Pseudo-terminal will not be allocated because stdin is not a terminal.
Warning: Permanently added 'ci-android-49-kasan-gce-0,10.128.0.8' (ECDSA) to the list of known hosts.
Warning: Permanently added '[ssh-serialport.googleapis.com]:9600,[216.239.38.127]:9600' (RSA) to the list of known hosts.
2017/07/22 06:29:11 parsed 1 programs
2017/07/22 06:29:11 executed programs: 0
serialport: Connected to syzkaller.us-central1-c.ci-android-49-kasan-gce-0 port 1 (session ID: 13e25806464bd42221265c0553c9833c444c739c8f85bea75c47fe8e45192732, active connections: 1).
INIT: Entering runlevel: 2

[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   39.917495] ==================================================================
[   39.918652] BUG: KASAN: slab-out-of-bounds in keychord_write+0x78e/0x7d0 at addr ffff8801cc3bc6ce
[   39.919956] Read of size 2 by task syz-executor0/3367
[   39.920752] CPU: 0 PID: 3367 Comm: syz-executor0 Not tainted 4.9.39-g5b07c2d #4
[   39.921860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   39.923246]  ffff8801ce0e7b70 ffffffff81eacd59 ffff8801dac01b40 ffff8801cc3bc6c0
[   39.924524]  ffff8801cc3bc6d0 ffffed00398778d9 ffff8801cc3bc6ce ffff8801ce0e7b98
[   39.925814]  ffffffff81546bfc ffffed00398778d9 ffff8801dac01b40 0000000000000000
[   39.927038] Call Trace:
[   39.927467]  [<ffffffff81eacd59>] dump_stack+0xc1/0x128
[   39.928178]  [<ffffffff81546bfc>] kasan_object_err+0x1c/0x70
[   39.929191]  [<ffffffff81546ead>] kasan_report.part.1+0x20d/0x4e0
[   39.930025]  [<ffffffff82b4975e>] ? keychord_write+0x78e/0x7d0
[   39.930891]  [<ffffffff82b49120>] ? keychord_write+0x150/0x7d0
[   39.931677]  [<ffffffff81283133>] ? rcu_read_lock_sched_held+0x103/0x120
[   39.932596]  [<ffffffff815471d9>] __asan_report_load2_noabort+0x29/0x30
[   39.933524]  [<ffffffff82b4975e>] keychord_write+0x78e/0x7d0
[   39.934339]  [<ffffffff82b48fd0>] ? keychord_read+0x4f0/0x4f0
[   39.935200]  [<ffffffff81572d6b>] __vfs_write+0xfb/0x660
[   39.935987]  [<ffffffff8155340d>] ? do_huge_pmd_anonymous_page+0x2ed/0xfd0
[   39.936962]  [<ffffffff81572c70>] ? default_llseek+0x290/0x290
[   39.939046]  [<ffffffff814c9be6>] ? handle_mm_fault+0x6e6/0x2400
[   39.945152]  [<ffffffff812377db>] ? trace_hardirqs_on_caller+0x38b/0x590
[   39.951953]  [<ffffffff81282f37>] ? debug_lockdep_rcu_enabled+0x77/0x90
[   39.958668]  [<ffffffff81d7beff>] ? common_file_perm+0x14f/0x390
[   39.964775]  [<ffffffff81d7c3a2>] ? apparmor_file_permission+0x22/0x30
[   39.971405]  [<ffffffff81cf8459>] ? security_file_permission+0x89/0x1e0
[   39.978121]  [<ffffffff81576785>] ? rw_verify_area+0xe5/0x2b0
[   39.983967]  [<ffffffff81576df0>] vfs_write+0x170/0x4e0
[   39.989304]  [<ffffffff8157a724>] SyS_write+0xd4/0x1a0
[   39.994540]  [<ffffffff8157a650>] ? SyS_read+0x1a0/0x1a0
[   39.999952]  [<ffffffff812377db>] ? trace_hardirqs_on_caller+0x38b/0x590
[   40.006765]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[   40.013314]  [<ffffffff839658c5>] entry_SYSCALL_64_fastpath+0x23/0xc6
[   40.019860] Object at ffff8801cc3bc6c0, in cache kmalloc-16 size: 16
[   40.026311] Allocated:
[   40.028768] PID = 3367
[   40.031231]  save_stack_trace+0x16/0x20
[   40.035178]  save_stack+0x43/0xd0
[   40.038638]  kasan_kmalloc+0xad/0xe0
[   40.042314]  __kmalloc+0x128/0x320
[   40.045817]  keychord_write+0x6d/0x7d0
[   40.049668]  __vfs_write+0xfb/0x660
[   40.053255]  vfs_write+0x170/0x4e0
[   40.056755]  SyS_write+0xd4/0x1a0
[   40.060172]  entry_SYSCALL_64_fastpath+0x23/0xc6
[   40.064885] Freed:
[   40.066994] PID = 1884
[   40.069454]  save_stack_trace+0x16/0x20
[   40.073394]  save_stack+0x43/0xd0
[   40.076808]  kasan_slab_free+0x73/0xc0
[   40.080657]  kfree+0xf0/0x2f0
[   40.083724]  vfs_rename2+0x4f7/0x1800
[   40.087486]  SyS_rename+0x677/0x7b0
[   40.091079]  entry_SYSCALL_64_fastpath+0x23/0xc6
[   40.095792] Memory state around the buggy address:
[   40.100684]  ffff8801cc3bc580: fb fb fc fc fb fb fc fc fb fb fc fc fb fb fc fc
[   40.108005]  ffff8801cc3bc600: fb fb fc fc 00 00 fc fc fb fb fc fc fb fb fc fc
[   40.115327] >ffff8801cc3bc680: f