[info] Using makefile-style concurrent boot in runlevel 2. [ 24.253709] audit: type=1800 audit(1541698013.177:21): pid=5496 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0 [ 24.273226] audit: type=1800 audit(1541698013.187:22): pid=5496 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.87' (ECDSA) to the list of known hosts. 2018/11/08 17:28:42 parsed 1 programs 2018/11/08 17:28:44 executed programs: 0 syzkaller login: [ 135.725558] IPVS: ftp: loaded support on port[0] = 21 [ 135.961803] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.968965] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.976461] device bridge_slave_0 entered promiscuous mode [ 135.995096] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.001600] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.008790] device bridge_slave_1 entered promiscuous mode [ 136.025965] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 136.043319] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 136.091430] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 136.111171] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 136.183719] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 136.190978] team0: Port device team_slave_0 added [ 136.207092] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 136.214389] team0: Port device team_slave_1 added [ 136.231281] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 136.249555] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 136.268813] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 136.287735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 136.426411] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.432901] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.440101] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.446511] bridge0: port 1(bridge_slave_0) entered forwarding state [ 136.934284] 8021q: adding VLAN 0 to HW filter on device bond0 [ 136.983075] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 137.032273] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 137.038619] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 137.047631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 137.094073] 8021q: adding VLAN 0 to HW filter on device team0 2018/11/08 17:28:49 executed programs: 67 2018/11/08 17:28:54 executed programs: 168 2018/11/08 17:28:59 executed programs: 272 2018/11/08 17:29:04 executed programs: 386 2018/11/08 17:29:10 executed programs: 490 2018/11/08 17:29:15 executed programs: 606 2018/11/08 17:29:20 executed programs: 748 2018/11/08 17:29:25 executed programs: 854 2018/11/08 17:29:30 executed programs: 972 2018/11/08 17:29:35 executed programs: 1127 2018/11/08 17:29:40 executed programs: 1253 2018/11/08 17:29:45 executed programs: 1354 [ 199.887042] vivid-000: kernel_thread() failed [ 200.708519] ================================================================== [ 200.716046] BUG: KASAN: null-ptr-deref in kthread_stop+0x10d/0x900 [ 200.722351] Write of size 4 at addr 000000000000001c by task syz-executor0/12906 [ 200.729867] [ 200.731495] CPU: 1 PID: 12906 Comm: syz-executor0 Not tainted 4.20.0-rc1+ #228 [ 200.738836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 200.748171] Call