./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2753269657 <...> [ 3.527920][ T28] audit: type=1400 audit(1685599791.305:10): avc: denied { getattr } for pid=81 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 3.819954][ T98] udevd[98]: starting version 3.2.11 [ 3.853818][ T99] udevd[99]: starting eudev-3.2.11 [ 5.329957][ T183] sshd (183) used greatest stack depth: 22448 bytes left [ 12.506394][ T28] kauditd_printk_skb: 50 callbacks suppressed [ 12.506409][ T28] audit: type=1400 audit(1685599800.335:61): avc: denied { transition } for pid=223 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 12.516571][ T28] audit: type=1400 audit(1685599800.335:62): avc: denied { noatsecure } for pid=223 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 12.523787][ T28] audit: type=1400 audit(1685599800.335:63): avc: denied { write } for pid=223 comm="sh" path="pipe:[13560]" dev="pipefs" ino=13560 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 12.530907][ T28] audit: type=1400 audit(1685599800.335:64): avc: denied { rlimitinh } for pid=223 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 12.535986][ T28] audit: type=1400 audit(1685599800.335:65): avc: denied { siginh } for pid=223 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.1.10' (ECDSA) to the list of known hosts. execve("./syz-executor2753269657", ["./syz-executor2753269657"], 0x7fff93fe2fa0 /* 10 vars */) = 0 brk(NULL) = 0x555556380000 brk(0x555556380c40) = 0x555556380c40 arch_prctl(ARCH_SET_FS, 0x555556380300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2753269657", 4096) = 28 brk(0x5555563a1c40) = 0x5555563a1c40 brk(0x5555563a2000) = 0x5555563a2000 mprotect(0x7fea981e8000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563805d0) = 294 ./strace-static-x86_64: Process 294 attached [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 295 attached [pid 293] <... clone resumed>, child_tidptr=0x5555563805d0) = 295 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563805d0) = 296 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563805d0) = 297 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 297 attached ./strace-static-x86_64: Process 296 attached [pid 294] <... clone resumed>, child_tidptr=0x5555563805d0) = 298 [pid 293] <... clone resumed>, child_tidptr=0x5555563805d0) = 299 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563805d0) = 300 [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 300 attached [pid 300] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563805d0) = 301 ./strace-static-x86_64: Process 298 attached [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 299 attached [pid 298] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 298] <... prctl resumed>) = 0 [pid 298] setpgid(0, 0) = 0 [pid 298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 299] <... clone resumed>, child_tidptr=0x5555563805d0) = 302 [pid 298] <... openat resumed>) = 3 [pid 298] write(3, "1000", 4) = 4 [pid 298] close(3) = 0 [pid 298] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME./strace-static-x86_64: Process 305 attached ./strace-static-x86_64: Process 304 attached ./strace-static-x86_64: Process 302 attached ./strace-static-x86_64: Process 303 attached ./strace-static-x86_64: Process 301 attached ) = 3 [pid 297] <... clone resumed>, child_tidptr=0x5555563805d0) = 303 [pid 305] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 304] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 303] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 301] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 296] <... clone resumed>, child_tidptr=0x5555563805d0) = 304 [pid 295] <... clone resumed>, child_tidptr=0x5555563805d0) = 305 [pid 305] <... prctl resumed>) = 0 [pid 304] <... prctl resumed>) = 0 [pid 303] <... prctl resumed>) = 0 [pid 301] <... prctl resumed>) = 0 [pid 305] setpgid(0, 0 [pid 304] setpgid(0, 0 [pid 303] setpgid(0, 0 [pid 301] setpgid(0, 0 [pid 305] <... setpgid resumed>) = 0 [pid 304] <... setpgid resumed>) = 0 [pid 303] <... setpgid resumed>) = 0 [pid 301] <... setpgid resumed>) = 0 [pid 305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 305] <... openat resumed>) = 3 [pid 304] <... openat resumed>) = 3 [pid 303] <... openat resumed>) = 3 [pid 301] <... openat resumed>) = 3 [pid 305] write(3, "1000", 4 [pid 304] write(3, "1000", 4 [pid 303] write(3, "1000", 4 [pid 301] write(3, "1000", 4 [pid 305] <... write resumed>) = 4 [pid 304] <... write resumed>) = 4 [pid 303] <... write resumed>) = 4 [pid 301] <... write resumed>) = 4 [pid 305] close(3 [pid 304] close(3 [pid 303] close(3 [pid 301] close(3 [pid 305] <... close resumed>) = 0 [pid 304] <... close resumed>) = 0 [pid 303] <... close resumed>) = 0 [pid 301] <... close resumed>) = 0 [pid 305] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 304] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 302] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 298] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 302] <... prctl resumed>) = 0 [pid 303] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 304] <... openat resumed>) = 3 [pid 302] setpgid(0, 0 [pid 301] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 304] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 302] <... setpgid resumed>) = 0 [pid 302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 302] write(3, "1000", 4) = 4 [pid 302] close(3) = 0 [pid 302] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 305] <... openat resumed>) = 3 [pid 303] <... openat resumed>) = 3 [pid 301] <... openat resumed>) = 3 [ 22.622294][ T28] audit: type=1400 audit(1685599810.445:66): avc: denied { execmem } for pid=293 comm="syz-executor275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 22.637100][ T28] audit: type=1400 audit(1685599810.465:67): avc: denied { write } for pid=298 comm="syz-executor275" name="001" dev="devtmpfs" ino=152 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 22.650687][ T298] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor275' sets config #0 [ 22.660184][ T304] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor275' sets config #0 [pid 305] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 303] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 304] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 301] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 298] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 305] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 304] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 298] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 302] <... openat resumed>) = 3 [pid 302] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 305] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 303] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 303] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 301] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 301] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 305] <... openat resumed>) = 4 [pid 304] <... openat resumed>) = 4 [pid 305] ioctl(4, USBDEVFS_IOCTL [pid 304] ioctl(4, USBDEVFS_IOCTL [pid 302] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 303] <... openat resumed>) = 4 [pid 301] <... openat resumed>) = 4 [pid 298] <... openat resumed>) = 4 [pid 305] <... ioctl resumed>, 0x20000040) = 0 [pid 304] <... ioctl resumed>, 0x20000040) = -1 ENODATA (No data available) [pid 302] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 298] ioctl(4, USBDEVFS_IOCTL [pid 305] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 304] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 302] <... openat resumed>) = 4 [pid 298] <... ioctl resumed>, 0x20000040) = -1 ENODATA (No data available) [pid 305] <... openat resumed>) = 5 [pid 304] <... openat resumed>) = 5 [pid 302] ioctl(4, USBDEVFS_IOCTL [pid 298] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 305] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 304] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 302] <... ioctl resumed>, 0x20000040) = -1 ENODATA (No data available) [pid 298] <... openat resumed>) = 5 [pid 305] <... openat resumed>) = 6 [pid 304] <... openat resumed>) = 6 [pid 302] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 298] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 305] write(6, "3", 1 [pid 304] write(6, "3", 1 [pid 302] <... openat resumed>) = 5 [pid 298] <... openat resumed>) = 6 [pid 305] <... write resumed>) = 1 [pid 304] <... write resumed>) = 1 [pid 302] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 298] write(6, "3", 1 [pid 305] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 304] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 302] <... openat resumed>) = 6 [pid 298] <... write resumed>) = 1 [pid 303] ioctl(4, USBDEVFS_IOCTL [pid 301] ioctl(4, USBDEVFS_IOCTL [pid 302] write(6, "3", 1) = 1 [pid 302] ioctl(5, USBDEVFS_SETCONFIGURATION [ 22.669694][ T305] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor275' sets config #0 [ 22.679152][ T303] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor275' sets config #0 [ 22.688546][ T301] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor275' sets config #0 [ 22.697847][ T302] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor275' sets config #0 [ 22.709949][ T305] FAULT_INJECTION: forcing a failure. [ 22.709949][ T305] name failslab, interval 1, probability 0, space 0, times 1 [ 22.722481][ T305] CPU: 0 PID: 305 Comm: syz-executor275 Not tainted 6.1.25-syzkaller-00320-g78fe8913d1b2 #0 [ 22.732360][ T305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 22.742258][ T305] Call Trace: [ 22.745375][ T305] [ 22.748154][ T305] dump_stack_lvl+0x151/0x1b7 [ 22.752669][ T305] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 22.757970][ T305] ? __kernel_text_address+0xd/0x40 [ 22.762995][ T305] ? unwind_get_return_address+0x4d/0x90 [ 22.768468][ T305] dump_stack+0x15/0x1d [ 22.772458][ T305] should_fail_ex+0x3d0/0x520 [ 22.776970][ T305] ? usb_hcd_submit_urb+0x8c4/0x1b60 [ 22.782097][ T305] __should_failslab+0xaf/0xf0 [ 22.786689][ T305] should_failslab+0x9/0x20 [ 22.791037][ T305] __kmem_cache_alloc_node+0x3d/0x250 [ 22.796246][ T305] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 22.801192][ T305] ? _raw_spin_lock_irqsave+0x210/0x210 [ 22.806576][ T305] ? usb_hcd_submit_urb+0x8c4/0x1b60 [ 22.811689][ T305] __kmalloc+0xa3/0x1e0 [ 22.815680][ T305] ? usb_hcd_link_urb_to_ep+0x252/0x320 [ 22.821060][ T305] usb_hcd_submit_urb+0x8c4/0x1b60 [ 22.826014][ T305] ? kasan_save_alloc_info+0x1f/0x30 [ 22.831130][ T305] ? usb_free_streams+0x40/0x4a0 [ 22.835902][ T305] ? dma_map_single_attrs+0x160/0x160 [ 22.841108][ T305] ? __x64_sys_ioctl+0x7b/0x90 [ 22.845714][ T305] ? do_syscall_64+0x3d/0xb0 [ 22.850139][ T305] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 22.856043][ T305] usb_submit_urb+0x118c/0x1840 [ 22.860732][ T305] usb_start_wait_urb+0x120/0x350 [ 22.865591][ T305] ? usb_api_blocking_completion+0xb0/0xb0 [ 22.871232][ T305] ? __kasan_check_write+0x14/0x20 [ 22.876180][ T305] usb_control_msg+0x2ad/0x4c0 [ 22.880782][ T305] ? usb_anchor_empty+0x40/0x40 [ 22.885467][ T305] ? bit_wait_io_timeout+0x120/0x120 [ 22.890585][ T305] usb_reset_configuration+0x172/0xa90 [ 22.895883][ T305] ? bit_wait_io_timeout+0x120/0x120 [ 22.901008][ T305] usbdev_ioctl+0x40c4/0x5f90 [ 22.905518][ T305] ? usbdev_poll+0x200/0x200 [ 22.909943][ T305] ? is_bpf_text_address+0x172/0x190 [ 22.915066][ T305] ? is_module_text_address+0x280/0x360 [ 22.920439][ T305] ? stack_trace_save+0x1c0/0x1c0 [ 22.925309][ T305] ? kernel_text_address+0xa9/0xe0 [ 22.930262][ T305] ? __kernel_text_address+0xd/0x40 [ 22.935290][ T305] ? _parse_integer_limit+0x19b/0x1e0 [ 22.940491][ T305] ? avc_has_extended_perms+0x90b/0x10f0 [ 22.945961][ T305] ? memcpy+0x56/0x70 [ 22.949774][ T305] ? avc_has_extended_perms+0xad7/0x10f0 [ 22.955250][ T305] ? __this_cpu_preempt_check+0x13/0x20 [ 22.960624][ T305] ? avc_flush+0x290/0x290 [ 22.964880][ T305] ? save_fpregs_to_fpstate+0x18f/0x220 [ 22.970265][ T305] ? do_vfs_ioctl+0xba7/0x29a0 [ 22.974866][ T305] ? __x64_compat_sys_ioctl+0x90/0x90 [ 22.980067][ T305] ? compat_start_thread+0x20/0x20 [ 22.985015][ T305] ? native_set_ldt+0x130/0x130 [ 22.989703][ T305] ? ioctl_has_perm+0x1f8/0x560 [ 22.994395][ T305] ? ioctl_has_perm+0x3f0/0x560 [ 22.999080][ T305] ? has_cap_mac_admin+0x3c0/0x3c0 [ 23.004025][ T305] ? __kasan_check_write+0x14/0x20 [ 23.008966][ T305] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 23.013916][ T305] ? cgroup_update_frozen+0x15f/0x980 [ 23.019132][ T305] ? selinux_file_ioctl+0x3cc/0x540 [ 23.024165][ T305] ? ptrace_stop+0x709/0x930 [ 23.028601][ T305] ? selinux_file_alloc_security+0x120/0x120 [ 23.034411][ T305] ? _raw_spin_unlock_irq+0x4d/0x70 [ 23.039438][ T305] ? ptrace_notify+0x249/0x350 [ 23.044040][ T305] ? security_file_ioctl+0x84/0xb0 [ 23.048990][ T305] ? usbdev_poll+0x200/0x200 [ 23.053419][ T305] __se_sys_ioctl+0x114/0x190 [ 23.057927][ T305] __x64_sys_ioctl+0x7b/0x90 [ 23.062353][ T305] do_syscall_64+0x3d/0xb0 [ 23.066601][ T305] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 23.072328][ T305] RIP: 0033:0x7fea9817b859 [ 23.076582][ T305] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 23.096025][ T305] RSP: 002b:00007ffe62e21f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 23.104267][ T305] RAX: ffffffffffffffda RBX: 00007fea981bf184 RCX: 00007fea9817b859 [ 23.112082][ T305] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [pid 298] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 305] <... ioctl resumed>, 0x20000040) = -1 ENOMEM (Cannot allocate memory) [pid 303] <... ioctl resumed>, 0x20000040) = -1 ENODATA (No data available) [pid 301] <... ioctl resumed>, 0x20000040) = -1 ENODATA (No data available) [pid 305] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 303] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [ 23.119888][ T305] RBP: 00007ffe62e21f90 R08: 0000000000000001 R09: 0000000000000000 [ 23.127702][ T305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 23.135513][ T305] R13: 0000000000000000 R14: 00007ffe62e21fb0 R15: 00007ffe62e21fa0 [ 23.143336][ T305] [ 23.148591][ T304] FAULT_INJECTION: forcing a failure. [ 23.148591][ T304] name failslab, interval 