[ 51.890887][ T38] audit: type=1400 audit(1647856042.028:73): avc: denied { transition } for pid=3604 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 51.932253][ T38] audit: type=1400 audit(1647856042.028:74): avc: denied { write } for pid=3604 comm="sh" path="pipe:[936]" dev="pipefs" ino=936 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1
Warning: Permanently added '[localhost]:29630' (ECDSA) to the list of known hosts.
executing program
[ 54.424992][ T38] audit: type=1400 audit(1647856044.558:75): avc: denied { execute } for pid=3660 comm="sh" name="syz-executor310824434" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[ 54.452426][ T38] audit: type=1400 audit(1647856044.568:76): avc: denied { execute_no_trans } for pid=3660 comm="sh" path="/syz-executor310824434" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[ 54.479467][ T38] audit: type=1400 audit(1647856044.578:77): avc: denied { execmem } for pid=3660 comm="syz-executor310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 54.504887][ T38] audit: type=1400 audit(1647856044.588:78): avc: denied { read write } for pid=3660 comm="syz-executor310" name="raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 54.538665][ T38] audit: type=1400 audit(1647856044.588:79): avc: denied { open } for pid=3660 comm="syz-executor310" path="/dev/raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 54.572932][ T38] audit: type=1400 audit(1647856044.588:80): avc: denied { ioctl } for pid=3660 comm="syz-executor310" path="/dev/raw-gadget" dev="devtmpfs" ino=760 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 54.725699][ T3150] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 55.088854][ T3150] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[ 55.106489][ T3150] usb 5-1: New USB device found, idVendor=12cf, idProduct=7111, bcdDevice=44.11
[ 55.119383][ T3150] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 55.134065][ T3150] usb 5-1: config 0 descriptor??
[ 55.385830][ T3150] radio-si470x 5-1:0.0: DeviceID=0x0000 ChipID=0x0000
[ 55.396203][ T3150] radio-si470x 5-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[ 55.605817][ T3150] radio-si470x 5-1:0.0: software version 0, hardware version 0
[ 55.615037][ T3150] radio-si470x 5-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[ 55.630996][ T3150] radio-si470x 5-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[ 55.825735][ T3150] radio-si470x 5-1:0.0: si470x_set_report: usb_control_msg returned -71
[ 55.855725][ C3] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 55.863802][ T3150] radio-si470x 5-1:0.0: si470x_set_report: usb_control_msg returned -71
[ 55.875765][ C3] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 55.883988][ T3150] radio-si470x: probe of 5-1:0.0 failed with error -22
[ 55.897382][ T3150] usb 5-1: USB disconnect, device number 2
[ 55.905819][ C3] ==================================================================
[ 55.915589][ C3] BUG: KASAN: use-after-free in si470x_int_in_callback.cold+0x96/0xbf
[ 55.924845][ C3] Read of size 8 at addr ffff888026246b48 by task kworker/3:3/3150
