Starting Load/Save RF Kill Switch Status...
[�[0;32m OK �[0m] Started Load/Save RF Kill Switch Status.
[�[0;32m OK �[0m] Started Update UTMP about System Runlevel Changes.
[ 12.669503][ C1] random: crng init done
[ 12.670411][ C1] random: 7 urandom warning(s) missed due to ratelimiting
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.1.27' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
syzkaller login: [ 30.595992][ T68] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 30.605976][ T5] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 30.613653][ T67] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 30.621398][ T12] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 30.629383][ T331] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 30.636995][ T333] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 31.115801][ T68] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 31.125370][ T68] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 31.135646][ T68] usb 1-1: Product: syz
[ 31.140062][ T68] usb 1-1: Manufacturer: syz
[ 31.144691][ T68] usb 1-1: SerialNumber: syz
[ 31.198721][ T68] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 31.215968][ T5] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 31.225068][ T5] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 31.233279][ T5] usb 3-1: Product: syz
[ 31.237765][ T5] usb 3-1: Manufacturer: syz
[ 31.242511][ T5] usb 3-1: SerialNumber: syz
[ 31.247548][ T333] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 31.256862][ T333] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 31.267012][ T333] usb 4-1: Product: syz
[ 31.271176][ T333] usb 4-1: Manufacturer: syz
[ 31.275832][ T333] usb 4-1: SerialNumber: syz
[ 31.280629][ T331] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 31.290084][ T331] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 31.298519][ T331] usb 5-1: Product: syz
[ 31.302995][ T331] usb 5-1: Manufacturer: syz
[ 31.307820][ T331] usb 5-1: SerialNumber: syz
[ 31.312508][ T67] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 31.321775][ T67] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 31.329926][ T67] usb 6-1: Product: syz
[ 31.334095][ T67] usb 6-1: Manufacturer: syz
[ 31.338965][ T67] usb 6-1: SerialNumber: syz
[ 31.343625][ T12] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 31.352933][ T12] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 31.360980][ T12] usb 2-1: Product: syz
[ 31.365271][ T12] usb 2-1: Manufacturer: syz
[ 31.369908][ T12] usb 2-1: SerialNumber: syz
[ 31.426437][ T5] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 31.436046][ T333] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 31.446229][ T12] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 31.456090][ T67] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 31.466101][ T331] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 31.825465][ T68] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 32.025656][ T321] udc-core: couldn't find an available UDC or it's busy
[ 32.032696][ T321] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 32.125454][ T331] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 32.134625][ T5] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 32.143664][ T12] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 32.152777][ T333] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 32.161793][ T67] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 32.325478][ T335] udc-core: couldn't find an available UDC or it's busy
