[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 87.784556][ T32] audit: type=1800 audit(1572341014.849:25): pid=12677 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 87.821982][ T32] audit: type=1800 audit(1572341014.869:26): pid=12677 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 87.842609][ T32] audit: type=1800 audit(1572341014.879:27): pid=12677 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.38' (ECDSA) to the list of known hosts. syzkaller login: [ 361.482539][T12829] IPVS: ftp: loaded support on port[0] = 21 [ 361.562973][T12829] chnl_net:caif_netlink_parms(): no params data found [ 361.597513][T12829] bridge0: port 1(bridge_slave_0) entered blocking state [ 361.604703][T12829] bridge0: port 1(bridge_slave_0) entered disabled state [ 361.613531][T12829] device bridge_slave_0 entered promiscuous mode [ 361.621690][T12829] bridge0: port 2(bridge_slave_1) entered blocking state [ 361.629027][T12829] bridge0: port 2(bridge_slave_1) entered disabled state [ 361.637463][T12829] device bridge_slave_1 entered promiscuous mode [ 361.658566][T12829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 361.669843][T12829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 361.692495][T12829] team0: Port device team_slave_0 added [ 361.700286][T12829] team0: Port device team_slave_1 added [ 361.754910][T12829] device hsr_slave_0 entered promiscuous mode [ 361.802361][T12829] device hsr_slave_1 entered promiscuous mode [ 361.929536][T12829] bridge0: port 2(bridge_slave_1) entered blocking state [ 361.936859][T12829] bridge0: port 2(bridge_slave_1) entered forwarding state [ 361.944692][T12829] bridge0: port 1(bridge_slave_0) entered blocking state [ 361.951981][T12829] bridge0: port 1(bridge_slave_0) entered forwarding state [ 362.077822][T12829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 362.124553][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 362.143778][ T3605] bridge0: port 1(bridge_slave_0) entered disabled state [ 362.182963][ T3605] bridge0: port 2(bridge_slave_1) entered disabled state [ 362.195776][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 362.229860][T12829] 8021q: adding VLAN 0 to HW filter on device team0 [ 362.271562][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 362.281943][ T3605] bridge0: port 1(bridge_slave_0) entered blocking state [ 362.289172][ T3605] bridge0: port 1(bridge_slave_0) entered forwarding state [ 362.367647][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 362.377233][ T3605] bridge0: port 2(bridge_slave_1) entered blocking state [ 362.384519][ T3605] bridge0: port 2(bridge_slave_1) entered forwarding state [ 362.395004][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 362.405318][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 362.415146][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 362.434408][T12829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 362.447628][T12829] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 362.514984][T12829] 8021q: adding VLAN 0 to HW filter on device batadv0 executing program [ 362.565869][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 362.574991][ T3605] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 362.882362][ T3605] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 363.242075][ T3605] usb 1-1: config 0 has an invalid interface number: 206 but max is 0 [ 363.250302][ T3605] usb 1-1: config 0 has no interface number 0 [ 363.256668][ T3605] usb 1-1: New USB device found, idVendor=0411, idProduct=0012, bcdDevice=56.5f [ 363.265822][ T3605] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 363.275287][ T3605] usb 1-1: config 0 