[ OK ] Started Getty on tty5. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty1. [ OK ] Started OpenBSD Secure Shell server. Warning: Permanently added '10.128.0.85' (ECDSA) to the list of known hosts. executing program [* ] A start job is running for dev-ttyS0.device (8s / 1min 30s)[** ] A start job is running for dev-ttyS0.device (8s / 1min 30s)[*** ] A start job is running for dev-ttyS0.device (9s / 1min 30s)[ *** ] A start job is running for dev-ttyS0.device (9s / 1min 30s)[ *** ] A start job is running for dev-ttyS0.device (10s / 1min 30s)[ ***] A start job is running for dev-ttyS0.device (10s / 1min 30s)[ **] A start job is running for dev-ttyS0.device (11s / 1min 30s)[ *] A start job is running for dev-ttyS0.device (11s / 1min 30s)[ **] A start job is running for dev-ttyS0.device (12s / 1min 30s)[ ***] A start job is running for dev-ttyS0.device (12s / 1min 30s)[ *** ] A start job is running for dev-ttyS0.device (13s / 1min 30s)[ *** ] A start job is running for dev-ttyS0.device (13s / 1min 30s)[*** ] A start job is running for dev-ttyS0.device (14s / 1min 30s)[** ] A start job is running for dev-ttyS0.device (14s / 1min 30s)[* ] A start job is running for dev-ttyS0.device (15s / 1min 30s)[ 22.565562][ T22] audit: type=1400 audit(1607985265.304:8): avc: denied { execmem } for pid=370 comm="syz-executor353" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 22.833841][ T67] usb 1-1: new high-speed USB device number 2 using dummy_hcd [** ] A start job is running for dev-ttyS0.device (15s / 1min 30s)[ 23.072169][ T67] usb 1-1: Using ep0 maxpacket: 8 [ 23.191348][ T67] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 23.202345][ T67] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 23.212731][ T67] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 23.225874][ T67] usb 1-1: New USB device found, idVendor=11c0, idProduct=5506, bcdDevice= 0.00 [ 23.235179][ T67] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 23.244029][ T67] usb 1-1: config 0 descriptor?? [*** ] A start job is running for dev-ttyS0.device (16s / 1min 30s)[ 23.719941][ T67] betop 0003:11C0:5506.0001: hidraw0: USB HID v0.00 Device [HID 11c0:5506] on usb-dummy_hcd.0-1/input0 [ 23.731012][ T67] ================================================================== [ 23.739058][ T67] BUG: KASAN: use-after-free in betop_probe+0x3d4/0x5c0 [ 23.745982][ T67] Write of size 8 at addr ffff8881e9519440 by task kworker/1:1/67 [ 23.753752][ T67] [ 23.756059][ T67] CPU: 1 PID: 67 Comm: kworker/1:1 Not tainted 5.4.83-syzkaller-00109-g2149aa11b029 #0 [ 23.765662][ T67] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 23.775698][ T67] Workqueue: usb_hub_wq hub_event [ 23.780689][ T67] Call Trace: [ 23.783951][ T67] dump_stack+0x1dd/0x24e [ 23.788249][ T67] ? usb_probe_interface+0x631/0xad0 [ 23.793501][ T67] ? really_probe+0x754/0x1120 [ 23.798233][ T67] ? show_regs_print_info+0x12/0x12 [ 23.803398][ T67] ? printk+0xcf/0x114 [ 23.807525][ T67] print_address_description+0x96/0x640 [ 23.813038][ T67] ? devkmsg_release+0x11c/0x11c [ 23.817943][ T67] __kasan_report+0x177/0x1f0 [ 23.822601][ T67] ? betop_probe+0x3d4/0x5c0 [ 23.827182][ T67] kasan_report+0x30/0x60 [ 23.831490][ T67] check_memory_region+0x2b5/0x2f0 [ 23.836566][ T67] betop_probe+0x3d4/0x5c0 [ 23.840952][ T67] hid_device_probe+0x27a/0x420 [ 23.845771][ T67] really_probe+0x70f/0x1120 [ 23.850345][ T67] driver_probe_device+0xe6/0x230 [ 23.855351][ T67] ? coredump_store+0x90/0x90 [ 23.860000][ T67] bus_for_each_drv+0x17a/0x200 [ 23.864907][ T67] ? subsys_find_device_by_id+0x330/0x330