Warning: Permanently added '10.128.0.122' (ECDSA) to the list of known hosts.
syzkaller login: [   96.565440] audit: type=1400 audit(1544029421.045:36): avc:  denied  { map } for  pid=6138 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2018/12/05 17:03:41 parsed 1 programs
[   97.110408] audit: type=1400 audit(1544029421.595:37): avc:  denied  { map } for  pid=6138 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=68 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
2018/12/05 17:03:43 executed programs: 0
[   98.798494] IPVS: ftp: loaded support on port[0] = 21
[   99.065212] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.072400] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.079873] device bridge_slave_0 entered promiscuous mode
[   99.100788] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.107189] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.114415] device bridge_slave_1 entered promiscuous mode
[   99.132729] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   99.151453] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   99.204108] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   99.225799] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   99.305173] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   99.312882] team0: Port device team_slave_0 added
[   99.331803] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   99.339104] team0: Port device team_slave_1 added
[   99.356868] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   99.378648] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   99.400019] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   99.422044] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   99.577567] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.584026] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.591068] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.597403] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.146074] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.201082] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  100.254229] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  100.260470] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  100.267547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.328341] 8021q: adding VLAN 0 to HW filter on device team0
[  100.671765] audit: type=1400 audit(1544029425.155:38): avc:  denied  { associate } for  pid=6151 comm="syz-executor0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
2018/12/05 17:03:48 executed programs: 86
[  106.652613] vivid-000: kernel_thread() failed
[  107.477692] ==================================================================
[  107.485294] BUG: KASAN: null-ptr-deref in kthread_stop+0x10d/0x900
[  107.491610] Write of size 4 at addr 000000000000001c by task syz-executor0/7269
[  107.499035] 
[  107.500647] CPU: 1 PID: 7269 Comm: syz-executor0 Not tainted 4.20.0-rc5+ #142
[  107.507898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  107.517231] Call Trace:
[  107.519805]  dump_stack+0x244/0x39d
[  107.523439]  ? dump_stack_print_info.cold.1+0x20/0x20
[  107.528624]  ? vprintk_func+0x85/0x181
[  107.532499]  kasan_report.cold.8+0x6d/0x309
[  107.536845]  ? kthread_stop+0x10d/0x900
[  107.540809]  check_memory_region+0x13e/0x1b0
[  107.545211]  kasan_check_write+0x14/0x20
[  107.549290]  kthread_stop+0x10d/0x900
[  107.553081]  ? kthread_unpark+0x160/0x160
[  107.557236]  ? __lock_is_held+0xb5/0x140
[  107.561351]  vivid_stop_generating_vid_cap+0x2bb/0x9ae
[  107.566619]  ? vivid_start_generating_vid_cap+0x4c0/0x4c0
[  107.572144]  ? _vb2_fop_release+0x3f/0x2b0
[  107.576379]  ? mutex_trylock+0x2b0/0x2b0
[  107.580427]  ? vivid_fop_release+0x66/0x440
[  107.584734]  ? __mutex_lock+0x85e/0x16f0
[  107.588797]  vid_cap_stop_streaming+0x8d/0xe0
[  107.593284]  ? vid_cap_buf_queue+0x310/0x310
[  107.597678]  __vb2_queue_cancel+0x171/0xd20
[  107.601988]  ? lock_downgrade+0x900/0x900
[  107.606122]  ? vb2_buffer_done+0xb90/0xb90
[  107.610341]  ? find_held_lock+0x36/0x1c0
[  107.614409]  ? mark_held_locks+0xc7/0x130
[  107.618569]  ? kasan_check_write+0x14/0x20
[  107.622862]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  107.627777]  ? kasan_check_read+0x11/0x20
[  107.631919]  ? wait_for_completion+0x8a0/0x8a0
