
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[   15.820630][    C1] random: crng init done
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.98' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
syzkaller login: [   77.619351][   T94] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   77.619360][   T95] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   77.629537][ T1806] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   77.642704][   T17] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   77.650589][   T78] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   77.658794][ T1808] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   77.719563][   T95] usb 1-1: Using ep0 maxpacket: 16
[   77.729626][   T94] usb 6-1: Using ep0 maxpacket: 16
[   77.739413][   T78] usb 3-1: Using ep0 maxpacket: 16
[   77.749472][   T17] usb 5-1: Using ep0 maxpacket: 16
[   77.754744][ T1808] usb 4-1: Using ep0 maxpacket: 16
[   77.760309][ T1806] usb 2-1: Using ep0 maxpacket: 16
[   77.849447][   T95] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   77.849464][   T94] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   77.849489][   T94] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   77.849510][   T94] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   77.860562][   T95] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   77.860578][   T95] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   77.860613][   T95] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[   77.860625][   T95] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.863743][   T95] usb 1-1: config 0 descriptor??
[   77.871799][   T94] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[   77.871816][   T94] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.875845][   T78] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   77.967994][   T78] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   77.977777][   T78] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   77.990606][   T78] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[   77.999813][   T78] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.008006][   T17] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   78.019276][   T17] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   78.029114][   T17] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   78.042046][   T17] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[   78.051147][   T17] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.059346][ T1808] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   78.070335][ T1808] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   78.080116][ T1808] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   78.093516][ T1808] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[   78.102595][ T1808] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.110668][ T1806] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   78.121582][ T1806] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   78.131507][ T1806] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   78.144333][ T1806] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[   78.153393][ T1806] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.162435][   T94] usb 6-1: config 0 descriptor??
[   78.168745][   T17] usb 5-1: config 0 descriptor??
[   78.174063][ T1808] usb 4-1: config 0 descriptor??
[   78.180336][ T1806] usb 2-1: config 0 descriptor??
[   78.186826][   T78] usb 3-1: config 0 descriptor??
[   78.361167][   T95] cm6533_jd 0003:0D8C:0022.0001: unknown main item tag 0x0
[   78.368626][   T95] cm6533_jd 0003:0D8C:0022.0001: unknown main item tag 0x5
[   78.376367][   T95] cm6533_jd 0003:0D8C:0022.0001: No inputs registered, leaving
[   78.391179][   T95] cm6533_jd 0003:0D8C:0022.0001: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0
executing program
[   78.631511][   T95] usb 1-1: USB disconnect, device number 2
[   78.640605][   T94] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[   78.648022][   T94] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x5
[   78.657140][   T78] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0
[   78.669533][   T17] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0
[   78.676813][   T17] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x5
[   78.685415][ T1806] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0
[   78.694027][ T1808] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0
[   78.702197][   T94] cm6533_jd 0003:0D8C:0022.0002: No inputs registered, leaving
[   78.709925][ T1806] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x5
[   78.717918][ T1806] cm6533_jd 0003:0D8C:0022.0005: No inputs registered, leaving
[   78.725716][   T78] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x5
[   78.733080][ T1808] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x5
[   78.741529][   T17] cm6533_jd 0003:0D8C:0022.0004: No inputs registered, leaving
[   78.750675][   T78] cm6533_jd 0003:0D8C:0022.0003: No inputs registered, leaving
[   78.758809][   T94] cm6533_jd 0003:0D8C:0022.0002: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.5-1/input0
[   78.771295][ T1808] cm6533_jd 0003:0D8C:0022.0006: No inputs registered, leaving
[   78.780888][   T78] cm6533_jd 0003:0D8C:0022.0003: hiddev1,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0
[   78.794676][   T17] cm6533_jd 0003:0D8C:0022.0004: hiddev2,hidraw2: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.4-1/input0
[   78.810369][ T1806] cm6533_jd 0003:0D8C:0022.0005: hiddev4,hidraw4: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0
[   78.822567][ T1808] cm6533_jd 0003:0D8C:0022.0006: hiddev3,hidraw3: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0
executing program
[   78.911293][   T12] usb 6-1: USB disconnect, device number 2
executing program
executing program
[   78.980919][ T1826] usb 2-1: USB disconnect, device number 2
[   78.981541][ T1808] usb 5-1: USB disconnect, device number 2
[   79.019313][   T95] usb 1-1: new high-speed USB device number 3 using dummy_hcd
executing program
executing program
[   79.051005][   T17] usb 4-1: USB disconnect, device number 2
[   79.051552][ T1828] usb 3-1: USB disconnect, device number 2
[   79.110064][   T95] usb 1-1: Using ep0 maxpacket: 16
[   79.229524][   T95] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   79.240971][   T95] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   79.250876][   T95] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   79.263739][   T95] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[   79.272955][   T95] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.283000][   T95] usb 1-1: config 0 descriptor??
