./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2441723602 <...> [ 3.299625][ T84] acpid (84) used greatest stack depth: 23344 bytes left [ 3.509804][ T99] udevd[99]: starting version 3.2.11 [ 3.535843][ T100] udevd[100]: starting eudev-3.2.11 [ 3.538476][ T99] udevd (99) used greatest stack depth: 22288 bytes left [ 12.402646][ T30] kauditd_printk_skb: 50 callbacks suppressed [ 12.402658][ T30] audit: type=1400 audit(1685599764.337:61): avc: denied { transition } for pid=224 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 12.406898][ T30] audit: type=1400 audit(1685599764.337:62): avc: denied { noatsecure } for pid=224 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 12.416236][ T30] audit: type=1400 audit(1685599764.347:63): avc: denied { write } for pid=224 comm="sh" path="pipe:[13146]" dev="pipefs" ino=13146 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 12.419411][ T30] audit: type=1400 audit(1685599764.347:64): avc: denied { rlimitinh } for pid=224 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 12.425008][ T30] audit: type=1400 audit(1685599764.347:65): avc: denied { siginh } for pid=224 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.1.40' (ECDSA) to the list of known hosts. execve("./syz-executor2441723602", ["./syz-executor2441723602"], 0x7ffdc08abed0 /* 10 vars */) = 0 brk(NULL) = 0x555555c5e000 brk(0x555555c5ec40) = 0x555555c5ec40 arch_prctl(ARCH_SET_FS, 0x555555c5e300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2441723602", 4096) = 28 brk(0x555555c7fc40) = 0x555555c7fc40 brk(0x555555c80000) = 0x555555c80000 mprotect(0x7fac62d07000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555c5e5d0) = 295 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555c5e5d0) = 296 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555c5e5d0) = 297 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555c5e5d0) = 298 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555c5e5d0) = 299 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555c5e5d0) = 300 ./strace-static-x86_64: Process 296 attached [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555c5e5d0) = 301 ./strace-static-x86_64: Process 295 attached [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555c5e5d0) = 302 ./strace-static-x86_64: Process 301 attached [pid 301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 301] setpgid(0, 0) = 0 [pid 301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 301] write(3, "1000", 4) = 4 [pid 301] close(3) = 0 [pid 301] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME) = 3 [pid 301] ioctl(3, USBDEVFS_SETCONFIGURATION./strace-static-x86_64: Process 302 attached ./strace-static-x86_64: Process 300 attached ./strace-static-x86_64: Process 299 attached ./strace-static-x86_64: Process 298 attached ./strace-static-x86_64: Process 297 attached , 0x20000040) = -1 EBUSY (Device or resource busy) [pid 301] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME) = 4 [pid 301] ioctl(4, USBDEVFS_IOCTL, 0x20000040) = 0 [pid 301] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME) = 5 [pid 301] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 301] write(6, "3", 1) = 1 [pid 301] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 302] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 300] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 302] <... prctl resumed>) = 0 [pid 302] setpgid(0, 0) = 0 [pid 302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 297] <... clone resumed>, child_tidptr=0x555555c5e5d0) = 307 [pid 302] write(3, "1000", 4 [pid 300] <... clone resumed>, child_tidptr=0x555555c5e5d0) = 304 [pid 299] <... clone resumed>, child_tidptr=0x555555c5e5d0) = 305 [pid 298] <... clone resumed>, child_tidptr=0x555555c5e5d0) = 306 [pid 302] <... write resumed>) = 4 [pid 302] close(3) = 0 [pid 302] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME./strace-static-x86_64: Process 304 attached [pid 304] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 304] setpgid(0, 0) = 0 [pid 304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 304] write(3, "1000", 4) = 4 [pid 304] close(3) = 0 [pid 304] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME./strace-static-x86_64: Process 305 attached [pid 305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 21.818728][ T30] audit: type=1400 audit(1685599773.747:66): avc: denied { execmem } for pid=294 comm="syz-executor244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 21.825295][ T30] audit: type=1400 audit(1685599773.757:67): avc: denied { integrity } for pid=294 comm="syz-executor244" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 21.827791][ T301] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #0 [ 21.831975][ T30] audit: type=1400 audit(1685599773.757:68): avc: denied { write } for pid=301 comm="syz-executor244" name="001" dev="devtmpfs" ino=149 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 21.837573][ T301] FAULT_INJECTION: forcing a failure. [ 21.837573][ T301] name failslab, interval 1, probability 0, space 0, times 1 [ 21.855800][ T301] CPU: 1 PID: 301 Comm: syz-executor244 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 [ 21.865860][ T301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 21.875757][ T301] Call Trace: [ 21.878877][ T301] [ 21.881653][ T301] dump_stack_lvl+0x151/0x1b7 [ 21.886167][ T301] ? io_uring_drop_tctx_refs+0x190/0x190 [ 21.891641][ T301] ? stack_trace_save+0x1c0/0x1c0 [ 21.896500][ T301] ? __kernel_text_address+0x9b/0x110 [ 21.901698][ T301] dump_stack+0x15/0x17 [ 21.905694][ T301] should_fail+0x3c6/0x510 [ 21.909948][ T301] __should_failslab+0xa4/0xe0 [ 21.914551][ T301] should_failslab+0x9/0x20 [ 21.918891][ T301] slab_pre_alloc_hook+0x37/0xd0 [ 21.923672][ T301] __kmalloc+0x6d/0x270 [ 21.927663][ T301] ? _raw_spin_unlock+0x4d/0x70 [ 21.932343][ T301] ? usb_hcd_submit_urb+0x8c9/0x1b70 [ 21.937464][ T301] ? usb_hcd_link_urb_to_ep+0x252/0x320 [ 21.942846][ T301] usb_hcd_submit_urb+0x8c9/0x1b70 [ 21.947792][ T301] ? process_slab+0x120/0x420 [ 21.952323][ T301] ? dma_map_single_attrs+0x160/0x160 [ 21.957520][ T301] ? usb_reset_configuration+0x172/0xa90 [ 21.962975][ T301] ? usbdev_ioctl+0x40da/0x5e20 [ 21.967666][ T301] ? __se_sys_ioctl+0x114/0x190 [ 21.972359][ T301] ? __x64_sys_ioctl+0x7b/0x90 [ 21.976956][ T301] ? do_syscall_64+0x3d/0xb0 [ 21.981382][ T301] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 21.987290][ T301] usb_submit_urb+0x118c/0x1840 [ 21.991976][ T301] usb_start_wait_urb+0x120/0x350 [ 21.996866][ T301] ? usb_api_blocking_completion+0xb0/0xb0 [ 22.002478][ T301] ? __kmalloc+0x13a/0x270 [ 22.006730][ T301] ? __kasan_check_write+0x14/0x20 [ 22.011673][ T301] usb_control_msg+0x2e4/0x510 [ 22.016278][ T301] ? usb_anchor_empty+0x40/0x40 [ 22.020955][ T301] ? wait_for_completion_killable_timeout+0x10/0x10 [ 22.027403][ T301] usb_reset_configuration+0x172/0xa90 [ 22.032683][ T301] ? wait_for_completion_killable_timeout+0x10/0x10 [ 22.039108][ T301] usbdev_ioctl+0x40da/0x5e20 [ 22.043619][ T301] ? sched_group_set_idle+0x640/0x640 [ 22.048833][ T301] ? usbdev_poll+0x200/0x200 [ 22.053243][ T301] ? __kasan_check_write+0x14/0x20 [ 22.058202][ T301] ? resched_curr+0x9d/0x1c0 [ 22.062622][ T301] ? check_preempt_wakeup+0x677/0xbe0 [ 22.067831][ T301] ? yield_to_task_fair+0x190/0x190 [ 22.072865][ T301] ? activate_task+0x90/0xb0 [ 22.077289][ T301] ? __kasan_check_read+0x11/0x20 [ 22.082238][ T301] ? ttwu_do_wakeup+0xe3/0x430 [ 22.086835][ T301] ? avc_has_extended_perms+0x90b/0x10f0 [ 22.092398][ T301] ? memcpy+0x56/0x70 [ 22.096216][ T301] ? avc_has_extended_perms+0xad7/0x10f0 [ 22.101678][ T301] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 22.107143][ T301] ? avc_flush+0x290/0x290 [ 22.111437][ T301] ? update_load_avg+0x43a/0x1150 [ 22.116272][ T301] ? do_vfs_ioctl+0xbc1/0x2a80 [ 22.120864][ T301] ? __kasan_check_read+0x11/0x20 [ 22.125806][ T301] ? __x64_compat_sys_ioctl+0x90/0x90 [ 22.131011][ T301] ? compat_start_thread+0x20/0x20 [ 22.135959][ T301] ? native_set_ldt+0x360/0x360 [ 22.140680][ T301] ? ioctl_has_perm+0x1f8/0x560 [ 22.145333][ T301] ? ioctl_has_perm+0x3f5/0x560 [ 22.150019][ T301] ? has_cap_mac_admin+0x3c0/0x3c0 [ 22.155057][ T301] ? __kasan_check_write+0x14/0x20 [ 22.160004][ T301] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 22.164946][ T301] ? _raw_spin_unlock_irq+0x4e/0x70 [ 22.169982][ T301] ? cgroup_leave_frozen+0x164/0x2c0 [ 22.175108][ T301] ? selinux_file_ioctl+0x3cc/0x540 [ 22.180138][ T301] ? selinux_file_alloc_security+0x120/0x120 [ 22.185958][ T301] ? _raw_spin_unlock_irq+0x4e/0x70 [ 22.190988][ T301] ? ptrace_notify+0x24c/0x350 [ 22.195587][ T301] ? security_file_ioctl+0x84/0xb0 [ 22.200532][ T301] ? usbdev_poll+0x200/0x200 [ 22.204961][ T301] __se_sys_ioctl+0x114/0x190 [ 22.209582][ T301] __x64_sys_ioctl+0x7b/0x90 [ 22.214093][ T301] do_syscall_64+0x3d/0xb0 [ 22.218344][ T301] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.224070][ T301] RIP: 0033:0x7fac62c9a859 [ 22.228327][ T301] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 22.247770][ T301] RSP: 002b:00007ffed4099528 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 22.256009][ T301] RAX: ffffffffffffffda RBX: 00007fac62cde184 RCX: 00007fac62c9a859 [pid 305] setpgid(0, 0) = 0 [pid 305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 