[ 55.933652][ C3]
[ 55.936198][ C3] CPU: 3 PID: 3150 Comm: kworker/3:3 Not tainted 5.17.0-syzkaller #0
[ 55.945360][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[ 55.955330][ C3] Workqueue: usb_hub_wq hub_event
[ 55.961226][ C3] Call Trace:
[ 55.965080][ C3]
[ 55.968568][ C3] dump_stack_lvl+0xcd/0x134
[ 55.974165][ C3] print_address_description.constprop.0.cold+0x8d/0x303
[ 55.982042][ C3] ? si470x_int_in_callback.cold+0x96/0xbf
[ 55.988442][ C3] ? si470x_int_in_callback.cold+0x96/0xbf
[ 55.995285][ C3] kasan_report.cold+0x83/0xdf
[ 56.000186][ C3] ? si470x_int_in_callback.cold+0x96/0xbf
[ 56.005706][ C3] si470x_int_in_callback.cold+0x96/0xbf
[ 56.011714][ C3] ? rwlock_bug.part.0+0x90/0x90
[ 56.017486][ C3] ? si470x_fops_read+0x790/0x790
[ 56.022268][ C3] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 56.027959][ C3] ? usb_hcd_unmap_urb_for_dma+0x105/0x6d0
[ 56.033120][ C3] ? dummy_timer+0x11e7/0x32b0
[ 56.037654][ C3] __usb_hcd_giveback_urb+0x2b0/0x5c0
[ 56.043572][ C3] usb_hcd_giveback_urb+0x367/0x410
[ 56.049164][ C3] dummy_timer+0x11f9/0x32b0
[ 56.054555][ C3] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 56.061274][ C3] ? dummy_dequeue+0x500/0x500
[ 56.066428][ C3] ? dummy_dequeue+0x500/0x500
[ 56.071307][ C3] call_timer_fn+0x1a5/0x6b0
[ 56.076649][ C3] ? timer_fixup_activate+0x350/0x350
[ 56.083189][ C3] ? _raw_spin_unlock_irq+0x1f/0x40
[ 56.089758][ C3] ? dummy_dequeue+0x500/0x500
[ 56.095622][ C3] __run_timers.part.0+0x67c/0xa30
[ 56.101607][ C3] ? call_timer_fn+0x6b0/0x6b0
[ 56.107470][ C3] run_timer_softirq+0xb3/0x1d0
[ 56.113308][ C3] __do_softirq+0x29b/0x9c2
[ 56.118477][ C3] __irq_exit_rcu+0x123/0x180
[ 56.124041][ C3] irq_exit_rcu+0x5/0x20
[ 56.128972][ C3] sysvec_apic_timer_interrupt+0x93/0xc0
[ 56.135053][ C3]
[ 56.137977][ C3]
[ 56.141112][ C3] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 56.147150][ C3] RIP: 0010:lock_acquire+0x1ef/0x510
[ 56.152584][ C3] Code: b5 a5 7e 83 f8 01 0f 85 b4 02 00 00 9c 58 f6 c4 02 0f 85 9f 02 00 00 48 83 7c 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24
[ 56.173893][ C3] RSP: 0018:ffffc90000d77558 EFLAGS: 00000206
[ 56.181511][ C3] RAX: dffffc0000000000 RBX: 1ffff920001aeead RCX: 0000000000001c0f
[ 56.191201][ C3] RDX: 1ffff11003afa553 RSI: 0000000000000000 RDI: 0000000000000000
[ 56.200666][ C3] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff8ffc994f
[ 56.208966][ C3] R10: fffffbfff1ff9329 R11: 0000000000000001 R12: 0000000000000000
[ 56.216837][ C3] R13: 0000000000000000 R14: ffff888040096548 R15: 0000000000000000
[ 56.224372][ C3] ? lock_release+0x720/0x720
[ 56.229105][ C3] down_write+0x90/0x150
[ 56.234115][ C3] ? __kernfs_remove+0x5fc/0xb20
[ 56.240065][ C3] ? down_write_killable_nested+0x180/0x180
[ 56.246148][ C3] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80
[ 56.252575][ C3] ? kernfs_drain_open_files+0x5b/0x300
[ 56.258239][ C3] __kernfs_remove+0x5fc/0xb20
[ 56.262768][ C3] ? kernfs_next_descendant_post+0x2f0/0x2f0
[ 56.269737][ C3] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 56.277437][ C3] ? kernfs_name_hash+0xf1/0x120