[ 32.325480][ T334] udc-core: couldn't find an available UDC or it's busy
[ 32.325502][ T334] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 32.332484][ T335] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 32.339830][ T327] udc-core: couldn't find an available UDC or it's busy
[ 32.351356][ T326] udc-core: couldn't find an available UDC or it's busy
[ 32.354553][ T327] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 32.354730][ T328] udc-core: couldn't find an available UDC or it's busy
[ 32.361623][ T326] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 32.368590][ T328] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 32.904951][ T68] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[ 32.912088][ T68] ath9k_htc: Failed to initialize the device
executing program
[ 33.050435][ T21] usb 1-1: USB disconnect, device number 2
[ 33.063083][ T21] usb 1-1: ath9k_htc: USB layer deinitialized
[ 33.235019][ T331] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[ 33.241977][ T331] ath9k_htc: Failed to initialize the device
[ 33.248037][ T12] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[ 33.255104][ T67] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[ 33.262017][ T67] ath9k_htc: Failed to initialize the device
[ 33.268187][ T5] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[ 33.275296][ T333] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[ 33.282190][ T333] ath9k_htc: Failed to initialize the device
[ 33.288294][ T12] ath9k_htc: Failed to initialize the device
[ 33.294348][ T5] ath9k_htc: Failed to initialize the device
executing program
executing program
executing program
executing program
[ 33.341091][ T338] usb 4-1: USB disconnect, device number 2
[ 33.352734][ T352] usb 5-1: USB disconnect, device number 2
[ 33.354468][ T338] usb 4-1: ath9k_htc: USB layer deinitialized
[ 33.375601][ T352] usb 5-1: ath9k_htc: USB layer deinitialized
[ 33.379397][ T357] usb 3-1: USB disconnect, device number 2
executing program
[ 33.409355][ T357] usb 3-1: ath9k_htc: USB layer deinitialized
[ 33.410128][ T359] usb 6-1: USB disconnect, device number 2
[ 33.418208][ T364] usb 2-1: USB disconnect, device number 2
[ 33.421802][ T21] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 33.442418][ T359] usb 6-1: ath9k_htc: USB layer deinitialized
[ 33.447529][ T364] usb 2-1: ath9k_htc: USB layer deinitialized
[ 33.754702][ T352] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[ 33.774632][ T338] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[ 33.794710][ T357] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[ 33.804720][ T359] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 33.814714][ T364] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[ 33.975015][ T21] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 33.984085][ T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 33.992153][ T21] usb 1-1: Product: syz
[ 33.996442][ T21] usb 1-1: Manufacturer: syz
[ 34.001026][ T21] usb 1-1: SerialNumber: syz
[ 34.045236][ T21] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 34.284519][ T352] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 34.293683][ T352] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 34.301918][ T352] usb 5-1: Product: syz
[ 34.306159][ T352] usb 5-1: Manufacturer: syz
[ 34.310739][ T352] usb 5-1: SerialNumber: syz
