[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   27.109394] kauditd_printk_skb: 7 callbacks suppressed
[   27.109423] audit: type=1800 audit(1541770800.301:29): pid=5556 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   27.136229] audit: type=1800 audit(1541770800.311:30): pid=5556 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.36' (ECDSA) to the list of known hosts.
2018/11/09 13:40:27 parsed 1 programs
2018/11/09 13:40:28 executed programs: 0
syzkaller login: [   55.404817] IPVS: ftp: loaded support on port[0] = 21
[   55.654750] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.661355] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.668916] device bridge_slave_0 entered promiscuous mode
[   55.687399] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.694023] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.701226] device bridge_slave_1 entered promiscuous mode
[   55.719787] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   55.737388] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   55.787049] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   55.807185] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   55.885150] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   55.893117] team0: Port device team_slave_0 added
[   55.909693] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   55.916783] team0: Port device team_slave_1 added
[   55.934556] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   55.955280] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   55.974102] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   55.993889] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   56.138558] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.145039] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.152021] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.158384] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.669898] 8021q: adding VLAN 0 to HW filter on device bond0
[   56.721779] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   56.773696] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   56.779946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   56.787285] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   56.839038] 8021q: adding VLAN 0 to HW filter on device team0
2018/11/09 13:40:33 executed programs: 15
2018/11/09 13:40:38 executed programs: 40
2018/11/09 13:40:43 executed programs: 66
2018/11/09 13:40:48 executed programs: 89
2018/11/09 13:40:53 executed programs: 112
2018/11/09 13:40:59 executed programs: 136
2018/11/09 13:41:04 executed programs: 162
2018/11/09 13:41:09 executed programs: 186
2018/11/09 13:41:14 executed programs: 213
2018/11/09 13:41:19 executed programs: 239
2018/11/09 13:41:24 executed programs: 263
[  115.836962] vivid-000: kernel_thread() failed
[  116.649643] ==================================================================
[  116.657273] BUG: KASAN: null-ptr-deref in kthread_stop+0x10d/0x900
[  116.663704] Write of size 4 at addr 000000000000001c by task syz-executor0/7127
[  116.671211] 
[  116.672831] CPU: 0 PID: 7127 Comm: syz-executor0 Not tainted 4.20.0-rc1+ #327
[  116.680189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  116.689528] Call Trace:
[  116.692114]  dump_stack+0x244/0x39d
[  116.695853]  ? dump_stack_print_info.cold.1+0x20/0x20
[  116.701195]  ? vprintk_func+0x85/0x181
[  116.705070]  kasan_report.cold.8+0x6d/0x309
[  116.709375]  ? kthread_stop+0x10d/0x900
[  116.713342]  check_memory_region+0x13e/0x1b0
[  116.717755]  kasan_check_write+0x14/0x20
[  116.721809]  kthread_stop+0x10d/0x900
[  116.725599]  ? kthread_unpark+0x160/0x160
[  116.729741]  ? __lock_is_held+0xb5/0x140
[  116.733810]  vivid_stop_generating_vid_cap+0x2bb/0x9ae
[  116.739093]  ? vivid_start_generating_vid_cap+0x4c0/0x4c0
[  116.744736]  ? _vb2_fop_release+0x3f/0x2b0
[  116.748961]  ? mutex_trylock+0x2b0/0x2b0
[  116.753022]  ? vivid_fop_release+0x66/0x440
[  116.757347]  ? __mutex_lock+0x85e/0x16f0
[  116.761413]  vid_cap_stop_streaming+0x8d/0xe0
[  116.765902]  ? vid_cap_buf_queue+0x310/0x310
[  116.770299]  __vb2_queue_cancel+0x171/0xd20
[  116.774681]  ? lock_downgrade+0x900/0x900
[  116.778821]  ? vb2_buffer_done+0xb90/0xb90
[  116.783044]  ? find_held_lock+0x36/0x1c0
[  116.787181]  ? mark_held_locks+0xc7/0x130