[ 56.283334][ C3] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 56.290803][ C3] ? kernfs_find_ns+0x2c6/0x3e0
[ 56.296691][ C3] kernfs_remove_by_name_ns+0xa8/0x110
[ 56.302095][ C3] remove_files+0x96/0x1c0
[ 56.306460][ C3] sysfs_remove_group+0x87/0x170
[ 56.311360][ C3] sysfs_remove_groups+0x5c/0xa0
[ 56.316108][ C3] device_remove_attrs+0xcb/0x170
[ 56.321334][ C3] device_del+0x4eb/0xc80
[ 56.325437][ C3] ? __device_link_del+0x380/0x380
[ 56.330859][ C3] ? usb_disconnect.cold+0x43/0x78e
[ 56.337365][ C3] device_unregister+0x1f/0xc0
[ 56.343192][ C3] usb_remove_ep_devs+0x3e/0x80
[ 56.349113][ C3] usb_disable_device+0x306/0x7b0
[ 56.354851][ C3] usb_disconnect.cold+0x27a/0x78e
[ 56.360028][ C3] hub_event+0x1e39/0x44d0
[ 56.365064][ C3] ? hub_port_debounce+0x3c0/0x3c0
[ 56.370655][ C3] ? lock_release+0x720/0x720
[ 56.376098][ C3] ? lock_downgrade+0x6e0/0x6e0
[ 56.380882][ C3] ? do_raw_spin_lock+0x120/0x2b0
[ 56.385836][ C3] process_one_work+0x9ac/0x1650
[ 56.390935][ C3] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 56.396367][ C3] ? rwlock_bug.part.0+0x90/0x90
[ 56.401196][ C3] ? _raw_spin_lock_irq+0x41/0x50
[ 56.406279][ C3] worker_thread+0x833/0x1110
[ 56.411315][ C3] ? process_one_work+0x1650/0x1650
[ 56.416401][ C3] kthread+0x2e9/0x3a0
[ 56.420291][ C3] ? kthread_complete_and_exit+0x40/0x40
[ 56.425642][ C3] ret_from_fork+0x1f/0x30
[ 56.430076][ C3]
[ 56.433015][ C3]
[ 56.435516][ C3] Allocated by task 3150:
[ 56.439959][ C3] kasan_save_stack+0x1e/0x40
[ 56.444529][ C3] __kasan_kmalloc+0xa6/0xd0
[ 56.449040][ C3] kmem_cache_alloc_trace+0x1ea/0x4a0
[ 56.454243][ C3] si470x_usb_driver_probe+0x51/0xf90
[ 56.459491][ C3] usb_probe_interface+0x315/0x7f0
[ 56.464363][ C3] really_probe+0x245/0xcc0
[ 56.468752][ C3] __driver_probe_device+0x338/0x4d0
[ 56.473699][ C3] driver_probe_device+0x4c/0x1a0
[ 56.478680][ C3] __device_attach_driver+0x20b/0x2f0
[ 56.483961][ C3] bus_for_each_drv+0x15f/0x1e0
[ 56.488647][ C3] __device_attach+0x228/0x4a0
[ 56.493307][ C3] bus_probe_device+0x1e4/0x290
[ 56.498115][ C3] device_add+0xb83/0x1e20
[ 56.502438][ C3] usb_set_configuration+0x101e/0x1900
[ 56.508417][ C3] usb_generic_driver_probe+0xba/0x100
[ 56.515315][ C3] usb_probe_device+0xd9/0x2c0
[ 56.521063][ C3] really_probe+0x245/0xcc0
[ 56.526527][ C3] __driver_probe_device+0x338/0x4d0
[ 56.532466][ C3] driver_probe_device+0x4c/0x1a0
[ 56.538664][ C3] __device_attach_driver+0x20b/0x2f0
[ 56.545442][ C3] bus_for_each_drv+0x15f/0x1e0
[ 56.550833][ C3] __device_attach+0x228/0x4a0
[ 56.555512][ C3] bus_probe_device+0x1e4/0x290
[ 56.560327][ C3] device_add+0xb83/0x1e20
[ 56.564496][ C3] usb_new_device.cold+0x63f/0x108e
[ 56.570137][ C3] hub_event+0x2585/0x44d0
[ 56.575231][ C3] process_one_work+0x9ac/0x1650
[ 56.581091][ C3] worker_thread+0x657/0x1110
[ 56.586727][ C3] kthread+0x2e9/0x3a0
[ 56.591962][ C3] ret_from_fork+0x1f/0x30
[ 56.597240][ C3]
[ 56.599764][ C3] Freed by task 3150:
[ 56.603637][ C3] kasan_save_stack+0x1e/0x40
[ 56.608416][ C3] kasan_set_track+0x21/0x30
[ 56.613225][ C3] kasan_set_free_info+0x20/0x30
