Warning: Permanently added '10.128.0.156' (ECDSA) to the list of known hosts.
syzkaller login: [ 59.000203][ T118] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 59.020300][ T118] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 59.043162][ T4809] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
executing program
[ 59.074294][ T118] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 59.082549][ T118] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 59.092436][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 59.373475][ T3144] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 59.734388][ T3144] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[ 59.745480][ T3144] usb 1-1: New USB device found, idVendor=12cf, idProduct=7111, bcdDevice=44.11
[ 59.756005][ T3144] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 59.771641][ T3144] usb 1-1: config 0 descriptor??
[ 60.033492][ T3144] radio-si470x 1-1:0.0: DeviceID=0x0000 ChipID=0x0000
[ 60.040587][ T3144] radio-si470x 1-1:0.0: This driver is known to work with firmware version 12,
[ 60.050024][ T3144] radio-si470x 1-1:0.0: but the device has firmware version 0.
[ 60.243460][ T3144] radio-si470x 1-1:0.0: software version 0, hardware version 0
[ 60.251053][ T3144] radio-si470x 1-1:0.0: This driver is known to work with hardware version 1,
[ 60.260638][ T3144] radio-si470x 1-1:0.0: but the device has hardware version 0.
[ 60.268739][ T3144] radio-si470x 1-1:0.0: If you have some trouble using this driver,
[ 60.277052][ T3144] radio-si470x 1-1:0.0: please report to V4L ML at linux-media@vger.kernel.org
[ 60.473396][ T3144] radio-si470x 1-1:0.0: si470x_set_report: usb_control_msg returned -71
[ 60.503246][ C0] radio-si470x 1-1:0.0: non-zero urb status (-71)
[ 60.510237][ T3144] radio-si470x 1-1:0.0: si470x_set_report: usb_control_msg returned -71
[ 60.524651][ T3144] radio-si470x: probe of 1-1:0.0 failed with error -22
[ 60.533357][ C0] ==================================================================
[ 60.541608][ C0] BUG: KASAN: use-after-free in si470x_int_in_callback+0x18b/0x13f0
[ 60.549591][ C0] Read of size 8 at addr ffff8880240f4b40 by task sshd/8388
[ 60.557091][ C0]
[ 60.559408][ C0] CPU: 0 PID: 8388 Comm: sshd Not tainted 5.13.0-rc4-syzkaller #0
[ 60.567207][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 60.577270][ C0] Call Trace:
[ 60.580539][ C0]
[ 60.583375][ C0] dump_stack+0x202/0x31e
[ 60.587692][ C0] ? show_regs_print_info+0x12/0x12
[ 60.592871][ C0] ? printk+0xc0/0x108
[ 60.596928][ C0] ? wake_up_klogd+0xb2/0xf0
[ 60.601998][ C0] ? log_buf_vmcoreinfo_setup+0x498/0x498
[ 60.607713][ C0] ? _raw_spin_lock_irqsave+0xbf/0x100
[ 60.613188][ C0] print_address_description+0x5f/0x3b0
[ 60.619592][ C0] kasan_report+0x15c/0x200
[ 60.624112][ C0] ? si470x_int_in_callback+0x18b/0x13f0
[ 60.629734][ C0] ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 60.635612][ C0] si470x_int_in_callback+0x18b/0x13f0
[ 60.641059][ C0] ? dummy_timer+0x7e5/0x3100
[ 60.645718][ C0] ? __lock_acquire+0x6040/0x6040
[ 60.650753][ C0] ? kcov_remote_start+0x10f/0x4a0
[ 60.655876][ C0] __usb_hcd_giveback_urb+0x375/0x520
[ 60.661257][ C0] dummy_timer+0x808/0x3100
[ 60.665776][ C0] ? rcu_read_lock_sched_held+0x87/0x110
