[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[  110.246950][   T30] audit: type=1800 audit(1562699910.292:25): pid=12998 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[  110.270979][   T30] audit: type=1800 audit(1562699910.322:26): pid=12998 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[  110.309291][   T30] audit: type=1800 audit(1562699910.342:27): pid=12998 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.229' (ECDSA) to the list of known hosts.
2019/07/09 19:18:44 fuzzer started
2019/07/09 19:18:50 dialing manager at 10.128.0.26:39875
2019/07/09 19:18:50 syscalls: 2348
2019/07/09 19:18:50 code coverage: enabled
2019/07/09 19:18:50 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2019/07/09 19:18:50 extra coverage: enabled
2019/07/09 19:18:50 setuid sandbox: enabled
2019/07/09 19:18:50 namespace sandbox: enabled
2019/07/09 19:18:50 Android sandbox: /sys/fs/selinux/policy does not exist
2019/07/09 19:18:50 fault injection: enabled
2019/07/09 19:18:50 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/07/09 19:18:50 net packet injection: enabled
2019/07/09 19:18:50 net device setup: enabled
19:21:26 executing program 0:
r0 = syz_usb_connect(0x0, 0x89, &(0x7f00000008c0)={{0x12, 0x1, 0x0, 0x72, 0x68, 0x34, 0x8, 0x424, 0x9908, 0x6a5e, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x80, 0x0, 0x2, 0xc2, 0x8b, 0xac, 0x0, [], [{{0x9, 0x5, 0xb, 0x2}}, {{0x9, 0x5, 0x8a, 0x2}}]}}]}}]}}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000bc0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000f40)={0x54, 0x0, &(0x7f0000000d00), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000380)={0x24, &(0x7f0000002c40), 0x0, 0x0, 0x0})

syzkaller login: [  286.549599][T13163] IPVS: ftp: loaded support on port[0] = 21
[  286.730565][T13163] chnl_net:caif_netlink_parms(): no params data found
[  286.801702][T13163] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.809170][T13163] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.818165][T13163] device bridge_slave_0 entered promiscuous mode
[  286.829484][T13163] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.836772][T13163] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.845663][T13163] device bridge_slave_1 entered promiscuous mode
[  286.884192][T13163] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  286.897004][T13163] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  286.934810][T13163] team0: Port device team_slave_0 added
[  286.944967][T13163] team0: Port device team_slave_1 added
[  287.078156][T13163] device hsr_slave_0 entered promiscuous mode
[  287.333206][T13163] device hsr_slave_1 entered promiscuous mode
[  287.619668][T13163] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.626996][T13163] bridge0: port 2(bridge_slave_1) entered forwarding state
[  287.635042][T13163] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.642344][T13163] bridge0: port 1(bridge_slave_0) entered forwarding state
[  287.744833][T13163] 8021q: adding VLAN 0 to HW filter on device bond0
[  287.768154][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  287.780899][   T17] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.790913][   T17] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.806527][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  287.832094][T13163] 8021q: adding VLAN 0 to HW filter on device team0
[  287.848317][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  287.858287][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  287.867401][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.874634][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[  287.935637][T13163] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  287.947356][T13163] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  287.962743][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  287.972180][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  287.981321][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.988534][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[  287.998057][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  288.008313][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  288.018653][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  288.028766][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  288.038512][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  288.048577][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  288.058332][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  288.067633][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  288.077536][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  288.086907][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  288.106492][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  288.117683][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  288.151321][T13163] 8021q: adding VLAN 0 to HW filter on device batadv0
[  288.582607][   T12] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  288.852950][   T12] usb 1-1: Using ep0 maxpacket: 8
[  288.973532][   T12] usb 1-1: config 0 has an invalid interface number: 128 but max is 0
[  288.981852][   T12] usb 1-1: config 0 has no interface number 0
[  288.988253][   T12] usb 1-1: config 0 interface 128 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  288.998246][   T12] usb 1-1: config 0 interface 128 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0
[  289.008334][   T12] usb 1-1: New USB device found, idVendor=0424, idProduct=9908, bcdDevice=6a.5e
[  289.017493][   T12] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.028732][   T12] usb 1-1: config 0 descriptor??
