[ 52.134414][ T39] audit: type=1400 audit(1648335085.653:74): avc: denied { write } for pid=3644 comm="sh" path="pipe:[2504]" dev="pipefs" ino=2504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1
Warning: Permanently added '[localhost]:32180' (ECDSA) to the list of known hosts.
executing program
[ 54.822789][ T39] audit: type=1400 audit(1648335088.383:75): avc: denied { execute } for pid=3661 comm="sh" name="syz-executor331357208" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[ 54.847114][ T39] audit: type=1400 audit(1648335088.383:76): avc: denied { execute_no_trans } for pid=3661 comm="sh" path="/syz-executor331357208" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[ 54.870860][ T39] audit: type=1400 audit(1648335088.403:77): avc: denied { execmem } for pid=3661 comm="syz-executor331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 54.890638][ T39] audit: type=1400 audit(1648335088.403:78): avc: denied { read write } for pid=3662 comm="syz-executor331" name="raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 54.916891][ T39] audit: type=1400 audit(1648335088.403:79): avc: denied { open } for pid=3662 comm="syz-executor331" path="/dev/raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 54.945149][ T39] audit: type=1400 audit(1648335088.403:80): avc: denied { ioctl } for pid=3662 comm="syz-executor331" path="/dev/raw-gadget" dev="devtmpfs" ino=760 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 55.104158][ T40] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 55.464403][ T40] usb 5-1: config 0 has an invalid interface number: 130 but max is 0
[ 55.472635][ T40] usb 5-1: config 0 has no interface number 0
[ 55.479504][ T40] usb 5-1: config 0 interface 130 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 55.490810][ T40] usb 5-1: New USB device found, idVendor=2040, idProduct=8265, bcdDevice=f3.4a
[ 55.500998][ T40] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 55.512597][ T40] usb 5-1: config 0 descriptor??
[ 55.557525][ T40] em28xx 5-1:0.130: New device @ 480 Mbps (2040:8265, interface 130, class 130)
[ 55.567269][ T40] em28xx 5-1:0.130: Audio interface 130 found (Vendor Class)
executing program
[ 55.894267][ T40] em28xx 5-1:0.130: unknown em28xx chip ID (0)
[ 55.914152][ T40] em28xx 5-1:0.130: Config register raw data: 0xfffffffb
[ 55.934153][ T40] em28xx 5-1:0.130: AC97 chip type couldn't be determined
[ 55.942659][ T40] em28xx 5-1:0.130: No AC97 audio processor
[ 55.949169][ T40] em28xx 5-1:0.130: We currently don't support analog TV or stream capture on dual tuners.
[ 56.084213][ T40] em28xx 5-1:0.130: unknown em28xx chip ID (0)
[ 56.104133][ T40] em28xx 5-1:0.130: Config register raw data: 0xfffffffb
[ 56.124153][ T40] em28xx 5-1:0.130: AC97 chip type couldn't be determined
[ 56.131833][ T40] em28xx 5-1:0.130: No AC97 audio processor
[ 56.378625][ T40] usb 5-1: USB disconnect, device number 2
[ 56.386026][ T40] em28xx 5-1:0.130: Disconnecting em28xx #1
[ 56.391920][ T40] em28xx 5-1:0.130: Disconnecting em28xx
[ 56.401943][ T40] em28xx 5-1:0.130: Freeing device
[ 56.407292][ T40] em28xx 5-1:0.130: Freeing device
[ 56.764247][ T40] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[ 57.124199][ T40] usb 5-1: config 0 has an invalid interface number: 130 but max is 0
[ 57.132758][ T40] usb 5-1: config 0 has no interface number 0
[ 57.138733][ T40] usb 5-1: config 0 interface 130 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 57.149222][ T40] usb 5-1: New USB device found, idVendor=2040, idProduct=8265, bcdDevice=f3.4a
[ 57.159214][ T40] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 57.170109][ T40] usb 5-1: config 0 descriptor??