1, probability 0, space 0, times 0 [ 23.161394][ T304] CPU: 1 PID: 304 Comm: syz-executor275 Not tainted 6.1.25-syzkaller-00320-g78fe8913d1b2 #0 [ 23.171286][ T304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 23.181184][ T304] Call Trace: [ 23.184313][ T304] [ 23.187087][ T304] dump_stack_lvl+0x151/0x1b7 [ 23.191604][ T304] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 23.196892][ T304] ? __kernel_text_address+0xd/0x40 [ 23.201925][ T304] ? unwind_get_return_address+0x4d/0x90 [ 23.207394][ T304] dump_stack+0x15/0x1d [ 23.211385][ T304] should_fail_ex+0x3d0/0x520 [ 23.215908][ T304] ? usb_hcd_submit_urb+0x8c4/0x1b60 [ 23.221021][ T304] __should_failslab+0xaf/0xf0 [ 23.225622][ T304] should_failslab+0x9/0x20 [ 23.229965][ T304] __kmem_cache_alloc_node+0x3d/0x250 [ 23.235170][ T304] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 23.240121][ T304] ? _raw_spin_lock_irqsave+0x210/0x210 [ 23.245500][ T304] ? usb_hcd_submit_urb+0x8c4/0x1b60 [ 23.250617][ T304] __kmalloc+0xa3/0x1e0 [ 23.254610][ T304] ? usb_hcd_link_urb_to_ep+0x252/0x320 [ 23.259996][ T304] usb_hcd_submit_urb+0x8c4/0x1b60 [ 23.264945][ T304] ? kasan_save_alloc_info+0x1f/0x30 [ 23.270062][ T304] ? usb_free_streams+0x40/0x4a0 [ 23.274831][ T304] ? dma_map_single_attrs+0x160/0x160 [ 23.280043][ T304] ? __x64_sys_ioctl+0x7b/0x90 [ 23.284647][ T304] ? do_syscall_64+0x3d/0xb0 [ 23.289064][ T304] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 23.294983][ T304] usb_submit_urb+0x118c/0x1840 [ 23.299662][ T304] usb_start_wait_urb+0x120/0x350 [ 23.304522][ T304] ? usb_api_blocking_completion+0xb0/0xb0 [ 23.310166][ T304] ? __kasan_check_write+0x14/0x20 [ 23.315109][ T304] usb_control_msg+0x2ad/0x4c0 [ 23.319710][ T304] ? usb_anchor_empty+0x40/0x40 [ 23.324393][ T304] ? bit_wait_io_timeout+0x120/0x120 [ 23.329513][ T304] ? __kasan_check_write+0x14/0x20 [ 23.334470][ T304] usb_reset_configuration+0x172/0xa90 [ 23.339758][ T304] ? bit_wait_io_timeout+0x120/0x120 [ 23.344884][ T304] usbdev_ioctl+0x40c4/0x5f90 [ 23.349401][ T304] ? usbdev_poll+0x200/0x200 [ 23.353816][ T304] ? is_bpf_text_address+0x172/0x190 [ 23.358939][ T304] ? is_module_text_address+0x280/0x360 [ 23.364323][ T304] ? stack_trace_save+0x1c0/0x1c0 [ 23.369185][ T304] ? kernel_text_address+0xa9/0xe0 [ 23.374124][ T304] ? __kernel_text_address+0xd/0x40 [ 23.379165][ T304] ? _parse_integer_limit+0x19b/0x1e0 [ 23.384372][ T304] ? avc_has_extended_perms+0x90b/0x10f0 [ 23.389835][ T304] ? memcpy+0x56/0x70 [ 23.393667][ T304] ? avc_has_extended_perms+0xad7/0x10f0 [ 23.399126][ T304] ? __this_cpu_preempt_check+0x13/0x20 [ 23.404509][ T304] ? avc_flush+0x290/0x290 [ 23.408766][ T304] ? save_fpregs_to_fpstate+0x18f/0x220 [ 23.414141][ T304] ? do_vfs_ioctl+0xba7/0x29a0 [ 23.418736][ T304] ? __x64_compat_sys_ioctl+0x90/0x90 [ 23.423958][ T304] ? compat_start_thread+0x20/0x20 [ 23.428891][ T304] ? native_set_ldt+0x130/0x130 [ 23.433579][ T304] ? ioctl_has_perm+0x1f8/0x560 [ 23.438273][ T304] ? ioctl_has_perm+0x3f0/0x560 [ 23.442956][ T304] ? has_cap_mac_admin+0x3c0/0x3c0 [ 23.447903][ T304] ? __kasan_check_write+0x14/0x20 [ 23.452853][ T304] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 23.457792][ T304] ? cgroup_update_frozen+0x15f/0x980 [ 23.463001][ T304] ? selinux_file_ioctl+0x3cc/0x540 [ 23.468032][ T304] ? ptrace_stop+0x709/0x930 [ 23.472460][ T304] ? selinux_file_alloc_security+0x120/0x120 [ 23.478284][ T304] ? _raw_spin_unlock_irq+0x4d/0x70 [ 23.483308][ T304] ? ptrace_notify+0x249/0x350 [ 23.487925][ T304] ? security_file_ioctl+0x84/0xb0 [ 23.492856][ T304] ? usbdev_poll+0x200/0x200 [ 23.497292][ T304] __se_sys_ioctl+0x114/0x190 [ 23.501798][ T304] __x64_sys_ioctl+0x7b/0x90 [ 23.506227][ T304] do_syscall_64+0x3d/0xb0 [ 23.510486][ T304] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 23.516203][ T304] RIP: 0033:0x7fea9817b859 [ 23.520459][ T304] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 23.539989][ T304] RSP: 002b:00007ffe62e21f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 23.548232][ T304] RAX: ffffffffffffffda RBX: 00007fea981bf184 RCX: 00007fea9817b859 [ 23.556050][ T304] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [ 23.563860][ T304] RBP: 00007ffe62e21f90 R08: 0000000000000001 R09: 0000000000000000 [pid 301] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 304] <... ioctl resumed>, 0x20000040) = -1 ENOMEM (Cannot allocate memory) [ 23.571670][ T304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 23.579476][ T304] R13: 0000000000000000 R14: 00007ffe62e21fb0 R15: 00007ffe62e21fa0 [ 23.587298][ T304] [ 23.590330][ T302] FAULT_INJECTION: forcing a failure. [ 23.590330][ T302] name failslab, interval 1, probability 0, space 0, times 0 [ 23.602816][ T302] CPU: 0 PID: 302 Comm: syz-executor275 Not tainted 6.1.25-syzkaller-00320-g78fe8913d1b2 #0 [ 23.612615][ T302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 23.622511][ T302] Call Trace: [ 23.625635][ T302] [ 23.628412][ T302] dump_stack_lvl+0x151/0x1b7 [ 23.632927][ T302] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 23.638220][ T302] ? __kernel_text_address+0xd/0x40 [ 23.643253][ T302] ? unwind_get_return_address+0x4d/0x90 [ 23.648718][ T302] dump_stack+0x15/0x1d [ 23.652712][ T302] should_fail_ex+0x3d0/0x520 [ 23.657228][ T302] ? usb_hcd_submit_urb+0x8c4/0x1b60 [ 23.662345][ T302] __should_failslab+0xaf/0xf0 [ 23.666946][ T302] should_failslab+0x9/0x20 [ 23.671287][ T302] __kmem_cache_alloc_node+0x3d/0x250 [ 23.676495][ T302] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 23.681447][ T302] ? _raw_spin_lock_irqsave+0x210/0x210 [ 23.686824][ T302] ? usb_hcd_submit_urb+0x8c4/0x1b60 [ 23.691943][ T302] __kmalloc+0xa3/0x1e0 [ 23.696047][ T302] ? usb_hcd_link_urb_to_ep+0x252/0x320 [ 23.701445][ T302] usb_hcd_submit_urb+0x8c4/0x1b60 [ 23.706374][ T302] ? kasan_save_alloc_info+0x1f/0x30 [ 23.711493][ T302] ? usb_free_streams+0x40/0x4a0 [ 23.716263][ T302] ? dma_map_single_attrs+0x160/0x160 [ 23.721556][ T302] ? __x64_sys_ioctl+0x7b/0x90 [ 23.726154][ T302] ? do_syscall_64+0x3d/0xb0 [ 23.730582][ T302] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 23.736497][ T302] usb_submit_urb+0x118c/0x1840 [ 23.741177][ T302] usb_start_wait_urb+0x120/0x350 [ 23.746049][ T302] ? usb_api_blocking_completion+0xb0/0xb0 [ 23.751671][ T302] ? __kasan_check_write+0x14/0x20 [ 23.756620][ T302] usb_control_msg+0x2ad/0x4c0 [ 23.761219][ T302] ? usb_anchor_empty+0x40/0x40 [ 23.765904][ T302] ? bit_wait_io_timeout+0x120/0x120 [ 23.771030][ T302] usb_reset_configuration+0x172/0xa90 [ 23.776324][ T302] ? bit_wait_io_timeout+0x120/0x120 [ 23.781445][ T302] ? enqueue_task_fair+0xdf9/0x22b0 [ 23.786483][ T302] usbdev_ioctl+0x40c4/0x5f90 [ 23.790997][ T302] ? usbdev_poll+0x200/0x200 [ 23.795416][ T302] ? check_preempt_wakeup+0x7ca/0xb30 [ 23.800625][ T302] ? enqueue_task+0x195/0x1420 [ 23.805227][ T302] ? yield_to_task_fair+0x190/0x190 [ 23.810266][ T302] ? activate_task+0xb0/0xb0 [ 23.814686][ T302] ? __kasan_check_read+0x11/0x20 [ 23.819545][ T302] ? _parse_integer_limit+0x19b/0x1e0 [ 23.824752][ T302] ? avc_has_extended_perms+0x90b/0x10f0 [ 23.830225][ T302] ? memcpy+0x56/0x70 [ 