[  116.791316]  ? kasan_check_write+0x14/0x20
[  116.795538]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  116.800452]  ? kasan_check_read+0x11/0x20
[  116.804581]  ? wait_for_completion+0x8a0/0x8a0
[  116.809162]  ? trace_hardirqs_off_caller+0x310/0x310
[  116.814257]  vb2_core_streamoff+0x60/0x140
[  116.818478]  __vb2_cleanup_fileio+0x73/0x160
[  116.822891]  vb2_core_queue_release+0x1e/0x80
[  116.827374]  _vb2_fop_release+0x1d2/0x2b0
[  116.831509]  vb2_fop_release+0x77/0xc0
[  116.835395]  vivid_fop_release+0x18e/0x440
[  116.839615]  ? vivid_remove+0x460/0x460
[  116.843573]  v4l2_release+0x224/0x3a0
[  116.847361]  ? dev_debug_store+0x140/0x140
[  116.851584]  __fput+0x385/0xa30
[  116.854852]  ? get_max_files+0x20/0x20
[  116.858724]  ? trace_hardirqs_on+0xbd/0x310
[  116.863030]  ? kasan_check_read+0x11/0x20
[  116.867162]  ? task_work_run+0x1af/0x2a0
[  116.871204]  ? trace_hardirqs_off_caller+0x310/0x310
[  116.876290]  ? rcu_softirq_qs+0x20/0x20
[  116.880249]  ? unwind_dump+0x190/0x190
[  116.884133]  ____fput+0x15/0x20
[  116.887395]  task_work_run+0x1e8/0x2a0
[  116.891269]  ? task_work_cancel+0x240/0x240
[  116.895574]  ? unwind_get_return_address+0x61/0xa0
[  116.900523]  get_signal+0x1558/0x1980
[  116.904312]  ? find_held_lock+0x36/0x1c0
[  116.908359]  ? ptrace_notify+0x130/0x130
[  116.912419]  ? compat_poll_select_copy_remaining+0x6c0/0x6c0
[  116.918202]  ? pvclock_read_flags+0x160/0x160
[  116.922696]  ? poll_select_set_timeout+0x19a/0x240
[  116.927629]  ? trace_hardirqs_off_caller+0x310/0x310
[  116.932719]  do_signal+0x9c/0x21c0
[  116.936244]  ? timespec64_add_safe+0x204/0x2f0
[  116.940907]  ? nsec_to_clock_t+0x30/0x30
[  116.944969]  ? setup_sigcontext+0x7d0/0x7d0
[  116.949311]  ? exit_to_usermode_loop+0x8c/0x380
[  116.953981]  ? exit_to_usermode_loop+0x8c/0x380
[  116.958634]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  116.963202]  ? trace_hardirqs_on+0xbd/0x310
[  116.967510]  ? do_syscall_64+0x6be/0x820
[  116.971557]  ? trace_hardirqs_off_caller+0x310/0x310
[  116.976643]  ? do_restart_poll+0x2e0/0x2e0
[  116.980867]  ? nsecs_to_jiffies+0x30/0x30
[  116.985016]  ? do_syscall_64+0x9a/0x820
[  116.988978]  ? do_syscall_64+0x9a/0x820
[  116.992953]  exit_to_usermode_loop+0x2e5/0x380
[  116.997560]  ? __bpf_trace_sys_exit+0x30/0x30
[  117.002044]  do_syscall_64+0x6be/0x820
[  117.005922]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  117.011271]  ? syscall_return_slowpath+0x5e0/0x5e0
[  117.016185]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  117.021012]  ? trace_hardirqs_on_caller+0x310/0x310
[  117.026016]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  117.031035]  ? prepare_exit_to_usermode+0x291/0x3b0
[  117.036036]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  117.040873]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  117.046049] RIP: 0033:0x457569
[  117.049243] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  117.068140] RSP: 002b:00007f670a121c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[  117.075893] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 0000000000457569
[  117.083160] RDX: 0000000000010001 RSI: 0000000000000001 RDI: 00000000200003c0
[  117.090428] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  117.097679] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f670a1226d4
[  117.104933] R13: 00000000004c325e R14: 00000000004d4e10 R15: 00000000ffffffff
[  117.112213] ==================================================================
[  117.119549] Disabling lock debugging due to kernel taint
[  117.125304] Kernel panic - not syncing: panic_on_warn set ...
[  117.131198] CPU: 0 PID: 7127 Comm: syz-executor0 Tainted: G    B             4.20.0-rc1+ #327
[  117.139837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  117.149170] Call Trace:
[  117.151749]  dump_stack+0x244/0x39d
[  117.155365]  ? dump_stack_print_info.cold.1+0x20/0x20
[  117.160544]  panic+0x2ad/0x55c
[  117.163720]  ? add_taint.cold.5+0x16/0x16
[  117.167852]  ? preempt_schedule+0x4d/0x60
[  117.171983]  ? ___preempt_schedule+0x16/0x18
[  117.176375]  ? trace_hardirqs_on+0xb4/0x310
[  117.180683]  kasan_end_report+0x47/0x4f
[  117.184636]  kasan_report.cold.8+0x76/0x309
[  117.188943]  ? kthread_stop+0x10d/0x900
[  117.192914]  check_memory_region+0x13e/0x1b0
