[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   69.722048][   T30] audit: type=1800 audit(1563383600.770:25): pid=11546 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   69.744381][   T30] audit: type=1800 audit(1563383600.790:26): pid=11546 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   69.783782][   T30] audit: type=1800 audit(1563383600.820:27): pid=11546 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.197' (ECDSA) to the list of known hosts.
2019/07/17 17:13:34 fuzzer started
2019/07/17 17:13:39 dialing manager at 10.128.0.26:43379
2019/07/17 17:13:39 syscalls: 2350
2019/07/17 17:13:39 code coverage: enabled
2019/07/17 17:13:39 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2019/07/17 17:13:39 extra coverage: enabled
2019/07/17 17:13:39 setuid sandbox: enabled
2019/07/17 17:13:39 namespace sandbox: enabled
2019/07/17 17:13:39 Android sandbox: /sys/fs/selinux/policy does not exist
2019/07/17 17:13:39 fault injection: enabled
2019/07/17 17:13:39 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/07/17 17:13:39 net packet injection: enabled
2019/07/17 17:13:39 net device setup: enabled
17:15:16 executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xe, 0x4, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, [0x2, 0x0, 0x0, 0x2000000]}, 0x3c)

syzkaller login: [  185.663035][T11709] IPVS: ftp: loaded support on port[0] = 21
[  185.794493][T11709] chnl_net:caif_netlink_parms(): no params data found
[  185.848211][T11709] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.855557][T11709] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.864283][T11709] device bridge_slave_0 entered promiscuous mode
[  185.874088][T11709] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.881260][T11709] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.889969][T11709] device bridge_slave_1 entered promiscuous mode
[  185.920077][T11709] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  185.931652][T11709] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  185.962965][T11709] team0: Port device team_slave_0 added
[  185.972240][T11709] team0: Port device team_slave_1 added
[  186.045048][T11709] device hsr_slave_0 entered promiscuous mode
[  186.111936][T11709] device hsr_slave_1 entered promiscuous mode
[  186.180862][T11709] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.188131][T11709] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.195912][T11709] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.203118][T11709] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.273156][T11709] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.290993][   T53] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  186.303286][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.313625][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.324749][   T53] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  186.345424][T11709] 8021q: adding VLAN 0 to HW filter on device team0
[  186.363029][   T53] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  186.371928][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.379069][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.431406][   T53] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  186.440386][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.447603][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.458394][   T53] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  186.468108][   T53] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  186.477491][   T53] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  186.486343][   T53] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  186.497756][T11709] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  186.506288][T11711] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  186.553423][T11709] 8021q: adding VLAN 0 to HW filter on device batadv0
17:15:17 executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000079187808950b2a77cd55000000010902120000000000000904770000772d3500"], 0x0)
syz_usb_control_io(r0, &(0x7f0000000900)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000c40)={0xa4, &(0x7f0000000940)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, &(0x7f0000000040)={0xffffffffffffff7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000000c0)={0xa4, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, &(0x7f0000000800)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000001140)={0xa4, &(0x7f0000000180)=ANY=[@ANYBLOB="3800c6000000de"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

[  186.991860][ T3088] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  187.242009][ T3088] usb 1-1: Using ep0 maxpacket: 8
[  187.362079][ T3088] usb 1-1: config 0 has an invalid interface number: 119 but max is -1
[  187.370470][ T3088] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  187.379576][ T3088] usb 1-1: config 0 has no interface number 0
[  187.385798][ T3088] usb 1-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=55.cd
[  187.394938][ T3088] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.404925][ T3088] usb 1-1: config 0 descriptor??