Trace: [ 200.750766] dump_stack+0x244/0x39d [ 200.754389] ? dump_stack_print_info.cold.1+0x20/0x20 [ 200.759571] ? vprintk_func+0x85/0x181 [ 200.763453] kasan_report.cold.8+0x6d/0x309 [ 200.767768] ? kthread_stop+0x10d/0x900 [ 200.771744] check_memory_region+0x13e/0x1b0 [ 200.776163] kasan_check_write+0x14/0x20 [ 200.780303] kthread_stop+0x10d/0x900 [ 200.784101] ? kthread_unpark+0x160/0x160 [ 200.788240] ? __lock_is_held+0xb5/0x140 [ 200.792306] vivid_stop_generating_vid_cap+0x2bb/0x9ae [ 200.797574] ? vivid_start_generating_vid_cap+0x4c0/0x4c0 [ 200.803204] ? _vb2_fop_release+0x3f/0x2b0 [ 200.807433] ? mutex_trylock+0x2b0/0x2b0 [ 200.811490] ? vivid_fop_release+0x66/0x440 [ 200.815803] ? __mutex_lock+0x85e/0x16f0 [ 200.819863] vid_cap_stop_streaming+0x8d/0xe0 [ 200.824350] ? vid_cap_buf_queue+0x310/0x310 [ 200.828804] __vb2_queue_cancel+0x171/0xd20 [ 200.833129] ? lock_downgrade+0x900/0x900 [ 200.837275] ? vb2_buffer_done+0xb90/0xb90 [ 200.841498] ? find_held_lock+0x36/0x1c0 [ 200.845551] ? mark_held_locks+0xc7/0x130 [ 200.849689] ? kasan_check_write+0x14/0x20 [ 200.853919] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 200.858845] ? kasan_check_read+0x11/0x20 [ 200.862987] ? wait_for_completion+0x8a0/0x8a0 [ 200.867566] ? trace_hardirqs_off_caller+0x310/0x310 [ 200.872666] vb2_core_streamoff+0x60/0x140 [ 200.876890] __vb2_cleanup_fileio+0x73/0x160 [ 200.881286] vb2_core_queue_release+0x1e/0x80 [ 200.885777] _vb2_fop_release+0x1d2/0x2b0 [ 200.889938] vb2_fop_release+0x77/0xc0 [ 200.893819] vivid_fop_release+0x18e/0x440 [ 200.898097] ? vivid_remove+0x460/0x460 [ 200.902075] v4l2_release+0x224/0x3a0 [ 200.906032] ? dev_debug_store+0x140/0x140 [ 200.910256] __fput+0x385/0xa30 [ 200.913585] ? get_max_files+0x20/0x20 [ 200.917470] ? trace_hardirqs_on+0xbd/0x310 [ 200.921838] ? kasan_check_read+0x11/0x20 [ 200.925984] ? task_work_run+0x1af/0x2a0 [ 200.930030] ? trace_hardirqs_off_caller+0x310/0x310 [ 200.935184] ? rcu_softirq_qs+0x20/0x20 [ 200.939154] ? unwind_dump+0x190/0x190 [ 200.943045] ____fput+0x15/0x20 [ 200.946326] task_work_run+0x1e8/0x2a0 [ 200.950222] ? task_work_cancel+0x240/0x240 [ 200.954541] ? __fget+0x4aa/0x740 [ 200.957984] get_signal+0x1558/0x1980 [ 200.961783] ? find_held_lock+0x36/0x1c0 [ 200.965831] ? ptrace_notify+0x130/0x130 [ 200.969886] ? compat_poll_select_copy_remaining+0x6c0/0x6c0 [ 200.975805] ? pvclock_read_flags+0x160/0x160 [ 200.980298] ? poll_select_set_timeout+0x19a/0x240 [ 200.985214] ? trace_hardirqs_off_caller+0x310/0x310 [ 200.990308] ? lock_downgrade+0x900/0x900 [ 200.994449] do_signal+0x9c/0x21c0 [ 200.997977] ? timespec64_add_safe+0x204/0x2f0 [ 201.002548] ? nsec_to_clock_t+0x30/0x30 [ 201.006605] ? setup_sigcontext+0x7d0/0x7d0 [ 201.010934] ? exit_to_usermode_loop+0x8c/0x380 [ 201.015592] ? exit_to_usermode_loop+0x8c/0x380 [ 201.020255] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 201.024828] ? trace_hardirqs_on+0xbd/0x310 [ 201.029142] ? do_fast_syscall_32+0xcd5/0xfb2 [ 201.033635] ? trace_hardirqs_off_caller+0x310/0x310 [ 201.038730] ? do_restart_poll+0x2e0/0x2e0 [ 201.042962] ? get_old_timespec32+0x2a0/0x2a0 [ 201.047455] ? do_fast_syscall_32+0x150/0xfb2 [ 201.051937] ? do_fast_syscall_32+0x150/0xfb2 [ 