23.834041][ T302] ? avc_has_extended_perms+0xad7/0x10f0 [ 23.839510][ T302] ? __this_cpu_preempt_check+0x13/0x20 [ 23.844889][ T302] ? avc_flush+0x290/0x290 [ 23.849139][ T302] ? save_fpregs_to_fpstate+0x18f/0x220 [ 23.854527][ T302] ? do_vfs_ioctl+0xba7/0x29a0 [ 23.859123][ T302] ? __x64_compat_sys_ioctl+0x90/0x90 [ 23.864331][ T302] ? compat_start_thread+0x20/0x20 [ 23.869278][ T302] ? native_set_ldt+0x130/0x130 [ 23.873966][ T302] ? ioctl_has_perm+0x1f8/0x560 [ 23.878652][ T302] ? ioctl_has_perm+0x3f0/0x560 [ 23.883341][ T302] ? has_cap_mac_admin+0x3c0/0x3c0 [ 23.888292][ T302] ? __kasan_check_write+0x14/0x20 [ 23.893233][ T302] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 23.898182][ T302] ? cgroup_update_frozen+0x15f/0x980 [ 23.903408][ T302] ? selinux_file_ioctl+0x3cc/0x540 [ 23.908424][ T302] ? ptrace_stop+0x709/0x930 [ 23.912847][ T302] ? selinux_file_alloc_security+0x120/0x120 [ 23.918666][ T302] ? _raw_spin_unlock_irq+0x4d/0x70 [ 23.923698][ T302] ? ptrace_notify+0x249/0x350 [ 23.928299][ T302] ? security_file_ioctl+0x84/0xb0 [ 23.933242][ T302] ? usbdev_poll+0x200/0x200 [ 23.937672][ T302] __se_sys_ioctl+0x114/0x190 [ 23.942184][ T302] __x64_sys_ioctl+0x7b/0x90 [ 23.946610][ T302] do_syscall_64+0x3d/0xb0 [ 23.950869][ T302] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 23.956591][ T302] RIP: 0033:0x7fea9817b859 [ 23.960844][ T302] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 23.980287][ T302] RSP: 002b:00007ffe62e21f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 23.988534][ T302] RAX: ffffffffffffffda RBX: 00007fea981bf184 RCX: 00007fea9817b859 [ 23.996343][ T302] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [ 24.004153][ T302] RBP: 00007ffe62e21f90 R08: 0000000000000001 R09: 0000000000000000 [ 24.011962][ T302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 24.019775][ T302] R13: 0000000000000000 R14: 00007ffe62e21fb0 R15: 00007ffe62e21fa0 [pid 304] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 302] <... ioctl resumed>, 0x20000040) = -1 ENOMEM (Cannot allocate memory) [ 24.027589][ T302] [ 24.032533][ T298] FAULT_INJECTION: forcing a failure. [ 24.032533][ T298] name failslab, interval 1, probability 0, space 0, times 0 [ 24.045531][ T298] CPU: 1 PID: 298 Comm: syz-executor275 Not tainted 6.1.25-syzkaller-00320-g78fe8913d1b2 #0 [ 24.055433][ T298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 24.065323][ T298] Call Trace: [ 24.068447][ T298] [ 24.071220][ T298] dump_stack_lvl+0x151/0x1b7 [ 24.075732][ T298] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 24.081032][ T298] ? __kernel_text_address+0xd/0x40 [ 24.086145][ T298] ? unwind_get_return_address+0x4d/0x90 [ 24.091623][ T298] dump_stack+0x15/0x1d [ 24.095609][ T298] should_fail_ex+0x3d0/0x520 [ 24.100123][ T298] ? usb_hcd_submit_urb+0x8c4/0x1b60 [ 24.105245][ T298] __should_failslab+0xaf/0xf0 [ 24.109856][ T298] should_failslab+0x9/0x20 [ 24.114184][ T298] __kmem_cache_alloc_node+0x3d/0x250 [ 24.119396][ T298] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 24.124339][ T298] ? _raw_spin_lock_irqsave+0x210/0x210 [ 24.129716][ T298] ? usb_hcd_submit_urb+0x8c4/0x1b60 [ 24.134840][ T298] __kmalloc+0xa3/0x1e0 [ 24.138833][ T298] ? usb_hcd_link_urb_to_ep+0x252/0x320 [ 24.144217][ T298] usb_hcd_submit_urb+0x8c4/0x1b60 [ 24.149166][ T298] ? kasan_save_alloc_info+0x1f/0x30 [ 24.154280][ T298] ? usb_free_streams+0x40/0x4a0 [ 24.159053][ T298] ? dma_map_single_attrs+0x160/0x160 [ 24.164263][ T298] ? __x64_sys_ioctl+0x7b/0x90 [ 24.168862][ T298] ? do_syscall_64+0x3d/0xb0 [ 24.173285][ T298] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 24.179197][ T298] usb_submit_urb+0x118c/0x1840 [ 24.183880][ T298] usb_start_wait_urb+0x120/0x350 [ 24.188740][ T298] ? usb_api_blocking_completion+0xb0/0xb0 [ 24.194396][ T298] ? __kasan_check_write+0x14/0x20 [ 24.199343][ T298] usb_control_msg+0x2ad/0x4c0 [ 24.203928][ T298] ? usb_anchor_empty+0x40/0x40 [ 24.208612][ T298] ? bit_wait_io_timeout+0x120/0x120 [ 24.213740][ T298] usb_reset_configuration+0x172/0xa90 [ 24.219035][ T298] ? bit_wait_io_timeout+0x120/0x120 [ 24.224158][ T298] ? enqueue_task_fair+0xdf9/0x22b0 [ 24.229184][ T298] usbdev_ioctl+0x40c4/0x5f90 [ 24.233717][ T298] ? usbdev_poll+0x200/0x200 [ 24.238211][ T298] ? check_preempt_wakeup+0x7ca/0xb30 [ 24.243423][ T298] ? enqueue_task+0x195/0x1420 [ 24.248018][ T298] ? yield_to_task_fair+0x190/0x190 [ 24.253054][ T298] ? activate_task+0xb0/0xb0 [ 24.257482][ T298] ? __kasan_check_read+0x11/0x20 [ 24.262341][ T298] ? ttwu_do_wakeup+0xe5/0x430 [ 24.266946][ T298] ? avc_has_extended_perms+0x90b/0x10f0 [ 24.272408][ T298] ? memcpy+0x56/0x70 [ 24.276228][ T298] ? avc_has_extended_perms+0xad7/0x10f0 [ 24.281695][ T298] ? __this_cpu_preempt_check+0x13/0x20 [ 24.287083][ T298] ? avc_flush+0x290/0x290 [ 24.291330][ T298] ? save_fpregs_to_fpstate+0x18f/0x220 [ 24.296706][ T298] ? do_vfs_ioctl+0xba7/0x29a0 [ 24.301308][ T298] ? __x64_compat_sys_ioctl+0x90/0x90 [ 24.306517][ T298] ? compat_start_thread+0x20/0x20 [ 24.311582][ T298] ? native_set_ldt+0x130/0x130 [ 24.316263][ T298] ? ioctl_has_perm+0x1f8/0x560 [ 24.320953][ T298] ? ioctl_has_perm+0x3f0/0x560 [ 24.325639][ T298] ? has_cap_mac_admin+0x3c0/0x3c0 [ 24.330590][ T298] ? __kasan_check_write+0x14/0x20 [ 24.335531][ T298] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 24.340486][ T298] ? cgroup_update_frozen+0x15f/0x980 [ 24.345700][ T298] ? selinux_file_ioctl+0x3cc/0x540 [ 24.350721][ T298] ? ptrace_stop+0x709/0x930 [ 24.355154][ T298] ? selinux_file_alloc_security+0x120/0x120 [ 24.360961][ T298] ? _raw_spin_unlock_irq+0x4d/0x70 [ 24.366001][ T298] ? ptrace_notify+0x249/0x350 [ 24.370603][ T298] ? security_file_ioctl+0x84/0xb0 [ 24.375543][ T298] ? usbdev_poll+0x200/0x200 [ 24.379986][ T298] __se_sys_ioctl+0x114/0x190 [ 24.384484][ T298] __x64_sys_ioctl+0x7b/0x90 [ 24.388916][ T298] do_syscall_64+0x3d/0xb0 [ 24.393166][ T298] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 24.398894][ T298] RIP: 0033:0x7fea9817b859 [ 24.403141][ T298] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [pid 302] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 305] <... openat resumed>) = 7 [pid 298] <... ioctl resumed>, 0x20000040) = -1 ENOMEM (Cannot allocate memory) [pid 303] <... openat resumed>) = 5 [pid 304] <... openat resumed>) = 7 [pid 301] <... openat resumed>) = 5 [pid 298] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME) = 7 [pid 298] ioctl(7, USBDEVFS_IOCTL [pid 305] ioctl(7, USBDEVFS_IOCTL [pid 304] ioctl(7, USBDEVFS_IOCTL [pid 303] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 301] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 303] <... openat resumed>) = 6 [pid 301] <... openat resumed>) = 6 [pid 303] write(6, "3", 1 [pid 301] write(6, "3", 1 [pid 303] <... write resumed>) = 1 [pid 301] <... write resumed>) = 1 [pid 303] ioctl(5, USBDEVFS_SETCONFIGURATION [ 24.422588][ T298] RSP: 002b:00007ffe62e21f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 24.430832][ T298] RAX: ffffffffffffffda RBX: 00007fea981bf184 RCX: 00007fea9817b859 [ 24.438656][ T298] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [ 24.446455][ T298] RBP: 00007ffe62e21f90 R08: 0000000000000001 R09: 0000000000000000 [ 24.454265][ T298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 24.462084][ T298] R13: 0000000000000000 R14: 00007ffe62e21fb0 R15: 00007ffe62e21fa0 [ 24.469889][ T298] [pid 301] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 305] <... ioctl resumed>, 0x20000080) = -1 EBUSY (Device or resource busy) [pid 304] <... ioctl resumed>, 0x20000080) = -1 EBUSY (Device or resource busy) [pid 302] <... openat resumed>) = 7 [pid 298] <... ioctl resumed>, 0x20000080) = 1 [pid 298] exit_group(0) = ? [pid 305] exit_group(0) = ? [pid 304] exit_group(0) = ? [pid 302] ioctl(7, USBDEVFS_IOCTL [pid 303] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 303] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 301] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [ 24.476405][ T298] hub 4-0:1.0: USB hub found [ 24.481249][ T298] hub 4-0:1.0: 1 port detected [ 24.486782][ T303] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor275' sets config #1 [ 24.496169][ T301] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor275' sets config #1 [ 24.496935][ T303] FAULT_INJECTION: forcing a failure. [ 24.496935][ T303] name failslab, interval 1, probability 0, space 0, times 0 [ 24.506286][ T301] FAULT_INJECTION: forcing a failure. [ 24.506286][ T301] name failslab, interval 1, probability 0, space 0, times 0 [ 24.518176][ T37] hub 4-0:1.0: activate --> -2 [ 24.530875][ T303] CPU: 0 PID: 303 Comm: syz-executor275 Not tainted 6.1.25-syzkaller-00320-g78fe8913d1b2 #0 [ 24.544667][ T303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 24.554563][ T303] Call Trace: [ 24.557682][ T303] [ 24.560464][ T303] dump_stack_lvl+0x151/0x1b7 [ 24.564977][ T303] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 24.570267][ T303] ? kernel_text_address+0xa9/0xe0 [ 24.575218][ T303] ? __kernel_text_address+0xd/0x40 [ 24.580383][ T303] dump_stack+0x15/0x1d [ 24.584372][ T303] should_fail_ex+0x3d0/0x520 [ 24.588881][ T303] ? __alloc_file+0x29/0x290 [ 24.593307][ T303] __should_failslab+0xaf/0xf0 [ 24.597906][ T303] should_failslab+0x9/0x20 [ 24.602262][ T303] kmem_cache_alloc+0x3b/0x2c0 [ 24.606846][ T303] ? __kasan_check_read+0x11/0x20 [ 24.611707][ T303] ? ttwu_do_wakeup+0xe5/0x430 [ 24.616308][ T303] __alloc_file+0x29/0x290 [ 24.620559][ T303] alloc_empty_file+0x95/0x180 [ 24.625163][ T303] path_openat+0xec/0x2d60 [ 24.629412][ T303] ? kasan_set_track+0x60/0x70 [ 24.634010][ T303] ? kasan_set_track+0x4b/0x70 [ 24.638623][ T303] ? kasan_save_alloc_info+0x1f/0x30 [ 24.643735][ T303] ? __kasan_slab_alloc+0x6c/0x80 [ 24.648592][ T303] ? slab_post_alloc_hook+0x53/0x2c0 [ 24.653715][ T303] ? getname_flags+0xba/0x520 [ 24.658228][ T303] ? getname+0x19/0x20 [ 24.662131][ T303] ? do_sys_openat2+0xd7/0x850 [ 24.666732][ T303] ? __x64_sys_openat+0x243/0x290 [ 24.671600][ T303] ? do_filp_open+0x480/0x480 [ 24.676110][ T303] do_filp_open+0x230/0x480 [ 24.680448][ T303] ? vfs_tmpfile+0x480/0x480 [ 24.684880][ T303] ? alloc_fd+0x4fa/0x5a0 [ 24.689041][ T303] do_sys_openat2+0x13f/0x850 [ 24.693555][ T303] ? memset+0x35/0x40 [ 24.697378][ T303] ? do_sys_open+0x220/0x220 [ 24.701802][ T303] ? ptrace_notify+0x249/0x350 [ 24.706494][ T303] __x64_sys_openat+0x243/0x290 [ 24.711178][ T303] ? __ia32_sys_open+0x270/0x270 [ 24.715951][ T303] ? syscall_enter_from_user_mode+0x6a/0x190 [ 24.721766][ T303] do_syscall_64+0x3d/0xb0 [ 24.726014][ T303] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 24.731745][ T303] RIP: 0033:0x7fea98139657 [ 24.735995][ T303] Code: 25 00 00 41 00 3d 00 00 41 00 74 47 64 8b 04 25 18 00 00 00 85 c0 75 6b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 95 00 00 00 48 8b 4c 24 28 64 48 2b 0c 25 [ 24.755528][ T303] RSP: 002b:00007ffe62e21ae0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 24.763769][ T303] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007fea98139657 [ 24.771580][ T303] RDX: 0000000000040001 RSI: 00007ffe62e21b60 RDI: 00000000ffffff9c [pid 301] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 305] +++ exited with 0 +++ [pid 304] +++ exited with 0 +++ [pid 302] <... ioctl resumed>, 0x20000080) = -1 EBUSY (Device or resource busy) [pid 298] +++ exited with 0 +++ [pid 296] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=304, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=305, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=298, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 302] exit_group(0) = ? [pid 296] <... clone resumed>, child_tidptr=0x5555563805d0) = 310 [pid 295] <... clone resumed>, child_tidptr=0x5555563805d0) = 309 [pid 294] <... clone resumed>, child_tidptr=0x5555563805d0) = 311 [pid 302] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=302, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [ 24.779396][ T303] RBP: 00007ffe62e21b60 R08: 000000000000ffff R09: 0000000000000000 [ 24.787201][ T303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000040001 [ 24.795014][ T303] R13: 0000000000000000 R14: 00007ffe62e21fb0 R15: 00007ffe62e21fa0 [ 24.802829][ T303] [ 24.809210][ T301] CPU: 0 PID: 301 Comm: syz-executor275 Not tainted 6.1.25-syzkaller-00320-g78fe8913d1b2 #0 [ 24.819112][ T301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 24.829004][ T301] Call Trace: [ 24.832125][ T301] [ 24.834904][ T301] dump_stack_lvl+0x151/0x1b7 [ 24.839423][ T301] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 24.844712][ T301] ? kernel_text_address+0xa9/0xe0 [ 24.849657][ T301] ? __kernel_text_address+0xd/0x40 [ 24.854693][ T301] dump_stack+0x15/0x1d [ 24.858685][ T301] should_fail_ex+0x3d0/0x520 [ 24.863199][ T301] ? __alloc_file+0x29/0x290 [ 24.867626][ T301] __should_failslab+0xaf/0xf0 [ 24.872224][ T301] should_failslab+0x9/0x20 [ 24.876563][ T301] kmem_cache_alloc+0x3b/0x2c0 [ 24.881164][ T301] ? __kasan_check_read+0x11/0x20 [ 24.886024][ T301] ? ttwu_do_wakeup+0xe5/0x430 [ 24.890624][ T301] __alloc_file+0x29/0x290 [ 24.894880][ T301] alloc_empty_file+0x95/0x180 [ 24.899480][ T301] path_openat+0xec/0x2d60 [ 24.903731][ T301] ? kasan_set_track+0x60/0x70 [ 24.908329][ T301] ? kasan_set_track+0x4b/0x70 [ 24.912928][ T301] ? kasan_save_alloc_info+0x1f/0x30 [ 24.918050][ T301] ? __kasan_slab_alloc+0x6c/0x80 [ 24.922910][ T301] ? slab_post_alloc_hook+0x53/0x2c0 [ 24.928031][ T301] ? getname_flags+0xba/0x520 [ 24.932544][ T301] ? getname+0x19/0x20 [ 24.936453][ T301] ? do_sys_openat2+0xd7/0x850 [ 24.941052][ T301] ? __x64_sys_openat+0x243/0x290 [ 24.945914][ T301] ? do_filp_open+0x480/0x480 [ 24.950517][ T301] do_filp_open+0x230/0x480 [ 24.954853][ T301] ? vfs_tmpfile+0x480/0x480 [ 24.959289][ T301] ? alloc_fd+0x4fa/0x5a0 [ 24.963446][ T301] do_sys_openat2+0x13f/0x850 [ 24.967959][ T301] ? memset+0x35/0x40 [ 24.971775][ T301] ? do_sys_open+0x220/0x220 [ 24.976225][ T301] ? ptrace_notify+0x249/0x350 [ 24.980801][ T301] __x64_sys_openat+0x243/0x290 [ 24.985492][ T301] ? __ia32_sys_open+0x270/0x270 [ 24.990266][ T301] ? syscall_enter_from_user_mode+0x6a/0x190 [ 24.996081][ T301] do_syscall_64+0x3d/0xb0 [ 25.000336][ T301] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 