dhcpcd-9.4.0 starting
dev: loaded udev
DUID 00:04:60:53:42:71:88:b7:f6:77:35:a2:41:23:0b:7b:f3:52
forked to background, child pid 1218
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.1.79' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 29.976165][ T582] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 30.336196][ T582] usb 1-1: config 0 has an invalid interface number: 120 but max is 0
[ 30.336215][ T582] usb 1-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[ 30.336227][ T582] usb 1-1: config 0 has no interface number 0
[ 30.336268][ T582] usb 1-1: config 0 interface 120 altsetting 6 has an invalid endpoint with address 0x80, skipping
[ 30.336284][ T582] usb 1-1: config 0 interface 120 altsetting 6 has a duplicate endpoint with address 0xF, skipping
[ 30.336316][ T582] usb 1-1: config 0 interface 120 altsetting 6 has a duplicate endpoint with address 0xD, skipping
[ 30.336330][ T582] usb 1-1: config 0 interface 120 has no altsetting 0
[ 30.496220][ T582] usb 1-1: New USB device found, idVendor=182d, idProduct=021c, bcdDevice=bd.3f
[ 30.496264][ T582] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 30.496277][ T582] usb 1-1: Product: syz
[ 30.496286][ T582] usb 1-1: Manufacturer: syz
[ 30.496295][ T582] usb 1-1: SerialNumber: syz
[ 30.498043][ T582] usb 1-1: config 0 descriptor??
executing program
[ 30.817601][ T582] usb 1-1: USB2VGA dongle found at address 2
[ 30.820392][ T582] usb 1-1: Allocated 8 output buffers
[ 30.820413][ T582] ------------[ cut here ]------------
[ 30.820419][ T582] usb 1-1: BOGUS urb xfer, pipe 3 != type 1
[ 30.820663][ T582] WARNING: CPU: 1 PID: 582 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0
[ 30.852994][ T582] Modules linked in:
[ 30.856947][ T582] CPU: 1 PID: 582 Comm: kworker/1:2 Not tainted 5.19.0-rc1-syzkaller-00044-g477122a1eec3 #0
[ 30.867110][ T582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 30.877253][ T582] Workqueue: usb_hub_wq hub_event
[ 30.882303][ T582] RIP: 0010:usb_submit_urb+0xed2/0x18a0
[ 30.887937][ T582] Code: 7c 24 18 e8 b0 42 8f fd 48 8b 7c 24 18 e8 46 41 18 ff 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 80 17 a9 86 e8 06 f1 09 02 <0f> 0b e9 58 f8 ff ff e8 82 42 8f fd 48 81 c5 b8 05 00 00 e9 84 f7
[ 30.907645][ T582] RSP: 0018:ffffc9000263ed30 EFLAGS: 00010282
[ 30.913727][ T582] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
[ 30.921759][ T582] RDX: ffff88810f755580 RSI: ffffffff812c1fc8 RDI: fffff520004c7d98
[ 30.929834][ T582] RBP: ffff888109133940 R08: 0000000000000005 R09: 0000000000000000
[ 30.937888][ T582] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000003
[ 30.945874][ T582] R13: ffff88811b08bf50 R14: 0000000000000003 R15: ffff8881009e9f00
[ 30.954188][ T582] FS: 0000000000000000(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000
[ 30.963180][ T582] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 30.969844][ T582] CR2: 00007ffc99c114a8 CR3: 000000010d1cd000 CR4: 00000000003506e0
[ 30.977904][ T582] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 30.977904][ T582] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 30.977940][ T582] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 30.977960][ T582] Call Trace:
[ 30.977971][ T582]
[ 30.977985][ T582] sisusb_send_bulk_msg.constprop.0+0x904/0x1230
[ 30.978031][ T582] ? sisusb_recv_bulk_msg.constprop.0+0x850/0x850
[ 30.978065][ T582] ? kasan_save_stack+0x2e/0x40
[ 30.978095][ T582] ? kasan_save_stack+0x1e/0x40
[ 30.978125][ T582] ? __kasan_kmalloc+0x81/0xa0
[ 30.978154][ T582] ? usb_alloc_urb+0xa5/0xb0
[ 30.978179][ T582] ? dev_printk_emit+0xba/0xf1
[ 30.978209][ T582] sisusb_init_gfxdevice+0x87b/0x4000
[ 30.978236][ T582] ? device_add+0xbda/0x1ea0
[ 30.978261][ T582] ? usb_new_device.cold+0x641/0x1091
[ 30.978292][ T582] ? hub_event+0x25d5/0x4690
[ 30.978322][ T582] ? worker_thread+0x665/0x1080
[ 30.978351][ T582] ? ret_from_fork+0x1f/0x30
