[[0;32m OK [0m] Started Getty on tty3.
[[0;32m OK [0m] Started Getty on tty2.
[[0;32m OK [0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
[[0;32m OK [0m] Started Serial Getty on ttyS0.
[[0;32m OK [0m] Started Getty on tty1.
[[0;32m OK [0m] Reached target Login Prompts.
[[0;32m OK [0m] Reached target Multi-User System.
[[0;32m OK [0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
[[0;32m OK [0m] Started Update UTMP about System Runlevel Changes.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.0.187' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 73.678827][ T4179] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 73.969143][ T4179] usb 1-1: too many configurations: 85, using maximum allowed: 8
[ 74.778870][ T4179] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 74.788324][ T4179] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 74.797356][ T4179] usb 1-1: Product: syz
[ 74.802126][ T4179] usb 1-1: Manufacturer: syz
[ 74.806864][ T4179] usb 1-1: SerialNumber: syz
[ 74.851262][ T4179] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 75.478690][ T4179] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
executing program
[ 76.509398][ T26] usb 1-1: USB disconnect, device number 2
[ 76.522142][ C1] INFO: trying to register non-static key.
[ 76.528245][ C1] The code is fine but needs lockdep annotation, or maybe
[ 76.535513][ C1] you didn't initialize this object before use?
[ 76.541740][ C1] turning off the locking correctness validator.
[ 76.548186][ C1] CPU: 1 PID: 26 Comm: kworker/1:1 Not tainted 5.14.0-syzkaller #0
[ 76.556363][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 76.566492][ C1] Workqueue: usb_hub_wq hub_event
[ 76.571523][ C1] Call Trace:
[ 76.574811][ C1]
[ 76.577637][ C1] dump_stack_lvl+0xcd/0x134
[ 76.582249][ C1] register_lock_class+0xf79/0x10c0
[ 76.587468][ C1] ? mark_lock+0xef/0x17b0
[ 76.591874][ C1] ? is_dynamic_key+0x1a0/0x1a0
[ 76.596719][ C1] ? lock_chain_count+0x20/0x20
[ 76.601658][ C1] __lock_acquire+0x105/0x54a0
[ 76.606409][ C1] ? lock_chain_count+0x20/0x20
[ 76.611254][ C1] ? __lock_acquire+0x162f/0x54a0
[ 76.616277][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 76.622249][ C1] lock_acquire+0x1ab/0x510
[ 76.626739][ C1] ? skb_queue_tail+0x21/0x140
[ 76.631596][ C1] ? lock_release+0x720/0x720
[ 76.636287][ C1] ? ath9k_htc_txstatus+0x500/0x500
[ 76.641466][ C1] _raw_spin_lock_irqsave+0x39/0x50
[ 76.646649][ C1] ? skb_queue_tail+0x21/0x140
[ 76.651395][ C1] skb_queue_tail+0x21/0x140
[ 76.656150][ C1] ? lock_downgrade+0x6e0/0x6e0
[ 76.660999][ C1] ath9k_htc_txep+0x287/0x400
[ 76.665723][ C1] ath9k_htc_txcompletion_cb+0x1cd/0x2f0
[ 76.671532][ C1] hif_usb_regout_cb+0x115/0x1c0
[ 76.676520][ C1] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 76.682491][ C1] __usb_hcd_giveback_urb+0x2b0/0x5c0
[ 76.687990][ C1] usb_hcd_giveback_urb+0x367/0x410
[ 76.693250][ C1] dummy_timer+0x11f9/0x32b0
[ 76.697836][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 76.703866][ C1] ? lock_chain_count+0x20/0x20
