Warning: Permanently added '10.128.0.121' (ECDSA) to the list of known hosts. 2018/11/07 08:13:10 parsed 1 programs 2018/11/07 08:13:11 executed programs: 0 syzkaller login: [ 58.792082] IPVS: ftp: loaded support on port[0] = 21 [ 59.033959] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.041042] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.048383] device bridge_slave_0 entered promiscuous mode [ 59.066298] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.072695] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.079885] device bridge_slave_1 entered promiscuous mode [ 59.098340] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 59.115565] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 59.163184] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 59.183171] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 59.258349] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 59.265599] team0: Port device team_slave_0 added [ 59.281763] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 59.289178] team0: Port device team_slave_1 added [ 59.307255] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 59.326950] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 59.345773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 59.366314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.507832] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.514251] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.521291] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.527653] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.019956] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.069839] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 60.118698] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 60.124828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.132936] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.178808] 8021q: adding VLAN 0 to HW filter on device team0 2018/11/07 08:13:16 executed programs: 180 [ 63.901338] vivid-000: kernel_thread() failed [ 64.719424] ================================================================== [ 64.726928] BUG: KASAN: null-ptr-deref in kthread_stop+0x10d/0x900 [ 64.733227] Write of size 4 at addr 000000000000001c by task syz-executor0/6827 [ 64.740650] [ 64.742262] CPU: 0 PID: 6827 Comm: syz-executor0 Not tainted 4.20.0-rc1+ #101 [ 64.749529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.758863] Call Trace: [ 64.761437] dump_stack+0x244/0x39d [ 64.765051] ? dump_stack_print_info.cold.1+0x20/0x20 [ 64.770223] ? vprintk_func+0x85/0x181 [ 64.774094] kasan_report.cold.8+0x6d/0x309 [ 64.778410] ? kthread_stop+0x10d/0x900 [ 64.782369] check_memory_region+0x13e/0x1b0 [ 64.786759] kasan_check_write+0x14/0x20 [ 64.790828] kthread_stop+0x10d/0x900 [ 64.794609] ? kthread_unpark+0x160/0x160 [ 64.798747] ? __lock_is_held+0xb5/0x140 [ 64.802803] vivid_stop_generating_vid_cap+0x2bb/0x9ae [ 64.808065] ? vivid_start_generating_vid_cap+0x4c0/0x4c0 [ 64.813583] ? _vb2_fop_release+0x3f/0x2b0 [ 64.817802] ? mutex_trylock+0x2b0/0x2b0 [ 64.821858] ? vivid_fop_release+0x66/0x440 [ 64.826162] ? __mutex_lock+0x85e/0x16f0 [ 64.830214] vid_cap_stop_streaming+0x8d/0xe0 [ 64.834690] ? vid_cap_buf_queue+0x310/0x310 [ 64.839078] __vb2_queue_cancel+0x171/0xd20 [ 64.843385] ? lock_downgrade+0x900/0x900 [ 64.847515] ? vb2_buffer_done+0xb90/0xb90 [ 64.851733] ? find_held_lock+0x36/0x1c0 [ 64.855780] ? mark_held_locks+0xc7/0x130 [ 64.859912] ? kasan_check_write+0x14/0x20 [ 64.864130] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 64.869060] ? kasan_check_read+0x11/0x20 [ 64.873204] ? wait_for_completion+0x8a0/0x8a0 [ 64.877768] ? trace_hardirqs_off_caller+0x310/0x310 [ 64.882857] vb2_core_streamoff+0x60/0x140 [ 64.887078] __vb2_cleanup_fileio+0x73/0x160 [ 64.891481] vb2_core_queue_release+0x1e/0x80 [ 64.895963] _vb2_fop_release+0x1d2/0x2b0 [ 64.900107] vb2_fop_release+0x77/0xc0 [ 