[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   28.697706] kauditd_printk_skb: 8 callbacks suppressed
[   28.697718] audit: type=1800 audit(1541824692.867:29): pid=5571 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   28.723578] audit: type=1800 audit(1541824692.867:30): pid=5571 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.51' (ECDSA) to the list of known hosts.
2018/11/10 04:38:28 parsed 1 programs
2018/11/10 04:38:30 executed programs: 0
syzkaller login: [   46.284568] IPVS: ftp: loaded support on port[0] = 21
[   46.537703] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.544288] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.552082] device bridge_slave_0 entered promiscuous mode
[   46.572218] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.578631] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.585560] device bridge_slave_1 entered promiscuous mode
[   46.603421] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   46.622856] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   46.671612] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   46.693278] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   46.772344] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   46.779737] team0: Port device team_slave_0 added
[   46.797566] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   46.804769] team0: Port device team_slave_1 added
[   46.822521] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   46.842417] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   46.862659] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   46.882696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   47.035708] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.042185] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.049052] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.055384] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.595502] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.651959] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   47.705290] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   47.711912] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   47.719568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.766586] 8021q: adding VLAN 0 to HW filter on device team0
2018/11/10 04:38:35 executed programs: 18
2018/11/10 04:38:40 executed programs: 46
2018/11/10 04:38:45 executed programs: 70
2018/11/10 04:38:51 executed programs: 97
2018/11/10 04:38:56 executed programs: 124
2018/11/10 04:39:01 executed programs: 153
2018/11/10 04:39:06 executed programs: 182
[   85.811445] vivid-000: kernel_thread() failed
[   85.858438] ==================================================================
[   85.865897] BUG: KASAN: null-ptr-deref in kthread_stop+0x10d/0x900
[   85.872219] Write of size 4 at addr 000000000000001c by task syz-executor0/6802
[   85.879645] 
[   85.881260] CPU: 0 PID: 6802 Comm: syz-executor0 Not tainted 4.20.0-rc1+ #106
[   85.888517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   85.897857] Call Trace:
[   85.900435]  dump_stack+0x244/0x39d
[   85.904057]  ? dump_stack_print_info.cold.1+0x20/0x20
[   85.909362]  ? vprintk_func+0x85/0x181
[   85.913244]  kasan_report.cold.8+0x6d/0x309
[   85.917641]  ? kthread_stop+0x10d/0x900
[   85.921618]  check_memory_region+0x13e/0x1b0
[   85.926015]  kasan_check_write+0x14/0x20
[   85.930063]  kthread_stop+0x10d/0x900
[   85.933850]  ? kthread_unpark+0x160/0x160
[   85.937997]  ? __lock_is_held+0xb5/0x140
[   85.942063]  vivid_stop_generating_vid_cap+0x2bb/0x9ae
[   85.947334]  ? vivid_start_generating_vid_cap+0x4c0/0x4c0