[  107.636496]  ? trace_hardirqs_off_caller+0x310/0x310
[  107.641588]  vb2_core_streamoff+0x60/0x140
[  107.645808]  __vb2_cleanup_fileio+0x73/0x160
[  107.650212]  vb2_core_queue_release+0x1e/0x80
[  107.654692]  _vb2_fop_release+0x1d2/0x2b0
[  107.658834]  vb2_fop_release+0x77/0xc0
[  107.662704]  vivid_fop_release+0x18e/0x440
[  107.666923]  ? vivid_remove+0x460/0x460
[  107.670898]  v4l2_release+0x224/0x3a0
[  107.674686]  ? dev_debug_store+0x140/0x140
[  107.678915]  __fput+0x385/0xa30
[  107.682201]  ? get_max_files+0x20/0x20
[  107.686086]  ? trace_hardirqs_on+0xbd/0x310
[  107.690391]  ? kasan_check_read+0x11/0x20
[  107.694533]  ? task_work_run+0x1af/0x2a0
[  107.698588]  ? trace_hardirqs_off_caller+0x310/0x310
[  107.703675]  ? check_preemption_disabled+0x48/0x280
[  107.708676]  ____fput+0x15/0x20
[  107.711952]  task_work_run+0x1e8/0x2a0
[  107.715847]  ? task_work_cancel+0x240/0x240
[  107.720202]  get_signal+0x1558/0x1980
[  107.724000]  ? compat_poll_select_copy_remaining+0x6c0/0x6c0
[  107.729780]  ? save_stack+0x43/0xd0
[  107.733407]  ? ptrace_notify+0x130/0x130
[  107.737451]  ? zap_class+0x640/0x640
[  107.741155]  ? find_held_lock+0x36/0x1c0
[  107.745214]  ? __might_fault+0x12b/0x1e0
[  107.749281]  ? poll_select_copy_remaining+0x433/0x6a0
[  107.754456]  do_signal+0x9c/0x21c0
[  107.757979]  ? perf_trace_sched_process_exec+0x860/0x860
[  107.763413]  ? posix_ktime_get_ts+0x15/0x20
[  107.767717]  ? trace_hardirqs_off_caller+0x310/0x310
[  107.772801]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  107.777735]  ? kasan_check_read+0x11/0x20
[  107.781874]  ? setup_sigcontext+0x7d0/0x7d0
[  107.786181]  ? exit_to_usermode_loop+0x8c/0x380
[  107.790840]  ? exit_to_usermode_loop+0x8c/0x380
[  107.795519]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  107.800129]  ? trace_hardirqs_on+0xbd/0x310
[  107.804442]  ? do_syscall_64+0x6be/0x820
[  107.808683]  ? trace_hardirqs_off_caller+0x310/0x310
[  107.813789]  ? nsecs_to_jiffies+0x30/0x30
[  107.817933]  ? do_syscall_64+0x9a/0x820
[  107.821891]  ? do_syscall_64+0x9a/0x820
[  107.825868]  exit_to_usermode_loop+0x2e5/0x380
[  107.830465]  ? __bpf_trace_sys_exit+0x30/0x30
[  107.834980]  do_syscall_64+0x6be/0x820
[  107.838865]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  107.844225]  ? syscall_return_slowpath+0x5e0/0x5e0
[  107.849149]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  107.853976]  ? trace_hardirqs_on_caller+0x310/0x310
[  107.858999]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  107.864027]  ? prepare_exit_to_usermode+0x291/0x3b0
[  107.869041]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  107.873888]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  107.879087] RIP: 0033:0x457569
[  107.882281] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  107.901181] RSP: 002b:00007f1cbfebac78 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  107.908871] RAX: 0000000000000003 RBX: 0000000000000005 RCX: 0000000000457569
[  107.916119] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000020000000
[  107.923369] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  107.930620] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1cbfebb6d4
[  107.937874] R13: 00000000004c33a8 R14: 00000000004d54c8 R15: 00000000ffffffff
[  107.945137] ==================================================================
[  107.952491] Disabling lock debugging due to kernel taint
[  107.958066] Kernel panic - not syncing: panic_on_warn set ...
[  107.963969] CPU: 1 PID: 7269 Comm: syz-executor0 Tainted: G    B             4.20.0-rc5+ #142
[  107.972613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  107.981946] Call Trace:
[  107.984521]  dump_stack+0x244/0x39d
[  107.988134]  ? dump_stack_print_info.cold.1+0x20/0x20
[  107.993323]  panic+0x2ad/0x55c
[  107.996507]  ? add_taint.cold.5+0x16/0x16
[  108.000646]  ? preempt_schedule+0x4d/0x60
[  108.004777]  ? ___preempt_schedule+0x16/0x18
[  108.009173]  ? trace_hardirqs_on+0xb4/0x310
[  108.013482]  kasan_end_report+0x47/0x4f
[  108.017439]  kasan_report.cold.8+0x76/0x309
[  108.021744]  ? kthread_stop+0x10d/0x900
[  108.025716]  check_memory_region+0x13e/0x1b0
[  108.030109]  kasan_check_write+0x14/0x20
[  108.034250]  kthread_stop+0x10d/0x900
