Warning: Permanently added '10.128.0.114' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program syzkaller login: [ 40.925418][ T3158] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 40.925659][ T26] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 40.936831][ T7] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 40.940922][ T20] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 40.948392][ T5] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 40.955952][ T4564] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 41.285637][ T3158] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 41.296639][ T3158] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 41.315476][ T7] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 41.326087][ T5] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 41.336702][ T5] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 41.348145][ T7] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 41.365539][ T26] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 41.376542][ T4564] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 41.387484][ T20] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 41.398648][ T26] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 41.409248][ T4564] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 41.420001][ T20] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 41.465299][ T3158] usb 5-1: New USB device found, idVendor=06f8, idProduct=e031, bcdDevice=d4.eb [ 41.474751][ T3158] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 41.483763][ T3158] usb 5-1: Product: syz [ 41.488421][ T3158] usb 5-1: Manufacturer: syz [ 41.493208][ T3158] usb 5-1: SerialNumber: syz [ 41.500322][ T3158] usb 5-1: config 0 descriptor?? [ 41.515374][ T5] usb 6-1: New USB device found, idVendor=06f8, idProduct=e031, bcdDevice=d4.eb [ 41.525255][ T7] usb 2-1: New USB device found, idVendor=06f8, idProduct=e031, bcdDevice=d4.eb [ 41.534605][ T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 41.544716][ T5] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 41.554493][ T3158] r8712u: register rtl8712_netdev_ops to netdev_ops [ 41.561677][ T3158] usb 5-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 41.571521][ T7] usb 2-1: Product: syz [ 41.576548][ T5] usb 6-1: Product: syz [ 41.581703][ T7] usb 2-1: Manufacturer: syz [ 41.587515][ T5] usb 6-1: Manufacturer: syz [ 41.592174][ T7] usb 2-1: SerialNumber: syz [ 41.597926][ T5] usb 6-1: SerialNumber: syz [ 41.604792][ T7] usb 2-1: config 0 descriptor?? [ 41.609677][ T26] usb 3-1: New USB device found, idVendor=06f8, idProduct=e031, bcdDevice=d4.eb [ 41.619334][ T4564] usb 1-1: New USB device found, idVendor=06f8, idProduct=e031, bcdDevice=d4.eb [ 41.628597][ T20] usb 4-1: New USB device found, idVendor=06f8, idProduct=e031, bcdDevice=d4.eb [ 41.629743][ T5] usb 6-1: config 0 descriptor?? [ 41.641004][ T4564] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 41.651141][ T20] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 41.660558][ T26] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 41.669078][ T20] usb 4-1: Product: syz [ 41.673541][ T26] usb 3-1: Product: syz [ 41.678492][ T3158] usb 5-1: r8712u: Boot from EFUSE: Autoload Failed [ 41.678723][ T4564] usb 1-1: Product: syz [ 41.689731][ T3158] usb 5-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 