[ 57.218470][ T40] em28xx 5-1:0.130: New device @ 480 Mbps (2040:8265, interface 130, class 130)
[ 57.227905][ T40] em28xx 5-1:0.130: Audio interface 130 found (Vendor Class)
executing program
[ 57.544178][ T40] em28xx 5-1:0.130: unknown em28xx chip ID (0)
[ 57.564171][ T40] em28xx 5-1:0.130: Config register raw data: 0xfffffffb
[ 57.584203][ T40] em28xx 5-1:0.130: AC97 chip type couldn't be determined
[ 57.591373][ T40] em28xx 5-1:0.130: No AC97 audio processor
[ 57.597584][ T40] ==================================================================
[ 57.605534][ T40] BUG: KASAN: use-after-free in __list_add_valid+0x93/0xa0
[ 57.612784][ T40] Read of size 8 at addr ffff888027458250 by task kworker/1:1/40
[ 57.626082][ T40]
[ 57.628641][ T40] CPU: 1 PID: 40 Comm: kworker/1:1 Not tainted 5.17.0-syzkaller-10752-g52d543b5497c #0
[ 57.639992][ T40] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[ 57.650614][ T40] Workqueue: usb_hub_wq hub_event
[ 57.656922][ T40] Call Trace:
[ 57.660490][ T40]
[ 57.663811][ T40] dump_stack_lvl+0xcd/0x134
[ 57.669366][ T40] print_address_description.constprop.0.cold+0xeb/0x467
[ 57.678417][ T40] ? __list_add_valid+0x93/0xa0
[ 57.684185][ T40] kasan_report.cold+0xf4/0x1c6
[ 57.689982][ T40] ? em28xx_audio_setup+0x120/0x1e0
[ 57.695750][ T40] ? __list_add_valid+0x93/0xa0
[ 57.700700][ T40] __list_add_valid+0x93/0xa0
[ 57.705323][ T40] em28xx_init_extension+0x44/0x1f0
[ 57.710385][ T40] em28xx_init_dev.constprop.0+0xa8b/0x1746
[ 57.716275][ T40] ? __dev_printk+0xcf/0xf5
[ 57.720945][ T40] ? _dev_info+0xd7/0x109
[ 57.725082][ T40] ? em28xx_pre_card_setup+0x5f7/0x5f7
[ 57.730215][ T40] ? lockdep_init_map_type+0x21a/0x7f0
[ 57.735679][ T40] ? lockdep_init_map_type+0x21a/0x7f0
[ 57.741176][ T40] ? __raw_spin_lock_init+0x36/0x110
[ 57.746450][ T40] em28xx_usb_probe.cold+0xc29/0x258a
[ 57.751948][ T40] usb_probe_interface+0x315/0x7f0
[ 57.757335][ T40] ? usb_match_dynamic_id+0x1a0/0x1a0
[ 57.762617][ T40] really_probe+0x245/0xcc0
[ 57.768868][ T40] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 57.775579][ T40] __driver_probe_device+0x338/0x4d0
[ 57.782450][ T40] driver_probe_device+0x4c/0x1a0
[ 57.788423][ T40] __device_attach_driver+0x20b/0x2f0
[ 57.793371][ T40] ? driver_allows_async_probing+0x150/0x150
[ 57.799170][ T40] bus_for_each_drv+0x15f/0x1e0
[ 57.803951][ T40] ? bus_for_each_dev+0x1d0/0x1d0
[ 57.808998][ T40] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 57.814846][ T40] ? lockdep_hardirqs_on+0x79/0x100
[ 57.820221][ T40] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 57.825875][ T40] __device_attach+0x228/0x4a0
[ 57.830647][ T40] ? device_driver_attach+0x210/0x210
[ 57.835963][ T40] ? kobject_uevent_env+0x2ac/0x1600
[ 57.841366][ T40] bus_probe_device+0x1e4/0x290
[ 57.846129][ T40] device_add+0xb83/0x1e20
[ 57.850514][ T40] ? mark_held_locks+0x9f/0xe0
[ 57.855094][ T40] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0
[ 57.861763][ T40] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 57.867440][ T40] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 57.873583][ T40] usb_set_configuration+0x101e/0x1900
[ 57.879598][ T40] usb_generic_driver_probe+0xba/0x100
