Warning: Permanently added '10.128.0.119' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 73.296359][ T3182] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 73.675875][ T3182] usb 1-1: config 0 has an invalid interface number: 237 but max is 0 [ 73.684204][ T3182] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 73.695257][ T3182] usb 1-1: config 0 has no interface number 0 [ 73.701671][ T3182] usb 1-1: config 0 interface 237 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 73.713185][ T3182] usb 1-1: New USB device found, idVendor=2040, idProduct=826d, bcdDevice=98.19 [ 73.722561][ T3182] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.735960][ T3182] usb 1-1: config 0 descriptor?? [ 73.779489][ T3182] em28xx 1-1:0.237: New device @ 480 Mbps (2040:826d, interface 237, class 237) [ 73.789119][ T3182] em28xx 1-1:0.237: Audio interface 237 found (Vendor Class) executing program [ 74.025924][ T3182] em28xx 1-1:0.237: unknown em28xx chip ID (0) [ 74.045895][ T3182] em28xx 1-1:0.237: Config register raw data: 0xfffffffb [ 74.065714][ T3182] em28xx 1-1:0.237: AC97 chip type couldn't be determined [ 74.072902][ T3182] em28xx 1-1:0.237: No AC97 audio processor [ 74.083133][ T3182] em28xx 1-1:0.237: We currently don't support analog TV or stream capture on dual tuners. [ 74.225762][ T3182] em28xx 1-1:0.237: unknown em28xx chip ID (0) [ 74.246284][ T3182] em28xx 1-1:0.237: Config register raw data: 0xfffffffb [ 74.265661][ T3182] em28xx 1-1:0.237: AC97 chip type couldn't be determined [ 74.272950][ T3182] em28xx 1-1:0.237: No AC97 audio processor [ 74.522586][ T3182] usb 1-1: USB disconnect, device number 2 [ 74.531199][ T3182] em28xx 1-1:0.237: Disconnecting em28xx #1 [ 74.543404][ T3182] em28xx 1-1:0.237: Disconnecting em28xx [ 74.556638][ T3182] em28xx 1-1:0.237: Freeing device [ 74.561820][ T3182] em28xx 1-1:0.237: Freeing device [ 74.925496][ T3182] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 75.295633][ T3182] usb 1-1: config 0 has an invalid interface number: 237 but max is 0 [ 75.303832][ T3182] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 75.315681][ T3182] usb 1-1: config 0 has no interface number 0 [ 75.321773][ T3182] usb 1-1: config 0 interface 237 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 75.334103][ T3182] usb 1-1: New USB device found, idVendor=2040, idProduct=826d, bcdDevice=98.19 [ 75.344081][ T3182] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.355216][ T3182] usb 1-1: config 0 descriptor?? [ 75.408227][ T3182] em28xx 1-1:0.237: New device @ 480 Mbps (2040:826d, interface 237, class 237) [ 75.418893][ T3182] em28xx 1-1:0.237: Audio interface 237 found (Vendor Class) executing program [ 75.676058][ T3182] em28xx 1-1:0.237: unknown em28xx chip ID (0) [ 75.705476][ T3182] em28xx 1-1:0.237: Config register raw data: 0xfffffffb [ 75.725549][ T3182] em28xx 1-1:0.237: AC97 chip type couldn't be determined [ 75.732673][ T3182] em28xx 1-1:0.237: No AC97 audio processor [ 75.743543][ T3182] list_add corruption. prev->next should be next (ffffffff8cc65620), but was ffffffff8906a52d. (prev=ffff88802e2c8250). [ 75.757146][ T3182] ------------[ cut here ]------------ [ 75.762626][ T3182] kernel BUG at lib/list_debug.c:26! [ 75.768760][ T3182] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 75.774857][ T3182] CPU: 0 PID: 3182 Comm: kworker/0:3 