[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 105.684314][ T32] audit: type=1800 audit(1564980378.741:25): pid=11715 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 105.708405][ T32] audit: type=1800 audit(1564980378.761:26): pid=11715 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 105.747472][ T32] audit: type=1800 audit(1564980378.791:27): pid=11715 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.124' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 118.722564][ T12] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 118.962589][ T12] usb 1-1: Using ep0 maxpacket: 16
[ 119.082789][ T12] usb 1-1: config 0 has an invalid interface number: 128 but max is 0
[ 119.091065][ T12] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 119.101343][ T12] usb 1-1: config 0 has no interface number 0
[ 119.107753][ T12] usb 1-1: config 0 interface 128 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[ 119.119085][ T12] usb 1-1: New USB device found, idVendor=12cf, idProduct=7111, bcdDevice=48.08
[ 119.128371][ T12] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 119.138625][ T12] usb 1-1: config 0 descriptor??
[ 119.402773][ T12] radio-si470x 1-1:0.128: DeviceID=0x0e09 ChipID=0xae80
[ 119.622696][ T12] radio-si470x 1-1:0.128: software version 14, hardware version 9
executing program
[ 119.842768][ T12] radio-si470x 1-1:0.128: si470x_set_report: usb_control_msg returned -71
[ 119.862611][ C0] radio-si470x 1-1:0.128: non-zero urb status (-71)
[ 119.869891][ T12] radio-si470x 1-1:0.128: si470x_set_report: usb_control_msg returned -71
[ 119.879495][ T12] radio-si470x: probe of 1-1:0.128 failed with error -22
[ 119.887483][ C0] usb 1-1:0.128: non-zero urb status (-71)
[ 119.896909][ T12] usb 1-1: USB disconnect, device number 2
[ 119.903117][ C0] usb 1-1:0.128: non-zero urb status (-71)
[ 119.903169][ C0] usb 1-1:0.128: resubmitting urb failed (-19)
[ 120.262523][ T12] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 120.502626][ T12] usb 1-1: Using ep0 maxpacket: 16
[ 120.622710][ T12] usb 1-1: config 0 has an invalid interface number: 128 but max is 0
[ 120.630968][ T12] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 120.641297][ T12] usb 1-1: config 0 has no interface number 0
[ 120.647622][ T12] usb 1-1: config 0 interface 128 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[ 120.658933][ T12] usb 1-1: New USB device found, idVendor=12cf, idProduct=7111, bcdDevice=48.08
[ 120.668111][ T12] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 120.677962][ T12] usb 1-1: config 0 descriptor??
[ 120.942715][ T12] radio-si470x 1-1:0.128: DeviceID=0x0c09 ChipID=0xae80
[ 121.162687][ T12] radio-si470x 1-1:0.128: software version 12, hardware version 9
executing program
[ 121.382996][ T12] radio-si470x 1-1:0.128: si470x_set_report: usb_control_msg returned -71
[ 121.402630][ C0] radio-si470x 1-1:0.128: non-zero urb status (-71)
[ 121.409954][ T12] radio-si470x 1-1:0.128: si470x_set_report: usb_control_msg returned -71
[ 121.419536][ T12] radio-si470x: probe of 1-1:0.128 failed with error -22
[ 121.426789][ C0] usb 1-1:0.128: non-zero urb status (-71)
[ 121.435988][ T12] usb 1-1: USB disconnect, device number 3
[ 121.442482][ C0] ==================================================================
[ 121.450627][ C0] BUG: KMSAN: uninit-value in dummy_timer+0x8d3/0x6770
[ 121.457511][ C0] CPU: 0 PID: 12 Comm: kworker/0:1 Not tainted 5.2.0+ #15