25.006059][ T301] RIP: 0033:0x7fea98139657 [ 25.010318][ T301] Code: 25 00 00 41 00 3d 00 00 41 00 74 47 64 8b 04 25 18 00 00 00 85 c0 75 6b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 95 00 00 00 48 8b 4c 24 28 64 48 2b 0c 25 [pid 299] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 311 attached ./strace-static-x86_64: Process 309 attached [pid 303] <... openat resumed>) = -1 ENOMEM (Cannot allocate memory) [pid 299] <... restart_syscall resumed>) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 311] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 309] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 299] <... clone resumed>, child_tidptr=0x5555563805d0) = 312 ./strace-static-x86_64: Process 312 attached [pid 309] <... prctl resumed>) = 0 [pid 311] setpgid(0, 0 [pid 312] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 312] setpgid(0, 0 [pid 309] setpgid(0, 0 [pid 311] <... setpgid resumed>) = 0 [pid 309] <... setpgid resumed>) = 0 [pid 311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 312] <... setpgid resumed>) = 0 [pid 311] <... openat resumed>) = 3 [pid 309] <... openat resumed>) = 3 [pid 311] write(3, "1000", 4 [pid 309] write(3, "1000", 4 [pid 311] <... write resumed>) = 4 [pid 312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 312] write(3, "1000", 4) = 4 [pid 309] <... write resumed>) = 4 [pid 311] close(3 [pid 312] close(3 [pid 309] close(3 [pid 311] <... close resumed>) = 0 [pid 312] <... close resumed>) = 0 [pid 312] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 309] <... close resumed>) = 0 [pid 311] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 309] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 312] <... openat resumed>) = 3 [pid 309] <... openat resumed>) = 3 [pid 311] <... openat resumed>) = 3 [ 25.029754][ T301] RSP: 002b:00007ffe62e21ae0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 25.037999][ T301] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007fea98139657 [ 25.045810][ T301] RDX: 0000000000040001 RSI: 00007ffe62e21b60 RDI: 00000000ffffff9c [ 25.053639][ T301] RBP: 00007ffe62e21b60 R08: 000000000000ffff R09: 0000000000000000 [ 25.061436][ T301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000040001 [ 25.069246][ T301] R13: 0000000000000000 R14: 00007ffe62e21fb0 R15: 00007ffe62e21fa0 [ 25.077061][ T301] [pid 312] ioctl(3, USBDEVFS_SETCONFIGURATION./strace-static-x86_64: Process 310 attached [pid 311] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 309] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 303] ioctl(-1, USBDEVFS_IOCTL [pid 312] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 312] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 310] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 301] <... openat resumed>) = -1 ENOMEM (Cannot allocate memory) [pid 301] ioctl(-1, USBDEVFS_IOCTL, 0x20000080) = -1 EBADF (Bad file descriptor) [pid 301] exit_group(0) = ? [pid 303] <... ioctl resumed>, 0x20000080) = -1 EBADF (Bad file descriptor) [pid 303] exit_group(0) = ? [pid 310] <... prctl resumed>) = 0 [pid 310] setpgid(0, 0) = 0 [pid 310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 310] write(3, "1000", 4) = 4 [pid 310] close(3) = 0 [pid 310] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 309] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 309] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 312] <... openat resumed>) = 4 [pid 301] +++ exited with 0 +++ [pid 311] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 303] +++ exited with 0 +++ [pid 312] ioctl(4, USBDEVFS_IOCTL [pid 311] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 310] <... openat resumed>) = 3 [pid 312] <... ioctl resumed>, 0x20000040) = 0 [pid 310] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 300] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=301, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=303, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 312] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 300] restart_syscall(<... resuming interrupted clone ...> [pid 297] restart_syscall(<... resuming interrupted clone ...> [pid 300] <... restart_syscall resumed>) = 0 [pid 297] <... restart_syscall resumed>) = 0 [pid 300] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 309] <... openat resumed>) = 4 [pid 312] <... openat resumed>) = 5 [pid 311] <... openat resumed>) = 4 [pid 310] <... ioctl resumed>, 0x20000040) = 0 [pid 309] ioctl(4, USBDEVFS_IOCTL [pid 312] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 310] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 300] <... clone resumed>, child_tidptr=0x5555563805d0) = 313 [pid 312] <... openat resumed>) = 6 [pid 310] <... openat resumed>) = 4 [pid 309] <... ioctl resumed>, 0x20000040) = -1 EHOSTUNREACH (No route to host) [pid 297] <... clone resumed>, child_tidptr=0x5555563805d0) = 314 [pid 311] ioctl(4, USBDEVFS_IOCTL./strace-static-x86_64: Process 313 attached [pid 312] write(6, "3", 1 [pid 310] ioctl(4, USBDEVFS_IOCTL [pid 312] <... write resumed>) = 1 [pid 310] <... ioctl resumed>, 0x20000040) = -1 EHOSTUNREACH (No route to host) [pid 309] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 312] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 310] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME./strace-static-x86_64: Process 314 attached [pid 313] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 310] <... openat resumed>) = 5 [pid 313] <... prctl resumed>) = 0 [pid 313] setpgid(0, 0) = 0 [pid 313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 313] write(3, "1000", 4) = 4 [pid 313] close(3) = 0 [pid 313] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 314] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 314] setpgid(0, 0) = 0 [pid 314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 314] write(3, "1000", 4) = 4 [pid 314] close(3) = 0 [pid 314] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 310] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 310] write(6, "3", 1) = 1 [ 25.084967][ T312] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor275' sets config #0 [ 25.095228][ T309] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor275' sets config #0 [ 25.104654][ T311] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor275' sets config #0 [ 25.118708][ T312] FAULT_INJECTION: forcing a failure. [ 25.118708][ T312] name failslab, interval 1, probability 0, space 0, times 0 [ 25.131206][ T312] CPU: 0 PID: 312 Comm: syz-executor275 Not tainted 6.1.25-syzkaller-00320-g78fe8913d1b2 #0 [ 25.141015][ T312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 25.150908][ T312] Call Trace: [ 25.154027][ T312] [ 25.156806][ T312] dump_stack_lvl+0x151/0x1b7 [ 25.161326][ T312] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 25.166621][ T312] ? pointer+0x1000/0x1000 [ 25.170868][ T312] dump_stack+0x15/0x1d [ 25.174861][ T312] should_fail_ex+0x3d0/0x520 [ 25.179380][ T312] ? kvasprintf_const+0x5e/0x190 [ 25.184148][ T312] __should_failslab+0xaf/0xf0 [ 25.188752][ T312] should_failslab+0x9/0x20 [ 25.193083][ T312] __kmem_cache_alloc_node+0x3d/0x250 [ 