305] write(3, "1000", 4) = 4 [pid 305] close(3) = 0 [pid 305] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME./strace-static-x86_64: Process 306 attached [pid 306] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 306] setpgid(0, 0) = 0 [pid 306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 306] write(3, "1000", 4) = 4 [pid 306] close(3) = 0 [pid 306] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME./strace-static-x86_64: Process 307 attached [pid 307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 307] setpgid(0, 0) = 0 [pid 307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 307] write(3, "1000", 4) = 4 [pid 307] close(3) = 0 [pid 307] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 301] <... ioctl resumed>, 0x20000040) = -1 ENOMEM (Cannot allocate memory) [pid 301] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 302] <... openat resumed>) = 3 [pid 301] <... openat resumed>) = 7 [pid 301] ioctl(7, USBDEVFS_IOCTL [pid 302] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 307] <... openat resumed>) = 3 [pid 306] <... openat resumed>) = 3 [pid 305] <... openat resumed>) = 3 [pid 304] <... openat resumed>) = 3 [pid 301] <... ioctl resumed>, 0x20000080) = 1 [pid 301] exit_group(0) = ? [pid 307] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 306] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 305] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 304] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 302] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [ 22.263822][ T301] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [ 22.271636][ T301] RBP: 00007ffed4099540 R08: 0000000000000001 R09: 0000000000000000 [ 22.279537][ T301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 22.287342][ T301] R13: 0000000000000000 R14: 00007ffed4099560 R15: 00007ffed4099550 [ 22.295158][ T301] [ 22.299950][ T301] hub 4-0:1.0: USB hub found [ 22.304729][ T301] hub 4-0:1.0: 1 port detected [ 22.310121][ T302] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #0 [pid 302] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 307] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 307] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 306] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 306] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 305] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 305] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 304] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 302] <... openat resumed>) = 4 [pid 301] +++ exited with 0 +++ [pid 307] <... openat resumed>) = 4 [pid 304] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 302] ioctl(4, USBDEVFS_IOCTL [pid 307] ioctl(4, USBDEVFS_IOCTL [pid 302] <... ioctl resumed>, 0x20000040) = 0 [pid 302] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 306] <... openat resumed>) = 4 [pid 306] ioctl(4, USBDEVFS_IOCTL, 0x20000040) = -1 ENODATA (No data available) [pid 306] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME) = 5 [pid 306] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 306] write(6, "3", 1 [pid 307] <... ioctl resumed>, 0x20000040) = -1 ENODATA (No data available) [pid 306] <... write resumed>) = 1 [pid 296] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=301, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 306] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 307] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 296] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555c5e5d0) = 308 ./strace-static-x86_64: Process 308 attached [pid 308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 308] setpgid(0, 0) = 0 [pid 308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 308] write(3, "1000", 4) = 4 [ 22.319847][ T20] hub 4-0:1.0: activate --> -2 [ 22.324496][ T307] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #0 [ 22.333948][ T306] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #0 [ 22.343415][ T305] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #0 [ 22.352819][ T304] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #0 [ 22.364061][ T306] FAULT_INJECTION: forcing a failure. [pid 308] close(3) = 0 [ 22.364061][ T306] name failslab, interval 1, probability 0, space 0, times 0 [ 22.376632][ T306] CPU: 0 PID: 306 Comm: syz-executor244 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 [ 22.386673][ T306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 22.396568][ T306] Call Trace: [ 22.399690][ T306] [ 22.402473][ T306] dump_stack_lvl+0x151/0x1b7 [ 22.407003][ T306] ? io_uring_drop_tctx_refs+0x190/0x190 [ 22.412451][ T306] ? stack_trace_save+0x1c0/0x1c0 [ 22.417311][ T306] ? __kernel_text_address+0x9b/0x110 [ 22.422515][ T306] dump_stack+0x15/0x17 [ 22.426513][ T306] should_fail+0x3c6/0x510 [ 22.430856][ T306] __should_failslab+0xa4/0xe0 [ 22.435553][ T306] should_failslab+0x9/0x20 [ 22.439887][ T306] slab_pre_alloc_hook+0x37/0xd0 [ 22.444667][ T306] __kmalloc+0x6d/0x270 [ 22.448677][ T306] ? _raw_spin_unlock+0x4d/0x70 [ 22.453346][ T306] ? usb_hcd_submit_urb+0x8c9/0x1b70 [ 22.458469][ T306] ? usb_hcd_link_urb_to_ep+0x252/0x320 [ 22.463880][ T306] usb_hcd_submit_urb+0x8c9/0x1b70 [ 22.468806][ T306] ? process_slab+0x120/0x420 [ 22.473310][ T306] ? dma_map_single_attrs+0x160/0x160 [ 22.478519][ T306] ? usb_reset_configuration+0x172/0xa90 [ 22.484066][ T306] ? usbdev_ioctl+0x40da/0x5e20 [ 22.488752][ T306] ? __se_sys_ioctl+0x114/0x190 [ 22.493447][ T306] ? __x64_sys_ioctl+0x7b/0x90 [ 22.498059][ T306] ? do_syscall_64+0x3d/0xb0 [ 22.502470][ T306] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.508549][ T306] usb_submit_urb+0x118c/0x1840 [ 22.513231][ T306] usb_start_wait_urb+0x120/0x350 [ 22.518092][ T306] ? usb_api_blocking_completion+0xb0/0xb0 [ 22.523735][ T306] ? __kmalloc+0x13a/0x270 [ 22.527986][ T306] ? __kasan_check_write+0x14/0x20 [ 22.532932][ T306] usb_control_msg+0x2e4/0x510 [ 22.537535][ T306] ? usb_anchor_empty+0x40/0x40 [ 22.542216][ T306] ? wait_for_completion_killable_timeout+0x10/0x10 [ 22.548655][ T306] usb_reset_configuration+0x172/0xa90 [ 22.553937][ T306] ? wait_for_completion_killable_timeout+0x10/0x10 [ 22.560360][ T306] ? page_add_file_rmap+0x6da/0x8e0 [ 22.565401][ T306] ? __kasan_check_write+0x14/0x20 [ 22.570344][ T306] usbdev_ioctl+0x40da/0x5e20 [ 22.574858][ T306] ? xas_start+0x32c/0x3f0 [ 22.579107][ T306] ? do_set_pte+0x3ca/0x7c0 [ 22.583476][ T306] ? usbdev_poll+0x200/0x200 [ 22.587875][ T306] ? next_uptodate_page+0xb68/0xb90 [ 22.592912][ T306] ? xas_find+0x6ef/0x820 [ 22.597073][ T306] ? _raw_spin_unlock+0x4d/0x70 [ 22.601759][ T306] ? filemap_map_pages+0xc99/0x1640 [ 22.606799][ T306] ? avc_has_extended_perms+0x90b/0x10f0 [ 22.612282][ T306] ? memcpy+0x56/0x70 [ 22.616081][ T306] ? avc_has_extended_perms+0xad7/0x10f0 [ 22.621553][ T306] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 22.627104][ T306] ? avc_flush+0x290/0x290 [ 22.631355][ T306] ? update_load_avg+0x43a/0x1150 [ 22.636217][ T306] ? do_vfs_ioctl+0xbc1/0x2a80 [ 22.640818][ T306] ? __kasan_check_read+0x11/0x20 [ 22.645683][ T306] ? __x64_compat_sys_ioctl+0x90/0x90 [ 22.650883][ T306] ? compat_start_thread+0x20/0x20 [ 22.655836][ T306] ? native_set_ldt+0x360/0x360 [ 22.660535][ T306] ? ioctl_has_perm+0x1f8/0x560 [ 22.665207][ T306] ? ioctl_has_perm+0x3f5/0x560 [ 22.669897][ T306] ? has_cap_mac_admin+0x3c0/0x3c0 [ 22.674840][ T306] ? __kasan_check_write+0x14/0x20 [ 22.679791][ T306] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 22.684736][ T306] ? _raw_spin_unlock_irq+0x4e/0x70 [ 22.689773][ T306] ? cgroup_leave_frozen+0x164/0x2c0 [ 22.694892][ T306] ? selinux_file_ioctl+0x3cc/0x540 [ 22.699924][ T306] ? selinux_file_alloc_security+0x120/0x120 [ 22.705747][ T306] ? _raw_spin_unlock_irq+0x4e/0x70 [ 22.710773][ T306] ? ptrace_notify+0x24c/0x350 [ 22.715379][ T306] ? security_file_ioctl+0x84/0xb0 [ 22.720320][ T306] ? usbdev_poll+0x200/0x200 [ 22.724751][ T306] __se_sys_ioctl+0x114/0x190 [ 22.729268][ T306] __x64_sys_ioctl+0x7b/0x90 [ 22.733690][ T306] do_syscall_64+0x3d/0xb0 [ 22.737948][ T306] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.743668][ T306] RIP: 0033:0x7fac62c9a859 [ 22.747926][ T306] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [pid 308] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 305] <... openat resumed>) = 4 [pid 306] <... ioctl resumed>, 0x20000040) = -1 ENOMEM (Cannot allocate memory) [pid 305] ioctl(4, USBDEVFS_IOCTL [pid 304] <... openat resumed>) = 4 [pid 308] <... openat resumed>) = 3 [pid 307] <... openat resumed>) = 5 [pid 306] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 305] <... ioctl resumed>, 0x20000040) = -1 ENODATA (No data available) [pid 304] ioctl(4, USBDEVFS_IOCTL [pid 302] <... openat resumed>) = 5 [pid 308] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 307] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 306] <... openat resumed>) = 7 [pid 305] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 304] <... ioctl resumed>, 0x20000040) = -1 ENODATA (No data available) [pid 302] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 308] <... ioctl resumed>, 0x20000040) = 0 [pid 307] <... openat resumed>) = 6 [pid 304] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 302] <... openat resumed>) = 6 [pid 308] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 