Warning: Permanently added '10.128.1.104' (ECDSA) to the list of known hosts. executing program [ 79.814240][ T3184] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 80.054165][ T3184] usb 1-1: Using ep0 maxpacket: 32 [ 80.184645][ T3184] usb 1-1: config 0 has an invalid interface number: 139 but max is 0 [ 80.193681][ T3184] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 80.204691][ T3184] usb 1-1: config 0 has no interface number 0 [ 80.210916][ T3184] usb 1-1: config 0 interface 139 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 80.221233][ T3184] usb 1-1: config 0 interface 139 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0 [ 80.231163][ T3184] usb 1-1: config 0 interface 139 altsetting 0 bulk endpoint 0xC has invalid maxpacket 0 [ 80.241173][ T3184] usb 1-1: config 0 interface 139 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 16 [ 80.444308][ T3184] usb 1-1: New USB device found, idVendor=04b8, idProduct=0601, bcdDevice= 1.00 [ 80.453900][ T3184] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 80.462350][ T3184] usb 1-1: Product: syz [ 80.466766][ T3184] usb 1-1: Manufacturer: syz [ 80.471689][ T3184] usb 1-1: SerialNumber: syz [ 80.481878][ T3184] usb 1-1: config 0 descriptor?? [ 80.515521][ T8458] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 80.537319][ T3184] usb-storage 1-1:0.139: USB Mass Storage device detected [ 80.557529][ T3184] usb-storage 1-1:0.139: Quirks match for vid 04b8 pid 0601: 8 [ 80.570515][ T3184] scsi host1: usb-storage 1-1:0.139 [ 81.656817][ T201] scsi 1:0:0:0: Direct-Access Epson 875DC Storage 0100 PQ: 0 ANSI: 2 [ 81.667964][ T201] scsi 1:0:0:1: Direct-Access Epson 875DC Storage 0100 PQ: 0 ANSI: 2 [ 81.678774][ T201] scsi 1:0:0:2: Direct-Access Epson 875DC Storage 0100 PQ: 0 ANSI: 2 [ 81.689675][ T201] scsi 1:0:0:3: Direct-Access Epson 875DC Storage 0100 PQ: 0 ANSI: 2 [ 81.699802][ T201] scsi 1:0:0:4: Direct-Access Epson 875DC Storage 0100 PQ: 0 ANSI: 2 [ 81.709628][ T201] scsi 1:0:0:5: Direct-Access Epson 875DC Storage 0100 PQ: 0 ANSI: 2 [ 81.719887][ T201] scsi 1:0:0:6: Direct-Access Epson 875DC Storage 0100 PQ: 0 ANSI: 2 [ 81.729952][ T201] scsi 1:0:0:7: Direct-Access Epson 875DC Storage 0100 PQ: 0 ANSI: 2 [ 81.753585][ T201] sd 1:0:0:0: Attached scsi generic sg1 type 0 [ 81.770351][ T201] sd 1:0:0:1: Attached scsi generic sg2 type 0 [ 81.790297][ T201] sd 1:0:0:2: Attached scsi generic sg3 type 0 [ 81.817649][ T201] sd 1:0:0:3: Attached scsi generic sg4 type 0 [ 81.843821][ T201] sd 1:0:0:4: Attached scsi generic sg5 type 0 [ 81.876378][ T201] sd 1:0:0:5: Attached scsi generic sg6 type 0 [ 81.891976][ T201] sd 1:0:0:6: Attached scsi generic sg7 type 0 executing program [ 81.956179][ T201] sd 1:0:0:7: Attached scsi generic sg8 type 0 [ 81.996173][ T5] usb 1-1: USB disconnect, device number 2 [ 82.095792][ T9] sd 1:0:0:0: [sdb] Read Capacity(10) failed: Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK [ 82.107476][ T161] sd 1:0:0:1: [sdc] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.118899][ T54] sd 1:0:0:2: [sdd] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.130549][ T25] sd 1:0:0:3: [sde] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.142391][ T518] sd 1:0:0:4: [sdf] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.154026][ T8501] sd 1:0:0:5: [sdg] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.166042][ T8509] sd 1:0:0:6: [sdh] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.177241][ T8515] sd 1:0:0:7: [sdi] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.202954][ T54] sd 1:0:0:2: [sdd] Read Capacity(10) failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.203928][ T9] sd 1:0:0:0: [sdb] Sense not available. [ 82.219956][ T161] sd 1:0:0:1: [sdc] Read Capacity(10) failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.245523][ T8509] sd 1:0:0:6: [sdh] Read Capacity(10) failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.257314][ T518] sd 1:0:0:4: [sdf] Read Capacity(10) failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.269489][ T8515] sd 1:0:0:7: [sdi] Read Capacity(10) failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.281227][ T25] sd 1:0:0:3: [sde] Read Capacity(10) failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.293173][ T8501] sd 1:0:0:5: [sdg] Read Capacity(10) failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.334459][ T161] sd 1:0:0:1: [sdc] Sense not available. [ 82.340448][ T161] sd 1:0:0:1: [sdc] 0 512-byte logical blocks: (0 B/0 B) [ 82.349702][ T54] sd 1:0:0:2: [sdd] Sense not available. [ 82.370592][ T8509] sd 1:0:0:6: [sdh] Sense not available. [ 82.376902][ T8515] sd 1:0:0:7: [sdi] Sense not available. [ 82.379015][ T9] sd 1:0:0:0: [sdb] 0 512-byte logical blocks: (0 B/0 B) [ 82.382690][ T518] sd 1:0:0:4: [sdf] Sense not available. [ 82.396240][ T25] sd 1:0:0:3: [sde] Sense not available. [ 82.402099][ T8501] sd 1:0:0:5: [sdg] Sense not available. [ 82.419700][ T54] sd 1:0:0:2: [sdd] 0 512-byte logical blocks: (0 B/0 B) [ 82.431770][ T8509] sd 1:0:0:6: [sdh] 0 512-byte logical blocks: (0 B/0 B) [ 82.439432][ T8515] sd 1:0:0:7: [sdi] 0 512-byte logical blocks: (0 B/0 B) [ 82.453945][ T161] sd 1:0:0:1: [sdc] 0-byte physical blocks [ 82.455948][ T25] sd 1:0:0:3: [sde] 0 512-byte logical blocks: (0 B/0 B) [ 82.470627][ T8501] sd 1:0:0:5: [sdg] 0 512-byte logical blocks: (0 B/0 B) [ 82.470929][ T9] sd 1:0:0:0: [sdb] 0-byte physical blocks [ 82.489102][ T54] sd 1:0:0:2: [sdd] 0-byte physical blocks [ 82.506503][ T8509] sd 1:0:0:6: [sdh] 0-byte physical blocks [ 82.512496][ T8515] sd 1:0:0:7: [sdi] 0-byte physical blocks [ 82.518945][ T518] sd 1:0:0:4: [sdf] 0 512-byte logical blocks: (0 B/0 B) [ 82.530892][ T8501] sd 1:0:0:5: [sdg] 0-byte physical blocks [ 82.552674][ T25] sd 1:0:0:3: [sde] 0-byte physical blocks [ 82.570118][ T518] sd 1:0:0:4: [sdf] 0-byte physical blocks [ 82.573993][ T161] sd 1:0:0:1: [sdc] Test WP failed, assume Write Enabled [ 82.576936][ T54] sd 1:0:0:2: [sdd] Test WP failed, assume Write Enabled [ 82.591060][ T8501] sd 1:0:0:5: [sdg] Test WP failed, assume Write Enabled [ 82.626429][ T161] sd 1:0:0:1: [sdc] Asking for cache data failed [ 82.626648][ T8509] sd 1:0:0:6: [sdh] Test WP failed, assume Write Enabled [ 82.633077][ T9] sd 1:0:0:0: [sdb] Write Protect is off [ 82.640688][ T8515] sd 1:0:0:7: [sdi] Test WP failed, assume Write Enabled [ 82.647421][ T161] sd 1:0:0:1: [sdc] Assuming drive cache: write through [ 82.653526][ T25] sd 1:0:0:3: [sde] Test WP failed, assume Write Enabled [ 82.669225][ T8515] sd 1:0:0:7: [sdi] Asking for cache data failed [ 82.675861][ T518] sd 1:0:0:4: [sdf] Test WP failed, assume Write Enabled [ 82.711599][ T8515] sd 1:0:0:7: [sdi] Assuming drive cache: write through [ 82.719586][ T8501] sd 1:0:0:5: [sdg] Asking for cache data failed [ 82.726489][ T54] sd 1:0:0:2: [sdd] Asking for cache data failed [ 82.732999][ T518] sd 1:0:0:4: [sdf] Asking for cache data failed [ 82.739733][ T8509] sd 1:0:0:6: [sdh] Asking for cache data failed [ 82.755652][ T8501] sd 1:0:0:5: [sdg] Assuming drive cache: write through [ 82.769980][ T54] sd 1:0:0:2: [sdd] Assuming drive cache: write through [ 82.780376][ T9] sd 1:0:0:0: [sdb] Asking for cache data failed [ 82.786184][ T25] sd 1:0:0:3: [sde] Asking for cache data failed [ 82.796235][ T8520] sd 1:0:0:1: [sdc] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.802622][ T518] sd 1:0:0:4: [sdf] Assuming drive cache: write through [ 82.819980][ T8509] sd 1:0:0:6: [sdh] Assuming drive cache: write through [ 82.841866][ T8522] sd 1:0:0:7: [sdi] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.856844][ T25] sd 1:0:0:3: [sde] Assuming drive cache: write through [ 82.872377][ T8515] sd 1:0:0:7: [sdi] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.878068][ T161] sd 1:0:0:1: [sdc] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.896122][ T9] sd 1:0:0:0: [sdb] Assuming drive cache: write through [ 82.900564][ T8525] sd 1:0:0:5: [sdg] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.919522][ T8516] sd 1:0:0:2: [sdd] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.928171][ T8501] sd 1:0:0:5: [sdg] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 82.955041][ T54] sd 1:0:0:2: [sdd] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 83.000405][ T9] sd 1:0:0:0: [sdb] Read Capacity(10) failed: Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK [ 83.012919][ T8509] sd 1:0:0:6: [sdh] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 83.031651][ T25] sd 1:0:0:3: [sde] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 83.043346][ T518] sd 1:0:0:4: [sdf] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 83.064271][ T54] sd 1:0:0:2: [sdd] Attached SCSI removable disk [ 83.066591][ T161] sd 1:0:0:1: [sdc] Attached SCSI removable disk [ 83.082021][ T8501] sd 1:0:0:5: [sdg] Attached SCSI removable disk [ 83.084329][ T8515] sd 1:0:0:7: [sdi] Attached SCSI removable disk [ 83.099975][ T8530] sd 1:0:0:4: [sdf] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 83.100005][ T8475] sd 1:0:0:6: [sdh] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 83.136746][ T9] sd 1:0:0:0: [sdb] Sense not available. [ 83.136940][ T8509] sd 1:0:0:6: [sdh] Attached SCSI removable disk [ 83.142657][ T9] sd 1:0:0:0: [sdb] Attached SCSI removable disk [ 83.155695][ T25] sd 1:0:0:3: [sde] Attached SCSI removable disk [ 83.156590][ T8503] sd 1:0:0:3: [sde] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK [ 83.162316][ T518] sd 1:0:0:4: [sdf] Attached SCSI removable disk [ 84.406659][ T8530] ================================================================== [ 84.415043][ T8530] BUG: KASAN: use-after-free in blk_mq_exit_sched+0x53e/0x6a0 [ 84.422598][ T8530] Read of size 4 at addr ffff88801e4101e0 by task systemd-udevd/8530 [ 84.430899][ T8530] [ 84.433259][ T8530] CPU: 0 PID: 8530 Comm: systemd-udevd Not tainted 5.13.0-rc2-next-20210518-syzkaller #0 [ 84.443192][ T8530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.453280][ T8530] Call Trace: [ 84.456585][ T8530] dump_stack_lvl+0x13e/0x1d6 [ 84.461496][ T8530] ? blk_mq_exit_sched+0x53e/0x6a0 [ 84.466681][ T8530] print_address_description.constprop.0.cold+0x6c/0x309 [ 84.473903][ T8530] ? blk_mq_exit_sched+0x53e/0x6a0 [ 84.479012][ T8530] ? blk_mq_exit_sched+0x53e/0x6a0 [ 84.484122][ T8530] kasan_report.cold+0x83/0xdf [ 84.489034][ T8530] ? blk_mq_exit_sched+0x53e/0x6a0 [ 84.494259][ T8530] blk_mq_exit_sched+0x53e/0x6a0 [ 84.499211][ T8530] __elevator_exit+0x28/0x40 [ 84.504027][ T8530] blk_release_queue+0x25e/0x4d0 [ 84.509433][ T8530] kobject_put+0x1c8/0x540 [ 84.513864][ T8530] disk_release+0x1cd/0x250 [ 84.518384][ T8530] ? show_partition_start+0xb0/0xb0 [ 84.523592][ T8530] device_release+0x9f/0x240 [ 84.528312][ T8530] kobject_put+0x1c8/0x540 [ 84.533113][ T8530] put_device+0x1b/0x30 [ 84.537424][ T8530] put_disk+0x44/0x60 [ 84.541677][ T8530] blkdev_put+0x12c/0x580 [ 84.546052][ T8530] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 84.552363][ T8530] blkdev_close+0x8c/0xb0 [ 84.556704][ T8530] __fput+0x288/0x920 [ 84.560801][ T8530] ? blkdev_put+0x580/0x580 [ 84.565331][ T8530] task_work_run+0xdd/0x1a0 [ 84.569956][ T8530] exit_to_user_mode_prepare+0x26f/0x280 [ 84.575720][ T8530] syscall_exit_to_user_mode+0x19/0x60 [ 84.581223][ T8530] do_syscall_64+0x3e/0xb0 [ 84.585676][ T8530] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 84.591931][ T8530] RIP: 0033:0x7fa4e4ba4270 [ 84.596350][ T8530] Code: 73 01 c3 48 8b 0d 38 7d 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 59 c1 20 00 00 75 10 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 ee fb ff ff 48 89 04 24 [ 84.616094][ T8530] RSP: 002b:00007ffd7a611fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 84.624774][ T8530] RAX: 0000000000000000 RBX: 0000000000000007 RCX: 00007fa4e4ba4270 [ 84.632774][ T8530] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 84.640751][ T8530] RBP: 00007fa4e5a5e710 R08: 000055f7d1f4b2a0 R09: 000055f7d1f4b000 [ 84.648835][ T8530] R10: 00007fa4e5a5e8c0 R11: 0000000000000246 R12: 0000000000000000 [ 84.657126][ T8530] R13: 000055f7d1f3c370 R14: 0000000000000003 R15: 000000000000000e [ 84.665245][ T8530] [ 84.667571][ T8530] Allocated by task 3184: [ 84.671929][ T8530] kasan_save_stack+0x1b/0x40 [ 84.676878][ T8530] __kasan_kmalloc+0x9b/0xd0 [ 84.681465][ T8530] scsi_host_alloc+0x2c/0xfc0 [ 84.686170][ T8530] usb_stor_probe1+0x45/0x162b [ 84.690989][ T8530] storage_probe+0x6f5/0xaa0 [ 84.695792][ T8530] usb_probe_interface+0x315/0x7f0 [ 84.700944][ T8530] really_probe+0x291/0xf60 [ 84.705676][ T8530] driver_probe_device+0x298/0x410 [ 84.711024][ T8530] __device_attach_driver+0x203/0x2c0 [ 84.716408][ T8530] bus_for_each_drv+0x15f/0x1e0 [ 84.721259][ T8530] __device_attach+0x228/0x4a0 [ 84.726040][ T8530] bus_probe_device+0x1e4/0x290 [ 84.731145][ T8530] device_add+0xbe0/0x2100 [ 84.735638][ T8530] usb_set_configuration+0x113f/0x1910 [ 84.741234][ T8530] usb_generic_driver_probe+0xba/0x100 [ 84.746714][ T8530] usb_probe_device+0xd9/0x2c0 [ 84.751528][ T8530] really_probe+0x291/0xf60 [ 84.756201][ T8530] driver_probe_device+0x298/0x410 [ 84.761352][ T8530] __device_attach_driver+0x203/0x2c0 [ 84.766718][ T8530] bus_for_each_drv+0x15f/0x1e0 [ 84.771637][ T8530] __device_attach+0x228/0x4a0 [ 84.776529][ T8530] bus_probe_device+0x1e4/0x290 [ 84.781863][ T8530] device_add+0xbe0/0x2100 [ 84.786452][ T8530] usb_new_device.cold+0x721/0x1058 [ 84.791706][ T8530] hub_event+0x2357/0x4330 [ 84.796129][ T8530] process_one_work+0x98d/0x1600 [ 84.801089][ T8530] worker_thread+0x64c/0x1120 [ 84.805890][ T8530] kthread+0x3b1/0x4a0 [ 84.809977][ T8530] ret_from_fork+0x1f/0x30 [ 84.814477][ T8530] [ 84.816859][ T8530] Freed by task 8530: [ 84.820852][ T8530] kasan_save_stack+0x1b/0x40 [ 84.825545][ T8530] kasan_set_track+0x1c/0x30 [ 84.830130][ T8530] kasan_set_free_info+0x20/0x30 [ 84.835181][ T8530] __kasan_slab_free+0xfb/0x130 [ 84.840029][ T8530] slab_free_freelist_hook+0xdf/0x240 [ 84.845396][ T8530] kfree+0xeb/0x650 [ 84.849203][ T8530] device_release+0x9f/0x240 [ 84.853815][ T8530] kobject_put+0x1c8/0x540 [ 84.858249][ T8530] put_device+0x1b/0x30 [ 84.862405][ T8530] device_release+0x9f/0x240 [ 84.866991][ T8530] kobject_put+0x1c8/0x540 [ 84.871423][ T8530] put_device+0x1b/0x30 [ 84.875590][ T8530] scsi_device_dev_release_usercontext+0x927/0xd50 [ 84.882106][ T8530] execute_in_process_context+0x37/0x150 [ 84.887742][ T8530] device_release+0x9f/0x240 [ 84.892335][ T8530] kobject_put+0x1c8/0x540 [ 84.896794][ T8530] put_device+0x1b/0x30 [ 84.900978][ T8530] sd_release+0x124/0x290 [ 84.905425][ T8530] __blkdev_put+0x5d4/0x790 [ 84.909934][ T8530] blkdev_put+0x92/0x580 [ 84.914180][ T8530] blkdev_close+0x8c/0xb0 [ 84.918528][ T8530] __fput+0x288/0x920 [ 84.922525][ T8530] task_work_run+0xdd/0x1a0 [ 84.927247][ T8530] exit_to_user_mode_prepare+0x26f/0x280 [ 84.933953][ T8530] syscall_exit_to_user_mode+0x19/0x60 [ 84.939589][ T8530] do_syscall_64+0x3e/0xb0 [ 84.944037][ T8530] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 84.950568][ T8530] [ 84.952895][ T8530] Last potentially related work creation: [ 84.958722][ T8530] kasan_save_stack+0x1b/0x40 [ 84.965219][ T8530] kasan_record_aux_stack+0xe5/0x110 [ 84.970516][ T8530] insert_work+0x48/0x370 [ 84.974883][ T8530] __queue_work+0x5c1/0xed0 [ 84.979483][ T8530] call_timer_fn+0x1a5/0x6b0 [ 84.984113][ T8530] __run_timers.part.0+0x4a6/0xa50 [ 84.989569][ T8530] run_timer_softirq+0xb3/0x1d0 [ 84.994640][ T8530] __do_softirq+0x29b/0x9fb [ 84.999285][ T8530] [ 85.001673][ T8530] The buggy address belongs to the object at ffff88801e410000 [ 85.001673][ T8530] which belongs to the cache kmalloc-8k of size 8192 [ 85.015826][ T8530] The buggy address is located 480 bytes inside of [ 85.015826][ T8530] 8192-byte region [ffff88801e410000, ffff88801e412000) [ 85.029749][ T8530] The buggy address belongs to the page: [ 85.035898][ T8530] page:ffffea0000790400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e410 [ 85.046267][ T8530] head:ffffea0000790400 order:3 compound_mapcount:0 compound_pincount:0 [ 85.055043][ T8530] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 85.063379][ T8530] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888011042280 [ 85.072201][ T8530] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 85.081321][ T8530] page dumped because: kasan: bad access detected [ 85.087730][ T8530] page_owner tracks the page as allocated [ 85.093467][ T8530] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3184, ts 80546542199, free_ts 80510680077 [ 85.112587][ T8530] get_page_from_freelist+0x125c/0x2ed0 [ 85.118152][ T8530] __alloc_pages+0x1b2/0x500 [ 85.122787][ T8530] alloc_pages+0x18c/0x2a0 [ 85.127208][ T8530] allocate_slab+0x2c2/0x4c0 [ 85.131952][ T8530] ___slab_alloc+0x4ba/0x820 [ 85.136565][ T8530] __slab_alloc.constprop.0+0xa7/0xf0 [ 85.141941][ T8530] __kmalloc+0x312/0x330 [ 85.146232][ T8530] scsi_host_alloc+0x2c/0xfc0 [ 85.150929][ T8530] usb_stor_probe1+0x45/0x162b [ 85.155815][ T8530] storage_probe+0x6f5/0xaa0 [ 85.160406][ T8530] usb_probe_interface+0x315/0x7f0 [ 85.165521][ T8530] really_probe+0x291/0xf60 [ 85.170149][ T8530] driver_probe_device+0x298/0x410 [ 85.175365][ T8530] __device_attach_driver+0x203/0x2c0 [ 85.180766][ T8530] bus_for_each_drv+0x15f/0x1e0 [ 85.185681][ T8530] __device_attach+0x228/0x4a0 [ 85.190443][ T8530] page last free stack trace: [ 85.195132][ T8530] __free_pages_ok+0x4cb/0xf30 [ 85.199894][ T8530] unfreeze_partials+0x17c/0x1d0 [ 85.204850][ T8530] put_cpu_partial+0x13d/0x230 [ 85.210122][ T8530] qlist_free_all+0x5a/0xc0 [ 85.214633][ T8530] kasan_quarantine_reduce+0x180/0x200 [ 85.220116][ T8530] __kasan_slab_alloc+0x8e/0xa0 [ 85.224966][ T8530] kmem_cache_alloc+0x285/0x4a0 [ 85.229815][ T8530] getname_flags.part.0+0x50/0x4f0 [ 85.234945][ T8530] getname+0x8e/0xd0 [ 85.238841][ T8530] do_sys_openat2+0xf5/0x420 [ 85.243454][ T8530] __x64_sys_open+0x119/0x1c0 [ 85.248147][ T8530] do_syscall_64+0x31/0xb0 [ 85.252749][ T8530] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 85.258900][ T8530] [ 85.261219][ T8530] Memory state around the buggy address: [ 85.266859][ T8530] ffff88801e410080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 85.274918][ T8530] ffff88801e410100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 85.283270][ T8530] >ffff88801e410180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 85.291416][ T8530] ^ [ 85.298609][ T8530] ffff88801e410200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 