[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty1. [ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.11' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 63.333600][ T6893] ------------[ cut here ]------------ [ 63.339229][ T6893] WARNING: CPU: 0 PID: 6893 at mm/gup.c:2992 pin_user_pages_locked+0x60d/0x780 [ 63.349335][ T6893] Modules linked in: [ 63.353469][ T6893] CPU: 0 PID: 6893 Comm: syz-executor513 Not tainted 5.9.0-rc8-next-20201006-syzkaller #0 [ 63.363712][ T6893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.374021][ T6893] RIP: 0010:pin_user_pages_locked+0x60d/0x780 [ 63.380476][ T6893] Code: cf ff 49 83 c7 08 e8 22 2e cf ff 48 8b 44 24 10 c6 44 24 10 01 48 05 00 10 00 00 48 89 44 24 08 e9 65 fb ff ff e8 03 2e cf ff <0f> 0b 49 c7 c4 ea ff ff ff e9 8a fe ff ff e8 f0 2d cf ff 0f 0b 49 [ 63.400567][ T6893] RSP: 0018:ffffc900011c7648 EFLAGS: 00010293 [ 63.406644][ T6893] RAX: 0000000000000000 RBX: 0000000000010000 RCX: ffffffff81a61358 [ 63.415420][ T6893] RDX: ffff8880a6822000 RSI: ffffffff81a6192d RDI: 0000000000000005 [ 63.423932][ T6893] RBP: ffffc900011c7728 R08: ffffc900011c7728 R09: ffff88808e116307 [ 63.432411][ T6893] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 63.440936][ T6893] R13: 0000000000000110 R14: 0000000000000110 R15: ffff888092918010 [ 63.448902][ T6893] FS: 00000000024e4880(0000) GS:ffff8880ae400000(0000) knlGS:0000000000000000 [ 63.458706][ T6893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 63.465626][ T6893] CR2: 00007f91c63cc028 CR3: 00000000a7259000 CR4: 00000000001506f0 [ 63.474131][ T6893] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 63.482238][ T6893] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 63.490409][ T6893] Call Trace: [ 63.493725][ T6893] get_vaddr_frames+0x788/0x960 [ 63.498579][ T6893] ? mark_held_locks+0x9f/0xe0 [ 63.504567][ T6893] ? kasan_unpoison_shadow+0x33/0x40 [ 63.509970][ T6893] ? frame_vector_destroy+0x70/0x70 [ 63.515172][ T6893] ? kvmalloc_node+0x69/0xf0 [ 63.520106][ T6893] vb2_create_framevec+0x55/0xc0 [ 63.525069][ T6893] vb2_vmalloc_get_userptr+0xce/0x4c0 [ 63.530517][ T6893] ? vb2_vmalloc_dmabuf_ops_attach+0x430/0x430 [ 63.536701][ T6893] __prepare_userptr+0x342/0x15f0 [ 63.541828][ T6893] ? vb2_queue_error+0x60/0x60 [ 63.546619][ T6893] ? tomoyo_path_number_perm+0x441/0x590 [ 63.552429][ T6893] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 63.558414][ T6893] ? stack_trace_consume_entry+0x160/0x160 [ 63.564345][ T6893] ? lock_acquire+0x1f2/0xaa0 [ 63.569057][ T6893] ? __video_do_ioctl+0x550/0xe20 [ 63.574161][ T6893] ? lock_release+0x890/0x890 [ 63.578846][ T6893] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 63.584990][ T6893] ? kfree+0x212/0x2a0 [ 63.589064][ T6893] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 63.595113][ T6893] __buf_prepare+0x635/0x7d0 [ 63.599838][ T6893] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 63.605741][ T6893] ? vb2_queue_or_prepare_buf+0x68d/0x2640 [ 63.611822][ T6893] vb2_core_qbuf+0xa9d/0x11c0 [ 63.616505][ T6893] vb2_qbuf+0x135/0x1a0 [ 63.621820][ T6893] ? vb2_ioctl_prepare_buf+0x140/0x140 [ 63.627287][ T6893] vb2_ioctl_qbuf+0xfb/0x140 [ 63.632905][ T6893] v4l_qbuf+0x92/0xc0 [ 63.636895][ T6893] __video_do_ioctl+0xb94/0xe20 [ 63.641916][ T6893] ? v4l_print_control+0x60/0x60 [ 63.646863][ T6893] ? kfree+0x24a/0x2a0 [ 63.651015][ T6893] video_usercopy+0x207/0xe50 [ 63.655717][ T6893] ? v4l_print_control+0x60/0x60 [ 63.660740][ T6893] ? v4l_enumstd+0x60/0x60 [ 63.665170][ T6893] ? __generic_block_fiemap+0x670/0x6a0 [ 63.670842][ T6893] v4l2_ioctl+0x1b3/0x250 [ 63.675177][ T6893] ? v4l2_prio_init+0x20/0x20 [ 63.679949][ T6893] __x64_sys_ioctl+0x193/0x200 [ 63.684805][ T6893] do_syscall_64+0x2d/0x70 [ 63.689208][ T6893] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 63.695158][ T6893] RIP: 0033:0x443ff9 [ 63.699062][ T6893] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb d7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 63.718819][ T6893] RSP: 002b:00007ffd1306b5e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 63.727364][ T6893] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 0000000000443ff9 [ 63.735460][ T6893] RDX: 0000000020000140 RSI: 00000000c058560f RDI: 0000000000000003 [ 63.743493][ T6893] RBP: 00000000006ce018 R08: 00000000004002e0 R09: 00000000004002e0 [ 63.751563][ T6893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401c80 [ 63.759534][ T6893] R13: 0000000000401d10 R14: 0000000000000000 R15: 0000000000000000 [ 63.768667][ T6893] Kernel panic - not syncing: panic_on_warn set ... [ 63.775271][ T6893] CPU: 1 PID: 6893 Comm: syz-executor513 Not tainted 5.9.0-rc8-next-20201006-syzkaller #0 [ 63.785407][ T6893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.795449][ T6893] Call Trace: [ 63.798741][ T6893] dump_stack+0x198/0x1fb [ 63.803075][ T6893] panic+0x382/0x7fb [ 63.806964][ T6893] ? __warn_printk+0xf3/0xf3 [ 63.811541][ T6893] ? __warn.cold+0x1d/0xbb [ 63.815934][ T6893] ? __warn.cold+0x14/0xbb [ 63.820341][ T6893] ? pin_user_pages_locked+0x60d/0x780 [ 63.825779][ T6893] __warn.cold+0x38/0xbb [ 63.830004][ T6893] ? pin_user_pages_locked+0x60d/0x780 [ 63.835441][ T6893] report_bug+0x1bd/0x210 [ 63.839756][ T6893] handle_bug+0x38/0x90 [ 63.843889][ T6893] ? v4l_qbuf+0x92/0xc0 [ 63.848019][ T6893] exc_invalid_op+0x14/0x40 [ 63.853819][ T6893] asm_exc_invalid_op+0x12/0x20 [ 63.858652][ T6893] RIP: 0010:pin_user_pages_locked+0x60d/0x780 [ 63.864705][ T6893] Code: cf ff 49 83 c7 08 e8 22 2e cf ff 48 8b 44 24 10 c6 44 24 10 01 48 05 00 10 00 00 48 89 44 24 08 e9 65 fb ff ff e8 03 2e cf ff <0f> 0b 49 c7 c4 ea ff ff ff e9 8a fe ff ff e8 f0 2d cf ff 0f 0b 49 [ 63.884384][ T6893] RSP: 0018:ffffc900011c7648 EFLAGS: 00010293 [ 63.890433][ T6893] RAX: 0000000000000000 RBX: 0000000000010000 RCX: ffffffff81a61358 [ 63.898392][ T6893] RDX: ffff8880a6822000 RSI: ffffffff81a6192d RDI: 0000000000000005 [ 63.906340][ T6893] RBP: ffffc900011c7728 R08: ffffc900011c7728 R09: ffff88808e116307 [ 63.914302][ T6893] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 63.922252][ T6893] R13: 0000000000000110 R14: 