./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1692717204

<...>
Warning: Permanently added '10.128.15.195' (ECDSA) to the list of known hosts.
execve("./syz-executor1692717204", ["./syz-executor1692717204"], 0x7ffdea4088d0 /* 10 vars */) = 0
brk(NULL)                               = 0x555556ed4000
brk(0x555556ed4d00)                     = 0x555556ed4d00
arch_prctl(ARCH_SET_FS, 0x555556ed43c0) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1692717204", 4096) = 28
brk(0x555556ef5d00)                     = 0x555556ef5d00
brk(0x555556ef6000)                     = 0x555556ef6000
mprotect(0x7fc4c2123000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGSEGV, {sa_handler=0x7fc4c2073030, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7fc4c2074970}, NULL, 8) = 0
rt_sigaction(SIGBUS, {sa_handler=0x7fc4c2073030, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7fc4c2074970}, NULL, 8) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ed4690) = 3606
./strace-static-x86_64: Process 3606 attached
[pid  3606] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3606] setpgid(0, 0)               = 0
[pid  3606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3606] write(3, "1000", 4)         = 4
[pid  3606] close(3)                    = 0
[pid  3606] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid  3606] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc97a7cda0) = 0
[pid  3606] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid  3606] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[   41.841476][   T27] audit: type=1400 audit(1666001727.585:75): avc:  denied  { execmem } for  pid=3605 comm="syz-executor169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   41.865313][   T27] audit: type=1400 audit(1666001727.605:76): avc:  denied  { read write } for  pid=3606 comm="syz-executor169" name="raw-gadget" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   41.889844][   T27] audit: type=1400 audit(1666001727.605:77): avc:  denied  { open } for  pid=3606 comm="syz-executor169" path="/dev/raw-gadget" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   41.913820][   T27] audit: type=1400 audit(1666001727.605:78): avc:  denied  { ioctl } for  pid=3606 comm="syz-executor169" path="/dev/raw-gadget" dev="devtmpfs" ino=730 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[pid  3606] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3606] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 18
[   42.128470][ T3269] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[pid  3606] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3606] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 18
[   42.378445][ T3269] usb 1-1: Using ep0 maxpacket: 16
[pid  3606] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3606] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 9
[pid  3606] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3606] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 27
[pid  3606] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3606] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 4
[   42.498596][ T3269] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[pid  3606] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3606] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 8
[pid  3606] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3606] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 8
[pid  3606] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3606] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 8
[pid  3606] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3606] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0
[pid  3606] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid  3606] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fc4c212946c) = 12
[   42.668526][ T3269] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=b6.8f
[   42.677567][ T3269] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   42.685967][ T3269] usb 1-1: Product: syz
[   42.690249][ T3269] usb 1-1: Manufacturer: syz
[   42.694851][ T3269] usb 1-1: SerialNumber: syz
[   42.707145][ T3269] usb 1-1: config 0 descriptor??
[pid  3606] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc97a7bd90) = 0
[   42.751030][ T3269] cm109 1-1:0.0: invalid payload size 250, expected 4
[   42.764614][ T3269] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input5
[pid  3606] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cdc0) = 0
[pid  3606] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc97a7bdb0) = 4
[pid  3606] openat(AT_FDCWD, "/dev/char/4:1", O_RDWR) = 4
[pid  3606] write(4, "\x1b\x9b\x07\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x38\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 120) = 120
[pid  3606] exit_group(0)               = ?
