hub 1-0:1.0: USB hub found hub 1-0:1.0: 1 port detected dummy_hcd dummy_hcd.1: USB Host+Gadget Emulator, driver 02 May 2005 dummy_hcd dummy_hcd.1: Dummy host controller dummy_hcd dummy_hcd.1: new USB bus registered, assigned bus number 2 usb usb2: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 6.00 usb usb2: New USB device strings: Mfr=3, Product=2, SerialNumber=1 usb usb2: Product: Dummy host controller usb usb2: Manufacturer: Linux 6.0.0-rc1-syzkaller-00017-g3cc40a443a04 dummy_hcd usb usb2: SerialNumber: dummy_hcd.1 hub 2-0:1.0: USB hub found hub 2-0:1.0: 1 port detected dummy_hcd dummy_hcd.2: USB Host+Gadget Emulator, driver 02 May 2005 dummy_hcd dummy_hcd.2: Dummy host controller dummy_hcd dummy_hcd.2: new USB bus registered, assigned bus number 3 usb usb3: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 6.00 usb usb3: New USB device strings: Mfr=3, Product=2, SerialNumber=1 usb usb3: Product: Dummy host controller usb usb3: Manufacturer: Linux 6.0.0-rc1-syzkaller-00017-g3cc40a443a04 dummy_hcd usb usb3: SerialNumber: dummy_hcd.2 hub 3-0:1.0: USB hub found hub 3-0:1.0: 1 port detected dummy_hcd dummy_hcd.3: USB Host+Gadget Emulator, driver 02 May 2005 dummy_hcd dummy_hcd.3: Dummy host controller dummy_hcd dummy_hcd.3: new USB bus registered, assigned bus number 4 usb usb4: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 6.00 usb usb4: New USB device strings: Mfr=3, Product=2, SerialNumber=1 usb usb4: Product: Dummy host controller usb usb4: Manufacturer: Linux 6.0.0-rc1-syzkaller-00017-g3cc40a443a04 dummy_hcd usb usb4: SerialNumber: dummy_hcd.3 hub 4-0:1.0: USB hub found hub 4-0:1.0: 1 port detected dummy_hcd dummy_hcd.4: USB Host+Gadget Emulator, driver 02 May 2005 dummy_hcd dummy_hcd.4: Dummy host controller dummy_hcd dummy_hcd.4: new USB bus registered, assigned bus number 5 usb usb5: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 6.00 usb usb5: New USB device strings: Mfr=3, Product=2, SerialNumber=1 usb usb5: Product: Dummy host controller usb usb5: Manufacturer: Linux 6.0.0-rc1-syzkaller-00017-g3cc40a443a04 dummy_hcd usb usb5: SerialNumber: dummy_hcd.4 hub 5-0:1.0: USB hub found hub 5-0:1.0: 1 port detected dummy_hcd dummy_hcd.5: USB Host+Gadget Emulator, driver 02 May 2005 dummy_hcd dummy_hcd.5: Dummy host controller dummy_hcd dummy_hcd.5: new USB bus registered, assigned bus number 6 usb usb6: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 6.00 usb usb6: New USB device strings: Mfr=3, Product=2, SerialNumber=1 usb usb6: Product: Dummy host controller usb usb6: Manufacturer: Linux 6.0.0-rc1-syzkaller-00017-g3cc40a443a04 dummy_hcd usb usb6: SerialNumber: dummy_hcd.5 general protection fault, probably for non-canonical address 0xffff000000000800: 0000 [#1] PREEMPT SMP KASAN KASAN: maybe wild-memory-access in range [0xfff8200000004000-0xfff8200000004007] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 6.0.0-rc1-syzkaller-00017-g3cc40a443a04 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 RIP: 0010:freelist_dereference mm/slub.c:347 [inline] RIP: 0010:get_freepointer mm/slub.c:354 [inline] RIP: 0010:get_freepointer_safe mm/slub.c:368 [inline] RIP: 0010:slab_alloc_node mm/slub.c:3211 [inline] RIP: 0010:slab_alloc mm/slub.c:3251 [inline] RIP: 0010:kmem_cache_alloc_trace+0x164/0x3e0 mm/slub.c:3282 Code: 8b 51 08 48 8b 01 48 83 79 10 00 48 89 44 24 08 0f 84 bf 01 00 00 48 85 c0 0f 84 b6 01 00 00 48 8b 7d 00 8b 4d 28 40 f6 c7 0f <48> 8b 1c 08 0f 85 c2 01 00 00 48 8d 4a 08 65 48 0f c7 0f 0f 94 c0 RSP: 0000:ffffc90000067008 EFLAGS: 00010246 RAX: ffff000000000000 RBX: 0000000000000000 RCX: 0000000000000800 RDX: 0000000000006649 RSI: 0000000000000dc0 RDI: 000000000003dce0 RBP: ffff888011842140 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000dc0 