[ 24.569480] audit: type=1800 audit(1541806168.615:21): pid=5503 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0 [ 24.594782] audit: type=1800 audit(1541806168.615:22): pid=5503 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 26.235254] sshd (5638) used greatest stack depth: 16152 bytes left Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.69' (ECDSA) to the list of known hosts. 2018/11/09 23:29:44 parsed 1 programs 2018/11/09 23:29:46 executed programs: 0 syzkaller login: [ 42.397813] IPVS: ftp: loaded support on port[0] = 21 [ 42.398533] IPVS: ftp: loaded support on port[0] = 21 [ 42.432931] IPVS: ftp: loaded support on port[0] = 21 [ 42.433173] IPVS: ftp: loaded support on port[0] = 21 [ 42.443346] IPVS: ftp: loaded support on port[0] = 21 [ 42.467482] IPVS: ftp: loaded support on port[0] = 21 [ 43.224138] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.232610] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.240634] device bridge_slave_0 entered promiscuous mode [ 43.259823] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.267845] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.278952] device bridge_slave_0 entered promiscuous mode [ 43.306432] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.314674] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.321634] device bridge_slave_1 entered promiscuous mode [ 43.331886] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.342666] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.350126] device bridge_slave_1 entered promiscuous mode [ 43.356487] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.362836] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.370499] device bridge_slave_0 entered promiscuous mode [ 43.384047] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.395409] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.401762] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.409255] device bridge_slave_0 entered promiscuous mode [ 43.416263] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.422588] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.430820] device bridge_slave_0 entered promiscuous mode [ 43.442412] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.449135] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.456518] device bridge_slave_0 entered promiscuous mode [ 43.464401] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.472637] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.484082] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.496460] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.503424] device bridge_slave_1 entered promiscuous mode [ 43.511532] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.518376] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.525592] device bridge_slave_1 entered promiscuous mode [ 43.531812] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.538551] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.545708] device bridge_slave_1 entered promiscuous mode [ 43.554108] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.561644] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.569237] device bridge_slave_1 entered promiscuous mode [ 43.581212] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.594800] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.609351] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.618990] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.629678] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.641046] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.658040] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.681977] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.695768] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.710093] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.736060] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.789043] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.806025] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.830848] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.853097] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.868822] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.879397] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.889144] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.920442] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.932085] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.950354] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.976182] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.000305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.017763] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.027896] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.037811] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.045920] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.052874] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.062768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.075984] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.085281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.096416] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.103780] team0: Port device team_slave_0 added [ 44.120762] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.130481] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.138678] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.149275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.159571] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.173416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.192870] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.202408] team0: Port device team_slave_1 added [ 44.257575] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.275869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.286120] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.331423] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.345461] team0: Port device team_slave_0 added [ 44.352739] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.370581] team0: Port device team_slave_0 added [ 44.379923] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.392993] team0: Port device team_slave_0 added [ 44.399090] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.411080] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.418687] team0: Port device team_slave_0 added [ 44.426652] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.435070] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.442665] team0: Port device team_slave_0 added [ 44.454383] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.467080] team0: Port device team_slave_1 added [ 44.475358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.488602] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.499809] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.507459] team0: Port device team_slave_1 added [ 44.514114] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.522523] team0: Port device team_slave_1 added [ 44.531477] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.543111] team0: Port device team_slave_1 added [ 44.551078] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.562791] team0: Port device team_slave_1 added [ 