[ 13.431628][ C0] random: crng init done [ 13.435914][ C0] random: 7 urandom warning(s) missed due to ratelimiting Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 22.721781][ T388] can: request_module (can-proto-0) failed. [ 23.129582][ T388] can: request_module (can-proto-0) failed. [ 23.139234][ T388] can: request_module (can-proto-7) failed. [ 23.149212][ T388] can: request_module (can-proto-0) failed. Warning: Permanently added '10.128.10.3' (ECDSA) to the list of known hosts. 2020/04/18 01:39:59 parsed 1 programs 2020/04/18 01:39:59 executed programs: 0 [ 30.535537][ T541] cgroup: Unknown subsys name 'perf_event' [ 30.540248][ T544] cgroup: Unknown subsys name 'perf_event' [ 30.542404][ T542] cgroup: Unknown subsys name 'perf_event' [ 30.547891][ T544] cgroup: Unknown subsys name 'net_cls' [ 30.563206][ T546] cgroup: Unknown subsys name 'perf_event' [ 30.569264][ T546] cgroup: Unknown subsys name 'net_cls' [ 30.576321][ T541] cgroup: Unknown subsys name 'net_cls' [ 30.583441][ T548] cgroup: Unknown subsys name 'perf_event' [ 30.588829][ T552] cgroup: Unknown subsys name 'perf_event' [ 30.589441][ T548] cgroup: Unknown subsys name 'net_cls' [ 30.600439][ T552] cgroup: Unknown subsys name 'net_cls' [ 30.601114][ T542] cgroup: Unknown subsys name 'net_cls' [ 38.716384][ T83] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 38.846230][ T12] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 38.926391][ T83] usb 6-1: New USB device found, idVendor=056a, idProduct=0061, bcdDevice= 0.40 [ 38.935591][ T83] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 38.945940][ T83] usb 6-1: config 0 descriptor?? [ 38.956232][ T21] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 38.963852][ T293] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 38.976236][ T3243] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 39.036356][ T3248] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 39.086232][ T12] usb 2-1: New USB device found, idVendor=056a, idProduct=0061, bcdDevice= 0.40 [ 39.095392][ T12] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.105519][ T12] usb 2-1: config 0 descriptor?? [ 39.176241][ T21] usb 5-1: New USB device found, idVendor=056a, idProduct=0061, bcdDevice= 0.40 [ 39.185344][ T21] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.193625][ T293] usb 4-1: New USB device found, idVendor=056a, idProduct=0061, bcdDevice= 0.40 [ 39.202767][ T293] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.211136][ T3243] usb 1-1: New USB device found, idVendor=056a, idProduct=0061, bcdDevice= 0.40 [ 39.220248][ T3243] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.231197][ T3243] usb 1-1: config 0 descriptor?? [ 39.236977][ T21] usb 5-1: config 0 descriptor?? [ 39.242996][ T293] usb 4-1: config 0 descriptor?? [ 39.266476][ T3248] usb 3-1: New USB device found, idVendor=056a, idProduct=0061, bcdDevice= 0.40 [ 39.275587][ T3248] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.292002][ T3248] usb 3-1: config 0 descriptor?? [ 39.408905][ T83] wacom 0003:056A:0061.0001: Unknown device_type for 'HID 056a:0061'. Assuming pen. [ 39.420380][ T83] input: Wacom PenStation2 Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:0061.0001/input/input5 [ 39.438502][ T83] wacom 0003:056A:0061.0001: hidraw0: USB HID v0.00 Device [HID 056a:0061] on usb-dummy_hcd.5-1/input0 [ 39.588040][ T12] wacom 0003:056A:0061.0002: Unknown device_type