Warning: Permanently added '10.128.0.60' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program syzkaller login: [ 27.514846][ T94] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 27.524873][ T5] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 27.532535][ T1803] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 27.540109][ T1802] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 27.547789][ T12] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 27.556018][ T95] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 27.605213][ T94] usb 1-1: Using ep0 maxpacket: 32 [ 27.645085][ T1803] usb 5-1: Using ep0 maxpacket: 32 [ 27.651645][ T1802] usb 2-1: Using ep0 maxpacket: 32 [ 27.657051][ T95] usb 4-1: Using ep0 maxpacket: 32 [ 27.662592][ T5] usb 3-1: Using ep0 maxpacket: 32 [ 27.667890][ T12] usb 6-1: Using ep0 maxpacket: 32 [ 27.734954][ T94] usb 1-1: New USB device found, idVendor=0af0, idProduct=d257, bcdDevice=4e.87 [ 27.745095][ T94] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 27.757762][ T94] usb 1-1: config 0 descriptor?? [ 27.774937][ T95] usb 4-1: New USB device found, idVendor=0af0, idProduct=d257, bcdDevice=4e.87 [ 27.784158][ T95] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 27.793005][ T5] usb 3-1: New USB device found, idVendor=0af0, idProduct=d257, bcdDevice=4e.87 [ 27.802293][ T5] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 27.810481][ T1802] usb 2-1: New USB device found, idVendor=0af0, idProduct=d257, bcdDevice=4e.87 [ 27.820301][ T1802] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 27.828429][ T12] usb 6-1: New USB device found, idVendor=0af0, idProduct=d257, bcdDevice=4e.87 [ 27.838227][ T12] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 27.846652][ T1803] usb 5-1: New USB device found, idVendor=0af0, idProduct=d257, bcdDevice=4e.87 [ 27.855781][ T1803] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 27.865086][ T95] usb 4-1: config 0 descriptor?? [ 27.871583][ T5] usb 3-1: config 0 descriptor?? [ 27.878124][ T1803] usb 5-1: config 0 descriptor?? [ 27.883897][ T12] usb 6-1: config 0 descriptor?? [ 27.889777][ T1802] usb 2-1: config 0 descriptor?? [ 28.026775][ T94] hso 1-1:0.0: Failed to find BULK IN ep [ 28.125549][ T95] hso 4-1:0.0: Failed to find BULK IN ep [ 28.135759][ T1803] hso 5-1:0.0: Failed to find BULK IN ep [ 28.155910][ T12] sysfs: cannot create duplicate filename '/class/tty/ttyHS0' [ 28.163459][ T12] CPU: 0 PID: 12 Comm: kworker/0:1 Not tainted 5.6.0-rc3-syzkaller #0 [ 28.171643][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.181711][ T12] Workqueue: usb_hub_wq hub_event [ 28.186724][ T12] Call Trace: [ 28.190272][ T12] dump_stack+0xef/0x16e [ 28.194514][ T12] sysfs_warn_dup.cold+0x1c/0x2d [ 28.199468][ T12] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 28.205551][ T12] sysfs_create_link+0x61/0xc0 [ 28.210336][ T12] device_add+0x756/0x1bf0 [ 28.214766][ T12] ? lockdep_init_map+0x1b0/0x5e0 [ 28.219788][ T12] ? device_link_remove+0x110/0x110 [ 28.233719][ T12] ? __init_waitqueue_head+0x31/0x90 [ 28.239013][ T12] tty_register_device_attr+0x341/0x6f0 [ 28.244557][ T12] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 28.250177][ T12] ? mark_held_locks+0x9f/0xe0 [ 28.254992][ T12] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 28.260806][ T12] ? tty_port_register_device_attr+0xb9/0x110 [ 28.267287][ T12] hso_serial_common_create+0x113/0x710 [ 28.272839][ T12] ? kasan_unpoison_shadow+0x30/0x40 [ 28.278126][ T12] hso_probe+0xc93/0x1b7b [ 28.282467][ T12] usb_probe_interface+0x310/0x800 [ 28.287569][ T12] ? usb_probe_device+0x230/0x230 [ 28.292577][ T12] really_probe+0x290/0xac0 [ 28.297180][ T12] driver_probe_device+0x223/0x350 [ 28.302380][ T12] __device_attach_driver+0x1d1/0x290 [ 28.307754][ T12] ? driver_allows_async_probing+0x160/0x160 [ 28.313818][ T12] bus_for_each_drv+0x162/0x1e0 [ 28.318657][ T12] ? bus_rescan_devices+0x20/0x20 [ 28.323678][ T12] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 28.326915][ T94] usb 4-1: USB disconnect, device number 2 [ 28.329479][ T12] ? lockdep_hardirqs_on+0x382/0x580 [ 28.340556][ T12] __device_attach+0x217/0x390 [ 28.345329][ T12] ? device_bind_driver+0xd0/0xd0 [ 28.350427][ T12] bus_probe_device+0x1e4/0x290 [ 28.355294][ T12] device_add+0x1459/0x1bf0 [ 28.359824][ T12] ? wait_for_completion+0x3c0/0x3c0 [ 28.365133][ T12] ? device_link_remove+0x110/0x110 [ 28.370265][ T81] usb 5-1: USB disconnect, device number 2 [ 28.370474][ T12] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 28.382121][ T12] usb_set_configuration+0xe47/0x17d0 [ 28.387596][ T12] usb_generic_driver_probe+0x9d/0xe0 [ 28.393029][ T12] usb_probe_device+0xd9/0x230 [ 28.397827][ T12] ? usb_suspend+0x5f0/0x5f0 [ 28.402416][ T12] really_probe+0x290/0xac0 [ 28.406907][ T12] driver_probe_device+0x223/0x350 [ 28.412002][ T12] __device_attach_driver+0x1d1/0x290 [ 28.417989][ T12] ? driver_allows_async_probing+0x160/0x160 [ 28.423989][ T12] bus_for_each_drv+0x162/0x1e0 [ 28.429020][ T12] ? bus_rescan_devices+0x20/0x20 [ 28.434035][ T12] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 28.439822][ T12] ? lockdep_hardirqs_on+0x382/0x580 [ 28.445437][ T12] __device_attach+0x217/0x390 [ 28.450564][ T12] ? device_bind_driver+0xd0/0xd0 [ 28.455882][ T12] bus_probe_device+0x1e4/0x290 [ 28.460899][ T12] device_add+0x1459/0x1bf0 [ 28.465952][ T12] ? device_link_remove+0x110/0x110 [ 28.472721][ T12] usb_new_device.cold+0x540/0xcd0 [ 28.477821][ T12] hub_event+0x21cb/0x4300 [ 28.482231][ T12] ? hub_port_debounce+0x350/0x350 [ 28.487325][ T12] ? find_held_lock+0x2d/0x110 [ 28.492087][ T12] ? mark_held_locks+0xe0/0xe0 [ 28.496943][ T12] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 28.502478][ T12] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 28.507844][ T12] process_one_work+0x94b/0x1620 [ 28.512856][ T12] ? pwq_dec_nr_in_flight+0x310/0x310 [ 28.518238][ T12] ? do_raw_spin_lock+0x129/0x290 [ 28.523281][ T12] worker_thread+0x96/0xe20 executing program executing program executing program executing program executing program executing program [ 28.527820][ T12] ? process_one_work+0x1620/0x1620 [ 28.533523][ T12] kthread+0x318/0x420 [ 28.537663][ T12] ? kthread_create_on_node+0xf0/0xf0 [ 28.543079][ T12] ret_from_fork+0x24/0x30 [ 28.548152][ T5] sysfs: cannot create duplicate filename '/class/tty/ttyHS0' [ 28.552305][ T1821] usb 1-1: USB disconnect, device number 2 [ 28.557429][ T5] CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.6.0-rc3-syzkaller #0 [ 28.557438][ T5] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.557458][ T5] Workqueue: usb_hub_wq hub_event [ 28.557467][ T5] Call Trace: [ 28.557482][ T5] dump_stack+0xef/0x16e [ 28.557497][ T5] sysfs_warn_dup.cold+0x1c/0x2d [ 28.557513][ T5] sysfs_do_create_link_sd.isra.0+0x119/0x130 [ 28.557527][ T5] sysfs_create_link+0x61/0xc0 [ 28.557541][ T5] device_add+0x756/0x1bf0 [ 28.557559][ T5] ? lockdep_init_map+0x1b0/0x5e0 [ 28.557572][ T5] ? device_link_remove+0x110/0x110 [ 28.557586][ T5] ? __init_waitqueue_head+0x31/0x90 [ 28.557601][ T5] tty_register_device_attr+0x341/0x6f0 [ 28.557621][ T5] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 28.557638][ T5] ? mark_held_locks+0x9f/0xe0 [ 28.557651][ T5] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 28.557663][ T5] ? tty_port_register_device_attr+0xb9/0x110 [ 28.557676][ T5] hso_serial_common_create+0x113/0x710 [ 28.557689][ T5] ? kasan_unpoison_shadow+0x30/0x40 [ 28.557700][ T5] hso_probe+0xc93/0x1b7b [ 28.557724][ T5] usb_probe_interface+0x310/0x800 [ 28.557738][ T5] ? usb_probe_device+0x230/0x230 [ 28.557749][ T5] really_probe+0x290/0xac0 [ 28.557766][ T5] driver_probe_device+0x223/0x350 [ 28.557779][ T5] __device_attach_driver+0x1d1/0x290 [ 28.557791][ T5] ? driver_allows_async_probing+0x160/0x160 [ 28.557815][ T5] bus_for_each_drv+0x162/0x1e0 [ 28.557834][ T5] ? bus_rescan_devices+0x20/0x20 [ 28.557848][ T5] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 28.557861][ T5] ? lockdep_hardirqs_on+0x382/0x580 [ 28.557873][ T5] __device_attach+0x217/0x390 [ 28.557884][ T5] ? device_bind_driver+0xd0/0xd0 [ 28.557901][ T5] bus_probe_device+0x1e4/0x290 [ 28.557919][ T5] device_add+0x1459/0x1bf0 [ 28.557937][ T5] ? wait_for_completion+0x3c0/0x3c0 [ 28.557951][ T5] ? device_link_remove+0x110/0x110 [ 28.557965][ T5] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 28.557981][ T5] usb_set_configuration+0xe47/0x17d0 [ 28.558001][ T5] usb_generic_driver_probe+0x9d/0xe0 [ 28.558017][ T5] usb_probe_device+0xd9/0x230 [ 28.558036][ T5] ? usb_suspend+0x5f0/0x5f0 [ 28.784676][ T5] really_probe+0x290/0xac0 [ 28.789205][ T5] driver_probe_device+0x223/0x350 [ 28.794332][ T5] __device_attach_driver+0x1d1/0x290 [ 28.809518][ T5] ? driver_allows_async_probing+0x160/0x160 [ 28.815686][ T5] bus_for_each_drv+0x162/0x1e0 [ 28.820544][ T5] ? bus_rescan_devices+0x20/0x20 [ 28.825867][ T5] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 28.831761][ T5] ? lockdep_hardirqs_on+0x382/0x580 [ 28.837056][ T5] __device_attach+0x217/0x390 [ 28.841831][ T5] ? device_bind_driver+0xd0/0xd0 [ 28.848535][ T5] bus_probe_device+0x1e4/0x290 [ 28.853408][ T5] device_add+0x1459/0x1bf0 [ 28.858022][ T5] ? device_link_remove+0x110/0x110 [ 28.863228][ T5] usb_new_device.cold+0x540/0xcd0 [ 28.868342][ T5] hub_event+0x21cb/0x4300 [ 28.872879][ T5] ? hub_port_debounce+0x350/0x350 [ 28.878066][ T5] ? find_held_lock+0x2d/0x110 [ 28.883430][ T5] ? mark_held_locks+0xe0/0xe0 [ 28.888194][ T5] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 28.893754][ T5] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 28.899133][ T5] process_one_work+0x94b/0x1620 [ 28.904077][ T5] ? __wake_up_common+0x650/0x650 [ 28.909270][ T5] ? pwq_dec_nr_in_flight+0x310/0x310 [ 28.914688][ T5] worker_thread+0x96/0xe20 [ 28.919194][ T5] ? process_one_work+0x1620/0x1620 [ 28.924517][ T5] kthread+0x318/0x420 [ 28.928592][ T5] ? kthread_create_on_node+0xf0/0xf0 [ 28.934159][ T5] ret_from_fork+0x24/0x30 [ 28.939281][ T1802] hso 2-1:0.0: Failed to find BULK IN ep [ 28.945533][ T5] hso 3-1:0.0: Failed to find BULK IN ep [ 28.954546][ T5] ================================================================== [ 28.962786][ T5] BUG: KASAN: use-after-free in __mutex_lock+0xf1e/0x1360 [ 28.970084][ T5] Read of size 8 at addr ffff8881cd9f6158 by task kworker/0:0/5 [ 28.977919][ T5] [ 28.980249][ T5] CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.6.0-rc3-syzkaller #0 [ 28.994985][ T5] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.005612][ T5] Workqueue: usb_hub_wq hub_event [ 29.011117][ T5] Call Trace: [ 29.014423][ T5] dump_stack+0xef/0x16e [ 29.018822][ T5] ? __mutex_lock+0xf1e/0x1360 [ 29.023582][ T5] ? __mutex_lock+0xf1e/0x1360 [ 29.028355][ T5] print_address_description.constprop.0.cold+0xd3/0x314 [ 29.035488][ T5] ? __mutex_lock+0xf1e/0x1360 [ 29.040244][ T5] ? __mutex_lock+0xf1e/0x1360 [ 29.045108][ T5] __kasan_report.cold+0x37/0x77 [ 29.050486][ T5] ? __mutex_lock+0xf1e/0x1360 [ 29.055619][ T5] kasan_report+0xe/0x20 [ 29.060818][ T5] __mutex_lock+0xf1e/0x1360 [ 29.065427][ T5] ? device_del+0x9e/0xd30 [ 29.069846][ T5] ? klist_put+0xfa/0x170 [ 29.074694][ T5] ? mutex_trylock+0x2c0/0x2c0 [ 29.079481][ T5] ? lock_downgrade+0x6e0/0x6e0 [ 29.086360][ T5] ? do_raw_spin_lock+0x129/0x290 [ 29.092253][ T5] ? rwlock_bug.part.0+0x90/0x90 [ 29.097229][ T5] ? do_raw_spin_unlock+0x148/0x220 [ 29.102425][ T5] ? class_create_release+0x80/0x80 [ 29.107779][ T5] ? _raw_spin_unlock+0x1a/0x30 [ 29.112641][ T5] ? device_del+0x9e/0xd30 [ 29.117076][ T5] device_del+0x9e/0xd30 [ 29.121340][ T5] ? class_find_device+0x164/0x220 [ 29.126456][ T5] ? device_create_with_groups+0x120/0x120 [ 29.132277][ T5] device_unregister+0x22/0xc0 [ 29.137038][ T5] device_destroy+0x96/0xd0 [ 29.141717][ T5] ? root_device_unregister+0x60/0x60 [ 29.148083][ T5] ? hso_serial_common_create+0x3a3/0x710 [ 29.154503][ T5] tty_unregister_device+0x7e/0x1a0 [ 29.159722][ T5] hso_probe.cold+0x6e/0x14c [ 29.164454][ T5] usb_probe_interface+0x310/0x800 [ 29.169576][ T5] ? usb_probe_device+0x230/0x230 [ 29.175587][ T5] really_probe+0x290/0xac0 [ 29.180130][ T5] driver_probe_device+0x223/0x350 [ 29.185562][ T5] __device_attach_driver+0x1d1/0x290 [ 29.191079][ T5] ? driver_allows_async_probing+0x160/0x160 [ 29.197164][ T5] bus_for_each_drv+0x162/0x1e0 [ 29.202770][ T5] ? bus_rescan_devices+0x20/0x20 [ 29.207807][ T5] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 29.213731][ T5] ? lockdep_hardirqs_on+0x382/0x580 [ 29.219018][ T5] __device_attach+0x217/0x390 [ 29.223776][ T5] ? device_bind_driver+0xd0/0xd0 [ 29.228799][ T5] bus_probe_device+0x1e4/0x290 [ 29.233636][ T5] device_add+0x1459/0x1bf0 [ 29.238241][ T5] ? wait_for_completion+0x3c0/0x3c0 [ 29.243516][ T5] ? device_link_remove+0x110/0x110 [ 29.248917][ T5] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 29.254833][ T5] usb_set_configuration+0xe47/0x17d0 [ 29.260435][ T5] usb_generic_driver_probe+0x9d/0xe0 [ 29.266084][ T5] usb_probe_device+0xd9/0x230 [ 29.270844][ T5] ? usb_suspend+0x5f0/0x5f0 [ 29.275426][ T5] really_probe+0x290/0xac0 [ 29.281147][ T5] driver_probe_device+0x223/0x350 [ 29.286263][ T5] __device_attach_driver+0x1d1/0x290 [ 29.292259][ T5] ? driver_allows_async_probing+0x160/0x160 [ 29.298241][ T5] bus_for_each_drv+0x162/0x1e0 [ 29.303107][ T5] ? bus_rescan_devices+0x20/0x20 [ 29.308166][ T5] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 29.314008][ T5] ? lockdep_hardirqs_on+0x382/0x580 [ 29.319291][ T5] __device_attach+0x217/0x390 [ 29.324193][ T5] ? device_bind_driver+0xd0/0xd0 [ 29.332436][ T5] bus_probe_device+0x1e4/0x290 [ 29.337292][ T5] device_add+0x1459/0x1bf0 [ 29.341794][ T5] ? device_link_remove+0x110/0x110 [ 29.347011][ T5] usb_new_device.cold+0x540/0xcd0 [ 29.352147][ T5] hub_event+0x21cb/0x4300 [ 29.356845][ T5] ? hub_port_debounce+0x350/0x350 [ 29.361958][ T5] ? find_held_lock+0x2d/0x110 [ 29.366816][ T5] ? mark_held_locks+0xe0/0xe0 [ 29.371674][ T5] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 29.377233][ T5] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 29.384207][ T5] process_one_work+0x94b/0x1620 [ 29.389432][ T5] ? __wake_up_common+0x650/0x650 [ 29.394576][ T5] ? pwq_dec_nr_in_flight+0x310/0x310 [ 29.400201][ T5] worker_thread+0x96/0xe20 [ 29.404799][ T5] ? process_one_work+0x1620/0x1620 [ 29.410009][ T5] kthread+0x318/0x420 [ 29.414205][ T5] ? kthread_create_on_node+0xf0/0xf0 [ 29.419775][ T5] ret_from_fork+0x24/0x30 [ 29.424479][ T5] [ 29.426809][ T5] Allocated by