Starting Network Time Synchronization...
[�[0;32m OK �[0m] Started Network Time Synchronization.
[�[0;32m OK �[0m] Started Raise network interfaces.
[�[0;32m OK �[0m] Reached target Network.
Starting OpenBSD Secure Shell server...
Starting Permit User Sessions...
[�[0;32m OK �[0m] Started Permit User Sessions.
[�[0;32m OK �[0m] Started OpenBSD Secure Shell server.
Warning: Permanently added '10.128.0.27' (ECDSA) to the list of known hosts.
executing program
[�[0m�[0;31m* �[0m] A start job is running for dev-ttyS0.device (8s / 1min 30s)
�[K[�[0;1;31m*�[0m�[0;31m* �[0m] A start job is running for dev-ttyS0.device (8s / 1min 30s)
�[K[�[0;31m*�[0;1;31m*�[0m�[0;31m* �[0m] A start job is running for dev-ttyS0.device (9s / 1min 30s)
�[K[ �[0;31m*�[0;1;31m*�[0m�[0;31m* �[0m] A start job is running for dev-ttyS0.device (10s / 1min 30s)
�[K[ �[0;31m*�[0;1;31m*�[0m�[0;31m* �[0m] A start job is running for dev-ttyS0.device (10s / 1min 30s)
�[K[ �[0;31m*�[0;1;31m*�[0m�[0;31m*�[0m] A start job is running for dev-ttyS0.device (11s / 1min 30s)
�[K[ �[0;31m*�[0;1;31m*�[0m] A start job is running for dev-ttyS0.device (12s / 1min 30s)
�[K[ �[0;31m*�[0m] A start job is running for dev-ttyS0.device (12s / 1min 30s)
�[K[ �[0;31m*�[0;1;31m*�[0m] A start job is running for dev-ttyS0.device (13s / 1min 30s)
�[K[ �[0;31m*�[0;1;31m*�[0m�[0;31m*�[0m] A start job is running for dev-ttyS0.device (13s / 1min 30s)
�[K[ �[0;31m*�[0;1;31m*�[0m�[0;31m* �[0m] A start job is running for dev-ttyS0.device (14s / 1min 30s)[ 19.737925][ T22] audit: type=1400 audit(1589425958.235:8): avc: denied { execmem } for pid=406 comm="syz-executor870" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 20.011301][ T115] usb 1-1: new high-speed USB device number 2 using dummy_hcd
�[K[ �[0;31m*�[0;1;31m*�[0m�[0;31m* �[0m] A start job is running for dev-ttyS0.device (15s / 1min 30s)[ 20.370120][ T115] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 20.381082][ T115] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 20.391619][ T115] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 20.404965][ T115] usb 1-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[ 20.414362][ T115] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 20.423304][ T115] usb 1-1: config 0 descriptor??
�[K[�[0;31m*�[0;1;31m*�[0m�[0;31m* �[0m] A start job is running for dev-ttyS0.device (15s / 1min 30s)[ 20.899189][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 20.906077][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 20.914481][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 20.922166][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 20.929734][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 20.936579][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 20.945364][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 20.953071][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 20.960784][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 20.967633][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 20.976030][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 20.983905][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 20.991592][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 20.999274][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 21.006116][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 21.014390][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 21.021962][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 21.029658][ T115] betop 0003:20BC:5500.0001: unknown main item tag 0x0
