[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 15.704433][ C1] random: crng init done [ 15.708960][ C1] random: 7 urandom warning(s) missed due to ratelimiting Warning: Permanently added '10.128.0.16' (ECDSA) to the list of known hosts. executing program [ 23.011161][ T173] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 23.411449][ T173] usb 1-1: unable to get BOS descriptor or descriptor too short [ 23.610857][ T173] usb 1-1: config 255 has an invalid interface number: 165 but max is 0 [ 23.619570][ T173] usb 1-1: config 255 has no interface number 0 [ 23.626791][ T173] usb 1-1: config 255 interface 165 altsetting 3 endpoint 0x7 has invalid maxpacket 512, setting to 64 [ 23.637907][ T173] usb 1-1: config 255 interface 165 altsetting 3 endpoint 0xA has invalid maxpacket 1024, setting to 64 [ 23.649209][ T173] usb 1-1: config 255 interface 165 altsetting 3 endpoint 0x9 has invalid wMaxPacketSize 0 [ 23.659433][ T173] usb 1-1: config 255 interface 165 altsetting 3 has an invalid endpoint with address 0x80, skipping [ 23.670361][ T173] usb 1-1: config 255 interface 165 altsetting 3 endpoint 0x5 has invalid maxpacket 495, setting to 64 [ 23.682821][ T173] usb 1-1: config 255 interface 165 altsetting 3 endpoint 0x3 has invalid maxpacket 1024, setting to 64 [ 23.694091][ T173] usb 1-1: config 255 interface 165 altsetting 3 endpoint 0x4 has invalid maxpacket 1023, setting to 64 [ 23.705267][ T173] usb 1-1: config 255 interface 165 altsetting 3 has a duplicate endpoint with address 0x8, skipping [ 23.716194][ T173] usb 1-1: config 255 interface 165 altsetting 3 has a duplicate endpoint with address 0x5, skipping [ 23.727191][ T173] usb 1-1: config 255 interface 165 has no altsetting 0 [ 23.890672][ T173] usb 1-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=17.a9 [ 23.899728][ T173] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 23.907801][ T173] usb 1-1: Product: syz [ 23.912023][ T173] usb 1-1: Manufacturer: syz [ 23.916609][ T173] usb 1-1: SerialNumber: syz executing program [ 24.212557][ T173] ------------[ cut here ]------------ [ 24.218063][ T173] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 24.224195][ T173] WARNING: CPU: 1 PID: 173 at drivers/usb/core/urb.c:478 usb_submit_urb+0x1188/0x1460 [ 24.233748][ T173] Kernel panic - not syncing: panic_on_warn set ... [ 24.240333][ T173] CPU: 1 PID: 173 Comm: kworker/1:3 Not tainted 5.7.0-rc6-syzkaller #0 [ 24.248557][ T173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 24.258697][ T173] Workqueue: usb_hub_wq hub_event [ 24.263741][ T173] Call Trace: [ 24.267103][ T173] dump_stack+0xef/0x16e [ 24.271610][ T173] ? usb_submit_urb+0x10e0/0x1460 [ 24.276624][ T173] panic+0x2aa/0x6e1 [ 24.280514][ T173] ? add_taint.cold+0x16/0x16 [ 24.285169][ T173] ? __probe_kernel_read+0x188/0x1d0 [ 24.290449][ T173] ? __warn.cold+0x14/0x30 [ 24.294852][ T173] ? __warn+0xd5/0x1c8 [ 24.298897][ T173] ? usb_submit_urb+0x1188/0x1460 [ 24.303916][ T173] __warn.cold+0x2f/0x30 [ 24.308140][ T173] ? usb_submit_urb+0x1188/0x1460 [ 24.313141][ T173] report_bug+0x27b/0x2f0 [ 24.317455][ T173] do_error_trap+0x12b/0x1e0 [ 24.322126][ T173] ? usb_submit_urb+0x1188/0x1460 [ 24.327127][ T173] do_invalid_op+0x32/0x40 [ 24.331521][ T173] ? usb_submit_urb+0x1188/0x1460 [ 24.336881][ T173] invalid_op+0x23/0x30 [ 24.341018][ T173] RIP: 0010:usb_submit_urb+0x1188/0x1460 [ 24.346809][ T173] Code: 4d 85 ed 74 46 e8 88 b1 d2 fd 4c 89 f7 e8 b0 a4 16 ff 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 c0 56 3d 86 e8 70 87 a6 fd <0f> 0b e9 20 f4 ff ff e8 5c b1 d2 fd 0f 1f 44 00 00 e8 52 b1 d2 fd [ 24.367981][ T173] RSP: 0018:ffff8881cc6fef48 EFLAGS: 00010286 [ 24.374202][ T173] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 24.383280][ T173] RDX: 0000000000000000 