed>, 0x7ffd29c2f000) = 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_EP0_READ <unfinished ...>
[pid 5863] ioctl(3, USB_RAW_IOCTL_EP0_READ <unfinished ...>
[pid 5864] <... ioctl resumed>, 0x7ffd29c2dff0) = 1
[pid 5863] <... ioctl resumed>, 0x7ffd29c2dff0) = 1
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2f000) = 0
[pid 5867] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd29c2dff0) = 1
[ 130.308584][ T918] em28xx 2-1:0.132: unknown em28xx chip ID (0)
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2f000) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd29c2dff0) = 1
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2f000) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EP0_STALL, 0) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2f000) = 0
[pid 5861] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd29c2dff0) = 1
[ 130.452251][ T976] em28xx 1-1:0.132: unknown em28xx chip ID (0)
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5863] exit_group(0 <unfinished ...>
[pid 5864] <... ioctl resumed>, 0x7ffd29c2f000) = 0
[pid 5863] <... exit_group resumed>) = ?
[pid 5864] ioctl(3, USB_RAW_IOCTL_EP0_STALL, 0) = 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5863] +++ exited with 0 +++
[pid 5860] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5863, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
[pid 5860] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555678cd650) = 5877
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2f000) = 0
[pid 5867] ioctl(3, USB_RAW_IOCTL_EP0_STALL, 0) = 0
[pid 5867] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH./strace-static-x86_64: Process 5877 attached
<unfinished ...>
[pid 5877] set_robust_list(0x5555678cd660, 24 <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2f000) = 0
[pid 5864] <... ioctl resumed>, 0x7ffd29c2f000) = 0
[pid 5864] ioctl(3, USB_RAW_IOCTL_EP0_READ <unfinished ...>
[pid 5877] <... set_robust_list resumed>) = 0
[pid 5867] ioctl(3, USB_RAW_IOCTL_EP0_READ <unfinished ...>
[pid 5877] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid 5867] <... ioctl resumed>, 0x7ffd29c2dff0) = 1
[pid 5864] <... ioctl resumed>, 0x7ffd29c2dff0) = 1
[pid 5877] <... prctl resumed>) = 0
[pid 5877] setpgid(0, 0) = 0
[pid 5877] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5877] write(3, "1000", 4) = 4
[pid 5877] close(3) = 0
[pid 5877] write(1, "executing program\n", 18executing program
[ 130.532724][ T918] em28xx 2-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[ 130.533029][ T10] em28xx 3-1:0.132: unknown em28xx chip ID (0)
[ 130.542084][ T918] em28xx 2-1:0.132: board has no eeprom
[ 130.565554][ T9] em28xx 4-1:0.132: unknown em28xx chip ID (0)
) = 18
[pid 5877] setsockopt(-1, SOL_IP, IP_OPTIONS, "", 0) = -1 EBADF (Bad file descriptor)
[pid 5877] sendmsg(-1, NULL, MSG_DONTROUTE|MSG_WAITALL|MSG_CONFIRM|MSG_FASTOPEN|0x2000000) = -1 EBADF (Bad file descriptor)
[pid 5877] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2f000) = 0
[pid 5877] ioctl(3, USB_RAW_IOCTL_INIT <unfinished ...>
[pid 5868] ioctl(3, USB_RAW_IOCTL_EP0_STALL, 0) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5877] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5877] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 5877] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5877] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5868] <... ioctl resumed>, 0x7ffd29c2f000) = 0
[pid 5868] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffd29c2dff0) = 1
[ 130.615081][ T918] em28xx 2-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[ 130.619209][ T5870] em28xx 5-1:0.132: unknown em28xx chip ID (0)
[ 130.622941][ T918] em28xx 2-1:0.132: analog set to bulk mode.
[ 130.623877][ T52] em28xx 2-1:0.132: Registering V4L2 extension
[ 130.650361][ T918] usb 2-1: USB disconnect, device number 2
[pid 5861] exit_group(0) = ?
