[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[   14.374411][ T1661] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   26.726740][ T1706] random: sshd: uninitialized urandom read (32 bytes read)
[   26.781385][    C1] random: crng init done
Warning: Permanently added '10.128.15.192' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
[  465.119921][ T1736] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  465.119932][   T17] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  465.120219][   T12] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  465.127786][   T83] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  465.136278][ T1739] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  465.159458][  T103] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  465.359724][ T1736] usb 2-1: Using ep0 maxpacket: 32
[  465.399700][   T17] usb 3-1: Using ep0 maxpacket: 32
[  465.405118][   T83] usb 1-1: Using ep0 maxpacket: 32
[  465.419697][  T103] usb 4-1: Using ep0 maxpacket: 32
[  465.425191][   T12] usb 6-1: Using ep0 maxpacket: 32
[  465.430608][ T1739] usb 5-1: Using ep0 maxpacket: 32
[  465.510247][ T1736] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  465.521948][ T1736] usb 2-1: New USB device found, idVendor=906d, idProduct=c3d9, bcdDevice= 0.40
[  465.529861][   T17] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  465.531436][ T1736] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.542501][   T17] usb 3-1: New USB device found, idVendor=906d, idProduct=c3d9, bcdDevice= 0.40
[  465.555390][ T1736] usb 2-1: config 0 descriptor??
[  465.560036][   T17] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.560278][   T83] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  465.570020][  T103] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  465.573372][   T83] usb 1-1: New USB device found, idVendor=906d, idProduct=c3d9, bcdDevice= 0.40
[  465.584563][  T103] usb 4-1: New USB device found, idVendor=906d, idProduct=c3d9, bcdDevice= 0.40
[  465.595726][   T83] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.605099][  T103] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.623268][   T17] usb 3-1: config 0 descriptor??
[  465.630875][   T12] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  465.636181][   T83] usb 1-1: config 0 descriptor??
[  465.647153][   T12] usb 6-1: New USB device found, idVendor=906d, idProduct=c3d9, bcdDevice= 0.40
[  465.661129][   T12] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.669344][ T1739] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  465.680291][ T1739] usb 5-1: New USB device found, idVendor=906d, idProduct=c3d9, bcdDevice= 0.40
[  465.689314][ T1739] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.709705][ T1739] usb 5-1: config 0 descriptor??
[  465.716013][   T12] usb 6-1: config 0 descriptor??
[  465.729030][  T103] usb 4-1: config 0 descriptor??
[  466.061902][ T1736] hid-generic 0003:906D:C3D9.0001: unknown main item tag 0x0
[  466.069931][ T1736] hid-generic 0003:906D:C3D9.0001: unknown main item tag 0x0
[  466.078302][ T1736] hid-generic 0003:906D:C3D9.0001: unknown main item tag 0x0
[  466.085881][ T1736] hid-generic 0003:906D:C3D9.0001: unknown main item tag 0x0
[  466.093588][ T1736] hid-generic 0003:906D:C3D9.0001: unknown main item tag 0x0
[  466.103005][ T1736] hid-generic 0003:906D:C3D9.0001: hidraw0: USB HID v0.00 Device [HID 906d:c3d9] on usb-dummy_hcd.1-1/input0
[  466.120883][   T17] hid-generic 0003:906D:C3D9.0002: unknown main item tag 0x0
[  466.128343][   T17] hid-generic 0003:906D:C3D9.0002: unknown main item tag 0x0
