[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   27.067814] kauditd_printk_skb: 7 callbacks suppressed
[   27.067826] audit: type=1800 audit(1541812812.874:29): pid=5539 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   27.095065] audit: type=1800 audit(1541812812.874:30): pid=5539 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.122' (ECDSA) to the list of known hosts.
2018/11/10 01:20:40 parsed 1 programs
2018/11/10 01:20:42 executed programs: 0
syzkaller login: [   56.743247] IPVS: ftp: loaded support on port[0] = 21
[   56.991216] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.998123] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.005532] device bridge_slave_0 entered promiscuous mode
[   57.023870] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.030555] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.037401] device bridge_slave_1 entered promiscuous mode
[   57.055942] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   57.074014] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   57.123528] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   57.143143] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   57.220025] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   57.227258] team0: Port device team_slave_0 added
[   57.244207] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   57.251468] team0: Port device team_slave_1 added
[   57.269261] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   57.288527] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   57.307737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   57.327094] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   57.476577] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.483117] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.489959] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.496300] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.024277] 8021q: adding VLAN 0 to HW filter on device bond0
[   58.075661] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   58.129575] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   58.135743] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.143508] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.188630] 8021q: adding VLAN 0 to HW filter on device team0
2018/11/10 01:20:47 executed programs: 15
2018/11/10 01:20:52 executed programs: 46
2018/11/10 01:20:58 executed programs: 77
2018/11/10 01:21:03 executed programs: 106
2018/11/10 01:21:08 executed programs: 129
2018/11/10 01:21:13 executed programs: 152
[   91.418400] vivid-000: kernel_thread() failed
[   91.461367] ==================================================================
[   91.469007] BUG: KASAN: null-ptr-deref in kthread_stop+0x10d/0x900
[   91.475327] Write of size 4 at addr 000000000000001c by task syz-executor0/6653
[   91.482876] 
[   91.484526] CPU: 0 PID: 6653 Comm: syz-executor0 Not tainted 4.20.0-rc1+ #328
[   91.491912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   91.501406] Call Trace:
[   91.504110]  dump_stack+0x244/0x39d
[   91.507752]  ? dump_stack_print_info.cold.1+0x20/0x20
[   91.513309]  ? vprintk_func+0x85/0x181
[   91.517209]  kasan_report.cold.8+0x6d/0x309
[   91.521633]  ? kthread_stop+0x10d/0x900
[   91.525746]  check_memory_region+0x13e/0x1b0
[   91.530159]  kasan_check_write+0x14/0x20
[   91.534221]  kthread_stop+0x10d/0x900
[   91.538024]  ? kthread_unpark+0x160/0x160
[   91.542174]  ? __lock_is_held+0xb5/0x140
[   91.546245]  vivid_stop_generating_vid_cap+0x2bb/0x9ae
[   91.551523]  ? vivid_start_generating_vid_cap+0x4c0/0x4c0
[   91.557064]  ? _vb2_fop_release+0x3f/0x2b0
