[ 8.198248][ T22] exe="/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?' [ OK ] Stopped Network Time Synchronization. Starting Network Time Synchronization... [ OK ] Started Network Time Synchronization. [ OK ] Started Raise network interfaces. [ OK ] Reached target Network. Starting Permit User Sessions... Starting OpenBSD Secure Shell server... [ OK ] Started Permit User Sessions. [ OK ] Started OpenBSD Secure Shell server. Warning: Permanently added '10.128.0.103' (ECDSA) to the list of known hosts. executing program [* ] A start job is running for dev-ttyS0.device (8s / 1min 30s) [** ] A start job is running for dev-ttyS0.device (8s / 1min 30s) [*** ] A start job is running for dev-ttyS0.device (9s / 1min 30s) [ *** ] A start job is running for dev-ttyS0.device (10s / 1min 30s) [ *** ] A start job is running for dev-ttyS0.device (10s / 1min 30s) [ ***] A start job is running for dev-ttyS0.device (11s / 1min 30s) [ **] A start job is running for dev-ttyS0.device (12s / 1min 30s)[ 17.635877][ T139] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 17.724745][ T139] usb 1-1: Using ep0 maxpacket: 8 [ 17.843040][ T139] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 111, using maximum allowed: 30 [ 17.854050][ T139] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 17.865062][ T139] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 17.874806][ T139] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 111 [ 17.888203][ T139] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 17.897403][ T139] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 17.908923][ T139] usb 1-1: config 0 descriptor?? [ 17.924839][ C1] random: crng init done [ 17.929128][ C1] random: 7 urandom warning(s) missed due to ratelimiting [ *] A start job is running for dev-ttyS0.device (12s / 1min 30s)[ 18.385738][ T139] plantronics 0003:047F:FFFF.0001: ignoring exceeding usage max [ 18.394022][ T139] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 18.402363][ T139] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 18.411467][ T139] plantronics 0003:047F:FFFF.0001: hiddev96,hidraw0: USB HID v0.00 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 18.651823][ T404] ================================================================== [ 18.660149][ T404] BUG: KASAN: slab-out-of-bounds in hiddev_ioctl_usage+0x16f2/0x1830 [ 18.668601][ T404] Read of size 4 at addr ffff8881ce248070 by task syz-executor755/404 [ 18.677071][ T404] [ 18.679389][ T404] CPU: 0 PID: 404 Comm: syz-executor755 Not tainted 5.4.30-syzkaller-00005-ge93e4b4f936f #0 [ 18.689423][ T404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 18.699465][ T404] Call Trace: [ 18.702739][ T404] dump_stack+0x14a/0x1ce [ 18.707243][ T404] ? show_regs_print_info+0x12/0x12 [ 18.712421][ T404] ? printk+0xd2/0x114 [ 18.716477][ T404] print_address_description+0x93/0x620 [ 18.722009][ T404] __kasan_report+0x16d/0x1e0 [ 18.726666][ T404] ? hiddev_ioctl_usage+0x16f2/0x1830 [ 18.732050][ T404] kasan_report+0x34/0x60 [ 18.736382][ T404] hiddev_ioctl_usage+0x16f2/0x1830 [ 18.741645][ T404] ? usbhid_init_reports+0x28d/0x2a0 [ 18.746918][ T404] hiddev_ioctl+0x7a7/0x29a0 [ 18.751519][ T404] ? hiddev_poll+0x1c0/0x1c0 [ 18.756091][ T404] ? hiddev_poll+0x1c0/0x1c0 [ 18.760674][ T404] do_vfs_ioctl+0x770/0x1750 [ 18.765257][ T404] ? selinux_file_ioctl+0x73b/0x990 [ 18.770483][ T404] ? ioctl_preallocate+0x250/0x250 [ 18.775608][ T404] ? kmem_cache_free+0xac/0x5f0 [ 18.780435][ T404] ? __fd_install+0x113/0x260 [ 18.785088][ T404] ? do_sys_open+0x642/0x7d0 [ 18.789668][ T404] ? __fpregs_load_activate+0x2d3/0x390 [ 18.795192][ T404] ? security_file_ioctl+0xad/0xc0 [ 18.800290][ T404] __x64_sys_ioctl+0xd4/0x110 [ 18.805209][ T404] do_syscall_64+0xcb/0x150 [ 18.809708][ T404] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 18.815587][ T404] RIP: 0033:0x444ba9 [ 18.819542][ T404] Code: e8 bc af 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b d8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 18.839218][ T404] RSP: 002b:00007ffe435cdfa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 18.847669][ T404] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 0000000000444ba9 [ 18.855626][ T404] RDX: 00000000200006c0 RSI: 00000000c018480b RDI: 0000000000000004 [ 18.863576][ T404] RBP: 00000000006cf018 R08: 8fce4d9635172f21 R09: 00000000004002e0 [ 18.871537][ T404] R10: 000000000000000f R11: 0000000000000246 R12: 0000000000402850 [ 18.879483][ T404] R13: 00000000004028e0 R14: 0000000000000000 R15: 0000000000000000 [ 18.887486][ T404] [ 18.889785][ T404] The buggy address belongs to the page: [ 18.895398][ T404] page:ffffea0007388000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 compound_mapcount: 0 [ 18.906308][ T404] flags: 0x8000000000010000(head) [ 18.911316][ T404] raw: 8000000000010000 dead000000000100 dead000000000122 0000000000000000 [ 18.919913][ T404] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.928473][ T404] page dumped because: kasan: bad access detected [ 18.934860][ T404] [ 18.937160][ T404] Memory state around the buggy address: [ 18.942764][ T404] ffff8881ce247f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.950806][ T404] ffff8881ce247f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.958846][ T404] >ffff8881ce248000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe fe [ 18.966875][ T404] ^ [ 18.974571][ T404] ffff8881ce248080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.982603][ T404] ffff8881ce248100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.990631][ T404] ================================================================== [ 18.998753][ T404] Disabling lock debugging due t