[pid  3606] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3606, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ed4690) = 3610
./strace-static-x86_64: Process 3610 attached
[pid  3610] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3610] setpgid(0, 0)               = 0
[pid  3610] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3610] write(3, "1000", 4)         = 4
[pid  3610] close(3)                    = 0
[pid  3610] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid  3610] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc97a7cda0) = 0
[pid  3610] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid  3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[   43.175585][ T3269] usb 1-1: USB disconnect, device number 2
[   43.188466][    C0] cm109 1-1:0.0: cm109_urb_ctl_callback: urb status -71
[   43.195425][    C0] cm109 1-1:0.0: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[   43.205194][ T3269] cm109 1-1:0.0: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[pid  3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 18
[   43.568462][ T3269] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[pid  3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 18
[   43.808454][ T3269] usb 1-1: Using ep0 maxpacket: 16
[pid  3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 9
[pid  3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 27
[pid  3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 4
[   43.928661][ T3269] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[pid  3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 8
[pid  3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 8
[pid  3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc97a7bd90) = 8
[pid  3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cda0) = 0
[pid  3610] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0
[pid  3610] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid  3610] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7fc4c212946c) = 12
[pid  3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc97a7bd90) = 0
[   44.098530][ T3269] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=b6.8f
[   44.107569][ T3269] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   44.116248][ T3269] usb 1-1: Product: syz
[   44.120493][ T3269] usb 1-1: Manufacturer: syz
[   44.125091][ T3269] usb 1-1: SerialNumber: syz
[   44.130922][ T3269] usb 1-1: config 0 descriptor??
[   44.170092][ T3269] cm109 1-1:0.0: invalid payload size 250, expected 4
[   44.177642][ T3269] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input6
[pid  3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc97a7cdc0) = 0
[pid  3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc97a7bdb0) = 4
[pid  3610] openat(AT_FDCWD, "/dev/char/4:1", O_RDWR) = 4
[pid  3610] write(4, "\x1b\x9b\x07\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x38\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 120) = 120
[pid  3610] exit_group(0)               = ?
[   44.592363][ T3269] usb 1-1: USB disconnect, device number 3
[   44.598451][    C0] cm109 1-1:0.0: cm109_urb_irq_callback: urb status -71
[   44.605396][    C0] ------------[ cut here ]------------
