Warning: Permanently added '10.128.0.249' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 66.552662][ T4941] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 66.792476][ T4941] usb 1-1: Using ep0 maxpacket: 16 [ 66.922687][ T4941] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 67.092670][ T4941] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=b6.8f [ 67.102106][ T4941] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 67.110560][ T4941] usb 1-1: Product: syz [ 67.115455][ T4941] usb 1-1: Manufacturer: syz [ 67.120120][ T4941] usb 1-1: SerialNumber: syz [ 67.128716][ T4941] usb 1-1: config 0 descriptor?? [ 67.175594][ T4941] cm109 1-1:0.0: invalid payload size 82, expected 4 [ 67.186469][ T4941] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input5 [ 67.387478][ T8490] ------------[ cut here ]------------ [ 67.387516][ T8490] URB 0000000056bd5df7 submitted while active [ 67.387823][ T8490] WARNING: CPU: 0 PID: 8490 at drivers/usb/core/urb.c:378 usb_submit_urb+0x1228/0x14e0 [ 67.387827][ T8490] Modules linked in: [ 67.387842][ T8490] CPU: 0 PID: 8490 Comm: syz-executor949 Not tainted 5.10.0-rc5-syzkaller #0 [ 67.387848][ T8490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.387857][ T8490] RIP: 0010:usb_submit_urb+0x1228/0x14e0 [ 67.387867][ T8490] Code: 89 de e8 6b d6 3b fc 84 db 0f 85 da f4 ff ff e8 4e de 3b fc 4c 89 fe 48 c7 c7 00 57 e1 89 c6 05 01 64 a4 07 01 e8 d4 0c 78 03 <0f> 0b e9 b8 f4 ff ff c7 44 24 14 01 00 00 00 e9 6f f5 ff ff 41 bd [ 67.387873][ T8490] RSP: 0018:ffffc900012ef710 EFLAGS: 00010086 [ 67.387883][ T8490] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 67.387890][ T8490] RDX: ffff88802068b480 RSI: ffffffff8158d875 RDI: fffff5200025ded4 [ 67.387896][ T8490] RBP: 0000000000000020 R08: 0000000000000001 R09: ffff8880b9e2011b [ 67.387902][ T8490] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880117c3078 [ 67.387908][ T8490] R13: 00000000fffffff0 R14: ffffffff85a190a0 R15: ffff88801d38cd00 [ 67.387916][ T8490] FS: 0000000001949880(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 67.387925][ T8490] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 67.387932][ T8490] CR2: 00005637666ec160 CR3: 0000000029267000 CR4: 00000000001506f0 [ 67.387938][ T8490] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 67.387944][ T8490] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 67.387948][ T8490] Call Trace: [ 67.387962][ T8490] ? add_bootloader_randomness+0x20/0x20 [ 67.387977][ T8490] ? cm109_usb_disconnect+0x80/0x80 [ 67.387986][ T8490] cm109_submit_buzz_toggle+0xd0/0x130 [ 67.387997][ T8490] cm109_input_ev+0x1ea/0x230 [ 67.388009][ T8490] input_handle_event+0x66e/0x1400 [ 67.388024][ T8490] input_inject_event+0x2f5/0x310 [ 67.388039][ T8490] kd_sound_helper+0x122/0x260 [ 67.388049][ T8490] ? get_order+0x20/0x20 [ 67.388060][ T8490] input_handler_for_each_handle+0xf4/0x210 [ 67.388073][ T8490] kd_mksound+0x85/0x120 [ 67.388083][ T8490] ? k_lock+0x80/0x80 [ 67.388099][ T8490] do_con_trol+0x813/0x54c0 [ 67.388113][ T8490] ? reset_palette+0x2c0/0x2c0 [ 67.388123][ T8490] ? lock_downgrade+0x6d0/0x6d0 [ 67.388133][ T8490] ? atomic_notifier_call_chain+0xdf/0x170 [ 67.388155][ T8490] ? lf+0x1f5/0x2c0 [ 67.388163][ T8490] ? notifier_call_chain+0x1a9/0x200 [ 67.388181][ T8490] do_con_write+0xb89/0x1dd0 [ 67.388205][ T8490] ? do_con_trol+0x54c0/0x54c0 [ 67.388227][ T8490] ? wait_for_completion+0x260/0x260 [ 67.388241][ T8490] con_write+0x22/0xb0 [ 67.388253][ T8490] n_tty_write+0x3ce/0xf80 [ 67.388276][ T8490] ? n_tty_receive_char_lnext+0x700/0x700 [ 67.388291][ T8490] ? __init_waitqueue_head+0x110/0x110 [ 67.388309][ T8490] tty_write+0x4d9/0x870 [ 67.388319][ T8490] ? n_tty_receive_char_lnext+0x700/0x700 [ 67.388333][ T8490] ? tty_read+0x290/0x290 [ 67.388345][ T8490] vfs_write+0x28e/0xa30 [ 67.388359][ T8490] ksys_write+0x12d/0x250 [ 67.388369][ T8490] ? __ia32_sys_read+0xb0/0xb0 [ 67.388383][ T8490] ? syscall_enter_from_user_mode+0x1d/0x50 [ 67.388397][ T8490] do_syscall_64+0x2d/0x70 [ 67.388409][ T8490] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.388416][ T8490] RIP: 0033:0x444859 [ 67.388427][ T8490] Code: e8 bc af 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b d7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 67.388433][ T8490] RSP: 002b:00007ffd082c1508 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 67.388444][ T8490] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 0000000000444859 [ 67.388450][ T8490] RDX: 0000000000001006 RSI: 0000000020001440 RDI: 0000000000000005 [ 67.388456][ T8490] RBP: 00000000006d0018 R08: 00000000004002e0 R09: 00000000004002e0 [ 67.388462][ T8490] R10: 000000000000000d R11: 0000000000000246 R12: 0000000000402480 [ 67.388468][ T8490] R13: 0000000000402510 R14: 0000000000000000 R15: 0000000000000000 [ 67.388487][ T8490] Kernel panic - not syncing: panic_on_warn set ... [ 67.388496][ T8490] CPU: 0 PID: 8490 Comm: syz-executor949 Not tainted 5.10.0-rc5-syzkaller #0 [ 67.388501][ T8490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.388504][ T8490] Call Trace: [ 67.388516][ T8490] dump_stack+0x107/0x163 [ 67.388530][ T8490] panic+0x306/0x73d [ 67.388540][ T8490] ? __warn_printk+0xf3/0xf3 [ 67.388557][ T8490] ? __warn.cold+0x1a/0x44 [ 67.388566][ T8490] ? __warn+0xf1/0x210 [ 67.388576][ T8490] ? usb_submit_urb+0x1228/0x14e0 [ 67.388586][ T8490] __warn.cold+0x35/0x44 [ 67.388597][ T8490] ? usb_submit_urb+0x1228/0x14e0 [ 67.388608][ T8490] report_bug+0x1bd/0x210 [ 67.388621][ T8490] handle_bug+0x3c/0x60 [ 67.388630][ T8490] exc_invalid_op+0x14/0x40 [ 67.388640][ T8490] asm_exc_invalid_op+0x12/0x20 [ 67.388649][ T8490] RIP: 0010:usb_submit_urb+0x1228/0x14e0 [ 67.388657][ T8490] Code: 89 de e8 6b d6 3b fc 84 db 0f 85 da f4 ff ff e8 4e de 3b fc 4c 89 fe 48 c7 c7 00 57 e1 89 c6 05 01 64 a4 07 01 e8 d4 0c 78 03 <0f> 0b e9 b8 f4 ff ff c7 44 24 14 01 00 00 00 e9 6f f5 ff ff 41 bd [ 67.388663][ T8490] RSP: 0018:ffffc900012ef710 EFLAGS: 00010086 [ 67.388672][ T8490] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 67.388679][ T8490] RDX: ffff88802068b480 RSI: ffffffff8158d875 RDI: fffff5200025ded4 [ 67.388685][ T8490] RBP: 0000000000000020 R08: 0000000000000001 R09: ffff8880b9e2011b [ 67.388691][ T8490] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880117c3078 [ 67.388697][ T8490] R13: 00000000fffffff0 R14: ffffffff85a190a0 R15: ffff88801d38cd00 [ 67.388706][ T8490] ? cm109_usb_disconnect+0x80/0x80 [ 67.388722][ T8490] ? vprintk_func+0x95/0x1e0 [ 67.388736][ T8490] ? add_bootloader_randomness+0x20/0x20 [ 67.388750][ T8490] ? cm109_usb_disconnect+0x80/0x80 [ 67.388759][ T8490] cm109_submit_buzz_toggle+0xd0/0x130 [ 67.388770][ T8490] cm109_input_ev+0x1ea/0x230 [ 67.388781][ T8490] input_handle_event+0x66e/0x1400 [ 67.388795][ T8490] input_inject_event+0x2f5/0x310 [ 67.388809][ T8490] kd_sound_helper+0x122/0x260 [ 67.388820][ T8490] ? get_order+0x20/0x20 [ 67.388830][ T8490] input_handler_for_each_handle+0xf4/0x210 [ 67.388842][ T8490] kd_mksound+0x85/0x120 [ 67.388851][ T8490] ? k_lock+0x80/0x80 [ 67.388867][ T8490] do_con_trol+0x813/0x54c0 [ 67.388881][ T8490] ? reset_palette+0x2c0/0x2c0 [ 67.388890][ T8490] ? lock_downgrade+0x6d0/0x6d0 [ 67.388899][ T8490] ? atomic_notifier_call_chain+0xdf/0x170 [ 67.388908][ T8490] ? lf+0x1f5/0x2c0 [ 67.388916][ T8490] ? notifier_call_chain+0x1a9/0x200 [ 67.388934][ T8490] do_con_write+0xb89/0x1dd0 [ 67.388957][ T8490] ? do_con_trol+0x54c0/0x54c0 [ 67.388973][ T8490] ? wait_for_completion+0x260/0x260 [ 67.388987][ T8490] con_write+0x22/0xb0 [ 67.388998][ T8490] n_tty_write+0x3ce/0xf80 [ 67.389021][ T8490] ? n_tty_receive_char_lnext+0x700/0x700 [ 67.389033][ T8490] ? __init_waitqueue_head+0x110/0x110 [ 67.389051][ T8490] tty_write+0x4d9/0x870 [ 67.389061][ T8490] ? n_tty_receive_char_lnext+0x700/0x700 [ 67.389074][ T8490] ? tty_read+0x290/0x290 [ 67.389084][ T8490] vfs_write+0x28e/0xa30 [ 67.389098][ T8490] ksys_write+0x12d/0x250 [ 67.389108][ T8490] ? __ia32_sys_read+0xb0/0xb0 [ 67.389120][ T8490] ? syscall_enter_from_user_mode+0x1d/0x50 [ 67.389134][ T8490] do_syscall_64+0x2d/0x70 [ 67.389149][ T8490] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.389156][ T8490] RIP: 0033:0x444859 [ 67.389165][ T8490] Code: e8 bc af 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b d7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 67.389170][ T8490] RSP: 002b:00007ffd082c1508 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 67.389181][ T8490] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 0000000000444859 [ 67.389187][ T8490] RDX: 0000000000001006 RSI: 0000000020001440 RDI: 0000000000000005 [ 67.389201][ T8490] RBP: 00000000006d0018 R08: 00000000004002e0 R09: 00000000004002e0 [ 67.389207][ T8490] R10: 000000000000000d R11: 0000000000000246 R12: 0000000000402480 [ 67.389213][ T8490] R13: 0000000000402510 R14: 0000000000000000 R15: 0000000000000000 [ 67.390313][ T8490] Kernel Offset: disabled [ 68.202615][ T8490] Rebooting in 86400 seconds..