[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.239' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 58.546786][ T3839] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 58.786692][ T3839] usb 1-1: Using ep0 maxpacket: 8 [ 58.906899][ T3839] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 58.917998][ T3839] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 58.928990][ T3839] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 58.939490][ T3839] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 58.949860][ T3839] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 59.116712][ T3839] usb 1-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice= 0.40 [ 59.125762][ T3839] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 59.134666][ T3839] usb 1-1: Product: syz [ 59.139391][ T3839] usb 1-1: Manufacturer: syz [ 59.143971][ T3839] usb 1-1: SerialNumber: syz [ 59.226737][ T3839] cdc_ether: probe of 1-1:1.0 failed with error -22 [ 59.406683][ C0] ================================================================== [ 59.414958][ C0] BUG: KASAN: slab-out-of-bounds in snd_usb_mixer_notify_id+0x219/0x2a0 [ 59.423285][ C0] Write of size 4 at addr ffff8880a910fd60 by task swapper/0/0 [ 59.430855][ C0] [ 59.433215][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.7.0-rc7-next-20200529-syzkaller #0 [ 59.442315][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.452370][ C0] Call Trace: [ 59.455644][ C0] dump_stack+0x18f/0x20d [ 59.460000][ C0] ? snd_usb_mixer_notify_id+0x219/0x2a0 [ 59.465628][ C0] ? snd_usb_mixer_notify_id+0x219/0x2a0 [ 59.471248][ C0] print_address_description.constprop.0.cold+0xd3/0x413 [ 59.478253][ C0] ? vprintk_func+0x97/0x1a6 [ 59.482829][ C0] ? snd_usb_mixer_notify_id+0x219/0x2a0 [ 59.488442][ C0] kasan_report.cold+0x1f/0x37 [ 59.493202][ C0] ? snd_usb_mixer_notify_id+0x219/0x2a0 [ 59.498824][ C0] snd_usb_mixer_notify_id+0x219/0x2a0 [ 59.504278][ C0] snd_usb_mixer_interrupt+0x416/0x980 [ 59.509736][ C0] ? trace_hardirqs_off+0x50/0x210 [ 59.514830][ C0] __usb_hcd_giveback_urb+0x2af/0x4b0 [ 59.520195][ C0] usb_hcd_giveback_urb+0x368/0x420 [ 59.525388][ C0] dummy_timer+0x1246/0x2fe4 [ 59.529967][ C0] ? __lock_acquire+0x2224/0x48b0 [ 59.534982][ C0] ? dummy_dequeue+0x4c0/0x4c0 [ 59.539744][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 59.545281][ C0] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 59.551276][ C0] call_timer_fn+0x1ac/0x760 [ 59.555849][ C0] ? dummy_dequeue+0x4c0/0x4c0 [ 59.560602][ C0] ? msleep_interruptible+0x130/0x130 [ 59.565967][ C0] ? lock_downgrade+0x840/0x840 [ 59.570822][ C0] ? _raw_spin_unlock_irq+0x1f/0x80 [ 59.576017][ C0] ? lockdep_hardirqs_on_prepare+0x1bc/0x590 [ 59.581974][ C0] ? dummy_dequeue+0x4c0/0x4c0 [ 59.586726][ C0] run_timer_softirq+0x60f/0x15d0 [ 59.591734][ C0] ? add_timer+0x830/0x830 [ 59.596132][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 59.601742][ C0] ? rcu_read_lock_any_held.part.0+0x50/0x50