[   44.610844][    C0] URB ffff8880171d1b00 submitted while active
[   44.617328][    C0] WARNING: CPU: 0 PID: 3269 at drivers/usb/core/urb.c:378 usb_submit_urb+0x14e8/0x1880
[   44.626963][    C0] Modules linked in:
[   44.630839][    C0] CPU: 0 PID: 3269 Comm: kworker/0:3 Not tainted 6.0.0-syzkaller-09589-g55be6084c8e0 #0
[   44.640534][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   44.650574][    C0] Workqueue: usb_hub_wq hub_event
[   44.655589][    C0] RIP: 0010:usb_submit_urb+0x14e8/0x1880
[   44.661218][    C0] Code: 89 de e8 8b 06 e9 fb 84 db 0f 85 a3 f3 ff ff e8 fe 09 e9 fb 4c 89 fe 48 c7 c7 00 6a 91 8a c6 05 25 0d 39 08 01 e8 d7 8b ac 03 <0f> 0b e9 81 f3 ff ff 48 89 7c 24 40 e8 d7 09 e9 fb 48 8b 7c 24 40
[   44.680832][    C0] RSP: 0018:ffffc900000079d8 EFLAGS: 00010086
[   44.686882][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   44.694843][    C0] RDX: ffff88807bd201c0 RSI: ffffffff81605668 RDI: fffff52000000f2d
[   44.702821][    C0] RBP: ffff88801fd9fb80 R08: 0000000000000005 R09: 0000000000000000
[   44.710794][    C0] R10: 0000000000000101 R11: 6666666620425255 R12: 0000000000000046
[   44.718761][    C0] R13: ffff88802008d058 R14: 00000000fffffff0 R15: ffff8880171d1b00
[   44.726743][    C0] FS:  0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
[   44.735674][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   44.742259][    C0] CR2: 00007fc4c20f9b68 CR3: 000000000bc8e000 CR4: 00000000003506f0
[   44.750231][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   44.758200][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   44.766168][    C0] Call Trace:
[   44.769440][    C0]  <IRQ>
[   44.772278][    C0]  ? _raw_spin_unlock_irqrestore+0x3d/0x70
[   44.778094][    C0]  cm109_urb_irq_callback+0x2e6/0xaa0
[   44.783481][    C0]  __usb_hcd_giveback_urb+0x2b0/0x5c0
[   44.788864][    C0]  usb_hcd_giveback_urb+0x380/0x430
[   44.794072][    C0]  dummy_timer+0x11ff/0x32c0
[   44.798662][    C0]  ? rcu_read_lock_sched_held+0xd/0x70
[   44.804135][    C0]  ? lock_release+0x560/0x780
[   44.808808][    C0]  ? debug_check_no_obj_freed+0x20c/0x420
[   44.814539][    C0]  ? __wake_up_common_lock+0xde/0x130
[   44.819911][    C0]  ? lock_downgrade+0x6e0/0x6e0
[   44.824759][    C0]  ? rcu_read_lock_sched_held+0xd/0x70
[   44.830227][    C0]  ? rcu_read_lock_sched_held+0xd/0x70
[   44.835697][    C0]  ? lock_acquire+0x480/0x570
[   44.840372][    C0]  ? rwlock_bug.part.0+0x90/0x90
[   44.845311][    C0]  ? dummy_dequeue+0x500/0x500
[   44.850086][    C0]  ? scheduler_tick+0x25f/0x5e0
[   44.854939][    C0]  ? dummy_dequeue+0x500/0x500
[   44.859717][    C0]  call_timer_fn+0x1a0/0x6b0
[   44.864310][    C0]  ? timer_fixup_activate+0x350/0x350
[   44.869684][    C0]  ? lock_downgrade+0x6e0/0x6e0
[   44.874535][    C0]  ? __next_timer_interrupt+0x244/0x2c0
[   44.880088][    C0]  ? dummy_dequeue+0x500/0x500
[   44.884868][    C0]  ? dummy_dequeue+0x500/0x500
[   44.889642][    C0]  ? dummy_dequeue+0x500/0x500
[   44.894419][    C0]  __run_timers.part.0+0x674/0xa80
[   44.899536][    C0]  ? call_timer_fn+0x6b0/0x6b0
[   44.904300][    C0]  ? prepare_to_wait+0x370/0x370
[   44.909237][    C0]  ? kvm_sched_clock_read+0x14/0x40
