------------[ cut here ]------------ !atomic_read(&kn->count) WARNING: fs/kernfs/dir.c:560 at kernfs_get.part.0+0x6e/0x80 fs/kernfs/dir.c:560, CPU#1: kworker/1:1/60 Modules linked in: CPU: 1 UID: 0 PID: 60 Comm: kworker/1:1 Tainted: G L syzkaller #0 PREEMPT(full) Tainted: [L]=SOFTLOCKUP Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 Workqueue: events request_firmware_work_func RIP: 0010:kernfs_get.part.0+0x6e/0x80 fs/kernfs/dir.c:560 Code: d8 a0 4b ff 85 ed 74 1c e8 5f a6 4b ff be 04 00 00 00 48 89 df e8 12 1f bc ff f0 ff 03 5b 5d e9 88 37 e2 08 e8 43 a6 4b ff 90 <0f> 0b 90 eb d9 48 89 df e8 25 19 bc ff eb c0 0f 1f 00 90 90 90 90 RSP: 0018:ffffc90000adf7c0 EFLAGS: 00010293 RAX: 0000000000000000 RBX: ffff888029dbc3c0 RCX: ffffffff82bdd9b8 RDX: ffff888022874a80 RSI: ffffffff82bdd9dd RDI: ffff888022874a80 RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: ffff88802cdc9038 R14: 0000000000000000 R15: ffff88802cdc9030 FS: 0000000000000000(0000) GS:ffff8880d61e0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f1909617dac CR3: 00000000223bd000 CR4: 0000000000352ef0 DR0: 0000000000000008 DR1: 0000000000000007 DR2: 0000000000000000 DR3: 000000000000000a DR6: 00000000ffff0ff0 DR7: 0000000000000400 Call Trace: kernfs_get+0x1f/0x30 fs/kernfs/dir.c:559 sysfs_get include/linux/sysfs.h:802 [inline] create_dir lib/kobject.c:89 [inline] kobject_add_internal+0x359/0x930 lib/kobject.c:240 kobject_add_varg lib/kobject.c:374 [inline] kobject_add+0x16a/0x1e0 lib/kobject.c:426 device_add+0x294/0x1970 drivers/base/core.c:3695 fw_load_sysfs_fallback drivers/base/firmware_loader/fallback.c:86 [inline] fw_load_from_user_helper drivers/base/firmware_loader/fallback.c:162 [inline] firmware_fallback_sysfs+0x2e2/0xc20 drivers/base/firmware_loader/fallback.c:238 _request_firmware+0xfd7/0x13c0 drivers/base/firmware_loader/main.c:898 request_firmware_work_func+0xee/0x440 drivers/base/firmware_loader/main.c:1162 process_one_work+0xa23/0x1940 kernel/workqueue.c:3322 process_scheduled_works kernel/workqueue.c:3405 [inline] worker_thread+0x5ef/0xe50 kernel/workqueue.c:3486 kthread+0x370/0x450 kernel/kthread.c:436 ret_from_fork+0x72b/0xd50 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245