[  466.136036][   T17] hid-generic 0003:906D:C3D9.0002: unknown main item tag 0x0
[  466.143531][   T17] hid-generic 0003:906D:C3D9.0002: unknown main item tag 0x0
[  466.151006][   T17] hid-generic 0003:906D:C3D9.0002: unknown main item tag 0x0
[  466.159722][   T83] hid-generic 0003:906D:C3D9.0003: unknown main item tag 0x0
[  466.167114][   T83] hid-generic 0003:906D:C3D9.0003: unknown main item tag 0x0
[  466.174629][   T83] hid-generic 0003:906D:C3D9.0003: unknown main item tag 0x0
[  466.182258][   T83] hid-generic 0003:906D:C3D9.0003: unknown main item tag 0x0
[  466.190248][   T83] hid-generic 0003:906D:C3D9.0003: unknown main item tag 0x0
[  466.190840][ T1739] hid-generic 0003:906D:C3D9.0004: unknown main item tag 0x0
[  466.199601][   T83] hid-generic 0003:906D:C3D9.0003: hidraw1: USB HID v0.00 Device [HID 906d:c3d9] on usb-dummy_hcd.0-1/input0
[  466.206861][ T1739] hid-generic 0003:906D:C3D9.0004: unknown main item tag 0x0
[  466.219241][   T17] hid-generic 0003:906D:C3D9.0002: hidraw2: USB HID v0.00 Device [HID 906d:c3d9] on usb-dummy_hcd.2-1/input0
[  466.226072][ T1739] hid-generic 0003:906D:C3D9.0004: unknown main item tag 0x0
[  466.246400][ T1739] hid-generic 0003:906D:C3D9.0004: unknown main item tag 0x0
[  466.254179][ T1739] hid-generic 0003:906D:C3D9.0004: unknown main item tag 0x0
[  466.262645][   T12] hid-generic 0003:906D:C3D9.0005: unknown main item tag 0x0
[  466.270495][   T12] hid-generic 0003:906D:C3D9.0005: unknown main item tag 0x0
[  466.278698][   T12] hid-generic 0003:906D:C3D9.0005: unknown main item tag 0x0
[  466.287178][   T12] hid-generic 0003:906D:C3D9.0005: unknown main item tag 0x0
[  466.295021][   T12] hid-generic 0003:906D:C3D9.0005: unknown main item tag 0x0
[  466.303772][  T103] hid-generic 0003:906D:C3D9.0006: unknown main item tag 0x0
executing program
[  466.311541][  T103] hid-generic 0003:906D:C3D9.0006: unknown main item tag 0x0
[  466.319090][  T103] hid-generic 0003:906D:C3D9.0006: unknown main item tag 0x0
[  466.326927][  T103] hid-generic 0003:906D:C3D9.0006: unknown main item tag 0x0
[  466.334586][  T103] hid-generic 0003:906D:C3D9.0006: unknown main item tag 0x0
[  466.351871][ T1736] usb 2-1: USB disconnect, device number 2
executing program
executing program
[  466.421054][   T17] usb 3-1: USB disconnect, device number 2
[  466.421924][ T1741] usb 1-1: USB disconnect, device number 2
[  466.433807][  T103] hid-generic 0003:906D:C3D9.0006: hidraw3: USB HID v0.00 Device [HID 906d:c3d9] on usb-dummy_hcd.3-1/input0
executing program
executing program
[  466.500669][   T12] hid-generic 0003:906D:C3D9.0005: hidraw4: USB HID v0.00 Device [HID 906d:c3d9] on usb-dummy_hcd.5-1/input0
[  466.503735][   T83] usb 4-1: USB disconnect, device number 2
[  466.519048][ T1739] hid-generic 0003:906D:C3D9.0004: hidraw5: USB HID v0.00 Device [HID 906d:c3d9] on usb-dummy_hcd.4-1/input0
[  466.534797][ T1732] ==================================================================
[  466.537686][ T1739] usb 5-1: USB disconnect, device number 2
[  466.543286][ T1732] BUG: KASAN: use-after-free in strlen+0x79/0x90
[  466.543437][ T1732] Read of size 1 at addr ffff8881d499df38 by task syz-executor509/1732
[  466.543439][ T1732] 
[  466.543450][ T1732] CPU: 1 PID: 1732 Comm: syz-executor509 Not tainted 5.3.0-rc2+ #25
[  466.543455][ T1732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  466.543458][ T1732] Call Trace:
[  466.543491][ T1732]  dump_stack+0xca/0x13e
[  466.595557][ T1732]  ? strlen+0x79/0x90
[  466.599542][ T1732]  ? strlen+0x79/0x90