[ 60.671424][ C0] ? rcu_read_lock_sched_held+0x87/0x110
[ 60.677054][ C0] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 60.683029][ C0] ? __run_timers+0x6ef/0x910
[ 60.687709][ C0] ? dummy_free_streams+0x310/0x310
[ 60.692897][ C0] ? dummy_free_streams+0x310/0x310
[ 60.698078][ C0] call_timer_fn+0xf6/0x210
[ 60.702567][ C0] ? dummy_free_streams+0x310/0x310
[ 60.707768][ C0] ? __run_timers+0x910/0x910
[ 60.712434][ C0] ? _raw_spin_unlock_irq+0x1f/0x40
[ 60.717618][ C0] ? dummy_free_streams+0x310/0x310
[ 60.722800][ C0] ? lockdep_hardirqs_on+0x8d/0x130
[ 60.728002][ C0] ? dummy_free_streams+0x310/0x310
[ 60.733211][ C0] __run_timers+0x6ff/0x910
[ 60.737739][ C0] ? trace_timer_cancel+0x220/0x220
[ 60.742948][ C0] ? rcu_read_lock_sched_held+0x87/0x110
[ 60.748617][ C0] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 60.754602][ C0] run_timer_softirq+0x63/0xf0
[ 60.759360][ C0] __do_softirq+0x372/0x7a6
[ 60.764001][ C0] ? __irq_exit_rcu+0x245/0x280
[ 60.768856][ C0] ? __entry_text_end+0x1fecc9/0x1fecc9
[ 60.774399][ C0] ? irqtime_account_irq+0xd0/0x270
[ 60.779587][ C0] __irq_exit_rcu+0x245/0x280
[ 60.784247][ C0] ? irq_exit_rcu+0x20/0x20
[ 60.788741][ C0] irq_exit_rcu+0x5/0x20
[ 60.792961][ C0] sysvec_apic_timer_interrupt+0x91/0xb0
[ 60.798579][ C0]
[ 60.801494][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 60.807456][ C0] RIP: 0010:lock_acquire+0x1f6/0x720
[ 60.812726][ C0] Code: f6 84 24 a1 00 00 00 02 0f 85 8d 02 00 00 f7 c3 00 02 00 00 49 bd 00 00 00 00 00 fc ff df 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 3d 00 00 00 00 00 4b c7 44 3d 09 00 00 00 00 43 c7 44 3d
[ 60.832314][ C0] RSP: 0018:ffffc9000100ec00 EFLAGS: 00000206
[ 60.838455][ C0] RAX: 1ffff92000201d94 RBX: 0000000000000246 RCX: dffffc0000000000
[ 60.846415][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 60.854370][ C0] RBP: ffffc9000100ed78 R08: dffffc0000000000 R09: fffffbfff204dbb1
[ 60.862340][ C0] R10: fffffbfff204dbb1 R11: 0000000000000000 R12: 0000000000000000
[ 60.870300][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff92000201d88
[ 60.878302][ C0] ? read_lock_is_recursive+0x10/0x10
[ 60.883664][ C0] ? __lock_acquire+0x147f/0x6040
[ 60.888688][ C0] ? memset+0x1f/0x40
[ 60.892653][ C0] ? unwind_next_frame+0x13d6/0x1f90
[ 60.897928][ C0] ? memset+0x1f/0x40
[ 60.901893][ C0] ? stack_trace_save+0x1e0/0x1e0
[ 60.906897][ C0] rcu_lock_acquire+0x2a/0x30
[ 60.911688][ C0] ? rcu_lock_acquire+0x5/0x30
[ 60.916452][ C0] is_bpf_text_address+0x27/0x270
[ 60.921599][ C0] ? stack_trace_save+0x1e0/0x1e0
[ 60.926608][ C0] __kernel_text_address+0x93/0x100
[ 60.931794][ C0] unwind_get_return_address+0x48/0x80
[ 60.937240][ C0] arch_stack_walk+0x98/0xe0
[ 60.941828][ C0] stack_trace_save+0x104/0x1e0
[ 60.946662][ C0] ? stack_trace_snprint+0xe0/0xe0
[ 60.951769][ C0] save_stack+0xeb/0x1f0
[ 60.955997][ C0] ? __reset_page_owner+0x1a0/0x1a0
[ 60.961263][ C0] ? free_pcp_prepare+0x3ea/0x420
[ 60.966290][ C0] ? free_unref_page+0x7b/0x280
[ 60.971122][ C0] ? __mmdrop+0xae/0x3f0
[ 60.975347][ C0] ? finish_task_switch+0x227/0x620
[ 60.980529][ C0] ? __schedule+0xba0/0x1120
[ 60.985097][ C0] ? schedule+0x14b/0x200
[ 60.989405][ C0] ? schedule_hrtimeout_range_clock+0x271/0x440
