Warning: Permanently added '10.128.0.206' (ECDSA) to the list of known hosts. executing program [ 53.475822][ T26] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 53.715740][ T26] usb 1-1: Using ep0 maxpacket: 32 [ 53.835954][ T26] usb 1-1: config 8 has an invalid interface number: 40 but max is 2 [ 53.844356][ T26] usb 1-1: config 8 has an invalid interface number: 150 but max is 2 [ 53.853279][ T26] usb 1-1: config 8 contains an unexpected descriptor of type 0x2, skipping [ 53.862230][ T26] usb 1-1: config 8 has an invalid interface number: 21 but max is 2 [ 53.870550][ T26] usb 1-1: config 8 contains an unexpected descriptor of type 0x2, skipping [ 53.879420][ T26] usb 1-1: config 8 has no interface number 0 [ 53.885660][ T26] usb 1-1: config 8 has no interface number 1 [ 53.891817][ T26] usb 1-1: config 8 has no interface number 2 [ 53.898072][ T26] usb 1-1: config 8 interface 40 altsetting 0 endpoint 0x8D has invalid maxpacket 512, setting to 64 [ 53.909138][ T26] usb 1-1: config 8 interface 150 altsetting 5 has a duplicate endpoint with address 0xD, skipping [ 53.920062][ T26] usb 1-1: config 8 interface 150 altsetting 5 endpoint 0x9 has invalid maxpacket 1023, setting to 64 [ 53.931230][ T26] usb 1-1: config 8 interface 150 altsetting 5 endpoint 0x5 has invalid maxpacket 1023, setting to 64 [ 53.942336][ T26] usb 1-1: config 8 interface 150 altsetting 5 bulk endpoint 0xB has invalid maxpacket 1024 [ 53.952622][ T26] usb 1-1: config 8 interface 150 altsetting 5 has a duplicate endpoint with address 0xB, skipping [ 53.963489][ T26] usb 1-1: config 8 interface 150 altsetting 5 has a duplicate endpoint with address 0x6, skipping [ 53.974381][ T26] usb 1-1: config 8 interface 150 altsetting 5 endpoint 0x7 has an invalid bInterval 128, changing to 7 [ 53.985733][ T26] usb 1-1: config 8 interface 150 altsetting 5 has a duplicate endpoint with address 0x8, skipping [ 53.996618][ T26] usb 1-1: config 8 interface 150 altsetting 5 has a duplicate endpoint with address 0x7, skipping [ 54.007454][ T26] usb 1-1: config 8 interface 150 altsetting 5 has a duplicate endpoint with address 0x5, skipping [ 54.018364][ T26] usb 1-1: config 8 interface 150 altsetting 5 has an invalid endpoint with address 0x80, skipping [ 54.029235][ T26] usb 1-1: config 8 interface 150 altsetting 5 has a duplicate endpoint with address 0xC, skipping [ 54.040158][ T26] usb 1-1: config 8 interface 21 altsetting 128 bulk endpoint 0x4 has invalid maxpacket 32 [ 54.050317][ T26] usb 1-1: config 8 interface 21 altsetting 128 has an invalid endpoint with address 0x80, skipping [ 54.061296][ T26] usb 1-1: config 8 interface 21 altsetting 128 has a duplicate endpoint with address 0xC, skipping [ 