64.903980] vivid_fop_release+0x18e/0x440 [ 64.908197] ? vivid_remove+0x460/0x460 [ 64.912154] v4l2_release+0x224/0x3a0 [ 64.915937] ? dev_debug_store+0x140/0x140 [ 64.920153] __fput+0x385/0xa30 [ 64.923421] ? get_max_files+0x20/0x20 [ 64.927303] ? trace_hardirqs_on+0xbd/0x310 [ 64.931606] ? kasan_check_read+0x11/0x20 [ 64.935743] ? task_work_run+0x1af/0x2a0 [ 64.939799] ? trace_hardirqs_off_caller+0x310/0x310 [ 64.944883] ? rcu_softirq_qs+0x20/0x20 [ 64.948841] ? unwind_dump+0x190/0x190 [ 64.952713] ____fput+0x15/0x20 [ 64.955977] task_work_run+0x1e8/0x2a0 [ 64.959869] ? task_work_cancel+0x240/0x240 [ 64.964171] ? unwind_get_return_address+0x61/0xa0 [ 64.969085] get_signal+0x1558/0x1980 [ 64.972887] ? find_held_lock+0x36/0x1c0 [ 64.976930] ? ptrace_notify+0x130/0x130 [ 64.980980] ? compat_poll_select_copy_remaining+0x6c0/0x6c0 [ 64.986765] ? pvclock_read_flags+0x160/0x160 [ 64.991245] ? poll_select_set_timeout+0x19a/0x240 [ 64.996158] ? trace_hardirqs_off_caller+0x310/0x310 [ 65.001244] do_signal+0x9c/0x21c0 [ 65.004767] ? timespec64_add_safe+0x204/0x2f0 [ 65.009334] ? nsec_to_clock_t+0x30/0x30 [ 65.013380] ? setup_sigcontext+0x7d0/0x7d0 [ 65.017688] ? exit_to_usermode_loop+0x8c/0x380 [ 65.022341] ? exit_to_usermode_loop+0x8c/0x380 [ 65.026994] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 65.031556] ? trace_hardirqs_on+0xbd/0x310 [ 65.035860] ? do_syscall_64+0x6be/0x820 [ 65.039913] ? trace_hardirqs_off_caller+0x310/0x310 [ 65.044998] ? do_restart_poll+0x2e0/0x2e0 [ 65.049213] ? nsecs_to_jiffies+0x30/0x30 [ 65.053344] ? do_syscall_64+0x9a/0x820 [ 65.057301] ? do_syscall_64+0x9a/0x820 [ 65.061260] exit_to_usermode_loop+0x2e5/0x380 [ 65.065826] ? __bpf_trace_sys_exit+0x30/0x30 [ 65.070302] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 65.075826] do_syscall_64+0x6be/0x820 [ 65.079697] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 65.085043] ? syscall_return_slowpath+0x5e0/0x5e0 [ 65.089953] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 65.094781] ? trace_hardirqs_on_caller+0x310/0x310 [ 65.099778] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 65.104779] ? prepare_exit_to_usermode+0x291/0x3b0 [ 65.109780] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 65.114615] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 65.119787] RIP: 0033:0x457569 [ 65.122967] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 65.141856] RSP: 002b:00007f08408aac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 65.149556] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 0000000000457569 [ 65.156806] RDX: 0000000000000d90 RSI: 0000000000000001 RDI: 0000000020000180 [ 65.164059] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 65.171326] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f08408ab6d4 [ 65.178579] R13: 00000000004c325e R14: 00000000004d4e10 R15: 00000000ffffffff [ 65.185845] ================================================================== [ 65.193184] Disabling lock debugging due to kernel taint [ 65.199857] Kernel panic - not syncing: panic_on_warn set ... [ 65.205758] CPU: 0 PID: 6827 Comm: syz-executor0 Tainted: G B 4.20.0-rc1+ #101 [ 65.214402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.223738] Call Trace: [ 65.226312] dump_stack+0x244/0x39d [ 65.229925] ? dump_stack_print_info.cold.1+0x20/0x20 [ 65.235102] panic+0x2ad/0x55c [ 65.238279] ? add_taint.cold.5+0x16/0x16 [ 65.242857] ? preempt_schedule+0x4d/0x60 [ 65.247248] ? ___preempt_schedule+0x16/0x18 [ 65.251643] ? trace_hardirqs_on+0xb4/0x310 [ 65.255950] kasan_end_report+0x47/0x4f [ 65.259917] kasan_report.cold.8+0x76/0x309 [ 65.264233] ? kthread_stop+0x10d/0x900 [ 65.268192] check_memory_region+0x13e/0x1b0 [ 65.272582] kasan_check_write+0x14/0x20 [ 65.276631] kthread_stop+0x10d/0x900 [ 65.280412] ? kthread_unpark+0x160/0x160 [ 65.284631] ? __lock_is_held+0xb5/0x140 [ 65.288690] vivid_stop_generating_vid_cap+0x2bb/0x9ae [ 