./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1796160763 <...> Warning: Permanently added '10.128.1.73' (ECDSA) to the list of known hosts. execve("./syz-executor1796160763", ["./syz-executor1796160763"], 0x7fffb0b8bd00 /* 10 vars */) = 0 brk(NULL) = 0x555556f80000 brk(0x555556f80c40) = 0x555556f80c40 arch_prctl(ARCH_SET_FS, 0x555556f80300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1796160763", 4096) = 28 brk(0x555556fa1c40) = 0x555556fa1c40 brk(0x555556fa2000) = 0x555556fa2000 mprotect(0x7efe74a38000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3606 attached , child_tidptr=0x555556f805d0) = 3606 [pid 3606] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 3606] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3606] setsid() = 1 [pid 3606] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 3606] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 3606] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 3606] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 3606] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 3606] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 3606] unshare(CLONE_NEWNS) = 0 [pid 3606] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 3606] unshare(CLONE_NEWIPC) = 0 [pid 3606] unshare(CLONE_NEWCGROUP) = 0 [pid 3606] unshare(CLONE_NEWUTS) = 0 [pid 3606] unshare(CLONE_SYSVSEM) = 0 [pid 3606] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 3606] write(3, "16777216", 8) = 8 [pid 3606] close(3) = 0 [pid 3606] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 3606] write(3, "536870912", 9) = 9 [pid 3606] close(3) = 0 [pid 3606] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 3606] write(3, "1024", 4) = 4 [pid 3606] close(3) = 0 [pid 3606] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 3606] write(3, "8192", 4) = 4 [pid 3606] close(3) = 0 [pid 3606] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 3606] write(3, "1024", 4) = 4 [pid 3606] close(3) = 0 [pid 3606] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 3606] write(3, "1024", 4) = 4 [pid 3606] close(3) = 0 [pid 3606] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 3606] write(3, "1024 1048576 500 1024", 21) = 21 [pid 3606] close(3) = 0 [pid 3606] getpid() = 1 [pid 3606] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [ 42.336183][ C0] dump_stack_lvl+0xcd/0x134 [ 42.336211][ C0] print_report.cold+0x2ba/0x719 [ 42.336256][ C0] ? si470x_int_in_callback.cold+0x96/0xbf [ 42.336290][ C0] kasan_report+0xb1/0x1e0 [ 42.336327][ C0] ? si470x_int_in_callback.cold+0x96/0xbf [ 42.336360][ C0] si470x_int_in_callback.cold+0x96/0xbf [ 42.336392][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 42.336419][ C0] ? lock_acquire+0x480/0x570 [ 42.336443][ C0] ? si470x_fops_read+0x7a0/0x7a0 [ 42.336484][ C0] ? usb_hcd_unmap_urb_for_dma+0x105/0x6d0 [ 42.336524][ C0] __usb_hcd_giveback_urb+0x2b0/0x5c0 [ 42.336563][ C0] usb_hcd_giveback_urb+0x380/0x430 [ 42.336601][ C0] dummy_timer+0x11ff/0x32c0 [ 42.336631][ C0] ? rcu_read_lock_sched_held+0xd/0x70 [ 42.336678][ C0] ? lock_release+0x560/0x780 [ 42.336701][ C0] ? __wake_up_common_lock+0xde/0x130 [ 42.336728][ C0] ? lock_downgrade+0x6e0/0x6e0 [ 42.336754][ C0] ? rcu_read_lock_sched_held+0xd/0x70 [ 42.336796][ C0] ? rcu_read_lock_sched_held+0xd/0x70 [ 42.336834][ C0] ? lock_acquire+0x480/0x570 [ 42.336861][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 42.336889][ C0] ? dummy_dequeue+0x500/0x500 [ 42.336913][ C0] ? scheduler_tick+0x25f/0x5e0 [ 42.336947][ C0] ? dummy_dequeue+0x500/0x500 [ 42.336971][ C0] call_timer_fn+0x1a0/0x6b0 [ 42.337001][ C0] ? timer_fixup_activate+0x350/0x350 [ 42.337032][ C0] ? lock_downgrade+0x6e0/0x6e0 [ 42.337059][ C0] ? __next_timer_interrupt+0x244/0x2c0 [ 42.337089][ C0] ? dummy_dequeue+0x500/0x500 [ 42.337113][ C0] ? dummy_dequeue+0x500/0x500 [ 42.337137][ C0] ? dummy_dequeue+0x500/0x500 [ 42.337163][ C0] __run_timers.part.0+0x674/0xa80 [ 42.337198][ C0] ? call_timer_fn+0x6b0/0x6b0 [ 42.337229][ C0] ? set_next_task_stop+0x140/0x140 [ 42.337255][ C0] ? kvm_sched_clock_read+0x14/0x40 [ 42.337284][ C0] ? sched_clock_cpu+0x69/0x2b0 [ 42.337312][ C0] run_timer_softirq+0xb3/0x1d0 [ 42.337343][ C0] __do_softirq+0x1d0/0x9c8 [ 42.337380][ C0] __irq_exit_rcu+0x123/0x180 [ 42.337407][ C0] irq_exit_rcu+0x5/0x20 [ 42.337432][ C0] sysvec_apic_timer_interrupt+0x93/0xc0 [ 42.337473][ C0] [ 42.337480][ C0] [ 42.337489][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 42.337522][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 [ 42.337560][ C0] Code: 48 89 ef 5d e9 81 73 4c 00 5d be 03 00 00 00 e9 26 0b 84 02 66 0f 1f 44 00 00 48 8b be a8 01 00 00 e8 b4 ff ff ff 31 c0 c3 90 <65> 8b 05 09 58 87 7e 89 c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b [ 42.337586][ C0] RSP: 0018:ffffc90002ddee70 EFLAGS: 00000293 [ 42.337608][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 42.337625][ C0] RDX: ffff88801bbe5880 RSI: ffffffff8160b515 RDI: 0000000000000007 [ 42.337647][ C0] RBP: ffffc90002ddf018 R08: 0000000000000007 R09: 0000000000000000 [ 42.337664][ C0] R10: 0000000000000200 R11: 69732d6f69646172 R12: 0000000000000001 [ 42.337681][ C0] R13: ffffffff91198da0 R14: 0000000000000200 R15: ffffffff8ca36a58 [ 42.337704][ C0] ? console_emit_next_record.constprop.0+0x4f5/0x840 [ 42.337736][ C0] console_emit_next_record.constprop.0+0x4fb/0x840 [ 42.337769][ C0] ? devkmsg_read+0x730/0x730 [ 42.337799][ C0] ? rcu_read_lock_sched_held+0xd/0x70 [ 42.337839][ C0] ? lock_acquire+0x480/0x570 [ 42.337864][ C0] ? lock_release+0x780/0x780 [ 42.337890][ C0] console_unlock+0x37a/0x5a0 [ 42.337916][ C0] ? console_emit_next_record.constprop.0+0x840/0x840 [ 42.337947][ C0] ? vprintk+0x80/0x90 [ 42.337974][ C0] vprintk_emit+0x1b9/0x5f0 [ 42.338002][ C0] vprintk+0x80/0x90 [ 42.338028][ C0] _printk+0xba/0xed [ 42.338060][ C0] ? record_print_text.cold+0x16/0x16 [ 42.338094][ C0] ? rpm_drop_usage_count+0x46/0x80 [ 42.338125][ C0] ? __pm_runtime_suspend+0xd0/0x2d0 [ 42.338157][ C0] ? usb_probe_interface+0x3b5/0x7f0 [ 42.338187][ C0] really_probe.cold+0x69/0x175 [ 42.338232][ C0] __driver_probe_device+0x1df/0x4d0 [ 42.338265][ C0] ? usb_match_id.part.0+0x15d/0x1b0 [ 42.338293][ C0] driver_probe_device+0x4c/0x1a0 [ 42.338328][ C0] __device_attach_driver+0x1d0/0x2e0 [ 42.338365][ C0] ? driver_allows_async_probing+0x170/0x170 [ 42.338401][ C0] bus_for_each_drv+0x15f/0x1e0 [ 42.338431][ C0] ? bus_for_each_dev+0x1d0/0x1d0 [ 42.338460][ C0] ? trace_hardirqs_on+0x2d/0x120 [ 42.338500][ C0] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 42.338530][ C0] __device_attach+0x1e4/0x530 [ 42.338563][ C0] ? device_driver_attach+0x210/0x210 [ 42.338599][ C0] ? kobject_uevent_env+0x2a7/0x1640 [ 42.338644][ C0] bus_probe_device+0x1e4/0x290 [ 42.338678][ C0] device_add+0xbd5/0x1e90 [ 42.338707][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 42.338735][ C0] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 42.338768][ C0] ? trace_hardirqs_on+0x2d/0x120 [ 42.338810][ C0] usb_set_configuration+0x1019/0x1900 [ 42.338862][ C0] usb_generic_driver_probe+0xba/0x100 [ 42.338903][ C0] usb_probe_device+0xd4/0x2c0 [ 42.338928][ C0] ? usb_driver_release_interface+0x180/0x180 [ 42.338956][ C0] really_probe+0x249/0xb90 [ 42.338991][ C0] __driver_probe_device+0x1df/0x4d0 [ 42.339027][ C0] driver_probe_device+0x4c/0x1a0 [ 42.339062][ C0] __device_attach_driver+0x1d0/0x2e0 [ 42.339099][ C0] ? driver_allows_async_probing+0x170/0x170 [ 42.339135][ C0] bus_for_each_drv+0x15f/0x1e0 [ 42.339164][ C0] ? bus_for_each_dev+0x1d0/0x1d0 [ 42.339194][ C0] ? trace_hardirqs_on+0x2d/0x120 [ 42.339232][ C0] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 42.339262][ C0] __device_attach+0x1e4/0x530 [ 42.339295][ C0] ? device_driver_attach+0x210/0x210 [ 42.339331][ C0] ? kobject_uevent_env+0x2a7/0x1640 [ 42.339371][ C0] bus_probe_device+0x1e4/0x290 [ 42.339405][ C0] device_add+0xbd5/0x1e90 [ 42.339433][ C0] ? usb_match_device+0xd4/0x550 [ 42.339459][ C0] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 42.339489][ C0] ? usb_detect_static_quirks+0x305/0x3b0 [ 42.339534][ C0] usb_new_device.cold+0x685/0x10ad [ 42.339565][ C0] ? do_raw_spin_lock+0x120/0x2a0 [ 42.339592][ C0] ? hub_disconnect+0x510/0x510 [ 42.339623][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 42.339660][ C0] hub_event+0x26c7/0x45e0 [ 42.339704][ C0] ? hub_port_debounce+0x3b0/0x3b0 [ 42.339737][ C0] ? trace_event_raw_event_irq_matrix_cpu+0x260/0x5a0 [ 42.339774][ C0] ? lock_acquire+0x480/0x570 [ 42.339799][ C0] ? lock_release+0x780/0x780 [ 42.339823][ C0] ? lock_downgrade+0x6e0/0x6e0 [ 42.339847][ C0] ? do_raw_spin_lock+0x120/0x2a0 [ 42.339877][ C0] ? read_word_at_a_time+0xe/0x20 [ 42.339904][ C0] ? strscpy+0xa1/0x2a0 [ 42.339932][ C0] process_one_work+0x991/0x1610 [ 42.339969][ C0] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 42.340004][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 42.340036][ C0] worker_thread+0x665/0x1080 [ 42.340072][ C0] ? __kthread_parkme+0x15f/0x220 [ 42.340097][ C0] ? process_one_work+0x1610/0x1610 [ 42.340130][ C0] kthread+0x2e4/0x3a0 [ 42.340154][ C0] ? kthread_complete_and_exit+0x40/0x40 [ 42.340185][ C0] ret_from_fork+0x1f/0x30 [ 42.340226][ C0] [ 42.340234][ C0] [ 42.340239][ C0] Allocated by task 146: [ 42.340250][ C0] kasan_save_stack+0x1e/0x40 [ 42.340282][ C0] __kasan_kmalloc+0xa9/0xd0 [ 42.340311][ C0] si470x_usb_driver_probe+0x51/0xf90 [ 42.340334][ C0] usb_probe_interface+0x30b/0x7f0 [ 42.340357][ C0] really_probe+0x249/0xb90 [ 42.340386][ C0] __driver_probe_device+0x1df/0x4d0 [ 42.340418][ C0] driver_probe_device+0x4c/0x1a0 [ 42.340448][ C0] __device_attach_driver+0x1d0/0x2e0 [ 42.340480][ C0] bus_for_each_drv+0x15f/0x1e0 [ 42.340507][ C0] __device_attach+0x1e4/0x530 [ 42.340537][ C0] bus_probe_device+0x1e4/0x290 [ 42.340565][ C0] device_add+0xbd5/0x1e90 [ 42.340589][ C0] usb_set_configuration+0x1019/0x1900 [ 42.340628][ C0] usb_generic_driver_probe+0xba/0x100 [ 42.340669][ C0] usb_probe_device+0xd4/0x2c0 [ 42.340691][ C0] really_probe+0x249/0xb90 [ 42.340720][ C0] __driver_probe_device+0x1df/0x4d0 [ 42.340751][ C0] driver_probe_device+0x4c/0x1a0 [ 42.340782][ C0] __device_attach_driver+0x1d0/0x2e0 [ 42.340815][ C0] bus_for_each_drv+0x15f/0x1e0 [ 42.340841][ C0] __device_attach+0x1e4/0x530 [ 42.340871][ C0] bus_probe_device+0x1e4/0x290 [ 42.340899][ C0] device_add+0xbd5/0x1e90 [ 42.340923][ C0] usb_new_device.cold+0x685/0x10ad [ 42.340946][ C0] hub_event+0x26c7/0x45e0 [ 42.340974][ C0] process_one_work+0x991/0x1610 [ 42.341003][ C0] worker_thread+0x665/0x1080 [ 42.341031][ C0] kthread+0x2e4/0x3a0 [ 42.341054][ C0] ret_from_fork+0x1f/0x30 [ 42.341085][ C0] [ 42.341089][ C0] Freed by task 146: [ 42.341099][ C0] kasan_save_stack+0x1e/0x40 [ 42.341129][ C0] kasan_set_track+0x21/0x30 [ 42.341157][ C0] kasan_set_free_info+0x20/0x30 [ 42.341193][ C0] ____kasan_slab_free+0x166/0x1c0 [ 42.341223][ C0] slab_free_freelist_hook+0x8b/0x1c0 [ 42.341249][ C0] kfree+0xe2/0x580 [ 42.341273][ C0] si470x_usb_driver_probe+0xb3d/0xf90 [ 42.341296][ C0] usb_probe_interface+0x30b/0x7f0 [ 42.341320][ C0] really_probe+0x249/0xb90 [ 42.341349][ C0] __driver_probe_device+0x1df/0x4d0 [ 42.341380][ C0] driver_probe_device+0x4c/0x1a0 [ 42.341411][ C0] __device_attach_driver+0x1d0/0x2e0 [ 42.341443][ C0] bus_for_each_drv+0x15f/0x1e0 [ 42.341470][ C0] __device_attach+0x1e4/0x530 [ 42.341499][ C0] bus_probe_device+0x1e4/0x290 [ 42.341527][ C0] device_add+0xbd5/0x1e90 [ 42.341551][ C0] usb_set_configuration+0x1019/0x1900 [ 42.341589][ C0] usb_generic_driver_probe+0xba/0x100 [ 42.341626][ C0] usb_probe_device+0xd4/0x2c0 [ 42.341652][ C0] really_probe+0x249/0xb90 [ 42.341684][ C0] __driver_probe_device+0x1df/0x4d0 [ 42.341712][ C0] driver_probe_device+0x4c/0x1a0 [ 42.341743][ C0] __device_attach_driver+0x1d0/0x2e0 [ 42.341775][ C0] bus_for_each_drv+0x15f/0x1e0 [ 42.341802][ C0] __device_attach+0x1e4/0x530 [ 42.341832][ C0] bus_probe_device+0x1e4/0x290 [ 42.341861][ C0] device_add+0xbd5/0x1e90 [ 42.341884][ C0] usb_new_device.cold+0x685/0x10ad [ 42.341908][ C0] hub_event+0x26c7/0x45e0 [ 42.341936][ C0] process_one_work+0x991/0x1610 [ 42.341965][ C0] worker_thread+0x665/0x1080 [ 42.341994][ C0] kthread+0x2e4/0x3a0 [ 42.342016][ C0] ret_from_fork+0x1f/0x30 [ 42.342048][ C0] [ 42.342052][ C0] The buggy address belongs to the object at ffff88807e47c000 [ 42.342052][ C0] which belongs to the cache kmalloc-4k of size 4096 [ 42.342071][ C0] The buggy address is located 2752 bytes inside of [ 42.342071][ C0] 4096-byte region [ffff88807e47c000, ffff88807e47d000) [ 42.342095][ C0] [ 42.342099][ C0] The buggy address belongs to the physical page: [ 42.342107][ C0] page:ffffea0001f91e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7e478 [ 42.342134][ C0] head:ffffea0001f91e00 order:3 compound_mapcount:0 compound_pincount:0 [ 42.342152][ C0] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 42.342187][ C0] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888011842140 [ 42.342210][ C0] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000 [ 42.342223][ C0] page dumped because: kasan: bad access detected [ 42.342233][ C0] page_owner tracks the page as allocated [ 42.342240][ C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3606, tgid 3606 (syz-executor179), ts 41299997629, free_ts 41143973738 [ 42.342284][ C0] get_page_from_freelist+0x109b/0x2ce0 [ 42.342322][ C0] __alloc_pages+0x1c7/0x510 [ 42.342357][ C0] alloc_pages+0x1a6/0x270 [ 42.342387][ C0] allocate_slab+0x27e/0x3d0 [ 42.342411][ C0] ___slab_alloc+0x84f/0xe80 [ 42.342437][ C0] __slab_alloc.constprop.0+0x4d/0xa0 [ 42.342466][ C0] __kmalloc+0x32b/0x340 [ 42.342492][ C0] tomoyo_realpath_from_path+0xbf/0x600 [ 42.342525][ C0] tomoyo_path_number_perm+0x205/0x550 [ 42.342555][ C0] security_file_ioctl+0x50/0xb0 [ 42.342578][ C0] __x64_sys_ioctl+0xb3/0x200 [ 42.342604][ C0] do_syscall_64+0x35/0xb0 [ 42.342639][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 42.342667][ C0] page last free stack trace: [ 42.342673][ C0] free_pcp_prepare+0x5e4/0xd20 [ 42.342706][ C0] free_unref_page+0x19/0x4d0 [ 42.342739][ C0] __unfreeze_partials+0x17c/0x1a0 [ 42.342767][ C0] qlist_free_all+0x6a/0x170 [ 42.342803][ C0] kasan_quarantine_reduce+0x180/0x200 [ 42.342842][ C0] __kasan_slab_alloc+0xa2/0xc0 [ 42.342873][ C0] kmem_cache_alloc_node+0x2b1/0x3f0 [ 42.342902][ C0] __alloc_skb+0x210/0x2f0 [ 42.342937][ C0] alloc_skb_with_frags+0x93/0x6c0 [ 42.342962][ C0] sock_alloc_send_pskb+0x7a3/0x930 [ 42.342993][ C0] mld_newpack.isra.0+0x1b9/0x770 [ 42.343029][ C0] add_grhead+0x295/0x340 [ 42.343065][ C0] add_grec+0x1082/0x1560 [ 42.343100][ C0] mld_send_initial_cr.part.0+0xf6/0x230 [ 42.343139][ C0] ipv6_mc_dad_complete+0x1d0/0x690 [ 42.343163][ C0] addrconf_dad_completed+0x9e8/0xd80 [ 42.343193][ C0] [ 42.343197][ C0] Memory state around the buggy address: [ 42.343208][ C0] ffff88807e47c980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 42.343225][ C0] ffff88807e47ca00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 42.343241][ C0] >ffff88807e47ca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 42.343254][ C0] ^ [ 42.343267][ C0] ffff88807e47cb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 42.343283][ C0] ffff88807e47cb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 42.343295][ C0] ================================================================== [ 42.343305][ C0] Kernel panic - not syncing: panic_on_warn set ... [ 42.343314][ C0] CPU: 0 PID: 146 Comm: kworker/0:2 Not tainted 6.0.0-syzkaller-09039-ga6afa4199d3d #0 [ 42.343341][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 42.343356][ C0] Workqueue: usb_hub_wq hub_event [ 42.343385][ C0] Call Trace: [ 42.343392][ C0] [ 42.343399][ C0] dump_stack_lvl+0xcd/0x134 [ 42.343426][ C0] panic+0x2c8/0x622 [ 42.343461][ C0] ? panic_print_sys_info.part.0+0x10b/0x10b [ 42.343506][ C0] ? print_report.cold+0x4f6/0x719 [ 42.343548][ C0] ? si470x_int_in_callback.cold+0x96/0xbf [ 42.343580][ C0] end_report.part.0+0x3f/0x7c [ 42.343618][ C0] kasan_report.cold+0xa/0xf [ 42.343663][ C0] ? si470x_int_in_callback.cold+0x96/0xbf [ 42.343697][ C0] si470x_int_in_callback.cold+0x96/0xbf [ 42.343729][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 42.343756][ C0] ? lock_acquire+0x480/0x570 [ 42.343781][ C0] ? si470x_fops_read+0x7a0/0x7a0 [ 42.343822][ C0] ? usb_hcd_unmap_urb_for_dma+0x105/0x6d0 [ 42.343860][ C0] __usb_hcd_giveback_urb+0x2b0/0x5c0 [ 42.343898][ C0] usb_hcd_giveback_urb+0x380/0x430 [ 42.343935][ C0] dummy_timer+0x11ff/0x32c0 [ 42.343964][ C0] ? rcu_read_lock_sched_held+0xd/0x70 [ 42.344003][ C0] ? lock_release+0x560/0x780 [ 42.344026][ C0] ? __wake_up_common_lock+0xde/0x130 [ 42.344052][ C0] ? lock_downgrade+0x6e0/0x6e0 [ 42.344077][ C0] ? rcu_read_lock_sched_held+0xd/0x70 [ 42.344115][ C0] ? rcu_read_lock_sched_held+0xd/0x70 [ 42.344153][ C0] ? lock_acquire+0x480/0x570 [ 42.344178][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 42.344205][ C0] ? dummy_dequeue+0x500/0x500 [ 42.344229][ C0] ? scheduler_tick+0x25f/0x5e0 [ 42.344260][ C0] ? dummy_dequeue+0x500/0x500 [ 42.344284][ C0] call_timer_fn+0x1a0/0x6b0 [ 42.344313][ C0] ? timer_fixup_activate+0x350/0x350 [ 42.344343][ C0] ? lock_downgrade+0x6e0/0x6e0 [ 42.344369][ C0] ? __next_timer_interrupt+0x244/0x2c0 [ 42.344398][ C0] ? dummy_dequeue+0x500/0x500 [ 42.344422][ C0] ? dummy_dequeue+0x500/0x500 [ 42.344445][ C0] ? dummy_dequeue+0x500/0x500 [ 42.344470][ C0] __run_timers.part.0+0x674/0xa80 [ 42.344505][ C0] ? call_timer_fn+0x6b0/0x6b0 [ 42.344535][ C0] ? set_next_task_stop+0x140/0x140 [ 42.344560][ C0] ? kvm_sched_clock_read+0x14/0x40 [ 42.344587][ C0] ? sched_clock_cpu+0x69/0x2b0 [ 42.344615][ C0] run_timer_softirq+0xb3/0x1d0 [ 42.344652][ C0] __do_softirq+0x1d0/0x9c8 [ 42.344689][ C0] __irq_exit_rcu+0x123/0x180 [ 42.344715][ C0] irq_exit_rcu+0x5/0x20 [ 42.344739][ C0] sysvec_apic_timer_interrupt+0x93/0xc0 [ 42.344779][ C0] [ 42.344786][ C0] [ 42.344794][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 42.344825][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 [ 42.344862][ C0] Code: 48 89 ef 5d e9 81 73 4c 00 5d be 03 00 00 00 e9 26 0b 84 02 66 0f 1f 44 00 00 48 8b be a8 01 00 00 e8 b4 ff ff ff 31 c0 c3 90 <65> 8b 05 09 58 87 7e 89 c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b [ 42.344887][ C0] RSP: 0018:ffffc90002ddee70 EFLAGS: 00000293 [ 42.344906][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 42.344922][ C0] RDX: ffff88801bbe5880 RSI: ffffffff8160b515 RDI: 0000000000000007 [ 42.344939][ C0] RBP: ffffc90002ddf018 R08: 0000000000000007 R09: 0000000000000000 [ 42.344954][ C0] R10: 0000000000000200 R11: 69732d6f69646172 R12: 0000000000000001 [ 42.344970][ C0] R13: ffffffff91198da0 R14: 0000000000000200 R15: ffffffff8ca36a58 [ 42.344992][ C0] ? console_emit_next_record.constprop.0+0x4f5/0x840 [ 42.345024][ C0] console_emit_next_record.constprop.0+0x4fb/0x840 [ 42.345055][ C0] ? devkmsg_read+0x730/0x730 [ 42.345085][ C0] ? rcu_read_lock_sched_held+0xd/0x70 [ 42.345139][ C0] ? lock_acquire+0x480/0x570 [ 42.345163][ C0] ? lock_release+0x780/0x780 [ 42.345188][ C0] console_unlock+0x37a/0x5a0 [ 42.345213][ C0] ? console_emit_next_record.constprop.0+0x840/0x840 [ 42.345244][ C0] ? vprintk+0x80/0x90 [ 42.345271][ C0] vprintk_emit+0x1b9/0x5f0 [ 42.345298][ C0] vprintk+0x80/0x90 [ 42.345323][ C0] _printk+0xba/0xed [ 42.345353][ C0] ? record_print_text.cold+0x16/0x16 [ 42.345386][ C0] ? rpm_drop_usage_count+0x46/0x80 [ 42.345415][ C0] ? __pm_runtime_suspend+0xd0/0x2d0 [ 42.345447][ C0] ? usb_probe_interface+0x3b5/0x7f0 [ 42.345476][ C0] really_probe.cold+0x69/0x175 [ 42.345518][ C0] __driver_probe_device+0x1df/0x4d0 [ 42.345551][ C0] ? usb_match_id.part.0+0x15d/0x1b0 [ 42.345578][ C0] driver_probe_device+0x4c/0x1a0 [ 42.345612][ C0] __device_attach_driver+0x1d0/0x2e0 [ 42.345652][ C0] ? driver_allows_async_probing+0x170/0x170 [ 42.345687][ C0] bus_for_each_drv+0x15f/0x1e0 [ 42.345717][ C0] ? bus_for_each_dev+0x1d0/0x1d0 [ 42.345746][ C0] ? trace_hardirqs_on+0x2d/0x120 [ 42.345784][ C0] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 42.345813][ C0] __device_attach+0x1e4/0x530 [ 42.345845][ C0] ? device_driver_attach+0x210/0x210 [ 42.345881][ C0] ? kobject_uevent_env+0x2a7/0x1640 [ 42.345920][ C0] bus_probe_device+0x1e4/0x290 [ 42.345952][ C0] device_add+0xbd5/0x1e90 [ 42.345980][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 42.346007][ C0] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 42.346039][ C0] ? trace_hardirqs_on+0x2d/0x120 [ 42.346080][ C0] usb_set_configuration+0x1019/0x1900 [ 42.346130][ C0] usb_generic_driver_probe+0xba/0x100 [ 42.346168][ C0] usb_probe_device+0xd4/0x2c0 [ 42.346193][ C0] ? usb_driver_release_interface+0x180/0x180 [ 42.346220][ C0] really_probe+0x249/0xb90 [ 42.346254][ C0] __driver_probe_device+0x1df/0x4d0 [ 42.346299][ C0] driver_probe_device+0x4c/0x1a0 [ 42.346332][ C0] __device_attach_driver+0x1d0/0x2e0 [ 42.346368][ C0] ? driver_allows_async_probing+0x170/0x170 [ 42.346403][ C0] bus_for_each_drv+0x15f/0x1e0 [ 42.346432][ C0] ? bus_for_each_dev+0x1d0/0x1d0 [ 42.346461][ C0] ? trace_hardirqs_on+0x2d/0x120 [ 42.346505][ C0] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 42.346534][ C0] __device_attach+0x1e4/0x530 [ 42.346567][ C0] ? device_driver_attach+0x210/0x210 [ 42.346602][ C0] ? kobject_uevent_env+0x2a7/0x1640 [ 42.346646][ C0] bus_probe_device+0x1e4/0x290 [ 42.346679][ C0] device_add+0xbd5/0x1e90 [ 42.346707][ C0] ? usb_match_device+0xd4/0x550 [ 42.346732][ C0] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0 [ 42.346761][ C0] ? usb_detect_static_quirks+0x305/0x3b0 [ 42.346805][ C0] usb_new_device.cold+0x685/0x10ad [ 42.346835][ C0] ? do_raw_spin_lock+0x120/0x2a0 [ 42.346862][ C0] ? hub_disconnect+0x510/0x510 [ 42.346892][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 42.346922][ C0] hub_event+0x26c7/0x45e0 [ 42.346966][ C0] ? hub_port_debounce+0x3b0/0x3b0 [ 42.346998][ C0] ? trace_event_raw_event_irq_matrix_cpu+0x260/0x5a0 [ 42.347035][ C0] ? lock_acquire+0x480/0x570 [ 42.347059][ C0] ? lock_release+0x780/0x780 [ 42.347082][ C0] ? lock_downgrade+0x6e0/0x6e0 [ 42.347105][ C0] ? do_raw_spin_lock+0x120/0x2a0 [ 42.347133][ C0] ? read_word_at_a_time+0xe/0x20 [ 42.347159][ C0] ? strscpy+0xa1/0x2a0 [ 42.347187][ C0] process_one_work+0x991/0x1610 [ 42.347222][ C0] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 42.347257][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 42.347288][ C0] worker_thread+0x665/0x1080 [ 42.347323][ C0] ? __kthread_parkme+0x15f/0x220 [ 42.347348][ C0] ? process_one_work+0x1610/0x1610 [ 42.347380][ C0] kthread+0x2e4/0x3a0 [ 42.347404][ C0] ? kthread_complete_and_exit+0x40/0x40 [ 42.347433][ C0] ret_from_fork+0x1f/0x30 [ 42.347474][ C0] [ 42.347664][ C0] Kernel Offset: disabled [ 44.464855][ C0] Rebooting in 86400 seconds..