[ 57.885180][ T40] usb_probe_device+0xd9/0x2c0
[ 57.889825][ T40] ? usb_driver_release_interface+0x180/0x180
[ 57.895615][ T40] really_probe+0x245/0xcc0
[ 57.899775][ T40] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 57.905618][ T40] __driver_probe_device+0x338/0x4d0
[ 57.910640][ T40] driver_probe_device+0x4c/0x1a0
[ 57.915533][ T40] __device_attach_driver+0x20b/0x2f0
[ 57.920758][ T40] ? driver_allows_async_probing+0x150/0x150
[ 57.926744][ T40] bus_for_each_drv+0x15f/0x1e0
[ 57.931481][ T40] ? bus_for_each_dev+0x1d0/0x1d0
[ 57.936414][ T40] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 57.942058][ T40] ? lockdep_hardirqs_on+0x79/0x100
[ 57.947108][ T40] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 57.952907][ T40] __device_attach+0x228/0x4a0
[ 57.957566][ T40] ? device_driver_attach+0x210/0x210
[ 57.962902][ T40] ? kobject_uevent_env+0x2ac/0x1600
[ 57.967947][ T40] bus_probe_device+0x1e4/0x290
[ 57.972837][ T40] device_add+0xb83/0x1e20
[ 57.976907][ T40] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0
[ 57.983061][ T40] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 57.989211][ T40] usb_new_device.cold+0x641/0x1091
[ 57.994488][ T40] ? hub_disconnect+0x510/0x510
[ 58.000424][ T40] ? rwlock_bug.part.0+0x90/0x90
[ 58.005505][ T40] ? _raw_spin_unlock_irq+0x1f/0x40
[ 58.010611][ T40] hub_event+0x25c6/0x4680
[ 58.014946][ T40] ? hub_port_debounce+0x3c0/0x3c0
[ 58.020031][ T40] ? lock_release+0x720/0x720
[ 58.024667][ T40] ? lock_downgrade+0x6e0/0x6e0
[ 58.029587][ T40] ? do_raw_spin_lock+0x120/0x2a0
[ 58.034583][ T40] process_one_work+0x996/0x1610
[ 58.039428][ T40] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 58.044646][ T40] ? rwlock_bug.part.0+0x90/0x90
[ 58.049420][ T40] ? _raw_spin_lock_irq+0x41/0x50
[ 58.054290][ T40] worker_thread+0x854/0x1080
[ 58.058775][ T40] ? __kthread_parkme+0x15f/0x220
[ 58.063693][ T40] ? process_one_work+0x1610/0x1610
[ 58.069064][ T40] kthread+0x2e9/0x3a0
[ 58.073626][ T40] ? kthread_complete_and_exit+0x40/0x40
[ 58.079224][ T40] ret_from_fork+0x1f/0x30
[ 58.083558][ T40]
[ 58.086465][ T40]
[ 58.088735][ T40] Allocated by task 40:
[ 58.092814][ T40] kasan_save_stack+0x1e/0x40
[ 58.097517][ T40] __kasan_kmalloc+0xa6/0xd0
[ 58.101984][ T40] __kmalloc_track_caller+0x206/0x4d0
[ 58.107038][ T40] kmemdup+0x23/0x50
[ 58.111038][ T40] em28xx_usb_probe.cold+0x134a/0x258a
[ 58.116450][ T40] usb_probe_interface+0x315/0x7f0
[ 58.121590][ T40] really_probe+0x245/0xcc0
[ 58.126150][ T40] __driver_probe_device+0x338/0x4d0
[ 58.131271][ T40] driver_probe_device+0x4c/0x1a0
[ 58.136922][ T40] __device_attach_driver+0x20b/0x2f0
[ 58.142714][ T40] bus_for_each_drv+0x15f/0x1e0
[ 58.147430][ T40] __device_attach+0x228/0x4a0
[ 58.151870][ T40] bus_probe_device+0x1e4/0x290
[ 58.156491][ T40] device_add+0xb83/0x1e20
[ 58.160737][ T40] usb_set_configuration+0x101e/0x1900
[ 58.166065][ T40] usb_generic_driver_probe+0xba/0x100
[ 58.171297][ T40] usb_probe_device+0xd9/0x2c0
[ 58.175928][ T40] really_probe+0x245/0xcc0
[ 58.180155][ T40] __driver_probe_device+0x338/0x4d0
[ 58.185258][ T40] driver_probe_device+0x4c/0x1a0
[ 58.189889][ T40] __device_attach_driver+0x20b/0x2f0