[ 34.354616][ T359] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 34.363785][ T359] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 34.372073][ T359] usb 6-1: Product: syz
[ 34.374798][ T338] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 34.376293][ T359] usb 6-1: Manufacturer: syz
[ 34.385436][ T338] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 34.389897][ T359] usb 6-1: SerialNumber: syz
[ 34.397864][ T338] usb 4-1: Product: syz
[ 34.397877][ T338] usb 4-1: Manufacturer: syz
[ 34.403103][ T352] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 34.406618][ T338] usb 4-1: SerialNumber: syz
[ 34.424407][ T357] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 34.433435][ T357] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 34.441491][ T357] usb 3-1: Product: syz
[ 34.445690][ T357] usb 3-1: Manufacturer: syz
[ 34.450280][ T357] usb 3-1: SerialNumber: syz
[ 34.455016][ T364] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 34.464030][ T364] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 34.465085][ T359] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 34.472065][ T364] usb 2-1: Product: syz
[ 34.484195][ T364] usb 2-1: Manufacturer: syz
[ 34.488836][ T364] usb 2-1: SerialNumber: syz
[ 34.535163][ T357] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 34.545006][ T364] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 34.555052][ T338] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 34.674497][ T21] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 34.874467][ T354] udc-core: couldn't find an available UDC or it's busy
[ 34.881455][ T354] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 34.994336][ T352] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 35.044294][ T359] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 35.194256][ T338] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 35.203442][ T364] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 35.203534][ T360] udc-core: couldn't find an available UDC or it's busy
[ 35.212585][ T357] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 35.219525][ T360] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 35.244426][ T366] udc-core: couldn't find an available UDC or it's busy
[ 35.251422][ T366] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 35.394423][ T365] udc-core: couldn't find an available UDC or it's busy
[ 35.394426][ T369] udc-core: couldn't find an available UDC or it's busy
[ 35.394444][ T369] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 35.401520][ T365] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 35.408627][ T358] udc-core: couldn't find an available UDC or it's busy
[ 35.430444][ T358] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 35.703957][ T21] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[ 35.710976][ T21] ath9k_htc: Failed to initialize the device
executing program
[ 35.892219][ T67] usb 1-1: USB disconnect, device number 3
[ 35.899508][ T67] usb 1-1: ath9k_htc: USB layer deinitialized
[ 36.023850][ T352] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[ 36.031032][ T352] ath9k_htc: Failed to initialize the device
[ 36.053928][ C1] ==================================================================
[ 36.062107][ C1] BUG: KASAN: use-after-free in ath9k_hif_usb_rx_cb+0xd7d/0xf80
[ 36.069724][ C1] Read of size 4 at addr ffff8881cbf64090 by task swapper/1/0
[ 36.077150][ C1]