[ 21.037111][ T115] betop 0003:20BC:5500.0001: hidraw0: USB HID v0.00 Device [HID 20bc:5500] on usb-dummy_hcd.0-1/input0
[ 21.049724][ T115] ==================================================================
[ 21.057780][ T115] BUG: KASAN: use-after-free in input_ff_create+0x157/0x350
[ 21.065052][ T115] Write of size 8 at addr ffff8881d029d168 by task kworker/1:1/115
[ 21.072923][ T115]
[ 21.075259][ T115] CPU: 1 PID: 115 Comm: kworker/1:1 Not tainted 5.4.40-syzkaller-00122-g79c00997a007 #0
[ 21.084941][ T115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 21.094982][ T115] Workqueue: usb_hub_wq hub_event
[ 21.101373][ T115] Call Trace:
[ 21.104656][ T115] dump_stack+0x14a/0x1ce
[ 21.108967][ T115] ? show_regs_print_info+0x12/0x12
[ 21.114187][ T115] ? printk+0xd2/0x114
[ 21.118309][ T115] print_address_description+0x93/0x620
[ 21.123850][ T115] __kasan_report+0x16d/0x1e0
[ 21.128506][ T115] ? input_ff_create+0x157/0x350
[ 21.133430][ T115] kasan_report+0x34/0x60
[ 21.137767][ T115] ? __mutex_init+0x9d/0xf0
[ 21.142325][ T115] input_ff_create+0x157/0x350
[ 21.147099][ T115] ? betop_probe+0x5c0/0x5c0
[ 21.151723][ T115] input_ff_create_memless+0x14d/0x6d0
[ 21.157165][ T115] betop_probe+0x3ee/0x5c0
[ 21.161590][ T115] hid_device_probe+0x27a/0x420
[ 21.166541][ T115] really_probe+0x707/0xf70
[ 21.171040][ T115] driver_probe_device+0xe6/0x230
[ 21.176041][ T115] ? coredump_store+0x90/0x90
[ 21.180696][ T115] bus_for_each_drv+0x17a/0x200
[ 21.185522][ T115] ? subsys_find_device_by_id+0x340/0x340
[ 21.191218][ T115] __device_attach+0x27b/0x420
[ 21.195963][ T115] ? skb_release_head_state+0x1d0/0x210
[ 21.201499][ T115] ? device_attach+0x20/0x20
[ 21.206064][ T115] bus_probe_device+0xbb/0x200
[ 21.210806][ T115] device_add+0x105a/0x1750
[ 21.215292][ T115] ? __d_instantiate+0x3c6/0x700
[ 21.220231][ T115] ? dev_set_name+0x120/0x120
[ 21.224884][ T115] ? hid_debug_register+0xcd/0x140
[ 21.229979][ T115] hid_add_device+0xd7e/0xfd0
[ 21.234651][ T115] ? gfp_pfmemalloc_allowed+0x130/0x130
[ 21.240173][ T115] ? snprintf+0xd9/0x120
[ 21.244409][ T115] ? usbhid_probe+0x6c2/0xcc0
[ 21.249065][ T115] ? hid_device_remove+0x390/0x390
[ 21.254152][ T115] ? kasan_kmalloc_large+0xff/0x110
[ 21.259349][ T115] ? init_timer_key+0x2c/0x1d0
[ 21.264103][ T115] usbhid_probe+0x94e/0xcc0
[ 21.268590][ T115] usb_probe_interface+0x631/0xad0
[ 21.273681][ T115] really_probe+0x764/0xf70
[ 21.278160][ T115] driver_probe_device+0xe6/0x230
[ 21.283181][ T115] ? coredump_store+0x90/0x90
[ 21.287845][ T115] bus_for_each_drv+0x17a/0x200
[ 21.292674][ T115] ? subsys_find_device_by_id+0x340/0x340
[ 21.298371][ T115] __device_attach+0x27b/0x420
[ 21.303114][ T115] ? skb_release_head_state+0x1d0/0x210
[ 21.308636][ T115] ? device_attach+0x20/0x20
[ 21.313204][ T115] bus_probe_device+0xbb/0x200
