[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[   25.241292] audit: type=1800 audit(1542119617.620:21): pid=5804 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0
[   25.267242] audit: type=1800 audit(1542119617.620:22): pid=5804 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.31' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   48.541813] ==================================================================
[   48.549284] BUG: KASAN: null-ptr-deref in refcount_sub_and_test_checked+0x9d/0x310
[   48.557427] Read of size 4 at addr 0000000000000020 by task syz-executor444/5958
[   48.564951] 
[   48.566574] CPU: 1 PID: 5958 Comm: syz-executor444 Not tainted 4.20.0-rc2+ #333
[   48.574014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   48.583364] Call Trace:
[   48.586107]  dump_stack+0x244/0x39d
[   48.589895]  ? dump_stack_print_info.cold.1+0x20/0x20
[   48.595667]  ? do_group_exit+0x177/0x440
[   48.599734]  ? __x64_sys_exit_group+0x3e/0x50
[   48.604379]  ? vprintk_func+0x85/0x181
[   48.608579]  kasan_report.cold.8+0x6d/0x309
[   48.613052]  ? refcount_sub_and_test_checked+0x9d/0x310
[   48.618559]  check_memory_region+0x13e/0x1b0
[   48.622967]  kasan_check_read+0x11/0x20
[   48.626936]  refcount_sub_and_test_checked+0x9d/0x310
[   48.632126]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[   48.636854]  ? refcount_inc_not_zero_checked+0x2f0/0x2f0
[   48.642303]  ? vb2_vmalloc_put+0x5f/0x80
[   48.646359]  ? trace_hardirqs_off_caller+0x310/0x310
[   48.651605]  ? __kasan_slab_free+0x119/0x150
[   48.656020]  refcount_dec_and_test_checked+0x1a/0x20
[   48.661122]  vb2_vmalloc_put+0x19/0x80
[   48.665005]  __vb2_buf_mem_free+0x112/0x210
[   48.669489]  ? vb2_vmalloc_get_dmabuf+0x300/0x300
[   48.674348]  __vb2_queue_free+0x830/0xa30
[   48.678498]  ? trace_hardirqs_off_caller+0x310/0x310
[   48.683605]  ? __vb2_plane_dmabuf_put.isra.5+0x310/0x310
[   48.689064]  vb2_core_queue_release+0x62/0x80
[   48.693799]  _vb2_fop_release+0x1d2/0x2b0
[   48.697954]  vb2_fop_release+0x77/0xc0
[   48.701845]  vivid_fop_release+0x18e/0x440
[   48.706075]  ? vivid_remove+0x460/0x460
[   48.710185]  v4l2_release+0x224/0x3a0
[   48.713988]  ? dev_debug_store+0x140/0x140
[   48.718227]  __fput+0x385/0xa30
[   48.721509]  ? get_max_files+0x20/0x20
[   48.725559]  ? trace_hardirqs_on+0xbd/0x310
[   48.730135]  ? kasan_check_read+0x11/0x20
[   48.734279]  ? task_work_run+0x1af/0x2a0
[   48.738338]  ? trace_hardirqs_off_caller+0x310/0x310
[   48.743468]  ____fput+0x15/0x20
[   48.746744]  task_work_run+0x1e8/0x2a0
[   48.750742]  ? task_work_cancel+0x240/0x240
[   48.755071]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   48.760609]  ? switch_task_namespaces+0x9d/0xd0
[   48.765446]  do_exit+0x1ad6/0x26d0
[   48.769007]  ? mm_update_next_owner+0x990/0x990
[   48.773884]  ? kvfree+0x66/0x70
[   48.777175]  ? video_usercopy+0x79b/0x1760
[   48.781433]  ? v4l_s_fmt+0x990/0x990
[   48.785177]  ? v4l_enumstd+0x70/0x70
[   48.788888]  ? rcu_softirq_qs+0x20/0x20
[   48.792866]  ? is_bpf_text_address+0xd3/0x170
[   48.797368]  ? __kernel_text_address+0xd/0x40
[   48.801886]  ? unwind_get_return_address+0x61/0xa0
[   48.807003]  ? __save_stack_trace+0x8d/0xf0
[   48.811347]  ? save_stack+0x43/0xd0
[   48.814981]  ? __kasan_slab_free+0x102/0x150
[   48.819416]  ? kasan_slab_free+0xe/0x10
[   48.823410]  ? kmem_cache_free+0x83/0x290
[   48.827745]  ? do_sys_open+0x54d/0x700
[   48.831631]  ? __x64_sys_open+0x7e/0xc0
[   48.835603]  ? do_syscall_64+0x1b9/0x820
[   48.839818]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   48.845325]  ? trace_hardirqs_off+0xb8/0x310
[   48.849737]  ? kasan_check_read+0x11/0x20
[   48.854090]  ? do_raw_spin_unlock+0xa7/0x330
[   48.858503]  ? trace_hardirqs_on+0x310/0x310
[   48.862922]  ? video_usercopy+0x1760/0x1760
