ci2 starts bisection 2023-05-01 17:44:51.404958768 +0000 UTC m=+266545.425329981 bisecting fixing commit since c957cbb8731536ddc9a01e4c1cd51eab6558aa14 building syzkaller on f325deb023e4e2fb9197004be1b3da738680429c ensuring issue is reproducible on original commit c957cbb8731536ddc9a01e4c1cd51eab6558aa14 testing commit c957cbb8731536ddc9a01e4c1cd51eab6558aa14 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 7b1e11573cbefcad09e9e9c52523ede21e58a207fc2acd13734a03b206937985 run #0: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc001488960] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #1: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc001488a50] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #2: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc0032e8820] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #3: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc00086ef50] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #4: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc0036ca230] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #5: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc0032e8910] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #6: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc0032e8af0] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #7: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc0032e8cd0] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #8: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc0036ca460] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #9: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc0032e8e10] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #10: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc0036ca8c0] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #11: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc0036caa00] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #12: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #13: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #14: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #15: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #16: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #17: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #18: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #19: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb testing current HEAD 8a7f2a5c5aa1648edb4f2029c6ec33870afb7a95 testing commit 8a7f2a5c5aa1648edb4f2029c6ec33870afb7a95 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: eacef7d3d613c8632375029a485b815ff42b84d74e8a6f8a01e71284d62dfd10 run #0: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc0036cadc0] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #1: boot failed: create image operation failed: &{Code:QUOTA_EXCEEDED ErrorDetails:[0xc0036cafa0] Location: Message:Quota 'T2A_CPUS' exceeded. Limit: 64.0 in region us-central1. ForceSendFields:[] NullFields:[]}. run #2: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #3: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #4: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #5: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #6: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #7: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #8: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb run #9: crashed: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb revisions tested: 2, total time: 43m17.807183134s (build: 34m3.104209078s, test: 8m42.140155388s) the crash still happens on HEAD commit msg: Linux 5.15.110 crash: WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb ------------[ cut here ]------------ usb 1-1: BOGUS urb xfer, pipe 1 != type 3 WARNING: CPU: 1 PID: 3982 at drivers/usb/core/urb.c:503 usb_submit_urb+0x868/0x1394 drivers/usb/core/urb.c:502 Modules linked in: CPU: 1 PID: 3982 Comm: kworker/1:5 Not tainted 5.15.110-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : usb_submit_urb+0x868/0x1394 drivers/usb/core/urb.c:502 lr : usb_submit_urb+0x868/0x1394 drivers/usb/core/urb.c:502 sp : ffff80001af967b0 x29: ffff80001af967f0 x28: 0000000000000000 x27: ffff0000dc117000 x26: dfff800000000000 x25: ffff800011889408 x24: ffff0000c2ece400 x23: ffff0000cb3a045c x22: ffff80001188fbc0 x21: 0000000000000001 x20: 0000000000000a20 x19: ffff0000cb3a0400 x18: ffffffffffffffff x17: ffffffffffffffff x16: ffff8000106cf42c x15: 0000000000000001 x14: 1ffff000026b406a x13: 0000000000000001 x12: 0000000000000001 x11: 0000000000000001 x10: 0000000000000000 x9 : 8883a2a008a8be00 x8 : 8883a2a008a8be00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff80001af95ef8 x4 : ffff800013677b40 x3 : ffff80000849bc58 x2 : 0000000000000001 x1 : 0000000000000004 x0 : 0000000000000029 Call trace: usb_submit_urb+0x868/0x1394 drivers/usb/core/urb.c:502 carl9170_usb_submit_cmd_urb+0x68/0x198 drivers/net/wireless/ath/carl9170/usb.c:229 __carl9170_exec_cmd+0x250/0x3b8 