307] write(6, "3", 1 [pid 305] <... openat resumed>) = 5 [pid 304] <... openat resumed>) = 5 [pid 302] write(6, "3", 1 [pid 307] <... write resumed>) = 1 [pid 304] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 302] <... write resumed>) = 1 [pid 307] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 304] <... openat resumed>) = 6 [pid 302] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 306] ioctl(7, USBDEVFS_IOCTL [ 22.767364][ T306] RSP: 002b:00007ffed4099528 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 22.775607][ T306] RAX: ffffffffffffffda RBX: 00007fac62cde184 RCX: 00007fac62c9a859 [ 22.783425][ T306] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [ 22.791236][ T306] RBP: 00007ffed4099540 R08: 0000000000000001 R09: 0000000000000000 [ 22.799042][ T306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 22.806886][ T306] R13: 0000000000000000 R14: 00007ffed4099560 R15: 00007ffed4099550 [ 22.814669][ T306] [pid 305] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 305] write(6, "3", 1) = 1 [pid 305] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 304] write(6, "3", 1) = 1 [ 22.824960][ T307] FAULT_INJECTION: forcing a failure. [ 22.824960][ T307] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 22.838023][ T307] CPU: 0 PID: 307 Comm: syz-executor244 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 [ 22.848045][ T307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 22.857941][ T307] Call Trace: [ 22.861064][ T307] [ 22.863842][ T307] dump_stack_lvl+0x151/0x1b7 [ 22.868354][ T307] ? io_uring_drop_tctx_refs+0x190/0x190 [ 22.873826][ T307] dump_stack+0x15/0x17 [ 22.877819][ T307] should_fail+0x3c6/0x510 [ 22.882064][ T307] should_fail_alloc_page+0x5a/0x80 [ 22.887099][ T307] __alloc_pages+0x1e6/0x7b0 [ 22.891533][ T307] ? arch_stack_walk+0xf3/0x140 [ 22.896216][ T307] ? zone_watermark_fast+0x220/0x220 [ 22.901335][ T307] ? stack_trace_save+0x113/0x1c0 [ 22.906196][ T307] ? unwind_get_return_address+0x4d/0x90 [ 22.911661][ T307] ? stack_trace_snprint+0xf0/0xf0 [ 22.916614][ T307] ? arch_stack_walk+0xf3/0x140 [ 22.921301][ T307] __stack_depot_save+0x38d/0x470 [ 22.926160][ T307] ____kasan_kmalloc+0xed/0x110 [ 22.930847][ T307] ? ____kasan_kmalloc+0xdb/0x110 [ 22.935705][ T307] ? __kasan_kmalloc+0x9/0x10 [ 22.940237][ T307] ? kmem_cache_alloc_trace+0x115/0x210 [ 22.945600][ T307] ? usb_set_configuration+0x3c9/0x1e80 [ 22.950986][ T307] ? usbdev_ioctl+0x40ff/0x5e20 [ 22.955670][ T307] ? __se_sys_ioctl+0x114/0x190 [ 22.960361][ T307] ? __x64_sys_ioctl+0x7b/0x90 [ 22.964955][ T307] ? do_syscall_64+0x3d/0xb0 [ 22.969381][ T307] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 22.975291][ T307] __kasan_kmalloc+0x9/0x10 [ 22.979638][ T307] kmem_cache_alloc_trace+0x115/0x210 [ 22.984835][ T307] ? usb_set_configuration+0x3c9/0x1e80 [ 22.990216][ T307] usb_set_configuration+0x3c9/0x1e80 [ 22.995426][ T307] ? __kasan_check_write+0x14/0x20 [ 23.000377][ T307] ? page_add_file_rmap+0x6c1/0x8e0 [ 23.005409][ T307] ? page_add_file_rmap+0x6da/0x8e0 [ 23.010439][ T307] ? __kasan_check_write+0x14/0x20 [ 23.015390][ T307] usbdev_ioctl+0x40ff/0x5e20 [ 23.019912][ T307] ? xas_start+0x32c/0x3f0 [ 23.024235][ T307] ? do_set_pte+0x3ca/0x7c0 [ 23.028575][ T307] ? usbdev_poll+0x200/0x200 [ 23.033004][ T307] ? next_uptodate_page+0xb68/0xb90 [ 23.038040][ T307] ? xas_find+0x6ef/0x820 [ 23.042204][ T307] ? _raw_spin_unlock+0x4d/0x70 [ 23.046894][ T307] ? filemap_map_pages+0xc99/0x1640 [ 23.051936][ T307] ? avc_has_extended_perms+0x90b/0x10f0 [ 23.057399][ T307] ? memcpy+0x56/0x70 [ 23.061211][ T307] ? avc_has_extended_perms+0xad7/0x10f0 [ 23.066677][ T307] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 23.072150][ T307] ? avc_flush+0x290/0x290 [ 23.076409][ T307] ? update_load_avg+0x43a/0x1150 [ 23.081352][ T307] ? do_vfs_ioctl+0xbc1/0x2a80 [ 23.085952][ T307] ? __kasan_check_read+0x11/0x20 [ 23.090809][ T307] ? __x64_compat_sys_ioctl+0x90/0x90 [ 23.096022][ T307] ? compat_start_thread+0x20/0x20 [ 23.100962][ T307] ? native_set_ldt+0x360/0x360 [ 23.105651][ T307] ? ioctl_has_perm+0x1f8/0x560 [ 23.110338][ T307] ? ioctl_has_perm+0x3f5/0x560 [ 23.115026][ T307] ? has_cap_mac_admin+0x3c0/0x3c0 [ 23.119972][ T307] ? __kasan_check_write+0x14/0x20 [ 23.124919][ T307] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 23.129870][ T307] ? _raw_spin_unlock_irq+0x4e/0x70 [ 23.134898][ T307] ? cgroup_leave_frozen+0x164/0x2c0 [ 23.140034][ T307] ? selinux_file_ioctl+0x3cc/0x540 [ 23.145063][ T307] ? selinux_file_alloc_security+0x120/0x120 [ 23.150874][ T307] ? _raw_spin_unlock_irq+0x4e/0x70 [ 23.155913][ T307] ? ptrace_notify+0x24c/0x350 [ 23.160524][ T307] ? security_file_ioctl+0x84/0xb0 [ 23.165457][ T307] ? usbdev_poll+0x200/0x200 [ 23.169875][ T307] __se_sys_ioctl+0x114/0x190 [ 23.174394][ T307] __x64_sys_ioctl+0x7b/0x90 [ 23.178822][ T307] do_syscall_64+0x3d/0xb0 [ 23.183071][ T307] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.188795][ T307] RIP: 0033:0x7fac62c9a859 [ 23.193051][ T307] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 23.212502][ T307] RSP: 002b:00007ffed4099528 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [pid 304] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 308] <... openat resumed>) = 4 [pid 307] <... ioctl resumed>, 0x20000040) = 0 [pid 308] ioctl(4, USBDEVFS_IOCTL [pid 307] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 308] <... ioctl resumed>, 0x20000040) = 0 [pid 307] <... openat resumed>) = 7 [pid 308] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [ 23.220739][ T307] RAX: ffffffffffffffda RBX: 00007fac62cde184 RCX: 00007fac62c9a859 [ 23.228551][ T307] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [ 23.236360][ T307] RBP: 00007ffed4099540 R08: 0000000000000001 R09: 0000000000000000 [ 23.244176][ T307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 23.251983][ T307] R13: 0000000000000000 R14: 00007ffed4099560 R15: 00007ffed4099550 [ 23.259889][ T307] [ 23.266753][ T307] hub 4-0:1.0: USB hub found [ 23.271253][ T307] hub 4-0:1.0: 1 port detected [pid 307] ioctl(7, USBDEVFS_IOCTL [pid 306] <... ioctl resumed>, 0x20000080) = 1 [pid 306] exit_group(0) = ? [pid 305] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [ 23.277294][ T306] hub 4-0:1.0: USB hub found [ 23.281997][ T306] hub 4-0:1.0: 1 port detected [ 23.287209][ T305] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #1 [ 23.296714][ T304] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #1 [ 23.297786][ T305] FAULT_INJECTION: forcing a failure. [ 23.297786][ T305] name failslab, interval 1, probability 0, space 0, times 0 [ 23.306600][ T302] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #1 [pid 305] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 304] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 302] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 304] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [ 23.318924][ T305] CPU: 0 PID: 305 Comm: syz-executor244 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 [ 23.328275][ T304] FAULT_INJECTION: forcing a failure. [ 23.328275][ T304] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 23.337750][ T305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 23.337763][ T305] Call Trace: [ 23.337769][ T305] [ 23.337775][ T305] dump_stack_lvl+0x151/0x1b7 [ 23.337805][ T305] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.337826][ T305] dump_stack+0x15/0x17 [ 23.351670][ T302] FAULT_INJECTION: forcing a failure. [ 23.351670][ T302] name failslab, interval 1, probability 0, space 0, times 0 [ 23.360507][ T305] should_fail+0x3c6/0x510 [ 23.360536][ T305] __should_failslab+0xa4/0xe0 [ 23.360557][ T305] ? __alloc_file+0x29/0x2a0 [ 23.406165][ T305] should_failslab+0x9/0x20 [ 23.410498][ T305] slab_pre_alloc_hook+0x37/0xd0 [ 23.415276][ T305] ? __alloc_file+0x29/0x2a0 [ 23.419710][ T305] kmem_cache_alloc+0x44/0x200 [ 23.424304][ T305] __alloc_file+0x29/0x2a0 [ 23.428561][ T305] alloc_empty_file+0x95/0x180 [ 23.433154][ T305] path_openat+0xfe/0x2f40 [ 23.437407][ T305] ? stack_trace_snprint+0xf0/0xf0 [ 23.442357][ T305] ? __kasan_slab_alloc+0xc3/0xe0 [ 23.447212][ T305] ? __kasan_slab_alloc+0xb1/0xe0 [ 23.452072][ T305] ? slab_post_alloc_hook+0x53/0x2c0 [ 23.457193][ T305] ? kmem_cache_alloc+0xf5/0x200 [ 23.461966][ T305] ? getname_flags+0xba/0x520 [ 23.466478][ T305] ? getname+0x19/0x20 [ 23.470386][ T305] ? do_sys_openat2+0xd2/0x500 [ 23.475000][ T305] ? __x64_sys_openat+0x243/0x290 [ 23.479859][ T305] ? do_syscall_64+0x3d/0xb0 [ 23.484272][ T305] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.490185][ T305] ? do_filp_open+0x460/0x460 [ 23.494708][ T305] do_filp_open+0x21c/0x460 [ 23.499033][ T305] ? vfs_tmpfile+0x2c0/0x2c0 [ 23.503460][ T305] do_sys_openat2+0x13b/0x500 [ 23.508056][ T305] ? do_sys_open+0x220/0x220 [ 23.512482][ T305] ? ptrace_notify+0x24c/0x350 [ 23.517097][ T305] __x64_sys_openat+0x243/0x290 [ 23.521769][ T305] ? __ia32_sys_open+0x270/0x270 [ 23.526540][ T305] ? __kasan_check_read+0x11/0x20 [ 23.531404][ T305] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 23.537219][ T305] do_syscall_64+0x3d/0xb0 [ 23.541479][ T305] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.547200][ T305] RIP: 0033:0x7fac62c58657 [ 23.551452][ T305] Code: 25 00 00 41 00 3d 00 00 41 00 74 47 64 