54.072220][ T26] usb 1-1: config 8 interface 21 altsetting 128 has a duplicate endpoint with address 0x6, skipping [ 54.083197][ T26] usb 1-1: config 8 interface 21 altsetting 128 has a duplicate endpoint with address 0xD, skipping [ 54.094109][ T26] usb 1-1: config 8 interface 21 altsetting 128 endpoint 0x2 has invalid maxpacket 1024, setting to 64 [ 54.105338][ T26] usb 1-1: config 8 interface 21 altsetting 128 has a duplicate endpoint with address 0x8, skipping [ 54.116273][ T26] usb 1-1: config 8 interface 21 altsetting 128 has a duplicate endpoint with address 0xA, skipping [ 54.127244][ T26] usb 1-1: config 8 interface 21 altsetting 128 has a duplicate endpoint with address 0x8, skipping [ 54.138249][ T26] usb 1-1: config 8 interface 21 altsetting 128 has a duplicate endpoint with address 0xD, skipping [ 54.149180][ T26] usb 1-1: config 8 interface 150 has no altsetting 0 [ 54.156115][ T26] usb 1-1: config 8 interface 21 has no altsetting 0 [ 54.315792][ T26] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9170, bcdDevice=be.33 [ 54.324863][ T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 54.332933][ T26] usb 1-1: Product: syz [ 54.337169][ T26] usb 1-1: Manufacturer: syz [ 54.341760][ T26] usb 1-1: SerialNumber: syz executing program [ 55.088520][ T26] usb 1-1: reset high-speed USB device number 2 using dummy_hcd [ 55.345443][ T26] usb 1-1: Using ep0 maxpacket: 32 [ 56.025921][ T4881] usb 1-1: driver API: 1.9.9 2016-02-15 [1-1] [ 56.032222][ T4881] usb 1-1: firmware API: 1.9.6 2012-07-07 [ 56.040217][ T26] ------------[ cut here ]------------ [ 56.046741][ T26] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 56.052850][ T26] WARNING: CPU: 1 PID: 26 at drivers/usb/core/urb.c:503 usb_submit_urb+0xcd2/0x1970 [ 56.062751][ T26] Modules linked in: [ 56.067024][ T26] CPU: 1 PID: 26 Comm: kworker/1:1 Not tainted 5.14.0-rc2-syzkaller #0 [ 56.075844][ T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.086093][ T26] Workqueue: usb_hub_wq hub_event [ 56.091142][ T26] RIP: 0010:usb_submit_urb+0xcd2/0x1970 [ 56.096820][ T26] Code: d8 48 c1 e8 03 42 8a 04 20 84 c0 0f 85 89 09 00 00 44 8b 03 48 c7 c7 20 b7 e2 8a 4c 89 fe 4c 89 f2 89 e9 31 c0 e8 9e 57 80 fb <0f> 0b 4c 8b 7c 24 10 4c 8b 64 24 38 8b 5c 24 28 45 89 e6 4c 89 f7 [ 56.116534][ T26] RSP: 0018:ffffc90000e0e728 EFLAGS: 00010246 [ 56.122618][ T26] RAX: be85b7da945bd600 RBX: ffffffff8ae2b468 RCX: ffff888015f8b880 [ 56.130659][ T26] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 56.138768][ T26] RBP: 0000000000000001 R08: ffffffff81663b82 R09: ffffed10173a3f24 [ 56.146853][ T26] R10: ffffed10173a3f24 R11: 0000000000000000 R12: dffffc0000000000 [ 56.154844][ T26] R13: ffff8880220a9c00 R14: ffff88801b157000 R15: ffffffff8ae356e0 [ 56.163304][ T26] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 executing program [ 56.172738][ T26] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 56.181681][ T26] CR2: 000055fff0993ef0 CR3: 000000002cdc8000 CR4: 00000000001506e0 [ 56.193273][ T26] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 56.202062][ T26] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 56.211172][ T26] Call Trace: [ 56.214509][ T26] carl9170_usb_submit_cmd_urb+0x8d/0x100 [ 56.221385][ T26] carl9170_usb_disconnect+0x8b/0x160 [ 56.227323][ T26] usb_unbind_interface+0x1f2/0x860 [ 56.232559][ T26] ? kernfs_find_ns+0x435/0x4d0 [ 56.237993][ T26] ? usb_driver_release_interface+0x1c0/0x1c0 [ 56.244090][ T26] device_release_driver_internal+0x51e/0x7b0 [ 56.250504][ T26] usb_forced_unbind_intf+0x14d/0x220 [ 56.256022][ T26] usb_reset_device+0x3f8/0x930 [ 56.260911][ T26] carl9170_usb_probe+0x4c/0xbd0 [ 56.265954][ T26] usb_probe_interface+0x633/0xb40 [ 56.271078][ T26] ? usb_register_driver+0x3d0/0x3d0 [ 56.276463][ T26] call_driver_probe+0x96/0x250 [ 56.281367][ T26] really_probe+0x223/0x9c0 [ 56.286080][ T26] __driver_probe_device+0x1f8/0x3e0 [ 56.291447][ T26] driver_probe_device+0x50/0x240 [ 56.296567][ T26] __device_attach_driver+0x1e1/0x3b0 [ 56.301958][ T26] ? deferred_probe_work_func+0x240/0x240 [ 56.307765][ T26] bus_for_each_drv+0x16a/0x1f0 [ 56.312631][ T26] ? _raw_spin_lock+0x40/0x40 [ 56.317551][ T26] ? subsys_find_device_by_id+0x320/0x320 [ 56.323293][ T26] __device_attach+0x301/0x560 [ 56.328143][ T26] ? kobject_uevent_env+0x335/0x1700 [ 56.333456][ T26] ? device_attach+0x20/0x20 [ 56.338220][ T26] ? kobject_uevent_env+0x335/0x1700 [ 56.343528][ T26] bus_probe_device+0xb8/0x1f0 [ 56.348429][ T26] ? device_add+0x10df/0x1790 [ 56.353139][ T26] device_add+0x1295/0x1790 [ 56.357757][ T26] ? virtual_device_parent+0x50/0x50 [ 56.363058][ T26] ? device_initialize+0x21b/0x400 [ 56.368276][ T26] ? usb_create_ep_devs+0x199/0x240 [ 56.373503][ T26] usb_set_configuration+0x1a86/0x2100 [ 56.379089][ T26] usb_generic_driver_probe+0x83/0x140 [ 56.384586][ T26] usb_probe_device+0x13a/0x260 [ 56.389534][ T26] ? usb_register_device_driver+0x240/0x240 [ 56.395556][ T26] call_driver_probe+0x96/0x250 [ 56.400430][ T26] really_probe+0x223/0x9c0 [ 56.404940][ T26] __driver_probe_device+0x1f8/0x3e0 [ 56.410339][ T26] driver_probe_device+0x50/0x240 [ 56.415466][ T26] __device_attach_driver+0x1e1/0x3b0 [ 56.420856][ T26] ? deferred_probe_work_func+0x240/0x240 [ 56.426655][ T26] bus_for_each_drv+0x16a/0x1f0 [ 56.431550][ T26] ? _raw_spin_lock+0x40/0x40 [ 56.436333][ T26] ? subsys_find_device_by_id+0x320/0x320 [ 56.442080][ T26] __device_attach+0x301/0x560 [ 56.446932][ T26] ? kobject_uevent_env+0x335/0x1700 [ 56.452243][ T26] ? device_attach+0x20/0x20 [ 56.456938][ T26] ? kobject_uevent_env+0x335/0x1700 [ 56.462254][ T26] bus_probe_device+0xb8/0x1f0 [ 56.467129][ T26] ? device_add+0x10df/0x1790 [ 56.471828][ T26] device_add+0x1295/0x1790 [ 56.476442][ T26] ? virtual_device_parent+0x50/0x50 [ 56.481744][ T26] ? kfree+0xcf/0x2d0 [ 56.485828][ T26] usb_new_device+0x108a/0x1940 [ 56.490718][ T26] ? usb_disconnect+0x8a0/0x8a0 [ 56.495678][ T26] ? _raw_spin_unlock_irq+0x1f/0x40 [ 56.500908][ T26] ? lockdep_hardirqs_on+0x8d/0x130 [ 56.506203][ T26] hub_port_connect+0x1055/0x27a0 [ 56.511264][ T26] ? descriptors_changed+0x9f0/0x9f0 [ 56.516660][ T26] ? __mutex_unlock_slowpath+0x17b/0x5a0 [ 56.522310][ T26] hub_port_connect_change+0x5d0/0xbf0 [ 56.527887][ T26] ? __might_sleep+0x100/0x100 [ 56.532668][ T26] ? hub_port_reset+0x11b0/0x11b0 [ 56.537784][ T26] ? hub_ext_port_status+0x470/0x670 [ 56.543080][ T26] ? hub_handle_remote_wakeup+0x18d/0x3f0 [ 56.548888][ T26] port_event+0xaee/0x1140 [ 56.553323][ T26] ? hub_event+0x47f/0xd80 [ 56.557855][ T26] ? hub_quiesce+0x330/0x330 [ 56.562458][ T26] ? task_blocks_on_rt_mutex+0x4b0/0xb10 [ 56.568169][ T26] ? lockdep_hardirqs_on+0x8d/0x130 [ 56.573385][ T26] hub_event+0x48d/0xd80 [ 56.577732][ T26] ? led_work+0x710/0x710 [ 56.582086][ T26] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 56.588063][ T26] ? _raw_spin_unlock_irq+0x1f/0x40 [ 56.593273][ T26] process_one_work+0x833/0x10c0 [ 56.598308][ T26] ? worker_detach_from_pool+0x260/0x260 [ 56.603947][ T26] ? _raw_spin_lock_irqsave+0x100/0x100 [ 56.609592][ T26] ? kthread_data+0x4d/0xc0 [ 56.614245][ T26] ? wq_worker_running+0x8b/0x140 [ 56.619387][ T26] worker_thread+0xac1/0x1320 [ 56.624113][ T26] ? __kthread_parkme+0x166/0x1c0 [ 56.629254][ T26] kthread+0x453/0x480 [ 56.633334][ T26] ? rcu_lock_release+0x20/0x20 [ 56.638268][ T26] ? kthread_blkcg+0xd0/0xd0 [ 56.642867][ T26] ret_from_fork+0x1f/0x30 [ 56.647393][ T26] Kernel panic - not syncing: panic_on_warn set ... [ 56.654080][ T26] CPU: 1 PID: 26 Comm: kworker/1:1 Not tainted 5.14.0-rc2-syzkaller #0 [ 56.662309][ T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.672364][ T26] Workqueue: usb_hub_wq hub_event [ 56.677398][ T26] Call Trace: [ 56.680687][ T26] dump_stack_lvl+0x1ae/0x29f [ 56.685367][ T26] ? show_regs_print_info+0x12/0x12 [ 56.690555][ T26] ? log_buf_vmcoreinfo_setup+0x498/0x498 [ 56.696274][ T26] panic+0x2e1/0x850 [ 56.700160][ T26] ? __kernel_text_address+0x93/0x100 [ 56.705524][ T26] ? __warn+0x13e/0x270 [ 56.709669][ T26] ? nmi_panic+0x90/0x90 [ 56.713937][ T26] ? ret_from_fork+0x1f/0x30 [ 56.718535][ T26] __warn+0x26a/0x270 [ 56.722502][ T26] ? usb_submit_urb+0xcd2/0x1970 [ 56.727429][ T26] ? usb_submit_urb+0xcd2/0x1970 [ 56.732353][ T26] report_bug+0x1b1/0x2e0 [ 56.736675][ T26] handle_bug+0x3d/0x70 [ 56.740820][ T26] exc_invalid_op+0x16/0x40 [ 56.745305][ T26] asm_exc_invalid_op+0x12/0x20 [ 56.750142][ T26] RIP: 0010:usb_submit_urb+0xcd2/0x1970 [ 56.755692][ T26] Code: d8 48 c1 e8 03 42 8a 04 20 84 c0 0f 85 89 09 00 00 44 8b 03 48 c7 c7 20 b7 e2 8a 4c 89 fe 4c 89 f2 89 e9 31 c0 e8 9e 57 80 fb <0f> 0b 4c 8b 7c 24 10 4c 8b 64 24 38 8b 5c 24 28 45 89 e6 4c 89 f7 [ 56.775287][ T26] RSP: 0018:ffffc90000e0e728 EFLAGS: 00010246 [ 56.781347][ T26] RAX: be85b7da945bd600 RBX: ffffffff8ae2b468 RCX: ffff888015f8b880 [ 56.789315][ T26] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 56.797304][ T26] RBP: 0000000000000001 R08: ffffffff81663b82 R09: ffffed10173a3f24 [ 56.805295][ T26] R10: ffffed10173a3f24 R11: 0000000000000000 R12: dffffc0000000000 [ 56.813305][ T26] R13: ffff8880220a9c00 R14: ffff88801b157000 R15: ffffffff8ae356e0 [ 56.821301][ T26] ? wake_up_klogd+0xb2/0xf0 [ 56.826161][ T26] ? usb_submit_urb+0xcd2/0x1970 [ 56.831100][ T26] carl9170_usb_submit_cmd_urb+0x8d/0x100 [ 56.836815][ T26] carl9170_usb_disconnect+0x8b/0x160 [ 56.842183][ T26] usb_unbind_interface+0x1f2/0x860 [ 56.847369][ T26] ? kernfs_find_ns+0x435/0x4d0 [ 56.852234][ T26] ? usb_driver_release_interface+0x1c0/0x1c0 [ 56.858296][ T26] device_release_driver_internal+0x51e/0x7b0 [ 56.864370][ T26] usb_forced_unbind_intf+0x14d/0x220 [ 56.869737][ T26] usb_reset_device+0x3f8/0x930 [ 56.874587][ T26] carl9170_usb_probe+0x4c/0xbd0 [ 56.879522][ T26] usb_probe_interface+0x633/0xb40 [ 56.884651][ T26] ? usb_register_driver+0x3d0/0x3d0 [ 56.889935][ T26] call_driver_probe+0x96/0x250 [ 56.894777][ T26] really_probe+0x223/0x9c0 [ 56.899297][ T26] __driver_probe_device+0x1f8/0x3e0 [ 56.904577][ T26] driver_probe_device+0x50/0x240 [ 56.909595][ T26] __device_attach_driver+0x1e1/0x3b0 [ 56.914952][ T26] ? deferred_probe_work_func+0x240/0x240 [ 56.920687][ T26] bus_for_each_drv+0x16a/0x1f0 [ 56.925541][ T26] ? _raw_spin_lock+0x40/0x40 [ 56.930224][ T26] ? subsys_find_device_by_id+0x320/0x320 [ 56.935956][ T26] __device_attach+0x301/0x560 [ 56.940742][ T26] ? kobject_uevent_env+0x335/0x1700 [ 56.946031][ T26] ? device_attach+0x20/0x20 [ 56.950620][ T26] ? kobject_uevent_env+0x335/0x1700 [ 56.955903][ T26] bus_probe_device+0xb8/0x1f0 [ 56.960785][ T26] ? device_add+0x10df/0x1790 [ 56.965485][ T26] device_add+0x1295/0x1790 [ 56.969993][ T26] ? virtual_device_parent+0x50/0x50 [ 56.975267][ T26] ? device_initialize+0x21b/0x400 [ 56.980373][ T26] ? usb_create_ep_devs+0x199/0x240 [ 56.985578][ T26] usb_set_configuration+0x1a86/0x2100 [ 56.991060][ T26] usb_generic_driver_probe+0x83/0x140 [ 56.996676][ T26] usb_probe_device+0x13a/0x260 [ 57.001529][ T26] ? usb_register_device_driver+0x240/0x240 [ 57.007567][ T26] call_driver_probe+0x96/0x250 [ 57.012409][ T26] really_probe+0x223/0x9c0 [ 57.016901][ T26] __driver_probe_device+0x1f8/0x3e0 [ 57.022180][ T26] driver_probe_device+0x50/0x240 [ 57.027196][ T26] __device_attach_driver+0x1e1/0x3b0 [ 57.032553][ T26] ? deferred_probe_work_func+0x240/0x240 [ 57.038257][ T26] bus_for_each_drv+0x16a/0x1f0 [ 57.043195][ T26] ? _raw_spin_lock+0x40/0x40 [ 57.047858][ T26] ? subsys_find_device_by_id+0x320/0x320 [ 57.053595][ T26] __device_attach+0x301/0x560 [ 57.058354][ T26] ? kobject_uevent_env+0x335/0x1700 [ 57.063728][ T26] ? device_attach+0x20/0x20 [ 57.068309][ T26] ? kobject_uevent_env+0x335/0x1700 [ 57.073617][ T26] bus_probe_device+0xb8/0x1f0 [ 57.078376][ T26] ? device_add+0x10df/0x1790 [ 57.083043][ T26] device_add+0x1295/0x1790 [ 57.087538][ T26] ? virtual_device_parent+0x50/0x50 [ 57.092808][ T26] ? kfree+0xcf/0x2d0 [ 57.096786][ T26] usb_new_device+0x108a/0x1940 [ 57.101655][ T26] ? usb_disconnect+0x8a0/0x8a0 [ 57.106518][ T26] ? _raw_spin_unlock_irq+0x1f/0x40 [ 57.111702][ T26] ? lockdep_hardirqs_on+0x8d/0x130 [ 57.116889][ T26] hub_port_connect+0x1055/0x27a0 [ 57.121923][ T26] ? descriptors_changed+0x9f0/0x9f0 [ 57.127196][ T26] ? __mutex_unlock_slowpath+0x17b/0x5a0 [ 57.132819][ T26] hub_port_connect_change+0x5d0/0xbf0 [ 57.138267][ T26] ? __might_sleep+0x100/0x100 [ 57.143018][ T26] ? hub_port_reset+0x11b0/0x11b0 [ 57.148038][ T26] ? hub_ext_port_status+0x470/0x670 [ 57.153316][ T26] ? hub_handle_remote_wakeup+0x18d/0x3f0 [ 57.159033][ T26] port_event+0xaee/0x1140 [ 57.163447][ T26] ? hub_event+0x47f/0xd80 [ 57.167851][ T26] ? hub_quiesce+0x330/0x330 [ 57.172435][ T26] ? task_blocks_on_rt_mutex+0x4b0/0xb10 [ 57.178071][ T26] ? lockdep_hardirqs_on+0x8d/0x130 [ 57.183265][ T26] hub_event+0x48d/0xd80 [ 57.187524][ T26] ? led_work+0x710/0x710 [ 57.191866][ T26] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 57.197765][ T26] ? _raw_spin_unlock_irq+0x1f/0x40 [ 57.202949][ T26] process_one_work+0x833/0x10c0 [ 57.207898][ T26] ? worker_detach_from_pool+0x260/0x260 [ 57.213532][ T26] ? _raw_spin_lock_irqsave+0x100/0x100 [ 57.219062][ T26] ? kthread_data+0x4d/0xc0 [ 57.223552][ T26] ? wq_worker_running+0x8b/0x140 [ 57.228566][ T26] worker_thread+0xac1/0x1320 [ 57.233244][ T26] ? __kthread_parkme+0x166/0x1c0 [ 57.238259][ T26] kthread+0x453/0x480 [ 57.242314][ T26] ? rcu_lock_release+0x20/0x20 [ 57.247151][ T26] ? kthread_blkcg+0xd0/0xd0 [ 57.251748][ T26] ret_from_fork+0x1f/0x30 [ 57.257662][ T26] Kernel Offset: disabled [ 57.262088][ T26] Rebooting in 86400 seconds..