INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.109' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 25.179486][ T22] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 25.539547][ T22] usb 1-1: config index 0 descriptor too short (expected 101, got 88) [ 25.547797][ T22] usb 1-1: config 0 has an invalid interface number: 95 but max is 0 [ 25.555997][ T22] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 25.566077][ T22] usb 1-1: config 0 has no interface number 0 [ 25.572184][ T22] usb 1-1: New USB device found, idVendor=1286, idProduct=204a, bcdDevice=79.5b [ 25.581225][ T22] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 25.590442][ T22] usb 1-1: config 0 descriptor?? executing program [ 25.869645][ T22] usb 1-1: string descriptor 0 read error: -71 [ 25.880430][ T22] usb 1-1: USB disconnect, device number 2 [ 25.902166][ T1720] usb 1-1: Direct firmware load for mrvl/usb8801_uapsta.bin failed with error -2 [ 25.911332][ T1720] usb 1-1: Failed to get firmware mrvl/usb8801_uapsta.bin [ 25.918430][ T1720] usb 1-1: info: _mwifiex_fw_dpc: unregister device [ 25.925209][ T1720] INFO: trying to register non-static key. [ 25.930997][ T1720] the code is fine but needs lockdep annotation. [ 25.937292][ T1720] turning off the locking correctness validator. [ 25.943596][ T1720] CPU: 1 PID: 1720 Comm: kworker/1:2 Not tainted 5.5.0-rc2-syzkaller #0 [ 25.951890][ T1720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.961925][ T1720] Workqueue: events request_firmware_work_func [ 25.968049][ T1720] Call Trace: [ 25.971314][ T1720] dump_stack+0xef/0x16e [ 25.975531][ T1720] register_lock_class+0x1022/0x11d0 [ 25.980790][ T1720] ? ret_from_fork+0x24/0x30 [ 25.985354][ T1720] ? is_dynamic_key+0x1b0/0x1b0 [ 25.990178][ T1720] ? stack_trace_save+0x9f/0xe0 [ 25.995008][ T1720] __lock_acquire+0xfc/0x3b60 [ 25.999659][ T1720] ? kthread+0x318/0x420 [ 26.003872][ T1720] ? mark_held_locks+0xe0/0xe0 [ 26.008608][ T1720] ? _cond_resched+0x10/0x20 [ 26.013208][ T1720] ? usb_kill_urb+0x198/0x2c0 [ 26.017856][ T1720] lock_acquire+0x127/0x320 [ 26.022335][ T1720] ? try_to_del_timer_sync+0x110/0x110 [ 26.027771][ T1720] del_timer_sync+0x3a/0x130 [ 26.032334][ T1720] ? try_to_del_timer_sync+0x110/0x110 [ 26.037800][ T1720] mwifiex_unregister_dev+0x416/0x690 [ 26.043146][ T1720] _mwifiex_fw_dpc+0x5a4/0xde0 [ 26.047883][ T1720] ? mwifiex_usb_prepare_tx_aggr_skb+0x8c0/0x8c0 [ 26.054193][ T1720] ? mwifiex_drv_info_dump+0xf70/0xf70 [ 26.059631][ T1720] ? _request_firmware+0x8eb/0x1140 [ 26.064816][ T1720] ? kfree+0xda/0x310 [ 26.068769][ T1720] ? _request_firmware+0x10b/0x1140 [ 26.073967][ T1720] ? assign_fw+0x570/0x570 [ 26.078357][ T1720] ? find_held_lock+0x2d/0x110 [ 26.083093][ T1720] ? mark_held_locks+0xe0/0xe0 [ 26.087838][ T1720] ? _mwifiex_fw_dpc+0xde0/0xde0 [ 26.092751][ T1720] request_firmware_work_func+0x126/0x242 [ 26.098464][ T1720] ? request_firmware_into_buf+0x90/0x90 [ 26.104079][ T1720] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 26.109705][ T1720] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 26.114965][ T1720] process_one_work+0x92b/0x1530 [ 26.119890][ T1720] ? pwq_dec_nr_in_flight+0x310/0x310 [ 26.125233][ T1720] ? do_raw_spin_lock+0x11a/0x280 [ 26.130232][ T1720] worker_thread+0x96/0xe20 [ 26.134710][ T1720] ? process_one_work+0x1530/0x1530 [ 26.139881][ T1720] kthread+0x318/0x420 [ 26.143921][ T1720] ? kthread_create_on_node+0xf0/0xf0 [ 26.149265][ T1720] ret_from_fork+0x24/0x30 [ 26.153699][ T1720] ------------[ cut here ]------------ [ 26.159143][ T1720] ODEBUG: assert_init not available (active state 0) object type: timer_list hint: 0x0 [ 26.168853][ T1720] WARNING: CPU: 1 PID: 1720 at lib/debugobjects.c:481 debug_print_object+0x160/0x250 [ 26.178285][ T1720] Kernel panic - not syncing: panic_on_warn