Warning: Permanently added '10.128.0.49' (ECDSA) to the list of known hosts. 2018/11/06 18:39:09 parsed 1 programs 2018/11/06 18:39:10 executed programs: 0 syzkaller login: [ 57.219427] IPVS: ftp: loaded support on port[0] = 21 [ 57.418233] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.425314] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.432252] device bridge_slave_0 entered promiscuous mode [ 57.448305] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.454786] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.461520] device bridge_slave_1 entered promiscuous mode [ 57.476866] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 57.492664] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 57.532760] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 57.549915] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 57.611119] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 57.618682] team0: Port device team_slave_0 added [ 57.633044] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 57.640119] team0: Port device team_slave_1 added [ 57.654334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.671748] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.688460] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.706081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.822697] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.829276] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.836111] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.842431] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.259191] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 58.265389] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.309312] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.355390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.363066] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 58.410880] 8021q: adding VLAN 0 to HW filter on device team0 2018/11/06 18:39:16 executed programs: 17 2018/11/06 18:39:21 executed programs: 40 2018/11/06 18:39:26 executed programs: 65 2018/11/06 18:39:31 executed programs: 89 2018/11/06 18:39:36 executed programs: 113 2018/11/06 18:39:41 executed programs: 137 2018/11/06 18:39:46 executed programs: 162 2018/11/06 18:39:51 executed programs: 185 2018/11/06 18:39:56 executed programs: 211 2018/11/06 18:40:01 executed programs: 236 2018/11/06 18:40:07 executed programs: 261 2018/11/06 18:40:12 executed programs: 285 2018/11/06 18:40:17 executed programs: 309 2018/11/06 18:40:22 executed programs: 334 2018/11/06 18:40:27 executed programs: 357 2018/11/06 18:40:32 executed programs: 382 2018/11/06 18:40:37 executed programs: 407 [ 144.492220] vivid-000: kernel_thread() failed [ 144.512343] ================================================================== [ 144.519850] BUG: KASAN: null-ptr-deref in kthread_stop+0x108/0x8f0 [ 144.526154] Write of size 4 at addr 000000000000001c by task syz-executor0/7488 [ 144.533585] [ 144.535203] CPU: 0 PID: 7488 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181106+ #106 [ 144.543672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.553010] Call Trace: [ 144.555592] dump_stack+0x244/0x39d [ 144.559209] ? dump_stack_print_info.cold.1+0x20/0x20 [ 144.564415] ? vprintk_func+0x85/0x181 [ 144.568299] kasan_report.cold.8+0x6d/0x309 [ 144.572611] ? kthread_stop+0x108/0x8f0 [ 144.576579] check_memory_region+0x13e/0x1b0 [ 144.580977] kasan_check_write+0x14/0x20 [ 144.585023] kthread_stop+0x108/0x8f0 [ 144.588816] ? kthread_unpark+0x160/0x160 [ 144.592963] ? __lock_is_held+0xb5/0x140 [ 144.597027] vivid_stop_generating_vid_cap+0x2bb/0x9ae [ 144.602299] ? vivid_start_generating_vid_cap+0x4c0/0x4c0 [ 144.607827] ? _vb2_fop_release+0x3f/0x2b0 [ 144.612052] ? mutex_trylock+0x2b0/0x2b0 [ 144.616100] ? vivid_fop_release+0x66/0x440 [ 144.620419] ? __mutex_lock+0x85e/0x16f0 [ 144.624478] vid_cap_stop_streaming+0x8d/0xe0 [ 144.628965] ? vid_cap_buf_queue+0x310/0x310 [ 144.633479] __vb2_queue_cancel+0x171/0xd20 [ 144.637796] ? lock_downgrade+0x900/0x900 [ 144.641934] ? vb2_buffer_done+0xb80/0xb80 [ 144.646171] ? find_held_lock+0x36/0x1c0 [ 144.650362] ? mark_held_locks+0xc7/0x130 [ 144.654514] ? kasan_check_write+0x14/0x20 [ 144.658735] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 144.663652] ? kasan_check_read+0x11/0x20 [ 144.667786] ? wait_for_completion+0x8a0/0x8a0 [ 144.672364] ? trace_hardirqs_off_caller+0x300/0x300 [ 144.677476] vb2_core_streamoff+0x60/0x140 [ 144.681702] __vb2_cleanup_fileio+0x73/0x160 [ 144.686098] vb2_core_queue_release+0x1e/0x80 [ 144.690582] _vb2_fop_release+0x1d2/0x2b0 [ 144.694716] vb2_fop_release+0x77/0xc0 [ 144.698592] vivid_fop_release+0x18e/0x440 [ 144.702814] ? vivid_remove+0x460/0x460 [ 144.706776] v4l2_release+0x224/0x3a0 [ 144.710570] __fput+0x3bc/0xa70 [ 144.713837] ? dev_debug_store+0x140/0x140 [ 144.718059] ? get_max_files+0x20/0x20 [ 144.721935] ? trace_hardirqs_on+0xbd/0x310 [ 144.726244] ? kasan_check_read+0x11/0x20 [ 144.730392] ? task_work_run+0x1af/0x2a0 [ 144.734441] ? trace_hardirqs_off_caller+0x300/0x300 [ 144.739533] ? filp_close+0x1cd/0x250 [ 144.743323] ____fput+0x15/0x20 [ 144.746599] task_work_run+0x1e8/0x2a0 [ 144.750477] ? task_work_cancel+0x240/0x240 [ 144.754788] ? copy_fd_bitmaps+0x210/0x210 [ 144.759010] ? do_syscall_64+0x9a/0x820 [ 144.762974] exit_to_usermode_loop+0x318/0x380 [ 144.767543] ? __bpf_trace_sys_exit+0x30/0x30 [ 144.772027] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 144.777551] do_syscall_64+0x6be/0x820 [ 144.781431] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 144.786787] ? syscall_return_slowpath+0x5e0/0x5e0 [ 144.791700] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 144.796533] ? trace_hardirqs_on_caller+0x310/0x310 [ 144.801535] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 144.806552] ? prepare_exit_to_usermode+0x291/0x3b0 [ 144.811559] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 144.816404] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 144.821578] RIP: 0033:0x411021 [ 144.824764] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 144.843655] RSP: 002b:00007ffd61cd54b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 144.851350] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000411021 [ 144.858620] RDX: 0000000000000000 RSI: 0000000000730188 RDI: 0000000000000003 [ 144.865878] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 144.873133] R10: 00007ffd61cd53d0 R11: 0000000000000293 R12: 0000000000000000 [ 144.880398] R13: 0000000000000001 R14: 0000000000000199 R15: 0000000000000000 [ 144.887665] ================================================================== [ 144.895008] Disabling lock debugging due to kernel taint [ 144.901054] Kernel panic - not syncing: panic_on_warn set ... [ 144.906937] CPU: 0 PID: 7488 Comm: syz-executor0 Tainted: G B 4.20.0-rc1-next-20181106+ #106 [ 144.916794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.926130] Call Trace: [ 144.928703] dump_stack+0x244/0x39d [ 144.932319] ? dump_stack_print_info.cold.1+0x20/0x20 [ 144.937502] panic+0x2ad/0x55c [ 144.940683] ? add_taint.cold.5+0x16/0x16 [ 144.944820] ? preempt_schedule+0x4d/0x60 [ 144.948961] ? ___preempt_schedule+0x16/0x18 [ 144.953370] ? trace_hardirqs_on+0xb4/0x310 [ 144.957693] kasan_end_report+0x47/0x4f [ 144.961657] kasan_report.cold.8+0x76/0x309 [ 144.965981] ? kthread_stop+0x108/0x8f0 [ 144.969947] check_memory_region+0x13e/0x1b0 [ 144.974342] kasan_check_write+0x14/0x20 [ 144.978413] kthread_stop+0x108/0x8f0 [ 144.982201] ? kthread_unpark+0x160/0x160 [ 144.986334] ? __lock_is_held+0xb5/0x140 [ 144.990409] vivid_stop_generating_vid_cap+0x2b