[ 121.464633][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 121.474709][ C0] Workqueue: usb_hub_wq hub_event
[ 121.479727][ C0] Call Trace:
[ 121.483003][ C0]
[ 121.485871][ C0] dump_stack+0x191/0x1f0
[ 121.490229][ C0] kmsan_report+0x162/0x2d0
[ 121.494764][ C0] __msan_warning+0x75/0xe0
[ 121.499279][ C0] dummy_timer+0x8d3/0x6770
[ 121.503851][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 121.509769][ C0] call_timer_fn+0x222/0x520
[ 121.514452][ C0] ? dummy_free_streams+0x540/0x540
[ 121.519653][ C0] __run_timers+0xcdc/0x11a0
[ 121.524241][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 121.530301][ C0] ? dummy_free_streams+0x540/0x540
[ 121.535515][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 121.541407][ C0] run_timer_softirq+0x2d/0x50
[ 121.546169][ C0] ? timers_dead_cpu+0x9c0/0x9c0
[ 121.551134][ C0] __do_softirq+0x4ad/0x858
[ 121.555722][ C0] irq_exit+0x238/0x290
[ 121.559892][ C0] exiting_irq+0xe/0x10
[ 121.564047][ C0] smp_apic_timer_interrupt+0x48/0x70
[ 121.569455][ C0] apic_timer_interrupt+0x2e/0x40
[ 121.574483][ C0]
[ 121.577461][ C0] RIP: 0010:__msan_instrument_asm_store+0xf9/0x150
[ 121.583969][ C0] Code: df 4c 89 f6 31 d2 e8 46 dc ff ff 65 ff 0d b3 65 03 7e 65 8b 05 ac 65 03 7e 85 c0 75 2e e8 5f b1 3b ff 4c 89 7d d0 ff 75 d0 9d <65> 48 8b 04 25 28 00 00 00 48 3b 45 e0 75 0b 48 83 c4 18 5b 41 5e
[ 121.603568][ C0] RSP: 0018:ffff88812807f598 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
[ 121.611975][ C0] RAX: 0000000000000000 RBX: ffffffff8f6f7950 RCX: 0000000000000003
[ 121.619939][ C0] RDX: 0000000000000002 RSI: fffffdffffffffff RDI: ffffffff8f6f7958
[ 121.627908][ C0] RBP: ffff88812807f5c8 R08: 0000000000000000 R09: 0000778000000000
[ 121.635878][ C0] R10: ffffd0ffffffffff R11: 0000100000000000 R12: ffff88812d70dac0
[ 121.643839][ C0] R13: 0000000000000000 R14: 0000000000000008 R15: 0000000000000286
[ 121.651846][ C0] mutex_unlock+0x38/0x90
[ 121.656238][ C0] __kernfs_remove+0xa5d/0x11e0
[ 121.661134][ C0] kernfs_remove_by_name_ns+0x115/0x1f0
[ 121.666695][ C0] sysfs_remove_file_ns+0xc9/0xf0
[ 121.671784][ C0] device_del+0xa0b/0x1c50
[ 121.676217][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 121.682146][ C0] ? usb_remove_ep_devs+0x8d/0xe0
[ 121.687186][ C0] usb_disable_device+0x567/0x1150
[ 121.692339][ C0] usb_disconnect+0x51e/0xd60
[ 121.697047][ C0] hub_event+0x4003/0x7320
[ 121.701526][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 121.707416][ C0] ? led_work+0x720/0x720
[ 121.711741][ C0] ? led_work+0x720/0x720
[ 121.716077][ C0] process_one_work+0x1572/0x1f00
[ 121.721121][ C0] worker_thread+0x189c/0x2460
[ 121.725939][ C0] kthread+0x4b5/0x4f0
[ 121.730023][ C0] ? process_one_work+0x1f00/0x1f00
[ 121.735247][ C0] ? kthread_blkcg+0xf0/0xf0
[ 121.739862][ C0] ret_from_fork+0x35/0x40
[ 121.744294][ C0]
[ 121.746631][ C0] Uninit was stored to memory at:
[ 121.751682][ C0] kmsan_internal_chain_origin+0xcc/0x150
[ 121.757394][ C0] __msan_chain_origin+0x6b/0xe0
[ 121.762332][ C0] dummy_urb_enqueue+0x604/0xe10
[ 121.767280][ C0] usb_hcd_submit_urb+0x672/0x38d0
[ 121.772407][ C0] usb_submit_urb+0x1ef3/0x1f50
[ 121.777277][ C0] si470x_int_in_callback+0x3f7/0x1010
[ 121.782736][ C0] __usb_hcd_giveback_urb+0x4a7/0x630
[ 121.788098][ C0] usb_hcd_giveback_urb+0x189/0x670
[ 121.793290][ C0] dummy_timer+0xab0/0x6770
[ 121.797819][ C0] call_timer_fn+0x222/0x520
[ 121.802517][ C0] __run_timers+0xcdc/0x11a0