Not tainted 5.14.0-rc1-next-20210715-syzkaller #0 [ 75.784486][ T3182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.794536][ T3182] Workqueue: usb_hub_wq hub_event [ 75.799591][ T3182] RIP: 0010:__list_add_valid.cold+0x3a/0x3c [ 75.805478][ T3182] Code: 0b 48 89 f2 4c 89 e1 48 89 ee 48 c7 c7 60 ab e3 89 e8 3b 6d f2 ff 0f 0b 48 89 f1 48 c7 c7 e0 aa e3 89 4c 89 e6 e8 27 6d f2 ff <0f> 0b 48 89 ee 48 c7 c7 80 ac e3 89 e8 16 6d f2 ff 0f 0b 4c 89 ea [ 75.825068][ T3182] RSP: 0018:ffffc900023bef48 EFLAGS: 00010286 [ 75.831152][ T3182] RAX: 0000000000000075 RBX: ffff8880187cd000 RCX: 0000000000000000 [ 75.839106][ T3182] RDX: ffff888020410000 RSI: ffffffff815d87d5 RDI: fffff52000477ddb [ 75.847074][ T3182] RBP: ffff88802b0c4250 R08: 0000000000000075 R09: 0000000000000000 [ 75.855047][ T3182] R10: ffffffff815d260e R11: 0000000000000000 R12: ffffffff8cc65620 [ 75.863001][ T3182] R13: ffff88802b0c4000 R14: ffff88802b0c413c R15: ffff8880187ce000 [ 75.870970][ T3182] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 75.879882][ T3182] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.886597][ T3182] CR2: 00007f6d4ead8000 CR3: 000000001dda9000 CR4: 00000000001506f0 [ 75.894574][ T3182] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 75.902626][ T3182] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 75.910609][ T3182] Call Trace: [ 75.913901][ T3182] em28xx_init_extension+0x44/0x1f0 [ 75.919117][ T3182] em28xx_init_dev.constprop.0+0xa8b/0x172f [ 75.924993][ T3182] ? __dev_printk+0xcf/0xf5 [ 75.929494][ T3182] ? _dev_info+0xd7/0x109 [ 75.933817][ T3182] ? em28xx_pre_card_setup+0x5c0/0x5c0 [ 75.939258][ T3182] ? lockdep_init_map_type+0x2c3/0x7b0 [ 75.944724][ T3182] ? lockdep_init_map_type+0x2c3/0x7b0 [ 75.950202][ T3182] ? __raw_spin_lock_init+0x36/0x110 [ 75.955471][ T3182] em28xx_usb_probe.cold+0xc23/0x2599 [ 75.960940][ T3182] usb_probe_interface+0x315/0x7f0 [ 75.966036][ T3182] ? usb_match_dynamic_id+0x1a0/0x1a0 [ 75.971395][ T3182] really_probe+0x23c/0xcd0 [ 75.975917][ T3182] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 75.982143][ T3182] __driver_probe_device+0x338/0x4d0 [ 75.987418][ T3182] driver_probe_device+0x4c/0x1a0 [ 75.992430][ T3182] __device_attach_driver+0x20b/0x2f0 [ 75.997828][ T3182] ? driver_allows_async_probing+0x150/0x150 [ 76.003828][ T3182] bus_for_each_drv+0x15f/0x1e0 [ 76.008664][ T3182] ? bus_for_each_dev+0x1d0/0x1d0 [ 76.013680][ T3182] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 76.019494][ T3182] ? lockdep_hardirqs_on+0x79/0x100 [ 76.024687][ T3182] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 76.030479][ T3182] __device_attach+0x228/0x4a0 [ 76.035242][ T3182] ? device_driver_attach+0x210/0x210 [ 76.040600][ T3182] ? kobject_uevent_env+0x2bb/0x1650 [ 76.045888][ T3182] bus_probe_device+0x1e4/0x290 [ 76.050722][ T3182] device_add+0xc2f/0x2180 [ 76.055127][ T3182] ? mark_held_locks+0x9f/0xe0 [ 76.059891][ T3182] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 76.066130][ T3182] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 76.071918][ T3182] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 76.078176][ T3182] usb_set_configuration+0x113f/0x1910 [ 76.083622][ T3182] usb_generic_driver_probe+0xba/0x100 [ 76.089078][ T3182] usb_probe_device+0xd9/0x2c0 [ 76.093856][ T3182] ? usb_driver_release_interface+0x180/0x180 [ 