[[0;32m OK [0m] Started Getty on tty2.
[[0;32m OK [0m] Started Getty on tty1.
[[0;32m OK [0m] Started Serial Getty on ttyS0.
[[0;32m OK [0m] Started System Logging Service.
[[0;32m OK [0m] Started getty on tty2-tty6 if dbus and logind are not available.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.1.29' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 138.003815][ T3362] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 138.523954][ T3362] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 138.533044][ T3362] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 138.541298][ T3362] usb 1-1: Product: syz
[ 138.545624][ T3362] usb 1-1: Manufacturer: syz
[ 138.550291][ T3362] usb 1-1: SerialNumber: syz
[ 138.595401][ T3362] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 139.283553][ T28] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 139.503390][ C1] =====================================================
[ 139.510338][ C1] BUG: KMSAN: uninit-value in ath9k_htc_rx_msg+0x28f/0x1f50
[ 139.517594][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.8.0-rc5-syzkaller #0
[ 139.525449][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 139.535474][ C1] Call Trace:
[ 139.538733][ C1]
[ 139.541564][ C1] dump_stack+0x21c/0x280
[ 139.545906][ C1] kmsan_report+0xf7/0x1e0
[ 139.550310][ C1] __msan_warning+0x58/0xa0
[ 139.554791][ C1] ath9k_htc_rx_msg+0x28f/0x1f50
[ 139.559711][ C1] ath9k_hif_usb_rx_cb+0x1841/0x1d10
[ 139.564963][ C1] ? kmsan_get_metadata+0x116/0x180
[ 139.570135][ C1] ? __msan_metadata_ptr_for_store_1+0x13/0x20
[ 139.576264][ C1] ? kmsan_get_metadata+0x116/0x180
[ 139.581433][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[ 139.587209][ C1] ? ath9k_hif_usb_alloc_urbs+0x2010/0x2010
[ 139.593073][ C1] __usb_hcd_giveback_urb+0x687/0x870
[ 139.598421][ C1] ? kmsan_get_metadata+0x116/0x180
[ 139.603611][ C1] ? kmsan_get_metadata+0x116/0x180
[ 139.608801][ C1] usb_hcd_giveback_urb+0x1cb/0x730
[ 139.614096][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[ 139.619888][ C1] dummy_timer+0xd98/0x71c0
[ 139.624400][ C1] ? dummy_free_streams+0x5b0/0x5b0
[ 139.629584][ C1] call_timer_fn+0x226/0x550
[ 139.634157][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[ 139.639944][ C1] expire_timers+0x4fc/0x780
[ 139.644517][ C1] ? dummy_free_streams+0x5b0/0x5b0
[ 139.649777][ C1] __run_timers+0xaf4/0xd30
[ 139.654262][ C1] ? __msan_metadata_ptr_for_store_8+0x13/0x20
[ 139.660388][ C1] ? irqtime_account_irq+0xcb/0x2d0
[ 139.665559][ C1] ? kmsan_get_metadata+0x116/0x180
[ 139.670825][ C1] run_timer_softirq+0x2d/0x50
[ 139.675576][ C1] ? migrate_timer_list+0x780/0x780