[ 60.995646][ C0] ? poll_schedule_timeout+0x165/0x220
[ 61.001088][ C0] ? do_select+0x1925/0x1ae0
[ 61.005658][ C0] ? core_sys_select+0x7fc/0xb90
[ 61.010575][ C0] ? __se_sys_select+0x2be/0x310
[ 61.015495][ C0] ? do_syscall_64+0x3f/0xb0
[ 61.020071][ C0] ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 61.026127][ C0] ? sched_clock_cpu+0x18/0x3c0
[ 61.030958][ C0] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 61.036924][ C0] __reset_page_owner+0x51/0x1a0
[ 61.041850][ C0] free_pcp_prepare+0x3ea/0x420
[ 61.046691][ C0] free_unref_page+0x7b/0x280
[ 61.051360][ C0] ? mark_free_pages+0x420/0x420
[ 61.056280][ C0] ? do_raw_spin_unlock+0x134/0x8a0
[ 61.061468][ C0] __mmdrop+0xae/0x3f0
[ 61.065520][ C0] finish_task_switch+0x227/0x620
[ 61.070529][ C0] __schedule+0xba0/0x1120
[ 61.074931][ C0] ? __lock_acquire+0x6040/0x6040
[ 61.080063][ C0] ? release_firmware_map_entry+0x181/0x181
[ 61.085948][ C0] ? _raw_spin_unlock_irqrestore+0x8b/0x120
[ 61.091826][ C0] ? lockdep_hardirqs_on+0x8d/0x130
[ 61.097006][ C0] ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 61.102881][ C0] ? _raw_spin_unlock+0x40/0x40
[ 61.107727][ C0] schedule+0x14b/0x200
[ 61.111872][ C0] schedule_hrtimeout_range_clock+0x271/0x440
[ 61.117935][ C0] ? hrtimer_nanosleep_restart+0x410/0x410
[ 61.123769][ C0] ? trace_hrtimer_expire_exit+0x260/0x260
[ 61.129595][ C0] ? lockdep_hardirqs_on+0x8d/0x130
[ 61.134818][ C0] poll_schedule_timeout+0x165/0x220
[ 61.140097][ C0] ? rcu_lock_release+0x20/0x20
[ 61.144930][ C0] ? pipe_poll+0x2b9/0x450
[ 61.149331][ C0] do_select+0x1925/0x1ae0
[ 61.153850][ C0] ? core_sys_select+0xb90/0xb90
[ 61.158778][ C0] ? __x32_compat_sys_ppoll_time64+0xc0/0xc0
[ 61.164742][ C0] ? __x32_compat_sys_ppoll_time64+0xc0/0xc0
[ 61.170707][ C0] ? __x32_compat_sys_ppoll_time64+0xc0/0xc0
[ 61.176670][ C0] ? __x32_compat_sys_ppoll_time64+0xc0/0xc0
[ 61.182666][ C0] ? __might_fault+0xb8/0x110
[ 61.187337][ C0] ? __lock_acquire+0x6040/0x6040
[ 61.192469][ C0] ? rcu_lock_release+0x5/0x20
[ 61.197235][ C0] ? rcu_read_lock_sched_held+0x87/0x110
[ 61.202873][ C0] ? __might_fault+0xb4/0x110
[ 61.207542][ C0] core_sys_select+0x7fc/0xb90
[ 61.212316][ C0] ? poll_select_set_timeout+0x150/0x150
[ 61.217938][ C0] ? seqcount_lockdep_reader_access+0x146/0x200
[ 61.224171][ C0] ? ktime_get_real_ts64+0x4b0/0x4b0
[ 61.229452][ C0] ? __might_fault+0xb8/0x110
[ 61.234177][ C0] ? __lock_acquire+0x6040/0x6040
[ 61.239191][ C0] ? timespec64_add_safe+0x1be/0x220
[ 61.244473][ C0] ? nsecs_to_jiffies+0x30/0x30
[ 61.249326][ C0] ? __might_fault+0xb4/0x110
[ 61.253999][ C0] __se_sys_select+0x2be/0x310
[ 61.258758][ C0] ? __x64_sys_select+0xc0/0xc0
[ 61.263592][ C0] ? syscall_enter_from_user_mode+0x2e/0x1c0
[ 61.269785][ C0] ? lockdep_hardirqs_on+0x8d/0x130
[ 61.274984][ C0] ? __x64_sys_select+0x1c/0xc0
[ 61.279828][ C0] do_syscall_64+0x3f/0xb0
[ 61.284233][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 61.290138][ C0] RIP: 0033:0x7f5b5377b5e3
[ 61.294541][ C0] Code: 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d 29 d1 2b 00 00 75 13 49 89 ca b8 17 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 34 c3 48 83 ec 08 e8 0b 3f 01 00 48 89 04 24
