[   44.537666] audit: type=1800 audit(1555585850.583:28): pid=5351 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2450 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   45.151098] audit: type=1800 audit(1555585851.243:29): pid=5351 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0
[   45.174852] audit: type=1800 audit(1555585851.263:30): pid=5351 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0
[....] startpar: service(s) returned failure: ssh ...[?25l[?1c7[1G[[31mFAIL[39;49m8[?25h[?0c [31mfailed![39;49m

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.207' (ECDSA) to the list of known hosts.
2019/04/18 11:11:02 parsed 1 programs
2019/04/18 11:11:04 executed programs: 0
syzkaller login: [   58.814477] e cgroup1: Unknown subsys name 'hugetlb'
[   58.828997] IPVS: ftp: loaded support on port[0] = 21
[   58.900088] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.906863] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.914358] device bridge_slave_0 entered promiscuous mode
[   58.921627] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.928013] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.935285] device bridge_slave_1 entered promiscuous mode
[   58.950278] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   58.959078] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   58.974441] team0: Port device team_slave_0 added
[   58.980412] team0: Port device team_slave_1 added
[   59.003907] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.010374] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.017374] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.023722] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.052401] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.063020] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   59.071523] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.083691] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.091147] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   59.102177] 8021q: adding VLAN 0 to HW filter on device team0
[   59.111220] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   59.119187] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.125548] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.145782] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   59.153449] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.159830] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.169012] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   59.176839] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   59.184436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   59.192136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   59.199845] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   59.238068] 8021q: adding VLAN 0 to HW filter on device batadv0
[   59.585577] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   59.955583] usb 1-1: config 0 has an invalid interface number: 107 but max is 0
[   59.963171] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   59.972708] usb 1-1: config 0 has no interface number 0
[   59.978146] usb 1-1: config 0 interface 107 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0
[   59.987733] usb 1-1: New USB device found, idVendor=052b, idProduct=1a18, bcdDevice=c0.91
[   59.997445] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.009128] usb 1-1: config 0 descriptor??
[   60.048105] zr364xx 1-1:0.107: Zoran 364xx compatible webcam plugged
[   60.054757] zr364xx 1-1:0.107: model 052b:1a18 detected
[   60.060871] usb 1-1: 320x240 mode selected
[   60.065342] zr364xx: start read pipe failed
[   60.267249] usb 1-1: Zoran 364xx controlling device video32
[   60.275178] usb 1-1: USB disconnect, device number 2
[   60.377861] zr364xx 1-1:0.107: Zoran 364xx webcam unplugged
[   60.995510] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   61.355597] usb 1-1: config 0 has an invalid interface number: 107 but max is 0
[   61.363092] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   61.372606] usb 1-1: config 0 has no interface number 0
[   61.378125] usb 1-1: config 0 interface 107 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0
[   61.387460] usb 1-1: New USB device found, idVendor=052b, idProduct=1a18, bcdDevice=c0.91
[   61.395997] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.404360] usb 1-1: config 0 descriptor??
[   61.447278] zr364xx 1-1:0.107: Zoran 364xx compatible webcam plugged
[   61.453838] zr364xx 1-1:0.107: model 052b:1a18 detected
[   61.459543] usb 1-1: 320x240 mode selected
[   61.463921] zr364xx: start read pipe failed
[   61.666165] usb 1-1: Zoran 364xx controlling device video32
[   61.673357] usb 1-1: USB disconnect, device number 3
[   61.776918] zr364xx 1-1:0.107: Zoran 364xx webcam unplugged
[   62.155566] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   62.515562] usb 1-1: config 0 has an invalid interface number: 107 but max is 0
[   62.523124] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   62.532584] usb 1-1: config 0 has no interface number 0
[   62.538076] usb 1-1: config 0 interface 107 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0
[   62.547359] usb 1-1: New USB device found, idVendor=052b, idProduct=1a18, bcdDevice=c0.91
[   62.555765] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.563830] usb 1-1: config 0 descriptor??
[   62.607013] zr364xx 1-1:0.107: Zoran 364xx compatible webcam plugged
[   62.613565] zr364xx 1-1:0.107: model 052b:1a18 detected
[   62.619911] usb 1-1: 320x240 mode selected
[   62.624503] zr364xx: start read pipe failed
[   62.826192] usb 1-1: Zoran 364xx controlling device video32
[   62.833645] usb 1-1: USB disconnect, device number 4
[   62.936091] zr364xx 1-1:0.107: Zoran 364xx webcam unplugged
[   63.555548] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   63.915571] usb 1-1: config 0 has an invalid interface number: 107 but max is 0
[   63.923098] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   63.932656] usb 1-1: config 0 has no interface number 0
[   63.938242] usb 1-1: config 0 interface 107 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0
[   63.947665] usb 1-1: New USB device found, idVendor=052b, idProduct=1a18, bcdDevice=c0.91
[   63.956168] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.964303] usb 1-1: config 0 descriptor??