[pid 5861] +++ exited with 0 +++
[pid 5859] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5861, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid 5859] restart_syscall(<... resuming interrupted clone ...>) = 0
[ 130.664586][ T918] em28xx 2-1:0.132: Disconnecting em28xx
[ 130.679823][ T976] em28xx 1-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[pid 5859] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555678cd650) = 5882
./strace-static-x86_64: Process 5882 attached
[pid 5882] set_robust_list(0x5555678cd660, 24) = 0
[pid 5882] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5882] setpgid(0, 0) = 0
[pid 5882] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5882] write(3, "1000", 4) = 4
[pid 5882] close(3) = 0
executing program
[pid 5882] write(1, "executing program\n", 18) = 18
[pid 5882] setsockopt(-1, SOL_IP, IP_OPTIONS, "", 0) = -1 EBADF (Bad file descriptor)
[pid 5882] sendmsg(-1, NULL, MSG_DONTROUTE|MSG_WAITALL|MSG_CONFIRM|MSG_FASTOPEN|0x2000000) = -1 EBADF (Bad file descriptor)
[pid 5882] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 5882] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffd29c2efd0) = 0
[pid 5882] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 5882] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[ 130.702586][ T976] em28xx 1-1:0.132: board has no eeprom
[pid 5882] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5867] exit_group(0 <unfinished ...>
[pid 5864] exit_group(0 <unfinished ...>
[pid 5867] <... exit_group resumed>) = ?
[pid 5864] <... exit_group resumed>) = ?
[pid 5867] +++ exited with 0 +++
[pid 5865] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5867, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid 5865] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid 5864] +++ exited with 0 +++
[pid 5862] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5864, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
[pid 5862] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid 5865] <... restart_syscall resumed>) = 0
[pid 5862] <... clone resumed>, child_tidptr=0x5555678cd650) = 5885
[ 130.783085][ T52] em28xx 2-1:0.132: Config register raw data: 0xffffffed
[ 130.790910][ T976] em28xx 1-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[ 130.799272][ T52] em28xx 2-1:0.132: AC97 chip type couldn't be determined
[ 130.799302][ T52] em28xx 2-1:0.132: No AC97 audio processor
[ 130.810787][ T9] em28xx 4-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[pid 5865] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5885 attached
<unfinished ...>
[pid 5885] set_robust_list(0x5555678cd660, 24) = 0
[pid 5885] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5885] setpgid(0, 0) = 0
[pid 5885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5885] write(3, "1000", 4) = 4
[pid 5885] close(3) = 0
[pid 5885] write(1, "executing program\n", 18executing program
) = 18
[pid 5885] setsockopt(-1, SOL_IP, IP_OPTIONS, "", 0) = -1 EBADF (Bad file descriptor)
[pid 5885] sendmsg(-1, NULL, MSG_DONTROUTE|MSG_WAITALL|MSG_CONFIRM|MSG_FASTOPEN|0x2000000) = -1 EBADF (Bad file descriptor)
[pid 5885] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 5885] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffd29c2efd0) = 0
[pid 5885] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 5868] exit_group(0) = ?
[pid 5865] <... clone resumed>, child_tidptr=0x5555678cd650) = 5886
[pid 5885] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[pid 5885] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH./strace-static-x86_64: Process 5886 attached
<unfinished ...>
[pid 5868] +++ exited with 0 +++
[pid 5886] set_robust_list(0x5555678cd660, 24 <unfinished ...>
[pid 5866] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5868, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
[pid 5886] <... set_robust_list resumed>) = 0
[pid 5866] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid 5886] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5886] setpgid(0, 0) = 0
[pid 5886] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5886] write(3, "1000", 4) = 4
[ 130.831703][ T10] em28xx 3-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[ 130.850753][ T52] usb 2-1: Decoder not found
[ 130.855436][ T976] em28xx 1-1:0.132: analog set to bulk mode.