R14: 0000000000000a20 R15: 0000000000000dc0 FS: 0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 000000000bc8e000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: kmalloc include/linux/slab.h:600 [inline] kzalloc include/linux/slab.h:733 [inline] kobject_uevent_env+0x230/0x1640 lib/kobject_uevent.c:524 device_add+0xb72/0x1e90 drivers/base/core.c:3498 usb_set_configuration+0x1019/0x1900 drivers/usb/core/message.c:2170 usb_generic_driver_probe+0xba/0x100 drivers/usb/core/generic.c:238 usb_probe_device+0xd4/0x2c0 drivers/usb/core/driver.c:293 call_driver_probe drivers/base/dd.c:530 [inline] really_probe+0x249/0xb90 drivers/base/dd.c:609 __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:748 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:778 __device_attach_driver+0x206/0x2e0 drivers/base/dd.c:901 bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427 __device_attach+0x1e4/0x530 drivers/base/dd.c:973 bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487 device_add+0xbd5/0x1e90 drivers/base/core.c:3517 usb_new_device.cold+0x685/0x10ad drivers/usb/core/hub.c:2573 register_root_hub+0x421/0x573 drivers/usb/core/hcd.c:1017 usb_add_hcd.cold+0x100c/0x13a1 drivers/usb/core/hcd.c:2998 dummy_hcd_probe+0x19f/0x310 drivers/usb/gadget/udc/dummy_hcd.c:2676 platform_probe+0xfc/0x1f0 drivers/base/platform.c:1400 call_driver_probe drivers/base/dd.c:530 [inline] really_probe+0x249/0xb90 drivers/base/dd.c:609 __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:748 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:778 __device_attach_driver+0x206/0x2e0 drivers/base/dd.c:901 bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427 __device_attach+0x1e4/0x530 drivers/base/dd.c:973 bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487 device_add+0xbd5/0x1e90 drivers/base/core.c:3517 platform_device_add+0x35e/0x820 drivers/base/platform.c:717 dummy_hcd_init+0x5d5/0xba7 drivers/usb/gadget/udc/dummy_hcd.c:2829 do_one_initcall+0xfe/0x650 init/main.c:1296 do_initcall_level init/main.c:1369 [inline] do_initcalls init/main.c:1385 [inline] do_basic_setup init/main.c:1404 [inline] kernel_init_freeable+0x6b1/0x73a init/main.c:1611 kernel_init+0x1a/0x1d0 init/main.c:1500 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:freelist_dereference mm/slub.c:347 [inline] RIP: 0010:get_freepointer mm/slub.c:354 [inline] RIP: 0010:get_freepointer_safe mm/slub.c:368 [inline] RIP: 0010:slab_alloc_node mm/slub.c:3211 [inline] RIP: 0010:slab_alloc mm/slub.c:3251 [inline] RIP: 0010:kmem_cache_alloc_trace+0x164/0x3e0 mm/slub.c:3282 Code: 8b 51 08 48 8b 01 48 83 79 10 00 48 89 44 24 08 0f 84 bf 01 00 00 48 85 c0 0f 84 b6 01 00 00 48 8b 7d 00 8b 4d 28 40 f6 c7 0f <48> 8b 1c 08 0f 85 c2 01 00 00 48 8d 4a 08 65 48 0f c7 0f 0f 94 c0 RSP: 0000:ffffc90000067008 EFLAGS: 00010246 RAX: ffff000000000000 RBX: 0000000000000000 RCX: 0000000000000800 RDX: 0000000000006649 RSI: 0000000000000dc0 RDI: 000000000003dce0 RBP: ffff888011842140 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000dc0 R14: 0000000000000a20 R15: 0000000000000dc0 FS: 0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffff88823ffff000 CR3: 000000000bc8e000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 8b 51 08 mov 0x8(%rcx),%edx 3: 48 8b 01 mov (%rcx),%rax 6: 48 83 79 10 00 cmpq $0x0,0x10(%rcx) b: 48 89 44 24 08 mov %rax,0x8(%rsp) 10: 0f 84 bf 01 00 00 je 0x1d5 16: 48 85 c0 test %rax,%rax 19: 0f 84 b6 01 00 00 je 0x1d5 1f: 48 8b 7d 00 mov 0x0(%rbp),%rdi 23: 8b 4d 28 mov 0x28(%rbp),%ecx 26: 40 f6 c7 0f test $0xf,%dil * 2a: 48 8b 1c 08 mov (%rax,%rcx,1),%rbx <-- trapping instruction 2e: 0f 85 c2 01 00 00 jne 0x1f6 34: 48 8d 4a 08 lea 0x8(%rdx),%rcx 38: 65 48 0f c7 0f cmpxchg16b %gs:(%rdi) 3d: 0f 94 c0 sete %al