[ 58.194751][ T40] bus_for_each_drv+0x15f/0x1e0
[ 58.199678][ T40] __device_attach+0x228/0x4a0
[ 58.204382][ T40] bus_probe_device+0x1e4/0x290
[ 58.209227][ T40] device_add+0xb83/0x1e20
[ 58.213567][ T40] usb_new_device.cold+0x641/0x1091
[ 58.218682][ T40] hub_event+0x25c6/0x4680
[ 58.222919][ T40] process_one_work+0x996/0x1610
[ 58.227585][ T40] worker_thread+0x665/0x1080
[ 58.231870][ T40] kthread+0x2e9/0x3a0
[ 58.235891][ T40] ret_from_fork+0x1f/0x30
[ 58.240763][ T40]
[ 58.243086][ T40] Freed by task 40:
[ 58.246827][ T40] kasan_save_stack+0x1e/0x40
[ 58.251356][ T40] kasan_set_track+0x21/0x30
[ 58.255857][ T40] kasan_set_free_info+0x20/0x30
[ 58.260936][ T40] ____kasan_slab_free+0x13d/0x180
[ 58.266291][ T40] kfree+0xfb/0x2c0
[ 58.270064][ T40] kref_put.constprop.0.isra.0+0x3d/0x7e
[ 58.275555][ T40] em28xx_usb_disconnect.cold+0x1c2/0x237
[ 58.281212][ T40] usb_unbind_interface+0x1d8/0x8e0
[ 58.286494][ T40] __device_release_driver+0x627/0x760
[ 58.291895][ T40] device_release_driver+0x26/0x40
[ 58.296917][ T40] bus_remove_device+0x2eb/0x5a0
[ 58.301773][ T40] device_del+0x4f3/0xc80
[ 58.305961][ T40] usb_disable_device+0x35b/0x7b0
[ 58.311000][ T40] usb_disconnect.cold+0x278/0x6ec
[ 58.316081][ T40] hub_event+0x1e74/0x4680
[ 58.320391][ T40] process_one_work+0x996/0x1610
[ 58.325312][ T40] worker_thread+0x854/0x1080
[ 58.329888][ T40] kthread+0x2e9/0x3a0
[ 58.333863][ T40] ret_from_fork+0x1f/0x30
[ 58.338151][ T40]
[ 58.340446][ T40] The buggy address belongs to the object at ffff888027458000
[ 58.340446][ T40] which belongs to the cache kmalloc-16k of size 16384
[ 58.354143][ T40] The buggy address is located 592 bytes inside of
[ 58.354143][ T40] 16384-byte region [ffff888027458000, ffff88802745c000)
[ 58.367094][ T40]
[ 58.369338][ T40] The buggy address belongs to the physical page:
[ 58.375646][ T40] page:ffffea00009d1600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27458
[ 58.386434][ T40] head:ffffea00009d1600 order:3 compound_mapcount:0 compound_pincount:0
[ 58.394328][ T40] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 58.401954][ T40] raw: 00fff00000010200 ffffea00008c5808 ffffea00009bf608 ffff888010c40b00
[ 58.410229][ T40] raw: 0000000000000000 ffff888027458000 0000000100000001 0000000000000000
[ 58.419554][ T40] page dumped because: kasan: bad access detected
[ 58.425764][ T40] page_owner tracks the page as allocated
[ 58.431326][ T40] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x2420c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_COMP|__GFP_THISNODE), pid 40, tgid 40 (kworker/1:1), ts 55959586532, free_ts 54110027164
[ 58.450038][ T40] get_page_from_freelist+0xba2/0x3df0
[ 58.455642][ T40] __alloc_pages+0x1b2/0x500
[ 58.460362][ T40] cache_grow_begin+0x75/0x350
[ 58.465117][ T40] cache_alloc_refill+0x27f/0x380
[ 58.470110][ T40] __kmalloc_track_caller+0x3b0/0x4d0
[ 58.475480][ T40] kmemdup+0x23/0x50
[ 58.479813][ T40] em28xx_usb_probe.cold+0x134a/0x258a
[ 58.485576][ T40] usb_probe_interface+0x315/0x7f0
[ 58.490560][ T40] really_probe+0x245/0xcc0
[ 58.495023][ T40] __driver_probe_device+0x338/0x4d0
[ 58.500189][ T40] driver_probe_device+0x4c/0x1a0
[ 58.505321][ T40] __device_attach_driver+0x20b/0x2f0
