loop3: p1 size 2047 extends beyond EOD, truncated
loop3: p5 size 2047 extends beyond EOD, truncated
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 29732 Comm: syz-executor2 Not tainted 4.19.0-rc4+ #26
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:usb_find_alt_setting+0x38/0x310 drivers/usb/core/usb.c:231
Code: 89 fb 48 83 ec 18 48 89 7d c0 89 55 d4 89 75 d0 e8 3d c3 7e fc 48 8d 7b 04 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 84 02 00 00
kobject: 'loop3' (000000002c6ddada): kobject_uevent_env
RSP: 0018:ffff88018b7cf4a0 EFLAGS: 00010247
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90007272000
RDX: 0000000000000000 RSI: ffffffff85002143 RDI: 0000000000000004
RBP: ffff88018b7cf4e0 R08: ffff8801905b0640 R09: ffffed00316f9eb2
R10: ffffed00316f9eb4 R11: ffff88018b7cf5a7 R12: 0000000000000000
kobject: 'loop3' (000000002c6ddada): fill_kobj_path: path = '/devices/virtual/block/loop3'
R13: ffff8801cd91aa80 R14: ffff8801d976eac0 R15: 0000000000000000
FS:  00007fec321d2700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000001cf8fd0 CR3: 00000001d957d000 CR4: 00000000001426e0
Call Trace:
kobject: 'loop3' (000000002c6ddada): kobject_uevent_env
 check_ctrlrecip+0x1e6/0x320 drivers/usb/core/devio.c:828
 proc_control+0x151/0xef0 drivers/usb/core/devio.c:1074
kobject: 'loop3' (000000002c6ddada): fill_kobj_path: path = '/devices/virtual/block/loop3'
 usbdev_do_ioctl+0x1eb8/0x3b50 drivers/usb/core/devio.c:2394
 usbdev_ioctl+0x25/0x30 drivers/usb/core/devio.c:2551
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:501 [inline]
 do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:685
 ksys_ioctl+0xa9/0xd0 fs/ioctl.c:702
 __do_sys_ioctl fs/ioctl.c:709 [inline]
 __se_sys_ioctl fs/ioctl.c:707 [inline]
 __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:707
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457679
Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fec321d1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fec321d26d4 RCX: 0000000000457679
RDX: 0000000020000000 RSI: 00000000c0185500 RDI: 0000000000000003
RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004cf508 R14: 00000000004bf7f2 R15: 0000000000000000
Modules linked in:
kobject: 'loop0' (000000008c6f4d3b): kobject_uevent_env
---[ end trace 63e27ea542573777 ]---
kobject: 'loop0' (000000008c6f4d3b): fill_kobj_path: path = '/devices/virtual/block/loop0'
RIP: 0010:usb_find_alt_setting+0x38/0x310 drivers/usb/core/usb.c:231
Code: 89 fb 48 83 ec 18 48 89 7d c0 89 55 d4 89 75 d0 e8 3d c3 7e fc 48 8d 7b 04 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 84 02 00 00
 loop3: p1
 p1: <minix: p5 >
RSP: 0018:ffff88018b7cf4a0 EFLAGS: 00010247
kobject: 'loop3p1' (00000000103f2f67): kobject_cleanup, parent           (null)
kobject: 'loop3p1' (00000000103f2f67): calling ktype release
kobject: 'loop3p1': free name
kobject: 'loop3p5' (00000000904ce334): kobject_cleanup, parent           (null)
kobject: 'loop3p5' (00000000904ce334): calling ktype release
kobject: 'loop3p5': free name
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90007272000
loop3: partition table partially beyond EOD, 
RDX: 0000000000000000 RSI: ffffffff85002143 RDI: 0000000000000004
truncated
RBP: ffff88018b7cf4e0 R08: ffff8801905b0640 R09: ffffed00316f9eb2
kobject: 'loop0' (000000008c6f4d3b): kobject_uevent_env
kobject: 'loop3' (000000002c6ddada): kobject_uevent_env
kobject: 'loop0' (000000008c6f4d3b): fill_kobj_path: path = '/devices/virtual/block/loop0'
kobject: 'loop3' (000000002c6ddada): fill_kobj_path: path = '/devices/virtual/block/loop3'
R10: ffffed00316f9eb4 R11: ffff88018b7cf5a7 R12: 0000000000000000
loop3: p1 size 2047 extends beyond EOD, truncated
R13: ffff8801cd91aa80 R14: ffff8801d976eac0 R15: 0000000000000000
kobject: 'loop3p1' (00000000b1f5bb34): kobject_add_internal: parent: 'loop3', set: 'devices'
FS:  00007fec321d2700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000
kobject: 'loop3p1' (00000000b1f5bb34): kobject_uevent_env
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000001d01e80 CR3: 00000001d957d000 CR4: 00000000001426f0