task 1802: [ 29.431155][ T5] save_stack+0x1b/0x80 [ 29.435301][ T5] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 29.440916][ T5] tty_register_device_attr+0x1b6/0x6f0 [ 29.446573][ T5] hso_serial_common_create+0x113/0x710 [ 29.452259][ T5] hso_probe+0xc93/0x1b7b [ 29.457119][ T5] usb_probe_interface+0x310/0x800 [ 29.462497][ T5] really_probe+0x290/0xac0 [ 29.467233][ T5] driver_probe_device+0x223/0x350 [ 29.472589][ T5] __device_attach_driver+0x1d1/0x290 [ 29.477963][ T5] bus_for_each_drv+0x162/0x1e0 [ 29.483606][ T5] __device_attach+0x217/0x390 [ 29.488364][ T5] bus_probe_device+0x1e4/0x290 [ 29.493210][ T5] device_add+0x1459/0x1bf0 [ 29.497728][ T5] usb_set_configuration+0xe47/0x17d0 [ 29.503135][ T5] usb_generic_driver_probe+0x9d/0xe0 [ 29.508667][ T5] usb_probe_device+0xd9/0x230 [ 29.513518][ T5] really_probe+0x290/0xac0 [ 29.518754][ T5] driver_probe_device+0x223/0x350 [ 29.524213][ T5] __device_attach_driver+0x1d1/0x290 [ 29.529701][ T5] bus_for_each_drv+0x162/0x1e0 [ 29.536328][ T5] __device_attach+0x217/0x390 [ 29.541106][ T5] bus_probe_device+0x1e4/0x290 [ 29.545958][ T5] device_add+0x1459/0x1bf0 [ 29.550456][ T5] usb_new_device.cold+0x540/0xcd0 [ 29.555749][ T5] hub_event+0x21cb/0x4300 [ 29.560167][ T5] process_one_work+0x94b/0x1620 [ 29.565121][ T5] worker_thread+0x96/0xe20 [ 29.569642][ T5] kthread+0x318/0x420 [ 29.573707][ T5] ret_from_fork+0x24/0x30 [ 29.578097][ T5] [ 29.580418][ T5] Freed by task 1802: [ 29.584441][ T5] save_stack+0x1b/0x80 [ 29.588599][ T5] __kasan_slab_free+0x117/0x160 [ 29.593591][ T5] kfree+0xd5/0x300 [ 29.597718][ T5] device_release+0x71/0x200 [ 29.602381][ T5] kobject_put+0x256/0x550 [ 29.606793][ T5] device_unregister+0x34/0xc0 [ 29.611561][ T5] device_destroy+0x96/0xd0 [ 29.616242][ T5] tty_unregister_device+0x7e/0x1a0 [ 29.621435][ T5] hso_probe.cold+0x6e/0x14c [ 29.626025][ T5] usb_probe_interface+0x310/0x800 [ 29.631121][ T5] really_probe+0x290/0xac0 [ 29.635622][ T5] driver_probe_device+0x223/0x350 [ 29.640737][ T5] __device_attach_driver+0x1d1/0x290 [ 29.646122][ T5] bus_for_each_drv+0x162/0x1e0 [ 29.650962][ T5] __device_attach+0x217/0x390 [ 29.655948][ T5] bus_probe_device+0x1e4/0x290 [ 29.661151][ T5] device_add+0x1459/0x1bf0 [ 29.665652][ T5] usb_set_configuration+0xe47/0x17d0 [ 29.671027][ T5] usb_generic_driver_probe+0x9d/0xe0 [ 29.676494][ T5] usb_probe_device+0xd9/0x230 [ 29.681372][ T5] really_probe+0x290/0xac0 [ 29.685890][ T5] driver_probe_device+0x223/0x350 [ 29.690993][ T5] __device_attach_driver+0x1d1/0x290 [ 29.696400][ T5] bus_for_each_drv+0x162/0x1e0 [ 29.701675][ T5] __device_attach+0x217/0x390 [ 29.706875][ T5] bus_probe_device+0x1e4/0x290 [ 29.712605][ T5] device_add+0x1459/0x1bf0 [ 29.717302][ T5] usb_new_device.cold+0x540/0xcd0 [ 29.722449][ T5] hub_event+0x21cb/0x4300 [ 29.726900][ T5] process_one_work+0x94b/0x1620 [ 29.731846][ T5] worker_thread+0x96/0xe20 [ 29.736550][ T5] kthread+0x318/0x420 [ 29.740892][ T5] ret_from_fork+0x24/0x30 [ 29.745281][ T5] [ 29.747592][ T5] The buggy address belongs to the object at ffff8881cd9f6000 [ 29.747592][ T5] which belongs to the cache kmalloc-2k of size 2048 [ 29.762262][ T5] The buggy address is located 344 bytes inside of [ 29.762262][ T5] 2048-byte region [ffff8881cd9f6000, ffff8881cd9f6800) [ 29.775840][ T5] The buggy address belongs to the page: [ 29.781910][ T5] page:ffffea0007367c00 refcount:1 mapcount:0 mapping:ffff8881da00c000 index:0x0 compound_mapcount: 0 [ 29.793415][ T5] flags: 0x200000000010200(slab|head) [ 29.799295][ T5] raw: 0200000000010200 dead000000000100 dead000000000122 ffff8881da00c000 [ 29.809734][ T5] raw: 0000000000000000 0000000000080008 00000001ffffffff 0000000000000000 [ 29.818539][ T5] page dumped because: kasan: bad access detected [ 29.825220][ T5] [ 29.827548][ T5] Memory state around the buggy address: [ 29.833197][ T5] ffff8881cd9f6000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.841279][ T5] ffff8881cd9f6080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.849433][ T5] >ffff8881cd9f6100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.857677][ T5] ^ [ 29.865616][ T5] ffff8881cd9f6180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.874349][ T5] ffff8881cd9f6200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.882508][ T5] ================================================================== [ 29.890610][ T5] Disabling lock debugging due to kernel taint [ 29.896979][ T5] Kernel panic - not syncing: panic_on_warn set ... [ 29.904145][ T5] CPU: 0 PID: 5 Comm: kworker/0:0 Tainted: G B 5.6.0-rc3-syzkaller #0 [ 29.913801][ T5] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.924895][ T5] Workqueue: usb_hub_wq hub_event [ 29.930420][ T5] Call Trace: [ 29.933800][ T5] dump_stack+0xef/0x16e [ 29.938048][ T5] panic+0x2aa/0x6e1 [ 29.942116][ T5] ? add_taint.cold+0x16/0x16 [ 29.947006][ T5] ? retint_kernel+0x10/0x10 [ 29.951600][ T5] ? trace_hardirqs_on+0x55/0x200 [ 29.956623][ T5] ? __mutex_lock+0xf1e/0x1360 [ 29.961449][ T5] end_report+0x43/0x49 [ 29.966027][ T5] ? __mutex_lock+0xf1e/0x1360 [ 29.970994][ T5] __kasan_report.cold+0x55/0x77 [ 29.976359][ T5] ? __mutex_lock+0xf1e/0x1360 [ 29.982542][ T5] kasan_report+0xe/0x20 [ 29.986783][ T5] __mutex_lock+0xf1e/0x1360 [ 29.991374][ T5] ? device_del+0x9e/0xd30 [ 29.995905][ T5] ? klist_put+0xfa/0x170 [ 30.000867][ T5] ? mutex_trylock+0x2c0/0x2c0 [ 30.005618][ T5] ? lock_downgrade+0x6e0/0x6e0 [ 30.010446][ T5] ? do_raw_spin_lock+0x129/0x290 [ 30.015487][ T5] ? rwlock_bug.part.0+0x90/0x90 [ 30.020657][ T5] ? do_raw_spin_unlock+0x148/0x220 [ 30.025954][ T5] ? class_create_release+0x80/0x80 [ 30.035420][ T5] ? _raw_spin_unlock+0x1a/0x30 [ 30.040703][ T5] ? device_del+0x9e/0xd30 [ 30.045117][ T5] device_del+0x9e/0xd30 [ 30.050159][ T5] ? class_find_device+0x164/0x220 [ 30.055351][ T5] ? device_create_with_groups+0x120/0x120 [ 30.061402][ T5] device_unregister+0x22/0xc0 [ 30.066182][ T5] device_destroy+0x96/0xd0 [ 30.070695][ T5] ? root_device_unregister+0x60/0x60 [ 30.076297][ T5] ? hso_serial_common_create+0x3a3/0x710 [ 30.082016][ T5] tty_unregister_device+0x7e/0x1a0 [ 30.087233][ T5] hso_probe.cold+0x6e/0x14c [ 30.091818][ T5] usb_probe_interface+0x310/0x800 [ 30.097023][ T5] ? usb_probe_device+0x230/0x230 [ 30.102027][ T5] really_probe+0x290/0xac0 [ 30.106517][ T5] driver_probe_device+0x223/0x350 [ 30.111696][ T5] __device_attach_driver+0x1d1/0x290 [ 30.117111][ T5] ? driver_allows_async_probing+0x160/0x160 [ 30.123775][ T5] bus_for_each_drv+0x162/0x1e0 [ 30.128792][ T5] ? bus_rescan_devices+0x20/0x20 [ 30.133809][ T5] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 30.139628][ T5] ? lockdep_hardirqs_on+0x382/0x580 [ 30.144986][ T5] __device_attach+0x217/0x390 [ 30.149733][ T5] ? device_bind_driver+0xd0/0xd0 [ 30.154841][ T5] bus_probe_device+0x1e4/0x290 [ 30.159673][ T5] device_add+0x1459/0x1bf0 [ 30.164416][ T5] ? wait_for_completion+0x3c0/0x3c0 [ 30.169796][ T5] ? device_link_remove+0x110/0x110 [ 30.175018][ T5] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 30.180808][ T5] usb_set_configuration+0xe47/0x17d0 [ 30.186169][ T5] usb_generic_driver_probe+0x9d/0xe0 [ 30.191606][ T5] usb_probe_device+0xd9/0x230 [ 30.196708][ T5] ? usb_suspend+0x5f0/0x5f0 [ 30.201289][ T5] really_probe+0x290/0xac0 [ 30.205895][ T5] driver_probe_device+0x223/0x350 [ 30.211634][ T5] __device_attach_driver+0x1d1/0x290 [ 30.216997][ T5] ? driver_allows_async_probing+0x160/0x160 [ 30.223055][ T5] bus_for_each_drv+0x162/0x1e0 [ 30.227889][ T5] ? bus_rescan_devices+0x20/0x20 [ 30.233028][ T5] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 30.239611][ T5] ? lockdep_hardirqs_on+0x382/0x580 [ 30.244879][ T5] __device_attach+0x217/0x390 [ 30.249812][ T5] ? device_bind_driver+0xd0/0xd0 [ 30.255138][ T5] bus_probe_device+0x1e4/0x290 [ 30.260350][ T5] device_add+0x1459/0x1bf0 [ 30.265309][ T5] ? device_link_remove+0x110/0x110 [ 30.271007][ T5] usb_new_device.cold+0x540/0xcd0 [ 30.276341][ T5] hub_event+0x21cb/0x4300 [ 30.281282][ T5] ? hub_port_debounce+0x350/0x350 [ 30.286535][ T5] ? find_held_lock+0x2d/0x110 [ 30.291295][ T5] ? mark_held_locks+0xe0/0xe0 [ 30.296103][ T5] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 30.301917][ T5] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 30.307206][ T5] process_one_work+0x94b/0x1620 [ 30.312195][ T5] ? __wake_up_common+0x650/0x650 [ 30.317629][ T5] ? pwq_dec_nr_in_flight+0x310/0x310 [ 30.324393][ T5] worker_thread+0x96/0xe20 [ 30.328898][ T5] ? process_one_work+0x1620/0x1620 [ 30.334200][ T5] kthread+0x318/0x420 [ 30.338262][ T5] ? kthread_create_on_node+0xf0/0xf0 [ 30.343627][ T5] ret_from_fork+0x24/0x30 [ 30.349095][ T5] Kernel Offset: disabled [ 30.353443][ T5] Rebooting in 86400 seconds..