[ 56.618108][ C3] ____kasan_slab_free+0xff/0x140
[ 56.623168][ C3] kfree+0xf8/0x2b0
[ 56.626943][ C3] si470x_usb_driver_probe+0xb3d/0xf90
[ 56.632282][ C3] usb_probe_interface+0x315/0x7f0
[ 56.638082][ C3] really_probe+0x245/0xcc0
[ 56.642879][ C3] __driver_probe_device+0x338/0x4d0
[ 56.648440][ C3] driver_probe_device+0x4c/0x1a0
[ 56.653942][ C3] __device_attach_driver+0x20b/0x2f0
[ 56.659301][ C3] bus_for_each_drv+0x15f/0x1e0
[ 56.664154][ C3] __device_attach+0x228/0x4a0
[ 56.668743][ C3] bus_probe_device+0x1e4/0x290
[ 56.674063][ C3] device_add+0xb83/0x1e20
[ 56.678941][ C3] usb_set_configuration+0x101e/0x1900
[ 56.684302][ C3] usb_generic_driver_probe+0xba/0x100
[ 56.689681][ C3] usb_probe_device+0xd9/0x2c0
[ 56.694409][ C3] really_probe+0x245/0xcc0
[ 56.698877][ C3] __driver_probe_device+0x338/0x4d0
[ 56.704249][ C3] driver_probe_device+0x4c/0x1a0
[ 56.709640][ C3] __device_attach_driver+0x20b/0x2f0
[ 56.715074][ C3] bus_for_each_drv+0x15f/0x1e0
[ 56.719951][ C3] __device_attach+0x228/0x4a0
[ 56.724661][ C3] bus_probe_device+0x1e4/0x290
[ 56.729693][ C3] device_add+0xb83/0x1e20
[ 56.734843][ C3] usb_new_device.cold+0x63f/0x108e
[ 56.740828][ C3] hub_event+0x2585/0x44d0
[ 56.745394][ C3] process_one_work+0x9ac/0x1650
[ 56.750512][ C3] worker_thread+0x657/0x1110
[ 56.755304][ C3] kthread+0x2e9/0x3a0
[ 56.759337][ C3] ret_from_fork+0x1f/0x30
[ 56.763871][ C3]
[ 56.766002][ C3] The buggy address belongs to the object at ffff888026246000
[ 56.766002][ C3] which belongs to the cache kmalloc-4k of size 4096
[ 56.779906][ C3] The buggy address is located 2888 bytes inside of
[ 56.779906][ C3] 4096-byte region [ffff888026246000, ffff888026247000)
[ 56.793206][ C3] The buggy address belongs to the page:
[ 56.798820][ C3] page:ffffea0000989180 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x26246
[ 56.809125][ C3] head:ffffea0000989180 order:1 compound_mapcount:0
[ 56.815613][ C3] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 56.823391][ C3] raw: 00fff00000010200 ffffea000069f708 ffffea0000636408 ffff888010c40900
[ 56.831769][ C3] raw: 0000000000000000 ffff888026246000 0000000100000001 0000000000000000
[ 56.840356][ C3] page dumped because: kasan: bad access detected
[ 56.847818][ C3] page_owner tracks the page as allocated
[ 56.854689][ C3] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x2420c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_COMP|__GFP_THISNODE), pid 3150, ts 55180111651, free_ts 55088566333
[ 56.875183][ C3] get_page_from_freelist+0xa72/0x2f50
[ 56.881185][ C3] __alloc_pages+0x1b2/0x500
[ 56.886770][ C3] cache_grow_begin+0x75/0x390
[ 56.892550][ C3] cache_alloc_refill+0x27f/0x380
[ 56.898543][ C3] kmem_cache_alloc_trace+0x380/0x4a0
[ 56.903980][ C3] si470x_usb_driver_probe+0x51/0xf90
[ 56.909862][ C3] usb_probe_interface+0x315/0x7f0
[ 56.915775][ C3] really_probe+0x245/0xcc0
[ 56.920701][ C3] __driver_probe_device+0x338/0x4d0
[ 56.926674][ C3] driver_probe_device+0x4c/0x1a0
[ 56.932908][ C3] __device_attach_driver+0x20b/0x2f0
[ 56.939293][ C3] bus_for_each_drv+0x15f/0x1e0
[ 56.946433][ C3] __device_attach+0x228/0x4a0