[  466.604484][ T1732]  print_address_description+0x6a/0x32c
[  466.610020][ T1732]  ? strlen+0x79/0x90
[  466.614363][ T1732]  ? strlen+0x79/0x90
[  466.618431][ T1732]  __kasan_report.cold+0x1a/0x33
[  466.623854][ T1732]  ? mark_lock+0x60/0x1130
[  466.628325][ T1732]  ? strlen+0x79/0x90
[  466.632351][ T1732]  kasan_report+0xe/0x12
[  466.636587][ T1732]  strlen+0x79/0x90
[  466.640563][ T1732]  hidraw_ioctl+0x245/0xae0
[  466.645077][ T1732]  ? hidraw_disconnect+0x2c0/0x2c0
[  466.650268][ T1732]  ? lock_downgrade+0x6e0/0x6e0
[  466.655159][ T1732]  ? lock_acquire+0x127/0x320
[  466.659925][ T1732]  ? debug_check_no_obj_freed+0xc4/0x443
[  466.665562][ T1732]  ? hidraw_disconnect+0x2c0/0x2c0
[  466.670710][ T1732]  do_vfs_ioctl+0xd2d/0x1330
[  466.675290][ T1732]  ? quarantine_put+0xb2/0x150
[  466.680054][ T1732]  ? ioctl_preallocate+0x200/0x200
[  466.685421][ T1732]  ? putname+0xe1/0x120
[  466.689599][ T1732]  ? putname+0xe1/0x120
[  466.693819][ T1732]  ? rcu_read_lock_sched_held+0x113/0x130
[  466.699552][ T1732]  ? kmem_cache_free+0x2d0/0x380
[  466.704500][ T1732]  ksys_ioctl+0x9b/0xc0
[  466.708711][ T1732]  __x64_sys_ioctl+0x6f/0xb0
[  466.713289][ T1732]  ? lockdep_hardirqs_on+0x379/0x580
[  466.718572][ T1732]  do_syscall_64+0xb7/0x580
[  466.723327][ T1732]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  466.729218][ T1732] RIP: 0033:0x445769
[  466.733215][ T1732] Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb cc fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  466.752990][ T1732] RSP: 002b:00007ffc59564918 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  466.761438][ T1732] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000445769
[  466.769871][ T1732] RDX: 0000000000000000 RSI: 0000000080404805 RDI: 0000000000000004
[  466.778159][ T1732] RBP: 00000000006d0018 R08: 000000000000000b R09: 00000000004002e0
[  466.786289][ T1732] R10: 000000000000000f R11: 0000000000000246 R12: 00000000004028e0
[  466.794283][ T1732] R13: 0000000000402970 R14: 0000000000000000 R15: 0000000000000000
[  466.802496][ T1732] 
[  466.804854][ T1732] kasan: CONFIG_KASAN_INLINE enabled
[  466.810226][ T1732] kasan: GPF could be caused by NULL-ptr deref or user memory access
[  466.818297][ T1732] general protection fault: 0000 [#1] SMP KASAN
[  466.824947][ T1732] CPU: 1 PID: 1732 Comm: syz-executor509 Not tainted 5.3.0-rc2+ #25
[  466.833002][ T1732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  466.843719][ T1732] RIP: 0010:print_address_description+0xc5/0x32c
[  466.850046][ T1732] Code: 00 00 b9 0b 00 00 00 49 8b 5c 24 18 be 11 ff ff 01 48 89 e8 48 c1 e1 29 48 c1 e6 27 4c 01 e1 48 c1 f9 06 48 c1 e1 0c 48 01 f1 <8b> 73 18 48 29 c8 48 99 48 f7 fe 66 41 8b 44 24 2a 48 89 f7 48 89
[  466.869845][ T1732] RSP: 0018:ffff8881d289fbd0 EFLAGS: 00010086
[  466.875900][ T1732] RAX: ffff8881d499df38 RBX: dead000000000400 RCX: ffff8881d499d000
[  466.883958][ T1732] RDX: ffffea0007526601 RSI: ffff888000000000 RDI: ffffed103a513f6c
[  466.892088][ T1732] RBP: ffff8881d499df38 R08: 0000000000000000 R09: ffffed103b663ee7
[  466.900046][ T1732] R10: ffffed103b663ee6 R11: ffff8881db31f737 R12: ffffea0007526740
[  466.908012][ T1732] R13: ffffffff85698e79 R14: ffff8881d94e9800 R15: 0000000000000005
[  466.915972][ T1732] FS:  0000555556a29880(0000) GS:ffff8881db300000(0000) knlGS:0000000000000000
[  466.925729][ T1732] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  466.932631][ T1732] CR2: 00007ffc59564924 CR3: 00000001d4125000 CR4: 00000000001406e0