[ 30.978379][ T582] ? __dev_printk+0xcf/0xf5
[ 30.978405][ T582] ? sisusb_set_default_mode+0xbc0/0xbc0
[ 30.978432][ T582] ? _dev_info+0xd7/0x109
[ 30.978457][ T582] ? _dev_notice+0x109/0x109
[ 30.978485][ T582] ? perf_trace_irq_matrix_global+0x2c0/0x610
[ 30.978519][ T582] ? lockdep_init_map_type+0x21a/0x7f0
[ 30.978549][ T582] ? kobject_get+0xbc/0x150
[ 30.978575][ T582] sisusb_probe+0x9ce/0xbe3
[ 30.978607][ T582] usb_probe_interface+0x315/0x7f0
[ 30.978637][ T582] ? usb_match_dynamic_id+0x1a0/0x1a0
[ 30.978666][ T582] really_probe+0x23e/0xb90
[ 30.978694][ T582] __driver_probe_device+0x338/0x4d0
[ 30.978721][ T582] ? usb_match_id.part.0+0x15d/0x1b0
[ 30.978750][ T582] driver_probe_device+0x4c/0x1a0
[ 30.978778][ T582] __device_attach_driver+0x20b/0x2f0
[ 30.978814][ T582] ? driver_allows_async_probing+0x170/0x170
[ 30.978844][ T582] bus_for_each_drv+0x15f/0x1e0
[ 30.978870][ T582] ? bus_for_each_dev+0x1d0/0x1d0
[ 30.978895][ T582] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 30.978929][ T582] ? lockdep_hardirqs_on+0x79/0x100
[ 30.978956][ T582] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 30.978989][ T582] __device_attach+0x1e4/0x530
[ 30.979017][ T582] ? device_driver_attach+0x210/0x210
[ 30.979046][ T582] ? kobject_uevent_env+0x2ac/0x1660
[ 30.979073][ T582] bus_probe_device+0x1e4/0x290
[ 30.979101][ T582] device_add+0xbda/0x1ea0
[ 30.979126][ T582] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0
[ 30.979154][ T582] ? usb_cache_string+0x102/0x140
[ 30.979180][ T582] ? usb_string+0x3d4/0x530
[ 30.979206][ T582] usb_set_configuration+0x101e/0x1900
[ 30.979238][ T582] usb_generic_driver_probe+0xba/0x100
[ 30.979266][ T582] usb_probe_device+0xd9/0x2c0
[ 30.979293][ T582] ? usb_driver_release_interface+0x180/0x180
[ 30.979324][ T582] really_probe+0x23e/0xb90
[ 30.979351][ T582] __driver_probe_device+0x338/0x4d0
[ 30.979380][ T582] driver_probe_device+0x4c/0x1a0
[ 30.979408][ T582] __device_attach_driver+0x20b/0x2f0
[ 30.979438][ T582] ? driver_allows_async_probing+0x170/0x170
[ 30.979467][ T582] bus_for_each_drv+0x15f/0x1e0
[ 30.979494][ T582] ? bus_for_each_dev+0x1d0/0x1d0
[ 30.979519][ T582] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 30.979552][ T582] ? lockdep_hardirqs_on+0x79/0x100
[ 30.979579][ T582] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 30.979613][ T582] __device_attach+0x1e4/0x530
[ 30.979640][ T582] ? device_driver_attach+0x210/0x210
[ 30.979669][ T582] ? kobject_uevent_env+0x2ac/0x1660
[ 30.979697][ T582] bus_probe_device+0x1e4/0x290
[ 30.979725][ T582] device_add+0xbda/0x1ea0
[ 30.979750][ T582] ? lockdep_hardirqs_on+0x79/0x100
[ 30.979776][ T582] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0
[ 30.979813][ T582] ? add_device_randomness+0xb4/0xe0
[ 30.979848][ T582] usb_new_device.cold+0x641/0x1091
[ 30.979880][ T582] ? hub_disconnect+0x510/0x510
[ 30.979910][ T582] ? rwlock_bug.part.0+0x90/0x90
[ 30.979939][ T582] ? _raw_spin_unlock_irq+0x1f/0x40
[ 30.979971][ T582] ? _raw_spin_unlock_irq+0x1f/0x40
[ 30.980004][ T582] hub_event+0x25d5/0x4690
[ 30.980039][ T582] ? hub_port_debounce+0x3c0/0x3c0
[ 30.980071][ T582] ? lock_release+0x780/0x780
[ 30.980098][ T582] ? lock_downgrade+0x6e0/0x6e0
[ 30.980126][ T582] ? do_raw_spin_lock+0x120/0x2a0
[ 30.980158][ T582] process_one_work+0x996/0x1610
[ 30.980188][ T582] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 30.980218][ T582] ? rwlock_bug.part.0+0x90/0x90
[ 30.980247][ T582] ? _raw_spin_lock_irq+0x41/0x50
[ 30.980280][ T582] worker_thread+0x665/0x1080
[ 30.980310][ T582] ? __kthread_parkme+0x15f/0x220
[ 30.980335][ T582] ? process_one_work+0x1610/0x1610
[ 30.980364][ T582] kthread+0x2ef/0x3a0
[ 30.980389][ T582] ? kthread_complete_and_exit+0x40/0x40
[ 30.980417][ T582] ret_from_fork+0x1f/0x30
[ 30.980446][ T582]
[ 30.980460][ T582] Kernel panic - not syncing: panic_on_warn set ...