[ 76.708717][ C1] ? dummy_dequeue+0x500/0x500
[ 76.713472][ C1] ? dummy_dequeue+0x500/0x500
[ 76.718225][ C1] call_timer_fn+0x1a5/0x6b0
[ 76.722944][ C1] ? add_timer_on+0x4a0/0x4a0
[ 76.727622][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 76.732808][ C1] ? dummy_dequeue+0x500/0x500
[ 76.737571][ C1] __run_timers.part.0+0x675/0xa20
[ 76.742681][ C1] ? call_timer_fn+0x6b0/0x6b0
[ 76.747437][ C1] ? lapic_next_event+0x4d/0x80
[ 76.752362][ C1] run_timer_softirq+0xb3/0x1d0
[ 76.757199][ C1] __do_softirq+0x29b/0x9c2
[ 76.761696][ C1] __irq_exit_rcu+0x16e/0x1c0
[ 76.766368][ C1] irq_exit_rcu+0x5/0x20
[ 76.770610][ C1] sysvec_apic_timer_interrupt+0x93/0xc0
[ 76.776242][ C1]
[ 76.779171][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 76.785175][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x7/0x60
[ 76.791235][ C1] Code: fd ff ff b9 ff ff ff ff ba 08 00 00 00 4d 8b 03 48 0f bd ca 49 8b 45 00 48 63 c9 e9 64 ff ff ff 0f 1f 00 65 8b 05 99 46 8c 7e <89> c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b 14 25 40 f0 01 00 a9
[ 76.811001][ C1] RSP: 0018:ffffc90000e0f7b0 EFLAGS: 00000206
[ 76.817072][ C1] RAX: 0000000080000000 RBX: ffffffff8a281d09 RCX: 0000000000000004
[ 76.825030][ C1] RDX: 0000000000000000 RSI: ffff8880155db880 RDI: 0000000000000003
[ 76.832984][ C1] RBP: 0000000000000003 R08: 0000000000000003 R09: 0000000000000000
[ 76.841206][ C1] R10: ffffffff81f29038 R11: 0000000000000000 R12: dffffc0000000000
[ 76.849181][ C1] R13: 000000008a281cff R14: 00000000110bc2d5 R15: ffffffff8a281d05
[ 76.857245][ C1] ? kernfs_name_hash+0xa8/0x120
[ 76.862189][ C1] kernfs_name_hash+0x5c/0x120
[ 76.866960][ C1] kernfs_find_ns+0x109/0x370
[ 76.871632][ C1] kernfs_remove_by_name_ns+0x39/0xb0
[ 76.877008][ C1] remove_files+0x96/0x1c0
[ 76.881426][ C1] sysfs_remove_group+0x87/0x170
[ 76.886353][ C1] sysfs_remove_groups+0x5c/0xa0
[ 76.891297][ C1] device_remove_attrs+0xcb/0x170
[ 76.896307][ C1] device_del+0x4fa/0xd40
[ 76.900639][ C1] ? __device_links_queue_sync_state+0x400/0x400
[ 76.906950][ C1] ? kfree_const+0x51/0x60
[ 76.911351][ C1] device_unregister+0x1f/0xc0
[ 76.916099][ C1] usb_remove_ep_devs+0x3e/0x80
[ 76.920964][ C1] usb_disable_device+0x306/0x7b0
[ 76.925975][ C1] usb_disconnect.cold+0x27a/0x78e
[ 76.931079][ C1] hub_event+0x1c9c/0x4330
[ 76.935514][ C1] ? hub_port_debounce+0x3c0/0x3c0
[ 76.940615][ C1] ? lock_release+0x720/0x720
[ 76.945279][ C1] ? lock_downgrade+0x6e0/0x6e0
[ 76.950117][ C1] process_one_work+0x98d/0x1630
[ 76.955052][ C1] ? pwq_dec_nr_in_flight+0x320/0x320
[ 76.960411][ C1] ? rwlock_bug.part.0+0x90/0x90
[ 76.965335][ C1] ? _raw_spin_lock_irq+0x41/0x50
[ 76.970342][ C1] worker_thread+0x658/0x11f0
[ 76.975013][ C1] ? process_one_work+0x1630/0x1630
[ 76.980199][ C1] kthread+0x3e5/0x4d0
[ 76.984253][ C1] ? set_kthread_struct+0x130/0x130
[ 76.989435][ C1] ret_from_fork+0x1f/0x30
[ 76.993884][ C1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[ 77.005575][ C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 77.013970][ C1] CPU: 1 PID: 26 Comm: kworker/1:1 Not tainted 5.14.0-syzkaller #0