[   64.006614] zr364xx 1-1:0.107: Zoran 364xx compatible webcam plugged
[   64.013154] zr364xx 1-1:0.107: model 052b:1a18 detected
[   64.019503] usb 1-1: 320x240 mode selected
[   64.024046] zr364xx: start read pipe failed
2019/04/18 11:11:10 executed programs: 2
[   64.226911] usb 1-1: Zoran 364xx controlling device video32
[   64.236451] usb 1-1: USB disconnect, device number 5
[   64.337662] zr364xx 1-1:0.107: Zoran 364xx webcam unplugged
[   64.695525] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   65.055591] usb 1-1: config 0 has an invalid interface number: 107 but max is 0
[   65.063085] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   65.072610] usb 1-1: config 0 has no interface number 0
[   65.078249] usb 1-1: config 0 interface 107 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0
[   65.087538] usb 1-1: New USB device found, idVendor=052b, idProduct=1a18, bcdDevice=c0.91
[   65.096065] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.104151] usb 1-1: config 0 descriptor??
[   65.146998] zr364xx 1-1:0.107: Zoran 364xx compatible webcam plugged
[   65.153637] zr364xx 1-1:0.107: model 052b:1a18 detected
[   65.159995] usb 1-1: 320x240 mode selected
[   65.164407] zr364xx: start read pipe failed
[   65.366347] usb 1-1: Zoran 364xx controlling device video32
[   65.373551] usb 1-1: USB disconnect, device number 6
[   65.476853] zr364xx 1-1:0.107: Zoran 364xx webcam unplugged
[   66.095536] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   66.455952] usb 1-1: config 0 has an invalid interface number: 107 but max is 0
[   66.463452] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   66.472953] usb 1-1: config 0 has no interface number 0
[   66.478457] usb 1-1: config 0 interface 107 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0
[   66.487731] usb 1-1: New USB device found, idVendor=052b, idProduct=1a18, bcdDevice=c0.91
[   66.496142] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.504244] usb 1-1: config 0 descriptor??
[   66.547599] zr364xx 1-1:0.107: Zoran 364xx compatible webcam plugged
[   66.554206] zr364xx 1-1:0.107: model 052b:1a18 detected
[   66.561091] usb 1-1: 320x240 mode selected
[   66.565932] zr364xx: start read pipe failed
[   66.766192] usb 1-1: Zoran 364xx controlling device video32
[   66.773344] usb 1-1: USB disconnect, device number 7
[   66.876619] ==================================================================
[   66.884421] BUG: KASAN: null-ptr-deref in read_word_at_a_time+0xe/0x20
[   66.891134] Read of size 1 at addr 0000000000000000 by task v4l_id/5585
[   66.897945] 
[   66.899726] CPU: 1 PID: 5585 Comm: v4l_id Not tainted 5.1.0-rc5-319617-gd34f951 #4
[   66.907468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   66.916862] Call Trace:
[   66.919508]  dump_stack+0xe8/0x16e
[   66.923083]  ? read_word_at_a_time+0xe/0x20
[   66.927412]  ? read_word_at_a_time+0xe/0x20
[   66.931801]  kasan_report.cold+0x5/0x3c
[   66.935783]  ? read_word_at_a_time+0xe/0x20
[   66.940192]  read_word_at_a_time+0xe/0x20
[   66.944597]  strscpy+0x8a/0x280
[   66.947875]  zr364xx_vidioc_querycap+0xb5/0x210
[   66.952531]  v4l_querycap+0x12b/0x340
[   66.956360]  __video_do_ioctl+0x5bb/0xb40
[   66.960699]  ? copy_overflow+0x30/0x30
[   66.964581]  ? save_stack+0x89/0xa0
[   66.968199]  ? __kasan_slab_free+0x130/0x180
[   66.972649]  video_usercopy+0x44e/0xef0
[   66.976820]  ? copy_overflow+0x30/0x30
[   66.980693]  ? v4l_enumstd+0x70/0x70
[   66.984455]  ? _raw_spin_unlock_irqrestore+0x4b/0x60
[   66.989556]  ? video_usercopy+0xef0/0xef0
[   66.993702]  v4l2_ioctl+0x14e/0x1a0
[   66.997321]  ? video_devdata+0xa0/0xa0
[   67.001205]  do_vfs_ioctl+0xced/0x12f0
[   67.005089]  ? ioctl_preallocate+0x200/0x200
[   67.009505]  ? putname+0xe6/0x120
[   67.013084]  ? rcu_read_lock_sched_held+0x10f/0x130
[   67.018168]  ? putname+0xe6/0x120
[   67.021653]  ? kmem_cache_free+0x259/0x2b0
[   67.025883]  ? putname+0xe6/0x120
[   67.029345]  ? do_sys_open+0x2ec/0x590
[   67.033230]  ksys_ioctl+0xa0/0xc0
[   67.036680]  __x64_sys_ioctl+0x74/0xb0
[   67.040626]  ? lockdep_hardirqs_on+0x37e/0x580
[   67.045211]  do_syscall_64+0xcf/0x4f0
[   67.051446]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   67.056622] RIP: 0033:0x7f940d6a9347
[   67.060320] Code: 90 90 90 48 8b 05 f1 fa 2a 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 90 90 90 90 90 90 90 90 90 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c1 fa 2a 00 31 d2 48 29 c2 64
[   67.085449] RSP: 002b:00007ffc47332c78 EFLAGS: 00000206 ORIG_RAX: 0000000000000010
[   67.093161] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f940d6a9347
[   67.100476] RDX: 00007ffc47332c80 RSI: 0000000080685600 RDI: 0000000000000003
[   67.107829] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   67.115253] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000400884
[   67.122603] R13: 00007ffc47332dd0 R14: 0000000000000000 R15: 0000000000000000
[   67.130145] ==================================================================
[   67.137540] Disabling lock debugging due to kernel taint
[   67.143149] Kernel panic - not syncing: panic_on_warn set ...