[ 61.314130][ C0] RSP: 002b:00007fffa731eca8 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[ 61.322546][ C0] RAX: ffffffffffffffda RBX: 0000557afc0ba110 RCX: 00007f5b5377b5e3
[ 61.330521][ C0] RDX: 0000557afc0ba130 RSI: 0000557afc0ba110 RDI: 000000000000000b
[ 61.338477][ C0] RBP: 0000557afb2c0a88 R08: 00007fffa731ed30 R09: 0000000000000100
[ 61.346548][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 61.354641][ C0] R13: 00007fffa731ed0f R14: 0000557afb07bbe7 R15: 0000000000000003
[ 61.362623][ C0]
[ 61.364953][ C0] Allocated by task 3144:
[ 61.369256][ C0] ____kasan_kmalloc+0xc4/0xf0
[ 61.374000][ C0] kmem_cache_alloc_trace+0x96/0x340
[ 61.379264][ C0] si470x_usb_driver_probe+0x5a/0x2240
[ 61.384825][ C0] usb_probe_interface+0x633/0xb40
[ 61.389932][ C0] really_probe+0x3cb/0x1020
[ 61.394517][ C0] driver_probe_device+0x178/0x350
[ 61.399625][ C0] bus_for_each_drv+0x16a/0x1f0
[ 61.404456][ C0] __device_attach+0x301/0x560
[ 61.409203][ C0] bus_probe_device+0xb8/0x1f0
[ 61.413945][ C0] device_add+0x11fc/0x1670
[ 61.418441][ C0] usb_set_configuration+0x1a86/0x2100
[ 61.423877][ C0] usb_generic_driver_probe+0x83/0x140
[ 61.429312][ C0] usb_probe_device+0x13a/0x260
[ 61.434140][ C0] really_probe+0x3cb/0x1020
[ 61.438725][ C0] driver_probe_device+0x178/0x350
[ 61.443827][ C0] bus_for_each_drv+0x16a/0x1f0
[ 61.448673][ C0] __device_attach+0x301/0x560
[ 61.453426][ C0] bus_probe_device+0xb8/0x1f0
[ 61.458303][ C0] device_add+0x11fc/0x1670
[ 61.462915][ C0] usb_new_device+0xd45/0x1790
[ 61.467771][ C0] hub_port_connect+0x1055/0x27a0
[ 61.472785][ C0] hub_port_connect_change+0x5d0/0xbf0
[ 61.478229][ C0] port_event+0xaee/0x1140
[ 61.482628][ C0] hub_event+0x48d/0xd90
[ 61.486856][ C0] process_one_work+0x833/0x10c0
[ 61.491778][ C0] worker_thread+0xac1/0x1300
[ 61.496438][ C0] kthread+0x39a/0x3c0
[ 61.500493][ C0] ret_from_fork+0x1f/0x30
[ 61.504892][ C0]
[ 61.507196][ C0] Freed by task 3144:
[ 61.511239][ C0] kasan_set_track+0x3d/0x70
[ 61.515818][ C0] kasan_set_free_info+0x1f/0x40
[ 61.520754][ C0] ____kasan_slab_free+0x109/0x150
[ 61.525847][ C0] slab_free_freelist_hook+0x1d8/0x290
[ 61.531428][ C0] kfree+0xcf/0x2d0
[ 61.535232][ C0] si470x_usb_driver_probe+0x60d/0x2240
[ 61.540765][ C0] usb_probe_interface+0x633/0xb40
[ 61.545857][ C0] really_probe+0x3cb/0x1020
[ 61.550429][ C0] driver_probe_device+0x178/0x350
[ 61.555574][ C0] bus_for_each_drv+0x16a/0x1f0
[ 61.560414][ C0] __device_attach+0x301/0x560
[ 61.565157][ C0] bus_probe_device+0xb8/0x1f0
[ 61.569901][ C0] device_add+0x11fc/0x1670
[ 61.574398][ C0] usb_set_configuration+0x1a86/0x2100
[ 61.579832][ C0] usb_generic_driver_probe+0x83/0x140
[ 61.585273][ C0] usb_probe_device+0x13a/0x260
[ 61.590732][ C0] really_probe+0x3cb/0x1020
[ 61.595309][ C0] driver_probe_device+0x178/0x350
[ 61.600402][ C0] bus_for_each_drv+0x16a/0x1f0
[ 61.605231][ C0] __device_attach+0x301/0x560
[ 61.609973][ C0] bus_probe_device+0xb8/0x1f0
[ 61.614717][ C0] device_add+0x11fc/0x1670
[ 61.619206][ C0] usb_new_device+0xd45/0x1790
[ 61.623951][ C0] hub_port_connect+0x1055/0x27a0
[ 61.628954][ C0] hub_port_connect_change+0x5d0/0xbf0
[ 61.634390][ C0] port_event+0xaee/0x1140
[ 61.638801][ C0] hub_event+0x48d/0xd90
[ 61.643026][ C0] process_one_work+0x833/0x10c0
