Warning: Permanently added '10.128.1.41' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 24.868372][ T12] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 25.107913][ T12] usb 1-1: Using ep0 maxpacket: 32
[ 25.228045][ T12] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 25.237924][ T12] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 173, changing to 11
[ 25.249440][ T12] usb 1-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4
[ 25.262440][ T12] usb 1-1: New USB device found, idVendor=1509, idProduct=9242, bcdDevice=fb.5c
[ 25.271774][ T12] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 25.281366][ T12] usb 1-1: config 0 descriptor??
[ 25.320251][ T12] Registered IR keymap rc-rc6-mce
[ 25.368052][ T12] rc_core: Loaded IR protocol module ir-rc6-decoder, but protocol rc-6 still not available
[ 25.378496][ T12] mceusb 1-1:0.0: send request FAILED! (res=-90)
[ 25.408009][ T12] mceusb 1-1:0.0: send request FAILED! (res=-90)
[ 25.439336][ T12] rc rc0: Media Center Ed. eHome Infrared Remote Transceiver (1509:9242) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[ 25.453874][ T12] input: Media Center Ed. eHome Infrared Remote Transceiver (1509:9242) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input5
[ 25.470217][ T12] mceusb 1-1:0.0: send request FAILED! (res=-90)
[ 25.498014][ T12] mceusb 1-1:0.0: send request FAILED! (res=-90)
[ 25.528078][ C0] ==================================================================
[ 25.536306][ C0] BUG: KASAN: slab-out-of-bounds in mceusb_dev_recv+0x1028/0x12e0
[ 25.544403][ C0] Read of size 1 at addr ffff8881d5178c40 by task swapper/0/0
[ 25.551946][ C0]
[ 25.554407][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.3.0-rc5+ #28
[ 25.562090][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 25.572138][ C0] Call Trace:
[ 25.575413][ C0]
[ 25.578297][ C0] dump_stack+0xca/0x13e
[ 25.582572][ C0] ? mceusb_dev_recv+0x1028/0x12e0
[ 25.587716][ C0] ? mceusb_dev_recv+0x1028/0x12e0
[ 25.592826][ C0] print_address_description+0x6a/0x32c
[ 25.598407][ C0] ? mceusb_dev_recv+0x1028/0x12e0
[ 25.603693][ C0] ? mceusb_dev_recv+0x1028/0x12e0
[ 25.608784][ C0] __kasan_report.cold+0x1a/0x33
[ 25.613722][ C0] ? ir_raw_event_store_with_filter+0x200/0x580
[ 25.619943][ C0] ? mceusb_dev_recv+0x1028/0x12e0
[ 25.625141][ C0] kasan_report+0xe/0x12
[ 25.629376][ C0] mceusb_dev_recv+0x1028/0x12e0
[ 25.634311][ C0] ? mceusb_set_timeout+0x110/0x110
[ 25.639507][ C0] ? do_raw_read_unlock+0x3b/0x70
[ 25.644526][ C0] ? _raw_read_unlock+0x1f/0x30
[ 25.649362][ C0] __usb_hcd_giveback_urb+0x1f2/0x470
[ 25.654893][ C0] usb_hcd_giveback_urb+0x368/0x420
[ 25.660091][ C0] dummy_timer+0x120f/0x2fa2