[   91.561305]  ? mutex_trylock+0x2b0/0x2b0
[   91.565472]  ? vivid_fop_release+0x66/0x440
[   91.569805]  ? __mutex_lock+0x85e/0x16f0
[   91.573877]  vid_cap_stop_streaming+0x8d/0xe0
[   91.578384]  ? vid_cap_buf_queue+0x310/0x310
[   91.582824]  __vb2_queue_cancel+0x171/0xd20
[   91.587538]  ? lock_downgrade+0x900/0x900
[   91.591931]  ? vb2_buffer_done+0xb90/0xb90
[   91.596264]  ? find_held_lock+0x36/0x1c0
[   91.600335]  ? mark_held_locks+0xc7/0x130
[   91.604489]  ? kasan_check_write+0x14/0x20
[   91.608727]  ? __mutex_unlock_slowpath+0x197/0x8c0
[   91.613798]  ? kasan_check_read+0x11/0x20
[   91.617951]  ? wait_for_completion+0x8a0/0x8a0
[   91.622532]  ? trace_hardirqs_off_caller+0x310/0x310
[   91.627636]  ? vfs_lock_file+0xe0/0xe0
[   91.631524]  vb2_core_streamoff+0x60/0x140
[   91.635851]  __vb2_cleanup_fileio+0x73/0x160
[   91.640267]  vb2_core_queue_release+0x1e/0x80
[   91.644766]  _vb2_fop_release+0x1d2/0x2b0
[   91.649053]  vb2_fop_release+0x77/0xc0
[   91.652948]  vivid_fop_release+0x18e/0x440
[   91.657182]  ? vivid_remove+0x460/0x460
[   91.661151]  v4l2_release+0x224/0x3a0
[   91.664954]  ? dev_debug_store+0x140/0x140
[   91.669194]  __fput+0x385/0xa30
[   91.672475]  ? get_max_files+0x20/0x20
[   91.676362]  ? trace_hardirqs_on+0xbd/0x310
[   91.680705]  ? kasan_check_read+0x11/0x20
[   91.684853]  ? task_work_run+0x1af/0x2a0
[   91.688911]  ? trace_hardirqs_off_caller+0x310/0x310
[   91.694018]  ? filp_close+0x1cd/0x250
[   91.697817]  ____fput+0x15/0x20
[   91.701099]  task_work_run+0x1e8/0x2a0
[   91.705104]  ? task_work_cancel+0x240/0x240
[   91.709429]  ? copy_fd_bitmaps+0x210/0x210
[   91.713762]  ? do_syscall_64+0x9a/0x820
[   91.717875]  exit_to_usermode_loop+0x318/0x380
[   91.722459]  ? __bpf_trace_sys_exit+0x30/0x30
[   91.726961]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   91.732497]  do_syscall_64+0x6be/0x820
[   91.736386]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   91.741831]  ? syscall_return_slowpath+0x5e0/0x5e0
[   91.746968]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   91.751814]  ? trace_hardirqs_on_caller+0x310/0x310
[   91.756837]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   91.761933]  ? prepare_exit_to_usermode+0x291/0x3b0
[   91.767083]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   91.771939]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   91.777134] RIP: 0033:0x411021
[   91.780337] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[   91.799535] RSP: 002b:00007ffc4b71cb00 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   91.807394] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000411021
[   91.814664] RDX: 0000000000000000 RSI: 0000000000730230 RDI: 0000000000000003
[   91.821953] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   91.829221] R10: 00007ffc4b71ca20 R11: 0000000000000293 R12: 0000000000000000
[   91.836951] R13: 0000000000000001 R14: 00000000000000ae R15: 0000000000000000
[   91.844489] ==================================================================
[   91.852206] Disabling lock debugging due to kernel taint
[   91.858299] Kernel panic - not syncing: panic_on_warn set ...
[   91.864193] CPU: 0 PID: 6653 Comm: syz-executor0 Tainted: G    B             4.20.0-rc1+ #328
[   91.872944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   91.882300] Call Trace:
[   91.884962]  dump_stack+0x244/0x39d
[   91.888595]  ? dump_stack_print_info.cold.1+0x20/0x20
[   91.893792]  panic+0x2ad/0x55c
[   91.896987]  ? add_taint.cold.5+0x16/0x16
[   91.901133]  ? preempt_schedule+0x4d/0x60
[   91.905421]  ? ___preempt_schedule+0x16/0x18