[ 61.647981][ C0] worker_thread+0xac1/0x1300
[ 61.652638][ C0] kthread+0x39a/0x3c0
[ 61.656687][ C0] ret_from_fork+0x1f/0x30
[ 61.661093][ C0]
[ 61.663573][ C0] The buggy address belongs to the object at ffff8880240f4000
[ 61.663573][ C0] which belongs to the cache kmalloc-4k of size 4096
[ 61.677621][ C0] The buggy address is located 2880 bytes inside of
[ 61.677621][ C0] 4096-byte region [ffff8880240f4000, ffff8880240f5000)
[ 61.691319][ C0] The buggy address belongs to the page:
[ 61.696934][ C0] page:ffffea0000903c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x240f0
[ 61.707064][ C0] head:ffffea0000903c00 order:3 compound_mapcount:0 compound_pincount:0
[ 61.715550][ C0] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 61.723515][ C0] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888011842140
[ 61.732082][ C0] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[ 61.740674][ C0] page dumped because: kasan: bad access detected
[ 61.747066][ C0] page_owner tracks the page as allocated
[ 61.752756][ C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6353, ts 26324983839, free_ts 26302809264
[ 61.771840][ C0] get_page_from_freelist+0x779/0xa20
[ 61.777209][ C0] __alloc_pages+0x26c/0x5f0
[ 61.781789][ C0] allocate_slab+0xf1/0x5b0
[ 61.786271][ C0] ___slab_alloc+0x1cf/0x350
[ 61.790842][ C0] kmem_cache_alloc_trace+0x2a3/0x340
[ 61.796196][ C0] uevent_show+0x164/0x320
[ 61.800763][ C0] dev_attr_show+0x50/0xc0
[ 61.805168][ C0] sysfs_kf_seq_show+0x30e/0x4e0
[ 61.810173][ C0] seq_read_iter+0x43a/0xcf0
[ 61.814741][ C0] vfs_read+0x9d9/0xc20
[ 61.818879][ C0] ksys_read+0x171/0x2a0
[ 61.823101][ C0] do_syscall_64+0x3f/0xb0
[ 61.827527][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 61.833418][ C0] page last free stack trace:
[ 61.838082][ C0] __free_pages_ok+0x10a5/0x1180
[ 61.843002][ C0] unfreeze_partials+0x18c/0x1e0
[ 61.849490][ C0] put_cpu_partial+0xd2/0x210
[ 61.854147][ C0] __slab_free+0x3a8/0x6b0
[ 61.858544][ C0] ___cache_free+0xfc/0x120
[ 61.863210][ C0] kasan_quarantine_reduce+0x151/0x1c0
[ 61.868646][ C0] __kasan_slab_alloc+0x2f/0xd0
[ 61.873567][ C0] __kmalloc+0x22f/0x390
[ 61.877789][ C0] tomoyo_realpath_from_path+0xd8/0x610
[ 61.883327][ C0] tomoyo_path_perm+0x201/0x650
[ 61.888251][ C0] security_inode_getattr+0xc0/0x140
[ 61.893534][ C0] vfs_statx+0x188/0x3d0
[ 61.897759][ C0] __x64_sys_newlstat+0xd3/0x150
[ 61.902697][ C0] do_syscall_64+0x3f/0xb0
[ 61.907103][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 61.912978][ C0]
[ 61.915553][ C0] Memory state around the buggy address:
[ 61.921165][ C0] ffff8880240f4a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 61.929210][ C0] ffff8880240f4a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 61.937366][ C0] >ffff8880240f4b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 61.945440][ C0] ^
[ 61.951595][ C0] ffff8880240f4b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 61.959637][ C0] ffff8880240f4c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 61.967675][ C0] ==================================================================
[ 61.975781][ C0] Disabling lock debugging due to kernel taint
[ 61.982065][ C0] Kernel panic - not syncing: panic_on_warn set ...
