INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.1.55' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   37.936995][   T12] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   38.337020][   T12] usb 1-1: unable to get BOS descriptor or descriptor too short
[   38.417048][   T12] usb 1-1: config 0 has an invalid interface number: 223 but max is 0
[   38.425461][   T12] usb 1-1: config 0 has an invalid interface descriptor of length 2, skipping
[   38.434448][   T12] usb 1-1: config 0 has no interface number 0
[   38.441265][   T12] usb 1-1: config 0 interface 223 altsetting 1 has an invalid endpoint with address 0x0, skipping
[   38.451970][   T12] usb 1-1: config 0 interface 223 altsetting 1 endpoint 0xB has an invalid bInterval 0, changing to 7
[   38.463099][   T12] usb 1-1: config 0 interface 223 has no altsetting 0
[   38.707024][   T12] usb 1-1: string descriptor 0 read error: -22
[   38.713324][   T12] usb 1-1: New USB device found, idVendor=07b0, idProduct=0007, bcdDevice= 2.aa
[   38.722526][   T12] usb 1-1: New USB device strings: Mfr=115, Product=64, SerialNumber=5
[   38.732212][   T12] usb 1-1: config 0 descriptor??
[   38.779568][   T12] ==================================================================
[   38.787797][   T12] BUG: KASAN: stack-out-of-bounds in hfcsusb_probe.cold+0x1a46/0x2682
[   38.796065][   T12] Read of size 4 at addr ffff8881d9e0f250 by task kworker/0:1/12
[   38.804069][   T12] 
[   38.806393][   T12] CPU: 0 PID: 12 Comm: kworker/0:1 Not tainted 5.2.0-rc6+ #14
[   38.813979][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   38.824383][   T12] Workqueue: usb_hub_wq hub_event
[   38.829615][   T12] Call Trace:
[   38.832913][   T12]  dump_stack+0xca/0x13e
[   38.837164][   T12]  ? hfcsusb_probe.cold+0x1a46/0x2682
[   38.842849][   T12]  ? hfcsusb_probe.cold+0x1a46/0x2682
[   38.848285][   T12]  print_address_description+0x67/0x231
[   38.854015][   T12]  ? hfcsusb_probe.cold+0x1a46/0x2682
[   38.859391][   T12]  ? hfcsusb_probe.cold+0x1a46/0x2682
[   38.864761][   T12]  __kasan_report.cold+0x1a/0x32
[   38.869699][   T12]  ? hfcsusb_probe.cold+0x1a46/0x2682
[   38.875067][   T12]  kasan_report+0xe/0x20
[   38.879343][   T12]  hfcsusb_probe.cold+0x1a46/0x2682
[   38.885049][   T12]  ? handle_led+0x730/0x730
[   38.890410][   T12]  ? __pm_runtime_set_status+0x5d5/0xa10
[   38.896593][   T12]  usb_probe_interface+0x305/0x7a0
[   38.901687][   T12]  ? usb_probe_device+0x100/0x100
[   38.906701][   T12]  really_probe+0x281/0x660
[   38.911233][   T12]  driver_probe_device+0x104/0x210
[   38.916351][   T12]  __device_attach_driver+0x1c2/0x220
[   38.921715][   T12]  ? driver_allows_async_probing+0x160/0x160
[   38.928072][   T12]  bus_for_each_drv+0x15c/0x1e0
[   38.932913][   T12]  ? bus_rescan_devices+0x20/0x20
[   38.937924][   T12]  ? _raw_spin_unlock_irqrestore+0x3e/0x50
[   38.943990][   T12]  ? lockdep_hardirqs_on+0x379/0x580
[   38.949538][   T12]  __device_attach+0x217/0x360
[   38.954322][   T12]  ? device_bind_driver+0xd0/0xd0
[   38.959392][   T12]  ? kobject_uevent_env+0x29e/0x1150
[   38.964773][   T12]  ? kobject_uevent_env+0x2a8/0x1150
[   38.970068][   T12]  bus_probe_device+0x1e4/0x290
[   38.975279][   T12]  ? blocking_notifier_call_chain+0x54/0xa0