[ 21.317969][ T115] device_add+0x105a/0x1750
[ 21.322450][ T115] ? dev_set_name+0x120/0x120
[ 21.327118][ T115] ? kfree+0x12b/0x600
[ 21.331194][ T115] usb_set_configuration+0x184c/0x1dc0
[ 21.332198][ T413] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 21.336639][ T115] generic_probe+0x82/0x140
[ 21.348563][ T115] really_probe+0x764/0xf70
[ 21.353073][ T115] driver_probe_device+0xe6/0x230
[ 21.358196][ T115] ? coredump_store+0x90/0x90
[ 21.363982][ T115] bus_for_each_drv+0x17a/0x200
[ 21.368873][ T115] ? subsys_find_device_by_id+0x340/0x340
[ 21.374576][ T115] __device_attach+0x27b/0x420
[ 21.379353][ T115] ? skb_release_head_state+0x1d0/0x210
[ 21.384890][ T115] ? device_attach+0x20/0x20
[ 21.389458][ T115] bus_probe_device+0xbb/0x200
[ 21.394194][ T115] device_add+0x105a/0x1750
[ 21.398670][ T115] ? dev_set_name+0x120/0x120
[ 21.403342][ T115] usb_new_device+0xda7/0x1710
[ 21.408170][ T115] ? hub_port_init+0x1e9e/0x30e0
[ 21.413084][ T115] ? usb_disconnect+0x880/0x880
[ 21.417921][ T115] hub_event+0x2963/0x4fa0
[ 21.422367][ T115] ? led_work+0x530/0x530
[ 21.426672][ T115] ? pm_schedule_suspend+0x1d0/0x1d0
[ 21.431932][ T115] ? _raw_spin_lock+0x170/0x170
[ 21.436756][ T115] ? mutex_lock+0xa6/0x110
[ 21.441582][ T115] ? _raw_spin_lock_irq+0xa2/0x180
[ 21.446687][ T115] ? read_word_at_a_time+0xe/0x20
[ 21.451717][ T115] ? strscpy+0xa6/0x260
[ 21.455853][ T115] process_one_work+0x777/0xf90
[ 21.460681][ T115] worker_thread+0xa8f/0x1430
[ 21.465356][ T115] ? _raw_spin_lock+0x170/0x170
[ 21.470299][ T115] kthread+0x2df/0x300
[ 21.474389][ T115] ? process_one_work+0xf90/0xf90
[ 21.474397][ T115] ? kthread_destroy_worker+0x280/0x280
[ 21.474406][ T115] ret_from_fork+0x1f/0x30
[ 21.474415][ T115]
[ 21.491698][ T115] Allocated by task 379:
[ 21.495979][ T115] __kasan_kmalloc+0x12c/0x1c0
�[K[ 21.500735][ T115] kmem_cache_alloc+0x1d5/0x260
[ 21.505935][ T115] __alloc_file+0x26/0x390
[ 21.510356][ T115] alloc_empty_file+0xa9/0x1b0
[ 21.515123][ T115] path_openat+0x11e/0x3d10
[[ 21.519627][ T115] do_filp_open+0x20d/0x440
[ 21.524210][ T115] do_sys_open+0x387/0x7d0
�[0;1;31m*�[0m�[[ 21.528662][ T115] do_syscall_64+0xcb/0x150
[ 21.534548][ T115] entry_SYSCALL_64_after_hwframe+0x44/0xa9
0;31m* �[0m[ 21.540439][ T115]
[ 21.543973][ T115] Freed by task 0:
[ 21.547706][ T115] __kasan_slab_free+0x181/0x230
[ 21.552649][ T115] slab_free_freelist_hook+0xd0/0x150
] [ 21.558013][ T115] kmem_cache_free+0xac/0x600
[ 21.562836][ T115] rcu_core+0xbf0/0x1360
A start job is r[ 21.567088][ T115] __do_softirq+0x2d5/0x725
[ 21.572970][ T115]
[ 21.575311][ T115] The buggy address belongs to the object at ffff8881d029d140
[ 21.575311][ T115] which belongs to the cache filp of size 256
[ 21.588773][ T115] The buggy address is located 40 bytes inside of
[ 21.588773][ T115] 256-byte region [ffff8881d029d140, ffff8881d029d240)
[ 21.602125][ T115] The buggy address belongs to the page:
unning for dev-t[ 21.607775][ T115] page:ffffea000740a740 refcount:1 mapcount:0 mapping:ffff8881da8ef900 index:0x0
[ 21.618266][ T115] flags: 0x8000000000000200(slab)
[ 21.623302][ T115] raw: 8000000000000200 ffffea000742afc0 0000000a0000000a ffff8881da8ef900