[   79.429387][ T1828] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   79.437145][   T12] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   79.444957][ T1826] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   79.449369][ T1808] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   79.460177][   T17] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   79.519532][ T1828] usb 3-1: Using ep0 maxpacket: 16
[   79.539537][ T1826] usb 2-1: Using ep0 maxpacket: 16
[   79.544990][   T12] usb 6-1: Using ep0 maxpacket: 16
[   79.559444][   T17] usb 4-1: Using ep0 maxpacket: 16
[   79.564935][ T1808] usb 5-1: Using ep0 maxpacket: 16
[   79.639432][ T1828] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   79.650565][ T1828] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   79.660397][ T1828] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   79.673477][ T1828] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[   79.682594][ T1828] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.690688][ T1826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   79.699421][   T17] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   79.702223][ T1826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   79.702245][ T1826] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   79.713688][   T17] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   79.723465][ T1826] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[   79.736368][   T17] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   79.746428][ T1826] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.755657][   T17] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[   79.768617][   T12] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   79.776565][   T17] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.777401][ T1808] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   79.785811][   T12] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   79.785830][   T12] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   79.785864][   T12] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[   79.796871][ T1808] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   79.796888][ T1808] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   79.796913][ T1808] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[   79.796929][ T1808] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.804963][   T12] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.817483][ T1808] usb 5-1: config 0 descriptor??
[   79.826849][   T95] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0
[   79.840447][   T17] usb 4-1: config 0 descriptor??
[   79.862194][   T95] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x5
[   79.923919][   T95] cm6533_jd 0003:0D8C:0022.0007: No inputs registered, leaving
[   79.932316][ T1826] usb 2-1: config 0 descriptor??
[   79.937824][   T12] usb 6-1: config 0 descriptor??
[   79.943188][ T1828] usb 3-1: config 0 descriptor??
[   79.950970][   T95] cm6533_jd 0003:0D8C:0022.0007: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0
executing program
[   80.090504][   T78] usb 1-1: USB disconnect, device number 3
[   80.330472][ T1808] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0
[   80.337785][ T1808] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x5
[   80.345707][ T1808] cm6533_jd 0003:0D8C:0022.0008: No inputs registered, leaving
[   80.354321][   T17] cm6533_jd 0003:0D8C:0022.0009: unknown main item tag 0x0
[   80.364033][ T1808] cm6533_jd 0003:0D8C:0022.0008: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.4-1/input0
[   80.376231][   T17] cm6533_jd 0003:0D8C:0022.0009: unknown main item tag 0x5
[   80.383839][   T17] cm6533_jd 0003:0D8C:0022.0009: No inputs registered, leaving
[   80.394470][   T17] cm6533_jd 0003:0D8C:0022.0009: hiddev1,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0
[   80.410370][ T1826] cm6533_jd 0003:0D8C:0022.000A: unknown main item tag 0x0
[   80.417664][ T1826] cm6533_jd 0003:0D8C:0022.000A: unknown main item tag 0x5
[   80.426458][ T1828] cm6533_jd 0003:0D8C:0022.000B: unknown main item tag 0x0
[   80.435036][   T12] cm6533_jd 0003:0D8C:0022.000C: unknown main item tag 0x0
[   80.448415][ T1826] cm6533_jd 0003:0D8C:0022.000A: No inputs registered, leaving
[   80.456507][   T12] cm6533_jd 0003:0D8C:0022.000C: unknown main item tag 0x5