[  117.197305]  kasan_check_write+0x14/0x20
[  117.201349]  kthread_stop+0x10d/0x900
[  117.205140]  ? kthread_unpark+0x160/0x160
[  117.209287]  ? __lock_is_held+0xb5/0x140
[  117.213358]  vivid_stop_generating_vid_cap+0x2bb/0x9ae
[  117.218619]  ? vivid_start_generating_vid_cap+0x4c0/0x4c0
[  117.224160]  ? _vb2_fop_release+0x3f/0x2b0
[  117.228378]  ? mutex_trylock+0x2b0/0x2b0
[  117.232434]  ? vivid_fop_release+0x66/0x440
[  117.236757]  ? __mutex_lock+0x85e/0x16f0
[  117.240812]  vid_cap_stop_streaming+0x8d/0xe0
[  117.245291]  ? vid_cap_buf_queue+0x310/0x310
[  117.249702]  __vb2_queue_cancel+0x171/0xd20
[  117.254011]  ? lock_downgrade+0x900/0x900
[  117.258148]  ? vb2_buffer_done+0xb90/0xb90
[  117.262383]  ? find_held_lock+0x36/0x1c0
[  117.266429]  ? mark_held_locks+0xc7/0x130
[  117.270560]  ? kasan_check_write+0x14/0x20
[  117.274778]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  117.279692]  ? kasan_check_read+0x11/0x20
[  117.283830]  ? wait_for_completion+0x8a0/0x8a0
[  117.288407]  ? trace_hardirqs_off_caller+0x310/0x310
[  117.293529]  vb2_core_streamoff+0x60/0x140
[  117.297754]  __vb2_cleanup_fileio+0x73/0x160
[  117.302165]  vb2_core_queue_release+0x1e/0x80
[  117.306664]  _vb2_fop_release+0x1d2/0x2b0
[  117.310798]  vb2_fop_release+0x77/0xc0
[  117.314667]  vivid_fop_release+0x18e/0x440
[  117.318894]  ? vivid_remove+0x460/0x460
[  117.322850]  v4l2_release+0x224/0x3a0
[  117.326633]  ? dev_debug_store+0x140/0x140
[  117.330862]  __fput+0x385/0xa30
[  117.334152]  ? get_max_files+0x20/0x20
[  117.338030]  ? trace_hardirqs_on+0xbd/0x310
[  117.342333]  ? kasan_check_read+0x11/0x20
[  117.346465]  ? task_work_run+0x1af/0x2a0
[  117.350512]  ? trace_hardirqs_off_caller+0x310/0x310
[  117.355603]  ? rcu_softirq_qs+0x20/0x20
[  117.359567]  ? unwind_dump+0x190/0x190
[  117.363485]  ____fput+0x15/0x20
[  117.366748]  task_work_run+0x1e8/0x2a0
[  117.370627]  ? task_work_cancel+0x240/0x240
[  117.374947]  ? unwind_get_return_address+0x61/0xa0
[  117.379861]  get_signal+0x1558/0x1980
[  117.383672]  ? find_held_lock+0x36/0x1c0
[  117.387716]  ? ptrace_notify+0x130/0x130
[  117.391766]  ? compat_poll_select_copy_remaining+0x6c0/0x6c0
[  117.397551]  ? pvclock_read_flags+0x160/0x160
[  117.402046]  ? poll_select_set_timeout+0x19a/0x240
[  117.406962]  ? trace_hardirqs_off_caller+0x310/0x310
[  117.412054]  do_signal+0x9c/0x21c0
[  117.415579]  ? timespec64_add_safe+0x204/0x2f0
[  117.420143]  ? nsec_to_clock_t+0x30/0x30
[  117.424196]  ? setup_sigcontext+0x7d0/0x7d0
[  117.428505]  ? exit_to_usermode_loop+0x8c/0x380
[  117.433160]  ? exit_to_usermode_loop+0x8c/0x380
[  117.437813]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  117.442379]  ? trace_hardirqs_on+0xbd/0x310
[  117.446683]  ? do_syscall_64+0x6be/0x820
[  117.450724]  ? trace_hardirqs_off_caller+0x310/0x310
[  117.455805]  ? do_restart_poll+0x2e0/0x2e0
[  117.460031]  ? nsecs_to_jiffies+0x30/0x30
[  117.464276]  ? do_syscall_64+0x9a/0x820
[  117.468249]  ? do_syscall_64+0x9a/0x820
[  117.472204]  exit_to_usermode_loop+0x2e5/0x380
[  117.476771]  ? __bpf_trace_sys_exit+0x30/0x30
[  117.481249]  do_syscall_64+0x6be/0x820
[  117.485122]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  117.490471]  ? syscall_return_slowpath+0x5e0/0x5e0
[  117.495385]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  117.500223]  ? trace_hardirqs_on_caller+0x310/0x310
[  117.505219]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  117.510216]  ? prepare_exit_to_usermode+0x291/0x3b0
[  117.515216]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  117.520045]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  117.525213] RIP: 0033:0x457569
[  117.528423] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  117.547323] RSP: 002b:00007f670a121c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[  117.555009] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 0000000000457569
[  117.562257] RDX: 0000000000010001 RSI: 0000000000000001 RDI: 00000000200003c0
[  117.569508] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  117.576807] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f670a1226d4
[  117.584065] R13: 00000000004c325e R14: 00000000004d4e10 R15: 00000000ffffffff
[  117.592212] Kernel Offset: disabled
[  117.595834] Rebooting in 86400 seconds..