[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.24' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 35.868598][ T32] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 36.228556][ T32] usb 1-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 36.239239][ T32] usb 1-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 36.408449][ T32] usb 1-1: New USB device found, idVendor=0413, idProduct=6a03, bcdDevice=39.7e [ 36.417721][ T32] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 36.426020][ T32] usb 1-1: Product: syz [ 36.430237][ T32] usb 1-1: Manufacturer: syz [ 36.434830][ T32] usb 1-1: SerialNumber: syz [ 36.484137][ T32] ------------[ cut here ]------------ [ 36.489887][ T32] usb 1-1: BOGUS control dir, pipe 80000280 doesn't match bRequestType c0 [ 36.498707][ T32] WARNING: CPU: 1 PID: 32 at drivers/usb/core/urb.c:410 usb_submit_urb+0x14aa/0x1830 [ 36.508286][ T32] Modules linked in: [ 36.512214][ T32] CPU: 1 PID: 32 Comm: kworker/1:1 Not tainted 5.13.0-rc2-syzkaller #0 [ 36.520532][ T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 36.530660][ T32] Workqueue: usb_hub_wq hub_event [ 36.535892][ T32] RIP: 0010:usb_submit_urb+0x14aa/0x1830 [ 36.541597][ T32] Code: 84 4c 01 00 00 e8 a6 14 b3 fd 4c 89 f7 e8 4e a7 1b ff 45 89 e8 44 89 e1 48 89 ea 48 89 c6 48 c7 c7 c0 09 63 86 e8 18 f1 fb 01 <0f> 0b 49 8d 4f 5c 48 b8 00 00 00 00 00 fc ff df 48 89 ca 48 89 4c [ 36.561367][ T32] RSP: 0018:ffffc900001a6d50 EFLAGS: 00010286 [ 36.567451][ T32] RAX: 0000000000000000 RBX: ffff88811ab8a058 RCX: 0000000000000000 [ 36.575726][ T32] RDX: ffff888107fc0000 RSI: ffffffff812a6013 RDI: fffff52000034d9c [ 36.583799][ T32] RBP: ffff88810e79f7a8 R08: 0000000000000001 R09: 0000000000000000 [ 36.591853][ T32] R10: ffffffff814b996b R11: 0000000000000000 R12: 0000000080000280 [ 36.599903][ T32] R13: 00000000000000c0 R14: ffff88811ab8a0a8 R15: ffff8881097a2500 [ 36.607891][ T32] FS: 0000000000000000(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000 [ 36.616893][ T32] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 36.623570][ T32] CR2: 000055d9ffcec928 CR3: 00000001103c2000 CR4: 00000000001506e0 [ 36.631609][ T32] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 36.639650][ T32] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 36.647643][ T32] Call Trace: [ 36.651000][ T32] usb_start_wait_urb+0x101/0x4c0 [ 36.656107][ T32] ? lock_downgrade+0x6e0/0x6e0 [ 36.661048][ T32] ? usb_api_blocking_completion+0xa0/0xa0 [ 36.666891][ T32] ? memset+0x20/0x40 [ 36.670937][ T32] usb_control_msg+0x31c/0x4a0 [ 36.675716][ T32] ? usb_start_wait_urb+0x4c0/0x4c0 executing program [ 36.681000][ T32] ? bus_probe_device+0x1e4/0x290 [ 36.686047][ T32] ? device_add+0xbe0/0x2100 [ 36.690735][ T32] ? usb_new_device.cold+0x721/0x1058 [ 36.696139][ T32] ? hub_event+0x2357/0x4330 [ 36.700858][ T32] ? process_one_work+0x98d/0x1580 [ 36.705999][ T32] ? worker_thread+0x64c/0x1120 [ 36.711076][ T32] ? kthread+0x38c/0x460 [ 36.715348][ T32] ? ret_from_fork+0x1f/0x30 [ 36.720062][ T32] rtl28xxu_ctrl_msg+0x4b7/0x700 [ 36.725200][ T32] ? lock_downgrade+0x6e0/0x6e0 [ 36.730462][ T32] ? mark_held_locks+0x9f/0xe0 [ 36.735252][ T32] rtl28xxu_identify_state+0xb6/0x320 [ 36.740783][ T32] ? rtl28xxu_ctrl_msg+0x700/0x700 [ 36.746007][ T32] ? rtl28xxu_ctrl_msg+0x700/0x700 [ 36.751176][ T32] dvb_usbv2_probe+0x55b/0x7d0 [ 36.755951][ T32] ? mark_held_locks+0x9f/0xe0 [ 36.760769][ T32] ? dvb_usb_fe_sleep+0x560/0x560 [ 36.765905][ T32] ? trace_hardirqs_on+0x5b/0x1a0 [ 36.771093][ T32] ? __pm_runtime_set_status+0x48a/0xc30 [ 36.776752][ T32] usb_probe_interface+0x315/0x7f0 [ 36.781924][ T32] ? usb_match_dynamic_id+0x1a0/0x1a0 [ 36.787320][ T32] really_probe+0x291/0xf60 [ 36.791872][ T32] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 36.798239][ T32] driver_probe_device+0x298/0x410 [ 36.803375][ T32] __device_attach_driver+0x203/0x2c0 [ 36.808866][ T32] ? driver_allows_async_probing+0x150/0x150 [ 36.814862][ T32] bus_for_each_drv+0x15f/0x1e0 [ 36.819769][ T32] ? bus_for_each_dev+0x1d0/0x1d0 [ 36.824951][ T32] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 36.831002][ T32] ? trace_hardirqs_on+0x5b/0x1a0 [ 36.836043][ T32] __device_attach+0x228/0x4b0 [ 36.840994][ T32] ? __driver_attach_async_helper+0x330/0x330 [ 36.847216][ T32] ? kobject_uevent_env+0x2bb/0x1650 [ 36.852570][ T32] bus_probe_device+0x1e4/0x290 [ 36.857458][ T32] device_add+0xbe0/0x2100 [ 36.861931][ T32] ? wait_for_completion_io+0x270/0x270 [ 36.867493][ T32] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 36.873804][ T32] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 36.879892][ T32] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 36.885735][ T32] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 36.892203][ T32] usb_set_configuration+0x113f/0x1910 [ 36.897704][ T32] usb_generic_driver_probe+0xba/0x100 [ 36.903329][ T32] usb_probe_device+0xd9/0x2c0 [ 36.908156][ T32] ? usb_driver_release_interface+0x180/0x180 [ 36.914335][ T32] really_probe+0x291/0xf60 [ 36.918888][ T32] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 36.925326][ T32] driver_probe_device+0x298/0x410 [ 36.930507][ T32] __device_attach_driver+0x203/0x2c0 [ 36.935977][ T32] ? driver_allows_async_probing+0x150/0x150 [ 36.942009][ T32] bus_for_each_drv+0x15f/0x1e0 [ 36.946897][ T32] ? bus_for_each_dev+0x1d0/0x1d0 [ 36.951970][ T32] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 36.958033][ T32] ? trace_hardirqs_on+0x5b/0x1a0 [ 36.963071][ T32] __device_attach+0x228/0x4b0 [ 36.967834][ T32] ? __driver_attach_async_helper+0x330/0x330 [ 36.973968][ T32] ? kobject_uevent_env+0x2bb/0x1650 [ 36.979342][ T32] bus_probe_device+0x1e4/0x290 [ 36.984314][ T32] device_add+0xbe0/0x2100 [ 36.988787][ T32] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 36.995054][ T32] ? kfree+0xdb/0x3b0 [ 36.999102][ T32] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 37.005465][ T32] usb_new_device.cold+0x721/0x1058 [ 37.011244][ T32] ? hub_disconnect+0x510/0x510 [ 37.016777][ T32] ? rwlock_bug.part.0+0x90/0x90 [ 37.021867][ T32] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 37.027883][ T32] hub_event+0x2357/0x4330 [ 37.032418][ T32] ? hub_port_debounce+0x3c0/0x3c0 [ 37.037535][ T32] ? lock_downgrade+0x3f1/0x6e0 [ 37.042451][ T32] ? __do_sys_prctl+0xbb0/0xfd0 [ 37.047318][ T32] ? lock_release+0x6f0/0x6f0 [ 37.052047][ T32] ? lock_downgrade+0x6e0/0x6e0 [ 37.056909][ T32] ? do_raw_spin_lock+0x120/0x2b0 [ 37.062195][ T32] process_one_work+0x98d/0x1580 [ 37.067155][ T32] ? pwq_dec_nr_in_flight+0x320/0x320 [ 37.072599][ T32] ? rwlock_bug.part.0+0x90/0x90 [ 37.077721][ T32] worker_thread+0x64c/0x1120 [ 37.082474][ T32] ? __kthread_parkme+0x118/0x1d0 [ 37.087505][ T32] ? process_one_work+0x1580/0x1580 [ 37.092908][ T32] kthread+0x38c/0x460 [ 37.096996][ T32] ? _raw_spin_unlock_irq+0x1f/0x30 [ 37.102256][ T32] ? __kthread_bind_mask+0xc0/0xc0 [ 37.107382][ T32] ret_from_fork+0x1f/0x30 [ 37.111852][ T32] Kernel panic - not syncing: panic_on_warn set ... [ 37.118468][ T32] CPU: 1 PID: 32 Comm: kworker/1:1 Not tainted 5.13.0-rc2-syzkaller #0 [ 37.126811][ T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 37.136856][ T32] Workqueue: usb_hub_wq hub_event [ 37.141875][ T32] Call Trace: [ 37.145225][ T32] dump_stack+0x143/0x1db [ 37.149551][ T32] panic+0x306/0x73d [ 37.153446][ T32] ? __warn_printk+0xf3/0xf3 [ 37.158046][ T32] ? __warn.cold+0x1a/0x44 [ 37.162456][ T32] ? usb_submit_urb+0x14aa/0x1830 [ 37.167482][ T32] __warn.cold+0x35/0x44 [ 37.171716][ T32] ? irq_work_queue+0x4c/0x60 [ 37.176479][ T32] ? usb_submit_urb+0x14aa/0x1830 [ 37.181585][ T32] report_bug+0x1bd/0x210 [ 37.186009][ T32] handle_bug+0x3c/0x60 [ 37.190153][ T32] exc_invalid_op+0x14/0x40 [ 37.194650][ T32] asm_exc_invalid_op+0x12/0x20 [ 37.199491][ T32] RIP: 0010:usb_submit_urb+0x14aa/0x1830 [ 37.205234][ T32] Code: 84 4c 01 00 00 e8 a6 14 b3 fd 4c 89 f7 e8 4e a7 1b ff 45 89 e8 44 89 e1 48 89 ea 48 89 c6 48 c7 c7 c0 09 63 86 e8 18 f1 fb 01 <0f> 0b 49 8d 4f 5c 48 b8 00 00 00 00 00 fc ff df 48 89 ca 48 89 4c [ 37.225002][ T32] RSP: 0018:ffffc900001a6d50 EFLAGS: 00010286 [ 37.231065][ T32] RAX: 0000000000000000 RBX: ffff88811ab8a058 RCX: 0000000000000000 [ 37.239125][ T32] RDX: ffff888107fc0000 RSI: ffffffff812a6013 RDI: fffff52000034d9c [ 37.247099][ T32] RBP: ffff88810e79f7a8 R08: 0000000000000001 R09: 0000000000000000 [ 37.255112][ T32] R10: ffffffff814b996b R11: 0000000000000000 R12: 0000000080000280 [ 37.263424][ T32] R13: 00000000000000c0 R14: ffff88811ab8a0a8 R15: ffff8881097a2500 [ 37.271393][ T32] ? __irq_work_queue_local+0xbb/0xf0 [ 37.276862][ T32] ? vprintk+0x93/0x1c0 [ 37.281002][ T32] usb_start_wait_urb+0x101/0x4c0 [ 37.286013][ T32] ? lock_downgrade+0x6e0/0x6e0 [ 37.290880][ T32] ? usb_api_blocking_completion+0xa0/0xa0 [ 37.296688][ T32] ? memset+0x20/0x40 [ 37.300653][ T32] usb_control_msg+0x31c/0x4a0 [ 37.305416][ T32] ? usb_start_wait_urb+0x4c0/0x4c0 [ 37.310597][ T32] ? bus_probe_device+0x1e4/0x290 [ 37.315612][ T32] ? device_add+0xbe0/0x2100 [ 37.320187][ T32] ? usb_new_device.cold+0x721/0x1058 [ 37.325652][ T32] ? hub_event+0x2357/0x4330 [ 37.330251][ T32] ? process_one_work+0x98d/0x1580 [ 37.335634][ T32] ? worker_thread+0x64c/0x1120 [ 37.340470][ T32] ? kthread+0x38c/0x460 [ 37.345191][ T32] ? ret_from_fork+0x1f/0x30 [ 37.349780][ T32] rtl28xxu_ctrl_msg+0x4b7/0x700 [ 37.354800][ T32] ? lock_downgrade+0x6e0/0x6e0 [ 37.359651][ T32] ? mark_held_locks+0x9f/0xe0 [ 37.364412][ T32] rtl28xxu_identify_state+0xb6/0x320 [ 37.369795][ T32] ? rtl28xxu_ctrl_msg+0x700/0x700 [ 37.375022][ T32] ? rtl28xxu_ctrl_msg+0x700/0x700 [ 37.380151][ T32] dvb_usbv2_probe+0x55b/0x7d0 [ 37.384946][ T32] ? mark_held_locks+0x9f/0xe0 [ 37.389707][ T32] ? dvb_usb_fe_sleep+0x560/0x560 [ 37.394775][ T32] ? trace_hardirqs_on+0x5b/0x1a0 [ 37.399791][ T32] ? __pm_runtime_set_status+0x48a/0xc30 [ 37.405425][ T32] usb_probe_interface+0x315/0x7f0 [ 37.410545][ T32] ? usb_match_dynamic_id+0x1a0/0x1a0 [ 37.415905][ T32] really_probe+0x291/0xf60 [ 37.420397][ T32] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 37.426628][ T32] driver_probe_device+0x298/0x410 [ 37.431727][ T32] __device_attach_driver+0x203/0x2c0 [ 37.437182][ T32] ? driver_allows_async_probing+0x150/0x150 [ 37.443249][ T32] bus_for_each_drv+0x15f/0x1e0 [ 37.448211][ T32] ? bus_for_each_dev+0x1d0/0x1d0 [ 37.453243][ T32] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 37.459227][ T32] ? trace_hardirqs_on+0x5b/0x1a0 [ 37.464260][ T32] __device_attach+0x228/0x4b0 [ 37.469012][ T32] ? __driver_attach_async_helper+0x330/0x330 [ 37.475074][ T32] ? kobject_uevent_env+0x2bb/0x1650 [ 37.480350][ T32] bus_probe_device+0x1e4/0x290 [ 37.485207][ T32] device_add+0xbe0/0x2100 [ 37.489621][ T32] ? wait_for_completion_io+0x270/0x270 [ 37.495175][ T32] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 37.501422][ T32] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 37.507397][ T32] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 37.513214][ T32] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 37.519464][ T32] usb_set_configuration+0x113f/0x1910 [ 37.524919][ T32] usb_generic_driver_probe+0xba/0x100 [ 37.530364][ T32] usb_probe_device+0xd9/0x2c0 [ 37.535117][ T32] ? usb_driver_release_interface+0x180/0x180 [ 37.541182][ T32] really_probe+0x291/0xf60 [ 37.545688][ T32] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 37.552274][ T32] driver_probe_device+0x298/0x410 [ 37.557401][ T32] __device_attach_driver+0x203/0x2c0 [ 37.562869][ T32] ? driver_allows_async_probing+0x150/0x150 [ 37.568860][ T32] bus_for_each_drv+0x15f/0x1e0 [ 37.573715][ T32] ? bus_for_each_dev+0x1d0/0x1d0 [ 37.578741][ T32] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 37.584714][ T32] ? trace_hardirqs_on+0x5b/0x1a0 [ 37.589744][ T32] __device_attach+0x228/0x4b0 [ 37.594600][ T32] ? __driver_attach_async_helper+0x330/0x330 [ 37.600655][ T32] ? kobject_uevent_env+0x2bb/0x1650 [ 37.605941][ T32] bus_probe_device+0x1e4/0x290 [ 37.610793][ T32] device_add+0xbe0/0x2100 [ 37.615214][ T32] ? __fw_devlink_link_to_suppliers+0x5e0/0x5e0 [ 37.621455][ T32] ? kfree+0xdb/0x3b0 [ 37.625606][ T32] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 37.632034][ T32] usb_new_device.cold+0x721/0x1058 [ 37.637230][ T32] ? hub_disconnect+0x510/0x510 [ 37.642099][ T32] ? rwlock_bug.part.0+0x90/0x90 [ 37.647030][ T32] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 37.653003][ T32] hub_event+0x2357/0x4330 [ 37.657417][ T32] ? hub_port_debounce+0x3c0/0x3c0 [ 37.662522][ T32] ? lock_downgrade+0x3f1/0x6e0 [ 37.667366][ T32] ? __do_sys_prctl+0xbb0/0xfd0 [ 37.672217][ T32] ? lock_release+0x6f0/0x6f0 [ 37.676898][ T32] ? lock_downgrade+0x6e0/0x6e0 [ 37.681738][ T32] ? do_raw_spin_lock+0x120/0x2b0 [ 37.686761][ T32] process_one_work+0x98d/0x1580 [ 37.691685][ T32] ? pwq_dec_nr_in_flight+0x320/0x320 [ 37.697215][ T32] ? rwlock_bug.part.0+0x90/0x90 [ 37.702382][ T32] worker_thread+0x64c/0x1120 [ 37.707074][ T32] ? __kthread_parkme+0x118/0x1d0 [ 37.712143][ T32] ? process_one_work+0x1580/0x1580 [ 37.717334][ T32] kthread+0x38c/0x460 [ 37.721411][ T32] ? _raw_spin_unlock_irq+0x1f/0x30 [ 37.726595][ T32] ? __kthread_bind_mask+0xc0/0xc0 [ 37.731699][ T32] ret_from_fork+0x1f/0x30 [ 37.737673][ T32] Kernel Offset: disabled [ 37.742398][ T32] Rebooting in 86400 seconds..