         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.
[   13.040617][    C1] random: crng init done
[   13.044891][    C1] random: 7 urandom warning(s) missed due to ratelimiting

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.142' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   19.976150][  T158] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   20.185393][  T158] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   20.196439][  T158] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   20.206248][  T158] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   20.219124][  T158] usb 1-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[   20.228210][  T158] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   20.238461][  T158] usb 1-1: config 0 descriptor??
[   20.718243][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.725271][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.732177][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.739149][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.746107][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.752949][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.759849][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.766798][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.773663][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.780569][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.790303][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.797213][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.804079][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.811013][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.817948][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.824859][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.831735][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.838655][  T158] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[   20.847946][  T158] betop 0003:20BC:5500.0001: hidraw0: USB HID v0.00 Device [HID 20bc:5500] on usb-dummy_hcd.0-1/input0
[   20.859231][  T158] ==================================================================
[   20.867462][  T158] BUG: KASAN: slab-out-of-bounds in betop_probe+0x396/0x570
[   20.874738][  T158] Write of size 8 at addr ffff8881d01209c0 by task kworker/1:3/158
[   20.883153][  T158] 
[   20.885470][  T158] CPU: 1 PID: 158 Comm: kworker/1:3 Not tainted 5.7.0-rc1-syzkaller #0
[   20.893681][  T158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   20.903829][  T158] Workqueue: usb_hub_wq hub_event
[   20.908829][  T158] Call Trace:
[   20.912101][  T158]  dump_stack+0xef/0x16e
[   20.916323][  T158]  print_address_description.constprop.0.cold+0xd3/0x314
[   20.923318][  T158]  ? betop_probe+0x396/0x570
[   20.927882][  T158]  __kasan_report.cold+0x37/0x92
[   20.933594][  T158]  ? betop_probe+0x396/0x570
[   20.938158][  T158]  ? betop_probe+0x396/0x570
[   20.942723][  T158]  kasan_report+0x33/0x50
[   20.947038][  T158]  check_memory_region+0x173/0x1d0
[   20.952119][  T158]  betop_probe+0x396/0x570
[   20.956509][  T158]  ? belkin_probe.cold+0x3c/0x3c
[   20.961420][  T158]  hid_device_probe+0x2be/0x3f0
[   20.966427][  T158]  ? hid_match_device+0x1f0/0x1f0
[   20.971435][  T158]  really_probe+0x290/0xac0
[   20.975925][  T158]  driver_probe_device+0x223/0x350
[   20.981010][  T158]  __device_attach_driver+0x1d1/0x290
[   20.986355][  T158]  ? driver_allows_async_probing+0x160/0x160
[   20.992306][  T158]  bus_for_each_drv+0x162/0x1e0
[   20.997141][  T158]  ? bus_rescan_devices+0x20/0x20
[   21.002138][  T158]  ? _raw_spin_unlock_irqrestore+0x39/0x40
[   21.007939][  T158]  ? lockdep_hardirqs_on+0x3c7/0x5d0
[   21.013220][  T158]  __device_attach+0x21a/0x390
[   21.017970][  T158]  ? device_bind_driver+0xd0/0xd0