[ 139.680874][ C1] __do_softirq+0x2ea/0x7f5
[ 139.685361][ C1] asm_call_on_stack+0xf/0x20
[ 139.690007][ C1]
[ 139.692924][ C1] do_softirq_own_stack+0x7c/0xa0
[ 139.697924][ C1] __irq_exit_rcu+0x226/0x270
[ 139.702576][ C1] irq_exit_rcu+0xe/0x10
[ 139.706810][ C1] sysvec_apic_timer_interrupt+0x107/0x130
[ 139.712591][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 139.718567][ C1] RIP: 0010:acpi_idle_enter+0x817/0xeb0
[ 139.724087][ C1] Code: 85 db 74 0a f7 d3 44 21 fb 48 85 db 74 32 4d 85 ff 75 3a 48 8b 5d a0 e9 0c 00 00 00 e8 12 b2 78 fb 0f 00 2d 25 15 1c 0b fb f4 eb 5a 84 c0 8b 7d 90 0f 45 7d 94 e8 d8 9a f4 fb e9 74 fc ff ff
[ 139.743895][ C1] RSP: 0018:ffff88812df93bc8 EFLAGS: 00000246
[ 139.749932][ C1] RAX: 0000000000000000 RBX: ffff8881dfefce70 RCX: 000000012db88000
[ 139.757874][ C1] RDX: ffff88812df88000 RSI: 0000000000000000 RDI: 0000000000000000
[ 139.765819][ C1] RBP: ffff88812df93ca0 R08: ffffffff86420acc R09: ffff88812fffa000
[ 139.773788][ C1] R10: 0000000000000002 R11: ffff88812df88000 R12: ffff88812df889d8
[ 139.781825][ C1] R13: ffff8881dfefcc64 R14: 0000000000000000 R15: 0000000000000000
[ 139.789788][ C1] ? acpi_idle_enter+0x7ec/0xeb0
[ 139.794708][ C1] ? acpi_idle_enter+0x7ec/0xeb0
[ 139.799637][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 139.805692][ C1] ? acpi_idle_lpi_enter+0x140/0x140
[ 139.810954][ C1] cpuidle_enter_state+0x860/0x12b0
[ 139.816230][ C1] cpuidle_enter+0xe3/0x170
[ 139.820711][ C1] do_idle+0x668/0x810
[ 139.824760][ C1] cpu_startup_entry+0x45/0x50
[ 139.829500][ C1] ? setup_APIC_timer+0x210/0x210
[ 139.834499][ C1] start_secondary+0x1bf/0x240
[ 139.839242][ C1] secondary_startup_64+0xa4/0xb0
[ 139.844241][ C1]
[ 139.846541][ C1] Uninit was created at:
[ 139.850758][ C1] kmsan_save_stack_with_flags+0x3c/0x90
[ 139.856361][ C1] kmsan_alloc_page+0xc5/0x1a0
[ 139.861100][ C1] __alloc_pages_nodemask+0xdf0/0x1030
[ 139.866531][ C1] page_frag_alloc+0x35b/0x880
[ 139.871265][ C1] __netdev_alloc_skb+0x2a8/0xc90
[ 139.876259][ C1] ath9k_hif_usb_rx_cb+0xe5a/0x1d10
[ 139.881426][ C1] __usb_hcd_giveback_urb+0x687/0x870
[ 139.886767][ C1] usb_hcd_giveback_urb+0x1cb/0x730
[ 139.891937][ C1] dummy_timer+0xd98/0x71c0
[ 139.896414][ C1] call_timer_fn+0x226/0x550
[ 139.900976][ C1] expire_timers+0x4fc/0x780
[ 139.905540][ C1] __run_timers+0xaf4/0xd30
[ 139.910016][ C1] run_timer_softirq+0x2d/0x50
[ 139.914757][ C1] __do_softirq+0x2ea/0x7f5
[ 139.919225][ C1] =====================================================
[ 139.926125][ C1] Disabling lock debugging due to kernel taint
[ 139.932245][ C1] Kernel panic - not syncing: panic_on_warn set ...
