[ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.25' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 32.001668][ T7] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 32.241542][ T7] usb 1-1: Using ep0 maxpacket: 8 [ 32.371522][ T7] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 32.381899][ T7] usb 1-1: New USB device found, idVendor=1690, idProduct=0710, bcdDevice=c0.56 [ 32.390905][ T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 32.403410][ T7] usb 1-1: config 0 descriptor?? [ 32.465329][ T7] usb 1-1: could not send command 0x1, error=-2 [ 32.471736][ T7] usb 1-1: could not initialize adapter [ 32.491398][ C0] usb 1-1: RX USB error -2. [ 32.496244][ C0] usb 1-1: error -1 when submitting rx urb [ 32.506583][ T7] ar5523: probe of 1-1:0.0 failed with error -2 [ 32.663115][ T17] usb 1-1: USB disconnect, device number 2 [ 33.231095][ T17] usb 1-1: new low-speed USB device number 3 using dummy_hcd [ 33.590991][ T17] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 33.601336][ T17] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 is Bulk; changing to Interrupt [ 33.611348][ T17] usb 1-1: New USB device found, idVendor=1690, idProduct=0710, bcdDevice=c0.56 [ 33.620666][ T17] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 33.630780][ T17] usb 1-1: config 0 descriptor?? [ 33.651312][ T4383] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 33.673352][ T17] ------------[ cut here ]------------ [ 33.678899][ T17] usb 1-1: BOGUS urb xfer, pipe 3 != type 1 [ 33.685420][ T17] WARNING: CPU: 1 PID: 17 at drivers/usb/core/urb.c:493 usb_submit_urb+0xcde/0x14e0 [ 33.694987][ T17] Modules linked in: [ 33.698910][ T17] CPU: 1 PID: 17 Comm: kworker/1:0 Not tainted 5.10.0-rc7-syzkaller #0 [ 33.707225][ T17] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.717655][ T17] Workqueue: usb_hub_wq hub_event [ 33.723031][ T17] RIP: 0010:usb_submit_urb+0xcde/0x14e0 [ 33.728859][ T17] Code: 84 d4 02 00 00 e8 82 31 bd fd 4c 89 ef e8 ea 02 1b ff 41 89 d8 44 89 e1 4c 89 f2 48 89 c6 48 c7 c7 60 64 41 86 e8 ad 12 f3 01 <0f> 0b e9 ca f8 ff ff e8 56 31 bd fd 48 81 c5 40 06 00 00 e9 f6 f7 [ 33.748874][ T17] RSP: 0018:ffffc9000012f028 EFLAGS: 00010282 [ 33.755066][ T17] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000 [ 33.763278][ T17] RDX: ffff888100323280 RSI: ffffffff8128f483 RDI: fffff52000025df7 [ 33.771355][ T17] RBP: ffff888103aade80 R08: 0000000000000001 R09: ffff8881f6b2f5cf [ 33.779420][ T17] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000003 [ 33.787482][ T17] R13: ffff8881014340a0 R14: ffff8881012123c0 R15: ffff8881024c3000 [ 33.795557][ T17] FS: 0000000000000000(0000) GS:ffff8881f6b00000(0000) knlGS:0000000000000000 [ 33.804651][ T17] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 33.811369][ T17] CR2: 0000559ba2500160 CR3: 0000000101ee3000 CR4: 00000000001506e0 [ 33.819366][ T17] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 