drivers/net/wireless/ath/carl9170/usb.c:643 carl9170_reboot+0xa0/0xf0 drivers/net/wireless/ath/carl9170/cmd.c:141 carl9170_usb_disconnect+0x78/0x128 drivers/net/wireless/ath/carl9170/usb.c:1116 usb_unbind_interface+0x140/0x5d4 drivers/usb/core/driver.c:458 __device_release_driver drivers/base/dd.c:1229 [inline] device_release_driver_internal+0x39c/0x5a0 drivers/base/dd.c:1262 device_release_driver+0x18/0x24 drivers/base/dd.c:1285 usb_driver_release_interface drivers/usb/core/driver.c:627 [inline] usb_forced_unbind_intf+0xec/0x1b0 drivers/usb/core/driver.c:1117 usb_reset_device+0x2c4/0x7d8 drivers/usb/core/hub.c:6130 carl9170_usb_probe+0x58/0x948 drivers/net/wireless/ath/carl9170/usb.c:1044 usb_probe_interface+0x3e4/0x810 drivers/usb/core/driver.c:396 really_probe+0x1b8/0x8f4 drivers/base/dd.c:595 __driver_probe_device+0x15c/0x33c drivers/base/dd.c:755 driver_probe_device+0x70/0x2a8 drivers/base/dd.c:785 __device_attach_driver+0x294/0x3ec drivers/base/dd.c:907 bus_for_each_drv+0x138/0x19c drivers/base/bus.c:427 __device_attach+0x228/0x3c8 drivers/base/dd.c:979 device_initial_probe+0x14/0x20 drivers/base/dd.c:1028 bus_probe_device+0x184/0x190 drivers/base/bus.c:487 device_add+0x68c/0xb94 drivers/base/core.c:3394 usb_set_configuration+0x1278/0x1734 drivers/usb/core/message.c:2170 usb_generic_driver_probe+0x7c/0x114 drivers/usb/core/generic.c:238 usb_probe_device+0xbc/0x1e0 drivers/usb/core/driver.c:293 really_probe+0x1b8/0x8f4 drivers/base/dd.c:595 __driver_probe_device+0x15c/0x33c drivers/base/dd.c:755 driver_probe_device+0x70/0x2a8 drivers/base/dd.c:785 __device_attach_driver+0x294/0x3ec drivers/base/dd.c:907 bus_for_each_drv+0x138/0x19c drivers/base/bus.c:427 __device_attach+0x228/0x3c8 drivers/base/dd.c:979 device_initial_probe+0x14/0x20 drivers/base/dd.c:1028 bus_probe_device+0x184/0x190 drivers/base/bus.c:487 device_add+0x68c/0xb94 drivers/base/core.c:3394 usb_new_device+0x86c/0x1188 drivers/usb/core/hub.c:2568 hub_port_connect drivers/usb/core/hub.c:5358 [inline] hub_port_connect_change drivers/usb/core/hub.c:5502 [inline] port_event drivers/usb/core/hub.c:5648 [inline] hub_event+0x229c/0x3b04 drivers/usb/core/hub.c:5730 process_one_work+0x698/0xf54 kernel/workqueue.c:2306 worker_thread+0x7f8/0xe68 kernel/workqueue.c:2453 kthread+0x318/0x3ec kernel/kthread.c:319 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870 irq event stamp: 30072 hardirqs last enabled at (30071): [] __up_console_sem+0x54/0xa4 kernel/printk/printk.c:257 hardirqs last disabled at (30072): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:387 softirqs last enabled at (26036): [] softirq_handle_end kernel/softirq.c:401 [inline] softirqs last enabled at (26036): [] __do_softirq+0xb5c/0xe20 kernel/softirq.c:587 softirqs last disabled at (26025): [] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline] softirqs last disabled at (26025): [] invoke_softirq kernel/softirq.c:439 [inline] softirqs last disabled at (26025): [] __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:636 ---[ end trace 8b4d4562e001edb2 ]--- usb 1-1: reset full-speed USB device number 2 using dummy_hcd usb 1-1: device firmware changed usb 1-1: USB disconnect, device number 2 usb 1-1: new full-speed USB device number 3 using dummy_hcd usb 1-1: config 0 has an invalid interface number: 24 but max is 0 usb 1-1: config 0 has an invalid interface number: 82 but max is 0 usb 1-1: config 0 has 2 interfaces, different from the descriptor's value: 1 usb 1-1: config 0 has no interface number 0 usb 1-1: config 0 has no interface number 1 usb 1-1: config 0 interface 24 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 12 usb 1-1: too many endpoints for config 0 interface 82 altsetting 47: 137, using maximum allowed: 30 usb 1-1: config 0 interface 82 altsetting 47 has a duplicate endpoint with address 0x1, skipping usb 1-1: config 0 interface 82 altsetting 47 has a duplicate endpoint with address 0x7, skipping usb 1-1: config 0 interface 82 altsetting 47 has a duplicate endpoint with address 0x3, skipping usb 1-1: config 0 interface 82 altsetting 47 endpoint 0x4 has invalid maxpacket 1576, setting to 64 usb 1-1: config 0 interface 82 altsetting 47 has an invalid endpoint with address 0x0, skipping usb 1-1: config 0 interface 82 altsetting 47 has an invalid endpoint with address 0x80, skipping usb 1-1: config 0 interface 82 altsetting 47 endpoint 0x6 has invalid maxpacket 1024, setting to 64 usb 1-1: config 0 interface 82 altsetting 47 has 11 endpoint descriptors, different from the interface descriptor's value: 137 usb 1-1: config 0 interface 82 has no altsetting 0 usb 1-1: New USB device found, idVendor=0586, idProduct=3417, bcdDevice=e6.c2 usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 usb 1-1: config 0 descriptor?? usb 1-1: reset full-speed USB device number 3 using dummy_hcd usb 1-1: device descriptor read/64, error -71 usb 1-1: reset full-speed USB device number 3 using dummy_hcd usb 1-1: string descriptor 0 read error: -71