[   91.909827]  ? trace_hardirqs_on+0xb4/0x310
[   91.914421]  kasan_end_report+0x47/0x4f
[   91.918405]  kasan_report.cold.8+0x76/0x309
[   91.922847]  ? kthread_stop+0x10d/0x900
[   91.926957]  check_memory_region+0x13e/0x1b0
[   91.931503]  kasan_check_write+0x14/0x20
[   91.935564]  kthread_stop+0x10d/0x900
[   91.939362]  ? kthread_unpark+0x160/0x160
[   91.943520]  ? __lock_is_held+0xb5/0x140
[   91.947596]  vivid_stop_generating_vid_cap+0x2bb/0x9ae
[   91.952998]  ? vivid_start_generating_vid_cap+0x4c0/0x4c0
[   91.958694]  ? _vb2_fop_release+0x3f/0x2b0
[   91.962937]  ? mutex_trylock+0x2b0/0x2b0
[   91.967256]  ? vivid_fop_release+0x66/0x440
[   91.971585]  ? __mutex_lock+0x85e/0x16f0
[   91.975648]  vid_cap_stop_streaming+0x8d/0xe0
[   91.980164]  ? vid_cap_buf_queue+0x310/0x310
[   91.984586]  __vb2_queue_cancel+0x171/0xd20
[   91.988919]  ? lock_downgrade+0x900/0x900
[   91.993238]  ? vb2_buffer_done+0xb90/0xb90
[   91.997474]  ? find_held_lock+0x36/0x1c0
[   92.001536]  ? mark_held_locks+0xc7/0x130
[   92.005828]  ? kasan_check_write+0x14/0x20
[   92.010223]  ? __mutex_unlock_slowpath+0x197/0x8c0
[   92.015154]  ? kasan_check_read+0x11/0x20
[   92.019302]  ? wait_for_completion+0x8a0/0x8a0
[   92.023884]  ? trace_hardirqs_off_caller+0x310/0x310
[   92.029131]  ? vfs_lock_file+0xe0/0xe0
[   92.033027]  vb2_core_streamoff+0x60/0x140
[   92.037377]  __vb2_cleanup_fileio+0x73/0x160
[   92.041788]  vb2_core_queue_release+0x1e/0x80
[   92.046392]  _vb2_fop_release+0x1d2/0x2b0
[   92.050565]  vb2_fop_release+0x77/0xc0
[   92.054466]  vivid_fop_release+0x18e/0x440
[   92.058791]  ? vivid_remove+0x460/0x460
[   92.062772]  v4l2_release+0x224/0x3a0
[   92.066719]  ? dev_debug_store+0x140/0x140
[   92.070955]  __fput+0x385/0xa30
[   92.074916]  ? get_max_files+0x20/0x20
[   92.078805]  ? trace_hardirqs_on+0xbd/0x310
[   92.083212]  ? kasan_check_read+0x11/0x20
[   92.087474]  ? task_work_run+0x1af/0x2a0
[   92.091538]  ? trace_hardirqs_off_caller+0x310/0x310
[   92.096885]  ? filp_close+0x1cd/0x250
[   92.100917]  ____fput+0x15/0x20
[   92.104207]  task_work_run+0x1e8/0x2a0
[   92.108233]  ? task_work_cancel+0x240/0x240
[   92.112665]  ? copy_fd_bitmaps+0x210/0x210
[   92.116922]  ? do_syscall_64+0x9a/0x820
[   92.120889]  exit_to_usermode_loop+0x318/0x380
[   92.125468]  ? __bpf_trace_sys_exit+0x30/0x30
[   92.130258]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.135807]  do_syscall_64+0x6be/0x820
[   92.139718]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   92.145078]  ? syscall_return_slowpath+0x5e0/0x5e0
[   92.150094]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   92.154947]  ? trace_hardirqs_on_caller+0x310/0x310
[   92.159986]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   92.165006]  ? prepare_exit_to_usermode+0x291/0x3b0
[   92.170023]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   92.174991]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   92.180178] RIP: 0033:0x411021
[   92.183496] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[   92.202577] RSP: 002b:00007ffc4b71cb00 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   92.210359] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000411021
[   92.217742] RDX: 0000000000000000 RSI: 0000000000730230 RDI: 0000000000000003
[   92.225522] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   92.232795] R10: 00007ffc4b71ca20 R11: 0000000000000293 R12: 0000000000000000
[   92.240063] R13: 0000000000000001 R14: 00000000000000ae R15: 0000000000000000
[   92.248337] Kernel Offset: disabled
[   92.252118] Rebooting in 86400 seconds..