[  289.075227][   T12] smsc95xx v1.0.6
[  289.462931][   T12] ==================================================================
[  289.471593][   T12] BUG: KMSAN: uninit-value in smsc95xx_read_eeprom+0x203/0x920
[  289.479151][   T12] CPU: 0 PID: 12 Comm: kworker/0:1 Not tainted 5.2.0-rc4+ #11
[  289.486612][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  289.496684][   T12] Workqueue: usb_hub_wq hub_event
[  289.501711][   T12] Call Trace:
[  289.505021][   T12]  dump_stack+0x191/0x1f0
[  289.509387][   T12]  kmsan_report+0x162/0x2d0
[  289.513952][   T12]  __msan_warning+0x75/0xe0
[  289.518487][   T12]  smsc95xx_read_eeprom+0x203/0x920
[  289.523732][   T12]  smsc95xx_bind+0x467/0x1690
[  289.528441][   T12]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  289.534359][   T12]  ? smsc95xx_mdio_write+0xc10/0xc10
[  289.539664][   T12]  usbnet_probe+0x10d3/0x3950
[  289.544374][   T12]  ? kmsan_internal_memset_shadow+0x104/0x3a0
[  289.550515][   T12]  ? usbnet_disconnect+0x660/0x660
[  289.555647][   T12]  usb_probe_interface+0xd19/0x1310
[  289.560889][   T12]  ? usb_register_driver+0x7d0/0x7d0
[  289.566197][   T12]  really_probe+0x1344/0x1d90
[  289.570913][   T12]  driver_probe_device+0x1ba/0x510
[  289.576045][   T12]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  289.581966][   T12]  __device_attach_driver+0x5b8/0x790
[  289.587374][   T12]  bus_for_each_drv+0x28e/0x3b0
[  289.592239][   T12]  ? deferred_probe_work_func+0x400/0x400
[  289.597989][   T12]  __device_attach+0x489/0x750
[  289.602818][   T12]  device_initial_probe+0x4a/0x60
[  289.607865][   T12]  bus_probe_device+0x131/0x390
[  289.612794][   T12]  device_add+0x25b5/0x2df0
[  289.617373][   T12]  usb_set_configuration+0x309f/0x3710
[  289.622924][   T12]  generic_probe+0xe7/0x280
[  289.627448][   T12]  ? usb_choose_configuration+0xae0/0xae0
[  289.633203][   T12]  usb_probe_device+0x146/0x200
[  289.638077][   T12]  ? usb_register_device_driver+0x470/0x470
[  289.644000][   T12]  really_probe+0x1344/0x1d90
[  289.648715][   T12]  driver_probe_device+0x1ba/0x510
[  289.653857][   T12]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  289.659776][   T12]  __device_attach_driver+0x5b8/0x790
[  289.665197][   T12]  bus_for_each_drv+0x28e/0x3b0
[  289.670092][   T12]  ? deferred_probe_work_func+0x400/0x400
[  289.675844][   T12]  __device_attach+0x489/0x750
[  289.680658][   T12]  device_initial_probe+0x4a/0x60
[  289.685718][   T12]  bus_probe_device+0x131/0x390
[  289.690612][   T12]  device_add+0x25b5/0x2df0
[  289.695172][   T12]  usb_new_device+0x23e5/0x2fb0
[  289.700083][   T12]  hub_event+0x5853/0x7320
[  289.704608][   T12]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  289.710512][   T12]  ? led_work+0x720/0x720
[  289.714851][   T12]  ? led_work+0x720/0x720
[  289.719201][   T12]  process_one_work+0x1572/0x1f00
[  289.724275][   T12]  worker_thread+0x111b/0x2460
[  289.729133][   T12]  kthread+0x4b5/0x4f0
[  289.733240][   T12]  ? process_one_work+0x1f00/0x1f00
[  289.738467][   T12]  ? kthread_blkcg+0xf0/0xf0
[  289.743072][   T12]  ret_from_fork+0x35/0x40
[  289.747513][   T12] 
[  289.749848][   T12] Local variable description: ----buf.i.i86@smsc95xx_read_eeprom
[  289.757566][   T12] Variable was created at:
[  289.762008][   T12]  smsc95xx_read_eeprom+0x109/0x920
[  289.767215][   T12]  smsc95xx_bind+0x467/0x1690
[  289.771889][   T12] ==================================================================
[  289.779948][   T12] Disabling lock debugging due to kernel taint
[  289.786101][   T12] Kernel panic - not syncing: panic_on_warn set ...