41.689963][ T20] usb 4-1: Manufacturer: syz [ 41.699183][ T7] r8712u: register rtl8712_netdev_ops to netdev_ops [ 41.702792][ T26] usb 3-1: Manufacturer: syz [ 41.710525][ T5] r8712u: register rtl8712_netdev_ops to netdev_ops [ 41.714669][ T4564] usb 1-1: Manufacturer: syz [ 41.725841][ T26] usb 3-1: SerialNumber: syz [ 41.730626][ T20] usb 4-1: SerialNumber: syz [ 41.739036][ T7] usb 2-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 41.739905][ T4564] usb 1-1: SerialNumber: syz [ 41.750665][ T5] usb 6-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 41.751407][ T20] usb 4-1: config 0 descriptor?? executing program [ 41.762867][ T26] usb 3-1: config 0 descriptor?? [ 41.775795][ T3158] usb 5-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 41.786099][ T4564] usb 1-1: config 0 descriptor?? [ 41.810151][ T3158] usb 5-1: USB disconnect, device number 2 [ 41.826940][ T26] r8712u: register rtl8712_netdev_ops to netdev_ops [ 41.833588][ T26] usb 3-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 41.841791][ T20] r8712u: register rtl8712_netdev_ops to netdev_ops [ 41.850602][ T4564] r8712u: register rtl8712_netdev_ops to netdev_ops executing program executing program [ 41.859890][ T8442] usb 5-1: Direct firmware load for rtlwifi/rtl8712u.bin failed with error -2 [ 41.861576][ T4564] usb 1-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 41.877366][ T20] usb 4-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 41.880545][ T8442] usb 5-1: Falling back to sysfs fallback for: rtlwifi/rtl8712u.bin [ 41.895131][ T5] usb 6-1: r8712u: Boot from EFUSE: Autoload Failed [ 41.902799][ T7] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed [ 41.922986][ T7] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 41.933875][ T5] usb 6-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 41.959175][ T7] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 41.967079][ T5] usb 6-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 41.979340][ T7] usb 2-1: USB disconnect, device number 2 [ 41.986049][ T8442] usb 5-1: r8712u: Firmware request failed [ 41.995212][ T4564] usb 1-1: r8712u: Boot from EFUSE: Autoload Failed [ 41.997371][ T5] usb 6-1: USB disconnect, device number 2 [ 42.002039][ T20] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed [ 42.009698][ T8442] usb 2-1: Direct firmware load for rtlwifi/rtl8712u.bin failed with error -2 executing program executing program executing program [ 42.014375][ T26] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed [ 42.023893][ T8442] usb 2-1: Falling back to sysfs fallback for: rtlwifi/rtl8712u.bin [ 42.030810][ T20] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 42.055063][ T4564] usb 1-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 42.082380][ T4564] usb 1-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 42.093861][ T26] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 42.095040][ T8471] usb 6-1: r8712u: Firmware request failed [ 42.110358][ T8442] usb 2-1: r8712u: Firmware request failed [ 42.114001][ T20] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 42.129805][ T4564] usb 1-1: USB disconnect, device number 2 [ 42.139223][ T26] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 42.159877][ T20] usb 4-1: USB disconnect, device number 2 [ 42.167964][ T26] usb 3-1: USB