Warning: Permanently added '10.128.0.88' (ECDSA) to the list of known hosts. 2018/11/06 22:15:44 parsed 1 programs 2018/11/06 22:15:45 executed programs: 0 syzkaller login: [ 63.574679] IPVS: ftp: loaded support on port[0] = 21 [ 63.822357] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.829844] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.837581] device bridge_slave_0 entered promiscuous mode [ 63.856733] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.863141] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.870251] device bridge_slave_1 entered promiscuous mode [ 63.888542] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 63.908333] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 63.959254] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.980933] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 64.059523] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 64.067441] team0: Port device team_slave_0 added [ 64.084307] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 64.091666] team0: Port device team_slave_1 added [ 64.109097] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 64.128516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 64.147718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 64.169987] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 64.314389] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.321007] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.328233] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.334579] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.853974] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.903666] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 64.953151] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 64.959470] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.967250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.013384] 8021q: adding VLAN 0 to HW filter on device team0 2018/11/06 22:15:50 executed programs: 68 [ 69.228109] vivid-000: kernel_thread() failed [ 69.245757] ================================================================== [ 69.253281] BUG: KASAN: null-ptr-deref in kthread_stop+0x10d/0x900 [ 69.259598] Write of size 4 at addr 000000000000001c by task syz-executor0/6331 [ 69.267023] [ 69.268638] CPU: 1 PID: 6331 Comm: syz-executor0 Not tainted 4.20.0-rc1+ #101 [ 69.275892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.285228] Call Trace: [ 69.287803] dump_stack+0x244/0x39d [ 69.291427] ? dump_stack_print_info.cold.1+0x20/0x20 [ 69.296616] ? vprintk_func+0x85/0x181 [ 69.300500] kasan_report.cold.8+0x6d/0x309 [ 69.304808] ? kthread_stop+0x10d/0x900 [ 69.308774] check_memory_region+0x13e/0x1b0 [ 69.313190] kasan_check_write+0x14/0x20 [ 69.317246] kthread_stop+0x10d/0x900 [ 69.321030] ? kthread_unpark+0x160/0x160 [ 69.325168] ? __lock_is_held+0xb5/0x140 [ 69.329228] vivid_stop_generating_vid_cap+0x2bb/0x9ae [ 69.334495] ? vivid_start_generating_vid_cap+0x4c0/0x4c0 [ 69.340022] ? _vb2_fop_release+0x3f/0x2b0 [ 69.344245] ? mutex_trylock+0x2b0/0x2b0 [ 69.348288] ? vivid_fop_release+0x66/0x440 [ 69.352882] ? __mutex_lock+0x85e/0x16f0 [ 69.356941] vid_cap_stop_streaming+0x8d/0xe0 [ 69.361452] ? vid_cap_buf_queue+0x310/0x310 [ 69.365844] __vb2_queue_cancel+0x171/0xd20 [ 69.370153] ? lock_downgrade+0x900/0x900 [ 69.374319] ? vb2_buffer_done+0xb90/0xb90 [ 69.378549] ? find_held_lock+0x36/0x1c0 [ 69.382597] ? mark_held_locks+0xc7/0x130 [ 69.386753] ? kasan_check_write+0x14/0x20 [ 69.390980] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 69.395892] ? kasan_check_read+0x11/0x20 [ 69.400029] ? wait_for_completion+0x8a0/0x8a0 [ 69.404599] ? trace_hardirqs_off_caller+0x310/0x310 [ 69.409688] ? vfs_lock_file+0xe0/0xe0 [ 69.413563] vb2_core_streamoff+0x60/0x140 [ 69.417784] __vb2_cleanup_fileio+0x73/0x160 [ 69.422181] vb2_core_queue_release+0x1e/0x80 [ 69.426663] _vb2_fop_release+0x1d2/0x2b0 [ 69.430798] vb2_fop_release+0x77/0xc0 [ 69.434678] vivid_fop_release+0x18e/0x440 [ 69.438908] ? vivid_remove+0x460/0x460 [ 69.442864] v4l2_release+0x224/0x3a0 [ 69.446652] ? dev_debug_store+0x140/0x140 [ 69.450868] __fput+0x385/0xa30 [ 69.454137] ? get_max_files+0x20/0x20 [ 69.458009] ? trace_hardirqs_on+0xbd/0x310 [ 69.462317] ? kasan_check_read+0x11/0x20 [ 69.466450] ? task_work_run+0x1af/0x2a0 [ 69.470511] ? trace_hardirqs_off_caller+0x310/0x310 [ 69.475604] ? filp_close+0x1cd/0x250 [ 69.479412] ____fput+0x15/0x20 [ 69.482677] task_work_run+0x1e8/0x2a0 [ 69.486551] ? task_work_cancel+0x240/0x240 [ 69.490867] ? copy_fd_bitmaps+0x210/0x210 [ 69.495089] ? do_syscall_64+0x9a/0x820 [ 69.499051] exit_to_usermode_loop+0x318/0x380 [ 69.503616] ? __bpf_trace_sys_exit+0x30/0x30 [ 69.508099] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 69.513622] do_syscall_64+0x6be/0x820 [ 69.517634] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 69.522986] ? syscall_return_slowpath+0x5e0/0x5e0 [ 