0000000000000110 R15: ffff888092918010 [ 63.930222][ T6893] ? pin_user_pages_locked+0x38/0x780 [ 63.935585][ T6893] ? pin_user_pages_locked+0x60d/0x780 [ 63.941052][ T6893] ? pin_user_pages_locked+0x60d/0x780 [ 63.946495][ T6893] get_vaddr_frames+0x788/0x960 [ 63.951350][ T6893] ? mark_held_locks+0x9f/0xe0 [ 63.956117][ T6893] ? kasan_unpoison_shadow+0x33/0x40 [ 63.961384][ T6893] ? frame_vector_destroy+0x70/0x70 [ 63.966574][ T6893] ? kvmalloc_node+0x69/0xf0 [ 63.971163][ T6893] vb2_create_framevec+0x55/0xc0 [ 63.976096][ T6893] vb2_vmalloc_get_userptr+0xce/0x4c0 [ 63.981458][ T6893] ? vb2_vmalloc_dmabuf_ops_attach+0x430/0x430 [ 63.987596][ T6893] __prepare_userptr+0x342/0x15f0 [ 63.992627][ T6893] ? vb2_queue_error+0x60/0x60 [ 63.997385][ T6893] ? tomoyo_path_number_perm+0x441/0x590 [ 64.003002][ T6893] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 64.008980][ T6893] ? stack_trace_consume_entry+0x160/0x160 [ 64.014798][ T6893] ? lock_acquire+0x1f2/0xaa0 [ 64.019484][ T6893] ? __video_do_ioctl+0x550/0xe20 [ 64.024526][ T6893] ? lock_release+0x890/0x890 [ 64.029211][ T6893] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 64.035289][ T6893] ? kfree+0x212/0x2a0 [ 64.039374][ T6893] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 64.045369][ T6893] __buf_prepare+0x635/0x7d0 [ 64.050080][ T6893] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 64.056009][ T6893] ? vb2_queue_or_prepare_buf+0x68d/0x2640 [ 64.061826][ T6893] vb2_core_qbuf+0xa9d/0x11c0 [ 64.066520][ T6893] vb2_qbuf+0x135/0x1a0 [ 64.070688][ T6893] ? vb2_ioctl_prepare_buf+0x140/0x140 [ 64.076165][ T6893] vb2_ioctl_qbuf+0xfb/0x140 [ 64.080778][ T6893] v4l_qbuf+0x92/0xc0 [ 64.084795][ T6893] __video_do_ioctl+0xb94/0xe20 [ 64.089664][ T6893] ? v4l_print_control+0x60/0x60 [ 64.094663][ T6893] ? kfree+0x24a/0x2a0 [ 64.098754][ T6893] video_usercopy+0x207/0xe50 [ 64.103431][ T6893] ? v4l_print_control+0x60/0x60 [ 64.108353][ T6893] ? v4l_enumstd+0x60/0x60 [ 64.112756][ T6893] ? __generic_block_fiemap+0x670/0x6a0 [ 64.118297][ T6893] v4l2_ioctl+0x1b3/0x250 [ 64.122611][ T6893] ? v4l2_prio_init+0x20/0x20 [ 64.127271][ T6893] __x64_sys_ioctl+0x193/0x200 [ 64.132019][ T6893] do_syscall_64+0x2d/0x70 [ 64.136420][ T6893] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 64.142295][ T6893] RIP: 0033:0x443ff9 [ 64.146172][ T6893] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb d7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 64.165765][ T6893] RSP: 002b:00007ffd1306b5e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 64.174166][ T6893] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 0000000000443ff9 [ 64.182301][ T6893] RDX: 0000000020000140 RSI: 00000000c058560f RDI: 0000000000000003 [ 64.190255][ T6893] RBP: 00000000006ce018 R08: 00000000004002e0 R09: 00000000004002e0 [ 64.198205][ T6893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401c80 [ 64.206154][ T6893] R13: 0000000000401d10 R14: 0000000000000000 R15: 0000000000000000 [ 64.215314][ T6893] Kernel Offset: disabled [ 64.219716][ T6893] Rebooting in 86400 seconds..