[ 30.980472][ T582] CPU: 1 PID: 582 Comm: kworker/1:2 Not tainted 5.19.0-rc1-syzkaller-00044-g477122a1eec3 #0
[ 30.980499][ T582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 30.980517][ T582] Workqueue: usb_hub_wq hub_event
[ 30.980546][ T582] Call Trace:
[ 30.980555][ T582]
[ 30.980563][ T582] dump_stack_lvl+0xcd/0x134
[ 30.980588][ T582] panic+0x2d7/0x636
[ 30.980613][ T582] ? panic_print_sys_info.part.0+0x10b/0x10b
[ 30.980642][ T582] ? __warn.cold+0x1d9/0x2cd
[ 30.980668][ T582] ? usb_submit_urb+0xed2/0x18a0
[ 30.980692][ T582] __warn.cold+0x1ea/0x2cd
[ 30.980717][ T582] ? __wake_up_klogd.part.0+0x99/0xf0
[ 30.980744][ T582] ? usb_submit_urb+0xed2/0x18a0
[ 30.980768][ T582] report_bug+0x1bc/0x210
[ 30.980800][ T582] handle_bug+0x3c/0x60
[ 30.980828][ T582] exc_invalid_op+0x14/0x40
[ 30.980856][ T582] asm_exc_invalid_op+0x1b/0x20
[ 30.980880][ T582] RIP: 0010:usb_submit_urb+0xed2/0x18a0
[ 30.980906][ T582] Code: 7c 24 18 e8 b0 42 8f fd 48 8b 7c 24 18 e8 46 41 18 ff 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 80 17 a9 86 e8 06 f1 09 02 <0f> 0b e9 58 f8 ff ff e8 82 42 8f fd 48 81 c5 b8 05 00 00 e9 84 f7
[ 30.980929][ T582] RSP: 0018:ffffc9000263ed30 EFLAGS: 00010282
[ 30.980951][ T582] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
[ 30.980967][ T582] RDX: ffff88810f755580 RSI: ffffffff812c1fc8 RDI: fffff520004c7d98
[ 30.980985][ T582] RBP: ffff888109133940 R08: 0000000000000005 R09: 0000000000000000
[ 30.981002][ T582] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000003
[ 30.981017][ T582] R13: ffff88811b08bf50 R14: 0000000000000003 R15: ffff8881009e9f00
[ 30.981036][ T582] ? vprintk+0x88/0x90
[ 30.981064][ T582] sisusb_send_bulk_msg.constprop.0+0x904/0x1230
[ 30.981099][ T582] ? sisusb_recv_bulk_msg.constprop.0+0x850/0x850
[ 30.981131][ T582] ? kasan_save_stack+0x2e/0x40
[ 30.981158][ T582] ? kasan_save_stack+0x1e/0x40
[ 30.981184][ T582] ? __kasan_kmalloc+0x81/0xa0
[ 30.981211][ T582] ? usb_alloc_urb+0xa5/0xb0
[ 30.981233][ T582] ? dev_printk_emit+0xba/0xf1
[ 30.981258][ T582] sisusb_init_gfxdevice+0x87b/0x4000
[ 30.981282][ T582] ? device_add+0xbda/0x1ea0
[ 30.981303][ T582] ? usb_new_device.cold+0x641/0x1091
[ 30.981331][ T582] ? hub_event+0x25d5/0x4690
[ 30.981358][ T582] ? worker_thread+0x665/0x1080
[ 30.981383][ T582] ? ret_from_fork+0x1f/0x30
[ 30.981408][ T582] ? __dev_printk+0xcf/0xf5
[ 30.981432][ T582] ? sisusb_set_default_mode+0xbc0/0xbc0
[ 30.981456][ T582] ? _dev_info+0xd7/0x109
[ 30.981480][ T582] ? _dev_notice+0x109/0x109
[ 30.981505][ T582] ? perf_trace_irq_matrix_global+0x2c0/0x610
[ 30.981536][ T582] ? lockdep_init_map_type+0x21a/0x7f0
[ 30.981564][ T582] ? kobject_get+0xbc/0x150
[ 30.981586][ T582] sisusb_probe+0x9ce/0xbe3
[ 30.981616][ T582] usb_probe_interface+0x315/0x7f0
[ 30.981643][ T582] ? usb_match_dynamic_id+0x1a0/0x1a0
[ 30.981669][ T582] really_probe+0x23e/0xb90
[ 30.981694][ T582] __driver_probe_device+0x338/0x4d0
[ 30.981719][ T582] ? usb_match_id.part.0+0x15d/0x1b0
[ 30.981746][ T582] driver_probe_device+0x4c/0x1a0
[ 30.981772][ T582] __device_attach_driver+0x20b/0x2f0
