[ 393.965323] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 393.972818] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 393.981353] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 393.990459] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 394.000373] device bridge_slave_1 left promiscuous mode [ 394.007526] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.065970] device bridge_slave_0 left promiscuous mode [ 394.072829] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.126874] device veth1_macvtap left promiscuous mode [ 394.133007] device veth0_macvtap left promiscuous mode [ 394.138652] device veth1_vlan left promiscuous mode [ 394.144504] device veth0_vlan left promiscuous mode [ 394.243526] device hsr_slave_1 left promiscuous mode [ 394.284097] device hsr_slave_0 left promiscuous mode [ 394.328309] team0 (unregistering): Port device team_slave_1 removed [ 394.338658] team0 (unregistering): Port device team_slave_0 removed [ 394.349000] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 394.385623] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 394.438108] bond0 (unregistering): Released all slaves Warning: Permanently added '10.128.10.20' (ECDSA) to the list of known hosts. [ 400.344753] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 400.353091] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 400.362549] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 400.369499] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 400.378126] device bridge_slave_1 left promiscuous mode [ 400.384354] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.411986] device bridge_slave_0 left promiscuous mode [ 400.418707] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.474223] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 400.481479] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 400.489159] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 400.496763] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 400.505900] device bridge_slave_1 left promiscuous mode [ 400.512515] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.552527] device bridge_slave_0 left promiscuous mode [ 400.564458] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.614214] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 400.623751] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 400.636743] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 400.647455] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 400.658690] device bridge_slave_1 left promiscuous mode [ 400.669457] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.705184] device bridge_slave_0 left promiscuous mode [ 400.711203] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.753994] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 400.761252] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 400.770552] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 400.780007] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 400.789013] device bridge_slave_1 left promiscuous mode [ 400.795840] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.853083] device bridge_slave_0 left promiscuous mode [ 400.859119] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.904542] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 400.912133] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 400.920802] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 400.928255] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 400.937831] device bridge_slave_1 left promiscuous mode [ 400.943562] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.982197] device bridge_slave_0 left promiscuous mode [ 400.988462] bridge0: port 1(bridge_slave_0) entered disabled state [ 401.016019] device veth1_macvtap left promiscuous mode [ 401.023326] device veth0_macvtap left promiscuous mode [ 401.028884] device veth1_vlan left promiscuous mode [ 401.035528] device veth0_vlan left promiscuous mode [ 401.042232] device veth1_macvtap left promiscuous mode [ 401.047870] device veth0_macvtap left promiscuous mode [ 401.055357] device veth1_vlan left promiscuous mode [ 401.061022] device veth0_vlan left promiscuous mode [ 401.068719] device veth1_macvtap left promiscuous mode [ 401.075111] device veth0_macvtap left promiscuous mode [ 401.081009] device veth1_vlan left promiscuous mode [ 401.087539] device veth0_vlan left promiscuous mode [ 401.093811] device veth1_macvtap left promiscuous mode [ 401.099328] device veth0_macvtap left promiscuous mode [ 401.105799] device veth1_vlan left promiscuous mode [ 401.110881] device veth0_vlan left promiscuous mode [ 401.118189] device veth1_macvtap left promiscuous mode [ 401.124810] device veth0_macvtap left promiscuous mode [ 401.130434] device veth1_vlan left promiscuous mode [ 401.136823] device veth0_vlan left promiscuous mode [ 401.231150] kasan: CONFIG_KASAN_INLINE enabled [ 401.236502] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 401.248436] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 401.255263] Modules linked in: [ 401.258938] CPU: 1 PID: 10181 Comm: syz-executor295 Not tainted 4.14.221-syzkaller #0 [ 401.267427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.277726] task: ffff8881f375a000 task.stack: ffff8881db640000 [ 401.284632] RIP: 0010:vgem_fence_attach_ioctl+0x2f2/0x6d0 [ 401.290693] RSP: 0018:ffff8881db647b40 EFLAGS: 00010202 [ 401.296050] RAX: dffffc0000000000 RBX: ffff8881d6d4ed40 RCX: 0000000000000000 [ 401.303656] RDX: 000000000000001c RSI: 0000000000000001 RDI: 00000000000000e0 [ 401.311131] RBP: ffff8881db647be8 R08: 0000000000000001 R09: 0000000000000000 [ 401.318512] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881d11307c0 [ 401.326371] R13: ffff8881e32f3080 R14: ffff8881d11307c4 R15: 0000000000000000 [ 401.334267] FS: 00007fb238487700(0000) GS:ffff8881f6700000(0000) knlGS:0000000000000000 [ 401.343155] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 401.349324] CR2: 00007f73be5fa000 CR3: 00000001e8fcd005 CR4: 00000000001606e0 [ 401.357323] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 401.364951] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 401.372428] Call Trace: [ 401.375001] ? __might_fault+0xf1/0x1b0 [ 401.379383] ? __vgem_fence_idr_fini+0x40/0x40 [ 401.384167] ? __vgem_fence_idr_fini+0x40/0x40 [ 401.388995] drm_ioctl_kernel+0x133/0x1d0 [ 401.393314] ? __vgem_fence_idr_fini+0x40/0x40 [ 401.398153] drm_ioctl+0x417/0x900 [ 401.401773] ? drm_getstats+0x20/0x20 [ 401.405913] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 401.411274] ? debug_check_no_obj_freed+0x2d5/0x890 [ 401.416476] do_vfs_ioctl+0x180/0xfb0 [ 401.420608] ? __fget+0x1a9/0x2f0 [ 401.424131] ? lock_downgrade+0x7f0/0x7f0 [ 401.428262] ? ioctl_preallocate+0x1a0/0x1a0 [ 401.432650] ? __fget+0x1c6/0x2f0 [ 401.436413] ? __fget_light+0x166/0x200 [ 401.440720] SyS_ioctl+0x74/0x80 [ 401.444375] ? do_vfs_ioctl+0xfb0/0xfb0 [ 401.448623] do_syscall_64+0x1c7/0x5b0 [ 401.452751] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.457847] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 401.463277] RIP: 0033:0x449e69 [ 401.466445] RSP: 002b:00007fb238487308 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 401.474481] RAX: ffffffffffffffda RBX: 00000000004ca428 RCX: 0000000000449e69 [ 401.482093] RDX: 0000000020000140 RSI: 00000000c10c5541 RDI: 0000000000000004 [ 401.489689] RBP: 00000000004ca420 R08: 0000000000000000 R09: 0000000000000000 [ 401.497723] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ca42c [ 401.505365] R13: 000000000049a064 R14: 6972642f7665642f R15: 0000000000022000 [ 401.513162] Code: ea 03 80 3c 02 00 0f 85 93 03 00 00 4d 8b bd 18 01 00 00 48 b8 00 00 00 00 00 fc ff df 49 8d bf e0 00 00 00 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 8f 03 00 00 49 8b 87 e0 00 00 00 4c 89 f2 48 [ 401.533136] RIP: vgem_fence_attach_ioctl+0x2f2/0x6d0 RSP: ffff8881db647b40 [ 401.552526] ---[ end trace 49208009dc0b3ec6 ]--- [ 401.557852] Kernel panic - not syncing: Fatal exception [ 401.565793] Kernel Offset: disabled [ 401.569433] Rebooting in 86400 seconds..