[   80.463873][ T1828] cm6533_jd 0003:0D8C:0022.000B: unknown main item tag 0x5
[   80.471873][ T1828] cm6533_jd 0003:0D8C:0022.000B: No inputs registered, leaving
[   80.481196][   T12] cm6533_jd 0003:0D8C:0022.000C: No inputs registered, leaving
[   80.489178][ T1826] cm6533_jd 0003:0D8C:0022.000A: hiddev2,hidraw2: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0
[   80.503673][   T12] cm6533_jd 0003:0D8C:0022.000C: hiddev3,hidraw3: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.5-1/input0
[   80.509324][   T78] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   80.524378][ T1828] cm6533_jd 0003:0D8C:0022.000B: hiddev4,hidraw4: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0
executing program
executing program
executing program
executing program
[   80.600581][ T1828] usb 5-1: USB disconnect, device number 3
[   80.610894][   T12] usb 2-1: USB disconnect, device number 3
[   80.619556][   T78] usb 1-1: Using ep0 maxpacket: 16
[   80.626491][   T17] usb 3-1: USB disconnect, device number 3
[   80.627449][ T1826] usb 6-1: USB disconnect, device number 3
[   80.669535][ T1828] ==================================================================
[   80.671272][ T1808] usb 4-1: USB disconnect, device number 3
[   80.677654][ T1828] BUG: KASAN: use-after-free in __lock_acquire+0x31af/0x3b60
[   80.677669][ T1828] Read of size 8 at addr ffff8881cf2c78a8 by task kworker/0:4/1828
[   80.698944][ T1828] 
[   80.701283][ T1828] CPU: 0 PID: 1828 Comm: kworker/0:4 Not tainted 5.5.0-rc7-syzkaller #0
[   80.709665][ T1828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   80.719727][ T1828] Workqueue: usb_hub_wq hub_event
[   80.724729][ T1828] Call Trace:
[   80.728001][ T1828]  dump_stack+0xef/0x16e
[   80.732230][ T1828]  ? __lock_acquire+0x31af/0x3b60
[   80.738230][ T1828]  ? __lock_acquire+0x31af/0x3b60
[   80.739400][   T78] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   80.743257][ T1828]  print_address_description.constprop.0.cold+0xd3/0x314
[   80.743270][ T1828]  ? __lock_acquire+0x31af/0x3b60
[   80.743281][ T1828]  ? __lock_acquire+0x31af/0x3b60
[   80.743292][ T1828]  __kasan_report.cold+0x37/0x85
[   80.743300][ T1828]  ? __lock_acquire+0x31af/0x3b60
[   80.743317][ T1828]  kasan_report+0xe/0x20
[   80.754350][   T78] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   80.761278][ T1828]  __lock_acquire+0x31af/0x3b60
[   80.761288][ T1828]  ? mark_lock+0xbc/0x1160
[   80.761298][ T1828]  ? mark_held_locks+0xe0/0xe0
[   80.761306][ T1828]  ? find_held_lock+0x2d/0x110
[   80.761316][ T1828]  lock_acquire+0x130/0x340
[   80.761327][ T1828]  ? __wake_up_common_lock+0xb4/0x130
[   80.761338][ T1828]  _raw_spin_lock_irqsave+0x32/0x50
[   80.761355][ T1828]  ? __wake_up_common_lock+0xb4/0x130
[   80.766419][   T78] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   80.771426][ T1828]  __wake_up_common_lock+0xb4/0x130
[   80.771439][ T1828]  ? __wake_up_common+0x650/0x650
[   80.771449][ T1828]  ? __mutex_unlock_slowpath+0xe2/0x660
[   80.771457][ T1828]  ? del_timer_sync+0x115/0x130
[   80.771468][ T1828]  ? usbhid_close+0x15c/0x210
[   80.771478][ T1828]  hiddev_disconnect+0x154/0x1b4
[   80.771495][ T1828]  hid_disconnect+0xb4/0x1a0
[   80.776444][   T78] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[   80.781479][ T1828]  hid_hw_stop+0x12/0x70
[   80.781494][ T1828]  cmhid_remove+0x38/0x50
[   80.781503][ T1828]  hid_device_remove+0xed/0x240
[   80.781518][ T1828]  ? cmhid_input_configured+0x140/0x140
[   80.781528][ T1828]  ? hid_compare_device_paths+0xc0/0xc0
[   80.781542][ T1828]  device_release_driver_internal+0x231/0x500
[   80.781559][ T1828]  bus_remove_device+0x2eb/0x5a0
[   80.785817][   T78] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.795524][ T1828]  device_del+0x481/0xd30
[   80.795537][ T1828]  ? device_create_with_groups+0x120/0x120
[   80.795549][ T1828]  ? do_raw_spin_lock+0x129/0x290
[   80.795560][ T1828]  hid_destroy_device+0xe1/0x150
[   80.795570][ T1828]  usbhid_disconnect+0x9f/0xe0
[   80.795583][ T1828]  usb_unbind_interface+0x1bd/0x8a0
[   80.795595][ T1828]  ? usb_autoresume_device+0x60/0x60
[   80.795606][ T1828]  device_release_driver_internal+0x42f/0x500
[   80.795623][ T1828]  bus_remove_device+0x2eb/0x5a0
[   80.806881][   T78] usb 1-1: config 0 descriptor??