[   21.022975][  T158]  bus_probe_device+0x1e4/0x290
[   21.027814][  T158]  device_add+0x1367/0x1c20
[   21.032303][  T158]  ? device_link_remove+0x110/0x110
[   21.037479][  T158]  ? __debugfs_create_file+0x31f/0x400
[   21.042925][  T158]  hid_add_device+0x33c/0x9a0
[   21.047824][  T158]  ? debug_object_fixup+0x30/0x30
[   21.052917][  T158]  ? __hid_bus_reprobe_drivers+0x130/0x130
[   21.058706][  T158]  ? lockdep_init_map_waits+0x26a/0x7c0
[   21.064235][  T158]  usbhid_probe+0xa8c/0xfa0
[   21.068728][  T158]  usb_probe_interface+0x310/0x800
[   21.073822][  T158]  ? usb_probe_device+0x230/0x230
[   21.078827][  T158]  really_probe+0x290/0xac0
[   21.083306][  T158]  driver_probe_device+0x223/0x350
[   21.088411][  T158]  __device_attach_driver+0x1d1/0x290
[   21.093776][  T158]  ? driver_allows_async_probing+0x160/0x160
[   21.099749][  T158]  bus_for_each_drv+0x162/0x1e0
[   21.104625][  T158]  ? bus_rescan_devices+0x20/0x20
[   21.109742][  T158]  ? _raw_spin_unlock_irqrestore+0x39/0x40
[   21.115582][  T158]  ? lockdep_hardirqs_on+0x3c7/0x5d0
[   21.120856][  T158]  __device_attach+0x21a/0x390
[   21.125605][  T158]  ? device_bind_driver+0xd0/0xd0
[   21.130625][  T158]  bus_probe_device+0x1e4/0x290
[   21.135470][  T158]  device_add+0x1367/0x1c20
[   21.139971][  T158]  ? wait_for_completion+0x280/0x280
[   21.145246][  T158]  ? device_link_remove+0x110/0x110
[   21.150668][  T158]  ? _raw_spin_unlock_irqrestore+0x39/0x40
[   21.156488][  T158]  usb_set_configuration+0xed4/0x1850
[   21.161843][  T158]  usb_generic_driver_probe+0x9d/0xe0
[   21.167195][  T158]  usb_probe_device+0xd9/0x230
[   21.172043][  T158]  ? usb_suspend+0x600/0x600
[   21.176610][  T158]  really_probe+0x290/0xac0
[   21.181104][  T158]  driver_probe_device+0x223/0x350
[   21.186198][  T158]  __device_attach_driver+0x1d1/0x290
[   21.191560][  T158]  ? driver_allows_async_probing+0x160/0x160
[   21.197515][  T158]  bus_for_each_drv+0x162/0x1e0
[   21.202343][  T158]  ? bus_rescan_devices+0x20/0x20
[   21.207358][  T158]  ? _raw_spin_unlock_irqrestore+0x39/0x40
[   21.213138][  T158]  ? lockdep_hardirqs_on+0x3c7/0x5d0
[   21.218404][  T158]  __device_attach+0x21a/0x390
[   21.223609][  T158]  ? device_bind_driver+0xd0/0xd0
[   21.228741][  T158]  bus_probe_device+0x1e4/0x290
[   21.233591][  T158]  device_add+0x1367/0x1c20
[   21.239045][  T158]  ? device_link_remove+0x110/0x110
[   21.244234][  T158]  usb_new_device.cold+0x540/0xcd0
[   21.249320][  T158]  hub_event+0x21cb/0x4300
[   21.253711][  T158]  ? hub_port_debounce+0x350/0x350
[   21.258800][  T158]  ? umh_clean_and_save_pid+0x1/0xd0
[   21.264061][  T158]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   21.269580][  T158]  ? rcu_read_lock_bh_held+0xb0/0xb0
[   21.274851][  T158]  ? _raw_spin_unlock_irq+0x1f/0x30
[   21.280032][  T158]  process_one_work+0x965/0x1630
[   21.284947][  T158]  ? lock_release+0x720/0x720
[   21.289596][  T158]  ? pwq_dec_nr_in_flight+0x310/0x310
[   21.294940][  T158]  ? rwlock_bug.part.0+0x90/0x90
[   21.299850][  T158]  worker_thread+0x96/0xe20
[   21.304327][  T158]  ? process_one_work+0x1630/0x1630
[   21.309499][  T158]  kthread+0x326/0x430
[   21.313652][  T158]  ? kthread_create_on_node+0xf0/0xf0
[   21.318997][  T158]  ret_from_fork+0x24/0x30
[   21.323383][  T158] 
[   21.325698][  T158] Allocated by task 158:
[   21.329942][  T158]  save_stack+0x1b/0x40
[   21.334072][  T158]  __kasan_kmalloc.constprop.0+0xbf/0xd0
[   21.339678][  T158]  hidraw_connect+0x4b/0x3f0
[   21.344239][  T158]  hid_connect+0x5cd/0xbc0
[   21.348639][  T158]  hid_hw_start+0xa2/0x130
[   21.353038][  T158]  betop_probe+0xbc/0x570
[   21.357354][  T158]  hid_device_probe+0x2be/0x3f0
[   21.362179][  T158]  really_probe+0x290/0xac0
[   21.367019][  T158]  driver_probe_device+0x223/0x350