[ 121.807138][ C0] run_timer_softirq+0x2d/0x50
[ 121.811918][ C0] __do_softirq+0x4ad/0x858
[ 121.816509][ C0] irq_exit+0x238/0x290
[ 121.820682][ C0] exiting_irq+0xe/0x10
[ 121.824829][ C0] smp_apic_timer_interrupt+0x48/0x70
[ 121.830188][ C0] apic_timer_interrupt+0x2e/0x40
[ 121.835208][ C0] console_unlock+0x1936/0x1cd0
[ 121.840045][ C0] vprintk_emit+0x47a/0x8a0
[ 121.844551][ C0] vprintk_default+0x90/0xa0
[ 121.849132][ C0] vprintk_func+0x635/0x810
[ 121.853626][ C0] printk+0x180/0x1c3
[ 121.857613][ C0] really_probe+0x1b28/0x1d90
[ 121.862278][ C0] driver_probe_device+0x1ba/0x510
[ 121.867379][ C0] __device_attach_driver+0x5b8/0x790
[ 121.872743][ C0] bus_for_each_drv+0x28e/0x3b0
[ 121.877588][ C0] __device_attach+0x489/0x750
[ 121.882381][ C0] device_initial_probe+0x4a/0x60
[ 121.887489][ C0] bus_probe_device+0x131/0x390
[ 121.892343][ C0] device_add+0x25b5/0x2df0
[ 121.896882][ C0] usb_set_configuration+0x309f/0x3710
[ 121.902420][ C0] generic_probe+0xe7/0x280
[ 121.906921][ C0] usb_probe_device+0x146/0x200
[ 121.911763][ C0] really_probe+0x1344/0x1d90
[ 121.916434][ C0] driver_probe_device+0x1ba/0x510
[ 121.921538][ C0] __device_attach_driver+0x5b8/0x790
[ 121.926902][ C0] bus_for_each_drv+0x28e/0x3b0
[ 121.931743][ C0] __device_attach+0x489/0x750
[ 121.936491][ C0] device_initial_probe+0x4a/0x60
[ 121.941504][ C0] bus_probe_device+0x131/0x390
[ 121.946378][ C0] device_add+0x25b5/0x2df0
[ 121.950903][ C0] usb_new_device+0x23e5/0x2fb0
[ 121.955766][ C0] hub_event+0x5853/0x7320
[ 121.962097][ C0] process_one_work+0x1572/0x1f00
[ 121.967140][ C0] worker_thread+0x189c/0x2460
[ 121.971897][ C0] kthread+0x4b5/0x4f0
[ 121.975962][ C0] ret_from_fork+0x35/0x40
[ 121.980361][ C0]
[ 121.982675][ C0] Uninit was created at:
[ 121.986915][ C0] kmsan_internal_poison_shadow+0x53/0xa0
[ 121.992635][ C0] kmsan_slab_free+0x8d/0x100
[ 121.997306][ C0] kfree+0x4b2/0x2960
[ 122.001298][ C0] si470x_usb_driver_probe+0xa6f/0x31d0
[ 122.006840][ C0] usb_probe_interface+0xd19/0x1310
[ 122.012129][ C0] really_probe+0x1344/0x1d90
[ 122.016818][ C0] driver_probe_device+0x1ba/0x510
[ 122.021954][ C0] __device_attach_driver+0x5b8/0x790
[ 122.027327][ C0] bus_for_each_drv+0x28e/0x3b0
[ 122.032178][ C0] __device_attach+0x489/0x750
[ 122.036950][ C0] device_initial_probe+0x4a/0x60
[ 122.041978][ C0] bus_probe_device+0x131/0x390
[ 122.046815][ C0] device_add+0x25b5/0x2df0
[ 122.051310][ C0] usb_set_configuration+0x309f/0x3710
[ 122.056758][ C0] generic_probe+0xe7/0x280
[ 122.061272][ C0] usb_probe_device+0x146/0x200
[ 122.066129][ C0] really_probe+0x1344/0x1d90
[ 122.070801][ C0] driver_probe_device+0x1ba/0x510
[ 122.075900][ C0] __device_attach_driver+0x5b8/0x790
[ 122.081260][ C0] bus_for_each_drv+0x28e/0x3b0
[ 122.086184][ C0] __device_attach+0x489/0x750
[ 122.090960][ C0] device_initial_probe+0x4a/0x60
[ 122.096021][ C0] bus_probe_device+0x131/0x390
[ 122.100861][ C0] device_add+0x25b5/0x2df0
[ 122.105354][ C0] usb_new_device+0x23e5/0x2fb0
[ 122.110190][ C0] hub_event+0x5853/0x7320
[ 122.114609][ C0] process_one_work+0x1572/0x1f00
[ 122.119645][ C0] worker_thread+0x189c/0x2460
[ 122.124404][ C0] kthread+0x4b5/0x4f0
[ 122.128481][ C0] ret_from_fork+0x35/0x40
[ 122.132891][ C0] ==================================================================
[ 122.140934][ C0] Disabling lock debugging due to kernel taint
[ 122.147076][ C0] Kernel panic - not syncing: panic_on_warn set ...