[  187.652185][ T3088] ==================================================================
[  187.660292][ T3088] BUG: KMSAN: uninit-value in ax88772_bind+0x93d/0x11e0
[  187.667239][ T3088] CPU: 0 PID: 3088 Comm: kworker/0:2 Not tainted 5.2.0+ #15
[  187.674509][ T3088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  187.684578][ T3088] Workqueue: usb_hub_wq hub_event
[  187.689594][ T3088] Call Trace:
[  187.692904][ T3088]  dump_stack+0x191/0x1f0
[  187.697254][ T3088]  kmsan_report+0x162/0x2d0
[  187.701766][ T3088]  __msan_warning+0x75/0xe0
[  187.706290][ T3088]  ax88772_bind+0x93d/0x11e0
[  187.710893][ T3088]  ? ax88178_change_mtu+0x650/0x650
[  187.716110][ T3088]  usbnet_probe+0x10d3/0x3950
[  187.720813][ T3088]  ? kmsan_internal_memset_shadow+0x104/0x3a0
[  187.726898][ T3088]  ? usbnet_disconnect+0x660/0x660
[  187.732016][ T3088]  usb_probe_interface+0xd19/0x1310
[  187.737228][ T3088]  ? usb_register_driver+0x7d0/0x7d0
[  187.742515][ T3088]  really_probe+0x1344/0x1d90
[  187.747209][ T3088]  driver_probe_device+0x1ba/0x510
[  187.752330][ T3088]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  187.758231][ T3088]  __device_attach_driver+0x5b8/0x790
[  187.763613][ T3088]  bus_for_each_drv+0x28e/0x3b0
[  187.768466][ T3088]  ? deferred_probe_work_func+0x400/0x400
[  187.774219][ T3088]  __device_attach+0x489/0x750
[  187.778998][ T3088]  device_initial_probe+0x4a/0x60
[  187.784028][ T3088]  bus_probe_device+0x131/0x390
[  187.788901][ T3088]  device_add+0x25b5/0x2df0
[  187.793512][ T3088]  usb_set_configuration+0x309f/0x3710
[  187.799006][ T3088]  ? __msan_metadata_ptr_for_load_1+0x10/0x20
[  187.805094][ T3088]  generic_probe+0xe7/0x280
[  187.809603][ T3088]  ? usb_choose_configuration+0xae0/0xae0
[  187.815323][ T3088]  usb_probe_device+0x146/0x200
[  187.820175][ T3088]  ? usb_register_device_driver+0x470/0x470
[  187.826072][ T3088]  really_probe+0x1344/0x1d90
[  187.830767][ T3088]  driver_probe_device+0x1ba/0x510
[  187.836383][ T3088]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  187.842286][ T3088]  __device_attach_driver+0x5b8/0x790
[  187.847672][ T3088]  bus_for_each_drv+0x28e/0x3b0
[  187.852523][ T3088]  ? deferred_probe_work_func+0x400/0x400
[  187.858254][ T3088]  __device_attach+0x489/0x750
[  187.863026][ T3088]  device_initial_probe+0x4a/0x60
[  187.868052][ T3088]  bus_probe_device+0x131/0x390
[  187.872924][ T3088]  device_add+0x25b5/0x2df0
[  187.877441][ T3088]  usb_new_device+0x23e5/0x2fb0
[  187.882312][ T3088]  hub_event+0x5853/0x7320
[  187.886772][ T3088]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  187.892664][ T3088]  ? led_work+0x720/0x720
[  187.896988][ T3088]  ? led_work+0x720/0x720
[  187.901310][ T3088]  process_one_work+0x1572/0x1f00
[  187.906341][ T3088]  worker_thread+0x111b/0x2460
[  187.911140][ T3088]  kthread+0x4b5/0x4f0
[  187.915218][ T3088]  ? process_one_work+0x1f00/0x1f00
[  187.920419][ T3088]  ? kthread_blkcg+0xf0/0xf0
[  187.925039][ T3088]  ret_from_fork+0x35/0x40
[  187.929455][ T3088] 
[  187.931779][ T3088] Local variable description: ----buf@ax88772_bind
[  187.938266][ T3088] Variable was created at:
[  187.942678][ T3088]  ax88772_bind+0x5f/0x11e0
[  187.947260][ T3088]  usbnet_probe+0x10d3/0x3950
[  187.951925][ T3088] ==================================================================
[  187.959972][ T3088] Disabling lock debugging due to kernel taint
[  187.966115][ T3088] Kernel panic - not syncing: panic_on_warn set ...