[ 130.862048][ T9] em28xx 4-1:0.132: board has no eeprom
executing program
executing program
[pid 5886] close(3) = 0
[pid 5886] write(1, "executing program\n", 18) = 18
[pid 5886] setsockopt(-1, SOL_IP, IP_OPTIONS, "", 0) = -1 EBADF (Bad file descriptor)
[pid 5886] sendmsg(-1, NULL, MSG_DONTROUTE|MSG_WAITALL|MSG_CONFIRM|MSG_FASTOPEN|0x2000000) = -1 EBADF (Bad file descriptor)
[pid 5886] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 5886] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffd29c2efd0) = 0
[pid 5886] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN <unfinished ...>
[pid 5866] <... restart_syscall resumed>) = 0
[pid 5866] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5888 attached
, child_tidptr=0x5555678cd650) = 5888
[pid 5888] set_robust_list(0x5555678cd660, 24) = 0
[pid 5888] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5888] setpgid(0, 0) = 0
[pid 5886] <... ioctl resumed>, 0) = 0
[pid 5888] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5886] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5888] write(3, "1000", 4 <unfinished ...>
[pid 5886] <... ioctl resumed>, 0x7ffd29c2efd0) = 0
[pid 5888] <... write resumed>) = 4
[pid 5886] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH <unfinished ...>
[pid 5888] close(3) = 0
[pid 5888] write(1, "executing program\n", 18) = 18
[pid 5888] setsockopt(-1, SOL_IP, IP_OPTIONS, "", 0) = -1 EBADF (Bad file descriptor)
[pid 5888] sendmsg(-1, NULL, MSG_DONTROUTE|MSG_WAITALL|MSG_CONFIRM|MSG_FASTOPEN|0x2000000) = -1 EBADF (Bad file descriptor)
[pid 5888] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 5888] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffd29c2efd0) = 0
[pid 5888] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 5888] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffd29c2efd0) = 0
[ 130.884622][ T5870] em28xx 5-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[ 130.890666][ T52] em28xx 2-1:0.132: failed to create media graph
[ 130.893936][ T10] em28xx 3-1:0.132: board has no eeprom
[ 130.912483][ T976] usb 1-1: USB disconnect, device number 2
[ 130.919293][ T5870] em28xx 5-1:0.132: board has no eeprom
[ 130.925940][ T52] em28xx 2-1:0.132: V4L2 device video103 deregistered
[ 130.926999][ T976] em28xx 1-1:0.132: Disconnecting em28xx
[ 130.951791][ T52] em28xx 2-1:0.132: Remote control support is not available for this card.
[ 130.962210][ T5875] em28xx 1-1:0.132: Registering V4L2 extension
[ 130.974533][ T9] em28xx 4-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[ 130.982403][ T9] em28xx 4-1:0.132: analog set to bulk mode.
[ 130.994495][ T5870] em28xx 5-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[ 131.002352][ T5870] em28xx 5-1:0.132: analog set to bulk mode.
[ 131.009748][ T10] em28xx 3-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[ 131.017855][ T10] em28xx 3-1:0.132: analog set to bulk mode.
[ 131.029889][ T9] usb 4-1: USB disconnect, device number 2
[ 131.037259][ T5870] usb 5-1: USB disconnect, device number 2
[ 131.047092][ T9] em28xx 4-1:0.132: Disconnecting em28xx
[ 131.056309][ T10] usb 3-1: USB disconnect, device number 2
[ 131.063185][ T10] em28xx 3-1:0.132: Disconnecting em28xx
[ 131.069004][ T5870] em28xx 5-1:0.132: Disconnecting em28xx
[ 131.103263][ T5875] em28xx 1-1:0.132: Config register raw data: 0xffffffed
[ 131.110850][ T5875] em28xx 1-1:0.132: AC97 chip type couldn't be determined
[ 131.118014][ T5875] em28xx 1-1:0.132: No AC97 audio processor
[ 131.125646][ T5875] usb 1-1: Decoder not found
[ 131.130287][ T5875] em28xx 1-1:0.132: failed to create media graph
[ 131.136768][ T5875] em28xx 1-1:0.132: V4L2 device video103 deregistered
[ 131.147618][ T5875] em28xx 1-1:0.132: Remote control support is not available for this card.