201.056418] exit_to_usermode_loop+0x2e5/0x380 [ 201.060987] ? __bpf_trace_sys_exit+0x30/0x30 [ 201.065473] ? __ia32_compat_sys_ioctl+0x17a/0x630 [ 201.070399] do_fast_syscall_32+0xcd5/0xfb2 [ 201.074713] ? do_int80_syscall_32+0x890/0x890 [ 201.079285] ? entry_SYSENTER_compat+0x68/0x7f [ 201.083864] ? trace_hardirqs_off_caller+0xbb/0x310 [ 201.088868] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 201.093705] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 201.098645] ? trace_hardirqs_on_caller+0x310/0x310 [ 201.103650] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 201.108656] ? prepare_exit_to_usermode+0x291/0x3b0 [ 201.113675] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 201.118587] entry_SYSENTER_compat+0x70/0x7f [ 201.122990] RIP: 0023:0xf7f34a29 [ 201.126345] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 201.145278] RSP: 002b:00000000f7f300cc EFLAGS: 00000296 ORIG_RAX: 00000000000000a8 [ 201.152981] RAX: 0000000000000001 RBX: 00000000200003c0 RCX: 0000000000000001 [ 201.160239] RDX: 0000000000010001 RSI: 0000000000000000 RDI: 0000000000000000 [ 201.167496] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 201.174753] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 201.182015] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 201.189282] ================================================================== [ 201.196622] Disabling lock debugging due to kernel taint [ 201.202597] Kernel panic - not syncing: panic_on_warn set ... [ 201.208492] CPU: 1 PID: 12906 Comm: syz-executor0 Tainted: G B 4.20.0-rc1+ #228 [ 201.217220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 201.226555] Call Trace: [ 201.229275] dump_stack+0x244/0x39d [ 201.232897] ? dump_stack_print_info.cold.1+0x20/0x20 [ 201.238078] panic+0x2ad/0x55c [ 201.241266] ? add_taint.cold.5+0x16/0x16 [ 201.245418] ? preempt_schedule+0x4d/0x60 [ 201.249552] ? ___preempt_schedule+0x16/0x18 [ 201.253950] ? trace_hardirqs_on+0xb4/0x310 [ 201.258258] kasan_end_report+0x47/0x4f [ 201.262240] kasan_report.cold.8+0x76/0x309 [ 201.266553] ? kthread_stop+0x10d/0x900 [ 201.270517] check_memory_region+0x13e/0x1b0 [ 201.274914] kasan_check_write+0x14/0x20 [ 201.278974] kthread_stop+0x10d/0x900 [ 201.282763] ? kthread_unpark+0x160/0x160 [ 201.286900] ? __lock_is_held+0xb5/0x140 [ 201.290951] vivid_stop_generating_vid_cap+0x2bb/0x9ae [ 201.296294] ? vivid_start_generating_vid_cap+0x4c0/0x4c0 [ 201.301828] ? _vb2_fop_release+0x3f/0x2b0 [ 201.306056] ? mutex_trylock+0x2b0/0x2b0 [ 201.310099] ? vivid_fop_release+0x66/0x440 [ 201.314410] ? __mutex_lock+0x85e/0x16f0 [ 201.318461] vid_cap_stop_streaming+0x8d/0xe0 [ 201.323045] ? vid_cap_buf_queue+0x310/0x310 [ 201.327574] __vb2_queue_cancel+0x171/0xd20 [ 201.331894] ? lock_downgrade+0x900/0x900 [ 201.336025] ? vb2_buffer_done+0xb90/0xb90 [ 201.340239] ? find_held_lock+0x36/0x1c0 [ 201.344292] ? mark_held_locks+0xc7/0x130 [ 201.348430] ? kasan_check_write+0x14/0x20 [ 201.352649] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 201.357560] ? kasan_check_read+0x11/0x20 [ 201.361701] ? wait_for_completion+0x8a0/0x8a0 [ 201.366267] ? trace_hardirqs_off_caller+0x310/0x310 [ 201.371372] vb2_core_streamoff+0x60/0x140 [ 201.375592] __vb2_cleanup_fileio+0x73/0x160 [ 201.379981] vb2_core_queue_release+0x1e/0x80 [ 201.384460] _vb2_fop_release+0x1d2/0x2b0 [ 201.388796] vb2_fop_release+0x77/0xc0 [ 201.392670] vivid_fop_release+0x18e/0x440 [ 201.396909] ? vivid_remove+0x460/0x460 [ 201.400865] v4l2_release+0x224/0x3a0 [ 201.404651] ? dev_debug_store+0x140/0x140 [ 201.408876] __fput+0x385/0xa30 [ 201.412153] ? get_max_files+0x20/0x20 [ 201.416036] ? trace_hardirqs_on+0xbd/0x310 [ 201.420345] ? kasan_check_read+0x11/0x20 [ 201.424492] ? task_work_run+0x1af/0x2a0 [ 201.428549] ? trace_hardirqs_off_caller+0x310/0x310 [ 201.433645] ? rcu_softirq_qs+0x20/0x20 [ 201.437607] ? unwind_dump+0x190/0x190 [ 201.441482] ____fput+0x15/0x20 [ 201.444751] task_work_run+0x1e8/0x2a0 [ 201.448637] ? task_work_cancel+0x240/0x240 [ 201.453082] ? __fget+0x4aa/0x740 [ 201.456522] get_signal+0x1558/0x1980 [ 201.460315] ? find_held_lock+0x36/0x1c0 [ 201.464361] ? ptrace_notify+0x130/0x130 [ 201.468419] ? compat_poll_select_copy_remaining+0x6c0/0x6c0 [ 201.474437] ? pvclock_read_flags+0x160/0x160 [ 201.478926] ? poll_select_set_timeout+0x19a/0x240 [ 201.483850] ? trace_hardirqs_off_caller+0x310/0x310 [ 201.488942] ? lock_downgrade+0x900/0x900 [ 201.493201] do_signal+0x9c/0x21c0 [ 201.496738] ? timespec64_add_safe+0x204/0x2f0 [ 201.501303] ? nsec_to_clock_t+0x30/0x30 [ 201.505401] ? setup_sigcontext+0x7d0/0x7d0 [ 201.509718] ? exit_to_usermode_loop+0x8c/0x380 [ 201.514369] ? exit_to_usermode_loop+0x8c/0x380 [ 201.519022] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 201.523590] ? trace_hardirqs_on+0xbd/0x310 [ 201.527896] ? do_fast_syscall_32+0xcd5/0xfb2 [ 201.532376] ? trace_hardirqs_off_caller+0x310/0x310 [ 201.537523] ? do_restart_poll+0x2e0/0x2e0 [ 201.541755] ? get_old_timespec32+0x2a0/0x2a0 [ 201.546239] ? do_fast_syscall_32+0x150/0xfb2 [ 201.550719] ? do_fast_syscall_32+0x150/0xfb2 [ 201.555202] exit_to_usermode_loop+0x2e5/0x380 [ 201.559824] ? __bpf_trace_sys_exit+0x30/0x30 [ 201.564312] ? __ia32_compat_sys_ioctl+0x17a/0x630 [ 201.569228] do_fast_syscall_32+0xcd5/0xfb2 [ 201.574152] ? do_int80_syscall_32+0x890/0x890 [ 201.578728] ? entry_SYSENTER_compat+0x68/0x7f [ 201.583302] ? trace_hardirqs_off_caller+0xbb/0x310 [ 201.588303] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 201.593292] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 201.598248] ? trace_hardirqs_on_caller+0x310/0x310 [ 201.603259] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 201.608257] ? prepare_exit_to_usermode+0x291/0x3b0 [ 201.613264] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 201.618095] entry_SYSENTER_compat+0x70/0x7f [ 201.622510] RIP: 0023:0xf7f34a29 [ 201.625866] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 201.644772] RSP: 002b:00000000f7f300cc EFLAGS: 00000296 ORIG_RAX: 00000000000000a8 [ 201.652474] RAX: 0000000000000001 RBX: 00000000200003c0 RCX: 0000000000000001 [ 201.659733] RDX: 0000000000010001 RSI: 0000000000000000 RDI: 0000000000000000 [ 201.667080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 201.674338] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 201.681600] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 201.690030] Kernel Offset: disabled [ 201.693798] Rebooting in 86400 seconds..