descriptor?? [ 363.978457][ T3605] rtl8150 1-1:0.206: eth5: rtl8150 is detected [ 363.987585][ T3605] usb 1-1: USB disconnect, device number 2 [ 364.053197][T12812] ===================================================== [ 364.060288][T12812] BUG: KMSAN: uninit-value in hex_string+0x7d8/0x8d0 [ 364.066950][T12812] CPU: 0 PID: 12812 Comm: udevd Not tainted 5.4.0-rc5+ #0 [ 364.074034][T12812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.084068][T12812] Call Trace: [ 364.087360][T12812] dump_stack+0x191/0x1f0 [ 364.091676][T12812] kmsan_report+0x128/0x220 [ 364.096192][T12812] __msan_warning+0x73/0xe0 [ 364.100677][T12812] hex_string+0x7d8/0x8d0 [ 364.104991][T12812] pointer+0xbfe/0x1d10 [ 364.109133][T12812] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 364.115003][T12812] vsnprintf+0x1c0c/0x3210 [ 364.119454][T12812] scnprintf+0x235/0x300 [ 364.123690][T12812] ? kmsan_internal_unpoison_shadow+0x42/0x80 [ 364.129803][T12812] sysfs_format_mac+0xde/0x100 [ 364.134576][T12812] address_show+0x159/0x1d0 [ 364.139072][T12812] ? link_mode_show+0x1a0/0x1a0 [ 364.144032][T12812] dev_attr_show+0xd8/0x1e0 [ 364.148562][T12812] sysfs_kf_seq_show+0x434/0x7b0 [ 364.153495][T12812] ? sysfs_kf_write+0x2a0/0x2a0 [ 364.158364][T12812] kernfs_seq_show+0x164/0x1e0 [ 364.163111][T12812] ? kernfs_seq_next+0x3e0/0x3e0 [ 364.168039][T12812] seq_read+0xac6/0x1d90 [ 364.172278][T12812] kernfs_fop_read+0x2c3/0x9a0 [ 364.177049][T12812] ? kernfs_notify_workfn+0x960/0x960 [ 364.182427][T12812] __vfs_read+0x1a9/0xc90 [ 364.186764][T12812] ? rw_verify_area+0x3a5/0x5e0 [ 364.191611][T12812] vfs_read+0x359/0x6f0 [ 364.195755][T12812] ksys_read+0x265/0x430 [ 364.199981][T12812] __se_sys_read+0x92/0xb0 [ 364.204388][T12812] __x64_sys_read+0x4a/0x70 [ 364.208874][T12812] do_syscall_64+0xb6/0x160 [ 364.213409][T12812] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 364.219278][T12812] RIP: 0033:0x7f8c6d262310 [ 364.223673][T12812] Code: 73 01 c3 48 8b 0d 28 4b 2b 00 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 83 3d e5 a2 2b 00 00 75 10 b8 00 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e 8a 01 00 48 89 04 24 [ 364.243256][T12812] RSP: 002b:00007fffc49a9a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 364.251699][T12812] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f8c6d262310 [ 364.259662][T12812] RDX: 0000000000001000 RSI: 00007fffc49a9f10 RDI: 0000000000000005 [ 364.267614][T12812] RBP: 00007fffc49ab040 R08: 00007fffc49ab040 R09: 00007f8c6d2b87d0 [ 364.275576][T12812] R10: 312f316273752f30 R11: 0000000000000246 R12: 000000000125c2d0 [ 364.283529][T12812] R13: 000000000125c3c0 R14: 0000000000000001 R15: 0000000001277159 [ 364.291487][T12812] [ 364.293793][T12812] Uninit was stored to memory at: [ 364.298859][T12812] kmsan_internal_chain_origin+0xbd/0x180 [ 364.304565][T12812] kmsan_memcpy_memmove_metadata+0x25c/0x2e0 [ 364.310534][T12812] kmsan_memcpy_metadata+0xb/0x10 [ 364.315537][T12812] __msan_memcpy+0x56/0x70 [ 364.319932][T12812] rtl8150_probe+0x1143/0x14a0 [ 364.324680][T12812] usb_probe_interface+0xd19/0x1310 [ 364.329854][T12812] really_probe+0xd91/0x1f90 [ 364.334420][T12812] driver_probe_device+0x1ba/0x510 [ 364.339505][T12812] __device_attach_driver+0x5b8/0x790 [ 364.344851][T12812] bus_for_each_drv+0x28e/0x3b0 [ 364.349687][T12812] __device_attach+0x489/0x750 [ 364.354448][T12812] device_initial_probe+0x4a/0x60 [ 364.359452][T12812] bus_probe_device+0x131/0x390 [ 364.364280][T12812] device_add+0x25b5/0x2df0 [ 364.368772][T12812] usb_set_configuration+0x309f/0x3710 [ 364.374219][T12812] generic_probe+0xe7/0x280 [ 364.378710][T12812] usb_probe_device+0x146/0x200 [ 