[ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.6' (ECDSA) to the list of known hosts. syzkaller login: [ 146.327476][ T8468] IPVS: ftp: loaded support on port[0] = 21 [ 146.512832][ T8468] chnl_net:caif_netlink_parms(): no params data found [ 146.616838][ T8468] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.624822][ T8468] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.633212][ T8468] device bridge_slave_0 entered promiscuous mode [ 146.647023][ T8468] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.654529][ T8468] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.663056][ T8468] device bridge_slave_1 entered promiscuous mode [ 146.701476][ T8468] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 146.716376][ T8468] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 146.751285][ T8468] team0: Port device team_slave_0 added [ 146.761529][ T8468] team0: Port device team_slave_1 added [ 146.794731][ T8468] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 146.801751][ T8468] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.827959][ T8468] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 146.841723][ T8468] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 146.848927][ T8468] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.875202][ T8468] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 146.921248][ T8468] device hsr_slave_0 entered promiscuous mode [ 146.929184][ T8468] device hsr_slave_1 entered promiscuous mode [ 147.131223][ T8468] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 147.145395][ T8468] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 147.163688][ T8468] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 147.182228][ T8468] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 147.282138][ T8468] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.289854][ T8468] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.298022][ T8468] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.305570][ T8468] bridge0: port 1(bridge_slave_0) entered forwarding state [ 147.406193][ T8468] 8021q: adding VLAN 0 to HW filter on device bond0 [ 147.432866][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 147.445944][ T29] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.455377][ T29] bridge0: port 2(bridge_slave_1) entered disabled state [ 147.467549][ T29] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 147.490221][ T8468] 8021q: adding VLAN 0 to HW filter on device team0 [ 147.504960][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 147.514992][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 147.524276][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.531522][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 147.566785][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 147.577619][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 147.587318][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.594790][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.603857][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 147.613884][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 147.635416][ T3464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 147.646521][ T3464] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 147.668300][ T3464] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 147.682973][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 147.693151][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 147.725278][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 147.735206][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 147.745314][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 147.755056][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 147.768423][ T8468] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 147.808576][ T3464] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 147.816534][ T3464] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 147.843009][ T8468] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.894142][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 147.903529][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 147.961821][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 147.972298][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 147.998384][ T8468] device veth0_vlan entered promiscuous mode [ 148.007596][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 148.016821][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 148.052185][ T8468] device veth1_vlan entered promiscuous mode [ 148.137561][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 