INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.64' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   40.413717][   T83] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   40.653215][   T83] usb 1-1: Using ep0 maxpacket: 32
[   40.773334][   T83] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   40.784638][   T83] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   40.797515][   T83] usb 1-1: New USB device found, idVendor=046d, idProduct=c71c, bcdDevice= 0.40
[   40.806659][   T83] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   40.816479][   T83] usb 1-1: config 0 descriptor??
[   41.295345][   T83] logitech-djreceiver 0003:046D:C71C.0001: unknown main item tag 0x0
[   41.303825][   T83] logitech-djreceiver 0003:046D:C71C.0001: unknown main item tag 0x0
[   41.313350][   T83] logitech-djreceiver 0003:046D:C71C.0001: unknown main item tag 0x0
[   41.321982][   T83] logitech-djreceiver 0003:046D:C71C.0001: unknown main item tag 0x0
[   41.330574][   T83] logitech-djreceiver 0003:046D:C71C.0001: unknown main item tag 0x0
[   41.338742][   T83] logitech-djreceiver 0003:046D:C71C.0001: unknown main item tag 0x0
[   41.347927][   T83] logitech-djreceiver 0003:046D:C71C.0001: unknown main item tag 0x0
[   41.363309][   T83] logitech-djreceiver 0003:046D:C71C.0001: unknown main item tag 0x0
[   41.371825][   T83] logitech-djreceiver 0003:046D:C71C.0001: unknown main item tag 0x0
[   41.380723][   T83] logitech-djreceiver 0003:046D:C71C.0001: unknown main item tag 0x0
[   41.392749][   T83] logitech-djreceiver 0003:046D:C71C.0001: hidraw0: USB HID v0.00 Device [HID 046d:c71c] on usb-dummy_hcd.0-1/input0
[   41.494844][  T103] usb 1-1: USB disconnect, device number 2
[   41.694510][ T1729] ==================================================================
[   41.705228][ T1729] BUG: KASAN: use-after-free in strlen+0x79/0x90
[   41.711753][ T1729] Read of size 1 at addr ffff8881d3b95eb8 by task syz-executor314/1729
[   41.720615][ T1729] 
[   41.723565][ T1729] CPU: 0 PID: 1729 Comm: syz-executor314 Not tainted 5.3.0-rc2+ #25
[   41.732454][ T1729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   41.743430][ T1729] Call Trace:
[   41.746716][ T1729]  dump_stack+0xca/0x13e
[   41.750958][ T1729]  ? strlen+0x79/0x90
[   41.756653][ T1729]  ? strlen+0x79/0x90
[   41.761126][ T1729]  print_address_description+0x6a/0x32c
[   41.766791][ T1729]  ? strlen+0x79/0x90
[   41.771055][ T1729]  ? strlen+0x79/0x90
[   41.775431][ T1729]  __kasan_report.cold+0x1a/0x33
[   41.782244][ T1729]  ? strlen+0x79/0x90
[   41.786483][ T1729]  kasan_report+0xe/0x12
[   41.791290][ T1729]  strlen+0x79/0x90
[   41.795226][ T1729]  hidraw_ioctl+0x62b/0xae0
[   41.799734][ T1729]  ? hidraw_disconnect+0x2c0/0x2c0
[   41.804926][ T1729]  ? lock_acquire+0x127/0x320
[   41.809730][ T1729]  ? debug_object_free+0x52/0x340
[   41.815130][ T1729]  ? _raw_spin_unlock_irqrestore+0x3e/0x50
[   41.821080][ T1729]  ? hidraw_disconnect+0x2c0/0x2c0
[   41.826302][ T1729]  do_vfs_ioctl+0xd2d/0x1330
[   41.831149][ T1729]  ? ioctl_preallocate+0x200/0x200
[   41.836267][ T1729]  ? hrtimer_nanosleep+0x28a/0x510
[   41.841433][ T1729]  ? nanosleep_copyout+0x100/0x100
[   41.846810][ T1729]  ? _copy_from_user+0x123/0x190
[   41.852128][ T1729]  ? clock_was_set_work+0x20/0x20
[   41.857479][ T1729]  ? put_old_itimerspec32+0x1d0/0x1d0
[   41.863227][ T1729]  ? rwlock_bug.part.0+0x90/0x90
[   41.869289][ T1729]  ksys_ioctl+0x9b/0xc0
[   41.875673][ T1729]  __x64_sys_ioctl+0x6f/0xb0
[   41.883106][ T1729]  ? lockdep_hardirqs_on+0x379/0x580
[   41.894233][ T1729]  do_syscall_64+0xb7/0x580
[   41.901704][ T1729]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   41.909862][ T1729] RIP: 0033:0x444939
[   41.914076][ T1729] Code: e8 1c b5 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb d7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   41.938027][ T1729] RSP: 002b:00007fff9c013a08 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   41.947944][ T1729] RAX: ffffffffffffffda RBX: 00007fff9c013a10 RCX: 0000000000444939
[   41.956884][ T1729] RDX: 0000000000000000 RSI: 0000000080404804 RDI: 0000000000000004
[   41.965169][ T1729] RBP: 00000000006d0018 R08: 000000000000000b R09: 6c616b7a79732f2e
[   41.973204][ T1729] R10: 000000000000000f R11: 0000000000000246 R12: 0000000000402580
[   41.981271][ T1729] R13: 0000000000402610 R14: 0000000000000000 R15: 0000000000000000
[   41.989369][ T1729] 
[   41.991693][ T1729] The buggy address belongs to the page:
[   41.997655][ T1729] page:ffffea00074ee540 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0
[   42.006801][ T1729] flags: 0x200000000000000()
[   42.011441][ T1729] raw: 0200000000000000 0000000000000000 ffffffff074e0201 0000000000000000
[   42.020479][ T1729] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   42.029637][ T1729] page dumped because: kasan: bad access detected
[   42.036430][ T1729] 
[   42.038755][ T1729] Memory state around the buggy address:
[   42.044409][ T1729]  ffff8881d3b95d80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   42.052470][ T1729]  ffff8881d3b95e00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   42.060717][ T1729] >ffff8881d3b95e80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   42.070010][ T1729]                                         ^
[   42.076098][ T1729]  ffff8881d3b95f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   42.084436][ T1729]  ffff8881d3b95f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   42.092819][ T1729] ==================================================================
[   42.101118][ T1729] Disabling lock debugging due to kernel taint
[   42.108325][ T1729] Kernel panic - not syncing: panic_on_warn set ...