364.383542][T12812] really_probe+0xd91/0x1f90 [ 364.388124][T12812] driver_probe_device+0x1ba/0x510 [ 364.393223][T12812] __device_attach_driver+0x5b8/0x790 [ 364.398611][T12812] bus_for_each_drv+0x28e/0x3b0 [ 364.403445][T12812] __device_attach+0x489/0x750 [ 364.408235][T12812] device_initial_probe+0x4a/0x60 [ 364.413238][T12812] bus_probe_device+0x131/0x390 [ 364.418063][T12812] device_add+0x25b5/0x2df0 [ 364.422545][T12812] usb_new_device+0x23e5/0x2fb0 [ 364.427374][T12812] hub_event+0x581d/0x72f0 [ 364.431775][T12812] process_one_work+0x1572/0x1ef0 [ 364.436847][T12812] worker_thread+0x111b/0x2460 [ 364.441634][T12812] kthread+0x4b5/0x4f0 [ 364.445698][T12812] ret_from_fork+0x35/0x40 [ 364.450086][T12812] [ 364.452434][T12812] Local variable description: ----node_id.i@rtl8150_probe [ 364.459520][T12812] Variable was created at: [ 364.463925][T12812] rtl8150_probe+0xdc8/0x14a0 [ 364.468583][T12812] rtl8150_probe+0xdc8/0x14a0 [ 364.473248][T12812] ===================================================== [ 364.480154][T12812] Disabling lock debugging due to kernel taint [ 364.486280][T12812] Kernel panic - not syncing: panic_on_warn set ... [ 364.492849][T12812] CPU: 0 PID: 12812 Comm: udevd Tainted: G B 5.4.0-rc5+ #0 [ 364.501318][T12812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.511352][T12812] Call Trace: [ 364.514629][T12812] dump_stack+0x191/0x1f0 [ 364.518941][T12812] panic+0x3c9/0xc1e [ 364.522846][T12812] kmsan_report+0x215/0x220 [ 364.527330][T12812] __msan_warning+0x73/0xe0 [ 364.531826][T12812] hex_string+0x7d8/0x8d0 [ 364.536162][T12812] pointer+0xbfe/0x1d10 [ 364.540319][T12812] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 364.546205][T12812] vsnprintf+0x1c0c/0x3210 [ 364.550611][T12812] scnprintf+0x235/0x300 [ 364.554846][T12812] ? kmsan_internal_unpoison_shadow+0x42/0x80 [ 364.560892][T12812] sysfs_format_mac+0xde/0x100 [ 364.565647][T12812] address_show+0x159/0x1d0 [ 364.570130][T12812] ? link_mode_show+0x1a0/0x1a0 [ 364.574962][T12812] dev_attr_show+0xd8/0x1e0 [ 364.579478][T12812] sysfs_kf_seq_show+0x434/0x7b0 [ 364.584468][T12812] ? sysfs_kf_write+0x2a0/0x2a0 [ 364.589305][T12812] kernfs_seq_show+0x164/0x1e0 [ 364.594078][T12812] ? kernfs_seq_next+0x3e0/0x3e0 [ 364.599038][T12812] seq_read+0xac6/0x1d90 [ 364.603280][T12812] kernfs_fop_read+0x2c3/0x9a0 [ 364.608032][T12812] ? kernfs_notify_workfn+0x960/0x960 [ 364.613387][T12812] __vfs_read+0x1a9/0xc90 [ 364.617702][T12812] ? rw_verify_area+0x3a5/0x5e0 [ 364.622537][T12812] vfs_read+0x359/0x6f0 [ 364.626678][T12812] ksys_read+0x265/0x430 [ 364.630905][T12812] __se_sys_read+0x92/0xb0 [ 364.635304][T12812] __x64_sys_read+0x4a/0x70 [ 364.639796][T12812] do_syscall_64+0xb6/0x160 [ 364.644308][T12812] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 364.650177][T12812] RIP: 0033:0x7f8c6d262310 [ 364.654571][T12812] Code: 73 01 c3 48 8b 0d 28 4b 2b 00 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 83 3d e5 a2 2b 00 00 75 10 b8 00 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e 8a 01 00 48 89 04 24 [ 364.674176][T12812] RSP: 002b:00007fffc49a9a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 364.682568][T12812] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f8c6d262310 [ 364.690540][T12812] RDX: 0000000000001000 RSI: 00007fffc49a9f10 RDI: 0000000000000005 [ 364.698491][T12812] RBP: 00007fffc49ab040 R08: 00007fffc49ab040 R09: 00007f8c6d2b87d0 [ 364.706444][T12812] R10: 312f316273752f30 R11: 0000000000000246 R12: 000000000125c2d0 [ 364.714396][T12812] R13: 000000000125c3c0 R14: 0000000000000001 R15: 0000000001277159 [ 364.723689][T12812] Kernel Offset: disabled [ 364.728034][T12812] Rebooting in 86400 seconds..