Warning: Permanently added '10.128.1.177' (ECDSA) to the list of known hosts. executing program [ 30.202218][ T22] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 30.442145][ T22] usb 1-1: Using ep0 maxpacket: 16 [ 30.602265][ T22] usb 1-1: unable to get BOS descriptor or descriptor too short [ 30.682326][ T22] usb 1-1: config 4 has an invalid interface number: 174 but max is 2 [ 30.690586][ T22] usb 1-1: config 4 has an invalid interface number: 254 but max is 2 [ 30.698804][ T22] usb 1-1: config 4 has an invalid interface number: 25 but max is 2 [ 30.706899][ T22] usb 1-1: config 4 contains an unexpected descriptor of type 0x2, skipping [ 30.715606][ T22] usb 1-1: config 4 has an invalid descriptor of length 128, skipping remainder of the config [ 30.725961][ T22] usb 1-1: config 4 has no interface number 0 [ 30.732028][ T22] usb 1-1: config 4 has no interface number 1 [ 30.738158][ T22] usb 1-1: config 4 has no interface number 2 [ 30.744298][ T22] usb 1-1: config 4 interface 174 altsetting 180 endpoint 0xB has invalid maxpacket 1024, setting to 64 [ 30.755552][ T22] usb 1-1: config 4 interface 174 altsetting 180 endpoint 0xA has an invalid bInterval 190, changing to 11 [ 30.766958][ T22] usb 1-1: config 4 interface 174 altsetting 180 has a duplicate endpoint with address 0xB, skipping [ 30.777844][ T22] usb 1-1: config 4 interface 174 altsetting 180 endpoint 0xE has an invalid bInterval 32, changing to 9 [ 30.789086][ T22] usb 1-1: config 4 interface 174 altsetting 180 has an invalid endpoint with address 0x0, skipping [ 30.800083][ T22] usb 1-1: config 4 interface 174 altsetting 180 has a duplicate endpoint with address 0x8, skipping [ 30.810989][ T22] usb 1-1: config 4 interface 254 altsetting 9 has a duplicate endpoint with address 0xA, skipping [ 30.821738][ T22] usb 1-1: config 4 interface 25 altsetting 132 endpoint 0x3 has invalid maxpacket 1029, setting to 64 [ 30.832789][ T22] usb 1-1: config 4 interface 25 altsetting 132 has 1 endpoint descriptor, different from the interface descriptor's value: 6 [ 30.845843][ T22] usb 1-1: config 4 interface 174 has no altsetting 0 [ 30.852638][ T22] usb 1-1: config 4 interface 254 has no altsetting 0 [ 30.859821][ T22] usb 1-1: config 4 interface 25 has no altsetting 0 [ 31.102283][ T22] usb 1-1: string descriptor 0 read error: -22 [ 31.108531][ T22] usb 1-1: New USB device found, idVendor=1286, idProduct=2049, bcdDevice=e5.3a [ 31.117605][ T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 31.259046][ T17] divide error: 0000 [#1] SMP KASAN [ 31.264263][ T17] CPU: 1 PID: 17 Comm: kworker/1:0 Not tainted 5.15.0-rc5-syzkaller #0 [ 31.272662][ T17] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.282794][ T17] Workqueue: events request_firmware_work_func [ 31.288965][ T17] RIP: 0010:mwifiex_usb_dnld_fw+0xabd/0x11a0 [ 31.294950][ T17] Code: 00 00 00 48 8d bb 70 01 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0 74 08 3c 03 0f 8e c2 04 00 00 8b 44 24 10 31 d2 31 ff b3 70 01 00 00 89 d6 89 54 24 20 e8 f2 e9 00 fe 8b 54 24 20 8b [ 31.314553][ T17] RSP: 0018:ffffc9000012f9b0 EFLAGS: 00010246 [ 31.320606][ T17] RAX: 0000000000000014 RBX: ffff88810a724028 RCX: 0000000000000000 [ 31.328738][ T17] RDX: 0000000000000000 RSI: ffffffff8340e60c RDI: 0000000000000000 [ 31.336698][ T17] RBP: ffff88810a8af800 R08: 0000000000000000 R09: ffff88810a8af800 [ 31.344761][ T17] R10: ffffffff8340e5d2 R11: 0000000000000000 R12: 0000000000000003 [ 31.352715][ T17] R13: dffffc0000000000 R14: ffffc9000012fa58 R15: 0000000000000001 [ 31.360683][ T17] FS: 0000000000000000(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000 [ 31.369596][ T17] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 31.376160][ T17] CR2: 00007ffc8edc7c70 CR3: 000000010d046000 CR4: 00000000003506e0 [ 31.384267][ T17] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 31.392222][ T17] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 31.400298][ T17] Call Trace: [ 31.403580][ T17] ? mwifiex_usb_cmd_event_complete+0x140/0x140 [ 31.409833][ T17] ? _raw_spin_unlock_irq+0x1f/0x30 [ 31.415044][ T17] ? trace_hardirqs_on+0x5b/0x1a0 [ 31.420076][ T17] ? _raw_spin_unlock_irq+0x1f/0x30 [ 31.425268][ T17] ? wait_for_completion_killable_timeout+0x25f/0x330 [ 31.432018][ T17] ? mwifiex_usb_cmd_event_complete+0x140/0x140 [ 31.438261][ T17] _mwifiex_fw_dpc+0x181/0x10a0 [ 31.443111][ T17] ? rcu_read_lock_sched_held+0x3a/0x70 [ 31.448644][ T17] ? mwifiex_remove_card+0x180/0x180 [ 31.453908][ T17] ? fw_set_page_data+0xc9/0x170 [ 31.458825][ T17] ? debug_object_deactivate+0x264/0x300 [ 31.464439][ T17] ? assign_fw+0x640/0x640 [ 31.468845][ T17] ? lock_acquire+0x19d/0x4d0 [ 31.473502][ T17] ? process_one_work+0x8d7/0x1620 [ 31.478599][ T17] ? _mwifiex_fw_dpc+0x10a0/0x10a0 [ 31.483706][ T17] request_firmware_work_func+0x12c/0x230 [ 31.489409][ T17] ? request_partial_firmware_into_buf+0xa0/0xa0 [ 31.495739][ T17] process_one_work+0x9bf/0x1620 [ 31.500664][ T17] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 31.506037][ T17] ? try_to_del_timer_sync+0xbf/0x110 [ 31.511394][ T17] ? rwlock_bug.part.0+0x90/0x90 [ 31.516310][ T17] worker_thread+0x658/0x11f0 [ 31.520966][ T17] ? process_one_work+0x1620/0x1620 [ 31.526164][ T17] kthread+0x3c2/0x4a0 [ 31.530300][ T17] ? _raw_spin_unlock_irq+0x1f/0x30 [ 31.535483][ T17] ? set_kthread_struct+0x130/0x130 [ 31.540661][ T17] ret_from_fork+0x1f/0x30 [ 31.545064][ T17] Modules linked in: [ 31.549113][ T17] ---[ end trace 461e13770bd5d6b4 ]--- [ 31.553351][ T1127] usb 1-1: USB disconnect, device number 2 executing program [ 31.554583][ T17] RIP: 0010:mwifiex_usb_dnld_fw+0xabd/0x11a0 [ 31.566443][ T17] Code: 00 00 00 48 8d bb 70 01 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0 74 08 3c 03 0f 8e c2 04 00 00 8b 44 24 10 31 d2 31 ff b3 70 01 00 00 89 d6 89 54 24 20 e8 f2 e9 00 fe 8b 54 24 20 8b [ 31.586221][ T17] RSP: 0018:ffffc9000012f9b0 EFLAGS: 00010246 [ 31.592319][ T17] RAX: 0000000000000014 RBX: ffff88810a724028 RCX: 0000000000000000 [ 31.600287][ T17] RDX: 0000000000000000 RSI: ffffffff8340e60c RDI: 0000000000000000 [ 31.608344][ T17] RBP: ffff88810a8af800 R08: 0000000000000000 R09: ffff88810a8af800 [ 31.616370][ T17] R10: ffffffff8340e5d2 R11: 0000000000000000 R12: 0000000000000003 [ 31.624391][ T17] R13: dffffc0000000000 R14: ffffc9000012fa58 R15: 0000000000000001 [ 31.632389][ T17] FS: 0000000000000000(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000 [ 31.641609][ T17] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 31.648240][ T17] CR2: 00007ffc8edc7c70 CR3: 000000010d046000 CR4: 00000000003506e0 [ 31.656329][ T17] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 31.664530][ T17] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 31.672539][ T17] Kernel panic - not syncing: Fatal exception [ 31.678849][ T17] Kernel Offset: disabled [ 31.683342][ T17] Rebooting in 86400 seconds..