[ 56.951400][ C3] bus_probe_device+0x1e4/0x290
[ 56.956187][ C3] device_add+0xb83/0x1e20
[ 56.960570][ C3] usb_set_configuration+0x101e/0x1900
[ 56.966063][ C3] page last free stack trace:
[ 56.970487][ C3] free_pcp_prepare+0x374/0x870
[ 56.975162][ C3] free_unref_page+0x19/0x690
[ 56.979788][ C3] slabs_destroy+0x89/0xc0
[ 56.984066][ C3] ___cache_free+0x303/0x600
[ 56.988569][ C3] qlist_free_all+0x50/0x1a0
[ 56.993089][ C3] kasan_quarantine_reduce+0x180/0x200
[ 56.998381][ C3] __kasan_slab_alloc+0x97/0xb0
[ 57.003259][ C3] __kmalloc+0x27a/0x4d0
[ 57.007443][ C3] tomoyo_realpath_from_path+0xc3/0x620
[ 57.013123][ C3] tomoyo_path_number_perm+0x1d5/0x590
[ 57.018408][ C3] security_file_ioctl+0x50/0xb0
[ 57.023548][ C3] __x64_sys_ioctl+0xb3/0x200
[ 57.028428][ C3] do_syscall_64+0x35/0xb0
[ 57.032771][ C3] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 57.038452][ C3]
[ 57.040708][ C3] Memory state around the buggy address:
[ 57.046063][ C3] ffff888026246a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 57.053937][ C3] ffff888026246a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 57.061839][ C3] >ffff888026246b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 57.069561][ C3] ^
[ 57.075762][ C3] ffff888026246b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 57.083438][ C3] ffff888026246c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 57.091240][ C3] ==================================================================
[ 57.099212][ C3] Disabling lock debugging due to kernel taint
[ 57.105056][ C3] Kernel panic - not syncing: panic_on_warn set ...
[ 57.111590][ C3] CPU: 3 PID: 3150 Comm: kworker/3:3 Tainted: G B 5.17.0-syzkaller #0
[ 57.120980][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[ 57.129766][ C3] Workqueue: usb_hub_wq hub_event
[ 57.134701][ C3] Call Trace:
[ 57.137958][ C3]
[ 57.140762][ C3] dump_stack_lvl+0xcd/0x134
[ 57.145204][ C3] panic+0x2b0/0x6dd
[ 57.149021][ C3] ? __warn_printk+0xf3/0xf3
[ 57.153526][ C3] ? si470x_int_in_callback.cold+0x96/0xbf
[ 57.159230][ C3] ? si470x_int_in_callback.cold+0x96/0xbf
[ 57.164897][ C3] end_report.cold+0x63/0x6f
[ 57.169456][ C3] kasan_report.cold+0x71/0xdf
[ 57.174236][ C3] ? si470x_int_in_callback.cold+0x96/0xbf
[ 57.179922][ C3] si470x_int_in_callback.cold+0x96/0xbf
[ 57.185528][ C3] ? rwlock_bug.part.0+0x90/0x90
[ 57.190507][ C3] ? si470x_fops_read+0x790/0x790
[ 57.195585][ C3] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 57.201731][ C3] ? usb_hcd_unmap_urb_for_dma+0x105/0x6d0
[ 57.207406][ C3] ? dummy_timer+0x11e7/0x32b0
[ 57.212147][ C3] __usb_hcd_giveback_urb+0x2b0/0x5c0
[ 57.217412][ C3] usb_hcd_giveback_urb+0x367/0x410
[ 57.222522][ C3] dummy_timer+0x11f9/0x32b0
[ 57.227353][ C3] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 57.233413][ C3] ? dummy_dequeue+0x500/0x500
[ 57.238133][ C3] ? dummy_dequeue+0x500/0x500
[ 57.242940][ C3] call_timer_fn+0x1a5/0x6b0
[ 57.247415][ C3] ? timer_fixup_activate+0x350/0x350
[ 57.252769][ C3] ? _raw_spin_unlock_irq+0x1f/0x40
[ 57.257844][ C3] ? dummy_dequeue+0x500/0x500
[ 57.262631][ C3] __run_timers.part.0+0x67c/0xa30