[  187.972715][ T3088] CPU: 0 PID: 3088 Comm: kworker/0:2 Tainted: G    B             5.2.0+ #15
[  187.981375][ T3088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  187.991432][ T3088] Workqueue: usb_hub_wq hub_event
[  187.996449][ T3088] Call Trace:
[  187.999746][ T3088]  dump_stack+0x191/0x1f0
[  188.004097][ T3088]  panic+0x3c9/0xc1e
[  188.008017][ T3088]  kmsan_report+0x2ca/0x2d0
[  188.012618][ T3088]  __msan_warning+0x75/0xe0
[  188.017148][ T3088]  ax88772_bind+0x93d/0x11e0
[  188.021756][ T3088]  ? ax88178_change_mtu+0x650/0x650
[  188.026965][ T3088]  usbnet_probe+0x10d3/0x3950
[  188.031650][ T3088]  ? kmsan_internal_memset_shadow+0x104/0x3a0
[  188.037733][ T3088]  ? usbnet_disconnect+0x660/0x660
[  188.042845][ T3088]  usb_probe_interface+0xd19/0x1310
[  188.048056][ T3088]  ? usb_register_driver+0x7d0/0x7d0
[  188.053340][ T3088]  really_probe+0x1344/0x1d90
[  188.058027][ T3088]  driver_probe_device+0x1ba/0x510
[  188.063171][ T3088]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  188.069070][ T3088]  __device_attach_driver+0x5b8/0x790
[  188.074453][ T3088]  bus_for_each_drv+0x28e/0x3b0
[  188.079318][ T3088]  ? deferred_probe_work_func+0x400/0x400
[  188.085042][ T3088]  __device_attach+0x489/0x750
[  188.089819][ T3088]  device_initial_probe+0x4a/0x60
[  188.094857][ T3088]  bus_probe_device+0x131/0x390
[  188.099721][ T3088]  device_add+0x25b5/0x2df0
[  188.104262][ T3088]  usb_set_configuration+0x309f/0x3710
[  188.109747][ T3088]  ? __msan_metadata_ptr_for_load_1+0x10/0x20
[  188.115830][ T3088]  generic_probe+0xe7/0x280
[  188.120332][ T3088]  ? usb_choose_configuration+0xae0/0xae0
[  188.126053][ T3088]  usb_probe_device+0x146/0x200
[  188.130916][ T3088]  ? usb_register_device_driver+0x470/0x470
[  188.136813][ T3088]  really_probe+0x1344/0x1d90
[  188.141501][ T3088]  driver_probe_device+0x1ba/0x510
[  188.146610][ T3088]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  188.152509][ T3088]  __device_attach_driver+0x5b8/0x790
[  188.157897][ T3088]  bus_for_each_drv+0x28e/0x3b0
[  188.162749][ T3088]  ? deferred_probe_work_func+0x400/0x400
[  188.168471][ T3088]  __device_attach+0x489/0x750
[  188.173242][ T3088]  device_initial_probe+0x4a/0x60
[  188.178285][ T3088]  bus_probe_device+0x131/0x390
[  188.183145][ T3088]  device_add+0x25b5/0x2df0
[  188.187683][ T3088]  usb_new_device+0x23e5/0x2fb0
[  188.192559][ T3088]  hub_event+0x5853/0x7320
[  188.197029][ T3088]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  188.202920][ T3088]  ? led_work+0x720/0x720
[  188.207241][ T3088]  ? led_work+0x720/0x720
[  188.211574][ T3088]  process_one_work+0x1572/0x1f00
[  188.216634][ T3088]  worker_thread+0x111b/0x2460
[  188.221429][ T3088]  kthread+0x4b5/0x4f0
[  188.225520][ T3088]  ? process_one_work+0x1f00/0x1f00
[  188.230723][ T3088]  ? kthread_blkcg+0xf0/0xf0
[  188.235313][ T3088]  ret_from_fork+0x35/0x40
[  188.241055][ T3088] Kernel Offset: disabled
[  188.245379][ T3088] Rebooting in 86400 seconds..