[  466.940935][ T1732] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  466.949163][ T1732] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  466.957479][ T1732] Call Trace:
[  466.960765][ T1732]  ? strlen+0x79/0x90
[  466.964789][ T1732]  ? strlen+0x79/0x90
[  466.968776][ T1732]  __kasan_report.cold+0x1a/0x33
[  466.973848][ T1732]  ? mark_lock+0x60/0x1130
[  466.978256][ T1732]  ? strlen+0x79/0x90
[  466.982223][ T1732]  kasan_report+0xe/0x12
[  466.986529][ T1732]  strlen+0x79/0x90
[  466.990333][ T1732]  hidraw_ioctl+0x245/0xae0
[  466.994880][ T1732]  ? hidraw_disconnect+0x2c0/0x2c0
[  467.000110][ T1732]  ? lock_downgrade+0x6e0/0x6e0
[  467.004949][ T1732]  ? lock_acquire+0x127/0x320
[  467.009617][ T1732]  ? debug_check_no_obj_freed+0xc4/0x443
[  467.015238][ T1732]  ? hidraw_disconnect+0x2c0/0x2c0
[  467.020330][ T1732]  do_vfs_ioctl+0xd2d/0x1330
[  467.024913][ T1732]  ? quarantine_put+0xb2/0x150
[  467.029779][ T1732]  ? ioctl_preallocate+0x200/0x200
[  467.034885][ T1732]  ? putname+0xe1/0x120
[  467.039028][ T1732]  ? putname+0xe1/0x120
[  467.043180][ T1732]  ? rcu_read_lock_sched_held+0x113/0x130
[  467.049013][ T1732]  ? kmem_cache_free+0x2d0/0x380
[  467.054064][ T1732]  ksys_ioctl+0x9b/0xc0
[  467.058208][ T1732]  __x64_sys_ioctl+0x6f/0xb0
[  467.062795][ T1732]  ? lockdep_hardirqs_on+0x379/0x580
[  467.068064][ T1732]  do_syscall_64+0xb7/0x580
[  467.072555][ T1732]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  467.078540][ T1732] RIP: 0033:0x445769
[  467.082417][ T1732] Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb cc fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  467.102246][ T1732] RSP: 002b:00007ffc59564918 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  467.110718][ T1732] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000445769
[  467.118688][ T1732] RDX: 0000000000000000 RSI: 0000000080404805 RDI: 0000000000000004
[  467.126672][ T1732] RBP: 00000000006d0018 R08: 000000000000000b R09: 00000000004002e0
[  467.134630][ T1732] R10: 000000000000000f R11: 0000000000000246 R12: 00000000004028e0
[  467.142601][ T1732] R13: 0000000000402970 R14: 0000000000000000 R15: 0000000000000000
[  467.150669][ T1732] Modules linked in:
[  467.154587][ T1732] ---[ end trace 9b5be50ea9c21e33 ]---
[  467.160038][ T1732] RIP: 0010:print_address_description+0xc5/0x32c
[  467.166413][ T1732] Code: 00 00 b9 0b 00 00 00 49 8b 5c 24 18 be 11 ff ff 01 48 89 e8 48 c1 e1 29 48 c1 e6 27 4c 01 e1 48 c1 f9 06 48 c1 e1 0c 48 01 f1 <8b> 73 18 48 29 c8 48 99 48 f7 fe 66 41 8b 44 24 2a 48 89 f7 48 89
[  467.186120][ T1732] RSP: 0018:ffff8881d289fbd0 EFLAGS: 00010086
[  467.192186][ T1732] RAX: ffff8881d499df38 RBX: dead000000000400 RCX: ffff8881d499d000
[  467.200437][ T1732] RDX: ffffea0007526601 RSI: ffff888000000000 RDI: ffffed103a513f6c
[  467.208408][ T1732] RBP: ffff8881d499df38 R08: 0000000000000000 R09: ffffed103b663ee7
[  467.216481][ T1732] R10: ffffed103b663ee6 R11: ffff8881db31f737 R12: ffffea0007526740
[  467.224451][ T1732] R13: ffffffff85698e79 R14: ffff8881d94e9800 R15: 0000000000000005
[  467.232507][ T1732] FS:  0000555556a29880(0000) GS:ffff8881db300000(0000) knlGS:0000000000000000
[  467.241434][ T1732] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  467.248177][ T1732] CR2: 00007ffc59564924 CR3: 00000001d4125000 CR4: 00000000001406e0
[  467.256139][ T1732] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  467.264205][ T1732] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  467.272271][ T1732] Kernel panic - not syncing: Fatal exception
[  467.278830][ T1732] Kernel Offset: disabled
[  467.283144][ T1732] Rebooting in 86400 seconds..