[   44.914438][    C0]  ? sched_clock_cpu+0x69/0x2b0
[   44.919289][    C0]  run_timer_softirq+0xb3/0x1d0
[   44.924141][    C0]  __do_softirq+0x1d0/0x9c8
[   44.928660][    C0]  __irq_exit_rcu+0x123/0x180
[   44.933339][    C0]  irq_exit_rcu+0x5/0x20
[   44.937581][    C0]  sysvec_apic_timer_interrupt+0x93/0xc0
[   44.943217][    C0]  </IRQ>
[   44.946141][    C0]  <TASK>
[   44.949063][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[   44.955060][    C0] RIP: 0010:kasan_check_range+0x16/0x180
[   44.960699][    C0] Code: ff ff 89 43 08 5b 5d c3 66 66 2e 0f 1f 84 00 00 00 00 00 90 48 85 f6 0f 84 3c 01 00 00 49 89 f9 41 54 44 0f b6 c2 49 01 f1 55 <53> 0f 82 18 01 00 00 48 b8 ff ff ff ff ff 7f ff ff 48 39 c7 0f 86
[   44.980304][    C0] RSP: 0018:ffffc900030cf750 EFLAGS: 00000286
[   44.986370][    C0] RAX: 0000000000000000 RBX: ffff8880174191d0 RCX: ffffffff81fc4941
[   44.994338][    C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff8880174191d0
[   45.002307][    C0] RBP: ffff8880174191d0 R08: 0000000000000001 R09: ffff8880174191d4
[   45.010275][    C0] R10: 0000000000000002 R11: 000000000008c07d R12: dffffc0000000000
[   45.018241][    C0] R13: ffff8880174191d0 R14: 0000000000000000 R15: ffff888017419210
[   45.026212][    C0]  ? kernfs_put+0x21/0x50
[   45.030550][    C0]  kernfs_put+0x21/0x50
[   45.034708][    C0]  __kernfs_remove+0x456/0x600
[   45.039479][    C0]  kernfs_remove_by_name_ns+0xb0/0x120
[   45.044950][    C0]  remove_files+0x96/0x1c0
[   45.049387][    C0]  sysfs_remove_group+0x87/0x170
[   45.054335][    C0]  sysfs_remove_groups+0x5c/0xa0
[   45.059283][    C0]  device_remove_attrs+0x192/0x290
[   45.064403][    C0]  ? device_remove_file+0x30/0x30
[   45.069435][    C0]  device_del+0x4eb/0xc80
[   45.073774][    C0]  ? __device_link_del+0x380/0x380
[   45.078895][    C0]  ? kobject_put+0x1e4/0x4c0
[   45.083489][    C0]  usb_disable_device+0x356/0x7a0
[   45.088528][    C0]  usb_disconnect.cold+0x259/0x6ed
[   45.093645][    C0]  hub_event+0x1f86/0x45e0
[   45.098071][    C0]  ? rwlock_bug.part.0+0x90/0x90
[   45.103008][    C0]  ? do_raw_spin_unlock+0x171/0x230
[   45.108207][    C0]  ? hub_port_debounce+0x3b0/0x3b0
[   45.113321][    C0]  ? cblist_init_generic+0x81/0x6a0
[   45.118529][    C0]  ? lock_acquire+0x480/0x570
[   45.123205][    C0]  ? lock_release+0x780/0x780
[   45.127879][    C0]  ? lock_downgrade+0x6e0/0x6e0
[   45.132728][    C0]  ? do_raw_spin_lock+0x120/0x2a0
[   45.137753][    C0]  ? read_word_at_a_time+0xe/0x20
[   45.142786][    C0]  ? strscpy+0xa1/0x2a0
[   45.146951][    C0]  process_one_work+0x991/0x1610
[   45.151901][    C0]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[   45.157278][    C0]  ? rwlock_bug.part.0+0x90/0x90
[   45.162218][    C0]  worker_thread+0x665/0x1080
[   45.166901][    C0]  ? __kthread_parkme+0x15f/0x220
[   45.171944][    C0]  ? process_one_work+0x1610/0x1610
[   45.177153][    C0]  kthread+0x2e4/0x3a0
[   45.181222][    C0]  ? kthread_complete_and_exit+0x40/0x40
[   45.186857][    C0]  ret_from_fork+0x1f/0x30
[   45.191289][    C0]  </TASK>
[   45.194303][    C0] Kernel panic - not syncing: panic_on_warn set ...