[ 139.938807][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G B 5.8.0-rc5-syzkaller #0
[ 139.948051][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 139.958074][ C1] Call Trace:
[ 139.961332][ C1]
[ 139.964159][ C1] dump_stack+0x21c/0x280
[ 139.968467][ C1] panic+0x4d7/0xef7
[ 139.972357][ C1] ? add_taint+0x17c/0x210
[ 139.976760][ C1] kmsan_report+0x1df/0x1e0
[ 139.981240][ C1] __msan_warning+0x58/0xa0
[ 139.985720][ C1] ath9k_htc_rx_msg+0x28f/0x1f50
[ 139.990637][ C1] ath9k_hif_usb_rx_cb+0x1841/0x1d10
[ 139.995895][ C1] ? kmsan_get_metadata+0x116/0x180
[ 140.001075][ C1] ? __msan_metadata_ptr_for_store_1+0x13/0x20
[ 140.007204][ C1] ? kmsan_get_metadata+0x116/0x180
[ 140.012377][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[ 140.018157][ C1] ? ath9k_hif_usb_alloc_urbs+0x2010/0x2010
[ 140.024025][ C1] __usb_hcd_giveback_urb+0x687/0x870
[ 140.029370][ C1] ? kmsan_get_metadata+0x116/0x180
[ 140.034544][ C1] ? kmsan_get_metadata+0x116/0x180
[ 140.039718][ C1] usb_hcd_giveback_urb+0x1cb/0x730
[ 140.045010][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[ 140.050919][ C1] dummy_timer+0xd98/0x71c0
[ 140.055429][ C1] ? dummy_free_streams+0x5b0/0x5b0
[ 140.060598][ C1] call_timer_fn+0x226/0x550
[ 140.065164][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[ 140.070943][ C1] expire_timers+0x4fc/0x780
[ 140.075510][ C1] ? dummy_free_streams+0x5b0/0x5b0
[ 140.080685][ C1] __run_timers+0xaf4/0xd30
[ 140.085167][ C1] ? __msan_metadata_ptr_for_store_8+0x13/0x20
[ 140.091289][ C1] ? irqtime_account_irq+0xcb/0x2d0
[ 140.096459][ C1] ? kmsan_get_metadata+0x116/0x180
[ 140.101677][ C1] run_timer_softirq+0x2d/0x50
[ 140.106418][ C1] ? migrate_timer_list+0x780/0x780
[ 140.111586][ C1] __do_softirq+0x2ea/0x7f5
[ 140.116068][ C1] asm_call_on_stack+0xf/0x20
[ 140.120713][ C1]
[ 140.123626][ C1] do_softirq_own_stack+0x7c/0xa0
[ 140.128626][ C1] __irq_exit_rcu+0x226/0x270
[ 140.133278][ C1] irq_exit_rcu+0xe/0x10
[ 140.137498][ C1] sysvec_apic_timer_interrupt+0x107/0x130
[ 140.143276][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 140.149230][ C1] RIP: 0010:acpi_idle_enter+0x817/0xeb0
[ 140.154856][ C1] Code: 85 db 74 0a f7 d3 44 21 fb 48 85 db 74 32 4d 85 ff 75 3a 48 8b 5d a0 e9 0c 00 00 00 e8 12 b2 78 fb 0f 00 2d 25 15 1c 0b fb f4 eb 5a 84 c0 8b 7d 90 0f 45 7d 94 e8 d8 9a f4 fb e9 74 fc ff ff
[ 140.174430][ C1] RSP: 0018:ffff88812df93bc8 EFLAGS: 00000246
[ 140.180488][ C1] RAX: 0000000000000000 RBX: ffff8881dfefce70 RCX: 000000012db88000
[ 140.188431][ C1] RDX: ffff88812df88000 RSI: 0000000000000000 RDI: 0000000000000000
[ 140.196461][ C1] RBP: ffff88812df93ca0 R08: ffffffff86420acc R09: ffff88812fffa000
[ 140.204492][ C1] R10: 0000000000000002 R11: ffff88812df88000 R12: ffff88812df889d8
[ 140.212435][ C1] R13: ffff8881dfefcc64 R14: 0000000000000000 R15: 0000000000000000
[ 140.220388][ C1] ? acpi_idle_enter+0x7ec/0xeb0
[ 140.225301][ C1] ? acpi_idle_enter+0x7ec/0xeb0
[ 140.230209][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 140.236254][ C1] ? acpi_idle_lpi_enter+0x140/0x140
[ 140.241511][ C1] cpuidle_enter_state+0x860/0x12b0
[ 140.246693][ C1] cpuidle_enter+0xe3/0x170
[ 140.251172][ C1] do_idle+0x668/0x810
[ 140.255220][ C1] cpu_startup_entry+0x45/0x50
[ 140.260056][ C1] ? setup_APIC_timer+0x210/0x210
[ 140.265055][ C1] start_secondary+0x1bf/0x240
[ 140.269796][ C1] secondary_startup_64+0xa4/0xb0
[ 140.275427][ C1] ------------[ cut here ]------------
[ 140.280861][ C1] kernel BUG at mm/kmsan/kmsan.h:87!