[   48.867250]  ? video_ioctl2+0x2c/0x33
[   48.871174]  ? v4l2_ioctl+0x15c/0x1b0
[   48.874977]  ? video_devdata+0xa0/0xa0
[   48.878868]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   48.884440]  ? do_vfs_ioctl+0x201/0x1790
[   48.888678]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[   48.894342]  ? ioctl_preallocate+0x300/0x300
[   48.898748]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   48.904282]  ? __fget_light+0x2e9/0x430
[   48.908416]  ? fget_raw+0x20/0x20
[   48.911883]  ? rcu_read_lock_sched_held+0x14f/0x180
[   48.917005]  ? kmem_cache_free+0x24f/0x290
[   48.921351]  ? putname+0xf7/0x130
[   48.924839]  do_group_exit+0x177/0x440
[   48.928737]  ? trace_hardirqs_on+0xbd/0x310
[   48.933059]  ? __ia32_sys_exit+0x50/0x50
[   48.937119]  ? trace_hardirqs_off_caller+0x310/0x310
[   48.942325]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   48.947877]  ? ksys_ioctl+0x81/0xd0
[   48.951515]  __x64_sys_exit_group+0x3e/0x50
[   48.955833]  do_syscall_64+0x1b9/0x820
[   48.959950]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   48.965601]  ? syscall_return_slowpath+0x5e0/0x5e0
[   48.970527]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   48.975367]  ? trace_hardirqs_on_caller+0x310/0x310
[   48.980407]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   48.985445]  ? prepare_exit_to_usermode+0x291/0x3b0
[   48.990478]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   48.995328]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   49.000516] RIP: 0033:0x442c78
[   49.003711] Code: Bad RIP value.
[   49.007067] RSP: 002b:00007ffc0e5ff628 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   49.014882] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442c78
[   49.022283] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
[   49.029694] RBP: 00000000004c2848 R08: 00000000000000e7 R09: ffffffffffffffd0
[   49.037113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.044524] R13: 00000000006d4180 R14: 0000000000000000 R15: 0000000000000000
[   49.051816] ==================================================================
[   49.059165] Disabling lock debugging due to kernel taint
[   49.065205] Kernel panic - not syncing: panic_on_warn set ...
[   49.071097] CPU: 1 PID: 5958 Comm: syz-executor444 Tainted: G    B             4.20.0-rc2+ #333
[   49.079919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   49.089260] Call Trace:
[   49.091849]  dump_stack+0x244/0x39d
[   49.095472]  ? dump_stack_print_info.cold.1+0x20/0x20
[   49.100658]  panic+0x2ad/0x55c
[   49.103842]  ? add_taint.cold.5+0x16/0x16
[   49.107983]  ? preempt_schedule+0x4d/0x60
[   49.112293]  ? ___preempt_schedule+0x16/0x18
[   49.116694]  ? trace_hardirqs_on+0xb4/0x310
[   49.121120]  kasan_end_report+0x47/0x4f
[   49.125094]  kasan_report.cold.8+0x76/0x309
[   49.129409]  ? refcount_sub_and_test_checked+0x9d/0x310
[   49.134770]  check_memory_region+0x13e/0x1b0
[   49.139176]  kasan_check_read+0x11/0x20
[   49.143141]  refcount_sub_and_test_checked+0x9d/0x310
[   49.148322]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[   49.152904]  ? refcount_inc_not_zero_checked+0x2f0/0x2f0
[   49.158352]  ? vb2_vmalloc_put+0x5f/0x80
[   49.162438]  ? trace_hardirqs_off_caller+0x310/0x310
[   49.167706]  ? __kasan_slab_free+0x119/0x150
[   49.172213]  refcount_dec_and_test_checked+0x1a/0x20
[   49.177321]  vb2_vmalloc_put+0x19/0x80
[   49.181204]  __vb2_buf_mem_free+0x112/0x210
[   49.185525]  ? vb2_vmalloc_get_dmabuf+0x300/0x300
[   49.190388]  __vb2_queue_free+0x830/0xa30
[   49.194536]  ? trace_hardirqs_off_caller+0x310/0x310
[   49.199636]  ? __vb2_plane_dmabuf_put.isra.5+0x310/0x310
[   49.205082]  vb2_core_queue_release+0x62/0x80
[   49.209718]  _vb2_fop_release+0x1d2/0x2b0
[   49.213865]  vb2_fop_release+0x77/0xc0
[   49.217747]  vivid_fop_release+0x18e/0x440