148.147174][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 148.156834][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 148.168566][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 148.190455][ T8468] device veth0_macvtap entered promiscuous mode [ 148.210036][ T8468] device veth1_macvtap entered promiscuous mode [ 148.254222][ T8468] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 148.261818][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 148.275484][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 148.285163][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 148.294965][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 148.315495][ T8468] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 148.326874][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 148.337702][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 148.734173][ T29] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 149.094822][ T29] usb 1-1: New USB device found, idVendor=07b8, idProduct=401a, bcdDevice=3d.3d [ 149.104125][ T29] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.114816][ T29] usb 1-1: config 0 descriptor?? [ 149.900553][ T29] ===================================================== [ 149.907550][ T29] BUG: KMSAN: uninit-value in batadv_hard_if_event+0x28d7/0x3bd0 [ 149.915280][ T29] CPU: 1 PID: 29 Comm: kworker/1:1 Not tainted 5.8.0-rc5-syzkaller #0 [ 149.923445][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 149.933516][ T29] Workqueue: usb_hub_wq hub_event [ 149.938543][ T29] Call Trace: [ 149.941853][ T29] dump_stack+0x21c/0x280 [ 149.946209][ T29] kmsan_report+0xf7/0x1e0 [ 149.950644][ T29] __msan_warning+0x58/0xa0 [ 149.955168][ T29] batadv_hard_if_event+0x28d7/0x3bd0 [ 149.960606][ T29] ? batadv_hardif_remove_interface+0x4c0/0x4c0 [ 149.966862][ T29] raw_notifier_call_chain+0x123/0x290 [ 149.972359][ T29] register_netdevice+0x3120/0x37d0 [ 149.977611][ T29] register_netdev+0xbe/0x100 [ 149.982308][ T29] rtl8150_probe+0x12d9/0x15b0 [ 149.987113][ T29] ? read_eprom_word+0xe80/0xe80 [ 149.992067][ T29] usb_probe_interface+0xece/0x1550 [ 149.997275][ T29] ? usb_register_driver+0x900/0x900 [ 150.002570][ T29] really_probe+0xf20/0x20b0 [ 150.007195][ T29] ? kmsan_get_metadata+0x116/0x180 [ 150.012387][ T29] driver_probe_device+0x293/0x390 [ 150.017514][ T29] __device_attach_driver+0x63f/0x830 [ 150.022920][ T29] bus_for_each_drv+0x2ca/0x3f0 [ 150.027785][ T29] ? coredump_store+0xf0/0xf0 [ 150.032487][ T29] __device_attach+0x4e2/0x7f0 [ 150.037283][ T29] device_initial_probe+0x4a/0x60 [ 150.042411][ T29] bus_probe_device+0x177/0x3d0 [ 150.047282][ T29] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 150.053100][ T29] device_add+0x3b0e/0x40d0 [ 150.057652][ T29] usb_set_configuration+0x380f/0x3f10 [ 150.063132][ T29] ? usb_set_configuration+0xb41/0x3f10 [ 150.068733][ T29] usb_generic_driver_probe+0x138/0x300 [ 150.074296][ T29] ? usb_choose_configuration+0xe70/0xe70 [ 150.080025][ T29] usb_probe_device+0x311/0x490 [ 150.084899][ T29] ? usb_register_device_driver+0x540/0x540 [ 150.090804][ T29] really_probe+0xf20/0x20b0 [ 150.095422][ T29] ? kmsan_get_metadata+0x116/0x180 [ 150.100637][ T29] driver_probe_device+0x293/0x390 [ 150.105768][ T29] __device_attach_driver+0x63f/0x830 [ 150.111186][ T29] bus_for_each_drv+0x2ca/0x3f0 [ 150.116049][ T29] ? coredump_store+0xf0/0xf0 [ 150.120749][ T29] __device_attach+0x4e2/0x7f0 [ 150.125542][ T29] device_initial_probe+0x4a/0x60 [ 150.130581][ T29] bus_probe_device+0x177/0x3d0 [ 150.135449][ T29] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 150.141267][ T29] device_add+0x3b0e/0x40d0 [ 150.145819][ T29] usb_new_device+0x1bd4/0x2a30 [ 150.150705][ T29] hub_event+0x5e7b/0x8a70 [ 150.155194][ T29] ? kmsan_get_metadata+0x116/0x180 [ 150.160418][ T29] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 150.166234][ T29] ? led_work+0x7c0/0x7c0 [ 150.170578][ T29] process_one_work+0x1688/0x2140 [ 150.175646][ T29] worker_thread+0x10bc/0x2730 [ 150.180423][ T29] ? kmsan_get_metadata+0x116/0x180 [ 150.185662][ T29] kthread+0x551/0x590 [ 150.189745][ T29] ? process_one_work+0x2140/0x2140 [ 150.194980][ T29] ? kthread_blkcg+0x110/0x110 [ 150.199765][ T29] ret_from_fork+0x1f/0x30 [ 150.204193][ T29] [ 150.206525][ T29] Uninit was stored to memory at: [ 150.211560][ T29] kmsan_internal_chain_origin+0xad/0x130 [ 150.217292][ T29] kmsan_memcpy_memmove_metadata+0x272/0x2e0 [ 150.223277][ T29] kmsan_memcpy_metadata+0xb/0x10 [ 150.228317][ T29] __msan_memcpy+0x43/0x50 [ 150.232740][ T29] rtl8150_probe+0x1236/0x15b0 [ 150.237514][ T29] usb_probe_interface+0xece/0x1550 [ 150.242718][ T29] really_probe+0xf20/0x20b0 [ 150.247315][ T29] driver_probe_device+0x293/0x390 [ 150.252435][ T29] __device_attach_driver+0x63f/0x830 [ 150.257820][ T29] bus_for_each_drv+0x2ca/0x3f0 [ 150.262675][ T29] __device_attach+0x4e2/0x7f0 [ 150.267465][ T29] device_initial_probe+0x4a/0x60 [ 150.272504][ T29] bus_probe_device+0x177/0x3d0 [ 150.277363][ T29] device_add+0x3b0e/0x40d0 [ 150.281958][ T29] usb_set_configuration+0x380f/0x3f10 [ 150.287422][ T29] usb_generic_driver_probe+0x138/0x300 [ 150.292975][ T29] usb_probe_device+0x311/0x490 [ 150.297836][ T29] really_probe+0xf20/0x20b0 [ 150.302453][ T29] driver_probe_device+0x293/0x390 [ 150.307579][ T29] __device_attach_driver+0x63f/0x830 [ 150.312981][ T29] bus_for_each_drv+0x2ca/0x3f0 [ 150.317843][ T29] __device_attach+0x4e2/0x7f0 [ 150.322614][ T29] device_initial_probe+0x4a/0x60 [ 150.327649][ T29] bus_probe_device+0x177/0x3d0 [ 150.332590][ T29] device_add+0x3b0e/0x40d0 [ 150.337102][ T29] usb_new_device+0x1bd4/0x2a30 [ 150.342045][ T29] hub_event+0x5e7b/0x8a70 [ 150.346471][ T29] process_one_work+0x1688/0x2140 [ 150.351505][ T29] worker_thread+0x10bc/0x2730 [ 150.356272][ T29] kthread+0x551/0x590 [ 150.360350][ T29] ret_from_fork+0x1f/0x30 [ 150.364759][ T29] [ 150.367086][ T29] Local variable ----node_id.i@rtl8150_probe created at: [ 150.374114][ T29] rtl8150_probe+0xea7/0x15b0 [ 150.378796][ T29] rtl8150_probe+0xea7/0x15b0 [ 150.383480][ T29] ===================================================== [ 150.390424][ T29] Disabling lock debugging due to kernel taint [ 150.396574][ T29] Kernel panic - not syncing: panic_on_warn set ... [ 150.403171][ T29] CPU: 1 PID: 29 Comm: kworker/1:1 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 150.412705][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 150.422776][ T29] Workqueue: usb_hub_wq hub_event [ 150.427801][ T29] Call Trace: [ 150.431116][ T29] dump_stack+0x21c/0x280 [ 150.435468][ T29] panic+0x4d7/0xef7 [ 150.439404][ T29] ? add_taint+0x17c/0x210 [ 150.443858][ T29] kmsan_report+0x1df/0x1e0 [ 150.448400][ T29] __msan_warning+0x58/0xa0 [ 150.452921][ T29] batadv_hard_if_event+0x28d7/0x3bd0 [ 150.458337][ T29] ? batadv_hardif_remove_interface+0x4c0/0x4c0 [ 150.464589][ T29] raw_notifier_call_chain+0x123/0x290 [ 150.470075][ T29] register_netdevice+0x3120/0x37d0 [ 150.475317][ T29] register_netdev+0xbe/0x100 [ 150.480016][ T29] rtl8150_probe+0x12d9/0x15b0 [ 150.484814][ T29] ? read_eprom_word+0xe80/0xe80 [ 150.489856][ T29] usb_probe_interface+0xece/0x1550 [ 150.495083][ T29] ? usb_register_driver+0x900/0x900 [ 150.500377][ T29] really_probe+0xf20/0x20b0 [ 150.504989][ T29] ? kmsan_get_metadata+0x116/0x180 [ 150.510207][ T29] driver_probe_device+0x293/0x390 [ 150.515356][ T29] __device_attach_driver+0x63f/0x830 [ 150.520756][ T29] bus_for_each_drv+0x2ca/0x3f0 [ 150.525619][ T29] ? coredump_store+0xf0/0xf0 [ 150.530320][ T29] __device_attach+0x4e2/0x7f0 [ 150.535114][ T29] device_initial_probe+0x4a/0x60 [ 150.540156][ T29] bus_probe_device+0x177/0x3d0 [ 150.545043][ T29] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 150.550862][ T29] device_add+0x3b0e/0x40d0 [ 150.555414][ T29] usb_set_configuration+0x380f/0x3f10 [ 150.560900][ T29] ? usb_set_configuration+0xb41/0x3f10 [ 150.566501][ T29] usb_generic_driver_probe+0x138/0x300 [ 150.572062][ T29] ? usb_choose_configuration+0xe70/0xe70 [ 150.577796][ T29] usb_probe_device+0x311/0x490 [ 150.582667][ T29] ? usb_register_device_driver+0x540/0x540 [ 150.588571][ T29] really_probe+0xf20/0x20b0 [ 150.593181][ T29] ? kmsan_get_metadata+0x116/0x180 [ 150.598400][ T29] driver_probe_device+0x293/0x390 [ 150.603535][ T29] __device_attach_driver+0x63f/0x830 [ 150.608938][ T29] bus_for_each_drv+0x2ca/0x3f0 [ 150.613844][ T29] ? coredump_store+0xf0/0xf0 [ 150.618557][ T29] __device_attach+0x4e2/0x7f0 [ 150.623362][ T29] device_initial_probe+0x4a/0x60 [ 150.628576][ T29] bus_probe_device+0x177/0x3d0 [ 150.633449][ T29] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 150.639266][ T29] device_add+0x3b0e/0x40d0 [ 150.643815][ T29] usb_new_device+0x1bd4/0x2a30 [ 150.648707][ T29] hub_event+0x5e7b/0x8a70 [ 150.653214][ T29] ? kmsan_get_metadata+0x116/0x180 [ 150.658433][ T29] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 150.664251][ T29] ? led_work+0x7c0/0x7c0 [ 150.668596][ T29] process_one_work+0x1688/0x2140 [ 150.673662][ T29] worker_thread+0x10bc/0x2730 [ 150.678442][ T29] ? kmsan_get_metadata+0x116/0x180 [ 150.683699][ T29] kthread+0x551/0x590 [ 150.687781][ T29] ? process_one_work+0x2140/0x2140 [ 150.692998][ T29] ? kthread_blkcg+0x110/0x110 [ 150.697774][ T29] ret_from_fork+0x1f/0x30 [ 150.703308][ T29] Kernel Offset: disabled [ 150.707670][ T29] Rebooting in 86400 seconds..