[ 131.156435][ T918] em28xx 2-1:0.132: Closing input extension
[ 131.162874][ T5890] em28xx 4-1:0.132: Registering V4L2 extension
[ 131.177220][ T918] em28xx 2-1:0.132: Freeing device
[ 131.270771][ T5890] em28xx 4-1:0.132: Config register raw data: 0xffffffed
[ 131.279197][ T5890] em28xx 4-1:0.132: AC97 chip type couldn't be determined
[ 131.286840][ T5890] em28xx 4-1:0.132: No AC97 audio processor
[ 131.296149][ T5890] usb 4-1: Decoder not found
[ 131.300847][ T5890] em28xx 4-1:0.132: failed to create media graph
[ 131.309053][ T5890] em28xx 4-1:0.132: V4L2 device video103 deregistered
[ 131.317199][ T5890] em28xx 4-1:0.132: Remote control support is not available for this card.
[ 131.317409][ T5900] ==================================================================
[ 131.325867][ T5893] em28xx 3-1:0.132: Registering V4L2 extension
[ 131.333859][ T5900] BUG: KASAN: slab-use-after-free in v4l2_fh_open+0xc8/0x430
[ 131.347406][ T5900] Read of size 8 at addr ffff888034820738 by task v4l_id/5900
[ 131.354883][ T5900]
[ 131.357242][ T5900] CPU: 1 UID: 0 PID: 5900 Comm: v4l_id Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full)
[ 131.357266][ T5900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 131.357281][ T5900] Call Trace:
[ 131.357288][ T5900] <TASK>
[ 131.357296][ T5900] dump_stack_lvl+0x241/0x360
[ 131.357327][ T5900] ? __pfx_dump_stack_lvl+0x10/0x10
[ 131.357353][ T5900] ? rcu_is_watching+0x15/0xb0
[ 131.357370][ T5900] ? __virt_addr_valid+0x183/0x530
[ 131.357394][ T5900] ? lock_release+0x4e/0x3e0
[ 131.357421][ T5900] ? __virt_addr_valid+0x183/0x530
[ 131.357444][ T5900] ? __virt_addr_valid+0x183/0x530
[ 131.357468][ T5900] print_report+0x16e/0x5b0
[ 131.357490][ T5900] ? __virt_addr_valid+0x183/0x530
[ 131.357513][ T5900] ? __virt_addr_valid+0x183/0x530
[ 131.357535][ T5900] ? __virt_addr_valid+0x45f/0x530
[ 131.357557][ T5900] ? __phys_addr+0xba/0x170
[ 131.357580][ T5900] ? v4l2_fh_open+0xc8/0x430
[ 131.357596][ T5900] kasan_report+0x143/0x180
[ 131.357614][ T5900] ? v4l2_fh_open+0xc8/0x430
[ 131.357633][ T5900] v4l2_fh_open+0xc8/0x430
[ 131.357653][ T5900] em28xx_v4l2_open+0x14c/0x9e0
[ 131.357690][ T5900] v4l2_open+0x22f/0x370
[ 131.357716][ T5900] chrdev_open+0x514/0x600
[ 131.357733][ T5900] ? __pfx_chrdev_open+0x10/0x10
[ 131.357749][ T5900] ? file_set_fsnotify_mode_from_watchers+0x123/0x640
[ 131.357778][ T5900] ? __pfx_chrdev_open+0x10/0x10
[ 131.357793][ T5900] do_dentry_open+0xdec/0x1960
[ 131.357814][ T5900] ? vfs_open+0x31/0x370
[ 131.357833][ T5900] vfs_open+0x3b/0x370
[ 131.357851][ T5900] path_openat+0x2caf/0x35d0
[ 131.357885][ T5900] ? stack_depot_save_flags+0x44/0x940
[ 131.357911][ T5900] ? __pfx_features_show+0x1/0x10
[ 131.357940][ T5900] ? kasan_save_track+0x51/0x80
[ 131.357965][ T5900] ? __pfx_path_openat+0x10/0x10
[ 131.357985][ T5900] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 131.358012][ T5900] do_filp_open+0x284/0x4e0
[ 131.358034][ T5900] ? __pfx_do_filp_open+0x10/0x10
[ 131.358053][ T5900] ? do_raw_spin_lock+0x151/0x370
[ 131.358090][ T5900] do_sys_openat2+0x12b/0x1d0
[ 131.358110][ T5900] ? __pfx_do_sys_openat2+0x10/0x10