[ 122.153694][ C0] CPU: 0 PID: 12 Comm: kworker/0:1 Tainted: G B 5.2.0+ #15
[ 122.162191][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 122.180155][ C0] Workqueue: usb_hub_wq hub_event
[ 122.187049][ C0] Call Trace:
[ 122.190332][ C0]
[ 122.193185][ C0] dump_stack+0x191/0x1f0
[ 122.197540][ C0] panic+0x3c9/0xc1e
[ 122.201475][ C0] kmsan_report+0x2ca/0x2d0
[ 122.206003][ C0] __msan_warning+0x75/0xe0
[ 122.210514][ C0] dummy_timer+0x8d3/0x6770
[ 122.215098][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 122.221025][ C0] call_timer_fn+0x222/0x520
[ 122.225646][ C0] ? dummy_free_streams+0x540/0x540
[ 122.230876][ C0] __run_timers+0xcdc/0x11a0
[ 122.235489][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 122.241800][ C0] ? dummy_free_streams+0x540/0x540
[ 122.247053][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 122.253078][ C0] run_timer_softirq+0x2d/0x50
[ 122.257928][ C0] ? timers_dead_cpu+0x9c0/0x9c0
[ 122.263516][ C0] __do_softirq+0x4ad/0x858
[ 122.268070][ C0] irq_exit+0x238/0x290
[ 122.272242][ C0] exiting_irq+0xe/0x10
[ 122.276450][ C0] smp_apic_timer_interrupt+0x48/0x70
[ 122.281829][ C0] apic_timer_interrupt+0x2e/0x40
[ 122.286844][ C0]
[ 122.289793][ C0] RIP: 0010:__msan_instrument_asm_store+0xf9/0x150
[ 122.300386][ C0] Code: df 4c 89 f6 31 d2 e8 46 dc ff ff 65 ff 0d b3 65 03 7e 65 8b 05 ac 65 03 7e 85 c0 75 2e e8 5f b1 3b ff 4c 89 7d d0 ff 75 d0 9d <65> 48 8b 04 25 28 00 00 00 48 3b 45 e0 75 0b 48 83 c4 18 5b 41 5e
[ 122.320079][ C0] RSP: 0018:ffff88812807f598 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
[ 122.328492][ C0] RAX: 0000000000000000 RBX: ffffffff8f6f7950 RCX: 0000000000000003
[ 122.336683][ C0] RDX: 0000000000000002 RSI: fffffdffffffffff RDI: ffffffff8f6f7958
[ 122.344764][ C0] RBP: ffff88812807f5c8 R08: 0000000000000000 R09: 0000778000000000
[ 122.352950][ C0] R10: ffffd0ffffffffff R11: 0000100000000000 R12: ffff88812d70dac0
[ 122.362033][ C0] R13: 0000000000000000 R14: 0000000000000008 R15: 0000000000000286
[ 122.370051][ C0] mutex_unlock+0x38/0x90
[ 122.374399][ C0] __kernfs_remove+0xa5d/0x11e0
[ 122.379286][ C0] kernfs_remove_by_name_ns+0x115/0x1f0
[ 122.384891][ C0] sysfs_remove_file_ns+0xc9/0xf0
[ 122.389990][ C0] device_del+0xa0b/0x1c50
[ 122.394416][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 122.400333][ C0] ? usb_remove_ep_devs+0x8d/0xe0
[ 122.405389][ C0] usb_disable_device+0x567/0x1150
[ 122.410594][ C0] usb_disconnect+0x51e/0xd60
[ 122.415310][ C0] hub_event+0x4003/0x7320
[ 122.419816][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 122.425729][ C0] ? led_work+0x720/0x720
[ 122.430240][ C0] ? led_work+0x720/0x720
[ 122.434603][ C0] process_one_work+0x1572/0x1f00
[ 122.439752][ C0] worker_thread+0x189c/0x2460
[ 122.444557][ C0] kthread+0x4b5/0x4f0
[ 122.448718][ C0] ? process_one_work+0x1f00/0x1f00
[ 122.453928][ C0] ? kthread_blkcg+0xf0/0xf0
[ 122.458524][ C0] ret_from_fork+0x35/0x40
[ 122.464023][ C0] Kernel Offset: disabled
[ 122.468368][ C0] Rebooting in 86400 seconds..