[ 57.268045][ C3] ? call_timer_fn+0x6b0/0x6b0
[ 57.272903][ C3] run_timer_softirq+0xb3/0x1d0
[ 57.277563][ C3] __do_softirq+0x29b/0x9c2
[ 57.281881][ C3] __irq_exit_rcu+0x123/0x180
[ 57.287277][ C3] irq_exit_rcu+0x5/0x20
[ 57.292251][ C3] sysvec_apic_timer_interrupt+0x93/0xc0
[ 57.297564][ C3]
[ 57.300485][ C3]
[ 57.303346][ C3] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 57.308896][ C3] RIP: 0010:lock_acquire+0x1ef/0x510
[ 57.313936][ C3] Code: b5 a5 7e 83 f8 01 0f 85 b4 02 00 00 9c 58 f6 c4 02 0f 85 9f 02 00 00 48 83 7c 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24
[ 57.338240][ C3] RSP: 0018:ffffc90000d77558 EFLAGS: 00000206
[ 57.345760][ C3] RAX: dffffc0000000000 RBX: 1ffff920001aeead RCX: 0000000000001c0f
[ 57.356472][ C3] RDX: 1ffff11003afa553 RSI: 0000000000000000 RDI: 0000000000000000
[ 57.364703][ C3] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff8ffc994f
[ 57.373123][ C3] R10: fffffbfff1ff9329 R11: 0000000000000001 R12: 0000000000000000
[ 57.382649][ C3] R13: 0000000000000000 R14: ffff888040096548 R15: 0000000000000000
[ 57.392043][ C3] ? lock_release+0x720/0x720
[ 57.397707][ C3] down_write+0x90/0x150
[ 57.401904][ C3] ? __kernfs_remove+0x5fc/0xb20
[ 57.407794][ C3] ? down_write_killable_nested+0x180/0x180
[ 57.414281][ C3] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80
[ 57.420253][ C3] ? kernfs_drain_open_files+0x5b/0x300
[ 57.426414][ C3] __kernfs_remove+0x5fc/0xb20
[ 57.431998][ C3] ? kernfs_next_descendant_post+0x2f0/0x2f0
[ 57.439217][ C3] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 57.447420][ C3] ? kernfs_name_hash+0xf1/0x120
[ 57.453068][ C3] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 57.459452][ C3] ? kernfs_find_ns+0x2c6/0x3e0
[ 57.465723][ C3] kernfs_remove_by_name_ns+0xa8/0x110
[ 57.472691][ C3] remove_files+0x96/0x1c0
[ 57.478274][ C3] sysfs_remove_group+0x87/0x170
[ 57.484303][ C3] sysfs_remove_groups+0x5c/0xa0
[ 57.491114][ C3] device_remove_attrs+0xcb/0x170
[ 57.497312][ C3] device_del+0x4eb/0xc80
[ 57.504319][ C3] ? __device_link_del+0x380/0x380
[ 57.511630][ C3] ? usb_disconnect.cold+0x43/0x78e
[ 57.517228][ C3] device_unregister+0x1f/0xc0
[ 57.522056][ C3] usb_remove_ep_devs+0x3e/0x80
[ 57.527067][ C3] usb_disable_device+0x306/0x7b0
[ 57.532354][ C3] usb_disconnect.cold+0x27a/0x78e
[ 57.537332][ C3] hub_event+0x1e39/0x44d0
[ 57.541705][ C3] ? hub_port_debounce+0x3c0/0x3c0
[ 57.546787][ C3] ? lock_release+0x720/0x720
[ 57.551438][ C3] ? lock_downgrade+0x6e0/0x6e0
[ 57.556254][ C3] ? do_raw_spin_lock+0x120/0x2b0
[ 57.561268][ C3] process_one_work+0x9ac/0x1650
[ 57.566132][ C3] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 57.571428][ C3] ? rwlock_bug.part.0+0x90/0x90
[ 57.576148][ C3] ? _raw_spin_lock_irq+0x41/0x50
[ 57.581008][ C3] worker_thread+0x833/0x1110
[ 57.585652][ C3] ? process_one_work+0x1650/0x1650
[ 57.590807][ C3] kthread+0x2e9/0x3a0
[ 57.594838][ C3] ? kthread_complete_and_exit+0x40/0x40
[ 57.600551][ C3] ret_from_fork+0x1f/0x30
[ 57.604878][ C3]
[ 57.608640][ C3] Kernel Offset: disabled
[ 57.613063][ C3] Rebooting in 86400 seconds..