8b 04 25 18 00 00 00 85 c0 75 6b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 95 00 00 00 48 8b 4c 24 28 64 48 2b 0c 25 [ 23.570900][ T305] RSP: 002b:00007ffed4099090 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 23.579147][ T305] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007fac62c58657 [ 23.586950][ T305] RDX: 0000000000040001 RSI: 00007ffed4099110 RDI: 00000000ffffff9c [ 23.594764][ T305] RBP: 00007ffed4099110 R08: 000000000000ffff R09: 0000000000000000 [ 23.602583][ T305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000040001 [ 23.610383][ T305] R13: 0000000000000000 R14: 00007ffed4099560 R15: 00007ffed4099550 [ 23.618201][ T305] [ 23.621062][ T302] CPU: 1 PID: 302 Comm: syz-executor244 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 [ 23.631130][ T302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 23.641022][ T302] Call Trace: [ 23.644144][ T302] [ 23.646925][ T302] dump_stack_lvl+0x151/0x1b7 [ 23.651438][ T302] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.656906][ T302] dump_stack+0x15/0x17 [ 23.660899][ T302] should_fail+0x3c6/0x510 [ 23.665156][ T302] __should_failslab+0xa4/0xe0 [ 23.669751][ T302] ? __alloc_file+0x29/0x2a0 [ 23.674180][ T302] should_failslab+0x9/0x20 [ 23.678516][ T302] slab_pre_alloc_hook+0x37/0xd0 [ 23.683296][ T302] ? __alloc_file+0x29/0x2a0 [ 23.687732][ T302] kmem_cache_alloc+0x44/0x200 [ 23.692329][ T302] __alloc_file+0x29/0x2a0 [ 23.696579][ T302] alloc_empty_file+0x95/0x180 [ 23.701175][ T302] path_openat+0xfe/0x2f40 [ 23.705425][ T302] ? stack_trace_snprint+0xf0/0xf0 [ 23.710461][ T302] ? __kasan_slab_alloc+0xc3/0xe0 [ 23.715330][ T302] ? __kasan_slab_alloc+0xb1/0xe0 [ 23.720295][ T302] ? slab_post_alloc_hook+0x53/0x2c0 [ 23.725503][ T302] ? kmem_cache_alloc+0xf5/0x200 [ 23.730273][ T302] ? getname_flags+0xba/0x520 [ 23.734788][ T302] ? getname+0x19/0x20 [ 23.738690][ T302] ? do_sys_openat2+0xd2/0x500 [ 23.743291][ T302] ? __x64_sys_openat+0x243/0x290 [ 23.748152][ T302] ? do_syscall_64+0x3d/0xb0 [ 23.752579][ T302] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.758481][ T302] ? do_filp_open+0x460/0x460 [ 23.762998][ T302] do_filp_open+0x21c/0x460 [ 23.767336][ T302] ? vfs_tmpfile+0x2c0/0x2c0 [ 23.771767][ T302] do_sys_openat2+0x13b/0x500 [ 23.776279][ T302] ? do_sys_open+0x220/0x220 [ 23.780704][ T302] ? ptrace_notify+0x24c/0x350 [ 23.785307][ T302] __x64_sys_openat+0x243/0x290 [ 23.789990][ T302] ? __ia32_sys_open+0x270/0x270 [ 23.794762][ T302] ? __kasan_check_read+0x11/0x20 [ 23.799796][ T302] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 23.805613][ T302] do_syscall_64+0x3d/0xb0 [ 23.809861][ T302] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.815593][ T302] RIP: 0033:0x7fac62c58657 [ 23.819849][ T302] Code: 25 00 00 41 00 3d 00 00 41 00 74 47 64 8b 04 25 18 00 00 00 85 c0 75 6b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 95 00 00 00 48 8b 4c 24 28 64 48 2b 0c 25 [ 23.839290][ T302] RSP: 002b:00007ffed4099090 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 23.847535][ T302] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007fac62c58657 [ 23.855345][ T302] RDX: 0000000000040001 RSI: 00007ffed4099110 RDI: 00000000ffffff9c [ 23.863244][ T302] RBP: 00007ffed4099110 R08: 000000000000ffff R09: 0000000000000000 [ 23.871053][ T302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000040001 [pid 302] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 308] <... openat resumed>) = 5 [pid 308] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 307] <... ioctl resumed>, 0x20000080) = -1 EBUSY (Device or resource busy) [pid 308] <... openat resumed>) = 6 [pid 307] exit_group(0 [pid 306] +++ exited with 0 +++ [pid 308] write(6, "3", 1 [pid 307] <... exit_group resumed>) = ? [pid 308] <... write resumed>) = 1 [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=306, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 308] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 308] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [ 23.878871][ T302] R13: 0000000000000000 R14: 00007ffed4099560 R15: 00007ffed4099550 [ 23.886675][ T302] [ 23.891811][ T308] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #1 [ 23.896709][ T304] CPU: 0 PID: 304 Comm: syz-executor244 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 [ 23.902413][ T308] FAULT_INJECTION: forcing a failure. [ 23.902413][ T308] name failslab, interval 1, probability 0, space 0, times 0 [ 23.911214][ T304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 23.911228][ T304] Call Trace: [ 23.911234][ T304] [ 23.911241][ T304] dump_stack_lvl+0x151/0x1b7 [ 23.911265][ T304] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.911286][ T304] dump_stack+0x15/0x17 [ 23.911303][ T304] should_fail+0x3c6/0x510 [ 23.911326][ T304] should_fail_usercopy+0x1a/0x20 [ 23.962597][ T304] strncpy_from_user+0x24/0x2d0 [ 23.967282][ T304] ? kmem_cache_alloc+0xf5/0x200 [ 23.972059][ T304] getname_flags+0xf2/0x520 [ 23.976412][ T304] getname+0x19/0x20 [ 23.980133][ T304] do_sys_openat2+0xd2/0x500 [ 23.984558][ T304] ? do_sys_open+0x220/0x220 [ 23.988986][ T304] ? ptrace_notify+0x24c/0x350 [ 23.993586][ T304] __x64_sys_openat+0x243/0x290 [ 23.998361][ T304] ? __ia32_sys_open+0x270/0x270 [ 24.003133][ T304] ? __kasan_check_read+0x11/0x20 [ 24.007992][ T304] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 24.013809][ T304] do_syscall_64+0x3d/0xb0 [ 24.018065][ T304] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.023785][ T304] RIP: 0033:0x7fac62c58657 [ 24.028047][ T304] Code: 25 00 00 41 00 3d 00 00 41 00 74 47 64 8b 04 25 18 00 00 00 85 c0 75 6b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 95 00 00 00 48 8b 4c 24 28 64 48 2b 0c 25 [ 24.047569][ T304] RSP: 002b:00007ffed4099090 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 24.055990][ T304] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007fac62c58657 [ 24.063800][ T304] RDX: 0000000000040001 RSI: 00007ffed4099110 RDI: 00000000ffffff9c [ 24.071609][ T304] RBP: 00007ffed4099110 R08: 000000000000ffff R09: 0000000000000000 [ 24.079420][ T304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000040001 [ 24.087249][ T304] R13: 0000000000000000 R14: 00007ffed4099560 R15: 00007ffed4099550 [ 24.095051][ T304] [ 24.097926][ T308] CPU: 1 PID: 308 Comm: syz-executor244 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 [ 24.107982][ T308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 24.118043][ T308] Call Trace: [ 24.121177][ T308] [ 24.123966][ T308] dump_stack_lvl+0x151/0x1b7 [ 24.128462][ T308] ? io_uring_drop_tctx_refs+0x190/0x190 [ 24.133928][ T308] dump_stack+0x15/0x17 [ 24.137921][ T308] should_fail+0x3c6/0x510 [ 24.142189][ T308] __should_failslab+0xa4/0xe0 [ 24.146771][ T308] ? __alloc_file+0x29/0x2a0 [ 24.151200][ T308] should_failslab+0x9/0x20 [ 24.155541][ T308] slab_pre_alloc_hook+0x37/0xd0 [ 24.160312][ T308] ? __alloc_file+0x29/0x2a0 [ 24.164742][ T308] kmem_cache_alloc+0x44/0x200 [ 24.169502][ T308] __alloc_file+0x29/0x2a0 [ 24.173732][ T308] alloc_empty_file+0x95/0x180 [ 24.178336][ T308] path_openat+0xfe/0x2f40 [ 24.182583][ T308] ? stack_trace_snprint+0xf0/0xf0 [ 24.187535][ T308] ? __kasan_slab_alloc+0xc3/0xe0 [ 24.192395][ T308] ? __kasan_slab_alloc+0xb1/0xe0 [ 24.197251][ T308] ? slab_post_alloc_hook+0x53/0x2c0 [ 24.202401][ T308] ? kmem_cache_alloc+0xf5/0x200 [ 24.207149][ T308] ? getname_flags+0xba/0x520 [ 24.211660][ T308] ? getname+0x19/0x20 [ 24.215585][ T308] ? do_sys_openat2+0xd2/0x500 [ 24.220165][ T308] ? __x64_sys_openat+0x243/0x290 [ 24.225027][ T308] ? do_syscall_64+0x3d/0xb0 [ 24.229451][ T308] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.235364][ T308] ? do_filp_open+0x460/0x460 [ 24.239874][ T308] do_filp_open+0x21c/0x460 [ 24.244212][ T308] ? vfs_tmpfile+0x2c0/0x2c0 [ 24.248647][ T308] do_sys_openat2+0x13b/0x500 [ 24.253334][ T308] ? do_sys_open+0x220/0x220 [ 24.257757][ T308] ? ptrace_notify+0x24c/0x350 [ 24.262367][ T308] __x64_sys_openat+0x243/0x290 [ 24.267045][ T308] ? __ia32_sys_open+0x270/0x270 [ 24.271816][ T308] ? __kasan_check_read+0x11/0x20 [ 24.276678][ T308] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 24.282583][ T308] do_syscall_64+0x3d/0xb0 [ 24.286832][ T308] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.292561][ T308] RIP: 0033:0x7fac62c58657 [ 24.296815][ T308] Code: 25 00 00 41 00 3d 00 00 41 00 74 47 64 8b 04 25 18 00 00 00 85 c0 75 6b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 95 00 00 00 48 8b 4c 24 28 64 48 2b 0c 25 [ 24.316263][ T308] RSP: 002b:00007ffed4099090 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 24.324502][ T308] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007fac62c58657 [pid 308] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 307] +++ exited with 0 +++ [pid 304] <... openat resumed>) = -1 EFAULT (Bad address) [pid 302] <... openat resumed>) = -1 ENOMEM (Cannot allocate memory) [pid 298] <... restart_syscall resumed>) = 0 [pid 304] ioctl(-1, USBDEVFS_IOCTL [pid 302] ioctl(-1, USBDEVFS_IOCTL [pid 304] <... ioctl resumed>, 0x20000080) = -1 EBADF (Bad file descriptor) [pid 302] <... ioctl resumed>, 0x20000080) = -1 EBADF (Bad file descriptor) [pid 305] <... openat resumed>) = -1 ENOMEM (Cannot allocate memory) [pid 302] exit_group(0 [pid 304] exit_group(0 [pid 302] <... exit_group