tyS0.device (16s[ 21.631901][ T115] raw: 0000000000000000 00000000000c000c 00000001ffffffff 0000000000000000
[ 21.641878][ T115] page dumped because: kasan: bad access detected
[ 21.648284][ T115]
[ 21.650602][ T115] Memory state around the buggy address:
[ 21.656235][ T115] ffff8881d029d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 21.664300][ T115] ffff8881d029d080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 21.672391][ T115] >ffff8881d029d100: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[ 21.680449][ T115] ^
/ 1min 30s)[ 21.687916][ T115] ffff8881d029d180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 21.697009][ T115] ffff8881d029d200: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 21.705056][ T115] ==================================================================
[ 21.713111][ T115] Disabling lock debugging due to kernel taint
[ 21.719563][ T115] ------------[ cut here ]------------
[ 21.725059][ T115] WARNING: CPU: 1 PID: 115 at mm/page_alloc.c:4809 __alloc_pages_nodemask+0x529/0x7c0
[ 21.734583][ T115] Modules linked in:
[ 21.738461][ T115] CPU: 1 PID: 115 Comm: kworker/1:1 Tainted: G B 5.4.40-syzkaller-00122-g79c00997a007 #0
[ 21.749576][ T115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 21.759629][ T115] Workqueue: usb_hub_wq hub_event
[ 21.764704][ T115] RIP: 0010:__alloc_pages_nodemask+0x529/0x7c0
[ 21.770856][ T115] Code: 24 e0 00 00 00 0f 85 a3 02 00 00 4c 89 e0 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 41 f7 c6 00 20 00 00 0f 85 c9 fc ff ff <0f> 0b 45 31 e4 eb 96 31 db e9 24 fc ff ff 65 48 8b 1c 25 00 ed 01
[ 21.790463][ T115] RSP: 0018:ffff8881d9c36620 EFLAGS: 00010046
[ 21.796652][ T115] RAX: ffff8881d9c366a0 RBX: 0000000000000012 RCX: 0000000000000000
[ 21.804620][ T115] RDX: 0000000000000028 RSI: 0000000000000000 RDI: ffff8881d9c366c8
[ 21.812573][ T115] RBP: ffff8881d9c36758 R08: dffffc0000000000 R09: ffff8881d9c366a0
[ 21.820550][ T115] R10: ffffed103b386cd9 R11: 0000000000000000 R12: 0000000020000007
[ 21.828518][ T115] R13: ffff8881d9c366a0 R14: 0000000000040a20 R15: dffffc0000000000
[ 21.836488][ T115] FS: 0000000000000000(0000) GS:ffff8881db900000(0000) knlGS:0000000000000000
[ 21.845411][ T115] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 21.852008][ T115] CR2: 00007f68ca763010 CR3: 00000001c6356003 CR4: 00000000001606e0
[ 21.859974][ T115] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 21.867941][ T115] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 21.875905][ T115] Call Trace:
[ 21.879197][ T115] ? gfp_pfmemalloc_allowed+0x130/0x130
[ 21.884728][ T115] kmalloc_order_trace+0x2a/0xf0
[ 21.889773][ T115] __kmalloc+0x268/0x2d0
[ 21.894013][ T115] hid_alloc_report_buf+0x73/0xc0
[ 21.899131][ T115] usbhid_submit_report+0x499/0xb50
[ 21.904340][ T115] ? __kasan_report+0x1c6/0x1e0
[ 21.909236][ T115] ? usbhid_init_reports+0x2a0/0x2a0
[ 21.914507][ T115] ? input_ff_create+0x2c3/0x350
[ 21.919442][ T115] ? usbhid_parse+0xe60/0xe60
[ 21.924682][ T115] betop_probe+0x550/0x5c0
[ 21.929095][ T115] hid_device_probe+0x27a/0x420
[ 21.933954][ T115] really_probe+0x707/0xf70
[ 21.938448][ T115] driver_probe_device+0xe6/0x230