[   49.221977]  ? vivid_remove+0x460/0x460
[   49.226100]  v4l2_release+0x224/0x3a0
[   49.229900]  ? dev_debug_store+0x140/0x140
[   49.234132]  __fput+0x385/0xa30
[   49.237434]  ? get_max_files+0x20/0x20
[   49.241472]  ? trace_hardirqs_on+0xbd/0x310
[   49.245788]  ? kasan_check_read+0x11/0x20
[   49.250082]  ? task_work_run+0x1af/0x2a0
[   49.254136]  ? trace_hardirqs_off_caller+0x310/0x310
[   49.259233]  ____fput+0x15/0x20
[   49.262511]  task_work_run+0x1e8/0x2a0
[   49.266395]  ? task_work_cancel+0x240/0x240
[   49.270709]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   49.276238]  ? switch_task_namespaces+0x9d/0xd0
[   49.280904]  do_exit+0x1ad6/0x26d0
[   49.284438]  ? mm_update_next_owner+0x990/0x990
[   49.289259]  ? kvfree+0x66/0x70
[   49.292535]  ? video_usercopy+0x79b/0x1760
[   49.297020]  ? v4l_s_fmt+0x990/0x990
[   49.300731]  ? v4l_enumstd+0x70/0x70
[   49.304435]  ? rcu_softirq_qs+0x20/0x20
[   49.308551]  ? is_bpf_text_address+0xd3/0x170
[   49.313042]  ? __kernel_text_address+0xd/0x40
[   49.317529]  ? unwind_get_return_address+0x61/0xa0
[   49.322451]  ? __save_stack_trace+0x8d/0xf0
[   49.326911]  ? save_stack+0x43/0xd0
[   49.330535]  ? __kasan_slab_free+0x102/0x150
[   49.334936]  ? kasan_slab_free+0xe/0x10
[   49.338907]  ? kmem_cache_free+0x83/0x290
[   49.343047]  ? do_sys_open+0x54d/0x700
[   49.347068]  ? __x64_sys_open+0x7e/0xc0
[   49.351039]  ? do_syscall_64+0x1b9/0x820
[   49.355092]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   49.360587]  ? trace_hardirqs_off+0xb8/0x310
[   49.365246]  ? kasan_check_read+0x11/0x20
[   49.369393]  ? do_raw_spin_unlock+0xa7/0x330
[   49.373900]  ? trace_hardirqs_on+0x310/0x310
[   49.378314]  ? video_usercopy+0x1760/0x1760
[   49.382650]  ? video_ioctl2+0x2c/0x33
[   49.386557]  ? v4l2_ioctl+0x15c/0x1b0
[   49.390387]  ? video_devdata+0xa0/0xa0
[   49.394268]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   49.399797]  ? do_vfs_ioctl+0x201/0x1790
[   49.403852]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[   49.409386]  ? ioctl_preallocate+0x300/0x300
[   49.413790]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   49.419466]  ? __fget_light+0x2e9/0x430
[   49.423442]  ? fget_raw+0x20/0x20
[   49.426891]  ? rcu_read_lock_sched_held+0x14f/0x180
[   49.431903]  ? kmem_cache_free+0x24f/0x290
[   49.436144]  ? putname+0xf7/0x130
[   49.439594]  do_group_exit+0x177/0x440
[   49.443484]  ? trace_hardirqs_on+0xbd/0x310
[   49.448064]  ? __ia32_sys_exit+0x50/0x50
[   49.452119]  ? trace_hardirqs_off_caller+0x310/0x310
[   49.457218]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   49.462775]  ? ksys_ioctl+0x81/0xd0
[   49.466402]  __x64_sys_exit_group+0x3e/0x50
[   49.470721]  do_syscall_64+0x1b9/0x820
[   49.474608]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   49.479964]  ? syscall_return_slowpath+0x5e0/0x5e0
[   49.484997]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   49.489844]  ? trace_hardirqs_on_caller+0x310/0x310
[   49.494859]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   49.499996]  ? prepare_exit_to_usermode+0x291/0x3b0
[   49.505037]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   49.509879]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   49.515060] RIP: 0033:0x442c78
[   49.518262] Code: Bad RIP value.
[   49.521617] RSP: 002b:00007ffc0e5ff628 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   49.529341] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442c78
[   49.536609] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
[   49.543875] RBP: 00000000004c2848 R08: 00000000000000e7 R09: ffffffffffffffd0
[   49.551365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.558762] R13: 00000000006d4180 R14: 0000000000000000 R15: 0000000000000000
[   49.567436] Kernel Offset: disabled
[   49.571075] Rebooting in 86400 seconds..