resumed>) = ? [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=307, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [pid 304] <... exit_group resumed>) = ? [pid 305] ioctl(-1, USBDEVFS_IOCTL, 0x20000080) = -1 EBADF (Bad file descriptor) [pid 304] +++ exited with 0 +++ [pid 300] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=304, si_uid=0, si_status=0, si_utime=0, si_stime=14} --- [pid 302] +++ exited with 0 +++ [pid 298] <... clone resumed>, child_tidptr=0x555555c5e5d0) = 313 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=302, si_uid=0, si_status=0, si_utime=0, si_stime=16} --- [pid 297] <... clone resumed>, child_tidptr=0x555555c5e5d0) = 314 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 300] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 315 attached ./strace-static-x86_64: Process 314 attached ./strace-static-x86_64: Process 313 attached [pid 308] <... openat resumed>) = -1 ENOMEM (Cannot allocate memory) [pid 305] exit_group(0 [pid 295] <... clone resumed>, child_tidptr=0x555555c5e5d0) = 315 [pid 315] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 314] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 313] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 300] <... clone resumed>, child_tidptr=0x555555c5e5d0) = 316 ./strace-static-x86_64: Process 316 attached [pid 308] ioctl(-1, USBDEVFS_IOCTL [pid 305] <... exit_group resumed>) = ? [pid 315] <... prctl resumed>) = 0 [pid 314] <... prctl resumed>) = 0 [pid 313] <... prctl resumed>) = 0 [pid 308] <... ioctl resumed>, 0x20000080) = -1 EBADF (Bad file descriptor) [pid 315] setpgid(0, 0 [pid 314] setpgid(0, 0 [pid 313] setpgid(0, 0 [pid 308] exit_group(0 [pid 315] <... setpgid resumed>) = 0 [pid 314] <... setpgid resumed>) = 0 [pid 313] <... setpgid resumed>) = 0 [pid 315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 313] <... openat resumed>) = 3 [pid 314] <... openat resumed>) = 3 [pid 315] <... openat resumed>) = 3 [pid 314] write(3, "1000", 4 [pid 313] write(3, "1000", 4 [pid 315] write(3, "1000", 4 [pid 314] <... write resumed>) = 4 [pid 313] <... write resumed>) = 4 [pid 315] <... write resumed>) = 4 [pid 314] close(3 [pid 313] close(3 [pid 315] close(3 [pid 314] <... close resumed>) = 0 [pid 315] <... close resumed>) = 0 [pid 313] <... close resumed>) = 0 [pid 314] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 315] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 313] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 314] <... openat resumed>) = 3 [pid 315] <... openat resumed>) = 3 [pid 313] <... openat resumed>) = 3 [pid 315] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 314] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 313] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 316] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 316] setpgid(0, 0) = 0 [pid 316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 316] write(3, "1000", 4) = 4 [pid 316] close(3) = 0 [pid 316] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 308] <... exit_group resumed>) = ? [ 24.332402][ T308] RDX: 0000000000040001 RSI: 00007ffed4099110 RDI: 00000000ffffff9c [ 24.340212][ T308] RBP: 00007ffed4099110 R08: 000000000000ffff R09: 0000000000000000 [ 24.348021][ T308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000040001 [ 24.355834][ T308] R13: 00007ffed409953c R14: 00007ffed4099560 R15: 00007ffed4099550 [ 24.363648][ T308] [pid 315] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 316] <... openat resumed>) = 3 [pid 305] +++ exited with 0 +++ [pid 315] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 316] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=305, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555c5e5d0) = 317 ./strace-static-x86_64: Process 317 attached [pid 317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 317] setpgid(0, 0) = 0 [pid 317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 317] write(3, "1000", 4) = 4 [pid 317] close(3) = 0 [pid 317] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 314] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 314] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 313] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 315] <... openat resumed>) = 4 [pid 313] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 315] ioctl(4, USBDEVFS_IOCTL [pid 316] <... ioctl resumed>, 0x20000040) = -1 EBUSY (Device or resource busy) [pid 308] +++ exited with 0 +++ [pid 296] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=308, si_uid=0, si_status=0, si_utime=0, si_stime=19} --- [pid 316] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME) = 4 [pid 316] ioctl(4, USBDEVFS_IOCTL [pid 317] <... openat resumed>) = 3 [pid 314] <... openat resumed>) = 4 [pid 316] <... ioctl resumed>, 0x20000040) = -1 ENODATA (No data available) [pid 315] <... ioctl resumed>, 0x20000040) = 0 [pid 316] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME) = 5 [pid 316] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 316] write(6, "3", 1) = 1 [pid 316] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 317] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 315] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 314] ioctl(4, USBDEVFS_IOCTL [pid 313] <... openat resumed>) = 4 [pid 313] ioctl(4, USBDEVFS_IOCTL [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555c5e5d0) = 318 ./strace-static-x86_64: Process 318 attached [pid 318] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 318] setpgid(0, 0) = 0 [pid 318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 318] write(3, "1000", 4) = 4 [pid 318] close(3) = 0 [ 24.376698][ T315] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #0 [ 24.386181][ T314] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #0 [ 24.395863][ T313] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #0 [ 24.405545][ T316] usb usb4: usbfs: interface 0 claimed by hub while 'syz-executor244' sets config #0 [ 24.416645][ T316] FAULT_INJECTION: forcing a failure. [ 24.416645][ T316] name failslab, interval 1, probability 0, space 0, times 0 [ 24.429426][ T316] CPU: 1 PID: 316 Comm: syz-executor244 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 [ 24.439490][ T316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 24.449387][ T316] Call Trace: [ 24.452508][ T316] [ 24.455291][ T316] dump_stack_lvl+0x151/0x1b7 [ 24.459794][ T316] ? io_uring_drop_tctx_refs+0x190/0x190 [ 24.465268][ T316] ? stack_trace_save+0x1c0/0x1c0 [ 24.470130][ T316] ? __kernel_text_address+0x9b/0x110 [ 24.475335][ T316] dump_stack+0x15/0x17 [ 24.479326][ T316] should_fail+0x3c6/0x510 [ 24.483580][ T316] __should_failslab+0xa4/0xe0 [ 24.488177][ T316] should_failslab+0x9/0x20 [ 24.492524][ T316] slab_pre_alloc_hook+0x37/0xd0 [ 24.497301][ T316] __kmalloc+0x6d/0x270 [ 24.501280][ T316] ? _raw_spin_unlock+0x4d/0x70 [ 24.505980][ T316] ? usb_hcd_submit_urb+0x8c9/0x1b70 [ 24.511088][ T316] ? usb_hcd_link_urb_to_ep+0x252/0x320 [ 24.516471][ T316] usb_hcd_submit_urb+0x8c9/0x1b70 [ 24.521431][ T316] ? process_slab+0x120/0x420 [ 24.525933][ T316] ? dma_map_single_attrs+0x160/0x160 [ 24.531138][ T316] ? usb_reset_configuration+0x172/0xa90 [ 24.536620][ T316] ? usbdev_ioctl+0x40da/0x5e20 [ 24.541299][ T316] ? __se_sys_ioctl+0x114/0x190 [ 24.545984][ T316] ? __x64_sys_ioctl+0x7b/0x90 [ 24.550578][ T316] ? do_syscall_64+0x3d/0xb0 [ 24.555009][ T316] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.560916][ T316] usb_submit_urb+0x118c/0x1840 [ 24.565611][ T316] usb_start_wait_urb+0x120/0x350 [ 24.570460][ T316] ? usb_api_blocking_completion+0xb0/0xb0 [ 24.576101][ T316] ? __kmalloc+0x13a/0x270 [ 24.580357][ T316] ? __kasan_check_write+0x14/0x20 [ 24.585314][ T316] usb_control_msg+0x2e4/0x510 [ 24.589911][ T316] ? usb_anchor_empty+0x40/0x40 [ 24.594588][ T316] ? wait_for_completion_killable_timeout+0x10/0x10 [ 24.601031][ T316] usb_reset_configuration+0x172/0xa90 [ 24.606311][ T316] ? wait_for_completion_killable_timeout+0x10/0x10 [ 24.612731][ T316] usbdev_ioctl+0x40da/0x5e20 [ 24.617247][ T316] ? sched_group_set_idle+0x640/0x640 [ 24.622454][ T316] ? psi_task_change+0x22c/0x360 [ 24.627226][ T316] ? usbdev_poll+0x200/0x200 [ 24.631653][ T316] ? check_preempt_wakeup+0x882/0xbe0 [ 24.636860][ T316] ? yield_to_task_fair+0x190/0x190 [ 24.641888][ T316] ? activate_task+0x90/0xb0 [ 24.646328][ T316] ? __kasan_check_read+0x11/0x20 [ 24.651188][ T316] ? ttwu_do_wakeup+0xe3/0x430 [ 24.655801][ T316] ? avc_has_extended_perms+0x90b/0x10f0 [ 24.661247][ T316] ? memcpy+0x56/0x70 [ 24.665068][ T316] ? avc_has_extended_perms+0xad7/0x10f0 [ 24.670530][ T316] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 24.676092][ T316] ? avc_flush+0x290/0x290 [ 24.680338][ T316] ? update_load_avg+0x43a/0x1150 [ 24.685203][ T316] ? do_vfs_ioctl+0xbc1/0x2a80 [ 24.689799][ T316] ? __kasan_check_read+0x11/0x20 [ 24.694679][ T316] ? __x64_compat_sys_ioctl+0x90/0x90 [ 24.699870][ T316] ? compat_start_thread+0x20/0x20 [ 24.704819][ T316] ? native_set_ldt+0x360/0x360 [ 24.709511][ T316] ? ioctl_has_perm+0x1f8/0x560 [ 24.714218][ T316] ? ioctl_has_perm+0x3f5/0x560 [ 24.718880][ T316] ? has_cap_mac_admin+0x3c0/0x3c0 [ 24.723827][ T316] ? __kasan_check_write+0x14/0x20 [ 24.728768][ T316] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 24.733716][ T316] ? _raw_spin_unlock_irq+0x4e/0x70 [ 24.738749][ T316] ? cgroup_leave_frozen+0x164/0x2c0 [ 24.743880][ T316] ? selinux_file_ioctl+0x3cc/0x540 [ 24.748926][ T316] ? selinux_file_alloc_security+0x120/0x120 [ 24.754720][ T316] ? _raw_spin_unlock_irq+0x4e/0x70 [ 24.759762][ T316] ? ptrace_notify+0x24c/0x350 [ 24.764365][ T316] ? security_file_ioctl+0x84/0xb0 [ 24.769304][ T316] ? usbdev_poll+0x200/0x200 [ 24.773726][ T316] __se_sys_ioctl+0x114/0x190 [ 24.778243][ T316] __x64_sys_ioctl+0x7b/0x90 [ 24.782667][ T316] do_syscall_64+0x3d/0xb0 [ 24.786923][ T316] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.792650][ T316] RIP: 0033:0x7fac62c9a859 [ 24.796901][ T316] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 24.816345][ T316] RSP: 002b:00007ffed4099528 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 24.824606][ T316] RAX: ffffffffffffffda RBX: 00007fac62cde184 RCX: 00007fac62c9a859 [pid 318] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 317] <... ioctl resumed>, 0x20000040) = 0 [pid 316] <... ioctl resumed>, 0x20000040) = -1 ENOMEM (Cannot allocate memory) [pid 317] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME) = 4 [pid 316] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 317] ioctl(4, USBDEVFS_IOCTL, 0x20000040) = -1 EHOSTUNREACH (No route to host) [pid 316] <... openat resumed>) = 7 [pid 317] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME) = 5 [pid 316] ioctl(7, USBDEVFS_IOCTL [pid 315] <... openat resumed>) = 5 [pid 317] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 316] <... ioctl resumed>, 0x20000080) = -1 EHOSTUNREACH (No route to host) [pid 317] write(6, "3", 1 [pid 314] <... ioctl resumed>, 0x20000040) = -1 EHOSTUNREACH (No route to host) [pid 313] <... ioctl resumed>, 0x20000040) = -1 EHOSTUNREACH (No route to host) [pid 318] <... openat resumed>) = 3 [pid 317] <... write resumed>) = 1 [pid 316] exit_group(0 [pid 315] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR [pid 314] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 313] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 317] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 316] <... exit_group resumed>) = ? [pid 318] ioctl(3, USBDEVFS_SETCONFIGURATION [pid 315] <... openat resumed>) = 6 [pid 315] write(6, "3", 1) = 1 [ 24.832405][ T316] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [ 24.840218][ T316] RBP: 00007ffed4099540 R08: 0000000000000001 R09: 0000000000000000 [ 24.848031][ T316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 24.855853][ T316] R13: 00007ffed409953c R14: 00007ffed4099560 R15: 00007ffed4099550 [ 24.863649][ T316] [ 24.868999][ T317] FAULT_INJECTION: forcing a failure. [ 24.868999][ T317] name failslab, interval 1, probability 0, space 0, times 0 [ 24.881632][ T317] CPU: 0 PID: 317 Comm: syz-executor244 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 [ 24.891713][ T317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 24.901599][ T317] Call Trace: [ 24.904721][ T317] [ 24.907506][ T317] dump_stack_lvl+0x151/0x1b7 [ 24.912011][ T317] ? io_uring_drop_tctx_refs+0x190/0x190 [ 24.917493][ T317] ? pointer+0xc40/0xc40 [ 24.921559][ T317] dump_stack+0x15/0x17 [ 24.925554][ T317] should_fail+0x3c6/0x510 [ 24.929829][ T317] __should_failslab+0xa4/0xe0 [ 24.934527][ T317] should_failslab+0x9/0x20 [ 24.938889][ T317] slab_pre_alloc_hook+0x37/0xd0 [ 24.943640][ T317] ? kvasprintf_const+0x5e/0x190 [ 24.948413][ T317] __kmalloc_track_caller+0x6c/0x260 [ 24.953538][ T317] ? kvasprintf_const+0x5e/0x190 [ 24.958308][ T317] kvasprintf+0xd6/0x180 [ 24.962391][ T317] ? __x64_sys_ioctl+0x7b/0x90 [ 24.966989][ T317] ? do_syscall_64+0x3d/0xb0 [ 24.971419][ T317] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.977315][ T317] ? bust_spinlocks+0xe0/0xe0 [ 24.981831][ T317] ? __kasan_check_write+0x14/0x20 [ 24.986780][ T317] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 24.992183][ T317] ? _raw_spin_lock+0x1b0/0x1b0 [ 24.996862][ T317] kvasprintf_const+0x5e/0x190 [ 25.001455][ T317] kobject_set_name_vargs+0x61/0x120 [ 25.006573][ T317] dev_set_name+0xd1/0x120 [ 25.010830][ T317] ? get_device+0x30/0x30 [ 25.014994][ T317] ? pm_runtime_init+0x275/0x350 [ 25.019766][ T317] ? _raw_spin_unlock_irq+0x4e/0x70 [ 25.024814][ T317] usb_set_configuration+0xef1/0x1e80 [ 25.030011][ T317] usbdev_ioctl+0x40ff/0x5e20 [ 25.034522][ T317] ? ip_rcv_finish+0xd0/0xd0 [ 25.038949][ T317] ? usbdev_poll+0x200/0x200 [ 25.043377][ T317] ? __netif_receive_skb_list_core+0x6b1/0x890 [ 25.049365][ T317] ? __netif_receive_skb+0x530/0x530 [ 25.054485][ T317] ? receive_buf+0x2711/0x5760 [ 25.059087][ T317] ? avc_has_extended_perms+0x90b/0x10f0 [ 25.064553][ T317] ? memcpy+0x56/0x70 [ 25.068370][ T317] ? avc_has_extended_perms+0xad7/0x10f0 [ 25.073842][ T317] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 25.079327][ T317] ? avc_flush+0x290/0x290 [ 25.083562][ T317] ? update_load_avg+0x43a/0x1150 [ 25.088422][ T317] ? do_vfs_ioctl+0xbc1/0x2a80 [ 25.093022][ T317] ? __kasan_check_read+0x11/0x20 [ 25.097880][ T317] ? __x64_compat_sys_ioctl+0x90/0x90 [ 25.103089][ T317] ? compat_start_thread+0x20/0x20 [ 25.108038][ T317] ? native_set_ldt+0x360/0x360 [ 25.112725][ T317] ? ioctl_has_perm+0x1f8/0x560 [ 25.117411][ T317] ? ioctl_has_perm+0x3f5/0x560 [ 25.122105][ T317] ? has_cap_mac_admin+0x3c0/0x3c0 [ 25.127065][ T317] ? __kasan_check_write+0x14/0x20 [ 25.131995][ T317] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 25.136964][ T317] ? _raw_spin_unlock_irq+0x4e/0x70 [ 25.141972][ T317] ? cgroup_leave_frozen+0x164/0x2c0 [ 25.147094][ T317] ? selinux_file_ioctl+0x3cc/0x540 [ 25.152147][ T317] ? selinux_file_alloc_security+0x120/0x120 [ 25.157947][ T317] ? _raw_spin_unlock_irq+0x4e/0x70 [ 25.162980][ T317] ? ptrace_notify+0x24c/0x350 [ 25.167581][ T317] ? security_file_ioctl+0x84/0xb0 [ 25.172523][ T317] ? usbdev_poll+0x200/0x200 [ 25.176950][ T317] __se_sys_ioctl+0x114/0x190 [ 25.181464][ T317] __x64_sys_ioctl+0x7b/0x90 [ 25.185894][ T317] do_syscall_64+0x3d/0xb0 [ 25.190143][ T317] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.195907][ T317] RIP: 0033:0x7fac62c9a859 [ 25.200131][ T317] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 25.219657][ T317] RSP: 002b:00007ffed4099528 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 25.227898][ T317] RAX: ffffffffffffffda RBX: 00007fac62cde184 RCX: 00007fac62c9a859 [pid 315] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 318] <... ioctl resumed>, 0x20000040) = 0 [pid 317] <... ioctl resumed>, 0x20000040) = 0 [pid 314] <... openat resumed>) = 5 [pid 313] <... openat resumed>) = 5 [pid 317] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 318] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 314] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 314] write(6, "3", 1) = 1 [pid 314] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 313] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 313] write(6, "3", 1) = 1 [ 25.235814][ T317] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [ 25.243623][ T317] RBP: 00007ffed4099540 R08: 0000000000000001 R09: 0000000000000000 [ 25.251444][ T317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 25.259245][ T317] R13: 00007ffed409953c R14: 00007ffed4099560 R15: 00007ffed4099550 [ 25.267080][ T317] [ 25.270357][ T317] usb usb4: device_add((null)) --> -22 [ 25.275793][ T315] FAULT_INJECTION: forcing a failure. [ 25.275793][ T315] name failslab, interval 1, probability 0, space 0, times 0 [ 25.288318][ T315] CPU: 0 PID: 315 Comm: syz-executor244 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 [ 25.298387][ T315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 25.308290][ T315] Call Trace: [ 25.311410][ T315] [ 25.314191][ T315] dump_stack_lvl+0x151/0x1b7 [ 25.318696][ T315] ? io_uring_drop_tctx_refs+0x190/0x190 [ 25.324166][ T315] ? pointer+0xc40/0xc40 [ 25.328250][ T315] dump_stack+0x15/0x17 [ 25.332236][ T315] should_fail+0x3c6/0x510 [ 25.336489][ T315] __should_failslab+0xa4/0xe0 [ 25.341097][ T315] should_failslab+0x9/0x20 [ 25.345429][ T315] slab_pre_alloc_hook+0x37/0xd0 [ 25.350205][ T315] ? kvasprintf_const+0x5e/0x190 [ 25.354976][ T315] __kmalloc_track_caller+0x6c/0x260 [ 25.360102][ T315] ? kvasprintf_const+0x5e/0x190 [ 25.364876][ T315] kvasprintf+0xd6/0x180 [ 25.368956][ T315] ? __x64_sys_ioctl+0x7b/0x90 [ 25.373568][ T315] ? do_syscall_64+0x3d/0xb0 [ 25.378063][ T315] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.383977][ T315] ? bust_spinlocks+0xe0/0xe0 [ 25.388478][ T315] ? __kasan_check_write+0x14/0x20 [ 25.393427][ T315] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 25.398726][ T315] ? _raw_spin_lock+0x1b0/0x1b0 [ 25.403418][ T315] kvasprintf_const+0x5e/0x190 [ 25.408016][ T315] kobject_set_name_vargs+0x61/0x120 [ 25.413142][ T315] dev_set_name+0xd1/0x120 [ 25.417391][ T315] ? get_device+0x30/0x30 [ 25.421554][ T315] ? pm_runtime_init+0x275/0x350 [ 25.426326][ T315] ? _raw_spin_unlock_irq+0x4e/0x70 [ 25.431379][ T315] usb_set_configuration+0xef1/0x1e80 [ 25.436565][ T315] usbdev_ioctl+0x40ff/0x5e20 [ 25.441076][ T315] ? xas_start+0x32c/0x3f0 [ 25.445329][ T315] ? do_set_pte+0x3ca/0x7c0 [ 25.449667][ T315] ? usbdev_poll+0x200/0x200 [ 25.454104][ T315] ? next_uptodate_page+0xb68/0xb90 [ 25.459144][ T315] ? xas_find+0x6ef/0x820 [ 25.463310][ T315] ? _raw_spin_unlock+0x4d/0x70 [ 25.467985][ T315] ? filemap_map_pages+0xc99/0x1640 [ 25.473026][ T315] ? avc_has_extended_perms+0x90b/0x10f0 [ 25.478486][ T315] ? memcpy+0x56/0x70 [ 25.482309][ T315] ? avc_has_extended_perms+0xad7/0x10f0 [ 25.487777][ T315] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 25.493241][ T315] ? avc_flush+0x290/0x290 [ 25.497495][ T315] ? update_load_avg+0x43a/0x1150 [ 25.502359][ T315] ? do_vfs_ioctl+0xbc1/0x2a80 [ 25.506959][ T315] ? __kasan_check_read+0x11/0x20 [ 25.511816][ T315] ? __x64_compat_sys_ioctl+0x90/0x90 [ 25.517022][ T315] ? compat_start_thread+0x20/0x20 [ 25.521969][ T315] ? native_set_ldt+0x360/0x360 [ 25.526701][ T315] ? ioctl_has_perm+0x1f8/0x560 [ 25.531347][ T315] ? ioctl_has_perm+0x3f5/0x560 [ 25.536033][ T315] ? has_cap_mac_admin+0x3c0/0x3c0 [ 25.540979][ T315] ? __kasan_check_write+0x14/0x20 [ 25.545923][ T315] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 25.550869][ T315] ? _raw_spin_unlock_irq+0x4e/0x70 [ 25.555916][ T315] ? cgroup_leave_frozen+0x164/0x2c0 [ 25.561025][ T315] ? selinux_file_ioctl+0x3cc/0x540 [ 25.566058][ T315] ? selinux_file_alloc_security+0x120/0x120 [ 25.571980][ T315] ? _raw_spin_unlock_irq+0x4e/0x70 [ 25.577045][ T315] ? ptrace_notify+0x24c/0x350 [ 25.581616][ T315] ? security_file_ioctl+0x84/0xb0 [ 25.586559][ T315] ? usbdev_poll+0x200/0x200 [ 25.590998][ T315] __se_sys_ioctl+0x114/0x190 [ 25.595513][ T315] __x64_sys_ioctl+0x7b/0x90 [ 25.599928][ T315] do_syscall_64+0x3d/0xb0 [ 25.604190][ T315] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.609914][ T315] RIP: 0033:0x7fac62c9a859 [ 25.614162][ T315] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 25.633605][ T315] RSP: 002b:00007ffed4099528 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 25.641851][ T315] RAX: ffffffffffffffda RBX: 00007fac62cde184 RCX: 00007fac62c9a859 [ 25.649659][ T315] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [ 25.657487][ T315] RBP: 00007ffed4099540 R08: 0000000000000001 R09: 0000000000000000 [ 25.666016][ T315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 25.673825][ T315] R13: 00007ffed409953c R14: 00007ffed4099560 R15: 00007ffed4099550 [ 25.681644][ T315] [pid 313] ioctl(5, USBDEVFS_SETCONFIGURATION [pid 315] <... ioctl resumed>, 0x20000040) = 0 [pid 318] <... openat resumed>) = 4 [pid 317] <... openat resumed>) = 7 [pid 316] +++ exited with 0 +++ [pid 315] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 318] ioctl(4, USBDEVFS_IOCTL [pid 317] ioctl(7, USBDEVFS_IOCTL [pid 300] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=316, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 300] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 300] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555c5e5d0) = 320 ./strace-static-x86_64: Process 320 attached [pid 320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 320] setpgid(0, 0) = 0 [pid 320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 320] write(3, "1000", 4) = 4 [pid 320] close(3) = 0 [ 25.685357][ T315] usb usb4: device_add((null)) --> -22 [ 25.691436][ T314] FAULT_INJECTION: forcing a failure. [ 25.691436][ T314] name failslab, interval 1, probability 0, space 0, times 0 [ 25.704175][ T314] CPU: 0 PID: 314 Comm: syz-executor244 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 [ 25.714243][ T314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 25.724132][ T314] Call Trace: [ 25.727255][ T314] [ 25.730031][ T314] dump_stack_lvl+0x151/0x1b7 [ 25.734545][ T314] ? io_uring_drop_tctx_refs+0x190/0x190 [ 25.740020][ T314] ? stack_trace_save+0x1c0/0x1c0 [ 25.744877][ T314] ? __kernel_text_address+0x9b/0x110 [ 25.750080][ T314] dump_stack+0x15/0x17 [ 25.754073][ T314] should_fail+0x3c6/0x510 [ 25.758329][ T314] __should_failslab+0xa4/0xe0 [ 25.762925][ T314] should_failslab+0x9/0x20 [ 25.767268][ T314] slab_pre_alloc_hook+0x37/0xd0 [ 25.772038][ T314] __kmalloc+0x6d/0x270 [ 25.776034][ T314] ? _raw_spin_unlock+0x4d/0x70 [ 25.780717][ T314] ? usb_hcd_submit_urb+0x8c9/0x1b70 [ 25.785839][ T314] ? usb_hcd_link_urb_to_ep+0x252/0x320 [ 25.791225][ T314] usb_hcd_submit_urb+0x8c9/0x1b70 [ 25.796231][ T314] ? process_slab+0x120/0x420 [ 25.801039][ T314] ? dma_map_single_attrs+0x160/0x160 [ 25.806237][ T314] ? usb_reset_configuration+0x172/0xa90 [ 25.811705][ T314] ? usbdev_ioctl+0x40da/0x5e20 [ 25.816390][ T314] ? __se_sys_ioctl+0x114/0x190 [ 25.821077][ T314] ? __x64_sys_ioctl+0x7b/0x90 [ 25.825678][ T314] ? do_syscall_64+0x3d/0xb0 [ 25.830103][ T314] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 25.836017][ T314] usb_submit_urb+0x118c/0x1840 [ 25.840702][ T314] usb_start_wait_urb+0x120/0x350 [ 25.845555][ T314] ? usb_api_blocking_completion+0xb0/0xb0 [ 25.851200][ T314] ? __kmalloc+0x13a/0x270 [ 25.855451][ T314] ? __kasan_check_write+0x14/0x20 [ 25.860490][ T314] usb_control_msg+0x2e4/0x510 [ 25.865084][ T314] ? usb_anchor_empty+0x40/0x40 [ 25.869768][ T314] ? wait_for_completion_killable_timeout+0x10/0x10 [ 25.876191][ T314] usb_reset_configuration+0x172/0xa90 [ 25.881488][ T314] ? wait_for_completion_killable_timeout+0x10/0x10 [ 25.887913][ T314] usbdev_ioctl+0x40da/0x5e20 [ 25.892425][ T314] ? sched_group_set_idle+0x640/0x640 [ 25.897631][ T314] ? psi_task_change+0x22c/0x360 [ 25.902405][ T314] ? usbdev_poll+0x200/0x200 [ 25.906831][ T314] ? check_preempt_wakeup+0x882/0xbe0 [ 25.912049][ T314] ? yield_to_task_fair+0x190/0x190 [ 25.917073][ T314] ? activate_task+0x90/0xb0 [ 25.921500][ T314] ? __kasan_check_read+0x11/0x20 [ 25.926356][ T314] ? ttwu_do_wakeup+0xe3/0x430 [ 25.930959][ T314] ? avc_has_extended_perms+0x90b/0x10f0 [ 25.936426][ T314] ? memcpy+0x56/0x70 [ 25.941027][ T314] ? avc_has_extended_perms+0xad7/0x10f0 [ 25.946496][ T314] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 25.951961][ T314] ? avc_flush+0x290/0x290 [ 25.956222][ T314] ? update_load_avg+0x43a/0x1150 [ 25.961076][ T314] ? do_vfs_ioctl+0xbc1/0x2a80 [ 25.965678][ T314] ? __kasan_check_read+0x11/0x20 [ 25.970544][ T314] ? __x64_compat_sys_ioctl+0x90/0x90 [ 25.975745][ T314] ? compat_start_thread+0x20/0x20 [ 25.980710][ T314] ? native_set_ldt+0x360/0x360 [ 25.985382][ T314] ? ioctl_has_perm+0x1f8/0x560 [ 25.990067][ T314] ? ioctl_has_perm+0x3f5/0x560 [ 25.994756][ T314] ? has_cap_mac_admin+0x3c0/0x3c0 [ 25.999697][ T314] ? __kasan_check_write+0x14/0x20 [ 26.004646][ T314] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 26.009595][ T314] ? _raw_spin_unlock_irq+0x4e/0x70 [ 26.014631][ T314] ? cgroup_leave_frozen+0x164/0x2c0 [ 26.019754][ T314] ? selinux_file_ioctl+0x3cc/0x540 [ 26.024790][ T314] ? selinux_file_alloc_security+0x120/0x120 [ 26.030603][ T314] ? _raw_spin_unlock_irq+0x4e/0x70 [ 26.035639][ T314] ? ptrace_notify+0x24c/0x350 [ 26.040243][ T314] ? security_file_ioctl+0x84/0xb0 [ 26.045185][ T314] ? usbdev_poll+0x200/0x200 [ 26.049610][ T314] __se_sys_ioctl+0x114/0x190 [ 26.054122][ T314] __x64_sys_ioctl+0x7b/0x90 [ 26.058545][ T314] do_syscall_64+0x3d/0xb0 [ 26.062799][ T314] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.068528][ T314] RIP: 0033:0x7fac62c9a859 [ 26.072782][ T314] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 26.092227][ T314] RSP: 002b:00007ffed4099528 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 26.100468][ T314] RAX: ffffffffffffffda RBX: 00007fac62cde184 RCX: 00007fac62c9a859 [ 26.108282][ T314] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [ 26.116090][ T314] RBP: 00007ffed4099540 R08: 0000000000000001 R09: 0000000000000000 [ 26.123904][ T314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 26.131712][ T314] R13: 00007ffed409953c R14: 00007ffed4099560 R15: 00007ffed4099550 [pid 320] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 314] <... ioctl resumed>, 0x20000040) = -1 ENOMEM (Cannot allocate memory) [ 26.139539][ T314] [ 26.142746][ T313] FAULT_INJECTION: forcing a failure. [ 26.142746][ T313] name failslab, interval 1, probability 0, space 0, times 0 [ 26.155430][ T313] CPU: 0 PID: 313 Comm: syz-executor244 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 [ 26.165507][ T313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 26.175482][ T313] Call Trace: [ 26.178601][ T313] [ 26.181376][ T313] dump_stack_lvl+0x151/0x1b7 [ 26.185891][ T313] ? io_uring_drop_tctx_refs+0x190/0x190 [ 26.191363][ T313] ? stack_trace_save+0x1c0/0x1c0 [ 26.196216][ T313] ? __kernel_text_address+0x9b/0x110 [ 26.201429][ T313] dump_stack+0x15/0x17 [ 26.205416][ T313] should_fail+0x3c6/0x510 [ 26.209673][ T313] __should_failslab+0xa4/0xe0 [ 26.214275][ T313] should_failslab+0x9/0x20 [ 26.218607][ T313] slab_pre_alloc_hook+0x37/0xd0 [ 26.223385][ T313] __kmalloc+0x6d/0x270 [ 26.227381][ T313] ? _raw_spin_unlock+0x4d/0x70 [ 26.232065][ T313] ? usb_hcd_submit_urb+0x8c9/0x1b70 [ 26.237184][ T313] ? usb_hcd_link_urb_to_ep+0x252/0x320 [ 26.242566][ T313] usb_hcd_submit_urb+0x8c9/0x1b70 [ 26.247514][ T313] ? process_slab+0x120/0x420 [ 26.252054][ T313] ? dma_map_single_attrs+0x160/0x160 [ 26.257231][ T313] ? usb_reset_configuration+0x172/0xa90 [ 26.262704][ T313] ? usbdev_ioctl+0x40da/0x5e20 [ 26.267390][ T313] ? __se_sys_ioctl+0x114/0x190 [ 26.272110][ T313] ? __x64_sys_ioctl+0x7b/0x90 [ 26.276673][ T313] ? do_syscall_64+0x3d/0xb0 [ 26.281110][ T313] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.287004][ T313] usb_submit_urb+0x118c/0x1840 [ 26.291692][ T313] usb_start_wait_urb+0x120/0x350 [ 26.296550][ T313] ? usb_api_blocking_completion+0xb0/0xb0 [ 26.302195][ T313] ? __kmalloc+0x13a/0x270 [ 26.306453][ T313] ? __kasan_check_write+0x14/0x20 [ 26.311392][ T313] usb_control_msg+0x2e4/0x510 [ 26.315999][ T313] ? usb_anchor_empty+0x40/0x40 [ 26.320683][ T313] ? wait_for_completion_killable_timeout+0x10/0x10 [ 26.327102][ T313] ? update_curr+0x391/0x5e0 [ 26.331538][ T313] usb_reset_configuration+0x172/0xa90 [ 26.336822][ T313] ? wait_for_completion_killable_timeout+0x10/0x10 [ 26.343245][ T313] usbdev_ioctl+0x40da/0x5e20 [ 26.347759][ T313] ? sched_group_set_idle+0x640/0x640 [ 26.352968][ T313] ? psi_task_change+0x22c/0x360 [ 26.357739][ T313] ? usbdev_poll+0x200/0x200 [ 26.362170][ T313] ? check_preempt_wakeup+0x882/0xbe0 [ 26.367376][ T313] ? yield_to_task_fair+0x190/0x190 [ 26.372408][ T313] ? activate_task+0x90/0xb0 [ 26.376842][ T313] ? __kasan_check_read+0x11/0x20 [ 26.381706][ T313] ? ttwu_do_wakeup+0xe3/0x430 [ 26.386301][ T313] ? avc_has_extended_perms+0x90b/0x10f0 [ 26.391764][ T313] ? memcpy+0x56/0x70 [ 26.395588][ T313] ? avc_has_extended_perms+0xad7/0x10f0 [ 26.401062][ T313] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 26.406517][ T313] ? avc_flush+0x290/0x290 [ 26.410770][ T313] ? update_load_avg+0x43a/0x1150 [ 26.415638][ T313] ? do_vfs_ioctl+0xbc1/0x2a80 [ 26.420241][ T313] ? __kasan_check_read+0x11/0x20 [ 26.425100][ T313] ? __x64_compat_sys_ioctl+0x90/0x90 [ 26.430301][ T313] ? compat_start_thread+0x20/0x20 [ 26.435247][ T313] ? native_set_ldt+0x360/0x360 [ 26.439936][ T313] ? ioctl_has_perm+0x1f8/0x560 [ 26.444627][ T313] ? ioctl_has_perm+0x3f5/0x560 [ 26.449337][ T313] ? has_cap_mac_admin+0x3c0/0x3c0 [ 26.454259][ T313] ? __kasan_check_write+0x14/0x20 [ 26.459225][ T313] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 26.464159][ T313] ? _raw_spin_unlock_irq+0x4e/0x70 [ 26.469190][ T313] ? cgroup_leave_frozen+0x164/0x2c0 [ 26.474305][ T313] ? selinux_file_ioctl+0x3cc/0x540 [ 26.479340][ T313] ? selinux_file_alloc_security+0x120/0x120 [ 26.485160][ T313] ? _raw_spin_unlock_irq+0x4e/0x70 [ 26.490201][ T313] ? ptrace_notify+0x24c/0x350 [ 26.494798][ T313] ? security_file_ioctl+0x84/0xb0 [ 26.499740][ T313] ? usbdev_poll+0x200/0x200 [ 26.504165][ T313] __se_sys_ioctl+0x114/0x190 [ 26.508695][ T313] __x64_sys_ioctl+0x7b/0x90 [ 26.513110][ T313] do_syscall_64+0x3d/0xb0 [ 26.517361][ T313] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.523082][ T313] RIP: 0033:0x7fac62c9a859 [ 26.527342][ T313] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 26.546801][ T313] RSP: 002b:00007ffed4099528 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 26.555023][ T313] RAX: ffffffffffffffda RBX: 00007fac62cde184 RCX: 00007fac62c9a859 [ 26.562836][ T313] RDX: 0000000020000040 RSI: 0000000080045505 RDI: 0000000000000005 [ 26.570650][ T313] RBP: 00007ffed4099540 R08: 0000000000000001 R09: 0000000000000000 [ 26.578456][ T313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [pid 314] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [pid 318] <... ioctl resumed>, 0x20000040) = -1 ENODATA (No data available) [pid 313] <... ioctl resumed>, 0x20000040) = -1 ENOMEM (Cannot allocate memory) [pid 313] openat(AT_FDCWD, "/dev/bus/usb/004/001", O_WRONLY|O_NOATIME [ 26.586317][ T313] R13: 00007ffed409953c R14: 00007ffed4099560 R15: 00007ffed4099550 [ 26.594085][ T313] [ 26.599468][ T317] general protection fault, probably for non-canonical address 0xdffffc000000001a: 0000 [#1] PREEMPT SMP KASAN [ 26.611006][ T317] KASAN: null-ptr-deref in range [0x00000000000000d0-0x00000000000000d7] [ 26.619247][ T317] CPU: 0 PID: 317 Comm: syz-executor244 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 [ 26.629328][ T317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 26.639301][ T317] RIP: 0010:__device_attach+0xb4/0x510 [ 26.644598][ T317] Code: 5c 24 68 48 89 d8 48 c1 e8 03 42 80 3c 30 00 74 08 48 89 df e8 0d 77 d1 fe 4c 8b 2b 49 8d 9d d0 00 00 00 48 89 d8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 c8 03 00 00 0f b6 1b 89 de 83 e6 01 45 [ 26.664049][ T317] RSP: 0018:ffffc90000a47580 EFLAGS: 00010202 [ 26.669936][ T317] RAX: 000000000000001a RBX: 00000000000000d0 RCX: ffff88811ea6e2c0 [ 26.677747][ T317] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc90000a47500 [ 26.685562][ T317] RBP: ffffc90000a47650 R08: dffffc0000000000 R09: fffff52000148ea1 [ 26.693370][ T317] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811eb3f030 [ 26.701180][ T317] R13: 0000000000000000 R14: dffffc0000000000 R15: ffff88811eb3f030 [ 26.709079][ T317] FS: 0000555555c5e300(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 26.717848][ T317] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 26.724274][ T317] CR2: 0000000020000000 CR3: 000000011ad5a000 CR4: 00000000003506b0 [ 26.732085][ T317] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 26.739897][ T317] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 26.747727][ T317] Call Trace: [ 26.750834][ T317] [ 26.753604][ T317] ? _raw_spin_lock+0x1b0/0x1b0 [ 26.758291][ T317] ? device_attach+0x20/0x20 [ 26.762724][ T317] ? __mutex_lock_slowpath+0xe/0x10 [ 26.767751][ T317] ? usb_ifnum_to_if+0x210/0x280 [ 26.772529][ T317] device_attach+0x17/0x20 [ 26.776779][ T317] proc_ioctl+0x428/0x600 [ 26.780945][ T317] usbdev_ioctl+0x3070/0x5e20 [ 26.785469][ T317] ? usbdev_poll+0x200/0x200 [ 26.789882][ T317] ? is_bpf_text_address+0x172/0x190 [ 26.795009][ T317] ? stack_trace_save+0x1c0/0x1c0 [ 26.799877][ T317] ? __kernel_text_address+0x9b/0x110 [ 26.805076][ T317] ? unwind_get_return_address+0x4d/0x90 [ 26.810546][ T317] ? __kasan_check_write+0x14/0x20 [ 26.815488][ T317] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 26.820791][ T317] ? _raw_spin_lock+0x1b0/0x1b0 [ 26.825471][ T317] ? avc_has_extended_perms+0x90b/0x10f0 [ 26.830937][ T317] ? memcpy+0x56/0x70 [ 26.834764][ T317] ? avc_has_extended_perms+0xad7/0x10f0 [ 26.840225][ T317] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 26.845697][ T317] ? avc_flush+0x290/0x290 [ 26.849943][ T317] ? update_load_avg+0x43a/0x1150 [ 26.854807][ T317] ? do_vfs_ioctl+0xbc1/0x2a80 [ 26.859413][ T317] ? __kasan_check_read+0x11/0x20 [ 26.864282][ T317] ? __x64_compat_sys_ioctl+0x90/0x90 [ 26.869483][ T317] ? compat_start_thread+0x20/0x20 [ 26.874423][ T317] ? native_set_ldt+0x360/0x360 [ 26.879113][ T317] ? ioctl_has_perm+0x1f8/0x560 [ 26.883794][ T317] ? ioctl_has_perm+0x3f5/0x560 [ 26.888481][ T317] ? has_cap_mac_admin+0x3c0/0x3c0 [ 26.893556][ T317] ? __kasan_check_write+0x14/0x20 [ 26.898495][ T317] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 26.903445][ T317] ? _raw_spin_unlock_irq+0x4e/0x70 [ 26.908561][ T317] ? cgroup_leave_frozen+0x164/0x2c0 [ 26.913686][ T317] ? selinux_file_ioctl+0x3cc/0x540 [ 26.918726][ T317] ? selinux_file_alloc_security+0x120/0x120 [ 26.924536][ T317] ? _raw_spin_unlock_irq+0x4e/0x70 [ 26.929568][ T317] ? ptrace_notify+0x24c/0x350 [ 26.934178][ T317] ? security_file_ioctl+0x84/0xb0 [ 26.939119][ T317] ? usbdev_poll+0x200/0x200 [ 26.943548][ T317] __se_sys_ioctl+0x114/0x190 [ 26.948065][ T317] __x64_sys_ioctl+0x7b/0x90 [ 26.952486][ T317] do_syscall_64+0x3d/0xb0 [ 26.956745][ T317] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.962465][ T317] RIP: 0033:0x7fac62c9a859 [ 26.966732][ T317] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 26.986173][ T317] RSP: 002b:00007ffed4099528 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 26.994405][ T317] RAX: ffffffffffffffda RBX: 00007fac62cde184 RCX: 00007fac62c9a859 [ 27.002213][ T317] RDX: 0000000020000080 RSI: 00000000c0105512 RDI: 0000000000000007 [ 27.010028][ T317] RBP: 00007ffed4099540 R08: 0000000000000000 R09: 0000000000000000 [ 27.017836][ T317] R10: 000000000000ffff R11: 0000000000000246 R12: 0000000000000001 [ 27.025650][ T317] R13: 00007ffed409953c R14: 00007ffed4099560 R15: 00007ffed4099550 [ 27.033464][ T317] [ 27.036324][ T317] Modules linked in: [ 27.042253][ T317] ---[ end trace 93bac0720e8cc2bd ]--- [ 27.047529][ T317] RIP: 0010:__device_attach+0xb4/0x510 [ 27.052969][ T317] Code: 5c 24 68 48 89 d8 48 c1 e8 03 42 80 3c 30 00 74 08 48 89 df e8 0d 77 d1 fe 4c 8b 2b 49 8d 9d d0 00 00 00 48 89 d8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 c8 03 00 00 0f b6 1b 89 de 83 e6 01 45 [ 27.072490][ T317] RSP: 0018:ffffc90000a47580 EFLAGS: 00010202 [ 27.078712][ T317] RAX: 000000000000001a RBX: 00000000000000d0 RCX: ffff88811ea6e2c0 [ 27.086720][ T317] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc90000a47500 [ 27.094685][ T317] RBP: ffffc90000a47650 R08: dffffc0000000000 R09: fffff52000148ea1 [ 27.102536][ T317] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811eb3f030 [ 27.110402][ T317] R13: 0000000000000000 R14: dffffc0000000000 R15: ffff88811eb3f030 [ 27.118230][ T317] FS: 0000555555c5e300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 27.127018][ T317] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 27.133426][ T317] CR2: 00007fac62cca1f0 CR3: 000000011ad5a000 CR4: 00000000003506a0 [ 27.141217][ T317] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 27.149039][ T317] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 27.156827][ T317] Kernel panic - not syncing: Fatal exception [ 27.163003][ T317] Kernel Offset: disabled [ 27.167137][ T317] Rebooting in 86400 seconds..