[ 77.022049][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 77.032175][ C1] Workqueue: usb_hub_wq hub_event
[ 77.037205][ C1] RIP: 0010:skb_queue_tail+0x9a/0x140
[ 77.042564][ C1] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 7b 4c 89 e2 4c 89 65 08 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 48 89 6b 08 <80> 3c 02 00 75 4a 48 8d 7b 10 49 89 2c 24 48 b8 00 00 00 00 00 fc
[ 77.062154][ C1] RSP: 0018:ffffc90000dc09d8 EFLAGS: 00010046
[ 77.068318][ C1] RAX: dffffc0000000000 RBX: ffff88801c633730 RCX: ffffffff815b9480
[ 77.076273][ C1] RDX: 0000000000000000 RSI: 0000000000000046 RDI: ffff88801d38e008
[ 77.084231][ C1] RBP: ffff88801d38e000 R08: 0000000000000001 R09: 0000000000000003
[ 77.092195][ C1] R10: fffff520001b8129 R11: 0000000000000000 R12: 0000000000000000
[ 77.100179][ C1] R13: ffff88801c633748 R14: 00000000ffffa820 R15: ffffffff85090150
[ 77.108138][ C1] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[ 77.117069][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 77.123740][ C1] CR2: 000055c2a9d6d928 CR3: 000000001e033000 CR4: 00000000001506e0
[ 77.131730][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 77.139800][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 77.148038][ C1] Call Trace:
[ 77.151396][ C1]
[ 77.154314][ C1] ? lock_downgrade+0x6e0/0x6e0
[ 77.159153][ C1] ath9k_htc_txep+0x287/0x400
[ 77.163825][ C1] ath9k_htc_txcompletion_cb+0x1cd/0x2f0
[ 77.169471][ C1] hif_usb_regout_cb+0x115/0x1c0
[ 77.174402][ C1] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 77.180207][ C1] __usb_hcd_giveback_urb+0x2b0/0x5c0
[ 77.185568][ C1] usb_hcd_giveback_urb+0x367/0x410
[ 77.190765][ C1] dummy_timer+0x11f9/0x32b0
[ 77.195457][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 77.201439][ C1] ? lock_chain_count+0x20/0x20
[ 77.206465][ C1] ? dummy_dequeue+0x500/0x500
[ 77.211211][ C1] ? dummy_dequeue+0x500/0x500
[ 77.215971][ C1] call_timer_fn+0x1a5/0x6b0
[ 77.220556][ C1] ? add_timer_on+0x4a0/0x4a0
[ 77.225225][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 77.230516][ C1] ? dummy_dequeue+0x500/0x500
[ 77.235280][ C1] __run_timers.part.0+0x675/0xa20
[ 77.240392][ C1] ? call_timer_fn+0x6b0/0x6b0
[ 77.245233][ C1] ? lapic_next_event+0x4d/0x80
[ 77.250280][ C1] run_timer_softirq+0xb3/0x1d0
[ 77.255230][ C1] __do_softirq+0x29b/0x9c2
[ 77.259951][ C1] __irq_exit_rcu+0x16e/0x1c0
[ 77.264893][ C1] irq_exit_rcu+0x5/0x20
[ 77.269135][ C1] sysvec_apic_timer_interrupt+0x93/0xc0
[ 77.274762][ C1]
[ 77.277678][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 77.283646][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x7/0x60
[ 77.289797][ C1] Code: fd ff ff b9 ff ff ff ff ba 08 00 00 00 4d 8b 03 48 0f bd ca 49 8b 45 00 48 63 c9 e9 64 ff ff ff 0f 1f 00 65 8b 05 99 46 8c 7e <89> c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b 14 25 40 f0 01 00 a9
[ 77.309669][ C1] RSP: 0018:ffffc90000e0f7b0 EFLAGS: 00000206
[ 77.315811][ C1] RAX: 0000000080000000 RBX: ffffffff8a281d09 RCX: 0000000000000004