[ 36.079459][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.8.0-rc7-syzkaller #0
[ 36.087317][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 36.097360][ C1] Call Trace:
[ 36.100638][ C1] <IRQ>
[ 36.103481][ C1] dump_stack+0xf6/0x16e
[ 36.107726][ C1] ? ath9k_hif_usb_rx_cb+0xd7d/0xf80
[ 36.112986][ C1] ? ath9k_hif_usb_rx_cb+0xd7d/0xf80
[ 36.118261][ C1] print_address_description.constprop.0+0x1a/0x210
[ 36.124835][ C1] ? vprintk_func+0x93/0x133
[ 36.129415][ C1] ? ath9k_hif_usb_rx_cb+0xd7d/0xf80
[ 36.134682][ C1] kasan_report.cold+0x37/0x7c
[ 36.139443][ C1] ? ath9k_hif_usb_rx_cb+0xd7d/0xf80
[ 36.144718][ C1] ath9k_hif_usb_rx_cb+0xd7d/0xf80
[ 36.149819][ C1] ? __usb_hcd_giveback_urb+0x302/0x560
[ 36.155354][ C1] ? hif_usb_start+0xa0/0xa0
[ 36.159933][ C1] ? lock_downgrade+0x730/0x730
[ 36.164761][ C1] ? trace_hardirqs_off+0x27/0x1f0
[ 36.169848][ C1] __usb_hcd_giveback_urb+0x32d/0x560
[ 36.175211][ C1] usb_hcd_giveback_urb+0x367/0x410
[ 36.180392][ C1] dummy_timer+0x11f2/0x3240
[ 36.184971][ C1] ? lock_downgrade+0x730/0x730
[ 36.189806][ C1] ? dummy_dequeue+0x490/0x490
[ 36.194556][ C1] call_timer_fn+0x1ac/0x6e0
[ 36.199119][ C1] ? dummy_dequeue+0x490/0x490
[ 36.203871][ C1] ? msleep_interruptible+0x130/0x130
[ 36.209232][ C1] ? lock_downgrade+0x730/0x730
[ 36.214058][ C1] ? _raw_spin_unlock_irq+0x1f/0x30
[ 36.219235][ C1] ? lockdep_hardirqs_on_prepare+0x1bc/0x550
[ 36.225190][ C1] ? trace_hardirqs_on+0x5f/0x200
[ 36.230277][ C1] ? dummy_dequeue+0x490/0x490
[ 36.235021][ C1] __run_timers.part.0+0x54c/0x9e0
[ 36.240107][ C1] ? call_timer_fn+0x6e0/0x6e0
[ 36.244862][ C1] ? clockevents_program_event+0x12b/0x350
[ 36.250644][ C1] ? tick_program_event+0xa8/0x130
[ 36.255745][ C1] run_timer_softirq+0x80/0x120
[ 36.260612][ C1] __do_softirq+0x222/0x95b
[ 36.261349][ T5] usb 6-1: USB disconnect, device number 3
[ 36.265128][ C1] asm_call_on_stack+0xf/0x20
[ 36.265147][ C1] </IRQ>
[ 36.278540][ C1] do_softirq_own_stack+0xed/0x140
[ 36.283655][ C1] irq_exit_rcu+0x150/0x1f0
[ 36.288167][ C1] sysvec_apic_timer_interrupt+0x49/0xc0
[ 36.293799][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 36.299770][ C1] RIP: 0010:acpi_safe_halt+0x72/0x90
[ 36.305031][ C1] Code: 74 06 5b e9 e0 5c 8f fb e8 db 5c 8f fb e8 26 e8 94 fb e9 0c 00 00 00 e8 cc 5c 8f fb 0f 00 2d 05 73 74 00 e8 c0 5c 8f fb fb f4 <fa> e8 18 e2 94 fb 5b e9 b2 5c 8f fb 48 89 df e8 fa 0b b9 fb eb ab
[ 36.325222][ C1] RSP: 0018:ffff8881da22fc80 EFLAGS: 00000293
[ 36.331262][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 36.339297][ C1] RDX: ffff8881da213200 RSI: ffffffff85b04d40 RDI: ffffffff85b04d2a
[ 36.347251][ C1] RBP: ffff8881d8ccb064 R08: 0000000000000000 R09: 0000000000000000
[ 36.355222][ C1] R10: 0000000000000001 R11: 0000000000000000 R12: ffff8881d8ccb064
[ 36.363184][ C1] R13: 1ffff1103b445f99 R14: ffff8881d8ccb065 R15: 0000000000000001
[ 36.371149][ C1] ? acpi_safe_halt+0x70/0x90
[ 36.375802][ C1] ? acpi_safe_halt+0x5a/0x90
[ 36.380455][ C1] acpi_idle_do_entry+0x15c/0x1b0
[ 36.385459][ C1] acpi_idle_enter+0x3f0/0xa50
[ 36.390222][ C1] ? acpi_idle_enter_s2idle+0x190/0x190
[ 36.395742][ C1] ? kvm_sched_clock_read+0x14/0x30
[ 36.400914][ C1] ? sched_clock+0x5/0x10
[ 36.405230][ C1] ? sched_clock_cpu+0x18/0x170
[ 36.410159][ C1] cpuidle_enter_state+0xff/0x870
[ 36.415177][ C1] ? rcu_read_lock_sched_held+0x3a/0x70
executing program
[ 36.418538][ T333] usb 3-1: USB disconnect, device number 3
[ 36.420714][ C1] cpuidle_enter+0x4a/0xa0