[   42.115078][ T1729] CPU: 0 PID: 1729 Comm: syz-executor314 Tainted: G    B             5.3.0-rc2+ #25
[   42.124889][ T1729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   42.135175][ T1729] Call Trace:
[   42.138648][ T1729]  dump_stack+0xca/0x13e
[   42.142940][ T1729]  panic+0x2a3/0x6da
[   42.147121][ T1729]  ? add_taint.cold+0x16/0x16
[   42.151899][ T1729]  ? retint_kernel+0x10/0x10
[   42.156730][ T1729]  ? trace_hardirqs_on+0x55/0x1e0
[   42.161888][ T1729]  ? strlen+0x79/0x90
[   42.166151][ T1729]  end_report+0x43/0x49
[   42.170485][ T1729]  ? strlen+0x79/0x90
[   42.174559][ T1729]  __kasan_report.cold+0xd/0x33
[   42.179454][ T1729]  ? strlen+0x79/0x90
[   42.183614][ T1729]  kasan_report+0xe/0x12
[   42.187966][ T1729]  strlen+0x79/0x90
[   42.192018][ T1729]  hidraw_ioctl+0x62b/0xae0
[   42.196824][ T1729]  ? hidraw_disconnect+0x2c0/0x2c0
[   42.203290][ T1729]  ? lock_acquire+0x127/0x320
[   42.207965][ T1729]  ? debug_object_free+0x52/0x340
[   42.213219][ T1729]  ? _raw_spin_unlock_irqrestore+0x3e/0x50
[   42.219226][ T1729]  ? hidraw_disconnect+0x2c0/0x2c0
[   42.224613][ T1729]  do_vfs_ioctl+0xd2d/0x1330
[   42.229396][ T1729]  ? ioctl_preallocate+0x200/0x200
[   42.234679][ T1729]  ? hrtimer_nanosleep+0x28a/0x510
[   42.240953][ T1729]  ? nanosleep_copyout+0x100/0x100
[   42.246855][ T1729]  ? _copy_from_user+0x123/0x190
[   42.251993][ T1729]  ? clock_was_set_work+0x20/0x20
[   42.257062][ T1729]  ? put_old_itimerspec32+0x1d0/0x1d0
[   42.262504][ T1729]  ? rwlock_bug.part.0+0x90/0x90
[   42.267762][ T1729]  ksys_ioctl+0x9b/0xc0
[   42.271953][ T1729]  __x64_sys_ioctl+0x6f/0xb0
[   42.276546][ T1729]  ? lockdep_hardirqs_on+0x379/0x580
[   42.281873][ T1729]  do_syscall_64+0xb7/0x580
[   42.287489][ T1729]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   42.293383][ T1729] RIP: 0033:0x444939
[   42.297281][ T1729] Code: e8 1c b5 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb d7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   42.317364][ T1729] RSP: 002b:00007fff9c013a08 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   42.325883][ T1729] RAX: ffffffffffffffda RBX: 00007fff9c013a10 RCX: 0000000000444939
[   42.333843][ T1729] RDX: 0000000000000000 RSI: 0000000080404804 RDI: 0000000000000004
[   42.342881][ T1729] RBP: 00000000006d0018 R08: 000000000000000b R09: 6c616b7a79732f2e
[   42.351173][ T1729] R10: 000000000000000f R11: 0000000000000246 R12: 0000000000402580
[   42.359151][ T1729] R13: 0000000000402610 R14: 0000000000000000 R15: 0000000000000000
[   42.368567][ T1729] Kernel Offset: disabled
[   42.373097][ T1729] Rebooting in 86400 seconds..