[ 25.664704][ C0] ? lock_acquire+0x127/0x320
[ 25.669461][ C0] ? dummy_udc_probe+0x930/0x930
[ 25.674528][ C0] call_timer_fn+0x179/0x650
[ 25.679106][ C0] ? dummy_udc_probe+0x930/0x930
[ 25.684036][ C0] ? msleep_interruptible+0x130/0x130
[ 25.689409][ C0] ? do_raw_spin_lock+0x11a/0x280
[ 25.694619][ C0] ? _raw_spin_unlock_irq+0x24/0x30
[ 25.699948][ C0] ? dummy_udc_probe+0x930/0x930
[ 25.704887][ C0] run_timer_softirq+0x5cc/0x14b0
[ 25.709954][ C0] ? add_timer+0x7a0/0x7a0
[ 25.714372][ C0] ? ktime_get+0x162/0x1c0
[ 25.718771][ C0] ? lapic_next_event+0x4d/0x80
[ 25.723616][ C0] __do_softirq+0x221/0x912
[ 25.728108][ C0] irq_exit+0x178/0x1a0
[ 25.732269][ C0] smp_apic_timer_interrupt+0x12f/0x500
[ 25.737805][ C0] apic_timer_interrupt+0xf/0x20
[ 25.742722][ C0]
[ 25.745761][ C0] RIP: 0010:default_idle+0x28/0x2e0
[ 25.750960][ C0] Code: 90 90 41 56 41 55 65 44 8b 2d 64 fa 93 7a 41 54 55 53 0f 1f 44 00 00 e8 96 6a d5 fb e9 07 00 00 00 0f 00 2d 3a a0 54 00 fb f4 <65> 44 8b 2d 40 fa 93 7a 0f 1f 44 00 00 5b 5d 41 5c 41 5d 41 5e c3
[ 25.770658][ C0] RSP: 0018:ffffffff86c07da8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[ 25.779070][ C0] RAX: 0000000000000007 RBX: ffffffff86c2b200 RCX: 0000000000000000
[ 25.787044][ C0] RDX: 0000000000000000 RSI: 0000000000000006 RDI: ffffffff86c2ba44
[ 25.795441][ C0] RBP: fffffbfff0d85640 R08: ffffffff86c2b200 R09: 0000000000000000
[ 25.803398][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 25.811365][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 25.819382][ C0] ? default_idle+0x1a/0x2e0
[ 25.824006][ C0] do_idle+0x3c2/0x4f0
[ 25.828069][ C0] ? arch_cpu_idle_exit+0x40/0x40
[ 25.833079][ C0] ? schedule+0xae/0x250
[ 25.837300][ C0] cpu_startup_entry+0x14/0x20
[ 25.842046][ C0] start_kernel+0x838/0x872
[ 25.846542][ C0] ? mem_encrypt_init+0x5/0x5
[ 25.851220][ C0] ? x86_family+0x3d/0x50
[ 25.855545][ C0] ? load_ucode_bsp+0x23d/0x27d
[ 25.860397][ C0] secondary_startup_64+0xa4/0xb0
[ 25.865408][ C0]
[ 25.867726][ C0] Allocated by task 12:
[ 25.871871][ C0] save_stack+0x1b/0x80
[ 25.876008][ C0] __kasan_kmalloc.constprop.0+0xbf/0xd0
[ 25.881829][ C0] hcd_buffer_alloc+0x1bf/0x260
[ 25.886662][ C0] usb_alloc_coherent+0x5d/0x80
[ 25.891578][ C0] mceusb_dev_probe+0x714/0x2f20
[ 25.896516][ C0] usb_probe_interface+0x305/0x7a0
[ 25.901708][ C0] really_probe+0x281/0x6d0
[ 25.906203][ C0] driver_probe_device+0x101/0x1b0
[ 25.911303][ C0] __device_attach_driver+0x1c2/0x220
[ 25.916892][ C0] bus_for_each_drv+0x162/0x1e0
[ 25.921730][ C0] __device_attach+0x217/0x360
[ 25.926478][ C0] bus_probe_device+0x1e4/0x290
[ 25.931327][ C0] device_add+0xae6/0x16f0
[ 25.935735][ C0] usb_set_configuration+0xdf6/0x1670