disconnect, device number 2 [ 42.176258][ T8437] usb 1-1: Direct firmware load for rtlwifi/rtl8712u.bin failed with error -2 [ 42.185144][ T8437] usb 1-1: Falling back to sysfs fallback for: rtlwifi/rtl8712u.bin [ 42.202159][ T8435] usb 4-1: r8712u: Firmware request failed [ 42.209607][ T8437] usb 1-1: r8712u: Firmware request failed [ 42.215711][ T8521] usb 3-1: r8712u: Firmware request failed [ 42.404749][ T3158] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 42.474722][ T7] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 42.484844][ T5] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 42.604672][ T26] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 42.612363][ T20] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 42.620996][ T4564] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 42.764761][ T3158] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 42.775586][ T3158] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 42.834648][ T7] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 42.845290][ T7] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 42.856009][ T5] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 42.866877][ T5] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 42.944707][ T3158] usb 5-1: New USB device found, idVendor=06f8, idProduct=e031, bcdDevice=d4.eb [ 42.953859][ T3158] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 42.962973][ T3158] usb 5-1: Product: syz [ 42.967648][ T3158] usb 5-1: Manufacturer: syz [ 42.972412][ T3158] usb 5-1: SerialNumber: syz [ 42.984602][ T3158] usb 5-1: config 0 descriptor?? [ 43.024662][ T26] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 43.025861][ T3158] r8712u: register rtl8712_netdev_ops to netdev_ops [ 43.035798][ T26] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 43.042206][ T7] usb 2-1: New USB device found, idVendor=06f8, idProduct=e031, bcdDevice=d4.eb [ 43.054665][ T20] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 43.061672][ T5] usb 6-1: New USB device found, idVendor=06f8, idProduct=e031, bcdDevice=d4.eb [ 43.072113][ T4564] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 43.091755][ T20] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 43.102477][ T3158] usb 5-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 43.107225][ T4564] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 43.121220][ T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.130079][ T5] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.138822][ T5] usb 6-1: Product: syz [ 43.143151][ T5] usb 6-1: Manufacturer: syz [ 43.147861][ T7] usb 2-1: Product: syz [ 43.152251][ T7] usb 2-1: Manufacturer: syz [ 43.157165][ T7] usb 2-1: SerialNumber: syz [ 43.162064][ T5] usb 6-1: SerialNumber: syz [ 43.169866][ T7] usb 2-1: config 0 descriptor?? [ 43.178984][ T5] usb 6-1: config 0 descriptor?? executing program [ 43.214590][ T3158] usb 5-1: r8712u: Boot from EFUSE: Autoload Failed [ 43.221208][ T3158] usb 5-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 43.230260][ T7] r8712u: register rtl8712_netdev_ops to netdev_ops [ 43.238234][ T5] r8712u: register rtl8712_netdev_ops to netdev_ops [ 43.254255][ T7] usb 2-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 43.261107][ T5] usb 6-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 43.274401][ T3158] usb 