[  289.792705][   T12] CPU: 0 PID: 12 Comm: kworker/0:1 Tainted: G    B             5.2.0-rc4+ #11
[  289.801555][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  289.811640][   T12] Workqueue: usb_hub_wq hub_event
[  289.816664][   T12] Call Trace:
[  289.819972][   T12]  dump_stack+0x191/0x1f0
[  289.824337][   T12]  panic+0x3c9/0xc1e
[  289.828288][   T12]  kmsan_report+0x2ca/0x2d0
[  289.832821][   T12]  __msan_warning+0x75/0xe0
[  289.837354][   T12]  smsc95xx_read_eeprom+0x203/0x920
[  289.842589][   T12]  smsc95xx_bind+0x467/0x1690
[  289.847294][   T12]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  289.853207][   T12]  ? smsc95xx_mdio_write+0xc10/0xc10
[  289.858499][   T12]  usbnet_probe+0x10d3/0x3950
[  289.863192][   T12]  ? kmsan_internal_memset_shadow+0x104/0x3a0
[  289.869310][   T12]  ? usbnet_disconnect+0x660/0x660
[  289.874450][   T12]  usb_probe_interface+0xd19/0x1310
[  289.879743][   T12]  ? usb_register_driver+0x7d0/0x7d0
[  289.885048][   T12]  really_probe+0x1344/0x1d90
[  289.889771][   T12]  driver_probe_device+0x1ba/0x510
[  289.894903][   T12]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  289.900826][   T12]  __device_attach_driver+0x5b8/0x790
[  289.906243][   T12]  bus_for_each_drv+0x28e/0x3b0
[  289.911113][   T12]  ? deferred_probe_work_func+0x400/0x400
[  289.916880][   T12]  __device_attach+0x489/0x750
[  289.921686][   T12]  device_initial_probe+0x4a/0x60
[  289.926725][   T12]  bus_probe_device+0x131/0x390
[  289.931627][   T12]  device_add+0x25b5/0x2df0
[  289.936179][   T12]  usb_set_configuration+0x309f/0x3710
[  289.941715][   T12]  generic_probe+0xe7/0x280
[  289.946229][   T12]  ? usb_choose_configuration+0xae0/0xae0
[  289.951973][   T12]  usb_probe_device+0x146/0x200
[  289.956843][   T12]  ? usb_register_device_driver+0x470/0x470
[  289.962751][   T12]  really_probe+0x1344/0x1d90
[  289.967474][   T12]  driver_probe_device+0x1ba/0x510
[  289.972607][   T12]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  289.978527][   T12]  __device_attach_driver+0x5b8/0x790
[  289.983966][   T12]  bus_for_each_drv+0x28e/0x3b0
[  289.988852][   T12]  ? deferred_probe_work_func+0x400/0x400
[  289.994599][   T12]  __device_attach+0x489/0x750
[  289.999398][   T12]  device_initial_probe+0x4a/0x60
[  290.004452][   T12]  bus_probe_device+0x131/0x390
[  290.009324][   T12]  device_add+0x25b5/0x2df0
[  290.013877][   T12]  usb_new_device+0x23e5/0x2fb0
[  290.018789][   T12]  hub_event+0x5853/0x7320
[  290.023295][   T12]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  290.029228][   T12]  ? led_work+0x720/0x720
[  290.033568][   T12]  ? led_work+0x720/0x720
[  290.037915][   T12]  process_one_work+0x1572/0x1f00
[  290.042989][   T12]  worker_thread+0x111b/0x2460
[  290.047821][   T12]  kthread+0x4b5/0x4f0
[  290.051901][   T12]  ? process_one_work+0x1f00/0x1f00
[  290.057124][   T12]  ? kthread_blkcg+0xf0/0xf0
[  290.061753][   T12]  ret_from_fork+0x35/0x40
[  290.067129][   T12] Kernel Offset: disabled
[  290.071460][   T12] Rebooting in 86400 seconds..