[   80.809669][ T1828]  device_del+0x481/0xd30
[   80.809684][ T1828]  ? device_create_with_groups+0x120/0x120
[   80.809695][ T1828]  ? usb_remove_ep_devs+0x3e/0x80
[   80.809706][ T1828]  ? remove_intf_ep_devs+0x13f/0x1d0
[   80.809717][ T1828]  usb_disable_device+0x23d/0x790
[   80.809727][ T1828]  usb_disconnect+0x293/0x900
[   80.809749][ T1828]  hub_event+0x1a1d/0x4300
[   81.021740][ T1828]  ? hub_port_debounce+0x350/0x350
[   81.026844][ T1828]  ? find_held_lock+0x2d/0x110
[   81.031652][ T1828]  ? mark_held_locks+0xe0/0xe0
[   81.036399][ T1828]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   81.041940][ T1828]  ? rcu_read_lock_bh_held+0xb0/0xb0
[   81.047227][ T1828]  process_one_work+0x945/0x15c0
[   81.052278][ T1828]  ? pwq_dec_nr_in_flight+0x310/0x310
[   81.057655][ T1828]  ? do_raw_spin_lock+0x129/0x290
[   81.062928][ T1828]  worker_thread+0x96/0xe20
[   81.067484][ T1828]  ? process_one_work+0x15c0/0x15c0
[   81.073412][ T1828]  kthread+0x318/0x420
[   81.077567][ T1828]  ? kthread_create_on_node+0xf0/0xf0
[   81.082930][ T1828]  ret_from_fork+0x24/0x30
[   81.087519][ T1828] 
[   81.089834][ T1828] Allocated by task 1808:
[   81.094246][ T1828]  save_stack+0x1b/0x80
[   81.098393][ T1828]  __kasan_kmalloc.constprop.0+0xbf/0xd0
[   81.104010][ T1828]  hiddev_connect+0x242/0x5b0
[   81.108663][ T1828]  hid_connect+0x239/0xbb0
[   81.113075][ T1828]  hid_hw_start+0xa2/0x130
[   81.117467][ T1828]  cmhid_probe+0x104/0x160
[   81.121867][ T1828]  hid_device_probe+0x2be/0x3f0
[   81.126700][ T1828]  really_probe+0x290/0xad0
[   81.131282][ T1828]  driver_probe_device+0x223/0x350
[   81.136420][ T1828]  __device_attach_driver+0x1d1/0x290
[   81.141920][ T1828]  bus_for_each_drv+0x162/0x1e0
[   81.146814][ T1828]  __device_attach+0x217/0x390
[   81.151581][ T1828]  bus_probe_device+0x1e4/0x290
[   81.156428][ T1828]  device_add+0x1459/0x1bf0
[   81.161034][ T1828]  hid_add_device+0x33c/0x9a0
[   81.165710][ T1828]  usbhid_probe+0xa81/0xfa0
[   81.170337][ T1828]  usb_probe_interface+0x310/0x800
[   81.176086][ T1828]  really_probe+0x290/0xad0
[   81.180575][ T1828]  driver_probe_device+0x223/0x350
[   81.185696][ T1828]  __device_attach_driver+0x1d1/0x290
[   81.191098][ T1828]  bus_for_each_drv+0x162/0x1e0
[   81.195952][ T1828]  __device_attach+0x217/0x390
[   81.200708][ T1828]  bus_probe_device+0x1e4/0x290
[   81.205658][ T1828]  device_add+0x1459/0x1bf0
[   81.210164][ T1828]  usb_set_configuration+0xe47/0x17d0
[   81.215529][ T1828]  generic_probe+0x9d/0xd5
[   81.220041][ T1828]  usb_probe_device+0xaf/0x140
[   81.224791][ T1828]  really_probe+0x290/0xad0
[   81.229297][ T1828]  driver_probe_device+0x223/0x350
[   81.234487][ T1828]  __device_attach_driver+0x1d1/0x290
[   81.240015][ T1828]  bus_for_each_drv+0x162/0x1e0
[   81.244847][ T1828]  __device_attach+0x217/0x390