[   45.200879][    C0] CPU: 0 PID: 3269 Comm: kworker/0:3 Not tainted 6.0.0-syzkaller-09589-g55be6084c8e0 #0
[   45.210591][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   45.220652][    C0] Workqueue: usb_hub_wq hub_event
[   45.225701][    C0] Call Trace:
[   45.228983][    C0]  <IRQ>
[   45.231825][    C0]  dump_stack_lvl+0xcd/0x134
[   45.236434][    C0]  panic+0x2c8/0x622
[   45.240347][    C0]  ? panic_print_sys_info.part.0+0x10b/0x10b
[   45.246341][    C0]  ? __warn.cold+0x248/0x2c4
[   45.250942][    C0]  ? usb_submit_urb+0x14e8/0x1880
[   45.255985][    C0]  __warn.cold+0x259/0x2c4
[   45.260413][    C0]  ? usb_submit_urb+0x14e8/0x1880
[   45.265448][    C0]  report_bug+0x1bc/0x210
[   45.269793][    C0]  handle_bug+0x3c/0x70
[   45.273970][    C0]  exc_invalid_op+0x14/0x40
[   45.278485][    C0]  asm_exc_invalid_op+0x16/0x20
[   45.283348][    C0] RIP: 0010:usb_submit_urb+0x14e8/0x1880
[   45.288996][    C0] Code: 89 de e8 8b 06 e9 fb 84 db 0f 85 a3 f3 ff ff e8 fe 09 e9 fb 4c 89 fe 48 c7 c7 00 6a 91 8a c6 05 25 0d 39 08 01 e8 d7 8b ac 03 <0f> 0b e9 81 f3 ff ff 48 89 7c 24 40 e8 d7 09 e9 fb 48 8b 7c 24 40
[   45.308607][    C0] RSP: 0018:ffffc900000079d8 EFLAGS: 00010086
[   45.314678][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   45.322647][    C0] RDX: ffff88807bd201c0 RSI: ffffffff81605668 RDI: fffff52000000f2d
[   45.330617][    C0] RBP: ffff88801fd9fb80 R08: 0000000000000005 R09: 0000000000000000
[   45.338585][    C0] R10: 0000000000000101 R11: 6666666620425255 R12: 0000000000000046
[   45.346615][    C0] R13: ffff88802008d058 R14: 00000000fffffff0 R15: ffff8880171d1b00
[   45.354593][    C0]  ? vprintk+0x88/0x90
[   45.358665][    C0]  ? usb_submit_urb+0x14e8/0x1880
[   45.363696][    C0]  ? _raw_spin_unlock_irqrestore+0x3d/0x70
[   45.369523][    C0]  cm109_urb_irq_callback+0x2e6/0xaa0
[   45.374923][    C0]  __usb_hcd_giveback_urb+0x2b0/0x5c0
[   45.380307][    C0]  usb_hcd_giveback_urb+0x380/0x430
[   45.385520][    C0]  dummy_timer+0x11ff/0x32c0
[   45.390118][    C0]  ? rcu_read_lock_sched_held+0xd/0x70
[   45.395592][    C0]  ? lock_release+0x560/0x780
[   45.400270][    C0]  ? debug_check_no_obj_freed+0x20c/0x420
[   45.406008][    C0]  ? __wake_up_common_lock+0xde/0x130
[   45.411385][    C0]  ? lock_downgrade+0x6e0/0x6e0
[   45.416238][    C0]  ? rcu_read_lock_sched_held+0xd/0x70
[   45.421712][    C0]  ? rcu_read_lock_sched_held+0xd/0x70
[   45.427187][    C0]  ? lock_acquire+0x480/0x570
[   45.431871][    C0]  ? rwlock_bug.part.0+0x90/0x90
[   45.436814][    C0]  ? dummy_dequeue+0x500/0x500
[   45.441594][    C0]  ? scheduler_tick+0x25f/0x5e0
[   45.446447][    C0]  ? dummy_dequeue+0x500/0x500
[   45.451222][    C0]  call_timer_fn+0x1a0/0x6b0
[   45.455817][    C0]  ? timer_fixup_activate+0x350/0x350
[   45.461191][    C0]  ? lock_downgrade+0x6e0/0x6e0
[   45.466044][    C0]  ? __next_timer_interrupt+0x244/0x2c0
[   45.471680][    C0]  ? dummy_dequeue+0x500/0x500
[   45.476458][    C0]  ? dummy_dequeue+0x500/0x500
[   45.481233][    C0]  ? dummy_dequeue+0x500/0x500
[   45.486011][    C0]  __run_timers.part.0+0x674/0xa80
[   45.491127][    C0]  ? call_timer_fn+0x6b0/0x6b0
[   45.495894][    C0]  ? prepare_to_wait+0x370/0x370
[   45.500833][    C0]  ? kvm_sched_clock_read+0x14/0x40