44.582064] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.597558] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.630770] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.643699] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.657710] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.666503] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.675821] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.683342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.691095] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.712488] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.722484] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.735227] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.742812] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.752626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.764099] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.781444] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.796294] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.805471] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.813513] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.827015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.842222] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.850654] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.860503] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.871372] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.880817] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.895833] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.903704] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.912174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.922660] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.933411] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.946721] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.954093] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.965987] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.973919] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.984221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.992548] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 45.000566] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 45.012914] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 45.028366] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 45.050819] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 45.059468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 45.067826] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 45.076456] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 45.524622] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.531123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.538261] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.544644] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.552132] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 45.569943] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.576353] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.582961] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.589389] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.599439] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 45.716221] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.722601] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.729270] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.735672] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.743095] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 45.793509] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.799924] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.806608] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.812978] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.822770] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 45.903862] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.910273] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.916991] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.923360] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.933037] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 45.944721] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.951099] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.957805] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.964157] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.990879] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 46.017766] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.028857] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.060557] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.067716] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.074858] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.081857] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 48.198749] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.273883] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.314188] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.414016] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 48.449155] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.495713] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 48.579102] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 48.593719] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.608258] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.682038] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 48.692184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 48.706996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.718547] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 48.737434] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 48.754005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 48.771386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.847868] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 48.862736] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 48.878834] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 48.887998] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.935335] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 48.954353] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.011220] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 49.023299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.032363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.060190] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.110606] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 49.119215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.132206] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.204890] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.219612] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 49.232721] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.246004] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.291662] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.349288] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.481250] 8021q: adding VLAN 0 to HW filter on device team0 2018/11/09 23:29:54 executed programs: 6 [ 50.742916] vivid-000: kernel_thread() failed [ 50.760126] ================================================================== [ 50.767629] BUG: KASAN: null-ptr-deref in kthread_stop+0x10d/0x900 [ 50.773957] Write of size 4 at addr 000000000000001c by task syz-executor4/7218 [ 50.781402] [ 50.783027] CPU: 0 PID: 7218 Comm: syz-executor4 Not tainted 4.20.0-rc1+ #106 [ 50.790281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.799629] Call