[ 58.510603][ T40] bus_for_each_drv+0x15f/0x1e0
[ 58.515303][ T40] __device_attach+0x228/0x4a0
[ 58.519981][ T40] bus_probe_device+0x1e4/0x290
[ 58.524733][ T40] device_add+0xb83/0x1e20
[ 58.528972][ T40] page last free stack trace:
[ 58.533575][ T40] free_pcp_prepare+0x549/0xd20
[ 58.538309][ T40] free_unref_page+0x19/0x690
[ 58.542879][ T40] skb_free_head+0x96/0x110
[ 58.547292][ T40] skb_release_data+0x6bc/0x810
[ 58.552772][ T40] __kfree_skb+0x46/0x60
[ 58.557883][ T40] tcp_recvmsg+0x1ca/0x610
[ 58.562998][ T40] inet_recvmsg+0x11b/0x5e0
[ 58.567961][ T40] sock_read_iter+0x33c/0x470
[ 58.572922][ T40] new_sync_read+0x5c2/0x6e0
[ 58.577489][ T40] vfs_read+0x49b/0x5e0
[ 58.581474][ T40] ksys_read+0x1ee/0x250
[ 58.585828][ T40] do_syscall_64+0x35/0xb0
[ 58.590768][ T40] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 58.596623][ T40]
[ 58.598812][ T40] Memory state around the buggy address:
[ 58.604261][ T40] ffff888027458100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.612235][ T40] ffff888027458180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.619889][ T40] >ffff888027458200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.627772][ T40] ^
[ 58.635409][ T40] ffff888027458280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.642953][ T40] ffff888027458300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.650770][ T40] ==================================================================
[ 58.664227][ T40] Kernel panic - not syncing: panic_on_warn set ...
[ 58.671718][ T40] CPU: 1 PID: 40 Comm: kworker/1:1 Not tainted 5.17.0-syzkaller-10752-g52d543b5497c #0
[ 58.681217][ T40] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[ 58.689865][ T40] Workqueue: usb_hub_wq hub_event
[ 58.694731][ T40] Call Trace:
[ 58.698074][ T40]
[ 58.700892][ T40] dump_stack_lvl+0xcd/0x134
[ 58.705298][ T40] panic+0x2d7/0x636
[ 58.709258][ T40] ? panic_print_sys_info.part.0+0x10b/0x10b
[ 58.715065][ T40] ? preempt_schedule_common+0x59/0xc0
[ 58.720408][ T40] ? __list_add_valid+0x93/0xa0
[ 58.725138][ T40] ? preempt_schedule_thunk+0x16/0x18
[ 58.730955][ T40] ? __list_add_valid+0x93/0xa0
[ 58.735677][ T40] end_report.part.0+0x3f/0x7c
[ 58.741123][ T40] kasan_report.cold+0x93/0x1c6
[ 58.745861][ T40] ? em28xx_audio_setup+0x120/0x1e0
[ 58.750896][ T40] ? __list_add_valid+0x93/0xa0
[ 58.755711][ T40] __list_add_valid+0x93/0xa0
[ 58.760293][ T40] em28xx_init_extension+0x44/0x1f0
[ 58.765376][ T40] em28xx_init_dev.constprop.0+0xa8b/0x1746
[ 58.771243][ T40] ? __dev_printk+0xcf/0xf5
[ 58.775618][ T40] ? _dev_info+0xd7/0x109
[ 58.779815][ T40] ? em28xx_pre_card_setup+0x5f7/0x5f7
[ 58.785150][ T40] ? lockdep_init_map_type+0x21a/0x7f0
[ 58.790360][ T40] ? lockdep_init_map_type+0x21a/0x7f0
[ 58.795639][ T40] ? __raw_spin_lock_init+0x36/0x110
[ 58.800754][ T40] em28xx_usb_probe.cold+0xc29/0x258a
[ 58.805978][ T40] usb_probe_interface+0x315/0x7f0
[ 58.810987][ T40] ? usb_match_dynamic_id+0x1a0/0x1a0
[ 58.816611][ T40] really_probe+0x245/0xcc0
[ 58.821189][ T40] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 58.827468][ T40] __driver_probe_device+0x338/0x4d0
[ 58.832676][ T40] driver_probe_device+0x4c/0x1a0