[ 140.286124][ C1] invalid opcode: 0000 [#1] SMP
[ 140.290946][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G B 5.8.0-rc5-syzkaller #0
[ 140.300192][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 140.310225][ C1] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0
[ 140.316783][ C1] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 b0 63 e1 91 31 c0 e8 f8 02 30 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 c2 13 b0 0e 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff
[ 140.336441][ C1] RSP: 0018:ffff88812fd05238 EFLAGS: 00010046
[ 140.342603][ C1] RAX: 0000000000000002 RBX: 00000000045500cc RCX: 00000000045500cc
[ 140.350547][ C1] RDX: 0000000000000000 RSI: 00000000000004a0 RDI: ffff88812fd0531c
[ 140.358501][ C1] RBP: ffff88812fd052e0 R08: ffffea000000000f R09: ffff88812fffa000
[ 140.366458][ C1] R10: 0000000000000002 R11: ffff88812df88000 R12: 0000000000000000
[ 140.374512][ C1] R13: 0000000000000001 R14: 0000000000000006 R15: 0000000000000001
[ 140.382542][ C1] FS: 0000000000000000(0000) GS:ffff88812fd00000(0000) knlGS:0000000000000000
[ 140.391447][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 140.398002][ C1] CR2: 0000561b65e18188 CR3: 00000000b966d000 CR4: 00000000001406e0
[ 140.405946][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 140.413888][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 140.421828][ C1] Call Trace:
[ 140.425097][ C1]
[ 140.427931][ C1] kmsan_check_memory+0xd/0x10
[ 140.432668][ C1] iowrite8+0x99/0x300
[ 140.436714][ C1] pvpanic_panic_notify+0xb7/0xe0
[ 140.441819][ C1] ? pvpanic_mmio_remove+0x60/0x60
[ 140.446902][ C1] atomic_notifier_call_chain+0x123/0x290
[ 140.452597][ C1] panic+0x560/0xef7
[ 140.456471][ C1] ? add_taint+0x17c/0x210
[ 140.460863][ C1] kmsan_report+0x1df/0x1e0
[ 140.465338][ C1] __msan_warning+0x58/0xa0
[ 140.469815][ C1] ath9k_htc_rx_msg+0x28f/0x1f50
[ 140.474731][ C1] ath9k_hif_usb_rx_cb+0x1841/0x1d10
[ 140.479998][ C1] ? kmsan_get_metadata+0x116/0x180
[ 140.485191][ C1] ? __msan_metadata_ptr_for_store_1+0x13/0x20
[ 140.491316][ C1] ? kmsan_get_metadata+0x116/0x180
[ 140.496488][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[ 140.502267][ C1] ? ath9k_hif_usb_alloc_urbs+0x2010/0x2010
[ 140.508130][ C1] __usb_hcd_giveback_urb+0x687/0x870
[ 140.513475][ C1] ? kmsan_get_metadata+0x116/0x180
[ 140.518646][ C1] ? kmsan_get_metadata+0x116/0x180
[ 140.523817][ C1] usb_hcd_giveback_urb+0x1cb/0x730
[ 140.529012][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[ 140.534795][ C1] dummy_timer+0xd98/0x71c0
[ 140.539386][ C1] ? dummy_free_streams+0x5b0/0x5b0
[ 140.544555][ C1] call_timer_fn+0x226/0x550
[ 140.549119][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[ 140.554898][ C1] expire_timers+0x4fc/0x780
[ 140.559463][ C1] ? dummy_free_streams+0x5b0/0x5b0
[ 140.564632][ C1] __run_timers+0xaf4/0xd30
[ 140.569111][ C1] ? __msan_metadata_ptr_for_store_8+0x13/0x20
[ 140.575234][ C1] ? irqtime_account_irq+0xcb/0x2d0
[ 140.580404][ C1] ? kmsan_get_metadata+0x116/0x180
[ 140.585574][ C1] run_timer_softirq+0x2d/0x50
[ 140.590417][ C1] ? migrate_timer_list+0x780/0x780