25.198309][ T312] ? kvasprintf_const+0x5e/0x190 [ 25.203069][ T312] __kmalloc_node_track_caller+0xa2/0x1e0 [ 25.208622][ T312] kvasprintf+0xdb/0x180 [ 25.212704][ T312] ? do_syscall_64+0x3d/0xb0 [ 25.217212][ T312] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 25.223119][ T312] ? bust_spinlocks+0xe0/0xe0 [ 25.227632][ T312] ? __kasan_check_write+0x14/0x20 [ 25.232577][ T312] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 25.237875][ T312] kvasprintf_const+0x5e/0x190 [ 25.242477][ T312] kobject_set_name_vargs+0x61/0x120 [ 25.247592][ T312] dev_set_name+0xd1/0x120 [ 25.251843][ T312] ? get_device+0x30/0x30 [ 25.256010][ T312] ? pm_runtime_init+0x29c/0x390 [ 25.260785][ T312] ? _raw_spin_unlock_irq+0x4d/0x70 [ 25.265824][ T312] usb_set_configuration+0xeee/0x1e70 [ 25.271037][ T312] usbdev_ioctl+0x40f0/0x5f90 [ 25.275544][ T312] ? usbdev_poll+0x200/0x200 [ 25.279970][ T312] ? is_bpf_text_address+0x172/0x190 [ 25.285092][ T312] ? is_module_text_address+0x280/0x360 [ 25.290463][ T312] ? stack_trace_save+0x1c0/0x1c0 [ 25.295331][ T312] ? kernel_text_address+0xa9/0xe0 [ 25.300275][ T312] ? __kasan_check_write+0x14/0x20 [ 25.305224][ T312] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 25.310515][ T312] ? _raw_spin_lock+0x1b0/0x1b0 [ 25.315208][ T312] ? avc_has_extended_perms+0x90b/0x10f0 [ 25.320675][ T312] ? memcpy+0x56/0x70 [ 25.324492][ T312] ? avc_has_extended_perms+0xad7/0x10f0 [ 25.329964][ T312] ? avc_flush+0x290/0x290 [ 25.334231][ T312] ? do_vfs_ioctl+0xba7/0x29a0 [ 25.338812][ T312] ? __x64_compat_sys_ioctl+0x90/0x90 [ 25.344024][ T312] ? compat_start_thread+0x20/0x20 [ 25.348971][ T312] ? native_set_ldt+0x130/0x130 [ 25.353658][ T312] ? ioctl_has_perm+0x1f8/0x560 [ 25.358345][ T312] ? ioctl_has_perm+0x3f0/0x560 [ 25.363035][ T312] ? has_cap_mac_admin+0x3c0/0x3c0 [ 25.367976][ T312] ? __kasan_check_write+0x14/0x20 [ 25.372918][ T312] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 25.377870][ T312] ? cgroup_update_frozen+0x15f/0x980 [ 25.383079][ T312] ? selinux_file_ioctl+0x3cc/0x540 [ 25.388116][ T312] ? ptrace_stop+0x709/0x930 [ 25.392533][ T312] ? selinux_file_alloc_security+0x120/0x120 [ 25.398357][ T312] ? _raw_spin_unlock_irq+0x4d/0x70 [ 25.403383][ T312] ? ptrace_notify+0x249/0x350 [ 25.408013][ T312] ? security_file_ioctl+0x84/0xb0 [ 25.412937][ T312] ? usbdev_poll+0x200/0x200 [ 25.417361][ T312] __se_sys_ioctl+0x114/0x190 [ 25.421879][ T312] __x64_sys_ioctl+0x7b/0x90 [ 25.426298][ T312] do_syscall_64+0x3d/0xb0 [ 25.430556][ T312] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 25.436282][ T312] RIP: 0033:0x7fea9817b859 [ 25.440533][ T312] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 25.459974][ T312] RSP: 002b:00007ffe62e21f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 25.468217][ T312] RAX: ffffffffffffffda RBX: 00007fea981bf184 RCX: 00007fea9817b859 [ 25.476117][ T312] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [pid 310] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 312] <... ioctl resumed>, 0x20000040) = 0 [pid 311] <... ioctl resumed>, 0x20000040) = -1 ENODATA (No data available) [pid 309] <... openat resumed>) = 5 [pid 314] <... openat resumed>) = 3 [pid 313] <... openat resumed>) = 3 [pid 312] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 311] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 309] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 309] write(6, "3", 1) = 1 [pid 309] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 314] ioctl(3, USBDEVFS_SETCONFIGURATION [ 25.483929][ T312] RBP: 00007ffe62e21f90 R08: 0000000000000001 R09: 0000000000000000 [ 25.491747][ T312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 25.499553][ T312] R13: 00007ffe62e21f8c R14: 00007ffe62e21fb0 R15: 00007ffe62e21fa0 [ 25.507372][ T312] [ 25.514994][ T312] usb usb4: device_add((null)) --> -22 [ 25.520399][ T310] FAULT_INJECTION: forcing a failure. [ 25.520399][ T310] name failslab, interval 1, probability 0, space 0, times 0 [ 25.532948][ T310] CPU: 0 PID: 310 Comm: syz-executor275 Not tainted 6.1.25-syzkaller-00320-g78fe8913d1b2 #0 [ 25.542835][ T310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 25.552731][ T310] Call Trace: [ 25.555852][ T310] [ 25.558628][ T310] dump_stack_lvl+0x151/0x1b7 [ 25.563142][ T310] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 25.568434][ T310] ? __kernel_text_address+0xd/0x40 [ 25.573472][ T310] ? unwind_get_return_address+0x4d/0x90 [ 25.578937][ T310] dump_stack+0x15/0x1d [ 25.583015][ T310] should_fail_ex+0x3d0/0x520 [ 25.587530][ T310] ? usb_hcd_submit_urb+0x8c4/0x1b60 [ 25.592657][ T310] __should_failslab+0xaf/0xf0 [ 25.597252][ T310] should_failslab+0x9/0x20 [ 25.601589][ T310] __kmem_cache_alloc_node+0x3d/0x250 [ 25.606795][ T310] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 25.611830][ T310] ? _raw_spin_lock_irqsave+0x210/0x210 [ 25.617213][ T310] ? usb_hcd_submit_urb+0x8c4/0x1b60 [ 25.622330][ T310] __kmalloc+0xa3/0x1e0 [ 25.626328][ T310] ? usb_hcd_link_urb_to_ep+0x252/0x320 [ 25.631710][ T310] usb_hcd_submit_urb+0x8c4/0x1b60 [ 25.636657][ T310] ? kasan_save_alloc_info+0x1f/0x30 [ 25.641775][ T310] ? usb_free_streams+0x40/0x4a0 [ 25.646551][ T310] ? dma_map_single_attrs+0x160/0x160 [ 25.651757][ T310] ? __x64_sys_ioctl+0x7b/0x90 [ 25.656368][ T310] ? do_syscall_64+0x3d/0xb0 [ 25.660782][ T310] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 25.666688][ T310] usb_submit_urb+0x118c/0x1840 [ 25.671376][ T310] usb_start_wait_urb+0x120/0x350 [ 25.676236][ T310] ? usb_api_blocking_completion+0xb0/0xb0 [ 25.681873][ T310] ? __kasan_check_write+0x14/0x20 [ 25.686819][ T310] usb_control_msg+0x2ad/0x4c0 [ 25.691419][ T310] ? usb_anchor_empty+0x40/0x40 [ 25.696105][ T310] ? bit_wait_io_timeout+0x120/0x120 [ 25.701228][ T310] usb_reset_configuration+0x172/0xa90 [ 25.706522][ T310] ? bit_wait_io_timeout+0x120/0x120 [ 25.711643][ T310] usbdev_ioctl+0x40c4/0x5f90 [ 25.716157][ T310] ? usbdev_poll+0x200/0x200 [ 25.720584][ T310] ? is_bpf_text_address+0x172/0x190 [ 25.725703][ T310] ? is_module_text_address+0x280/0x360 [ 25.731178][ T310] ? stack_trace_save+0x1c0/0x1c0 [ 25.736037][ T310] ? kernel_text_address+0xa9/0xe0 [ 25.740979][ T310] ? __kernel_text_address+0xd/0x40 [ 25.746019][ T310] ? _parse_integer_limit+0x19b/0x1e0 [ 25.751222][ T310] ? avc_has_extended_perms+0x90b/0x10f0 [ 25.756691][ T310] ? memcpy+0x56/0x70 [ 25.760506][ T310] ? avc_has_extended_perms+0xad7/0x10f0 [ 25.765985][ T310] ? __this_cpu_preempt_check+0x13/0x20 [ 25.771359][ T310] ? avc_flush+0x290/0x290 [ 25.775610][ T310] ? save_fpregs_to_fpstate+0x18f/0x220 [ 25.780996][ T310] ? do_vfs_ioctl+0xba7/0x29a0 [ 25.785592][ T310] ? __x64_compat_sys_ioctl+0x90/0x90 [ 25.790798][ T310] ? compat_start_thread+0x20/0x20 [ 25.795746][ T310] ? native_set_ldt+0x130/0x130 [ 25.800434][ T310] ? ioctl_has_perm+0x1f8/0x560 [ 25.805123][ T310] ? ioctl_has_perm+0x3f0/0x560 [ 25.809809][ T310] ? has_cap_mac_admin+0x3c0/0x3c0 [ 25.814758][ T310] ? __kasan_check_write+0x14/0x20 [ 25.819698][ T310] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 25.824650][ T310] ? cgroup_update_frozen+0x15f/0x980 [ 25.829861][ T310] ? selinux_file_ioctl+0x3cc/0x540 [ 25.834889][ T310] ? ptrace_stop+0x709/0x930 [ 25.839319][ T310] ? selinux_file_alloc_security+0x120/0x120 [ 25.845133][ T310] ? _raw_spin_unlock_irq+0x4d/0x70 [ 25.850163][ T310] ? ptrace_notify+0x249/0x350 [ 25.854767][ T310] ? security_file_ioctl+0x84/0xb0 [ 25.859710][ T310] ? usbdev_poll+0x200/0x200 [ 25.864140][ T310] __se_sys_ioctl+0x114/0x190 [ 25.868654][ T310] __x64_sys_ioctl+0x7b/0x90 [ 25.873080][ T310] do_syscall_64+0x3d/0xb0 [ 25.877343][ T310] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 25.883062][ T310] RIP: 0033:0x7fea9817b859 [ 25.887321][ T310] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 25.906843][ T310] RSP: 002b:00007ffe62e21f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 25.915087][ T310] RAX: ffffffffffffffda RBX: 00007fea981bf184 RCX: 00007fea9817b859 [ 25.922897][ T310] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [ 25.930728][ T310] RBP: 00007ffe62e21f90 R08: 0000000000000001 R09: 0000000000000000 [pid 313] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 310] <... ioctl resumed>, 0x20000040) = -1 ENOMEM (Cannot allocate memory) [pid 310] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME) = 7 [ 25.938519][ T310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 25.946331][ T310] R13: 00007ffe62e21f8c R14: 00007ffe62e21fb0 R15: 00007ffe62e21fa0 [ 25.954147][ T310] [ 25.957802][ T310] general protection fault, probably for non-canonical address 0xdffffc000000001a: 0000 [#1] PREEMPT SMP KASAN [ 25.969341][ T310] KASAN: null-ptr-deref in range [0x00000000000000d0-0x00000000000000d7] [ 25.977718][ T310] CPU: 1 PID: 310 Comm: syz-executor275 Not tainted 6.1.25-syzkaller-00320-g78fe8913d1b2 #0 [ 25.987612][ T310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 25.997502][ T310] RIP: 0010:__device_attach+0xb4/0x500 [ 26.002801][ T310] Code: 5c 24 48 48 89 d8 48 c1 e8 03 42 80 3c 30 00 74 08 48 89 df e8 9d a5 c9 fe 4c 8b 2b 49 8d 9d d0 00 00 00 48 89 d8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 bf 03 00 00 0f b6 1b 89 de 83 e6 01 45 [ 26.022243][ T310] RSP: 0018:ffffc90000f17580 EFLAGS: 00010202 [ 26.028143][ T310] RAX: 000000000000001a RBX: 00000000000000d0 RCX: ffff88810f7c1300 [ 26.035953][ T310] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc90000f17500 [ 26.043766][ T310] RBP: ffffc90000f17650 R08: dffffc0000000000 R09: fffff520001e2ea1 [ 26.051576][ T310] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881095c2830 [ 26.059397][ T310] R13: 0000000000000000 R14: dffffc0000000000 R15: ffff8881095c2830 [ 26.067199][ T310] FS: 0000555556380300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 26.075964][ T310] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 26.082387][ T310] CR2: 00007fea981ab1f0 CR3: 0000000120661000 CR4: 00000000003506a0 [ 26.090204][ T310] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 26.098012][ T310] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 26.105820][ T310] Call Trace: [ 26.108947][ T310] [ 26.111727][ T310] ? device_attach+0x20/0x20 [ 26.116150][ T310] ? __mutex_lock_slowpath+0xe/0x10 [ 26.121190][ T310] ? usb_ifnum_to_if+0x210/0x280 [ 26.125958][ T310] device_attach+0x17/0x20 [ 26.130211][ T310] proc_ioctl+0x428/0x600 [ 26.134382][ T310] usbdev_ioctl+0x310c/0x5f90 [ 26.138892][ T310] ? usbdev_poll+0x200/0x200 [ 26.143320][ T310] ? check_preempt_wakeup+0x7ca/0xb30 [ 26.148527][ T310] ? enqueue_task+0x195/0x1420 [ 26.153149][ T310] ? yield_to_task_fair+0x190/0x190 [ 26.158170][ T310] ? activate_task+0xb0/0xb0 [ 26.162584][ T310] ? __kasan_check_read+0x11/0x20 [ 26.167448][ T310] ? ttwu_do_wakeup+0xe5/0x430 [ 26.172048][ T310] ? avc_has_extended_perms+0x90b/0x10f0 [ 26.177515][ T310] ? memcpy+0x56/0x70 [ 26.181332][ T310] ? avc_has_extended_perms+0xad7/0x10f0 [ 26.186811][ T310] ? __this_cpu_preempt_check+0x13/0x20 [ 26.192183][ T310] ? avc_flush+0x290/0x290 [ 26.196455][ T310] ? save_fpregs_to_fpstate+0x18f/0x220 [ 26.201818][ T310] ? do_vfs_ioctl+0xba7/0x29a0 [ 26.206415][ T310] ? __x64_compat_sys_ioctl+0x90/0x90 [ 26.211624][ T310] ? compat_start_thread+0x20/0x20 [ 26.216573][ T310] ? native_set_ldt+0x130/0x130 [ 26.221262][ T310] ? ioctl_has_perm+0x1f8/0x560 [ 26.225945][ T310] ? ioctl_has_perm+0x3f0/0x560 [ 26.230630][ T310] ? has_cap_mac_admin+0x3c0/0x3c0 [ 26.235578][ T310] ? __kasan_check_write+0x14/0x20 [ 26.240611][ T310] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 26.245575][ T310] ? cgroup_update_frozen+0x15f/0x980 [ 26.250770][ T310] ? selinux_file_ioctl+0x3cc/0x540 [ 26.255800][ T310] ? ptrace_stop+0x709/0x930 [ 26.260230][ T310] ? selinux_file_alloc_security+0x120/0x120 [ 26.266043][ T310] ? _raw_spin_unlock_irq+0x4d/0x70 [ 26.271076][ T310] ? ptrace_notify+0x249/0x350 [ 26.275684][ T310] ? security_file_ioctl+0x84/0xb0 [ 26.280624][ T310] ? usbdev_poll+0x200/0x200 [ 26.285050][ T310] __se_sys_ioctl+0x114/0x190 [ 26.289571][ T310] __x64_sys_ioctl+0x7b/0x90 [ 26.293990][ T310] do_syscall_64+0x3d/0xb0 [ 26.298244][ T310] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 26.303970][ T310] RIP: 0033:0x7fea9817b859 [ 26.308229][ T310] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 26.327666][ T310] RSP: 002b:00007ffe62e21f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 26.335913][ T310] RAX: ffffffffffffffda RBX: 00007fea981bf184 RCX: 00007fea9817b859 [ 26.343726][ T310] RDX: 0000000020000080 RSI: 00000000c0105512 RDI: 0000000000000007 [ 26.351541][ T310] RBP: 00007ffe62e21f90 R08: 0000000000000000 R09: 0000000000000000 [ 26.359352][ T310] R10: 000000000000ffff R11: 0000000000000246 R12: 0000000000000001 [ 26.367166][ T310] R13: 00007ffe62e21f8c R14: 00007ffe62e21fb0 R15: 00007ffe62e21fa0 [ 26.374986][ T310] [ 26.377839][ T310] Modules linked in: [ 26.381909][ T310] ---[ end trace 0000000000000000 ]--- [ 26.387253][ T310] RIP: 0010:__device_attach+0xb4/0x500 [ 26.392623][ T310] Code: 5c 24 48 48 89 d8 48 c1 e8 03 42 80 3c 30 00 74 08 48 89 df e8 9d a5 c9 fe 4c 8b 2b 49 8d 9d d0 00 00 00 48 89 d8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 bf 03 00 00 0f b6 1b 89 de 83 e6 01 45 [ 26.412278][ T310] RSP: 0018:ffffc90000f17580 EFLAGS: 00010202 [ 26.418343][ T310] RAX: 000000000000001a RBX: 00000000000000d0 RCX: ffff88810f7c1300 [ 26.426200][ T310] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc90000f17500 [ 26.433956][ T310] RBP: ffffc90000f17650 R08: dffffc0000000000 R09: fffff520001e2ea1 [ 26.441814][ T310] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881095c2830 [ 26.449583][ T310] R13: 0000000000000000 R14: dffffc0000000000 R15: ffff8881095c2830 [ 26.457404][ T310] FS: 0000555556380300(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 26.466177][ T310] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 26.472568][ T310] CR2: 00007fea981ec140 CR3: 0000000120661000 CR4: 00000000003506b0 [ 26.480414][ T310] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 26.488214][ T310] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 26.496024][ T310] Kernel panic - not syncing: Fatal exception [ 26.502180][ T310] Kernel Offset: disabled [ 26.506313][ T310] Rebooting in 86400 seconds..