5-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 43.274569][ T26] usb 3-1: New USB device found, idVendor=06f8, idProduct=e031, bcdDevice=d4.eb [ 43.285278][ T3158] usb 5-1: USB disconnect, device number 3 [ 43.298283][ T8471] usb 5-1: Direct firmware load for rtlwifi/rtl8712u.bin failed with error -2 [ 43.298653][ T26] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.311403][ T8471] usb 5-1: Falling back to sysfs fallback for: rtlwifi/rtl8712u.bin [ 43.320235][ T20] usb 4-1: New USB device found, idVendor=06f8, idProduct=e031, bcdDevice=d4.eb [ 43.330653][ T8471] usb 5-1: r8712u: Firmware request failed [ 43.332987][ T4564] usb 1-1: New USB device found, idVendor=06f8, idProduct=e031, bcdDevice=d4.eb [ 43.352147][ T20] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.360886][ T26] usb 3-1: Product: syz [ 43.365245][ T7] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed [ 43.368379][ T4564] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.371903][ T7] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 43.387477][ T26] usb 3-1: Manufacturer: syz [ 43.387553][ T5] usb 6-1: r8712u: Boot from EFUSE: Autoload Failed [ 43.392545][ T20] usb 4-1: Product: syz [ 43.401819][ T5] usb 6-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 43.408120][ T26] usb 3-1: SerialNumber: syz executing program executing program [ 43.411344][ T5] usb 6-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 43.420998][ T4564] usb 1-1: Product: syz [ 43.423138][ T7] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 43.429858][ T20] usb 4-1: Manufacturer: syz [ 43.442560][ T26] usb 3-1: config 0 descriptor?? [ 43.449844][ T5] usb 6-1: USB disconnect, device number 3 [ 43.456643][ T4564] usb 1-1: Manufacturer: syz [ 43.463411][ T4564] usb 1-1: SerialNumber: syz [ 43.468340][ T20] usb 4-1: SerialNumber: syz [ 43.480473][ T20] usb 4-1: config 0 descriptor?? [ 43.489439][ T4564] usb 1-1: config 0 descriptor?? [ 43.493449][ T7] usb 2-1: USB disconnect, device number 3 [ 43.508226][ T8471] usb 6-1: Direct firmware load for rtlwifi/rtl8712u.bin failed with error -2 [ 43.515694][ T26] r8712u: register rtl8712_netdev_ops to netdev_ops [ 43.523888][ T8471] usb 6-1: Falling back to sysfs fallback for: rtlwifi/rtl8712u.bin [ 43.524350][ T26] usb 3-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 43.551469][ T8442] usb 2-1: r8712u: Firmware request failed [ 43.562253][ T8471] usb 6-1: r8712u: Firmware request failed [ 43.565540][ T20] r8712u: register rtl8712_netdev_ops to netdev_ops [ 43.576301][ T4564] r8712u: register rtl8712_netdev_ops to netdev_ops [ 43.583247][ T4564] usb 1-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 43.596948][ T20] usb 4-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 43.664310][ T26] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed [ 43.671224][ T26] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 43.682599][ T26] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 43.695433][ T26] usb 3-1: Direct firmware load for rtlwifi/rtl8712u.bin failed with error -2 [ 43.704202][ T3158] usb 5-1: new high-speed USB device number 4 using dummy_hcd executing program executing program [ 43.705305][ T4564] usb 1-1: r8712u: Boot from EFUSE: Autoload Failed [ 43.719600][ T20] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed [ 43.726555][ T26] usb 3-1: Falling