================================================================== BUG: KASAN: slab-out-of-bounds in snd_usb_mixer_notify_id+0x219/0x2a0 sound/usb/mixer.c:3240 Write of size 4 at addr ffff8880a910fd60 by task swapper/0/0 CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.7.0-rc7-next-20200529-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x18f/0x20d lib/dump_stack.c:118 print_address_description.constprop.0.cold+0xd3/0x413 mm/kasan/report.c:383 __kasan_report mm/kasan/report.c:513 [inline] kasan_report.cold+0x1f/0x37 mm/kasan/report.c:530 snd_usb_mixer_notify_id+0x219/0x2a0 sound/usb/mixer.c:3240 snd_usb_mixer_interrupt+0x416/0x980 sound/usb/mixer.c:3379 __usb_hcd_giveback_urb+0x2af/0x4b0 drivers/usb/core/hcd.c:1650 usb_hcd_giveback_urb+0x368/0x420 drivers/usb/core/hcd.c:1716 __skb_queue_head_init include/linux/skbuff.h:1880 [inline] skbpoolfree drivers/block/aoe/aoedev.c:435 [inline] freedev drivers/block/aoe/aoedev.c:290 [inline] dummy_timer+0x1246/0x2fe4 drivers/block/aoe/aoedev.c:366 call_timer_fn+0x1ac/0x760 kernel/time/timer.c:1404 expire_timers kernel/time/timer.c:1449 [inline] __run_timers kernel/time/timer.c:1773 [inline] __run_timers kernel/time/timer.c:1740 [inline] run_timer_softirq+0x60f/0x15d0 kernel/time/timer.c:1786