[ 25.941088][ C0] generic_probe+0x9d/0xd5
[ 25.945489][ C0] usb_probe_device+0x99/0x100
[ 25.950249][ C0] really_probe+0x281/0x6d0
[ 25.954735][ C0] driver_probe_device+0x101/0x1b0
[ 25.959835][ C0] __device_attach_driver+0x1c2/0x220
[ 25.965418][ C0] bus_for_each_drv+0x162/0x1e0
[ 25.970334][ C0] __device_attach+0x217/0x360
[ 25.975097][ C0] bus_probe_device+0x1e4/0x290
[ 25.979944][ C0] device_add+0xae6/0x16f0
[ 25.984399][ C0] usb_new_device.cold+0x6a4/0xe79
[ 25.989565][ C0] hub_event+0x1b5c/0x3640
[ 25.993987][ C0] process_one_work+0x92b/0x1530
[ 25.998927][ C0] worker_thread+0x96/0xe20
[ 26.003421][ C0] kthread+0x318/0x420
[ 26.007558][ C0] ret_from_fork+0x24/0x30
[ 26.012042][ C0]
[ 26.014474][ C0] Freed by task 1:
[ 26.018240][ C0] save_stack+0x1b/0x80
[ 26.022420][ C0] __kasan_slab_free+0x130/0x180
[ 26.027347][ C0] kfree+0xe4/0x2f0
[ 26.031151][ C0] kobject_put+0x171/0x280
[ 26.035548][ C0] bus_remove_driver+0x125/0x22a
[ 26.040465][ C0] driver_unregister+0x73/0xb0
[ 26.045230][ C0] eeepc_laptop_init+0x8c/0x98
[ 26.049993][ C0] do_one_initcall+0xf0/0x614
[ 26.054656][ C0] kernel_init_freeable+0x4a9/0x596
[ 26.059841][ C0] kernel_init+0xd/0x1bf
[ 26.064065][ C0] ret_from_fork+0x24/0x30
[ 26.068461][ C0]
[ 26.070950][ C0] The buggy address belongs to the object at ffff8881d5178b40
[ 26.070950][ C0] which belongs to the cache kmalloc-256 of size 256
[ 26.084997][ C0] The buggy address is located 0 bytes to the right of
[ 26.084997][ C0] 256-byte region [ffff8881d5178b40, ffff8881d5178c40)
[ 26.098605][ C0] The buggy address belongs to the page:
[ 26.104222][ C0] page:ffffea0007545e00 refcount:1 mapcount:0 mapping:ffff8881da002780 index:0x0
[ 26.113856][ C0] flags: 0x200000000000200(slab)
[ 26.118836][ C0] raw: 0200000000000200 ffffea00075590c0 0000000a0000000a ffff8881da002780
[ 26.127431][ C0] raw: 0000000000000000 00000000000c000c 00000001ffffffff 0000000000000000
[ 26.136054][ C0] page dumped because: kasan: bad access detected
[ 26.142463][ C0]
[ 26.144773][ C0] Memory state around the buggy address:
[ 26.150613][ C0] ffff8881d5178b00: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[ 26.158767][ C0] ffff8881d5178b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 26.166814][ C0] >ffff8881d5178c00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 26.174864][ C0] ^
[ 26.181086][ C0] ffff8881d5178c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 26.189413][ C0] ffff8881d5178d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 26.197474][ C0] ==================================================================
[ 26.205528][ C0] Disabling lock debugging due to kernel taint
[ 26.211668][ C0] Kernel panic - not syncing: panic_on_warn set ...