[ 131.358131][ T5900] ? lock_vma_under_rcu+0x1f0/0x9a0
[ 131.358153][ T5900] __x64_sys_openat+0x249/0x2a0
[ 131.358173][ T5900] ? __pfx___x64_sys_openat+0x10/0x10
[ 131.358197][ T5900] ? do_syscall_64+0xb6/0x210
[ 131.358217][ T5900] do_syscall_64+0xf3/0x210
[ 131.358235][ T5900] ? clear_bhb_loop+0x45/0xa0
[ 131.358254][ T5900] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 131.358271][ T5900] RIP: 0033:0x7f0a8d5169a4
[ 131.358291][ T5900] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83
[ 131.358306][ T5900] RSP: 002b:00007ffd449415b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 131.358328][ T5900] RAX: ffffffffffffffda RBX: 00007ffd449417c8 RCX: 00007f0a8d5169a4
[ 131.358341][ T5900] RDX: 0000000000000000 RSI: 00007ffd44942f1d RDI: 00000000ffffff9c
[ 131.358353][ T5900] RBP: 00007ffd44942f1d R08: 0000000000000000 R09: 0000000000000000
[ 131.358364][ T5900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 131.358374][ T5900] R13: 00007ffd449417e0 R14: 00005611aadea670 R15: 00007f0a8da28a80
[ 131.358393][ T5900] </TASK>
[ 131.358399][ T5900]
[ 131.673572][ T5900] Allocated by task 5890:
[ 131.677902][ T5900] kasan_save_track+0x3f/0x80
[ 131.682587][ T5900] __kasan_kmalloc+0x9d/0xb0
[ 131.687180][ T5900] __kmalloc_cache_noprof+0x236/0x370
[ 131.692550][ T5900] em28xx_v4l2_init+0xfd/0x2f70
[ 131.697399][ T5900] em28xx_init_extension+0x120/0x1c0
[ 131.702701][ T5900] process_scheduled_works+0xac3/0x18e0
[ 131.708243][ T5900] worker_thread+0x870/0xd50
[ 131.712830][ T5900] kthread+0x7b7/0x940
[ 131.716896][ T5900] ret_from_fork+0x4b/0x80
[ 131.721301][ T5900] ret_from_fork_asm+0x1a/0x30
[ 131.726055][ T5900]
[ 131.728370][ T5900] Freed by task 5890:
[ 131.732368][ T5900] kasan_save_track+0x3f/0x80
[ 131.737050][ T5900] kasan_save_free_info+0x40/0x50
[ 131.742098][ T5900] __kasan_slab_free+0x59/0x70
[ 131.746873][ T5900] kfree+0x198/0x430
[ 131.750786][ T5900] em28xx_v4l2_init+0x16fc/0x2f70
[ 131.755814][ T5900] em28xx_init_extension+0x120/0x1c0
[ 131.761106][ T5900] process_scheduled_works+0xac3/0x18e0
[ 131.766656][ T5900] worker_thread+0x870/0xd50
[ 131.771259][ T5900] kthread+0x7b7/0x940
[ 131.775343][ T5900] ret_from_fork+0x4b/0x80
[ 131.779762][ T5900] ret_from_fork_asm+0x1a/0x30
[ 131.784525][ T5900]
[ 131.786846][ T5900] The buggy address belongs to the object at ffff888034820000
[ 131.786846][ T5900] which belongs to the cache kmalloc-8k of size 8192
[ 131.800914][ T5900] The buggy address is located 1848 bytes inside of
[ 131.800914][ T5900] freed 8192-byte region [ffff888034820000, ffff888034822000)
[ 131.814890][ T5900]
[ 131.817230][ T5900] The buggy address belongs to the physical page:
[ 131.823650][ T5900] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34820
[ 131.832422][ T5900] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 131.840919][ T5900] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 131.848471][ T5900] page_type: f5(slab)
[ 131.852449][ T5900] raw: 00fff00000000040 ffff88801b042280 ffffea0001b1a400 0000000000000006
[ 131.861036][ T5900] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[ 131.869639][ T5900] head: 00fff00000000040 ffff88801b042280 ffffea0001b1a400 0000000000000006
