[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   27.911367] kauditd_printk_skb: 7 callbacks suppressed
[   27.911379] audit: type=1800 audit(1542571519.564:29): pid=5852 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   27.937929] audit: type=1800 audit(1542571519.564:30): pid=5852 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.122' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   39.340981] ------------[ cut here ]------------
[   39.345847] kernel BUG at arch/x86/mm/physaddr.c:27!
[   39.350952] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   39.356322] CPU: 0 PID: 6007 Comm: syz-executor386 Not tainted 4.20.0-rc2+ #338
[   39.363748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   39.373110] RIP: 0010:__phys_addr+0xb5/0x120
[   39.377509] Code: 08 4c 89 e3 31 ff 48 d3 eb 48 89 de e8 b4 bb 45 00 48 85 db 75 0f e8 7a ba 45 00 4c 89 e0 5b 41 5c 41 5d 5d c3 e8 6b ba 45 00 <0f> 0b e8 64 ba 45 00 48 c7 c7 10 20 47 89 48 b8 00 00 00 00 00 fc
[   39.396404] RSP: 0018:ffff8881c3567410 EFLAGS: 00010093
[   39.401755] RAX: ffff8881d32b4080 RBX: 0000000000000001 RCX: ffffffff8139cd5c
[   39.409010] RDX: 0000000000000000 RSI: ffffffff8139cd75 RDI: 0000000000000007
[   39.416268] RBP: ffff8881c3567428 R08: ffff8881d32b4080 R09: ffffed103b5c5b67
[   39.423523] R10: ffffed103b5c5b67 R11: ffff8881dae2db3b R12: 0000408005dd6000
[   39.430789] R13: 0000000000000000 R14: 0000000000000010 R15: ffff8881c3567ab8
[   39.438056] FS:  0000000001f9e880(0000) GS:ffff8881dae00000(0000) knlGS:0000000000000000
[   39.446269] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   39.452139] CR2: 00000000203e8008 CR3: 00000001c24cd000 CR4: 00000000001406f0
[   39.459396] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   39.466655] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   39.473910] Call Trace:
[   39.476485]  ? vivid_vid_cap_s_selection+0x2c31/0x38e0
[   39.481749]  kfree+0x7b/0x230
[   39.484838]  vivid_vid_cap_s_selection+0x2c31/0x38e0
[   39.489929]  ? vivid_vid_cap_g_selection+0x950/0x950
[   39.495035]  ? lock_downgrade+0x900/0x900
[   39.499169]  ? check_preemption_disabled+0x48/0x280
[   39.504171]  ? zap_class+0x640/0x640
[   39.507875]  ? rcu_read_unlock_special+0x1c0/0x1c0
[   39.512787]  ? print_usage_bug+0xc0/0xc0
[   39.516834]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   39.522355]  ? v4l2_prio_max+0x28f/0x350
[   39.526405]  vidioc_s_selection+0xa4/0xc0
[   39.530538]  v4l_s_selection+0xba/0x140
[   39.534500]  __video_do_ioctl+0x8b1/0x1050
[   39.538723]  ? v4l_s_fmt+0x990/0x990
[   39.542427]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   39.547950]  video_usercopy+0x5c1/0x1760
[   39.551999]  ? v4l_s_fmt+0x990/0x990
[   39.555700]  ? v4l_enumstd+0x70/0x70
[   39.559394]  ? unwind_dump+0x190/0x190
[   39.563272]  ? is_bpf_text_address+0xd3/0x170
[   39.567752]  ? kernel_text_address+0x79/0xf0
[   39.572159]  ? __kernel_text_address+0xd/0x40
[   39.576651]  ? unwind_get_return_address+0x61/0xa0
[   39.581568]  ? __save_stack_trace+0x8d/0xf0
[   39.585884]  ? save_stack+0xa9/0xd0
[   39.589493]  ? save_stack+0x43/0xd0
[   39.593102]  ? __kasan_slab_free+0x102/0x150
[   39.597497]  ? kasan_slab_free+0xe/0x10
[   39.601471]  ? kmem_cache_free+0x83/0x290
[   39.605601]  ? putname+0xf2/0x130
[   39.609036]  ? do_sys_open+0x54d/0x700
[   39.612915]  ? trace_hardirqs_off+0xb8/0x310
[   39.617304]  ? kasan_check_read+0x11/0x20
[   39.621437]  ? do_raw_spin_unlock+0xa7/0x330
