[ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.62' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 58.225758][ T2571] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 58.465665][ T2571] usb 1-1: Using ep0 maxpacket: 8 [ 58.585771][ T2571] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 58.597077][ T2571] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 58.608389][ T2571] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 58.619608][ T2571] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 58.630152][ T2571] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 58.795669][ T2571] usb 1-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice= 0.40 [ 58.804833][ T2571] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 58.813518][ T2571] usb 1-1: Product: syz [ 58.817878][ T2571] usb 1-1: Manufacturer: syz [ 58.822472][ T2571] usb 1-1: SerialNumber: syz [ 58.915716][ T2571] cdc_ether: probe of 1-1:1.0 failed with error -22 [ 59.075597][ C1] ================================================================== [ 59.083934][ C1] BUG: KASAN: slab-out-of-bounds in snd_usb_mixer_notify_id+0x219/0x2a0 [ 59.092340][ C1] Write of size 4 at addr ffff888095d78ce0 by task swapper/1/0 [ 59.099855][ C1] [ 59.102177][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.7.0-syzkaller #0 [ 59.109691][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.119729][ C1] Call Trace: [ 59.123022][ C1] [ 59.125856][ C1] dump_stack+0x188/0x20d [ 59.130174][ C1] ? snd_usb_mixer_notify_id+0x219/0x2a0 [ 59.135795][ C1] ? snd_usb_mixer_notify_id+0x219/0x2a0 [ 59.141406][ C1] print_address_description.constprop.0.cold+0xd3/0x413 [ 59.148409][ C1] ? vprintk_func+0x97/0x1a6 [ 59.152975][ C1] ? snd_usb_mixer_notify_id+0x219/0x2a0 [ 59.158677][ C1] kasan_report.cold+0x1f/0x37 [ 59.163429][ C1] ? snd_usb_mixer_notify_id+0x219/0x2a0 [ 59.169050][ C1] snd_usb_mixer_notify_id+0x219/0x2a0 [ 59.174484][ C1] snd_usb_mixer_interrupt+0x416/0x980 [ 59.179928][ C1] ? trace_hardirqs_off+0x50/0x220 [ 59.185015][ C1] __usb_hcd_giveback_urb+0x2af/0x4b0 [ 59.190361][ C1] usb_hcd_giveback_urb+0x368/0x420 [ 59.195548][ C1] dummy_timer+0x1243/0x2fe1 [ 59.200121][ C1] ? __lock_acquire+0x2224/0x48a0 [ 59.205129][ C1] ? debug_smp_processor_id+0x2f/0x185 [ 59.210564][ C1] ? dummy_dequeue+0x4c0/0x4c0 [ 59.215320][ C1] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 59.220839][ C1] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 59.226813][ C1] call_timer_fn+0x1ac/0x780 [ 59.231377][ C1] ? dummy_dequeue+0x4c0/0x4c0 [ 59.236134][ C1] ? timer_fixup_init+0x60/0x60 [ 59.240966][ C1] ? lock_downgrade+0x840/0x840 [ 59.245793][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 59.250965][ C1] ? lockdep_hardirqs_on_prepare+0x1bc/0x590 [ 59.256920][ C1] ? dummy_dequeue+0x4c0/0x4c0 [ 59.261662][ C1] run_timer_softirq+0x623/0x1600 [ 59.266671][ C1] ? add_timer+0x830/0x830 [ 59.271060][ C1] ? debug_smp_processor_id+0x2f/0x185 [