[ 140.595588][ C1] __do_softirq+0x2ea/0x7f5
[ 140.600082][ C1] asm_call_on_stack+0xf/0x20
[ 140.604726][ C1]
[ 140.607641][ C1] do_softirq_own_stack+0x7c/0xa0
[ 140.612641][ C1] __irq_exit_rcu+0x226/0x270
[ 140.617301][ C1] irq_exit_rcu+0xe/0x10
[ 140.621521][ C1] sysvec_apic_timer_interrupt+0x107/0x130
[ 140.627300][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 140.633254][ C1] RIP: 0010:acpi_idle_enter+0x817/0xeb0
[ 140.638770][ C1] Code: 85 db 74 0a f7 d3 44 21 fb 48 85 db 74 32 4d 85 ff 75 3a 48 8b 5d a0 e9 0c 00 00 00 e8 12 b2 78 fb 0f 00 2d 25 15 1c 0b fb f4 eb 5a 84 c0 8b 7d 90 0f 45 7d 94 e8 d8 9a f4 fb e9 74 fc ff ff
[ 140.658343][ C1] RSP: 0018:ffff88812df93bc8 EFLAGS: 00000246
[ 140.664387][ C1] RAX: 0000000000000000 RBX: ffff8881dfefce70 RCX: 000000012db88000
[ 140.672335][ C1] RDX: ffff88812df88000 RSI: 0000000000000000 RDI: 0000000000000000
[ 140.680280][ C1] RBP: ffff88812df93ca0 R08: ffffffff86420acc R09: ffff88812fffa000
[ 140.688225][ C1] R10: 0000000000000002 R11: ffff88812df88000 R12: ffff88812df889d8
[ 140.696359][ C1] R13: ffff8881dfefcc64 R14: 0000000000000000 R15: 0000000000000000
[ 140.704410][ C1] ? acpi_idle_enter+0x7ec/0xeb0
[ 140.709332][ C1] ? acpi_idle_enter+0x7ec/0xeb0
[ 140.714252][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 140.720304][ C1] ? acpi_idle_lpi_enter+0x140/0x140
[ 140.725569][ C1] cpuidle_enter_state+0x860/0x12b0
[ 140.730752][ C1] cpuidle_enter+0xe3/0x170
[ 140.735231][ C1] do_idle+0x668/0x810
[ 140.739277][ C1] cpu_startup_entry+0x45/0x50
[ 140.744015][ C1] ? setup_APIC_timer+0x210/0x210
[ 140.749098][ C1] start_secondary+0x1bf/0x240
[ 140.753835][ C1] secondary_startup_64+0xa4/0xb0
[ 140.758829][ C1] Modules linked in:
[ 140.762698][ C1] ---[ end trace c907d5b5793273a0 ]---
[ 140.768127][ C1] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0
[ 140.774698][ C1] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 b0 63 e1 91 31 c0 e8 f8 02 30 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 c2 13 b0 0e 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff
[ 140.794285][ C1] RSP: 0018:ffff88812fd05238 EFLAGS: 00010046
[ 140.800328][ C1] RAX: 0000000000000002 RBX: 00000000045500cc RCX: 00000000045500cc
[ 140.808280][ C1] RDX: 0000000000000000 RSI: 00000000000004a0 RDI: ffff88812fd0531c
[ 140.816228][ C1] RBP: ffff88812fd052e0 R08: ffffea000000000f R09: ffff88812fffa000
[ 140.824170][ C1] R10: 0000000000000002 R11: ffff88812df88000 R12: 0000000000000000
[ 140.832111][ C1] R13: 0000000000000001 R14: 0000000000000006 R15: 0000000000000001
[ 140.840059][ C1] FS: 0000000000000000(0000) GS:ffff88812fd00000(0000) knlGS:0000000000000000
[ 140.848960][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 140.855543][ C1] CR2: 0000561b65e18188 CR3: 00000000b966d000 CR4: 00000000001406e0
[ 140.863489][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 140.871433][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 140.879416][ C1] Kernel panic - not syncing: Fatal exception in interrupt
[ 140.887124][ C1] Kernel Offset: disabled
[ 140.891436][ C1] Rebooting in 86400 seconds..