[   45.506037][    C0]  ? sched_clock_cpu+0x69/0x2b0
[   45.510885][    C0]  run_timer_softirq+0xb3/0x1d0
[   45.515739][    C0]  __do_softirq+0x1d0/0x9c8
[   45.520254][    C0]  __irq_exit_rcu+0x123/0x180
[   45.524932][    C0]  irq_exit_rcu+0x5/0x20
[   45.529174][    C0]  sysvec_apic_timer_interrupt+0x93/0xc0
[   45.534808][    C0]  </IRQ>
[   45.537743][    C0]  <TASK>
[   45.540668][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[   45.546657][    C0] RIP: 0010:kasan_check_range+0x16/0x180
[   45.552295][    C0] Code: ff ff 89 43 08 5b 5d c3 66 66 2e 0f 1f 84 00 00 00 00 00 90 48 85 f6 0f 84 3c 01 00 00 49 89 f9 41 54 44 0f b6 c2 49 01 f1 55 <53> 0f 82 18 01 00 00 48 b8 ff ff ff ff ff 7f ff ff 48 39 c7 0f 86
[   45.571904][    C0] RSP: 0018:ffffc900030cf750 EFLAGS: 00000286
[   45.577971][    C0] RAX: 0000000000000000 RBX: ffff8880174191d0 RCX: ffffffff81fc4941
[   45.585940][    C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff8880174191d0
[   45.593907][    C0] RBP: ffff8880174191d0 R08: 0000000000000001 R09: ffff8880174191d4
[   45.601881][    C0] R10: 0000000000000002 R11: 000000000008c07d R12: dffffc0000000000
[   45.609848][    C0] R13: ffff8880174191d0 R14: 0000000000000000 R15: ffff888017419210
[   45.617821][    C0]  ? kernfs_put+0x21/0x50
[   45.622157][    C0]  kernfs_put+0x21/0x50
[   45.626316][    C0]  __kernfs_remove+0x456/0x600
[   45.631084][    C0]  kernfs_remove_by_name_ns+0xb0/0x120
[   45.636561][    C0]  remove_files+0x96/0x1c0
[   45.640987][    C0]  sysfs_remove_group+0x87/0x170
[   45.645939][    C0]  sysfs_remove_groups+0x5c/0xa0
[   45.650890][    C0]  device_remove_attrs+0x192/0x290
[   45.656009][    C0]  ? device_remove_file+0x30/0x30
[   45.661040][    C0]  device_del+0x4eb/0xc80
[   45.665383][    C0]  ? __device_link_del+0x380/0x380
[   45.670505][    C0]  ? kobject_put+0x1e4/0x4c0
[   45.675099][    C0]  usb_disable_device+0x356/0x7a0
[   45.680139][    C0]  usb_disconnect.cold+0x259/0x6ed
[   45.685258][    C0]  hub_event+0x1f86/0x45e0
[   45.689685][    C0]  ? rwlock_bug.part.0+0x90/0x90
[   45.694626][    C0]  ? do_raw_spin_unlock+0x171/0x230
[   45.699825][    C0]  ? hub_port_debounce+0x3b0/0x3b0
[   45.704941][    C0]  ? cblist_init_generic+0x81/0x6a0
[   45.710148][    C0]  ? lock_acquire+0x480/0x570
[   45.714823][    C0]  ? lock_release+0x780/0x780
[   45.719498][    C0]  ? lock_downgrade+0x6e0/0x6e0
[   45.724349][    C0]  ? do_raw_spin_lock+0x120/0x2a0
[   45.729383][    C0]  ? read_word_at_a_time+0xe/0x20
[   45.734417][    C0]  ? strscpy+0xa1/0x2a0
[   45.738582][    C0]  process_one_work+0x991/0x1610
[   45.743526][    C0]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[   45.748906][    C0]  ? rwlock_bug.part.0+0x90/0x90
[   45.753842][    C0]  worker_thread+0x665/0x1080
[   45.758524][    C0]  ? __kthread_parkme+0x15f/0x220
[   45.763547][    C0]  ? process_one_work+0x1610/0x1610
[   45.768749][    C0]  kthread+0x2e4/0x3a0
[   45.772818][    C0]  ? kthread_complete_and_exit+0x40/0x40
[   45.778451][    C0]  ret_from_fork+0x1f/0x30
[   45.782880][    C0]  </TASK>
[   45.785953][    C0] Kernel Offset: disabled
[   45.790265][    C0] Rebooting in 86400 seconds..