back to sysfs fallback for: rtlwifi/rtl8712u.bin [ 43.728597][ T8471] usb 3-1: USB disconnect, device number 3 [ 43.737883][ T20] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 43.751893][ T4564] usb 1-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 executing program [ 43.768995][ T20] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 43.781569][ T26] usb 3-1: r8712u: Firmware request failed [ 43.793644][ T4564] usb 1-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 43.797365][ T8471] ================================================================== [ 43.803392][ T20] usb 4-1: USB disconnect, device number 3 [ 43.812003][ T8471] BUG: KASAN: slab-out-of-bounds in do_raw_spin_lock+0x4f5/0x8e0 [ 43.812040][ T8471] Read of size 4 at addr ffff88802b46ce14 by task kworker/0:6/8471 [ 43.812052][ T8471] [ 43.812059][ T8471] CPU: 0 PID: 8471 Comm: kworker/0:6 Tainted: G W 5.14.0-rc1-syzkaller #0 [ 43.812075][ T8471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.812085][ T8471] Workqueue: usb_hub_wq hub_event [ 43.812106][ T8471] Call Trace: [ 43.820121][ T4564] usb 1-1: USB disconnect, device number 3 [ 43.825684][ T8471] dump_stack_lvl+0x1ae/0x29f [ 43.825711][ T8471] ? show_regs_print_info+0x12/0x12 [ 43.825725][ T8471] ? printk+0xc0/0x108 [ 43.835935][ T26] usb 4-1: Direct firmware load for rtlwifi/rtl8712u.bin failed with error -2 [ 43.836452][ T8471] ? wake_up_klogd+0xb2/0xf0 [ 43.846360][ T26] usb 4-1: Falling back to sysfs fallback for: rtlwifi/rtl8712u.bin [ 43.857314][ T8471] ? log_buf_vmcoreinfo_setup+0x498/0x498 [ 43.857349][ T8471] ? _raw_spin_lock_irqsave+0xbf/0x100 [ 43.857366][ T8471] ? _raw_spin_lock+0x40/0x40 [ 43.857379][ T8471] print_address_description+0x66/0x3b0 [ 43.869392][ T26] usb 4-1: r8712u: Firmware request failed [ 43.871677][ T8471] kasan_report+0x163/0x210 [ 43.881821][ T26] usb 1-1: Direct firmware load for rtlwifi/rtl8712u.bin failed with error -2 [ 43.885705][ T8471] ? do_raw_spin_lock+0x4f5/0x8e0 [ 43.885730][ T8471] ? release_firmware_map_entry+0x184/0x184 [ 43.885750][ T8471] do_raw_spin_lock+0x4f5/0x8e0 [ 43.898073][ T26] usb 1-1: Falling back to sysfs fallback for: rtlwifi/rtl8712u.bin [ 43.899241][ T8471] ? kthread_data+0x4d/0xc0 [ 43.914601][ T26] usb 1-1: r8712u: Firmware request failed [ 43.918637][ T8471] ? __rwlock_init+0x140/0x140 [ 43.988390][ T8471] ? schedule_timeout+0x98/0x2f0 [ 43.993617][ T8471] ? console_conditional_schedule+0x40/0x40 [ 43.999628][ T8471] _raw_spin_lock_irq+0xba/0xf0 [ 44.004501][ T8471] ? _raw_spin_lock_irqsave+0x100/0x100 [ 44.010080][ T8471] ? do_raw_spin_unlock+0x134/0x8a0 [ 44.015305][ T8471] ? _raw_spin_unlock_irq+0x1f/0x40 [ 44.020511][ T8471] do_wait_for_common+0x2e5/0x480 [ 44.025636][ T8471] ? console_conditional_schedule+0x40/0x40 [ 44.031598][ T8471] ? wait_for_completion_killable_timeout+0x60/0x60 [ 44.038165][ T8471] ? _raw_spin_lock_irq+0xba/0xf0 [ 44.043262][ T8471] ? _raw_spin_lock_irqsave+0x100/0x100 [ 44.048782][ T8471] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 44.054751][ T8471] ? _raw_spin_unlock+0x40/0x40 [ 44.059857][ T8471] wait_for_completion+0x48/0x60 [ 44.064815][ T8471] r871xu_dev_remove+0x83/0x460 [ 44.070374][ T8471] usb_unbind_interface+0x1f2/0x860 [ 44.076365][ T8471] ? kernfs_find_ns+0x43c/0x4d0 [ 44.081301][ T8471] ? usb_driver_release_interface+0x1c0/0x1c0 [ 44.087463][ T8471] device_release_driver_internal+0x51e/0x7b0 [ 44.093873][ T8471] bus_remove_device+0x2fd/0x410 [ 44.099006][ T8471] device_del+0x6e1/0xc10 [ 44.103322][ T8471] ? kill_device+0x150/0x150 [ 44.107893][ T8471] ? usb_disconnect+0xfa/0x8a0 [ 44.112723][ T8471] ? print_irqtrace_events+0x220/0x220 [ 44.118174][ T8471] ? mutex_lock_io_nested+0x60/0x60 [ 44.123622][ T8471] usb_disable_device+0x407/0x800 [ 44.128814][ T8471] usb_disconnect+0x33a/0x8a0 [ 44.133491][ T8471] hub_port_connect+0x297/0x27a0 [ 44.138597][ T8471] ? __lock_acquire+0x6100/0x6100 [ 44.143692][ T8471] ? debug_check_no_obj_freed+0x5a2/0x650 [ 44.149668][ T8471] ? descriptors_changed+0x9f0/0x9f0 [ 44.155302][ T8471] ? slab_free_freelist_hook+0x1d8/0x290 [ 44.161066][ T8471] hub_port_connect_change+0x5d0/0xbf0 [ 44.166707][ T8471] ? hub_port_reset+0x11b0/0x11b0 [ 44.171810][ T8471] ? hub_ext_port_status+0x470/0x670 [ 44.177628][ T8471] ? hub_handle_remote_wakeup+0x18d/0x3f0 [ 44.183344][ T8471] port_event+0xaee/0x1140 [ 44.187940][ T8471] ? hub_event+0x47f/0xd80 [ 44.192625][ T8471] ? hub_quiesce+0x330/0x330 [ 44.197337][ T8471] ? do_raw_spin_unlock+0x134/0x8a0 [ 44.202713][ T8471] ? _raw_spin_lock_irq+0x81/0xf0 [ 44.207815][ T8471] hub_event+0x48d/0xd80 [ 44.212136][ T8471] ? lock_acquire+0xa4/0x4a0 [ 44.216825][ T8471] ? led_work+0x710/0x710 [ 44.221155][ T8471] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 44.227152][ T8471] ? do_raw_spin_unlock+0x134/0x8a0 [ 44.232440][ T8471] ? _raw_spin_unlock_irq+0x1f/0x40 [ 44.237639][ T8471] process_one_work+0x833/0x10c0 [ 44.242772][ T8471] ? worker_detach_from_pool+0x260/0x260 [ 44.252647][ T8471] ? _raw_spin_lock_irqsave+0x100/0x100 [ 44.258266][ T8471] ? kthread_data+0x4d/0xc0 [ 44.262751][ T8471] ? wq_worker_running+0x8b/0x140 [ 44.267844][ T8471] worker_thread+0xac1/0x1320 [ 44.272613][ T8471] ? __kthread_parkme+0x166/0x1c0 [ 44.277755][ T8471] kthread+0x453/0x480 [ 44.281857][ T8471] ? rcu_lock_release+0x20/0x20 [ 44.286691][ T8471] ? kthread_blkcg+0xd0/0xd0 [ 44.291265][ T8471] ret_from_fork+0x1f/0x30 [ 44.295689][ T8471] [ 44.298021][ T8471] Allocated by task 10: [ 44.302193][ T8471] __kasan_slab_alloc+0x96/0xd0 [ 44.307228][ T8471] kmem_cache_alloc_node+0x200/0x370 [ 44.312538][ T8471] dup_task_struct+0x52/0x980 [ 44.317197][ T8471] copy_process+0x615/0x5b00 [ 44.321785][ T8471] kernel_clone+0x21a/0x7d0 [ 44.326275][ T8471] kernel_thread+0x146/0x1c0 [ 44.330842][ T8471] call_usermodehelper_exec_work+0x57/0x220 [ 44.336714][ T8471] process_one_work+0x833/0x10c0 [ 44.341645][ T8471] worker_thread+0xac1/0x1320 [ 44.346302][ T8471] kthread+0x453/0x480 [ 44.350455][ T8471] ret_from_fork+0x1f/0x30 [ 44.354854][ T8471] [ 44.357172][ T8471] Last potentially related work creation: [ 44.362885][ T8471] kasan_save_stack+0x27/0x50 [ 44.367545][ T8471] kasan_record_aux_stack+0xee/0x120 [ 44.372850][ T8471] call_rcu+0x1a0/0xa20 [ 44.377096][ T8471] schedule_tail+0xc/0xb0 [ 44.381409][ T8471] ret_from_fork+0x8/0x30 [ 44.385836][ T8471] [ 44.388262][ T8471] The buggy address belongs to the object at ffff88802b46b880 [ 44.388262][ T8471] which belongs to the cache task_struct of size 6976 [ 44.402568][ T8471] The buggy address is located 5524 bytes inside of [ 44.402568][ T8471] 6976-byte region [ffff88802b46b880, ffff88802b46d3c0) [ 44.416026][ T8471] The