[  108.038060]  ? kthread_unpark+0x160/0x160
[  108.042200]  ? __lock_is_held+0xb5/0x140
[  108.046250]  vivid_stop_generating_vid_cap+0x2bb/0x9ae
[  108.051509]  ? vivid_start_generating_vid_cap+0x4c0/0x4c0
[  108.057048]  ? _vb2_fop_release+0x3f/0x2b0
[  108.061270]  ? mutex_trylock+0x2b0/0x2b0
[  108.065314]  ? vivid_fop_release+0x66/0x440
[  108.069617]  ? __mutex_lock+0x85e/0x16f0
[  108.073663]  vid_cap_stop_streaming+0x8d/0xe0
[  108.078153]  ? vid_cap_buf_queue+0x310/0x310
[  108.082656]  __vb2_queue_cancel+0x171/0xd20
[  108.086959]  ? lock_downgrade+0x900/0x900
[  108.091091]  ? vb2_buffer_done+0xb90/0xb90
[  108.095372]  ? find_held_lock+0x36/0x1c0
[  108.099428]  ? mark_held_locks+0xc7/0x130
[  108.103578]  ? kasan_check_write+0x14/0x20
[  108.107791]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  108.112704]  ? kasan_check_read+0x11/0x20
[  108.116870]  ? wait_for_completion+0x8a0/0x8a0
[  108.121538]  ? trace_hardirqs_off_caller+0x310/0x310
[  108.126625]  vb2_core_streamoff+0x60/0x140
[  108.130845]  __vb2_cleanup_fileio+0x73/0x160
[  108.135238]  vb2_core_queue_release+0x1e/0x80
[  108.139734]  _vb2_fop_release+0x1d2/0x2b0
[  108.143877]  vb2_fop_release+0x77/0xc0
[  108.147754]  vivid_fop_release+0x18e/0x440
[  108.151973]  ? vivid_remove+0x460/0x460
[  108.155941]  v4l2_release+0x224/0x3a0
[  108.159735]  ? dev_debug_store+0x140/0x140
[  108.163951]  __fput+0x385/0xa30
[  108.167214]  ? get_max_files+0x20/0x20
[  108.171106]  ? trace_hardirqs_on+0xbd/0x310
[  108.175408]  ? kasan_check_read+0x11/0x20
[  108.179538]  ? task_work_run+0x1af/0x2a0
[  108.183582]  ? trace_hardirqs_off_caller+0x310/0x310
[  108.188682]  ? check_preemption_disabled+0x48/0x280
[  108.193694]  ____fput+0x15/0x20
[  108.196983]  task_work_run+0x1e8/0x2a0
[  108.200862]  ? task_work_cancel+0x240/0x240
[  108.205179]  get_signal+0x1558/0x1980
[  108.209113]  ? compat_poll_select_copy_remaining+0x6c0/0x6c0
[  108.214910]  ? save_stack+0x43/0xd0
[  108.218516]  ? ptrace_notify+0x130/0x130
[  108.222555]  ? zap_class+0x640/0x640
[  108.226253]  ? find_held_lock+0x36/0x1c0
[  108.230314]  ? __might_fault+0x12b/0x1e0
[  108.234355]  ? poll_select_copy_remaining+0x433/0x6a0
[  108.239526]  do_signal+0x9c/0x21c0
[  108.243050]  ? perf_trace_sched_process_exec+0x860/0x860
[  108.248490]  ? posix_ktime_get_ts+0x15/0x20
[  108.252811]  ? trace_hardirqs_off_caller+0x310/0x310
[  108.257900]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  108.262844]  ? kasan_check_read+0x11/0x20
[  108.266978]  ? setup_sigcontext+0x7d0/0x7d0
[  108.271282]  ? exit_to_usermode_loop+0x8c/0x380
[  108.275938]  ? exit_to_usermode_loop+0x8c/0x380
[  108.280598]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  108.285169]  ? trace_hardirqs_on+0xbd/0x310
[  108.289510]  ? do_syscall_64+0x6be/0x820
[  108.293558]  ? trace_hardirqs_off_caller+0x310/0x310
[  108.298651]  ? nsecs_to_jiffies+0x30/0x30
[  108.302778]  ? do_syscall_64+0x9a/0x820
[  108.306746]  ? do_syscall_64+0x9a/0x820
[  108.310702]  exit_to_usermode_loop+0x2e5/0x380
[  108.315280]  ? __bpf_trace_sys_exit+0x30/0x30
[  108.319756]  do_syscall_64+0x6be/0x820
[  108.323623]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  108.328980]  ? syscall_return_slowpath+0x5e0/0x5e0
[  108.333904]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  108.338739]  ? trace_hardirqs_on_caller+0x310/0x310
[  108.343746]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  108.348746]  ? prepare_exit_to_usermode+0x291/0x3b0
[  108.353753]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  108.358606]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  108.363793] RIP: 0033:0x457569
[  108.366972] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  108.385850] RSP: 002b:00007f1cbfebac78 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  108.393550] RAX: 0000000000000003 RBX: 0000000000000005 RCX: 0000000000457569
[  108.400800] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000020000000
[  108.408057] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  108.415309] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1cbfebb6d4
[  108.422559] R13: 00000000004c33a8 R14: 00000000004d54c8 R15: 00000000ffffffff
[  108.430901] Kernel Offset: disabled
[  108.434523] Rebooting in 86400 seconds..