[ 61.988663][ C0] CPU: 0 PID: 8388 Comm: sshd Tainted: G B 5.13.0-rc4-syzkaller #0
[ 61.997840][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 62.007886][ C0] Call Trace:
[ 62.011152][ C0]
[ 62.013989][ C0] dump_stack+0x202/0x31e
[ 62.018951][ C0] ? show_regs_print_info+0x12/0x12
[ 62.024219][ C0] ? log_buf_vmcoreinfo_setup+0x498/0x498
[ 62.030068][ C0] panic+0x2e1/0x850
[ 62.033955][ C0] ? nmi_panic+0x90/0x90
[ 62.038177][ C0] ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 62.044049][ C0] ? print_memory_metadata+0xa7/0x100
[ 62.049424][ C0] kasan_report+0x1ff/0x200
[ 62.053917][ C0] ? si470x_int_in_callback+0x18b/0x13f0
[ 62.059526][ C0] ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 62.065396][ C0] si470x_int_in_callback+0x18b/0x13f0
[ 62.070835][ C0] ? dummy_timer+0x7e5/0x3100
[ 62.075572][ C0] ? __lock_acquire+0x6040/0x6040
[ 62.080593][ C0] ? kcov_remote_start+0x10f/0x4a0
[ 62.085696][ C0] __usb_hcd_giveback_urb+0x375/0x520
[ 62.091054][ C0] dummy_timer+0x808/0x3100
[ 62.095547][ C0] ? rcu_read_lock_sched_held+0x87/0x110
[ 62.101163][ C0] ? rcu_read_lock_sched_held+0x87/0x110
[ 62.106781][ C0] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 62.112743][ C0] ? __run_timers+0x6ef/0x910
[ 62.117399][ C0] ? dummy_free_streams+0x310/0x310
[ 62.122574][ C0] ? dummy_free_streams+0x310/0x310
[ 62.127834][ C0] call_timer_fn+0xf6/0x210
[ 62.132329][ C0] ? dummy_free_streams+0x310/0x310
[ 62.137506][ C0] ? __run_timers+0x910/0x910
[ 62.142171][ C0] ? _raw_spin_unlock_irq+0x1f/0x40
[ 62.147346][ C0] ? dummy_free_streams+0x310/0x310
[ 62.152517][ C0] ? lockdep_hardirqs_on+0x8d/0x130
[ 62.157782][ C0] ? dummy_free_streams+0x310/0x310
[ 62.162964][ C0] __run_timers+0x6ff/0x910
[ 62.167545][ C0] ? trace_timer_cancel+0x220/0x220
[ 62.172718][ C0] ? rcu_read_lock_sched_held+0x87/0x110
[ 62.178335][ C0] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 62.184370][ C0] run_timer_softirq+0x63/0xf0
[ 62.189189][ C0] __do_softirq+0x372/0x7a6
[ 62.193801][ C0] ? __irq_exit_rcu+0x245/0x280
[ 62.198702][ C0] ? __entry_text_end+0x1fecc9/0x1fecc9
[ 62.204236][ C0] ? irqtime_account_irq+0xd0/0x270
[ 62.209419][ C0] __irq_exit_rcu+0x245/0x280
[ 62.214077][ C0] ? irq_exit_rcu+0x20/0x20
[ 62.218561][ C0] irq_exit_rcu+0x5/0x20
[ 62.222783][ C0] sysvec_apic_timer_interrupt+0x91/0xb0
[ 62.228397][ C0]
[ 62.231309][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 62.237277][ C0] RIP: 0010:lock_acquire+0x1f6/0x720
[ 62.242552][ C0] Code: f6 84 24 a1 00 00 00 02 0f 85 8d 02 00 00 f7 c3 00 02 00 00 49 bd 00 00 00 00 00 fc ff df 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 3d 00 00 00 00 00 4b c7 44 3d 09 00 00 00 00 43 c7 44 3d