RSI: ffffffff812a339d RDI: ffffed10398dfddb [ 24.392307][ T173] RBP: ffff8881cd0c08f0 R08: ffff8881cc6f0000 R09: ffffed103b666292 [ 24.400341][ T173] R10: ffff8881db33148f R11: ffffed103b666291 R12: 0000000000000001 [ 24.408293][ T173] R13: ffff8881d8e4b360 R14: ffff8881cd6c90a0 R15: ffff8881d57bb400 [ 24.416512][ T173] ? vprintk_func+0x7d/0x113 [ 24.421108][ T173] ? usb_submit_urb+0x1188/0x1460 [ 24.426118][ T173] ? lockdep_init_map_waits+0x232/0x7c0 [ 24.431647][ T173] usb_start_wait_urb+0x101/0x4c0 [ 24.436653][ T173] ? sg_clean+0x230/0x230 [ 24.441241][ T173] ? kasan_unpoison_shadow+0x30/0x40 [ 24.446519][ T173] ? memset+0x20/0x40 [ 24.450571][ T173] usb_bulk_msg+0x228/0x550 [ 24.455070][ T173] amradio_send_cmd+0x2e4/0x840 [ 24.461215][ T173] ? usb_si4713_probe+0xd33/0xd33 [ 24.466401][ T173] ? read_word_at_a_time+0xe/0x20 [ 24.471422][ T173] ? strscpy+0x97/0x2a0 [ 24.475613][ T173] usb_amradio_probe+0x43c/0x6ef [ 24.480551][ T173] usb_probe_interface+0x310/0x800 [ 24.485657][ T173] ? usb_probe_device+0x230/0x230 [ 24.490675][ T173] really_probe+0x290/0xac0 [ 24.495618][ T173] driver_probe_device+0x223/0x350 [ 24.500747][ T173] __device_attach_driver+0x1d1/0x290 [ 24.506803][ T173] ? driver_allows_async_probing+0x160/0x160 [ 24.512771][ T173] bus_for_each_drv+0x162/0x1e0 [ 24.517691][ T173] ? bus_rescan_devices+0x20/0x20 [ 24.522832][ T173] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 24.528631][ T173] ? lockdep_hardirqs_on+0x3c7/0x5d0 [ 24.533929][ T173] __device_attach+0x21a/0x390 [ 24.538780][ T173] ? device_bind_driver+0xd0/0xd0 [ 24.543790][ T173] bus_probe_device+0x1e4/0x290 [ 24.548627][ T173] device_add+0x1367/0x1c40 [ 24.553125][ T173] ? wait_for_completion+0x280/0x280 [ 24.558384][ T173] ? device_link_remove+0x110/0x110 [ 24.563577][ T173] usb_set_configuration+0xed4/0x1850 [ 24.568928][ T173] usb_generic_driver_probe+0x9d/0xe0 [ 24.574308][ T173] usb_probe_device+0xd9/0x230 [ 24.579070][ T173] ? usb_suspend+0x600/0x600 [ 24.583646][ T173] really_probe+0x290/0xac0 [ 24.588141][ T173] driver_probe_device+0x223/0x350 [ 24.593248][ T173] __device_attach_driver+0x1d1/0x290 [ 24.598623][ T173] ? driver_allows_async_probing+0x160/0x160 [ 24.604578][ T173] bus_for_each_drv+0x162/0x1e0 [ 24.610127][ T173] ? bus_rescan_devices+0x20/0x20 [ 24.615910][ T173] ? _raw_spin_unlock_irqrestore+0x39/0x40 [ 24.621728][ T173] ? lockdep_hardirqs_on+0x3c7/0x5d0 [ 24.626991][ T173] __device_attach+0x21a/0x390 [ 24.631756][ T173] ? device_bind_driver+0xd0/0xd0 [ 24.636959][ T173] bus_probe_device+0x1e4/0x290 [ 24.641797][ T173] device_add+0x1367/0x1c40 [ 24.646711][ T173] ? device_link_remove+0x110/0x110 [ 24.651889][ T173] usb_new_device.cold+0x552/0xf6e [ 24.656984][ T173] ? hub_disconnect+0x4a0/0x4a0 [ 24.661824][ T173] ? mark_held_locks+0x9f/0xe0 [ 24.666574][ T173] ? __kasan_slab_free+0x12e/0x160 [ 24.671690][ T173] ? _raw_spin_unlock_irq+0x1f/0x30 [ 24.676984][ T173] hub_event+0x226d/0x43c0 [ 24.681383][ T173] ? hub_port_debounce+0x350/0x350 [ 24.686473][ T173] ? __x64_sys_sysinfo+0x31/0x40 [ 24.691391][ T173] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 24.696915][ T173] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 24.702191][ T173] ? _raw_spin_unlock_irq+0x1f/0x30 [ 24.707480][ T173] process_one_work+0x965/0x1630 [ 24.712401][ T173] ? lock_release+0x720/0x720 [ 24.717402][ T173] ? pwq_dec_nr_in_flight+0x310/0x310 [ 24.722754][ T173] ? rwlock_bug.part.0+0x90/0x90 [ 24.727778][ T173] worker_thread+0x96/0xe20 [ 24.732362][ T173] ? process_one_work+0x1630/0x1630 [ 24.737595][ T173] kthread+0x326/0x430 [ 24.741654][ T173] ? kthread_create_on_node+0xf0/0xf0 [ 24.747015][ T173] ret_from_fork+0x24/0x30 [ 24.752168][ T173] Kernel Offset: disabled [ 24.756535][ T173] Rebooting in 86400 seconds..