85.306779][ T8530] ffff88801e410280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 85.315001][ T8530] ================================================================== [ 85.323318][ T8530] Disabling lock debugging due to kernel taint [ 85.332618][ T8530] Kernel panic - not syncing: panic_on_warn set ... [ 85.339232][ T8530] CPU: 0 PID: 8530 Comm: systemd-udevd Tainted: G B 5.13.0-rc2-next-20210518-syzkaller #0 [ 85.350479][ T8530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 85.360566][ T8530] Call Trace: [ 85.363864][ T8530] dump_stack_lvl+0x13e/0x1d6 [ 85.368572][ T8530] ? blk_mq_exit_sched+0x520/0x6a0 [ 85.373733][ T8530] panic+0x306/0x73d [ 85.377840][ T8530] ? __warn_printk+0xf3/0xf3 [ 85.382465][ T8530] ? preempt_schedule_common+0x59/0xc0 [ 85.388071][ T8530] ? blk_mq_exit_sched+0x53e/0x6a0 [ 85.393432][ T8530] ? preempt_schedule_thunk+0x16/0x18 [ 85.398823][ T8530] ? trace_hardirqs_on+0x38/0x1c0 [ 85.403865][ T8530] ? trace_hardirqs_on+0x51/0x1c0 [ 85.408883][ T8530] ? blk_mq_exit_sched+0x53e/0x6a0 [ 85.413990][ T8530] ? blk_mq_exit_sched+0x53e/0x6a0 [ 85.419095][ T8530] end_report.cold+0x5a/0x5a [ 85.423713][ T8530] kasan_report.cold+0x71/0xdf [ 85.428570][ T8530] ? blk_mq_exit_sched+0x53e/0x6a0 [ 85.434272][ T8530] blk_mq_exit_sched+0x53e/0x6a0 [ 85.439218][ T8530] __elevator_exit+0x28/0x40 [ 85.444151][ T8530] blk_release_queue+0x25e/0x4d0 [ 85.449089][ T8530] kobject_put+0x1c8/0x540 [ 85.453615][ T8530] disk_release+0x1cd/0x250 [ 85.458139][ T8530] ? show_partition_start+0xb0/0xb0 [ 85.463535][ T8530] device_release+0x9f/0x240 [ 85.468310][ T8530] kobject_put+0x1c8/0x540 [ 85.472869][ T8530] put_device+0x1b/0x30 [ 85.477031][ T8530] put_disk+0x44/0x60 [ 85.481015][ T8530] blkdev_put+0x12c/0x580 [ 85.485554][ T8530] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 85.491830][ T8530] blkdev_close+0x8c/0xb0 [ 85.496485][ T8530] __fput+0x288/0x920 [ 85.500505][ T8530] ? blkdev_put+0x580/0x580 [ 85.505442][ T8530] task_work_run+0xdd/0x1a0 [ 85.510081][ T8530] exit_to_user_mode_prepare+0x26f/0x280 [ 85.515862][ T8530] syscall_exit_to_user_mode+0x19/0x60 [ 85.521759][ T8530] do_syscall_64+0x3e/0xb0 [ 85.526581][ T8530] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 85.532525][ T8530] RIP: 0033:0x7fa4e4ba4270 [ 85.537031][ T8530] Code: 73 01 c3 48 8b 0d 38 7d 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 59 c1 20 00 00 75 10 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 ee fb ff ff 48 89 04 24 [ 85.557004][ T8530] RSP: 002b:00007ffd7a611fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 85.565758][ T8530] RAX: 0000000000000000 RBX: 0000000000000007 RCX: 00007fa4e4ba4270 [ 85.573767][ T8530] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 85.582133][ T8530] RBP: 00007fa4e5a5e710 R08: 000055f7d1f4b2a0 R09: 000055f7d1f4b000 [ 85.591118][ T8530] R10: 00007fa4e5a5e8c0 R11: 0000000000000246 R12: 0000000000000000 [ 85.599209][ T8530] R13: 000055f7d1f3c370 R14: 0000000000000003 R15: 000000000000000e [ 85.608509][ T8530] Kernel Offset: disabled [ 85.612845][ T8530] Rebooting in 86400 seconds..