[ 62.262250][ C0] RSP: 0018:ffffc9000100ec00 EFLAGS: 00000206
[ 62.268312][ C0] RAX: 1ffff92000201d94 RBX: 0000000000000246 RCX: dffffc0000000000
[ 62.276264][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 62.284301][ C0] RBP: ffffc9000100ed78 R08: dffffc0000000000 R09: fffffbfff204dbb1
[ 62.292255][ C0] R10: fffffbfff204dbb1 R11: 0000000000000000 R12: 0000000000000000
[ 62.300331][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff92000201d88
[ 62.308307][ C0] ? read_lock_is_recursive+0x10/0x10
[ 62.313726][ C0] ? __lock_acquire+0x147f/0x6040
[ 62.318761][ C0] ? memset+0x1f/0x40
[ 62.322727][ C0] ? unwind_next_frame+0x13d6/0x1f90
[ 62.327997][ C0] ? memset+0x1f/0x40
[ 62.331957][ C0] ? stack_trace_save+0x1e0/0x1e0
[ 62.336958][ C0] rcu_lock_acquire+0x2a/0x30
[ 62.341617][ C0] ? rcu_lock_acquire+0x5/0x30
[ 62.346355][ C0] is_bpf_text_address+0x27/0x270
[ 62.351498][ C0] ? stack_trace_save+0x1e0/0x1e0
[ 62.356516][ C0] __kernel_text_address+0x93/0x100
[ 62.361703][ C0] unwind_get_return_address+0x48/0x80
[ 62.367144][ C0] arch_stack_walk+0x98/0xe0
[ 62.371716][ C0] stack_trace_save+0x104/0x1e0
[ 62.376547][ C0] ? stack_trace_snprint+0xe0/0xe0
[ 62.381655][ C0] save_stack+0xeb/0x1f0
[ 62.385912][ C0] ? __reset_page_owner+0x1a0/0x1a0
[ 62.391112][ C0] ? free_pcp_prepare+0x3ea/0x420
[ 62.396143][ C0] ? free_unref_page+0x7b/0x280
[ 62.400990][ C0] ? __mmdrop+0xae/0x3f0
[ 62.405216][ C0] ? finish_task_switch+0x227/0x620
[ 62.410450][ C0] ? __schedule+0xba0/0x1120
[ 62.415047][ C0] ? schedule+0x14b/0x200
[ 62.419351][ C0] ? schedule_hrtimeout_range_clock+0x271/0x440
[ 62.425568][ C0] ? poll_schedule_timeout+0x165/0x220
[ 62.431020][ C0] ? do_select+0x1925/0x1ae0
[ 62.435594][ C0] ? core_sys_select+0x7fc/0xb90
[ 62.440510][ C0] ? __se_sys_select+0x2be/0x310
[ 62.445486][ C0] ? do_syscall_64+0x3f/0xb0
[ 62.450051][ C0] ? entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 62.456109][ C0] ? sched_clock_cpu+0x18/0x3c0
[ 62.460937][ C0] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 62.466915][ C0] __reset_page_owner+0x51/0x1a0
[ 62.471833][ C0] free_pcp_prepare+0x3ea/0x420
[ 62.476662][ C0] free_unref_page+0x7b/0x280
[ 62.481329][ C0] ? mark_free_pages+0x420/0x420
[ 62.486343][ C0] ? do_raw_spin_unlock+0x134/0x8a0
[ 62.491529][ C0] __mmdrop+0xae/0x3f0
[ 62.495580][ C0] finish_task_switch+0x227/0x620
[ 62.500582][ C0] __schedule+0xba0/0x1120
[ 62.504977][ C0] ? __lock_acquire+0x6040/0x6040
[ 62.509983][ C0] ? release_firmware_map_entry+0x181/0x181
[ 62.515865][ C0] ? _raw_spin_unlock_irqrestore+0x8b/0x120
[ 62.521784][ C0] ? lockdep_hardirqs_on+0x8d/0x130
[ 62.527008][ C0] ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 62.532880][ C0] ? _raw_spin_unlock+0x40/0x40