69.527967] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 69.532795] ? trace_hardirqs_on_caller+0x310/0x310 [ 69.537796] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 69.542799] ? prepare_exit_to_usermode+0x291/0x3b0 [ 69.547800] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 69.552634] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 69.557811] RIP: 0033:0x411021 [ 69.561002] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 69.579887] RSP: 002b:00007ffea0cefe40 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 69.587578] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000411021 [ 69.594833] RDX: 0000000000000000 RSI: 00000000007307c8 RDI: 0000000000000003 [ 69.602086] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 69.609357] R10: 00007ffea0cefd60 R11: 0000000000000293 R12: 0000000000000000 [ 69.616618] R13: 0000000000000001 R14: 0000000000000053 R15: 0000000000000000 [ 69.623898] ================================================================== [ 69.631237] Disabling lock debugging due to kernel taint [ 69.637980] Kernel panic - not syncing: panic_on_warn set ... [ 69.643866] CPU: 1 PID: 6331 Comm: syz-executor0 Tainted: G B 4.20.0-rc1+ #101 [ 69.652507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.661837] Call Trace: [ 69.664412] dump_stack+0x244/0x39d [ 69.668023] ? dump_stack_print_info.cold.1+0x20/0x20 [ 69.673207] panic+0x2ad/0x55c [ 69.676400] ? add_taint.cold.5+0x16/0x16 [ 69.680536] ? preempt_schedule+0x4d/0x60 [ 69.684690] ? ___preempt_schedule+0x16/0x18 [ 69.689095] ? trace_hardirqs_on+0xb4/0x310 [ 69.693404] kasan_end_report+0x47/0x4f [ 69.697376] kasan_report.cold.8+0x76/0x309 [ 69.701716] ? kthread_stop+0x10d/0x900 [ 69.705682] check_memory_region+0x13e/0x1b0 [ 69.710084] kasan_check_write+0x14/0x20 [ 69.714130] kthread_stop+0x10d/0x900 [ 69.717938] ? kthread_unpark+0x160/0x160 [ 69.722077] ? __lock_is_held+0xb5/0x140 [ 69.726131] vivid_stop_generating_vid_cap+0x2bb/0x9ae [ 69.731395] ? vivid_start_generating_vid_cap+0x4c0/0x4c0 [ 69.736930] ? _vb2_fop_release+0x3f/0x2b0 [ 69.741159] ? mutex_trylock+0x2b0/0x2b0 [ 69.745200] ? vivid_fop_release+0x66/0x440 [ 69.749505] ? __mutex_lock+0x85e/0x16f0 [ 69.753552] vid_cap_stop_streaming+0x8d/0xe0 [ 69.758043] ? vid_cap_buf_queue+0x310/0x310 [ 69.762441] __vb2_queue_cancel+0x171/0xd20 [ 69.766755] ? lock_downgrade+0x900/0x900 [ 69.770894] ? vb2_buffer_done+0xb90/0xb90 [ 69.775114] ? find_held_lock+0x36/0x1c0 [ 69.779159] ? mark_held_locks+0xc7/0x130 [ 69.783296] ? kasan_check_write+0x14/0x20 [ 69.787516] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 69.792429] ? kasan_check_read+0x11/0x20 [ 69.796565] ? wait_for_completion+0x8a0/0x8a0 [ 69.801153] ? trace_hardirqs_off_caller+0x310/0x310 [ 69.806241] ? vfs_lock_file+0xe0/0xe0 [ 69.810125] vb2_core_streamoff+0x60/0x140 [ 69.814345] __vb2_cleanup_fileio+0x73/0x160 [ 69.818735] vb2_core_queue_release+0x1e/0x80 [ 69.823214] _vb2_fop_release+0x1d2/0x2b0 [ 69.827343] vb2_fop_release+0x77/0xc0 [ 69.831218] vivid_fop_release+0x18e/0x440 [ 69.835436] ? vivid_remove+0x460/0x460 [ 69.839397] v4l2_release+0x224/0x3a0 [ 69.843187] ? dev_debug_store+0x140/0x140 [ 69.847412] __fput+0x385/0xa30 [ 69.850674] ? get_max_files+0x20/0x20 [ 69.854548] ? trace_hardirqs_on+0xbd/0x310 [ 69.858854] ? kasan_check_read+0x11/0x20 [ 69.862983] ? task_work_run+0x1af/0x2a0 [ 69.867029] ? trace_hardirqs_off_caller+0x310/0x310 [ 69.872116] ? filp_close+0x1cd/0x250 [ 69.875903] ____fput+0x15/0x20 [ 69.879188] task_work_run+0x1e8/0x2a0 [ 69.883069] ? task_work_cancel+0x240/0x240 [ 69.887389] ? copy_fd_bitmaps+0x210/0x210 [ 69.891607] ? do_syscall_64+0x9a/0x820 [ 69.895563] exit_to_usermode_loop+0x318/0x380 [ 69.900130] ? __bpf_trace_sys_exit+0x30/0x30 [ 69.904608] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 69.910129] do_syscall_64+0x6be/0x820 [ 69.914004] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 69.919351] ? syscall_return_slowpath+0x5e0/0x5e0 [ 69.924264] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 69.929095] ? trace_hardirqs_on_caller+0x310/0x310 [ 69.934093] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 69.939094] ? prepare_exit_to_usermode+0x291/0x3b0 [ 69.944094] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 69.948933] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 69.954104] RIP: 0033:0x411021 [ 69.957289] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 69.976189] RSP: 002b:00007ffea0cefe40 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 69.983878] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000411021 [ 69.991145] RDX: 0000000000000000 RSI: 00000000007307c8 RDI: 0000000000000003 [ 69.998400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 70.005651] R10: 00007ffea0cefd60 R11: 0000000000000293 R12: 0000000000000000 [ 70.012929] R13: 0000000000000001 R14: 0000000000000053 R15: 0000000000000000 [ 70.021270] Kernel Offset: disabled [ 70.024891] Rebooting in 86400 seconds..