set ... [ 26.184850][ T1720] CPU: 1 PID: 1720 Comm: kworker/1:2 Not tainted 5.5.0-rc2-syzkaller #0 [ 26.193142][ T1720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.203189][ T1720] Workqueue: events request_firmware_work_func [ 26.209312][ T1720] Call Trace: [ 26.212580][ T1720] dump_stack+0xef/0x16e [ 26.216798][ T1720] ? debug_print_object+0xf0/0x250 [ 26.221889][ T1720] panic+0x2aa/0x6e1 [ 26.225764][ T1720] ? add_taint.cold+0x16/0x16 [ 26.230422][ T1720] ? __probe_kernel_read+0x188/0x1d0 [ 26.235781][ T1720] ? __warn.cold+0x14/0x30 [ 26.240172][ T1720] ? __warn+0xd5/0x1c8 [ 26.244218][ T1720] ? debug_print_object+0x160/0x250 [ 26.249402][ T1720] __warn.cold+0x2f/0x30 [ 26.253630][ T1720] ? debug_print_object+0x160/0x250 [ 26.258804][ T1720] report_bug+0x27b/0x2f0 [ 26.263142][ T1720] do_error_trap+0x12b/0x1e0 [ 26.267707][ T1720] ? debug_print_object+0x160/0x250 [ 26.272880][ T1720] do_invalid_op+0x32/0x40 [ 26.277273][ T1720] ? debug_print_object+0x160/0x250 [ 26.282557][ T1720] invalid_op+0x23/0x30 [ 26.286695][ T1720] RIP: 0010:debug_print_object+0x160/0x250 [ 26.292487][ T1720] Code: dd 20 ff da 85 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 bf 00 00 00 48 8b 14 dd 20 ff da 85 48 c7 c7 c0 f4 da 85 e8 f8 b6 2b ff <0f> 0b 83 05 9b 78 bf 05 01 48 83 c4 20 5b 5d 41 5c 41 5d c3 48 89 [ 26.312064][ T1720] RSP: 0018:ffff8881cfd778d8 EFLAGS: 00010286 [ 26.318109][ T1720] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000000000 [ 26.326056][ T1720] RDX: 0000000000000000 RSI: ffffffff81295dad RDI: ffffed1039faef0d [ 26.334004][ T1720] RBP: 0000000000000001 R08: ffff8881d029b100 R09: fffffbfff0ddeafd [ 26.341952][ T1720] R10: fffffbfff0ddeafc R11: ffffffff86ef57e3 R12: ffffffff86f0c240 [ 26.349904][ T1720] R13: ffffffff812f79a0 R14: 1ffff11039faef28 R15: ffff8881cfe342f8 [ 26.357864][ T1720] ? calc_wheel_index+0x220/0x220 [ 26.362863][ T1720] ? vprintk_func+0x7d/0x113 [ 26.367431][ T1720] ? debug_print_object+0x160/0x250 [ 26.372602][ T1720] debug_object_assert_init+0x23a/0x2f0 [ 26.378122][ T1720] ? debug_object_free+0x340/0x340 [ 26.383207][ T1720] ? trace_hardirqs_on_caller+0x5a/0x1e0 [ 26.388816][ T1720] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 26.394252][ T1720] try_to_del_timer_sync+0x6d/0x110 [ 26.399433][ T1720] ? del_timer+0x100/0x100 [ 26.403829][ T1720] ? trace_hardirqs_on+0x55/0x1e0 [ 26.408828][ T1720] ? del_timer_sync+0x115/0x130 [ 26.413656][ T1720] del_timer_sync+0xe4/0x130 [ 26.418360][ T1720] mwifiex_unregister_dev+0x416/0x690 [ 26.423709][ T1720] _mwifiex_fw_dpc+0x5a4/0xde0 [ 26.428447][ T1720] ? mwifiex_usb_prepare_tx_aggr_skb+0x8c0/0x8c0 [ 26.434771][ T1720] ? mwifiex_drv_info_dump+0xf70/0xf70 [ 26.440204][ T1720] ? _request_firmware+0x8eb/0x1140 [ 26.445374][ T1720] ? kfree+0xda/0x310 [ 26.449333][ T1720] ? _request_firmware+0x10b/0x1140 [ 26.454503][ T1720] ? assign_fw+0x570/0x570 [ 26.458920][ T1720] ? find_held_lock+0x2d/0x110 [ 26.463660][ T1720] ? mark_held_locks+0xe0/0xe0 [ 26.468398][ T1720] ? _mwifiex_fw_dpc+0xde0/0xde0 [ 26.473310][ T1720] request_firmware_work_func+0x126/0x242 [ 26.479002][ T1720] ? request_firmware_into_buf+0x90/0x90 [ 26.484608][ T1720] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 26.490124][ T1720] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 26.495385][ T1720] process_one_work+0x92b/0x1530 [ 26.500323][ T1720] ? pwq_dec_nr_in_flight+0x310/0x310 [ 26.505667][ T1720] ? do_raw_spin_lock+0x11a/0x280 [ 26.510664][ T1720] worker_thread+0x96/0xe20 [ 26.515144][ T1720] ? process_one_work+0x1530/0x1530 [ 26.520315][ T1720] kthread+0x318/0x420 [ 26.524356][ T1720] ? kthread_create_on_node+0xf0/0xf0 [ 26.529706][ T1720] ret_from_fork+0x24/0x30 [ 26.534697][ T1720] Kernel Offset: disabled [ 26.539005][ T1720] Rebooting in 86400 seconds..