[   39.625832]  ? trace_hardirqs_on+0x310/0x310
[   39.630226]  ? video_usercopy+0x1760/0x1760
[   39.634533]  video_ioctl2+0x2c/0x33
[   39.638144]  v4l2_ioctl+0x154/0x1b0
[   39.641754]  ? video_devdata+0xa0/0xa0
[   39.645625]  do_vfs_ioctl+0x1de/0x1790
[   39.649499]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[   39.655021]  ? ioctl_preallocate+0x300/0x300
[   39.659416]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   39.664941]  ? __fget_light+0x2e9/0x430
[   39.668901]  ? fget_raw+0x20/0x20
[   39.672349]  ? putname+0xf2/0x130
[   39.675785]  ? rcu_read_lock_sched_held+0x14f/0x180
[   39.680804]  ? kmem_cache_free+0x24f/0x290
[   39.685022]  ? putname+0xf7/0x130
[   39.688458]  ? do_syscall_64+0x9a/0x820
[   39.692417]  ? do_syscall_64+0x9a/0x820
[   39.696375]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[   39.700943]  ? security_file_ioctl+0x94/0xc0
[   39.705337]  ksys_ioctl+0xa9/0xd0
[   39.708772]  __x64_sys_ioctl+0x73/0xb0
[   39.712645]  do_syscall_64+0x1b9/0x820
[   39.716520]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   39.721877]  ? syscall_return_slowpath+0x5e0/0x5e0
[   39.726790]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   39.731644]  ? trace_hardirqs_on_caller+0x310/0x310
[   39.736648]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   39.741661]  ? prepare_exit_to_usermode+0x291/0x3b0
[   39.746680]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   39.751514]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   39.756685] RIP: 0033:0x4442c9
[   39.759869] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b d8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   39.778777] RSP: 002b:00007fff0d831768 EFLAGS: 00000207 ORIG_RAX: 0000000000000010
[   39.786499] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 00000000004442c9
[   39.793757] RDX: 0000000020000000 RSI: 00000000c040565f RDI: 0000000000000005
[   39.801010] RBP: 00000000006ce018 R08: 00000000004002e0 R09: 00000000004002e0
[   39.808262] R10: 0000000000000000 R11: 0000000000000207 R12: 0000000000401fd0
[   39.815516] R13: 0000000000402060 R14: 0000000000000000 R15: 0000000000000000
[   39.822773] Modules linked in:
[   39.825955] ---[ end trace 57f6f02b74dd3e8e ]---
[   39.830712] RIP: 0010:__phys_addr+0xb5/0x120
[   39.835108] Code: 08 4c 89 e3 31 ff 48 d3 eb 48 89 de e8 b4 bb 45 00 48 85 db 75 0f e8 7a ba 45 00 4c 89 e0 5b 41 5c 41 5d 5d c3 e8 6b ba 45 00 <0f> 0b e8 64 ba 45 00 48 c7 c7 10 20 47 89 48 b8 00 00 00 00 00 fc
[   39.854015] RSP: 0018:ffff8881c3567410 EFLAGS: 00010093
[   39.859360] RAX: ffff8881d32b4080 RBX: 0000000000000001 RCX: ffffffff8139cd5c
[   39.866612] RDX: 0000000000000000 RSI: ffffffff8139cd75 RDI: 0000000000000007
[   39.873873] RBP: ffff8881c3567428 R08: ffff8881d32b4080 R09: ffffed103b5c5b67
[   39.881135] R10: ffffed103b5c5b67 R11: ffff8881dae2db3b R12: 0000408005dd6000
[   39.888388] R13: 0000000000000000 R14: 0000000000000010 R15: ffff8881c3567ab8
[   39.895665] FS:  0000000001f9e880(0000) GS:ffff8881dae00000(0000) knlGS:0000000000000000
[   39.903885] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   39.909749] CR2: 00000000203e8008 CR3: 00000001c24cd000 CR4: 00000000001406f0
[   39.917002] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   39.924260] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   39.931515] Kernel panic - not syncing: Fatal exception
[   39.937811] Kernel Offset: disabled
[   39.941439] Rebooting in 86400 seconds..