[   81.249597][ T1828]  bus_probe_device+0x1e4/0x290
[   81.254438][ T1828]  device_add+0x1459/0x1bf0
[   81.258926][ T1828]  usb_new_device.cold+0x540/0xcd0
[   81.264104][ T1828]  hub_event+0x21cb/0x4300
[   81.268514][ T1828]  process_one_work+0x945/0x15c0
[   81.273451][ T1828]  worker_thread+0x96/0xe20
[   81.278326][ T1828]  kthread+0x318/0x420
[   81.282392][ T1828]  ret_from_fork+0x24/0x30
[   81.287140][ T1828] 
[   81.289455][ T1828] Freed by task 1833:
[   81.290866][   T78] cm6533_jd 0003:0D8C:0022.000D: unknown main item tag 0x0
[   81.293431][ T1828]  save_stack+0x1b/0x80
[   81.293448][ T1828]  __kasan_slab_free+0x117/0x160
[   81.309064][   T78] cm6533_jd 0003:0D8C:0022.000D: unknown main item tag 0x5
[   81.309875][ T1828]  kfree+0xd5/0x300
[   81.309887][ T1828]  hiddev_release+0x402/0x520
[   81.309897][ T1828]  __fput+0x2d7/0x840
[   81.309906][ T1828]  task_work_run+0x13f/0x1c0
[   81.309916][ T1828]  exit_to_usermode_loop+0x1d2/0x200
[   81.309925][ T1828]  do_syscall_64+0x4e0/0x5a0
[   81.309936][ T1828]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   81.309938][ T1828] 
[   81.309946][ T1828] The buggy address belongs to the object at ffff8881cf2c7800
[   81.309946][ T1828]  which belongs to the cache kmalloc-512 of size 512
[   81.309954][ T1828] The buggy address is located 168 bytes inside of
[   81.309954][ T1828]  512-byte region [ffff8881cf2c7800, ffff8881cf2c7a00)
[   81.309963][ T1828] The buggy address belongs to the page:
[   81.325269][   T78] cm6533_jd 0003:0D8C:0022.000D: No inputs registered, leaving
[   81.325720][ T1828] page:ffffea00073cb100 refcount:1 mapcount:0 mapping:ffff8881da002500 index:0x0 compound_mapcount: 0
[   81.325737][ T1828] raw: 0200000000010200 dead000000000100 dead000000000122 ffff8881da002500
[   81.325751][ T1828] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   81.325755][ T1828] page dumped because: kasan: bad access detected
[   81.325764][ T1828] 
[   81.338607][   T78] cm6533_jd 0003:0D8C:0022.000D: hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0
[   81.339595][ T1828] Memory state around the buggy address:
[   81.339606][ T1828]  ffff8881cf2c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.339614][ T1828]  ffff8881cf2c7800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   81.339624][ T1828] >ffff8881cf2c7880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   81.339628][ T1828]                                   ^
[   81.339636][ T1828]  ffff8881cf2c7900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   81.339644][ T1828]  ffff8881cf2c7980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   81.339647][ T1828] ==================================================================
[   81.339650][ T1828] Disabling lock debugging due to kernel taint
[   81.339655][ T1828] Kernel panic - not syncing: panic_on_warn set ...
