Warning: Permanently added '10.128.0.136' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 43.345055][ T107] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 43.745099][ T107] usb 1-1: unable to get BOS descriptor or descriptor too short [ 43.944741][ T107] usb 1-1: config 2 has an invalid interface number: 142 but max is 0 [ 43.952995][ T107] usb 1-1: config 2 has no interface number 0 [ 43.959235][ T107] usb 1-1: config 2 interface 142 has no altsetting 0 [ 44.204728][ T107] usb 1-1: string descriptor 0 read error: -22 [ 44.211518][ T107] usb 1-1: New USB device found, idVendor=0742, idProduct=200a, bcdDevice=38.41 [ 44.220798][ T107] usb 1-1: New USB device strings: Mfr=2, Product=31, SerialNumber=64 [ 44.266590][ T107] ================================================================== [ 44.274884][ T107] BUG: KASAN: stack-out-of-bounds in hfcsusb_probe.cold+0x1a46/0x2682 [ 44.283048][ T107] Read of size 4 at addr ffff8881d4287248 by task kworker/0:2/107 [ 44.290828][ T107] [ 44.293146][ T107] CPU: 0 PID: 107 Comm: kworker/0:2 Not tainted 5.2.0-rc6+ #13 [ 44.300711][ T107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.310889][ T107] Workqueue: usb_hub_wq hub_event [ 44.315904][ T107] Call Trace: [ 44.319184][ T107] dump_stack+0xca/0x13e [ 44.323415][ T107] ? hfcsusb_probe.cold+0x1a46/0x2682 [ 44.328776][ T107] ? hfcsusb_probe.cold+0x1a46/0x2682 [ 44.334136][ T107] print_address_description+0x67/0x231 [ 44.339801][ T107] ? hfcsusb_probe.cold+0x1a46/0x2682 [ 44.345361][ T107] ? hfcsusb_probe.cold+0x1a46/0x2682 [ 44.350727][ T107] __kasan_report.cold+0x1a/0x32 [ 44.355788][ T107] ? hfcsusb_probe.cold+0x1a46/0x2682 [ 44.361146][ T107] kasan_report+0xe/0x20 [ 44.365377][ T107] hfcsusb_probe.cold+0x1a46/0x2682 [ 44.370564][ T107] ? handle_led+0x730/0x730 [ 44.375188][ T107] ? __pm_runtime_set_status+0x5d5/0xa10 [ 44.380956][ T107] usb_probe_interface+0x305/0x7a0 [ 44.386054][ T107] ? usb_probe_device+0x100/0x100 [ 44.391104][ T107] really_probe+0x281/0x660 [ 44.395600][ T107] driver_probe_device+0x104/0x210 [ 44.400798][ T107] __device_attach_driver+0x1c2/0x220 [ 44.406231][ T107] ? driver_allows_async_probing+0x160/0x160 [ 44.412205][ T107] bus_for_each_drv+0x15c/0x1e0 [ 44.417113][ T107] ? bus_rescan_devices+0x20/0x20 [ 44.422141][ T107] ? _raw_spin_unlock_irqrestore+0x3e/0x50 [ 44.428048][ T107] ? lockdep_hardirqs_on+0x379/0x580 [ 44.433499][ T107] __device_attach+0x217/0x360 [ 44.438277][ T107] ? device_bind_driver+0xd0/0xd0 [ 44.443344][ T107] ? kobject_uevent_env+0x29e/0x1150 [ 44.448686][ T107] ? kobject_uevent_env+0x2a8/0x1150 [ 44.454075][ T107] bus_probe_device+0x1e4/0x290 [ 44.458981][ T107] ? blocking_notifier_call_chain+0x54/0xa0 [ 44.464859][ T107] device_add+0xae6/0x16f0 [ 44.469263][ T107] ? uevent_store+0x50/0x50 [ 44.473747][ T107] usb_set_configuration+0xdf6/0x1670 [ 44.479373][ T107] generic_probe+0x9d/0xd5 [ 44.483954][ T107] usb_probe_device+0x99/0x100 [ 44.488824][ T107] ? usb_suspend+0x620/0x620 [ 44.493461][ T107] really_probe+0x281/0x660 [ 44.497954][ T107] driver_probe_device+0x104/0x210 [ 44.503109][ T107] __device_attach_driver+0x1c2/0x220 [ 44.508479][ T107] ? driver_allows_async_probing+0x160/0x160 [ 44.514498][ T107] bus_for_each_drv+0x15c/0x1e0 [ 44.519437][ T107] ? bus_rescan_devices+0x20/0x20 [ 44.524660][ T107] ? _raw_spin_unlock_irqrestore+0x3e/0x50 [ 44.530451][ T107] ? lockdep_hardirqs_on+0x379/0x580 [ 44.535726][ T107] __device_attach+0x217/0x360 [ 44.540471][ T107] ? device_bind_driver+0xd0/0xd0 [ 44.545571][ T107] ? kobject_uevent_env+0x29e/0x1150 [ 44.550863][ T107] ? kobject_uevent_env+0x2a8/0x1150 [ 44.556142][ T107] bus_probe_device+0x1e4/0x290 [ 44.561281][ T107] ? blocking_notifier_call_chain+0x54/0xa0 [ 44.567168][ T107] device_add+0xae6/0x16f0 [ 44.571573][ T107] ? uevent_store+0x50/0x50 [ 44.576064][ T107] usb_new_device.cold+0x8c1/0x1016 [ 44.581335][ T107] ? usb_port_suspend+0xa40/0xa40 [ 44.586346][ T107] ? mark_held_locks+0x9f/0xe0 [ 44.591320][ T107] ? _raw_spin_unlock_irq+0x24/0x30 [ 44.596508][ T107] hub_event+0x1ada/0x3590 [ 44.601068][ T107] ? hub_port_debounce+0x260/0x260 [ 44.606170][ T107] process_one_work+0x905/0x1570 [ 44.611094][ T107] ? pwq_dec_nr_in_flight+0x310/0x310 [ 44.616618][ T107] ? do_raw_spin_lock+0x11a/0x280 [ 44.621645][ T107] worker_thread+0x96/0xe20 [ 44.626143][ T107] ? process_one_work+0x1570/0x1570 [ 44.631328][ T107] kthread+0x30b/0x410 [ 44.635474][ T107] ? kthread_park+0x1a0/0x1a0 [ 44.640186][ T107] ret_from_fork+0x24/0x30 [ 44.644677][ T107] [ 44.646991][ T107] The buggy address belongs to the page: [ 44.652749][ T107] page:ffffea000750a1c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 [ 44.661843][ T107] flags: 0x200000000000000() [ 44.666422][ T107] raw: 0200000000000000 ffffea000750a1c8 ffffea000750a1c8 0000000000000000 [ 44.675025][ T107] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 44.683693][ T107] page dumped because: kasan: bad access detected [ 44.690259][ T107] [ 44.692573][ T107] Memory state around the buggy address: [ 44.698194][ T107] ffff8881d4287100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.706354][ T107] ffff8881d4287180: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 [ 44.714404][ T107] >ffff8881d4287200: 00 00 00 00 00 00 00 00 f3 f3 f3 f3 00 00 00 00 [ 44.722450][ T107] ^ [ 44.728952][ T107] ffff8881d4287280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.737123][ T107] ffff8881d4287300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.745270][ T107] ================================================================== [ 44.753536][ T107] Disabling lock debugging due to kernel taint [ 44.759922][ T107] Kernel panic - not syncing: panic_on_warn set ... [ 44.766530][ T107] CPU: 0 PID: 107 Comm: kworker/0:2 Tainted: G B 5.2.0-rc6+ #13 [ 44.775446][ T107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.785503][ T107] Workqueue: usb_hub_wq hub_event [ 44.790515][ T107] Call Trace: [ 44.793797][ T107] dump_stack+0xca/0x13e [ 44.798030][ T107] panic+0x292/0x6c9 [ 44.801934][ T107] ? __warn_printk+0xf3/0xf3 [ 44.806520][ T107] ? hfcsusb_probe.cold+0x1a46/0x2682 [ 44.811887][ T107] ? trace_hardirqs_on+0x55/0x1c0 [ 44.816902][ T107] ? hfcsusb_probe.cold+0x1a46/0x2682 [ 44.822381][ T107] end_report+0x43/0x49 [ 44.826555][ T107] ? hfcsusb_probe.cold+0x1a46/0x2682 [ 44.831917][ T107] __kasan_report.cold+0xd/0x32 [ 44.836765][ T107] ? hfcsusb_probe.cold+0x1a46/0x2682 [ 44.842129][ T107] kasan_report+0xe/0x20 [ 44.846362][ T107] hfcsusb_probe.cold+0x1a46/0x2682 [ 44.851551][ T107] ? handle_led+0x730/0x730 [ 44.856046][ T107] ? __pm_runtime_set_status+0x5d5/0xa10 [ 44.861669][ T107] usb_probe_interface+0x305/0x7a0 [ 44.866776][ T107] ? usb_probe_device+0x100/0x100 [ 44.871885][ T107] really_probe+0x281/0x660 [ 44.876390][ T107] driver_probe_device+0x104/0x210 [ 44.881489][ T107] __device_attach_driver+0x1c2/0x220 [ 44.886860][ T107] ? driver_allows_async_probing+0x160/0x160 [ 44.892828][ T107] bus_for_each_drv+0x15c/0x1e0 [ 44.897673][ T107] ? bus_rescan_devices+0x20/0x20 [ 44.902683][ T107] ? _raw_spin_unlock_irqrestore+0x3e/0x50 [ 44.908481][ T107] ? lockdep_hardirqs_on+0x379/0x580 [ 44.913845][ T107] __device_attach+0x217/0x360 [ 44.918783][ T107] ? device_bind_driver+0xd0/0xd0 [ 44.923976][ T107] ? kobject_uevent_env+0x29e/0x1150 [ 44.929339][ T107] ? kobject_uevent_env+0x2a8/0x1150 [ 44.934620][ T107] bus_probe_device+0x1e4/0x290 [ 44.939463][ T107] ? blocking_notifier_call_chain+0x54/0xa0 [ 44.945448][ T107] device_add+0xae6/0x16f0 [ 44.949855][ T107] ? uevent_store+0x50/0x50 [ 44.954351][ T107] usb_set_configuration+0xdf6/0x1670 [ 44.959804][ T107] generic_probe+0x9d/0xd5 [ 44.964215][ T107] usb_probe_device+0x99/0x100 [ 44.968974][ T107] ? usb_suspend+0x620/0x620 [ 44.973576][ T107] really_probe+0x281/0x660 [ 44.978078][ T107] driver_probe_device+0x104/0x210 [ 44.983202][ T107] __device_attach_driver+0x1c2/0x220 [ 44.988565][ T107] ? driver_allows_async_probing+0x160/0x160 [ 44.994550][ T107] bus_for_each_drv+0x15c/0x1e0 [ 44.999397][ T107] ? bus_rescan_devices+0x20/0x20 [ 45.004414][ T107] ? _raw_spin_unlock_irqrestore+0x3e/0x50 [ 45.010215][ T107] ? lockdep_hardirqs_on+0x379/0x580 [ 45.015490][ T107] __device_attach+0x217/0x360 [ 45.020528][ T107] ? device_bind_driver+0xd0/0xd0 [ 45.025543][ T107] ? kobject_uevent_env+0x29e/0x1150 [ 45.030822][ T107] ? kobject_uevent_env+0x2a8/0x1150 [ 45.036357][ T107] bus_probe_device+0x1e4/0x290 [ 45.041293][ T107] ? blocking_notifier_call_chain+0x54/0xa0 [ 45.047177][ T107] device_add+0xae6/0x16f0 [ 45.051579][ T107] ? uevent_store+0x50/0x50 [ 45.056073][ T107] usb_new_device.cold+0x8c1/0x1016 [ 45.061262][ T107] ? usb_port_suspend+0xa40/0xa40 [ 45.066284][ T107] ? mark_held_locks+0x9f/0xe0 [ 45.071506][ T107] ? _raw_spin_unlock_irq+0x24/0x30 [ 45.076701][ T107] hub_event+0x1ada/0x3590 [ 45.081111][ T107] ? hub_port_debounce+0x260/0x260 [ 45.086664][ T107] process_one_work+0x905/0x1570 [ 45.091685][ T107] ? pwq_dec_nr_in_flight+0x310/0x310 [ 45.097056][ T107] ? do_raw_spin_lock+0x11a/0x280 [ 45.102073][ T107] worker_thread+0x96/0xe20 [ 45.106570][ T107] ? process_one_work+0x1570/0x1570 [ 45.111852][ T107] kthread+0x30b/0x410 [ 45.115908][ T107] ? kthread_park+0x1a0/0x1a0 [ 45.120587][ T107] ret_from_fork+0x24/0x30 [ 45.125295][ T107] Kernel Offset: disabled [ 45.129618][ T107] Rebooting in 86400 seconds..