[ 58.837502][ T40] __device_attach_driver+0x20b/0x2f0
[ 58.842665][ T40] ? driver_allows_async_probing+0x150/0x150
[ 58.848468][ T40] bus_for_each_drv+0x15f/0x1e0
[ 58.853030][ T40] ? bus_for_each_dev+0x1d0/0x1d0
[ 58.857819][ T40] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 58.863610][ T40] ? lockdep_hardirqs_on+0x79/0x100
[ 58.868504][ T40] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 58.874153][ T40] __device_attach+0x228/0x4a0
[ 58.878829][ T40] ? device_driver_attach+0x210/0x210
[ 58.884142][ T40] ? kobject_uevent_env+0x2ac/0x1600
[ 58.889528][ T40] bus_probe_device+0x1e4/0x290
[ 58.894452][ T40] device_add+0xb83/0x1e20
[ 58.898725][ T40] ? mark_held_locks+0x9f/0xe0
[ 58.903391][ T40] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0
[ 58.909442][ T40] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 58.915034][ T40] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 58.921083][ T40] usb_set_configuration+0x101e/0x1900
[ 58.926333][ T40] usb_generic_driver_probe+0xba/0x100
[ 58.931743][ T40] usb_probe_device+0xd9/0x2c0
[ 58.936375][ T40] ? usb_driver_release_interface+0x180/0x180
[ 58.942278][ T40] really_probe+0x245/0xcc0
[ 58.946686][ T40] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 58.952877][ T40] __driver_probe_device+0x338/0x4d0
[ 58.957988][ T40] driver_probe_device+0x4c/0x1a0
[ 58.963393][ T40] __device_attach_driver+0x20b/0x2f0
[ 58.968655][ T40] ? driver_allows_async_probing+0x150/0x150
[ 58.974380][ T40] bus_for_each_drv+0x15f/0x1e0
[ 58.979166][ T40] ? bus_for_each_dev+0x1d0/0x1d0
[ 58.984129][ T40] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 58.990276][ T40] ? lockdep_hardirqs_on+0x79/0x100
[ 58.995490][ T40] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 59.001191][ T40] __device_attach+0x228/0x4a0
[ 59.005832][ T40] ? device_driver_attach+0x210/0x210
[ 59.011103][ T40] ? kobject_uevent_env+0x2ac/0x1600
[ 59.016030][ T40] bus_probe_device+0x1e4/0x290
[ 59.020909][ T40] device_add+0xb83/0x1e20
[ 59.025693][ T40] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0
[ 59.033273][ T40] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 59.039358][ T40] usb_new_device.cold+0x641/0x1091
[ 59.044445][ T40] ? hub_disconnect+0x510/0x510
[ 59.049178][ T40] ? rwlock_bug.part.0+0x90/0x90
[ 59.053966][ T40] ? _raw_spin_unlock_irq+0x1f/0x40
[ 59.059048][ T40] hub_event+0x25c6/0x4680
[ 59.063329][ T40] ? hub_port_debounce+0x3c0/0x3c0
[ 59.068359][ T40] ? lock_release+0x720/0x720
[ 59.072703][ T40] ? lock_downgrade+0x6e0/0x6e0
[ 59.077399][ T40] ? do_raw_spin_lock+0x120/0x2a0
[ 59.082294][ T40] process_one_work+0x996/0x1610
[ 59.087052][ T40] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 59.092293][ T40] ? rwlock_bug.part.0+0x90/0x90
[ 59.097880][ T40] ? _raw_spin_lock_irq+0x41/0x50
[ 59.103171][ T40] worker_thread+0x854/0x1080
[ 59.108508][ T40] ? __kthread_parkme+0x15f/0x220
[ 59.113660][ T40] ? process_one_work+0x1610/0x1610
[ 59.118665][ T40] kthread+0x2e9/0x3a0
[ 59.122925][ T40] ? kthread_complete_and_exit+0x40/0x40
[ 59.128704][ T40] ret_from_fork+0x1f/0x30
[ 59.133512][ T40]
[ 59.137374][ T40] Kernel Offset: disabled
[ 59.141627][ T40] Rebooting in 86400 seconds..