[ 30.981804][ T582] ? driver_allows_async_probing+0x170/0x170
[ 30.981831][ T582] bus_for_each_drv+0x15f/0x1e0
[ 30.981854][ T582] ? bus_for_each_dev+0x1d0/0x1d0
[ 30.981877][ T582] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 30.981908][ T582] ? lockdep_hardirqs_on+0x79/0x100
[ 30.981932][ T582] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 30.981964][ T582] __device_attach+0x1e4/0x530
[ 30.981989][ T582] ? device_driver_attach+0x210/0x210
[ 30.982015][ T582] ? kobject_uevent_env+0x2ac/0x1660
[ 30.982040][ T582] bus_probe_device+0x1e4/0x290
[ 30.982065][ T582] device_add+0xbda/0x1ea0
[ 30.982088][ T582] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0
[ 30.982113][ T582] ? usb_cache_string+0x102/0x140
[ 30.982137][ T582] ? usb_string+0x3d4/0x530
[ 30.982162][ T582] usb_set_configuration+0x101e/0x1900
[ 30.982191][ T582] usb_generic_driver_probe+0xba/0x100
[ 30.982216][ T582] usb_probe_device+0xd9/0x2c0
[ 30.982242][ T582] ? usb_driver_release_interface+0x180/0x180
[ 30.982269][ T582] really_probe+0x23e/0xb90
[ 30.982294][ T582] __driver_probe_device+0x338/0x4d0
[ 30.982320][ T582] driver_probe_device+0x4c/0x1a0
[ 30.982345][ T582] __device_attach_driver+0x20b/0x2f0
[ 30.982372][ T582] ? driver_allows_async_probing+0x170/0x170
[ 30.982399][ T582] bus_for_each_drv+0x15f/0x1e0
[ 30.982422][ T582] ? bus_for_each_dev+0x1d0/0x1d0
[ 30.982445][ T582] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 30.982476][ T582] ? lockdep_hardirqs_on+0x79/0x100
[ 30.982499][ T582] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 30.982530][ T582] __device_attach+0x1e4/0x530
[ 30.982555][ T582] ? device_driver_attach+0x210/0x210
[ 30.982581][ T582] ? kobject_uevent_env+0x2ac/0x1660
[ 30.982606][ T582] bus_probe_device+0x1e4/0x290
[ 30.982631][ T582] device_add+0xbda/0x1ea0
[ 30.982653][ T582] ? lockdep_hardirqs_on+0x79/0x100
[ 30.982677][ T582] ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0
[ 30.982702][ T582] ? add_device_randomness+0xb4/0xe0
[ 30.982734][ T582] usb_new_device.cold+0x641/0x1091
[ 30.982763][ T582] ? hub_disconnect+0x510/0x510
[ 30.982795][ T582] ? rwlock_bug.part.0+0x90/0x90
[ 30.982822][ T582] ? _raw_spin_unlock_irq+0x1f/0x40
[ 30.982851][ T582] ? _raw_spin_unlock_irq+0x1f/0x40
[ 30.982881][ T582] hub_event+0x25d5/0x4690
[ 30.982912][ T582] ? hub_port_debounce+0x3c0/0x3c0
[ 30.982942][ T582] ? lock_release+0x780/0x780
[ 30.982966][ T582] ? lock_downgrade+0x6e0/0x6e0
[ 30.982991][ T582] ? do_raw_spin_lock+0x120/0x2a0
[ 30.983020][ T582] process_one_work+0x996/0x1610
[ 30.983047][ T582] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 30.983075][ T582] ? rwlock_bug.part.0+0x90/0x90
[ 30.983101][ T582] ? _raw_spin_lock_irq+0x41/0x50
[ 30.983130][ T582] worker_thread+0x665/0x1080
[ 30.983158][ T582] ? __kthread_parkme+0x15f/0x220
[ 30.983180][ T582] ? process_one_work+0x1610/0x1610
[ 30.983207][ T582] kthread+0x2ef/0x3a0
[ 30.983229][ T582] ? kthread_complete_and_exit+0x40/0x40
[ 30.983255][ T582] ret_from_fork+0x1f/0x30
[ 30.983280][ T582]
[ 30.986027][ T582] Kernel Offset: disabled