[ 62.537794][ C0] schedule+0x14b/0x200
[ 62.542206][ C0] schedule_hrtimeout_range_clock+0x271/0x440
[ 62.548276][ C0] ? hrtimer_nanosleep_restart+0x410/0x410
[ 62.554101][ C0] ? trace_hrtimer_expire_exit+0x260/0x260
[ 62.559915][ C0] ? lockdep_hardirqs_on+0x8d/0x130
[ 62.565089][ C0] poll_schedule_timeout+0x165/0x220
[ 62.570355][ C0] ? rcu_lock_release+0x20/0x20
[ 62.575182][ C0] ? pipe_poll+0x2b9/0x450
[ 62.579577][ C0] do_select+0x1925/0x1ae0
[ 62.583974][ C0] ? core_sys_select+0xb90/0xb90
[ 62.588993][ C0] ? __x32_compat_sys_ppoll_time64+0xc0/0xc0
[ 62.595735][ C0] ? __x32_compat_sys_ppoll_time64+0xc0/0xc0
[ 62.601828][ C0] ? __x32_compat_sys_ppoll_time64+0xc0/0xc0
[ 62.607808][ C0] ? __x32_compat_sys_ppoll_time64+0xc0/0xc0
[ 62.613804][ C0] ? __might_fault+0xb8/0x110
[ 62.618465][ C0] ? __lock_acquire+0x6040/0x6040
[ 62.623465][ C0] ? rcu_lock_release+0x5/0x20
[ 62.628233][ C0] ? rcu_read_lock_sched_held+0x87/0x110
[ 62.633847][ C0] ? __might_fault+0xb4/0x110
[ 62.638520][ C0] core_sys_select+0x7fc/0xb90
[ 62.643265][ C0] ? poll_select_set_timeout+0x150/0x150
[ 62.648979][ C0] ? seqcount_lockdep_reader_access+0x146/0x200
[ 62.655198][ C0] ? ktime_get_real_ts64+0x4b0/0x4b0
[ 62.660462][ C0] ? __might_fault+0xb8/0x110
[ 62.665207][ C0] ? __lock_acquire+0x6040/0x6040
[ 62.670212][ C0] ? timespec64_add_safe+0x1be/0x220
[ 62.675491][ C0] ? nsecs_to_jiffies+0x30/0x30
[ 62.680334][ C0] ? __might_fault+0xb4/0x110
[ 62.684988][ C0] __se_sys_select+0x2be/0x310
[ 62.689733][ C0] ? __x64_sys_select+0xc0/0xc0
[ 62.694562][ C0] ? syscall_enter_from_user_mode+0x2e/0x1c0
[ 62.700519][ C0] ? lockdep_hardirqs_on+0x8d/0x130
[ 62.705710][ C0] ? __x64_sys_select+0x1c/0xc0
[ 62.710721][ C0] do_syscall_64+0x3f/0xb0
[ 62.715147][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 62.721038][ C0] RIP: 0033:0x7f5b5377b5e3
[ 62.725433][ C0] Code: 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d 29 d1 2b 00 00 75 13 49 89 ca b8 17 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 34 c3 48 83 ec 08 e8 0b 3f 01 00 48 89 04 24
[ 62.745017][ C0] RSP: 002b:00007fffa731eca8 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[ 62.753411][ C0] RAX: ffffffffffffffda RBX: 0000557afc0ba110 RCX: 00007f5b5377b5e3
[ 62.761397][ C0] RDX: 0000557afc0ba130 RSI: 0000557afc0ba110 RDI: 000000000000000b
[ 62.769344][ C0] RBP: 0000557afb2c0a88 R08: 00007fffa731ed30 R09: 0000000000000100
[ 62.777312][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 62.785286][ C0] R13: 00007fffa731ed0f R14: 0000557afb07bbe7 R15: 0000000000000003
[ 62.794075][ C0] Kernel Offset: disabled
[ 62.798409][ C0] Rebooting in 86400 seconds..