[   38.981181][   T12]  device_add+0xae6/0x16f0
[   38.985621][   T12]  ? uevent_store+0x50/0x50
[   38.990138][   T12]  usb_set_configuration+0xdf6/0x1670
[   38.995529][   T12]  generic_probe+0x9d/0xd5
[   38.999992][   T12]  usb_probe_device+0x99/0x100
[   39.004786][   T12]  ? usb_suspend+0x620/0x620
[   39.009400][   T12]  really_probe+0x281/0x660
[   39.013953][   T12]  driver_probe_device+0x104/0x210
[   39.020124][   T12]  __device_attach_driver+0x1c2/0x220
[   39.025515][   T12]  ? driver_allows_async_probing+0x160/0x160
[   39.031504][   T12]  bus_for_each_drv+0x15c/0x1e0
[   39.036378][   T12]  ? bus_rescan_devices+0x20/0x20
[   39.041416][   T12]  ? _raw_spin_unlock_irqrestore+0x3e/0x50
[   39.047240][   T12]  ? lockdep_hardirqs_on+0x379/0x580
[   39.052548][   T12]  __device_attach+0x217/0x360
[   39.057325][   T12]  ? device_bind_driver+0xd0/0xd0
[   39.062380][   T12]  ? kobject_uevent_env+0x29e/0x1150
[   39.067671][   T12]  ? kobject_uevent_env+0x2a8/0x1150
[   39.072981][   T12]  bus_probe_device+0x1e4/0x290
[   39.077836][   T12]  ? blocking_notifier_call_chain+0x54/0xa0
[   39.083812][   T12]  device_add+0xae6/0x16f0
[   39.088224][   T12]  ? uevent_store+0x50/0x50
[   39.092813][   T12]  usb_new_device.cold+0x8c1/0x1016
[   39.098007][   T12]  ? usb_port_suspend+0xa40/0xa40
[   39.103057][   T12]  ? mark_held_locks+0x9f/0xe0
[   39.107882][   T12]  ? _raw_spin_unlock_irq+0x24/0x30
[   39.113072][   T12]  hub_event+0x1b3d/0x35f0
[   39.117484][   T12]  ? hub_port_debounce+0x260/0x260
[   39.122617][   T12]  process_one_work+0x905/0x1570
[   39.127568][   T12]  ? pwq_dec_nr_in_flight+0x310/0x310
[   39.133044][   T12]  ? do_raw_spin_lock+0x11a/0x280
[   39.138074][   T12]  worker_thread+0x96/0xe20
[   39.142575][   T12]  ? process_one_work+0x1570/0x1570
[   39.147768][   T12]  kthread+0x30b/0x410
[   39.151831][   T12]  ? kthread_park+0x1a0/0x1a0
[   39.156507][   T12]  ret_from_fork+0x24/0x30
[   39.160906][   T12] 
[   39.163219][   T12] The buggy address belongs to the page:
[   39.168841][   T12] page:ffffea00076783c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0
[   39.177936][   T12] flags: 0x200000000000000()
[   39.182521][   T12] raw: 0200000000000000 ffffea00076783c8 ffffea00076783c8 0000000000000000
[   39.191102][   T12] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   39.199695][   T12] page dumped because: kasan: bad access detected
[   39.206092][   T12] 
[   39.208410][   T12] Memory state around the buggy address:
[   39.214032][   T12]  ffff8881d9e0f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   39.222092][   T12]  ffff8881d9e0f180: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2
[   39.230152][   T12] >ffff8881d9e0f200: 00 00 00 00 00 00 00 00 f3 f3 f3 f3 00 00 00 00
[   39.238212][   T12]                                                  ^
[   39.244901][   T12]  ffff8881d9e0f280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   39.252979][   T12]  ffff8881d9e0f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   39.261044][   T12] ==================================================================
[   39.269105][   T12] Disabling lock debugging due to kernel taint
[   39.275386][   T12] Kernel panic - not syncing: panic_on_warn set ...
[