[   85.952889]  ? _vb2_fop_release+0x3f/0x2b0
[   85.957118]  ? mutex_trylock+0x2b0/0x2b0
[   85.961178]  ? vivid_fop_release+0x66/0x440
[   85.965490]  ? __mutex_lock+0x85e/0x16f0
[   85.969564]  vid_cap_stop_streaming+0x8d/0xe0
[   85.974052]  ? vid_cap_buf_queue+0x310/0x310
[   85.978449]  __vb2_queue_cancel+0x171/0xd20
[   85.982763]  ? lock_downgrade+0x900/0x900
[   85.986904]  ? vb2_buffer_done+0xb90/0xb90
[   85.991129]  ? find_held_lock+0x36/0x1c0
[   85.995191]  ? mark_held_locks+0xc7/0x130
[   85.999332]  ? kasan_check_write+0x14/0x20
[   86.003558]  ? __mutex_unlock_slowpath+0x197/0x8c0
[   86.008537]  ? kasan_check_read+0x11/0x20
[   86.012679]  ? wait_for_completion+0x8a0/0x8a0
[   86.017248]  ? trace_hardirqs_off_caller+0x310/0x310
[   86.022355]  ? vfs_lock_file+0xe0/0xe0
[   86.026230]  vb2_core_streamoff+0x60/0x140
[   86.030458]  __vb2_cleanup_fileio+0x73/0x160
[   86.034860]  vb2_core_queue_release+0x1e/0x80
[   86.039445]  _vb2_fop_release+0x1d2/0x2b0
[   86.043580]  vb2_fop_release+0x77/0xc0
[   86.047465]  vivid_fop_release+0x18e/0x440
[   86.051697]  ? vivid_remove+0x460/0x460
[   86.055703]  v4l2_release+0x224/0x3a0
[   86.059492]  ? dev_debug_store+0x140/0x140
[   86.063720]  __fput+0x385/0xa30
[   86.066992]  ? get_max_files+0x20/0x20
[   86.070871]  ? trace_hardirqs_on+0xbd/0x310
[   86.075182]  ? kasan_check_read+0x11/0x20
[   86.079341]  ? task_work_run+0x1af/0x2a0
[   86.083389]  ? trace_hardirqs_off_caller+0x310/0x310
[   86.088485]  ? filp_close+0x1cd/0x250
[   86.092398]  ____fput+0x15/0x20
[   86.095668]  task_work_run+0x1e8/0x2a0
[   86.099618]  ? task_work_cancel+0x240/0x240
[   86.103940]  ? copy_fd_bitmaps+0x210/0x210
[   86.108168]  ? do_syscall_64+0x9a/0x820
[   86.112136]  exit_to_usermode_loop+0x318/0x380
[   86.116703]  ? __bpf_trace_sys_exit+0x30/0x30
[   86.121201]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   86.126726]  do_syscall_64+0x6be/0x820
[   86.130607]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   86.135961]  ? syscall_return_slowpath+0x5e0/0x5e0
[   86.140877]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   86.145708]  ? trace_hardirqs_on_caller+0x310/0x310
[   86.150740]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   86.155764]  ? prepare_exit_to_usermode+0x291/0x3b0
[   86.160782]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   86.165637]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   86.170816] RIP: 0033:0x411021
[   86.173999] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[   86.192893] RSP: 002b:00007ffe4bce6660 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   86.200588] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000411021
[   86.207846] RDX: 0000000000000000 RSI: 0000000000730230 RDI: 0000000000000003
[   86.215105] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   86.222361] R10: 00007ffe4bce6580 R11: 0000000000000293 R12: 0000000000000000
[   86.229618] R13: 0000000000000001 R14: 00000000000000cb R15: 0000000000000000
[   86.236888] ==================================================================
[   86.244241] Disabling lock debugging due to kernel taint
[   86.250390] Kernel panic - not syncing: panic_on_warn set ...
[   86.256327] CPU: 0 PID: 6802 Comm: syz-executor0 Tainted: G    B             4.20.0-rc1+ #106
[   86.265120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   86.274480] Call Trace:
[   86.277070]  dump_stack+0x244/0x39d
[   86.280708]  ? dump_stack_print_info.cold.1+0x20/0x20
[   86.285887]  panic+0x2ad/0x55c
[   86.289080]  ? add_taint.cold.5+0x16/0x16
[   86.293228]  ? preempt_schedule+0x4d/0x60