VM DIAGNOSIS:
09:47:36 Registers:
info registers vcpu 0
RAX=00000000ac000400 RBX=ffff88802ca218c0 RCX=ffffffff812ba068 RDX=dffffc0000000000
RSI=0000000000000008 RDI=ffffffff8d93ea48 RBP=0000000000000000 RSP=ffffc90000007f68
R8 =0000000000000000 R9 =ffffffff8d93ea4f R10=fffffbfff1b27d49 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff812ba09d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802ca00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000563fae4cbed0 CR3=000000000b88e000 CR4=00150ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=25252525252525252525252525252525 XMM01=000000ff000000000000000000000000
XMM02=000000ff000000000000000000000000 XMM03=000000ff000000ff0000000000000000
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=ffffff0000ff000000ff00000000ff00
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=6564750073726f74706972637365642f XMM09=00000000000000000000000000000000
XMM10=20202000002020202020202020202020 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=00000000ac000400 RBX=ffff88802cb218c0 RCX=ffffffff812ba068 RDX=dffffc0000000000
RSI=0000000000000008 RDI=ffffffff8d93ea48 RBP=0000000000000001 RSP=ffffc90000728f68
R8 =0000000000000000 R9 =ffffffff8d93ea4f R10=fffffbfff1b27d49 R11=0000000000000000
R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff812ba09d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00000000
FS =0000 0000000000000000 ffffffff 00000000
GS =0000 ffff88802cb00000 ffffffff 00000000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000563ac4374204 CR3=000000001ec86000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000155e0c530000000000000000 XMM01=0000000000000072656c6c616b7a7973
XMM02=00000000000000ff0000000000000000 XMM03=7361657200353433333d646970006e69
XMM04=2f7273752f3a6e6962732f3d48544150 XMM05=7361657200353433333d646970006e69
XMM06=6f727000336270616c3d656361667265 XMM07=00000000000000000000000000000000
XMM08=636864203a73250073646e6f63657320 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 2
RAX=00000000ac000400 RBX=ffff88802cc218c0 RCX=ffffffff812ba068 RDX=dffffc0000000000
RSI=0000000000000008 RDI=ffffffff8d93ea48 RBP=0000000000000002 RSP=ffffc90000780f68
R8 =0000000000000000 R9 =ffffffff8d93ea4f R10=fffffbfff1b27d49 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff812ba09d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007ff328c07800 ffffffff 00c00000
GS =0000 ffff88802cc00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe000008f000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007ff328d662f0 CR3=0000000025dcd000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=25252525252525252525252525252525 XMM01=0000ff0000000000ff0000000000ff00
XMM02=0000ff0000000000ff0000000000ff00 XMM03=00000000000000000000000000000000
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=5245004c415441460054454955510029 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 3
RAX=0000000080000102 RBX=0000000000000001 RCX=1ffffffff20a2f20 RDX=0000000000000001
RSI=0000000000000102 RDI=0000000000000001 RBP=00000024fca5ad58 RSP=ffffc900007d8818
R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff8907deab R11=0000000000000000
R12=0000000000000003 R13=0000000000231870 R14=000000000000002f R15=000000000000002f
RIP=ffffffff815008fb RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802cd00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe00000d6000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000000020001380 CR3=0000000018cca000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a XMM01=000000000000000000000000000000ff
XMM02=000000000000000000000000000000ff XMM03=69646172205d3035313354205b5d3838
XMM04=616964656d2d78756e696c207461204c XMM05=657361656c70202c7265766972642073
XMM06=7420656d6f73206576616820756f7920 XMM07=69732d6f69646172205d303531335420
XMM08=3354205b5d3230383336382e35352000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000