[ 36.430901][ C1] do_idle+0x3d6/0x5a0
[ 36.434981][ C1] ? arch_cpu_idle_exit+0x40/0x40
[ 36.440062][ C1] ? lockdep_hardirqs_on_prepare+0x370/0x550
[ 36.443569][ T12] usb 2-1: USB disconnect, device number 3
[ 36.446301][ C1] ? trace_hardirqs_on+0x5f/0x200
[ 36.446319][ C1] cpu_startup_entry+0x14/0x20
[ 36.446332][ C1] start_secondary+0x2d2/0x3c0
[ 36.446350][ C1] ? set_cpu_sibling_map+0x1ff0/0x1ff0
executing program
[ 36.472374][ C1] secondary_startup_64+0xb6/0xc0
[ 36.477395][ C1]
[ 36.479723][ C1] Allocated by task 117:
[ 36.483946][ C1] save_stack+0x1b/0x40
[ 36.488077][ C1] __kasan_kmalloc.constprop.0+0xc2/0xd0
[ 36.493706][ C1] kmem_cache_alloc+0xd2/0x310
[ 36.498467][ C1] getname_flags.part.0+0x50/0x4f0
[ 36.503563][ C1] getname+0x8e/0xd0
[ 36.507456][ C1] do_sys_openat2+0xf7/0x3b0
[ 36.512035][ C1] __x64_sys_open+0x119/0x1c0
[ 36.516687][ C1] do_syscall_64+0x50/0x90
[ 36.521166][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 36.527036][ C1]
[ 36.529348][ C1] Freed by task 117:
[ 36.533226][ C1] save_stack+0x1b/0x40
[ 36.537359][ C1] __kasan_slab_free+0x116/0x160
[ 36.542290][ C1] slab_free_freelist_hook+0x53/0x140
[ 36.547635][ C1] kmem_cache_free+0x84/0x2e0
[ 36.552288][ C1] putname+0xe1/0x120
[ 36.556247][ C1] do_sys_openat2+0x155/0x3b0
[ 36.560921][ C1] __x64_sys_open+0x119/0x1c0
[ 36.565666][ C1] do_syscall_64+0x50/0x90
[ 36.570072][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 36.575941][ C1]
[ 36.578308][ C1] The buggy address belongs to the object at ffff8881cbf63300
[ 36.578308][ C1] which belongs to the cache names_cache of size 4096
[ 36.592512][ C1] The buggy address is located 3472 bytes inside of
[ 36.592512][ C1] 4096-byte region [ffff8881cbf63300, ffff8881cbf64300)
[ 36.606022][ C1] The buggy address belongs to the page:
[ 36.611659][ C1] page:ffffea00072fd800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 head:ffffea00072fd800 order:3 compound_mapcount:0 compound_pincount:0
[ 36.626816][ C1] flags: 0x200000000010200(slab|head)
[ 36.632200][ C1] raw: 0200000000010200 dead000000000100 dead000000000122 ffff8881da120000
[ 36.640922][ C1] raw: 0000000000000000 0000000000070007 00000001ffffffff 0000000000000000
[ 36.649589][ C1] page dumped because: kasan: bad access detected
[ 36.656103][ C1]
[ 36.658410][ C1] Memory state around the buggy address:
[ 36.664232][ C1] ffff8881cbf63f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 36.672276][ C1] ffff8881cbf64000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 36.680331][ C1] >ffff8881cbf64080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 36.688372][ C1] ^
[ 36.692958][ C1] ffff8881cbf64100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 36.701012][ C1] ffff8881cbf64180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 36.709045][ C1] ==================================================================
[ 36.717080][ C1] Disabling lock debugging due to kernel taint
[ 36.723232][ C1] Kernel panic - not syncing: panic_on_warn set ...
[ 36.729816][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G B 5.8.0-rc7-syzkaller #0
[ 36.739222][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 36.749250][ C1] Call Trace:
[ 36.752687][ C1] <IRQ>
[ 36.755540][ C1] dump_stack+0xf6/0x16e
[ 36.759788][ C1] ? ath9k_hif_usb_rx_cb+0xc90/0xf80
[ 36.765052][ C1] panic+0x2aa/0x6e1
[ 36.768944][ C1] ? __warn_printk+0xf3/0xf3
[ 36.773511][ C1] ? _raw_spin_unlock_irqrestore+0x2a/0x40
[ 36.779297][ C1] ? trace_hardirqs_off+0x27/0x1f0