for 'HID 056a:0061'. Assuming pen. [ 39.607630][ T12] input: Wacom PenStation2 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0061.0002/input/input8 [ 39.628120][ T12] wacom 0003:056A:0061.0002: hidraw1: USB HID v0.00 Device [HID 056a:0061] on usb-dummy_hcd.1-1/input0 [ 39.645276][ T12] usb 6-1: USB disconnect, device number 2 [ 39.655714][ T12] ================================================================== [ 39.663913][ T12] BUG: KASAN: use-after-free in __input_unregister_device+0x4a6/0x4c0 [ 39.672049][ T12] Read of size 4 at addr ffff8881cc1380e8 by task kworker/0:1/12 [ 39.679761][ T12] [ 39.682082][ T12] CPU: 0 PID: 12 Comm: kworker/0:1 Not tainted 5.6.0-rc7-syzkaller #0 [ 39.690948][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.701105][ T12] Workqueue: usb_hub_wq hub_event [ 39.706122][ T12] Call Trace: [ 39.708066][ T21] wacom 0003:056A:0061.0003: Unknown device_type for 'HID 056a:0061'. Assuming pen. [ 39.709412][ T12] dump_stack+0xef/0x16e [ 39.723023][ T12] ? __input_unregister_device+0x4a6/0x4c0 [ 39.728842][ T12] ? __input_unregister_device+0x4a6/0x4c0 [ 39.734700][ T12] print_address_description.constprop.0.cold+0xd3/0x314 [ 39.735092][ T21] input: Wacom PenStation2 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:0061.0003/input/input11 [ 39.741723][ T12] ? __input_unregister_device+0x4a6/0x4c0 [ 39.741734][ T12] ? __input_unregister_device+0x4a6/0x4c0 [ 39.741747][ T12] __kasan_report.cold+0x37/0x77 [ 39.741757][ T12] ? __input_unregister_device+0x4a6/0x4c0 [ 39.741769][ T12] kasan_report+0xe/0x20 [ 39.741781][ T12] __input_unregister_device+0x4a6/0x4c0 [ 39.741796][ T12] release_nodes+0x499/0x910 [ 39.741810][ T12] ? devres_remove_group+0x440/0x440 [ 39.741823][ T12] devres_release_group+0x160/0x210 [ 39.741834][ T12] wacom_remove+0x244/0x3b0 [ 39.741845][ T12] hid_device_remove+0xed/0x240 [ 39.741853][ T12] ? wacom_close+0x80/0x80 [ 39.741863][ T12] ? hid_compare_device_paths+0xc0/0xc0 [ 39.741881][ T12] device_release_driver_internal+0x231/0x500 [ 39.781930][ T3248] wacom 0003:056A:0061.0004: Unknown device_type for 'HID 056a:0061'. Assuming pen. [ 39.786214][ T12] bus_remove_device+0x2eb/0x5a0 [ 39.786228][ T12] device_del+0x481/0xd30 [ 39.786240][ T12] ? device_create_with_groups+0x120/0x120 [ 39.786253][ T12] ? do_raw_spin_lock+0x129/0x290 [ 39.786264][ T12] hid_destroy_device+0xe1/0x150 [ 39.786274][ T12] usbhid_disconnect+0x9f/0xe0 [ 39.786289][ T12] usb_unbind_interface+0x1bd/0x8a0 [ 39.786302][ T12] ? __pm_runtime_idle+0xd1/0x310 [ 39.786314][ T12] ? usb_autoresume_device+0x60/0x60 [ 39.786325][ T12] device_release_driver_internal+0x42f/0x500 [ 39.786334][ T12] bus_remove_device+0x2eb/0x5a0 [ 39.786344][ T12] device_del+0x481/0xd30 [ 39.786355][ T12] ? device_create_with_groups+0x120/0x120 [ 39.786367][ T12] ? usb_remove_ep_devs+0x3e/0x80 [ 39.786376][ T12] ? remove_intf_ep_devs+0x13f/0x1d0 [ 39.786394][ T12] usb_disable_device+0x23d/0x790 [ 39.793096][ T3243] wacom 0003:056A:0061.0005: Unknown device_type for 'HID 056a:0061'. Assuming pen. [ 39.796369][ T12] usb_disconnect+0x293/0x900 [ 39.796380][ T12] hub_event+0x1a1d/0x4300 [ 39.796392][ T12] ? hub_port_debounce+0x350/0x350 [ 39.796402][ T12] ? find_held_lock+0x2d/0x110 [ 39.796413][ T12] ? mark_held_locks+0xe0/0xe0 [ 39.796426][ T12] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 39.796437][ T12] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 