[   21.372123][  T158]  __device_attach_driver+0x1d1/0x290
[   21.377475][  T158]  bus_for_each_drv+0x162/0x1e0
[   21.382301][  T158]  __device_attach+0x21a/0x390
[   21.387053][  T158]  bus_probe_device+0x1e4/0x290
[   21.391899][  T158]  device_add+0x1367/0x1c20
[   21.396390][  T158]  hid_add_device+0x33c/0x9a0
[   21.401651][  T158]  usbhid_probe+0xa8c/0xfa0
[   21.406676][  T158]  usb_probe_interface+0x310/0x800
[   21.415699][  T158]  really_probe+0x290/0xac0
[   21.420182][  T158]  driver_probe_device+0x223/0x350
[   21.425267][  T158]  __device_attach_driver+0x1d1/0x290
[   21.430618][  T158]  bus_for_each_drv+0x162/0x1e0
[   21.435443][  T158]  __device_attach+0x21a/0x390
[   21.440179][  T158]  bus_probe_device+0x1e4/0x290
[   21.445023][  T158]  device_add+0x1367/0x1c20
[   21.449499][  T158]  usb_set_configuration+0xed4/0x1850
[   21.454845][  T158]  usb_generic_driver_probe+0x9d/0xe0
[   21.460201][  T158]  usb_probe_device+0xd9/0x230
[   21.464938][  T158]  really_probe+0x290/0xac0
[   21.469427][  T158]  driver_probe_device+0x223/0x350
[   21.474510][  T158]  __device_attach_driver+0x1d1/0x290
[   21.479853][  T158]  bus_for_each_drv+0x162/0x1e0
[   21.484689][  T158]  __device_attach+0x21a/0x390
[   21.489426][  T158]  bus_probe_device+0x1e4/0x290
[   21.494248][  T158]  device_add+0x1367/0x1c20
[   21.498730][  T158]  usb_new_device.cold+0x540/0xcd0
[   21.503825][  T158]  hub_event+0x21cb/0x4300
[   21.508228][  T158]  process_one_work+0x965/0x1630
[   21.513144][  T158]  worker_thread+0x96/0xe20
[   21.517621][  T158]  kthread+0x326/0x430
[   21.521661][  T158]  ret_from_fork+0x24/0x30
[   21.526043][  T158] 
[   21.528343][  T158] Freed by task 9:
[   21.532038][  T158]  save_stack+0x1b/0x40
[   21.536176][  T158]  __kasan_slab_free+0x117/0x160
[   21.541085][  T158]  kfree+0xd5/0x300
[   21.544866][  T158]  __put_seccomp_filter+0xb3/0xf0
[   21.549877][  T158]  free_task+0x76/0x110
[   21.554018][  T158]  __put_task_struct+0x220/0x520
[   21.558937][  T158]  delayed_put_task_struct+0x22a/0x370
[   21.564380][  T158]  rcu_core+0x5ae/0x1ba0
[   21.568604][  T158]  __do_softirq+0x21e/0x9aa
[   21.573073][  T158] 
[   21.575389][  T158] The buggy address belongs to the object at ffff8881d0120900
[   21.575389][  T158]  which belongs to the cache kmalloc-192 of size 192
[   21.589434][  T158] The buggy address is located 0 bytes to the right of
[   21.589434][  T158]  192-byte region [ffff8881d0120900, ffff8881d01209c0)
[   21.603029][  T158] The buggy address belongs to the page:
[   21.608655][  T158] page:ffffea0007404800 refcount:1 mapcount:0 mapping:00000000f1adcf10 index:0x0
[   21.617753][  T158] flags: 0x200000000000200(slab)
[   21.622675][  T158] raw: 0200000000000200 ffffea000748d080 0000000a0000000a ffff8881da002a00
[   21.631364][  T158] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   21.639986][  T158] page dumped because: kasan: bad access detected
[   21.646742][  T158] 
[   21.649045][  T158] Memory state around the buggy address:
[   21.654662][  T158]  ffff8881d0120880: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   21.662695][  T158]  ffff8881d0120900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.670741][  T158] >ffff8881d0120980: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   21.678791][  T158]                                            ^
[   21.684918][  T158]  ffff8881d0120a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.692951][  T158]  ffff8881d0120a80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   21.701015][  T158] ==================================================================
[   21.709059][  T158] Disabling lock debugging due to kernel taint
[   21.715292][  T158] Kernel panic - not syncing: panic_on_warn set ...
[