[ 131.878319][ T5900] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[ 131.886996][ T5900] head: 00fff00000000003 ffffea0000d20801 00000000ffffffff 00000000ffffffff
[ 131.895665][ T5900] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 131.904324][ T5900] page dumped because: kasan: bad access detected
[ 131.910746][ T5900] page_owner tracks the page as allocated
[ 131.916452][ T5900] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5514, tgid 5514 (dhcpcd-run-hook), ts 52977829806, free_ts 52951577787
[ 131.937300][ T5900] post_alloc_hook+0x1f4/0x240
[ 131.942068][ T5900] get_page_from_freelist+0x360a/0x37a0
[ 131.947618][ T5900] __alloc_frozen_pages_noprof+0x211/0x5b0
[ 131.953438][ T5900] alloc_pages_mpol+0x339/0x690
[ 131.958285][ T5900] allocate_slab+0x8f/0x3b0
[ 131.962783][ T5900] ___slab_alloc+0xc3b/0x1500
[ 131.967458][ T5900] __slab_alloc+0x58/0xa0
[ 131.971785][ T5900] __kmalloc_cache_noprof+0x26a/0x370
[ 131.977157][ T5900] tomoyo_init_log+0x121e/0x2150
[ 131.982108][ T5900] tomoyo_supervisor+0x3c0/0x18b0
[ 131.987148][ T5900] tomoyo_env_perm+0x17b/0x220
[ 131.991917][ T5900] tomoyo_find_next_domain+0x1497/0x1dd0
[ 131.997566][ T5900] tomoyo_bprm_check_security+0x11a/0x180
[ 132.003309][ T5900] security_bprm_check+0x86/0x250
[ 132.008340][ T5900] bprm_execve+0x903/0x1430
[ 132.012855][ T5900] do_execveat_common+0x57c/0x710
[ 132.017890][ T5900] page last free pid 5513 tgid 5513 stack trace:
[ 132.024212][ T5900] __free_frozen_pages+0xde8/0x10a0
[ 132.029504][ T5900] __slab_free+0x2c6/0x390
[ 132.033926][ T5900] qlist_free_all+0x9a/0x140
[ 132.038516][ T5900] kasan_quarantine_reduce+0x14f/0x170
[ 132.043971][ T5900] __kasan_slab_alloc+0x23/0x80
[ 132.048824][ T5900] __kmalloc_cache_noprof+0x1c8/0x370
[ 132.054197][ T5900] tomoyo_init_log+0x1c6/0x2150
[ 132.059049][ T5900] tomoyo_supervisor+0x3c0/0x18b0
[ 132.064070][ T5900] tomoyo_path_permission+0x243/0x360
[ 132.069437][ T5900] tomoyo_path_perm+0x4c9/0x640
[ 132.074285][ T5900] security_inode_getattr+0x130/0x330
[ 132.079652][ T5900] vfs_fstatat+0xa5/0x150
[ 132.083978][ T5900] __x64_sys_newfstatat+0x11f/0x1a0
[ 132.089172][ T5900] do_syscall_64+0xf3/0x210
[ 132.093674][ T5900] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 132.099562][ T5900]
[ 132.101883][ T5900] Memory state around the buggy address:
[ 132.107504][ T5900] ffff888034820600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 132.115558][ T5900] ffff888034820680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 132.123700][ T5900] >ffff888034820700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 132.131744][ T5900] ^
[ 132.137626][ T5900] ffff888034820780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 132.145675][ T5900] ffff888034820800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 132.153725][ T5900] ==================================================================
[ 132.162663][ T5900] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 132.169884][ T5900] CPU: 1 UID: 0 PID: 5900 Comm: v4l_id Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full)