[ 77.324036][ C1] RDX: 0000000000000000 RSI: ffff8880155db880 RDI: 0000000000000003
[ 77.332250][ C1] RBP: 0000000000000003 R08: 0000000000000003 R09: 0000000000000000
[ 77.340303][ C1] R10: ffffffff81f29038 R11: 0000000000000000 R12: dffffc0000000000
[ 77.348375][ C1] R13: 000000008a281cff R14: 00000000110bc2d5 R15: ffffffff8a281d05
[ 77.356428][ C1] ? kernfs_name_hash+0xa8/0x120
[ 77.361529][ C1] kernfs_name_hash+0x5c/0x120
[ 77.366289][ C1] kernfs_find_ns+0x109/0x370
[ 77.371078][ C1] kernfs_remove_by_name_ns+0x39/0xb0
[ 77.376455][ C1] remove_files+0x96/0x1c0
[ 77.380874][ C1] sysfs_remove_group+0x87/0x170
[ 77.385804][ C1] sysfs_remove_groups+0x5c/0xa0
[ 77.390736][ C1] device_remove_attrs+0xcb/0x170
[ 77.395760][ C1] device_del+0x4fa/0xd40
[ 77.400095][ C1] ? __device_links_queue_sync_state+0x400/0x400
[ 77.406497][ C1] ? kfree_const+0x51/0x60
[ 77.410900][ C1] device_unregister+0x1f/0xc0
[ 77.415657][ C1] usb_remove_ep_devs+0x3e/0x80
[ 77.420616][ C1] usb_disable_device+0x306/0x7b0
[ 77.425738][ C1] usb_disconnect.cold+0x27a/0x78e
[ 77.430849][ C1] hub_event+0x1c9c/0x4330
[ 77.435348][ C1] ? hub_port_debounce+0x3c0/0x3c0
[ 77.440471][ C1] ? lock_release+0x720/0x720
[ 77.445134][ C1] ? lock_downgrade+0x6e0/0x6e0
[ 77.449972][ C1] process_one_work+0x98d/0x1630
[ 77.455163][ C1] ? pwq_dec_nr_in_flight+0x320/0x320
[ 77.460611][ C1] ? rwlock_bug.part.0+0x90/0x90
[ 77.467366][ C1] ? _raw_spin_lock_irq+0x41/0x50
[ 77.472377][ C1] worker_thread+0x658/0x11f0
[ 77.477049][ C1] ? process_one_work+0x1630/0x1630
[ 77.482381][ C1] kthread+0x3e5/0x4d0
[ 77.486445][ C1] ? set_kthread_struct+0x130/0x130
[ 77.491699][ C1] ret_from_fork+0x1f/0x30
[ 77.496124][ C1] Modules linked in:
[ 77.500011][ C1] ---[ end trace 1c45dff05f7787c0 ]---
[ 77.505466][ C1] RIP: 0010:skb_queue_tail+0x9a/0x140
[ 77.510834][ C1] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 7b 4c 89 e2 4c 89 65 08 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 48 89 6b 08 <80> 3c 02 00 75 4a 48 8d 7b 10 49 89 2c 24 48 b8 00 00 00 00 00 fc
[ 77.530873][ C1] RSP: 0018:ffffc90000dc09d8 EFLAGS: 00010046
[ 77.536934][ C1] RAX: dffffc0000000000 RBX: ffff88801c633730 RCX: ffffffff815b9480
[ 77.545249][ C1] RDX: 0000000000000000 RSI: 0000000000000046 RDI: ffff88801d38e008
[ 77.553232][ C1] RBP: ffff88801d38e000 R08: 0000000000000001 R09: 0000000000000003
[ 77.561215][ C1] R10: fffff520001b8129 R11: 0000000000000000 R12: 0000000000000000
[ 77.569244][ C1] R13: ffff88801c633748 R14: 00000000ffffa820 R15: ffffffff85090150
[ 77.577214][ C1] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[ 77.586148][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 77.592721][ C1] CR2: 000055c2a9d6d928 CR3: 000000001e033000 CR4: 00000000001506e0
[ 77.600689][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 77.608882][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 77.616921][ C1] Kernel panic - not syncing: Fatal exception in interrupt
[ 77.625650][ C1] Kernel Offset: disabled
[ 77.630164][ C1] Rebooting in 86400 seconds..