[ 36.784380][ C1] ? ath9k_hif_usb_rx_cb+0xd7d/0xf80
[ 36.789667][ C1] ? ath9k_hif_usb_rx_cb+0xd7d/0xf80
[ 36.794936][ C1] end_report+0x4d/0x53
[ 36.799064][ C1] kasan_report.cold+0x72/0x7c
[ 36.803799][ C1] ? ath9k_hif_usb_rx_cb+0xd7d/0xf80
[ 36.809063][ C1] ath9k_hif_usb_rx_cb+0xd7d/0xf80
[ 36.814164][ C1] ? __usb_hcd_giveback_urb+0x302/0x560
[ 36.819696][ C1] ? hif_usb_start+0xa0/0xa0
[ 36.824259][ C1] ? lock_downgrade+0x730/0x730
[ 36.829082][ C1] ? trace_hardirqs_off+0x27/0x1f0
[ 36.834180][ C1] __usb_hcd_giveback_urb+0x32d/0x560
[ 36.840051][ C1] usb_hcd_giveback_urb+0x367/0x410
[ 36.845230][ C1] dummy_timer+0x11f2/0x3240
[ 36.849802][ C1] ? lock_downgrade+0x730/0x730
[ 36.854620][ C1] ? dummy_dequeue+0x490/0x490
[ 36.859365][ C1] call_timer_fn+0x1ac/0x6e0
[ 36.864027][ C1] ? dummy_dequeue+0x490/0x490
[ 36.868848][ C1] ? msleep_interruptible+0x130/0x130
[ 36.874199][ C1] ? lock_downgrade+0x730/0x730
[ 36.879027][ C1] ? _raw_spin_unlock_irq+0x1f/0x30
[ 36.884200][ C1] ? lockdep_hardirqs_on_prepare+0x1bc/0x550
[ 36.890156][ C1] ? trace_hardirqs_on+0x5f/0x200
[ 36.895156][ C1] ? dummy_dequeue+0x490/0x490
[ 36.899896][ C1] __run_timers.part.0+0x54c/0x9e0
[ 36.905198][ C1] ? call_timer_fn+0x6e0/0x6e0
[ 36.909942][ C1] ? clockevents_program_event+0x12b/0x350
[ 36.915764][ C1] ? tick_program_event+0xa8/0x130
[ 36.920868][ C1] run_timer_softirq+0x80/0x120
[ 36.925695][ C1] __do_softirq+0x222/0x95b
[ 36.930174][ C1] asm_call_on_stack+0xf/0x20
[ 36.934817][ C1] </IRQ>
[ 36.937733][ C1] do_softirq_own_stack+0xed/0x140
[ 36.943268][ C1] irq_exit_rcu+0x150/0x1f0
[ 36.947749][ C1] sysvec_apic_timer_interrupt+0x49/0xc0
[ 36.953354][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 36.959307][ C1] RIP: 0010:acpi_safe_halt+0x72/0x90
[ 36.964577][ C1] Code: 74 06 5b e9 e0 5c 8f fb e8 db 5c 8f fb e8 26 e8 94 fb e9 0c 00 00 00 e8 cc 5c 8f fb 0f 00 2d 05 73 74 00 e8 c0 5c 8f fb fb f4 <fa> e8 18 e2 94 fb 5b e9 b2 5c 8f fb 48 89 df e8 fa 0b b9 fb eb ab
[ 36.984158][ C1] RSP: 0018:ffff8881da22fc80 EFLAGS: 00000293
[ 36.990198][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 36.998237][ C1] RDX: ffff8881da213200 RSI: ffffffff85b04d40 RDI: ffffffff85b04d2a
[ 37.006193][ C1] RBP: ffff8881d8ccb064 R08: 0000000000000000 R09: 0000000000000000
[ 37.014138][ C1] R10: 0000000000000001 R11: 0000000000000000 R12: ffff8881d8ccb064
[ 37.022083][ C1] R13: 1ffff1103b445f99 R14: ffff8881d8ccb065 R15: 0000000000000001
[ 37.030036][ C1] ? acpi_safe_halt+0x70/0x90
[ 37.034707][ C1] ? acpi_safe_halt+0x5a/0x90
[ 37.039454][ C1] acpi_idle_do_entry+0x15c/0x1b0
[ 37.044450][ C1] acpi_idle_enter+0x3f0/0xa50
[ 37.049210][ C1] ? acpi_idle_enter_s2idle+0x190/0x190
[ 37.054822][ C1] ? kvm_sched_clock_read+0x14/0x30
[ 37.060001][ C1] ? sched_clock+0x5/0x10
[ 37.064324][ C1] ? sched_clock_cpu+0x18/0x170
[ 37.069183][ C1] cpuidle_enter_state+0xff/0x870
[ 37.074188][ C1] ? rcu_read_lock_sched_held+0x3a/0x70
[ 37.081194][ C1] cpuidle_enter+0x4a/0xa0
[ 37.085600][ C1] do_idle+0x3d6/0x5a0
[ 37.089643][ C1] ? arch_cpu_idle_exit+0x40/0x40
[ 37.094644][ C1] ? lockdep_hardirqs_on_prepare+0x370/0x550
[ 37.100769][ C1] ? trace_hardirqs_on+0x5f/0x200
[ 37.105784][ C1] cpu_startup_entry+0x14/0x20
[ 37.110588][ C1] start_secondary+0x2d2/0x3c0
[ 37.115412][ C1] ? set_cpu_sibling_map+0x1ff0/0x1ff0
[ 37.120866][ C1] secondary_startup_64+0xb6/0xc0
[ 37.126426][ C1] Kernel Offset: disabled
[ 37.130733][ C1] Rebooting in 86400 seconds..