[   67.149038] CPU: 1 PID: 5585 Comm: v4l_id Tainted: G    B             5.1.0-rc5-319617-gd34f951 #4
[   67.158269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   67.167619] Call Trace:
[   67.170207]  dump_stack+0xe8/0x16e
[   67.173848]  panic+0x29d/0x5f2
[   67.177043]  ? __warn_printk+0xf8/0xf8
[   67.180925]  ? retint_kernel+0x10/0x10
[   67.184809]  ? trace_hardirqs_on+0x55/0x1c0
[   67.189181]  ? read_word_at_a_time+0xe/0x20
[   67.193493]  end_report+0x48/0x4e
[   67.196927]  ? read_word_at_a_time+0xe/0x20
[   67.201410]  kasan_report.cold+0xd/0x3c
[   67.205544]  ? read_word_at_a_time+0xe/0x20
[   67.210017]  read_word_at_a_time+0xe/0x20
[   67.214157]  strscpy+0x8a/0x280
[   67.217486]  zr364xx_vidioc_querycap+0xb5/0x210
[   67.222161]  v4l_querycap+0x12b/0x340
[   67.225962]  __video_do_ioctl+0x5bb/0xb40
[   67.230119]  ? copy_overflow+0x30/0x30
[   67.234007]  ? save_stack+0x89/0xa0
[   67.237628]  ? __kasan_slab_free+0x130/0x180
[   67.242031]  video_usercopy+0x44e/0xef0
[   67.245995]  ? copy_overflow+0x30/0x30
[   67.249979]  ? v4l_enumstd+0x70/0x70
[   67.253688]  ? _raw_spin_unlock_irqrestore+0x4b/0x60
[   67.258778]  ? video_usercopy+0xef0/0xef0
[   67.262911]  v4l2_ioctl+0x14e/0x1a0
[   67.266526]  ? video_devdata+0xa0/0xa0
[   67.270532]  do_vfs_ioctl+0xced/0x12f0
[   67.274412]  ? ioctl_preallocate+0x200/0x200
[   67.278918]  ? putname+0xe6/0x120
[   67.282512]  ? rcu_read_lock_sched_held+0x10f/0x130
[   67.287520]  ? putname+0xe6/0x120
[   67.290970]  ? kmem_cache_free+0x259/0x2b0
[   67.295211]  ? putname+0xe6/0x120
[   67.298704]  ? do_sys_open+0x2ec/0x590
[   67.302596]  ksys_ioctl+0xa0/0xc0
[   67.306105]  __x64_sys_ioctl+0x74/0xb0
[   67.309990]  ? lockdep_hardirqs_on+0x37e/0x580
[   67.314735]  do_syscall_64+0xcf/0x4f0
[   67.318535]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   67.323717] RIP: 0033:0x7f940d6a9347
[   67.327558] Code: 90 90 90 48 8b 05 f1 fa 2a 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 90 90 90 90 90 90 90 90 90 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c1 fa 2a 00 31 d2 48 29 c2 64
[   67.346467] RSP: 002b:00007ffc47332c78 EFLAGS: 00000206 ORIG_RAX: 0000000000000010
[   67.354170] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f940d6a9347
[   67.361430] RDX: 00007ffc47332c80 RSI: 0000000080685600 RDI: 0000000000000003
[   67.368702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   67.375975] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000400884
[   67.383234] R13: 00007ffc47332dd0 R14: 0000000000000000 R15: 0000000000000000
[   67.391237] Kernel Offset: disabled
[   67.394871] Rebooting in 86400 seconds..