[ 21.943471][ T115] ? coredump_store+0x90/0x90
[ 21.948148][ T115] bus_for_each_drv+0x17a/0x200
[ 21.953003][ T115] ? subsys_find_device_by_id+0x340/0x340
[ 21.958725][ T115] __device_attach+0x27b/0x420
[ 21.963508][ T115] ? skb_release_head_state+0x1d0/0x210
[ 21.969069][ T115] ? device_attach+0x20/0x20
[ 21.973651][ T115] bus_probe_device+0xbb/0x200
[ 21.978418][ T115] device_add+0x105a/0x1750
[ 21.982921][ T115] ? __d_instantiate+0x3c6/0x700
[ 21.987856][ T115] ? dev_set_name+0x120/0x120
[ 21.992528][ T115] ? hid_debug_register+0xcd/0x140
[ 21.997633][ T115] hid_add_device+0xd7e/0xfd0
[ 22.002311][ T115] ? gfp_pfmemalloc_allowed+0x130/0x130
[ 22.007848][ T115] ? snprintf+0xd9/0x120
[ 22.012094][ T115] ? usbhid_probe+0x6c2/0xcc0
[ 22.016764][ T115] ? hid_device_remove+0x390/0x390
[ 22.021886][ T115] ? kasan_kmalloc_large+0xff/0x110
[ 22.027083][ T115] ? init_timer_key+0x2c/0x1d0
[ 22.031852][ T115] usbhid_probe+0x94e/0xcc0
[ 22.036406][ T115] usb_probe_interface+0x631/0xad0
[ 22.041521][ T115] really_probe+0x764/0xf70
[ 22.046027][ T115] driver_probe_device+0xe6/0x230
[ 22.051051][ T115] ? coredump_store+0x90/0x90
[ 22.055834][ T115] bus_for_each_drv+0x17a/0x200
[ 22.060686][ T115] ? subsys_find_device_by_id+0x340/0x340
[ 22.066404][ T115] __device_attach+0x27b/0x420
[ 22.071181][ T115] ? skb_release_head_state+0x1d0/0x210
[ 22.076726][ T115] ? device_attach+0x20/0x20
[ 22.081335][ T115] bus_probe_device+0xbb/0x200
[ 22.086108][ T115] device_add+0x105a/0x1750
[ 22.090609][ T115] ? dev_set_name+0x120/0x120
[ 22.095324][ T115] ? kfree+0x12b/0x600
[ 22.099386][ T115] usb_set_configuration+0x184c/0x1dc0
[ 22.104836][ T115] generic_probe+0x82/0x140
[ 22.109343][ T115] really_probe+0x764/0xf70
[ 22.113894][ T115] driver_probe_device+0xe6/0x230
[ 22.118928][ T115] ? coredump_store+0x90/0x90
[ 22.123604][ T115] bus_for_each_drv+0x17a/0x200
[ 22.128453][ T115] ? subsys_find_device_by_id+0x340/0x340
[ 22.134173][ T115] __device_attach+0x27b/0x420
[ 22.138940][ T115] ? skb_release_head_state+0x1d0/0x210
[ 22.144478][ T115] ? device_attach+0x20/0x20
[ 22.149058][ T115] bus_probe_device+0xbb/0x200
[ 22.153811][ T115] device_add+0x105a/0x1750
[ 22.158304][ T115] ? dev_set_name+0x120/0x120
[ 22.162970][ T115] usb_new_device+0xda7/0x1710
[ 22.167732][ T115] ? hub_port_init+0x1e9e/0x30e0
[ 22.172666][ T115] ? usb_disconnect+0x880/0x880
[ 22.177513][ T115] hub_event+0x2963/0x4fa0
[ 22.181930][ T115] ? led_work+0x530/0x530
[ 22.186257][ T115] ? pm_schedule_suspend+0x1d0/0x1d0
[ 22.191541][ T115] ? _raw_spin_lock+0x170/0x170
[ 22.196379][ T115] ? mutex_lock+0xa6/0x110
[ 22.200789][ T115] ? _raw_spin_lock_irq+0xa2/0x180
[ 22.205896][ T115] ? read_word_at_a_time+0xe/0x20
[ 22.210913][ T115] ? strscpy+0xa6/0x260
[ 22.215071][ T115] process_one_work+0x777/0xf90
[ 22.219929][ T115] worker_thread+0xa8f/0x1430
[ 22.224606][ T115] ? _raw_spin_lock+0x170/0x170
[ 22.229452][ T115] kthread+0x2df/0x300
[ 22.233520][ T115] ? process_one_work+0xf90/0xf90
[ 22.238545][ T115] ? kthread_destroy_worker+0x280/0x280
[ 22.244082][ T115] ret_from_fork+0x1f/0x30
[ 22.248589][ T115] ---[ end trace ed459a7fa9582a96 ]---
[ 22.254039][