Trace: [ 50.802225] dump_stack+0x244/0x39d [ 50.805854] ? dump_stack_print_info.cold.1+0x20/0x20 [ 50.811039] ? vprintk_func+0x85/0x181 [ 50.814928] kasan_report.cold.8+0x6d/0x309 [ 50.819250] ? kthread_stop+0x10d/0x900 [ 50.823223] check_memory_region+0x13e/0x1b0 [ 50.827618] kasan_check_write+0x14/0x20 [ 50.831680] kthread_stop+0x10d/0x900 [ 50.835470] ? kthread_unpark+0x160/0x160 [ 50.839608] ? __lock_is_held+0xb5/0x140 [ 50.843674] vivid_stop_generating_vid_cap+0x2bb/0x9ae [ 50.848945] ? vivid_start_generating_vid_cap+0x4c0/0x4c0 [ 50.854476] ? _vb2_fop_release+0x3f/0x2b0 [ 50.858707] ? mutex_trylock+0x2b0/0x2b0 [ 50.862761] ? vivid_fop_release+0x66/0x440 [ 50.867090] ? __mutex_lock+0x85e/0x16f0 [ 50.871149] vid_cap_stop_streaming+0x8d/0xe0 [ 50.875634] ? vid_cap_buf_queue+0x310/0x310 [ 50.880081] __vb2_queue_cancel+0x171/0xd20 [ 50.884411] ? lock_downgrade+0x900/0x900 [ 50.888557] ? vb2_buffer_done+0xb90/0xb90 [ 50.892780] ? find_held_lock+0x36/0x1c0 [ 50.896831] ? mark_held_locks+0xc7/0x130 [ 50.900982] ? kasan_check_write+0x14/0x20 [ 50.905210] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 50.910129] ? kasan_check_read+0x11/0x20 [ 50.914263] ? wait_for_completion+0x8a0/0x8a0 [ 50.918843] ? trace_hardirqs_off_caller+0x310/0x310 [ 50.923942] ? ep_modify+0xc10/0xc10 [ 50.927648] vb2_core_streamoff+0x60/0x140 [ 50.931882] __vb2_cleanup_fileio+0x73/0x160 [ 50.936295] vb2_core_queue_release+0x1e/0x80 [ 50.940776] _vb2_fop_release+0x1d2/0x2b0 [ 50.944913] vb2_fop_release+0x77/0xc0 [ 50.948788] vivid_fop_release+0x18e/0x440 [ 50.953008] ? vivid_remove+0x460/0x460 [ 50.956966] v4l2_release+0x224/0x3a0 [ 50.960753] ? dev_debug_store+0x140/0x140 [ 50.964971] __fput+0x385/0xa30 [ 50.968243] ? get_max_files+0x20/0x20 [ 50.972115] ? trace_hardirqs_on+0xbd/0x310 [ 50.976443] ? kasan_check_read+0x11/0x20 [ 50.980585] ? task_work_run+0x1af/0x2a0 [ 50.984630] ? trace_hardirqs_off_caller+0x310/0x310 [ 50.989723] ? filp_close+0x1cd/0x250 [ 50.993525] ____fput+0x15/0x20 [ 50.996813] task_work_run+0x1e8/0x2a0 [ 51.000695] ? task_work_cancel+0x240/0x240 [ 51.005003] ? copy_fd_bitmaps+0x210/0x210 [ 51.009220] ? do_syscall_64+0x9a/0x820 [ 51.013190] exit_to_usermode_loop+0x318/0x380 [ 51.017780] ? __bpf_trace_sys_exit+0x30/0x30 [ 51.022264] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 51.027788] do_syscall_64+0x6be/0x820 [ 51.031663] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 51.037012] ? syscall_return_slowpath+0x5e0/0x5e0 [ 51.041928] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 51.046760] ? trace_hardirqs_on_caller+0x310/0x310 [ 51.051762] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 51.056772] ? prepare_exit_to_usermode+0x291/0x3b0 [ 51.061793] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 51.066648] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 51.071827] RIP: 0033:0x457569 [ 51.075006] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 51.093893] RSP: 002b:00007f0e1a85bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 51.101584] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000457569 [ 51.108842] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 51.116098] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 51.123353] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0e1a85c6d4 [ 51.130619] R13: 00000000004efe32 R14: 00000000004cc6e0 R15: 00000000ffffffff [ 51.137898] ================================================================== [ 51.145245] Disabling lock debugging due to kernel taint [ 51.166504] Kernel panic - not syncing: panic_on_warn set ... [ 51.172438] CPU: 0 PID: 7218 Comm: syz-executor4 Tainted: G B 4.20.0-rc1+ #106 [ 51.181105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.190452] Call Trace: [ 51.193037] dump_stack+0x244/0x39d [ 51.196680] ? dump_stack_print_info.cold.1+0x20/0x20 [ 51.201884] panic+0x2ad/0x55c [ 51.205086] ? add_taint.cold.5+0x16/0x16 [ 51.209242] ? preempt_schedule+0x4d/0x60 [ 51.213436] ? ___preempt_schedule+0x16/0x18 [ 51.217838] ? trace_hardirqs_on+0xb4/0x310 [ 51.222146] kasan_end_report+0x47/0x4f [ 51.226103] kasan_report.cold.8+0x76/0x309 [ 51.230408] ? kthread_stop+0x10d/0x900 [ 51.234387] check_memory_region+0x13e/0x1b0 [ 51.238798] kasan_check_write+0x14/0x20 [ 51.242851] kthread_stop+0x10d/0x900 [ 51.246647] ? kthread_unpark+0x160/0x160 [ 51.250800] ? __lock_is_held+0xb5/0x140 [ 51.254861] vivid_stop_generating_vid_cap+0x2bb/0x9ae [ 51.260124] ? vivid_start_generating_vid_cap+0x4c0/0x4c0 [ 51.265644] ? _vb2_fop_release+0x3f/0x2b0 [ 51.269866] ? mutex_trylock+0x2b0/0x2b0 [ 51.273911] ? vivid_fop_release+0x66/0x440 [ 51.278227] ? __mutex_lock+0x85e/0x16f0 [ 51.282279] vid_cap_stop_streaming+0x8d/0xe0 [ 51.286757] ? vid_cap_buf_queue+0x310/0x310 [ 51.291150] __vb2_queue_cancel+0x171/0xd20 [ 51.295458] ? lock_downgrade+0x900/0x900 [ 51.299591] ? vb2_buffer_done+0xb90/0xb90 [ 51.303808] ? find_held_lock+0x36/0x1c0 [ 51.307857] ? mark_held_locks+0xc7/0x130 [ 51.311993] ? kasan_check_write+0x14/0x20 [ 51.316210] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 51.321125] ? kasan_check_read+0x11/0x20 [ 51.325270] ? wait_for_completion+0x8a0/0x8a0 [ 51.329840] ? trace_hardirqs_off_caller+0x310/0x310 [ 51.334936] ? ep_modify+0xc10/0xc10 [ 51.338647] vb2_core_streamoff+0x60/0x140 [ 51.342876] __vb2_cleanup_fileio+0x73/0x160 [ 51.347288] vb2_core_queue_release+0x1e/0x80 [ 51.351779] _vb2_fop_release+0x1d2/0x2b0 [ 51.355910] vb2_fop_release+0x77/0xc0 [ 51.359805] vivid_fop_release+0x18e/0x440 [ 51.364027] ? vivid_remove+0x460/0x460 [ 51.367985] v4l2_release+0x224/0x3a0 [ 51.371767] ? dev_debug_store+0x140/0x140 [ 51.375993] __fput+0x385/0xa30 [ 51.379275] ? get_max_files+0x20/0x20 [ 51.383154] ? trace_hardirqs_on+0xbd/0x310 [ 51.387459] ? kasan_check_read+0x11/0x20 [ 51.391593] ? task_work_run+0x1af/0x2a0 [ 51.395649] ? trace_hardirqs_off_caller+0x310/0x310 [ 51.400745] ? filp_close+0x1cd/0x250 [ 51.404539] ____fput+0x15/0x20 [ 51.407820] task_work_run+0x1e8/0x2a0 [ 51.411701] ? task_work_cancel+0x240/0x240 [ 51.416010] ? copy_fd_bitmaps+0x210/0x210 [ 51.420229] ? do_syscall_64+0x9a/0x820 [ 51.424201] exit_to_usermode_loop+0x318/0x380 [ 51.428777] ? __bpf_trace_sys_exit+0x30/0x30 [ 51.433280] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 51.438805] do_syscall_64+0x6be/0x820 [ 51.442683] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 51.448036] ? syscall_return_slowpath+0x5e0/0x5e0 [ 51.453048] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 51.457882] ? trace_hardirqs_on_caller+0x310/0x310 [ 51.462884] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 51.467891] ? prepare_exit_to_usermode+0x291/0x3b0 [ 51.472900] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 51.477741] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 51.482916] RIP: 0033:0x457569 [ 51.486095] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 51.504990] RSP: 002b:00007f0e1a85bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 51.512698] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000457569 [ 51.519973] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 51.527227] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 51.534486] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0e1a85c6d4 [ 51.541749] R13: 00000000004efe32 R14: 00000000004cc6e0 R15: 00000000ffffffff [ 51.550260] Kernel Offset: disabled [ 51.553880] Rebooting in 86400 seconds..