VM DIAGNOSIS:
22:51:31 Registers:
info registers vcpu 0
RAX=000000000002ada7 RBX=ffffffff8babc700 RCX=ffffffff895e6291 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffffff8ba07e40
R8 =0000000000000001 R9 =ffff88802ca3b013 R10=ffffed1005947602 R11=0000000000000000
R12=fffffbfff17578e0 R13=0000000000000000 R14=ffffffff8db49590 R15=0000000000000000
RIP=ffffffff89614e1b RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00000000
FS =0000 0000000000000000 ffffffff 00000000
GS =0000 ffff88802ca00000 ffffffff 00000000
LDT=0000 0000000000000000 ffffffff 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffbaff26c60 CR3=0000000014719000 CR4=00150ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff
XMM02=ffffffffffffffffffffffffffffffff XMM03=ffffffffffffffffffffffffffffffff
XMM04=000000000000000000000000000000ff XMM05=000000000000000000000000000000ff
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff8450788c RDI=ffffffff90832ea0 RBP=ffffffff90832e60 RSP=ffffc90000886a50
R8 =0000000000000056 R9 =0000000000000000 R10=ffffffff8450787d R11=000000000000001f
R12=0000000000000000 R13=fffffbfff210661f R14=fffffbfff21065d6 R15=dffffc0000000000
RIP=ffffffff845078b2 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802cb00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007fffc9fea188 CR3=00000000241db000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f
XMM02=0000000000000000000000ff00000000 XMM03=ff00000000ff000000ff000000000000
XMM04=00000000000000000000000000000000 XMM05=000000000000000000000000000000ff
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 2
RAX=ffffc90002910000 RBX=1ffff92000521f15 RCX=1ffff92000521f30 RDX=1ffff92000521f2a
RSI=ffffc9000290fd40 RDI=ffffc9000290f950 RBP=ffffc9000290fd70 RSP=ffffc9000290f868
R8 =ffffffff8ea61ee2 R9 =0000000000000001 R10=fffff52000521f33 R11=000000000008a078
R12=ffffc90002908000 R13=ffffc9000290f975 R14=ffffc9000290f940 R15=ffffc9000290f974
RIP=ffffffff8134df47 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f913f1ba800 ffffffff 00c00000
GS =0000 ffff88802cc00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe000008f000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055dd6db93cd0 CR3=00000000199bb000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=25252525252525252525252525252525 XMM01=0000ff0000000000ff0000000000ff00
XMM02=0000ff0000000000ff0000000000ff00 XMM03=00000000000000000000000000000000
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=5245004c415441460054454955510029 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 3
RAX=00000000000259e3 RBX=ffff888011944280 RCX=ffffffff895e6291 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000003 RSP=ffffc9000069fdf8
R8 =0000000000000001 R9 =ffff88802cd3b013 R10=ffffed10059a7602 R11=0000000000000000
R12=ffffed1002328850 R13=0000000000000003 R14=ffffffff8db49590 R15=0000000000000000
RIP=ffffffff89614e1b RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00000000
FS =0000 0000000000000000 ffffffff 00000000
GS =0000 ffff88802cd00000 ffffffff 00000000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe00000d6000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055dd6dad2ed8 CR3=000000001f3e5000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a XMM01=000000000000000000000000000000ff
XMM02=000000000000000000000000000000ff XMM03=3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d3d
XMM04=205b5d3934313534392e34352020205b XMM05=665f7268633d7373616c637420745f65
XMM06=5f6d65747379733d747865746e6f6374 XMM07=79733a746f6f723d747865746e6f6373
XMM08=745f6563697665643a725f7463656a00 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000