39.796449][ T12] process_one_work+0x94b/0x1620 [ 39.796462][ T12] ? pwq_dec_nr_in_flight+0x310/0x310 [ 39.796474][ T12] ? do_raw_spin_lock+0x129/0x290 [ 39.796486][ T12] worker_thread+0x96/0xe20 [ 39.796498][ T12] ? process_one_work+0x1620/0x1620 [ 39.796508][ T12] kthread+0x318/0x420 [ 39.796520][ T12] ? kthread_create_on_node+0xf0/0xf0 [ 39.796533][ T12] ret_from_fork+0x24/0x30 [ 39.796538][ T12] [ 39.796544][ T12] Allocated by task 3265: [ 39.796558][ T12] save_stack+0x1b/0x80 [ 39.796569][ T12] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 39.796580][ T12] kmem_cache_alloc+0xd8/0x300 [ 39.796591][ T12] getname_flags+0xd2/0x5b0 [ 39.796603][ T12] user_path_at_empty+0x2a/0x50 [ 39.796611][ T12] do_faccessat+0x248/0x7a0 [ 39.796619][ T12] do_syscall_64+0xb6/0x5a0 [ 39.796628][ T12] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 39.796630][ T12] [ 39.796634][ T12] Freed by task 3265: [ 39.796642][ T12] save_stack+0x1b/0x80 [ 39.796651][ T12] __kasan_slab_free+0x117/0x160 [ 39.796659][ T12] kmem_cache_free+0x9b/0x360 [ 39.796668][ T12] putname+0xe1/0x120 [ 39.796677][ T12] filename_lookup+0x282/0x3e0 [ 39.796685][ T12] do_faccessat+0x248/0x7a0 [ 39.796693][ T12] do_syscall_64+0xb6/0x5a0 [ 39.796701][ T12] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 39.796704][ T12] [ 39.796711][ T12] The buggy address belongs to the object at ffff8881cc138000 [ 39.796711][ T12] which belongs to the cache names_cache of size 4096 [ 39.796720][ T12] The buggy address is located 232 bytes inside of [ 39.796720][ T12] 4096-byte region [ffff8881cc138000, ffff8881cc139000) [ 39.796723][ T12] The buggy address belongs to the page: [ 39.796734][ T12] page:ffffea0007304e00 refcount:1 mapcount:0 mapping:ffff8881da11c000 index:0x0 compound_mapcount: 0 [ 39.796742][ T12] flags: 0x200000000010200(slab|head) [ 39.796756][ T12] raw: 0200000000010200 dead000000000100 dead000000000122 ffff8881da11c000 [ 39.796768][ T12] raw: 0000000000000000 0000000000070007 00000001ffffffff 0000000000000000 [ 39.796778][ T12] page dumped because: kasan: bad access detected [ 40.166142][ T12] [ 40.168452][ T12] Memory state around the buggy address: [ 40.174074][ T12] ffff8881cc137f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.182131][ T12] ffff8881cc138000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 40.190191][ T12] >ffff8881cc138080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 40.198238][ T12] ^ [ 40.205696][ T12] ffff8881cc138100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 40.213774][ T12] ffff8881cc138180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 40.221823][ T12] ================================================================== [ 40.229890][ T12] Disabling lock debugging due to kernel taint [ 40.236247][ T12] Kernel panic - not syncing: panic_on_warn set ... [ 40.237180][ T3243] input: Wacom PenStation2 Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:0061.0005/input/input17 [ 40.243626][ T12] CPU: 0 PID: 12 Comm: kworker/0:1 Tainted: G B 5.6.0-rc7-syzkaller #0 [ 40.255810][ T21] wacom 0003:056A:0061.0003: hidraw0: USB HID v0.00 Device [HID 056a:0061] on usb-dummy_hcd.4-1/input0 [ 40.265230][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.278818][ T3248] input: Wacom PenStation2 Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0061.0004/input/input14 [ 40.286302][ T12] Workqueue: usb_hub_wq hub_event [ 40.286308][ T12] Call Trace: [ 40.286324][ T12] dump_stack+0xef/0x16e [ 40.286333][ T12] panic+0x2aa/0x6e1 [ 40.286349][ T12] ? add_taint.cold+0x16/0x16 [ 40.299955][ T3243] wacom 0003:056A:0061.0005: hidraw2: USB HID v0.00 Device [HID 056a:0061] on usb-dummy_hcd.0-1/input0 [ 40.303456][ T12] ? __input_unregister_device+0x4a6/0x4c0 [ 40.309248][ T21] usb 5-1: USB disconnect, device number 2 [ 40.311004][ T12] ? trace_hardirqs_on+0x55/0x200 [ 40.315620][ T3248] wacom 0003:056A:0061.0004: hidraw3: USB HID v0.00 Device [HID 056a:0061] on usb-dummy_hcd.2-1/input0 [ 40.319582][ T12] ? __input_unregister_device+0x4a6/0x4c0 [ 40.319595][ T12] end_report+0x43/0x49 [ 40.319611][ T12] ? __input_unregister_device+0x4a6/0x4c0 [ 40.319621][ T12] __kasan_report.cold+0x55/0x77 [ 40.319637][ T12] ? __input_unregister_device+0x4a6/0x4c0 [ 40.319646][ T12] kasan_report+0xe/0x20 [ 40.319656][ T12] __input_unregister_device+0x4a6/0x4c0 [ 40.319668][ T12] release_nodes+0x499/0x910 [ 40.319679][ T12] ? devres_remove_group+0x440/0x440 [ 40.319689][ T12] devres_release_group+0x160/0x210 [ 40.319707][ T12] wacom_remove+0x244/0x3b0 [ 40.332289][ T293] wacom 0003:056A:0061.0006: Unknown device_type for 'HID 056a:0061'. Assuming pen. [ 40.336578][ T12] hid_device_remove+0xed/0x240 [ 40.336588][ T12] ? wacom_close+0x80/0x80 [ 40.336597][ T12] ? hid_compare_device_paths+0xc0/0xc0 [ 40.336607][ T12] device_release_driver_internal+0x231/0x500 [ 40.336623][ T12] bus_remove_device+0x2eb/0x5a0 [ 40.343450][ T3243] usb 1-1: USB disconnect, device number 2 [ 40.347611][ T12] device_del+0x481/0xd30 [ 40.347624][ T12] ? device_create_with_groups+0x120/0x120 [ 40.347635][ T12] ? do_raw_spin_lock+0x129/0x290 [ 40.347645][ T12] hid_destroy_device+0xe1/0x150 [ 40.347654][ T12] usbhid_disconnect+0x9f/0xe0 [ 40.347667][ T12] usb_unbind_interface+0x1bd/0x8a0 [ 40.347678][ T12] ? __pm_runtime_idle+0xd1/0x310 [ 40.347696][ T12] ? usb_autoresume_device+0x60/0x60 [ 40.359393][ T21] ------------[ cut here ]------------ [ 40.364546][ T12] device_release_driver_internal+0x42f/0x500 [ 40.368731][ T21] usbhid 5-1:0.0: Stop while open = 1: 0 0 0 [ 40.374476][ T12] bus_remove_device+0x2eb/0x5a0 [ 40.379659][ T21] WARNING: CPU: 1 PID: 21 at drivers/hid/usbhid/hid-core.c:1203 usbhid_stop+0x1cf/0x690 [ 40.385199][ T12] device_del+0x481/0xd30 [ 40.533832][ T12] ? device_create_with_groups+0x120/0x120 [ 40.539745][ T12] ? usb_remove_ep_devs+0x3e/0x80 [ 40.544764][ T12] ? remove_intf_ep_devs+0x13f/0x1d0 [ 40.550045][ T12] usb_disable_device+0x23d/0x790 [ 40.555087][ T12] usb_disconnect+0x293/0x900 [ 40.559776][ T12] hub_event+0x1a1d/0x4300 [ 40.564351][ T12] ? hub_port_debounce+0x350/0x350 [ 40.569668][ T12] ? find_held_lock+0x2d/0x110 [ 40.574447][ T12] ? mark_held_locks+0xe0/0xe0 [ 40.579348][ T12] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 40.585007][ T12] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 40.590412][ T12] process_one_work+0x94b/0x1620 [ 40.595438][ T12] ? pwq_dec_nr_in_flight+0x310/0x310 [ 40.600804][ T12] ? do_raw_spin_lock+0x129/0x290 [ 40.605970][ T12] worker_thread+0x96/0xe20 [ 40.610468][ T12] ? process_one_work+0x1620/0x1620 [ 40.615814][ T12] kthread+0x318/0x420 [ 40.619879][ T12] ? kthread_create_on_node+0xf0/0xf0 [ 40.625251][ T12] ret_from_fork+0x24/0x30 [ 41.740143][ T12] Shutting down cpus with NMI [ 41.746323][ T12] Kernel Offset: disabled [ 41.751300][ T12] Rebooting in 86400 seconds..