[   81.339668][ T1828] CPU: 0 PID: 1828 Comm: kworker/0:4 Tainted: G    B             5.5.0-rc7-syzkaller #0
[   81.339674][ T1828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   81.339686][ T1828] Workqueue: usb_hub_wq hub_event
[   81.544296][ T1828] Call Trace:
[   81.547590][ T1828]  dump_stack+0xef/0x16e
[   81.551894][ T1828]  panic+0x2aa/0x6e1
[   81.555793][ T1828]  ? add_taint.cold+0x16/0x16
[   81.560556][ T1828]  ? print_shadow_for_address+0xb8/0x114
[   81.562056][   T78] usb 1-1: USB disconnect, device number 4
[   81.566305][ T1828]  ? trace_hardirqs_off+0x50/0x200
[   81.566318][ T1828]  ? __lock_acquire+0x31af/0x3b60
[   81.566327][ T1828]  end_report+0x43/0x49
[   81.566343][ T1828]  ? __lock_acquire+0x31af/0x3b60
[   81.591473][ T1828]  __kasan_report.cold+0x55/0x85
[   81.596401][ T1828]  ? __lock_acquire+0x31af/0x3b60
[   81.601430][ T1828]  kasan_report+0xe/0x20
[   81.605662][ T1828]  __lock_acquire+0x31af/0x3b60
[   81.610511][ T1828]  ? mark_lock+0xbc/0x1160
[   81.614918][ T1828]  ? mark_held_locks+0xe0/0xe0
[   81.619793][ T1828]  ? find_held_lock+0x2d/0x110
[   81.624591][ T1828]  lock_acquire+0x130/0x340
[   81.629089][ T1828]  ? __wake_up_common_lock+0xb4/0x130
[   81.634444][ T1828]  _raw_spin_lock_irqsave+0x32/0x50
[   81.639624][ T1828]  ? __wake_up_common_lock+0xb4/0x130
[   81.644979][ T1828]  __wake_up_common_lock+0xb4/0x130
[   81.650162][ T1828]  ? __wake_up_common+0x650/0x650
[   81.655229][ T1828]  ? __mutex_unlock_slowpath+0xe2/0x660
[   81.660760][ T1828]  ? del_timer_sync+0x115/0x130
[   81.665605][ T1828]  ? usbhid_close+0x15c/0x210
[   81.670273][ T1828]  hiddev_disconnect+0x154/0x1b4
[   81.675197][ T1828]  hid_disconnect+0xb4/0x1a0
[   81.679784][ T1828]  hid_hw_stop+0x12/0x70
[   81.684014][ T1828]  cmhid_remove+0x38/0x50
[   81.688346][ T1828]  hid_device_remove+0xed/0x240
[   81.693183][ T1828]  ? cmhid_input_configured+0x140/0x140
[   81.698725][ T1828]  ? hid_compare_device_paths+0xc0/0xc0
[   81.704358][ T1828]  device_release_driver_internal+0x231/0x500
[   81.710467][ T1828]  bus_remove_device+0x2eb/0x5a0
[   81.715478][ T1828]  device_del+0x481/0xd30
[   81.719821][ T1828]  ? device_create_with_groups+0x120/0x120
[   81.725609][ T1828]  ? do_raw_spin_lock+0x129/0x290
[   81.730627][ T1828]  hid_destroy_device+0xe1/0x150
[   81.735556][ T1828]  usbhid_disconnect+0x9f/0xe0
[   81.740612][ T1828]  usb_unbind_interface+0x1bd/0x8a0
[   81.745957][ T1828]  ? usb_autoresume_device+0x60/0x60
[   81.751229][ T1828]  device_release_driver_internal+0x42f/0x500
[   81.757326][ T1828]  bus_remove_device+0x2eb/0x5a0
[   81.762261][ T1828]  device_del+0x481/0xd30
[   81.766598][ T1828]  ? device_create_with_groups+0x120/0x120
[   81.772516][ T1828]  ? usb_remove_ep_devs+0x3e/0x80
[   81.777616][ T1828]  ? remove_intf_ep_devs+0x13f/0x1d0
[   81.782888][ T1828]  usb_disable_device+0x23d/0x790
[   81.787900][ T1828]  usb_disconnect+0x293/0x900
[   81.792563][ T1828]  hub_event+0x1a1d/0x4300
[   81.796970][ T1828]  ? hub_port_debounce+0x350/0x350
[   81.802067][ T1828]  ? find_held_lock+0x2d/0x110
[   81.806858][ T1828]  ? mark_held_locks+0xe0/0xe0
[   81.811875][ T1828]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   81.817417][ T1828]  ? rcu_read_lock_bh_held+0xb0/0xb0
[   81.822689][ T1828]  process_one_work+0x945/0x15c0
[   81.827617][ T1828]  ? pwq_dec_nr_in_flight+0x310/0x310
[   81.833106][ T1828]  ? do_raw_spin_lock+0x129/0x290
[   81.838128][ T1828]  worker_thread+0x96/0xe20
[   81.842648][ T1828]  ? process_one_work+0x15c0/0x15c0
[   81.847844][ T1828]  kthread+0x318/0x420
[   81.851906][ T1828]  ? kthread_create_on_node+0xf0/0xf0
[   81.857325][ T1828]  ret_from_fork+0x24/0x30
[   81.862675][ T1828] Kernel Offset: disabled
[   81.867069][ T1828] Rebooting in 86400 seconds..