33.827541][ T17] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 33.835842][ T17] Call Trace: [ 33.839163][ T17] ar5523_submit_rx_cmd+0x1f1/0x320 [ 33.844603][ T17] ar5523_probe+0xbf9/0x1db0 executing program [ 33.849360][ T17] ? ar5523_data_tx_cb+0x450/0x450 [ 33.854560][ T17] ? mark_held_locks+0x9f/0xe0 [ 33.859352][ T17] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 33.865593][ T17] ? _raw_spin_unlock_irqrestore+0x34/0x40 [ 33.871611][ T17] ? trace_hardirqs_on+0x5b/0x1a0 [ 33.876678][ T17] ? __pm_runtime_set_status+0x48a/0xd20 [ 33.882414][ T17] usb_probe_interface+0x315/0x7f0 [ 33.887552][ T17] ? usb_match_dynamic_id+0x1a0/0x1a0 [ 33.893319][ T17] really_probe+0x291/0xde0 [ 33.897967][ T17] driver_probe_device+0x26b/0x3d0 [ 33.903199][ T17] __device_attach_driver+0x1d1/0x290 [ 33.908996][ T17] ? driver_allows_async_probing+0x150/0x150 [ 33.915093][ T17] bus_for_each_drv+0x15f/0x1e0 [ 33.920223][ T17] ? bus_for_each_dev+0x1d0/0x1d0 [ 33.925396][ T17] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 33.931462][ T17] ? trace_hardirqs_on+0x5b/0x1a0 [ 33.936673][ T17] __device_attach+0x228/0x4a0 [ 33.941638][ T17] ? really_probe+0xde0/0xde0 [ 33.946698][ T17] ? kobject_uevent_env+0x2bb/0x1680 [ 33.952108][ T17] bus_probe_device+0x1e4/0x290 [ 33.957071][ T17] device_add+0xbb2/0x1ce0 [ 33.961593][ T17] ? devlink_add_symlinks+0x450/0x450 [ 33.967082][ T17] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 33.973157][ T17] ? _raw_spin_unlock_irqrestore+0x34/0x40 [ 33.979123][ T17] ? trace_hardirqs_on+0x5b/0x1a0 [ 33.984228][ T17] usb_set_configuration+0x113c/0x1910 [ 33.989715][ T17] usb_generic_driver_probe+0xba/0x100 [ 33.995395][ T17] usb_probe_device+0xd9/0x2c0 [ 34.000296][ T17] ? usb_driver_release_interface+0x180/0x180 [ 34.006455][ T17] really_probe+0x291/0xde0 [ 34.011169][ T17] driver_probe_device+0x26b/0x3d0 [ 34.016364][ T17] __device_attach_driver+0x1d1/0x290 [ 34.021946][ T17] ? driver_allows_async_probing+0x150/0x150 [ 34.028098][ T17] bus_for_each_drv+0x15f/0x1e0 [ 34.033056][ T17] ? bus_for_each_dev+0x1d0/0x1d0 [ 34.038107][ T17] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 34.044508][ T17] ? trace_hardirqs_on+0x5b/0x1a0 [ 34.049668][ T17] __device_attach+0x228/0x4a0 [ 34.054671][ T17] ? really_probe+0xde0/0xde0 [ 34.059447][ T17] ? kobject_uevent_env+0x2bb/0x1680 [ 34.064834][ T17] bus_probe_device+0x1e4/0x290 [ 34.069714][ T17] device_add+0xbb2/0x1ce0 [ 34.074389][ T17] ? devlink_add_symlinks+0x450/0x450 [ 34.079793][ T17] usb_new_device.cold+0x71d/0xfe9 [ 34.084988][ T17] ? hub_disconnect+0x510/0x510 [ 34.089997][ T17] ? rwlock_bug.part.0+0x90/0x90 [ 34.095019][ T17] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 34.101281][ T17] hub_event+0x2348/0x42d0 [ 34.105803][ T17] ? hub_port_debounce+0x3b0/0x3b0 [ 34.110996][ T17] ? __lock_acquire+0x820/0x54f0 [ 34.115958][ T17] ? put_pwq+0xb1/0x1b0 [ 34.120283][ T17] ? lock_release+0x6d0/0x6d0 [ 34.125050][ T17] ? lock_downgrade+0x6d0/0x6d0 [ 34.129923][ T17] ? do_raw_spin_lock+0x120/0x2b0 [ 34.135032][ T17] process_one_work+0x933/0x1520 [ 34.140004][ T17] ? lock_release+0x6d0/0x6d0 [ 34.144808][ T17] ? pwq_dec_nr_in_flight+0x320/0x320 [ 34.150401][ T17] ? rwlock_bug.part.0+0x90/0x90 [ 34.155428][ T17] worker_thread+0x64c/0x1120 [ 34.160192][ T17] ? process_one_work+0x1520/0x1520 [ 34.165490][ T17] kthread+0x38c/0x460 [ 34.169590][ T17] ? _raw_spin_unlock_irq+0x1f/0x30 [ 34.174868][ T17] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 34.180941][ T17] ret_from_fork+0x1f/0x30 [ 34.185372][ T17] Kernel panic - not syncing: panic_on_warn set ... [ 34.192117][ T17] CPU: 1 PID: 17 Comm: kworker/1:0 Not tainted 5.10.0-rc7-syzkaller #0 [ 34.200351][ T17] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.210418][ T17] Workqueue: usb_hub_wq hub_event [ 34.215450][ T17] Call Trace: [ 34.218748][ T17] dump_stack+0x107/0x163 [ 34.223078][ T17] panic+0x306/0x73d [ 34.226973][ T17] ? __warn_printk+0xf3/0xf3 [ 34.231611][ T17] ? __warn.cold+0x1a/0x44 [ 34.236114][ T17] ? __warn+0xf1/0x210 [ 34.240184][ T17] ? usb_submit_urb+0xcde/0x14e0 [ 34.245319][ T17] __warn.cold+0x35/0x44 [ 34.249619][ T17] ? usb_submit_urb+0xcde/0x14e0 [ 34.254569][ T17] report_bug+0x1bd/0x210 [ 34.258904][ T17] handle_bug+0x3c/0x60 [ 34.263154][ T17] exc_invalid_op+0x14/0x40 [ 34.267713][ T17] asm_exc_invalid_op+0x12/0x20 [ 34.272622][ T17] RIP: 0010:usb_submit_urb+0xcde/0x14e0 [ 34.278218][ T17] Code: 84 d4 02 00 00 e8 82 31 bd fd 4c 89 ef e8 ea 02 1b ff 41 89 d8 44 89 e1 4c 89 f2 48 89 c6 48 c7 c7 60 64 41 86 e8 ad 12 f3 01 <0f> 0b e9 ca f8 ff ff e8 56 31 bd fd 48 81 c5 40 06 00 00 e9 f6 f7 [ 34.297989][ T17] RSP: 0018:ffffc9000012f028 EFLAGS: 00010282 [ 34.304069][ T17] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000 [ 34.312313][ T17] RDX: ffff888100323280 RSI: ffffffff8128f483 RDI: fffff52000025df7 [ 34.320310][ T17] RBP: ffff888103aade80 R08: 0000000000000001 R09: ffff8881f6b2f5cf [ 34.328548][ T17] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000003 [ 34.336636][ T17] R13: ffff8881014340a0 R14: ffff8881012123c0 R15: ffff8881024c3000 [ 34.344669][ T17] ? vprintk_func+0x93/0x140 [ 34.349268][ T17] ? usb_submit_urb+0xcde/0x14e0 [ 34.354259][ T17] ar5523_submit_rx_cmd+0x1f1/0x320 [ 34.359472][ T17] ar5523_probe+0xbf9/0x1db0 [ 34.364063][ T17] ? ar5523_data_tx_cb+0x450/0x450 [ 34.369173][ T17] ? mark_held_locks+0x9f/0xe0 [ 34.374050][ T17] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 34.380234][ T17] ? _raw_spin_unlock_irqrestore+0x34/0x40 [ 34.386045][ T17] ? trace_hardirqs_on+0x5b/0x1a0 [ 34.391184][ T17] ? __pm_runtime_set_status+0x48a/0xd20 [ 34.396837][ T17] usb_probe_interface+0x315/0x7f0 [ 34.402020][ T17] ? usb_match_dynamic_id+0x1a0/0x1a0 [ 34.407390][ T17] really_probe+0x291/0xde0 [ 34.411897][ T17] driver_probe_device+0x26b/0x3d0 [ 34.417014][ T17] __device_attach_driver+0x1d1/0x290 [ 34.422395][ T17] ? driver_allows_async_probing+0x150/0x150 [ 34.428518][ T17] bus_for_each_drv+0x15f/0x1e0 [ 34.433436][ T17] ? bus_for_each_dev+0x1d0/0x1d0 [ 34.438531][ T17] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 34.444644][ T17] ? trace_hardirqs_on+0x5b/0x1a0 [ 34.449818][ T17] __device_attach+0x228/0x4a0 [ 34.454797][ T17] ? really_probe+0xde0/0xde0 [ 34.459485][ T17] ? kobject_uevent_env+0x2bb/0x1680 [ 34.464784][ T17] bus_probe_device+0x1e4/0x290 [ 34.469852][ T17] device_add+0xbb2/0x1ce0 [ 34.474325][ T17] ? devlink_add_symlinks+0x450/0x450 [ 34.479845][ T17] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 34.485838][ T17] ? _raw_spin_unlock_irqrestore+0x34/0x40 [ 34.491708][ T17] ? trace_hardirqs_on+0x5b/0x1a0 [ 34.496739][ T17] usb_set_configuration+0x113c/0x1910 [ 34.502369][ T17] usb_generic_driver_probe+0xba/0x100 [ 34.507940][ T17] usb_probe_device+0xd9/0x2c0 [ 34.512724][ T17] ? usb_driver_release_interface+0x180/0x180 [ 34.518830][ T17] really_probe+0x291/0xde0 [ 34.523337][ T17] driver_probe_device+0x26b/0x3d0 [ 34.528449][ T17] __device_attach_driver+0x1d1/0x290 [ 34.533922][ T17] ? driver_allows_async_probing+0x150/0x150 [ 34.539904][ T17] bus_for_each_drv+0x15f/0x1e0 [ 34.544900][ T17] ? bus_for_each_dev+0x1d0/0x1d0 [ 34.550060][ T17] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 34.556051][ T17] ? trace_hardirqs_on+0x5b/0x1a0 [ 34.561211][ T17] __device_attach+0x228/0x4a0 [ 34.566162][ T17] ? really_probe+0xde0/0xde0 [ 34.571110][ T17] ? kobject_uevent_env+0x2bb/0x1680 [ 34.576624][ T17] bus_probe_device+0x1e4/0x290 [ 34.581480][ T17] device_add+0xbb2/0x1ce0 [ 34.585945][ T17] ? devlink_add_symlinks+0x450/0x450 [ 34.591338][ T17] usb_new_device.cold+0x71d/0xfe9 [ 34.596534][ T17] ? hub_disconnect+0x510/0x510 [ 34.601393][ T17] ? rwlock_bug.part.0+0x90/0x90 [ 34.606379][ T17] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 34.612408][ T17] hub_event+0x2348/0x42d0 [ 34.616877][ T17] ? hub_port_debounce+0x3b0/0x3b0 [ 34.621990][ T17] ? __lock_acquire+0x820/0x54f0 [ 34.627166][ T17] ? put_pwq+0xb1/0x1b0 [ 34.631334][ T17] ? lock_release+0x6d0/0x6d0 [ 34.636201][ T17] ? lock_downgrade+0x6d0/0x6d0 [ 34.641054][ T17] ? do_raw_spin_lock+0x120/0x2b0 [ 34.646233][ T17] process_one_work+0x933/0x1520 [ 34.651199][ T17] ? lock_release+0x6d0/0x6d0 [ 34.656133][ T17] ? pwq_dec_nr_in_flight+0x320/0x320 [ 34.661508][ T17] ? rwlock_bug.part.0+0x90/0x90 [ 34.666547][ T17] worker_thread+0x64c/0x1120 [ 34.671472][ T17] ? process_one_work+0x1520/0x1520 [ 34.676756][ T17] kthread+0x38c/0x460 [ 34.681174][ T17] ? _raw_spin_unlock_irq+0x1f/0x30 [ 34.686377][ T17] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 34.692560][ T17] ret_from_fork+0x1f/0x30 [ 34.697745][ T17] Kernel Offset: disabled [ 34.703061][ T17] Rebooting in 86400 seconds..