[ 9.044567][ T22] audit: type=1107 audit(1587928474.289:7): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='avc: denied { status } for auid=n/a uid=0 gid=0 path="/lib/systemd/system/systemd-timesyncd.service" cmdline="systemctl try-restart systemd-timesyncd.service" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=service [ 9.044567][ T22] exe="/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?' Starting Network Time Synchronization... [ OK ] Started Network Time Synchronization. [ OK ] Started Raise network interfaces. [ OK ] Reached target Network. Starting Permit User Sessions... Starting OpenBSD Secure Shell server... [ OK ] Started Permit User Sessions. [ OK ] Started OpenBSD Secure Shell server. Warning: Permanently added '10.128.0.233' (ECDSA) to the list of known hosts. executing program [* ] A start job is running for dev-ttyS0.device (8s / 1min 30s) [** ] A start job is running for dev-ttyS0.device (9s / 1min 30s) [*** ] A start job is running for dev-ttyS0.device (10s / 1min 30s) [ *** ] A start job is running for dev-ttyS0.device (10s / 1min 30s) [ *** ] A start job is running for dev-ttyS0.device (11s / 1min 30s) [ ***] A start job is running for dev-ttyS0.device (12s / 1min 30s)[ 18.224675][ T22] audit: type=1400 audit(1587928483.695:8): avc: denied { execmem } for pid=404 comm="syz-executor342" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ **] A start job is running for dev-ttyS0.device (12s / 1min 30s)[ 18.483653][ T115] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 18.571986][ T115] usb 1-1: Using ep0 maxpacket: 16 [ 18.690435][ T115] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 18.701313][ T115] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 18.711309][ T115] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 18.724094][ T115] usb 1-1: New USB device found, idVendor=05ac, idProduct=1440, bcdDevice= 0.00 [ 18.733123][ T115] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 18.741719][ T115] usb 1-1: config 0 descriptor?? [ *] A start job is running for dev-ttyS0.device (13s / 1min 30s)[ 19.214401][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.221451][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.230889][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.238542][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.246196][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.254018][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.261048][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.269306][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.277070][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.285178][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.292202][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.300372][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.307993][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.315776][ T115] appleir 0003:05AC:1440.0001: unknown main item tag 0x0 [ 19.324097][ T115] input: HID 05ac:1440 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:05AC:1440.0001/input/input4 [ 19.337553][ T115] appleir 0003:05AC:1440.0001: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:1440] on usb-dummy_hcd.0-1/input0 [ 19.411309][ T404] ================================================================== [ 19.419388][ T404] BUG: KASAN: slab-out-of-bounds in hiddev_ioctl_usage+0x1764/0x1830 [ 19.427443][ T404] Write of size 4 at addr ffff8881cd9eca58 by task syz-executor342/404 [ 19.435639][ T404] [ 19.437939][ T404] CPU: 1 PID: 404 Comm: syz-executor342 Not tainted 5.4.35-syzkaller-00685-gab5026515199 #0 [ 19.447977][ T404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 19.458015][ T404] Call Trace: [ 19.461323][ T404] dump_stack+0x14a/0x1ce [ 19.465635][ T404] ? show_regs_print_info+0x12/0x12 [ 19.470850][ T404] ? printk+0xd2/0x114 [ 19.474889][ T404] print_address_description+0x93/0x620 [ 19.480436][ T404] __kasan_report+0x16d/0x1e0 [ 19.485106][ T404] ? hiddev_ioctl_usage+0x1764/0x1830 [ 19.490445][ T404] kasan_report+0x34/0x60 [ 19.494745][ T404] hiddev_ioctl_usage+0x1764/0x1830 [ 19.499925][ T404] ? usbhid_init_reports+0x28d/0x2a0 [ 19.505191][ T404] hiddev_ioctl+0x7a7/0x29a0 [ 19.509771][ T404] ? hiddev_poll+0x1c0/0x1c0 [ 19.514344][ T404] ? hiddev_poll+0x1c0/0x1c0 [ 19.518933][ T404] do_vfs_ioctl+0x770/0x1750 [ 19.523491][ T404] ? selinux_file_ioctl+0x73b/0x990 [ 19.528669][ T404] ? ioctl_preallocate+0x250/0x250 [ 19.533765][ T404] ? kmem_cache_free+0xac/0x600 [ 19.538588][ T404] ? __fd_install+0x113/0x260 [ 19.543243][ T404] ? do_sys_open+0x642/0x7d0 [ 19.547804][ T404] ? file_open_root+0x450/0x450 [ 19.552649][ T404] ? __fpregs_load_activate+0x2d3/0x390 [ 19.558164][ T404] ? security_file_ioctl+0xad/0xc0 [ 19.563241][ T404] __x64_sys_ioctl+0xd4/0x110 [ 19.567886][ T404] do_syscall_64+0xcb/0x150 [ 19.572360][ T404] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 19.578235][ T404] RIP: 0033:0x444d19 [ 19.582098][ T404] Code: e8 bc af 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b d8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 19.601685][ T404] RSP: 002b:00007ffcf633aef8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 19.610063][ T404] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 0000000000444d19 [ 19.618002][ T404] RDX: 0000000020000000 RSI: 000000004018480c RDI: 0000000000000004 [ 19.625942][ T404] RBP: 00000000006cf018 R08: 9188084ba2bfac07 R09: 00000000004002e0 [ 19.633899][ T404] R10: 000000000000000f R11: 0000000000000246 R12: 00000000004029c0 [ 19.641941][ T404] R13: 0000000000402a50 R14: 0000000000000000 R15: 0000000000000000 [ 19.650023][ T404] [ 19.652337][ T404] The buggy address belongs to the page: [ 19.657941][ T404] page:ffffea0007367800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 compound_mapcount: 0 [ 19.668850][ T404] flags: 0x8000000000010000(head) [ 19.673846][ T404] raw: 8000000000010000 dead000000000100 dead000000000122 0000000000000000 [ 19.682408][ T404] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.690956][ T404] page dumped because: kasan: bad access detected [ 19.697338][ T404] [ 19.699643][ T404] Memory state around the buggy address: [ 19.705262][ T404] ffff8881cd9ec900: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.713296][ T404] ffff8881cd9ec980: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.721413][ T404] >ffff8881cd9eca00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.729438][ T404] ^ [ 19.736335][ T404] ffff8881cd9eca80: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.744372][ T404] ffff8881cd9ecb00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.752411][ T404] ================================================================== [ 19.760439][ T404] Disab