76.099918][ T3182] really_probe+0x23c/0xcd0 [ 76.104438][ T3182] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 76.110668][ T3182] __driver_probe_device+0x338/0x4d0 [ 76.115956][ T3182] driver_probe_device+0x4c/0x1a0 [ 76.120982][ T3182] __device_attach_driver+0x20b/0x2f0 [ 76.126346][ T3182] ? driver_allows_async_probing+0x150/0x150 [ 76.132318][ T3182] bus_for_each_drv+0x15f/0x1e0 [ 76.137184][ T3182] ? bus_for_each_dev+0x1d0/0x1d0 [ 76.142192][ T3182] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 76.148043][ T3182] ? lockdep_hardirqs_on+0x79/0x100 [ 76.153236][ T3182] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 76.159038][ T3182] __device_attach+0x228/0x4a0 [ 76.163784][ T3182] ? device_driver_attach+0x210/0x210 [ 76.169157][ T3182] ? kobject_uevent_env+0x2bb/0x1650 [ 76.174423][ T3182] bus_probe_device+0x1e4/0x290 [ 76.179257][ T3182] device_add+0xc2f/0x2180 [ 76.183656][ T3182] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 76.189905][ T3182] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 76.196141][ T3182] usb_new_device.cold+0x63f/0x108e [ 76.201320][ T3182] ? hub_disconnect+0x510/0x510 [ 76.206164][ T3182] ? rwlock_bug.part.0+0x90/0x90 [ 76.211117][ T3182] ? _raw_spin_unlock_irq+0x1f/0x40 [ 76.216312][ T3182] hub_event+0x2357/0x4330 [ 76.220746][ T3182] ? hub_port_debounce+0x3c0/0x3c0 [ 76.225839][ T3182] ? lock_release+0x720/0x720 [ 76.230515][ T3182] ? lock_downgrade+0x6e0/0x6e0 [ 76.235350][ T3182] ? do_raw_spin_lock+0x120/0x2b0 [ 76.240367][ T3182] process_one_work+0x98d/0x1630 [ 76.245344][ T3182] ? pwq_dec_nr_in_flight+0x320/0x320 [ 76.250705][ T3182] ? rwlock_bug.part.0+0x90/0x90 [ 76.255640][ T3182] ? _raw_spin_lock_irq+0x41/0x50 [ 76.260681][ T3182] worker_thread+0x85c/0x11f0 [ 76.265358][ T3182] ? process_one_work+0x1630/0x1630 [ 76.270555][ T3182] kthread+0x3e5/0x4d0 [ 76.274609][ T3182] ? set_kthread_struct+0x130/0x130 [ 76.279788][ T3182] ret_from_fork+0x1f/0x30 [ 76.284208][ T3182] Modules linked in: [ 76.295372][ T3182] ---[ end trace 2e6a6d757a8ff0a1 ]--- [ 76.300847][ T3182] RIP: 0010:__list_add_valid.cold+0x3a/0x3c [ 76.319830][ T3182] Code: 0b 48 89 f2 4c 89 e1 48 89 ee 48 c7 c7 60 ab e3 89 e8 3b 6d f2 ff 0f 0b 48 89 f1 48 c7 c7 e0 aa e3 89 4c 89 e6 e8 27 6d f2 ff <0f> 0b 48 89 ee 48 c7 c7 80 ac e3 89 e8 16 6d f2 ff 0f 0b 4c 89 ea [ 76.339809][ T3182] RSP: 0018:ffffc900023bef48 EFLAGS: 00010286 [ 76.346920][ T3182] RAX: 0000000000000075 RBX: ffff8880187cd000 RCX: 0000000000000000 [ 76.354881][ T3182] RDX: ffff888020410000 RSI: ffffffff815d87d5 RDI: fffff52000477ddb [ 76.363452][ T3182] RBP: ffff88802b0c4250 R08: 0000000000000075 R09: 0000000000000000 [ 76.371843][ T3182] R10: ffffffff815d260e R11: 0000000000000000 R12: ffffffff8cc65620 [ 76.380158][ T3182] R13: ffff88802b0c4000 R14: ffff88802b0c413c R15: ffff8880187ce000 [ 76.388524][ T3182] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 76.397868][ T3182] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.404471][ T3182] CR2: 00007f6d4eae3028 CR3: 000000001dda9000 CR4: 00000000001506f0 [ 76.413092][ T3182] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 76.421623][ T3182] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 76.429964][ T3182] Kernel panic - not syncing: Fatal exception [ 76.436941][ T3182] Kernel Offset: disabled [ 76.441254][ T3182] Rebooting in 86400 seconds..