[   86.297376]  ? ___preempt_schedule+0x16/0x18
[   86.301874]  ? trace_hardirqs_on+0xb4/0x310
[   86.306188]  kasan_end_report+0x47/0x4f
[   86.310148]  kasan_report.cold.8+0x76/0x309
[   86.314467]  ? kthread_stop+0x10d/0x900
[   86.318498]  check_memory_region+0x13e/0x1b0
[   86.322899]  kasan_check_write+0x14/0x20
[   86.326949]  kthread_stop+0x10d/0x900
[   86.330751]  ? kthread_unpark+0x160/0x160
[   86.334890]  ? __lock_is_held+0xb5/0x140
[   86.338953]  vivid_stop_generating_vid_cap+0x2bb/0x9ae
[   86.344227]  ? vivid_start_generating_vid_cap+0x4c0/0x4c0
[   86.349754]  ? _vb2_fop_release+0x3f/0x2b0
[   86.353975]  ? mutex_trylock+0x2b0/0x2b0
[   86.358024]  ? vivid_fop_release+0x66/0x440
[   86.362348]  ? __mutex_lock+0x85e/0x16f0
[   86.366400]  vid_cap_stop_streaming+0x8d/0xe0
[   86.370880]  ? vid_cap_buf_queue+0x310/0x310
[   86.375276]  __vb2_queue_cancel+0x171/0xd20
[   86.379587]  ? lock_downgrade+0x900/0x900
[   86.383732]  ? vb2_buffer_done+0xb90/0xb90
[   86.387960]  ? find_held_lock+0x36/0x1c0
[   86.392086]  ? mark_held_locks+0xc7/0x130
[   86.396228]  ? kasan_check_write+0x14/0x20
[   86.400452]  ? __mutex_unlock_slowpath+0x197/0x8c0
[   86.405371]  ? kasan_check_read+0x11/0x20
[   86.409506]  ? wait_for_completion+0x8a0/0x8a0
[   86.414287]  ? trace_hardirqs_off_caller+0x310/0x310
[   86.419382]  ? vfs_lock_file+0xe0/0xe0
[   86.423268]  vb2_core_streamoff+0x60/0x140
[   86.427526]  __vb2_cleanup_fileio+0x73/0x160
[   86.431930]  vb2_core_queue_release+0x1e/0x80
[   86.436412]  _vb2_fop_release+0x1d2/0x2b0
[   86.440546]  vb2_fop_release+0x77/0xc0
[   86.444422]  vivid_fop_release+0x18e/0x440
[   86.448644]  ? vivid_remove+0x460/0x460
[   86.452603]  v4l2_release+0x224/0x3a0
[   86.456390]  ? dev_debug_store+0x140/0x140
[   86.460620]  __fput+0x385/0xa30
[   86.463884]  ? get_max_files+0x20/0x20
[   86.467771]  ? trace_hardirqs_on+0xbd/0x310
[   86.472184]  ? kasan_check_read+0x11/0x20
[   86.476320]  ? task_work_run+0x1af/0x2a0
[   86.480370]  ? trace_hardirqs_off_caller+0x310/0x310
[   86.485458]  ? filp_close+0x1cd/0x250
[   86.489245]  ____fput+0x15/0x20
[   86.492535]  task_work_run+0x1e8/0x2a0
[   86.496434]  ? task_work_cancel+0x240/0x240
[   86.500749]  ? copy_fd_bitmaps+0x210/0x210
[   86.505009]  ? do_syscall_64+0x9a/0x820
[   86.509050]  exit_to_usermode_loop+0x318/0x380
[   86.513699]  ? __bpf_trace_sys_exit+0x30/0x30
[   86.518205]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   86.523734]  do_syscall_64+0x6be/0x820
[   86.527623]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   86.533070]  ? syscall_return_slowpath+0x5e0/0x5e0
[   86.538013]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   86.542852]  ? trace_hardirqs_on_caller+0x310/0x310
[   86.547856]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   86.552860]  ? prepare_exit_to_usermode+0x291/0x3b0
[   86.557867]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   86.562702]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   86.567876] RIP: 0033:0x411021
[   86.571056] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[   86.589943] RSP: 002b:00007ffe4bce6660 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   86.597638] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000411021
[   86.604907] RDX: 0000000000000000 RSI: 0000000000730230 RDI: 0000000000000003
[   86.612168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   86.619421] R10: 00007ffe4bce6580 R11: 0000000000000293 R12: 0000000000000000
[   86.626677] R13: 0000000000000001 R14: 00000000000000cb R15: 0000000000000000
[   86.634876] Kernel Offset: disabled
[   86.638501] Rebooting in 86400 seconds..