[ 26.218258][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G B 5.3.0-rc5+ #28
[ 26.226881][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 26.236926][ C0] Call Trace:
[ 26.240241][ C0]
[ 26.243113][ C0] dump_stack+0xca/0x13e
[ 26.247892][ C0] panic+0x2a3/0x6da
[ 26.251767][ C0] ? add_taint.cold+0x16/0x16
[ 26.256427][ C0] ? print_shadow_for_address+0xb8/0x114
[ 26.262231][ C0] ? trace_hardirqs_off+0x50/0x1d0
[ 26.267911][ C0] ? mceusb_dev_recv+0x1028/0x12e0
[ 26.273012][ C0] end_report+0x43/0x49
[ 26.277159][ C0] ? mceusb_dev_recv+0x1028/0x12e0
[ 26.282302][ C0] __kasan_report.cold+0xd/0x33
[ 26.287142][ C0] ? ir_raw_event_store_with_filter+0x200/0x580
[ 26.293378][ C0] ? mceusb_dev_recv+0x1028/0x12e0
[ 26.298524][ C0] kasan_report+0xe/0x12
[ 26.302760][ C0] mceusb_dev_recv+0x1028/0x12e0
[ 26.307721][ C0] ? mceusb_set_timeout+0x110/0x110
[ 26.312916][ C0] ? do_raw_read_unlock+0x3b/0x70
[ 26.318106][ C0] ? _raw_read_unlock+0x1f/0x30
[ 26.322947][ C0] __usb_hcd_giveback_urb+0x1f2/0x470
[ 26.328318][ C0] usb_hcd_giveback_urb+0x368/0x420
[ 26.333661][ C0] dummy_timer+0x120f/0x2fa2
[ 26.338256][ C0] ? lock_acquire+0x127/0x320
[ 26.343028][ C0] ? dummy_udc_probe+0x930/0x930
[ 26.347954][ C0] call_timer_fn+0x179/0x650
[ 26.352526][ C0] ? dummy_udc_probe+0x930/0x930
[ 26.357460][ C0] ? msleep_interruptible+0x130/0x130
[ 26.362931][ C0] ? do_raw_spin_lock+0x11a/0x280
[ 26.367937][ C0] ? _raw_spin_unlock_irq+0x24/0x30
[ 26.373125][ C0] ? dummy_udc_probe+0x930/0x930
[ 26.378046][ C0] run_timer_softirq+0x5cc/0x14b0
[ 26.383102][ C0] ? add_timer+0x7a0/0x7a0
[ 26.387509][ C0] ? ktime_get+0x162/0x1c0
[ 26.391922][ C0] ? lapic_next_event+0x4d/0x80
[ 26.396873][ C0] __do_softirq+0x221/0x912
[ 26.401370][ C0] irq_exit+0x178/0x1a0
[ 26.405561][ C0] smp_apic_timer_interrupt+0x12f/0x500
[ 26.411099][ C0] apic_timer_interrupt+0xf/0x20
[ 26.416018][ C0]
[ 26.418948][ C0] RIP: 0010:default_idle+0x28/0x2e0
[ 26.424127][ C0] Code: 90 90 41 56 41 55 65 44 8b 2d 64 fa 93 7a 41 54 55 53 0f 1f 44 00 00 e8 96 6a d5 fb e9 07 00 00 00 0f 00 2d 3a a0 54 00 fb f4 <65> 44 8b 2d 40 fa 93 7a 0f 1f 44 00 00 5b 5d 41 5c 41 5d 41 5e c3
[ 26.443763][ C0] RSP: 0018:ffffffff86c07da8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[ 26.452245][ C0] RAX: 0000000000000007 RBX: ffffffff86c2b200 RCX: 0000000000000000
[ 26.460216][ C0] RDX: 0000000000000000 RSI: 0000000000000006 RDI: ffffffff86c2ba44
[ 26.468229][ C0] RBP: fffffbfff0d85640 R08: ffffffff86c2b200 R09: 0000000000000000
[ 26.476184][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 26.484252][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 26.492558][ C0] ? default_idle+0x1a/0x2e0
[ 26.497152][ C0] do_idle+0x3c2/0x4f0
[ 26.501435][ C0] ? arch_cpu_idle_exit+0x40/0x40
[ 26.506489][ C0] ? schedule+0xae/0x250
[ 26.510732][ C0] cpu_startup_entry+0x14/0x20
[ 26.515652][ C0] start_kernel+0x838/0x872
[ 26.520134][ C0] ? mem_encrypt_init+0x5/0x5
[ 26.524916][ C0] ? x86_family+0x3d/0x50
[ 26.529245][ C0] ? load_ucode_bsp+0x23d/0x27d
[ 26.534092][ C0] secondary_startup_64+0xa4/0xb0
[ 26.539954][ C0] Kernel Offset: disabled
[ 26.544358][ C0] Rebooting in 86400 seconds..