buggy address belongs to the page: [ 44.421773][ T8471] page:ffffea0000ad1a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2b468 [ 44.432049][ T8471] head:ffffea0000ad1a00 order:3 compound_mapcount:0 compound_pincount:0 [ 44.440749][ T8471] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 44.448783][ T8471] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888140006280 [ 44.458556][ T8471] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000 [ 44.467311][ T8471] page dumped because: kasan: bad access detected [ 44.474142][ T8471] page_owner tracks the page as allocated [ 44.480372][ T8471] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 10, ts 43802781641, free_ts 43793596145 [ 44.499925][ T8471] get_page_from_freelist+0x779/0xa30 [ 44.505319][ T8471] __alloc_pages+0x26c/0x5f0 [ 44.509912][ T8471] allocate_slab+0xf1/0x540 [ 44.514413][ T8471] ___slab_alloc+0x1cf/0x350 [ 44.519181][ T8471] kmem_cache_alloc_node+0x2ca/0x370 [ 44.525970][ T8471] dup_task_struct+0x52/0x980 [ 44.530627][ T8471] copy_process+0x615/0x5b00 [ 44.535217][ T8471] kernel_clone+0x21a/0x7d0 [ 44.539696][ T8471] kernel_thread+0x146/0x1c0 [ 44.544265][ T8471] call_usermodehelper_exec_work+0x57/0x220 [ 44.550330][ T8471] process_one_work+0x833/0x10c0 [ 44.555265][ T8471] worker_thread+0xac1/0x1320 [ 44.559947][ T8471] kthread+0x453/0x480 [ 44.564042][ T8471] ret_from_fork+0x1f/0x30 [ 44.568498][ T8471] page last free stack trace: [ 44.573189][ T8471] free_pcp_prepare+0xc29/0xd20 [ 44.578043][ T8471] free_unref_page+0x7e/0x550 [ 44.582703][ T8471] kfree+0x287/0x2d0 [ 44.586600][ T8471] request_firmware_work_func+0x175/0x250 [ 44.592306][ T8471] process_one_work+0x833/0x10c0 [ 44.597221][ T8471] worker_thread+0xac1/0x1320 [ 44.601886][ T8471] kthread+0x453/0x480 [ 44.605956][ T8471] ret_from_fork+0x1f/0x30 [ 44.610402][ T8471] [ 44.612719][ T8471] Memory state around the buggy address: [ 44.618343][ T8471] ffff88802b46cd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.626814][ T8471] ffff88802b46cd80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.635476][ T8471] >ffff88802b46ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.643728][ T8471] ^ [ 44.648501][ T8471] ffff88802b46ce80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.656651][ T8471] ffff88802b46cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.664968][ T8471] ================================================================== [ 44.673355][ T8471] Kernel panic - not syncing: panic_on_warn set ... [ 44.680164][ T8471] CPU: 0 PID: 8471 Comm: kworker/0:6 Tainted: G B W 5.14.0-rc1-syzkaller #0 [ 44.690447][ T8471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.700870][ T8471] Workqueue: usb_hub_wq hub_event [ 44.705903][ T8471] Call Trace: [ 44.709257][ T8471] dump_stack_lvl+0x1ae/0x29f [ 44.713935][ T8471] ? show_regs_print_info+0x12/0x12 [ 44.719283][ T8471] ? log_buf_vmcoreinfo_setup+0x498/0x498 [ 44.725172][ T8471] panic+0x2e1/0x850 [ 44.729072][ T8471] ? nmi_panic+0x90/0x90 [ 44.733291][ T8471] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 44.740122][ T8471] ? rcu_read_lock_sched_held+0x5d/0x110 [ 44.745827][ T8471] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 44.751971][ T8471] kasan_report+0x206/0x210 [ 44.756570][ T8471] ? do_raw_spin_lock+0x4f5/0x8e0 [ 44.761675][ T8471] ? release_firmware_map_entry+0x184/0x184 [ 44.767574][ T8471] do_raw_spin_lock+0x4f5/0x8e0 [ 44.772510][ T8471] ? kthread_data+0x4d/0xc0 [ 44.776996][ T8471] ? __rwlock_init+0x140/0x140 [ 44.781914][ T8471] ? schedule_timeout+0x98/0x2f0 [ 44.786980][ T8471] ? console_conditional_schedule+0x40/0x40 [ 44.792891][ T8471] _raw_spin_lock_irq+0xba/0xf0 [ 44.797763][ T8471] ? _raw_spin_lock_irqsave+0x100/0x100 [ 44.803329][ T8471] ? do_raw_spin_unlock+0x134/0x8a0 [ 44.808656][ T8471] ? _raw_spin_unlock_irq+0x1f/0x40 [ 44.814299][ T8471] do_wait_for_common+0x2e5/0x480 [ 44.819639][ T8471] ? console_conditional_schedule+0x40/0x40 [ 44.825807][ T8471] ? wait_for_completion_killable_timeout+0x60/0x60 [ 44.832474][ T8471] ? _raw_spin_lock_irq+0xba/0xf0 [ 44.837495][ T8471] ? _raw_spin_lock_irqsave+0x100/0x100 [ 44.843028][ T8471] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 44.849076][ T8471] ? _raw_spin_unlock+0x40/0x40 [ 44.854015][ T8471] wait_for_completion+0x48/0x60 [ 44.858970][ T8471] r871xu_dev_remove+0x83/0x460 [ 44.863999][ T8471] usb_unbind_interface+0x1f2/0x860 [ 44.869291][ T8471] ? kernfs_find_ns+0x43c/0x4d0 [ 44.874138][ T8471] ? usb_driver_release_interface+0x1c0/0x1c0 [ 44.880185][ T8471] device_release_driver_internal+0x51e/0x7b0 [ 44.886237][ T8471] bus_remove_device+0x2fd/0x410 [ 44.891177][ T8471] device_del+0x6e1/0xc10 [ 44.895532][ T8471] ? kill_device+0x150/0x150 [ 44.900139][ T8471] ? usb_disconnect+0xfa/0x8a0 [ 44.905072][ T8471] ? print_irqtrace_events+0x220/0x220 [ 44.910518][ T8471] ? mutex_lock_io_nested+0x60/0x60 [ 44.915699][ T8471] usb_disable_device+0x407/0x800 [ 44.920712][ T8471] usb_disconnect+0x33a/0x8a0 [ 44.925373][ T8471] hub_port_connect+0x297/0x27a0 [ 44.930295][ T8471] ? __lock_acquire+0x6100/0x6100 [ 44.935320][ T8471] ? debug_check_no_obj_freed+0x5a2/0x650 [ 44.941050][ T8471] ? descriptors_changed+0x9f0/0x9f0 [ 44.946565][ T8471] ? slab_free_freelist_hook+0x1d8/0x290 [ 44.952209][ T8471] hub_port_connect_change+0x5d0/0xbf0 [ 44.957830][ T8471] ? hub_port_reset+0x11b0/0x11b0 [ 44.962981][ T8471] ? hub_ext_port_status+0x470/0x670 [ 44.968683][ T8471] ? hub_handle_remote_wakeup+0x18d/0x3f0 [ 44.974533][ T8471] port_event+0xaee/0x1140 [ 44.979109][ T8471] ? hub_event+0x47f/0xd80 [ 44.983620][ T8471] ? hub_quiesce+0x330/0x330 [ 44.988401][ T8471] ? do_raw_spin_unlock+0x134/0x8a0 [ 44.993624][ T8471] ? _raw_spin_lock_irq+0x81/0xf0 [ 44.998766][ T8471] hub_event+0x48d/0xd80 [ 45.003189][ T8471] ? lock_acquire+0xa4/0x4a0 [ 45.007970][ T8471] ? led_work+0x710/0x710 [ 45.012311][ T8471] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 45.018348][ T8471] ? do_raw_spin_unlock+0x134/0x8a0 [ 45.023733][ T8471] ? _raw_spin_unlock_irq+0x1f/0x40 [ 45.029056][ T8471] process_one_work+0x833/0x10c0 [ 45.034494][ T8471] ? worker_detach_from_pool+0x260/0x260 [ 45.040631][ T8471] ? _raw_spin_lock_irqsave+0x100/0x100 [ 45.047260][ T8471] ? kthread_data+0x4d/0xc0 [ 45.051867][ T8471] ? wq_worker_running+0x8b/0x140 [ 45.057928][ T8471] worker_thread+0xac1/0x1320 [ 45.062705][ T8471] ? __kthread_parkme+0x166/0x1c0 [ 45.067715][ T8471] kthread+0x453/0x480 [ 45.071788][ T8471] ? rcu_lock_release+0x20/0x20 [ 45.076617][ T8471] ? kthread_blkcg+0xd0/0xd0 [ 45.081231][ T8471] ret_from_fork+0x1f/0x30 [ 45.087505][ T8471] Kernel Offset: disabled [ 45.091922][ T8471] Rebooting in 86400 seconds..