[ 132.181563][ T5900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 132.191628][ T5900] Call Trace:
[ 132.194926][ T5900] <TASK>
[ 132.197874][ T5900] dump_stack_lvl+0x241/0x360
[ 132.202586][ T5900] ? __pfx_dump_stack_lvl+0x10/0x10
[ 132.207924][ T5900] ? __pfx__printk+0x10/0x10
[ 132.212535][ T5900] ? vprintk_emit+0x81f/0xa40
[ 132.217339][ T5900] ? vscnprintf+0x5d/0x90
[ 132.221699][ T5900] panic+0x349/0x880
[ 132.225617][ T5900] ? check_panic_on_warn+0x21/0xb0
[ 132.230753][ T5900] ? __pfx_panic+0x10/0x10
[ 132.235202][ T5900] ? _raw_spin_unlock_irqrestore+0x134/0x140
[ 132.241210][ T5900] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 132.247573][ T5900] check_panic_on_warn+0x86/0xb0
[ 132.252537][ T5900] ? v4l2_fh_open+0xc8/0x430
[ 132.257151][ T5900] end_report+0x77/0x160
[ 132.261406][ T5900] kasan_report+0x154/0x180
[ 132.265931][ T5900] ? v4l2_fh_open+0xc8/0x430
[ 132.270545][ T5900] v4l2_fh_open+0xc8/0x430
[ 132.274982][ T5900] em28xx_v4l2_open+0x14c/0x9e0
[ 132.279865][ T5900] v4l2_open+0x22f/0x370
[ 132.284138][ T5900] chrdev_open+0x514/0x600
[ 132.288577][ T5900] ? __pfx_chrdev_open+0x10/0x10
[ 132.293539][ T5900] ? file_set_fsnotify_mode_from_watchers+0x123/0x640
[ 132.300343][ T5900] ? __pfx_chrdev_open+0x10/0x10
[ 132.305303][ T5900] do_dentry_open+0xdec/0x1960
[ 132.310087][ T5900] ? vfs_open+0x31/0x370
[ 132.314339][ T5900] vfs_open+0x3b/0x370
[ 132.318420][ T5900] path_openat+0x2caf/0x35d0
[ 132.323033][ T5900] ? stack_depot_save_flags+0x44/0x940
[ 132.328505][ T5900] ? __pfx_features_show+0x1/0x10
[ 132.333541][ T5900] ? kasan_save_track+0x51/0x80
[ 132.338400][ T5900] ? __pfx_path_openat+0x10/0x10
[ 132.343335][ T5900] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 132.349405][ T5900] do_filp_open+0x284/0x4e0
[ 132.353916][ T5900] ? __pfx_do_filp_open+0x10/0x10
[ 132.358938][ T5900] ? do_raw_spin_lock+0x151/0x370
[ 132.363975][ T5900] do_sys_openat2+0x12b/0x1d0
[ 132.368653][ T5900] ? __pfx_do_sys_openat2+0x10/0x10
[ 132.373865][ T5900] ? lock_vma_under_rcu+0x1f0/0x9a0
[ 132.379087][ T5900] __x64_sys_openat+0x249/0x2a0
[ 132.383945][ T5900] ? __pfx___x64_sys_openat+0x10/0x10
[ 132.389325][ T5900] ? do_syscall_64+0xb6/0x210
[ 132.394013][ T5900] do_syscall_64+0xf3/0x210
[ 132.398516][ T5900] ? clear_bhb_loop+0x45/0xa0
[ 132.403196][ T5900] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 132.409087][ T5900] RIP: 0033:0x7f0a8d5169a4
[ 132.413500][ T5900] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83
[ 132.433102][ T5900] RSP: 002b:00007ffd449415b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 132.441684][ T5900] RAX: ffffffffffffffda RBX: 00007ffd449417c8 RCX: 00007f0a8d5169a4
[ 132.449654][ T5900] RDX: 0000000000000000 RSI: 00007ffd44942f1d RDI: 00000000ffffff9c
[ 132.457620][ T5900] RBP: 00007ffd44942f1d R08: 0000000000000000 R09: 0000000000000000
[ 132.465580][ T5900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 132.473550][ T5900] R13: 00007ffd449417e0 R14: 00005611aadea670 R15: 00007f0a8da28a80
[ 132.481526][ T5900] </TASK>
[ 132.484888][ T5900] Kernel Offset: disabled
[ 132.489244][ T5900] Rebooting in 86400 seconds..