65.293954] ? vivid_start_generating_vid_cap+0x4c0/0x4c0 [ 65.299474] ? _vb2_fop_release+0x3f/0x2b0 [ 65.303700] ? mutex_trylock+0x2b0/0x2b0 [ 65.307747] ? vivid_fop_release+0x66/0x440 [ 65.312052] ? __mutex_lock+0x85e/0x16f0 [ 65.316102] vid_cap_stop_streaming+0x8d/0xe0 [ 65.320580] ? vid_cap_buf_queue+0x310/0x310 [ 65.324979] __vb2_queue_cancel+0x171/0xd20 [ 65.329283] ? lock_downgrade+0x900/0x900 [ 65.333416] ? vb2_buffer_done+0xb90/0xb90 [ 65.337634] ? find_held_lock+0x36/0x1c0 [ 65.341682] ? mark_held_locks+0xc7/0x130 [ 65.345812] ? kasan_check_write+0x14/0x20 [ 65.350029] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 65.354941] ? kasan_check_read+0x11/0x20 [ 65.359070] ? wait_for_completion+0x8a0/0x8a0 [ 65.363645] ? trace_hardirqs_off_caller+0x310/0x310 [ 65.368734] vb2_core_streamoff+0x60/0x140 [ 65.372951] __vb2_cleanup_fileio+0x73/0x160 [ 65.377339] vb2_core_queue_release+0x1e/0x80 [ 65.381819] _vb2_fop_release+0x1d2/0x2b0 [ 65.385953] vb2_fop_release+0x77/0xc0 [ 65.389826] vivid_fop_release+0x18e/0x440 [ 65.394043] ? vivid_remove+0x460/0x460 [ 65.397999] v4l2_release+0x224/0x3a0 [ 65.401780] ? dev_debug_store+0x140/0x140 [ 65.405999] __fput+0x385/0xa30 [ 65.409265] ? get_max_files+0x20/0x20 [ 65.413138] ? trace_hardirqs_on+0xbd/0x310 [ 65.417440] ? kasan_check_read+0x11/0x20 [ 65.421572] ? task_work_run+0x1af/0x2a0 [ 65.425624] ? trace_hardirqs_off_caller+0x310/0x310 [ 65.430710] ? rcu_softirq_qs+0x20/0x20 [ 65.434669] ? unwind_dump+0x190/0x190 [ 65.438539] ____fput+0x15/0x20 [ 65.441800] task_work_run+0x1e8/0x2a0 [ 65.445673] ? task_work_cancel+0x240/0x240 [ 65.449975] ? unwind_get_return_address+0x61/0xa0 [ 65.454887] get_signal+0x1558/0x1980 [ 65.458684] ? find_held_lock+0x36/0x1c0 [ 65.462739] ? ptrace_notify+0x130/0x130 [ 65.466788] ? compat_poll_select_copy_remaining+0x6c0/0x6c0 [ 65.472664] ? pvclock_read_flags+0x160/0x160 [ 65.477139] ? poll_select_set_timeout+0x19a/0x240 [ 65.482050] ? trace_hardirqs_off_caller+0x310/0x310 [ 65.487147] do_signal+0x9c/0x21c0 [ 65.490672] ? timespec64_add_safe+0x204/0x2f0 [ 65.495247] ? nsec_to_clock_t+0x30/0x30 [ 65.499294] ? setup_sigcontext+0x7d0/0x7d0 [ 65.503600] ? exit_to_usermode_loop+0x8c/0x380 [ 65.508249] ? exit_to_usermode_loop+0x8c/0x380 [ 65.512901] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 65.517465] ? trace_hardirqs_on+0xbd/0x310 [ 65.521767] ? do_syscall_64+0x6be/0x820 [ 65.525812] ? trace_hardirqs_off_caller+0x310/0x310 [ 65.530920] ? do_restart_poll+0x2e0/0x2e0 [ 65.535137] ? nsecs_to_jiffies+0x30/0x30 [ 65.539270] ? do_syscall_64+0x9a/0x820 [ 65.543233] ? do_syscall_64+0x9a/0x820 [ 65.547191] exit_to_usermode_loop+0x2e5/0x380 [ 65.551754] ? __bpf_trace_sys_exit+0x30/0x30 [ 65.556244] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 65.561786] do_syscall_64+0x6be/0x820 [ 65.565673] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 65.571020] ? syscall_return_slowpath+0x5e0/0x5e0 [ 65.575942] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 65.580769] ? trace_hardirqs_on_caller+0x310/0x310 [ 65.585768] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 65.590778] ? prepare_exit_to_usermode+0x291/0x3b0 [ 65.595791] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 65.600633] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 65.605803] RIP: 0033:0x457569 [ 65.608981] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 65.627863] RSP: 002b:00007f08408aac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 65.635574] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 0000000000457569 [ 65.642826] RDX: 0000000000000d90 RSI: 0000000000000001 RDI: 0000000020000180 [ 65.650080] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 65.657329] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f08408ab6d4 [ 65.664582] R13: 00000000004c325e R14: 00000000004d4e10 R15: 00000000ffffffff [ 65.672937] Kernel Offset: disabled [ 65.676568] Rebooting in 86400 seconds..