DUID 00:04:4b:a6:d8:97:08:21:27:2e:fd:cf:3e:39:f6:c0:7f:1f forked to background, child pid 3209 [ 40.701553][ T3210] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.719022][ T3210] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.202' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 67.421706][ T3630] ------------[ cut here ]------------ [ 67.427626][ T3630] get_vaddr_frames() cannot follow VM_IO mapping [ 67.428110][ T3630] WARNING: CPU: 1 PID: 3630 at drivers/media/common/videobuf2/frame_vector.c:59 get_vaddr_frames+0x1db/0x220 [ 67.446080][ T3630] Modules linked in: [ 67.449978][ T3630] CPU: 1 PID: 3630 Comm: syz-executor301 Not tainted 6.1.20-syzkaller #0 [ 67.458542][ T3630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 67.468680][ T3630] RIP: 0010:get_vaddr_frames+0x1db/0x220 [ 67.474399][ T3630] Code: 8c 1a ff ff ff 4c 89 e7 e8 e2 a6 cd fa e9 0d ff ff ff e8 e8 41 77 fa c6 05 0a e1 2b 07 01 48 c7 c7 20 df a7 8b e8 55 8a 3f fa <0f> 0b e9 4a ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 1e ff [ 67.494170][ T3630] RSP: 0018:ffffc90003d8f4a8 EFLAGS: 00010246 [ 67.501140][ T3630] RAX: 81ff0a355b45b700 RBX: 1ffff92001700000 RCX: ffff88801f7f0000 [ 67.509188][ T3630] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 67.517219][ T3630] RBP: 0000000000080000 R08: ffffffff8152ac2e R09: ffffed1017324f1c [ 67.525245][ T3630] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc9000b800004 [ 67.533278][ T3630] R13: dffffc0000000000 R14: 0000000000000000 R15: 00000000fffffff2 [ 67.541266][ T3630] FS: 0000555557203300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 67.550342][ T3630] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 67.556973][ T3630] CR2: 0000000020000140 CR3: 000000007ca38000 CR4: 00000000003506e0 [ 67.565007][ T3630] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 67.573039][ T3630] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 67.581016][ T3630] Call Trace: [ 67.584354][ T3630] <TASK> [ 67.587404][ T3630] vb2_create_framevec+0x4a/0xb0 [ 67.592407][ T3630] vb2_vmalloc_get_userptr+0xe7/0x400 [ 67.597851][ T3630] ? __fill_vb2_buffer+0x451/0x4b0 [ 67.603038][ T3630] ? vb2_vmalloc_get_dmabuf+0x250/0x250 [ 67.608602][ T3630] __buf_prepare+0xc22/0x4460 [ 67.613391][ T3630] ? vb2_core_prepare_buf+0x300/0x300 [ 67.618810][ T3630] ? unwind_next_frame+0x1a3f/0x2220 [ 67.624198][ T3630] ? deref_stack_reg+0x17c/0x210 [ 67.629163][ T3630] ? preempt_count_add+0x8f/0x180 [ 67.634498][ T3630] ? unwind_next_frame+0x1a3f/0x2220 [ 67.639810][ T3630] ? stack_trace_save+0x1c0/0x1c0 [ 67.644904][ T3630] ? is_bpf_text_address+0x24f/0x260 [ 67.650322][ T3630] ? is_module_text_address+0x20/0x160 [ 67.655864][ T3630] ? stack_trace_save+0x1c0/0x1c0 [ 67.660965][ T3630] ? kernel_text_address+0x9f/0xd0 [ 67.666233][ T3630] ? __kernel_text_address+0x9/0x40 [ 67.671469][ T3630] ? mark_lock+0x9a/0x340 [ 67.675864][ T3630] ? __lock_acquire+0x125b/0x1f80 [ 67.680970][ T3630] vb2_core_qbuf+0x2b4/0x1360 [ 67.685726][ T3630] vb2_qbuf+0x184/0x240 [ 67.689924][ T3630] ? __video_do_ioctl+0x505/0xe30 [ 67.695046][ T3630] ? vb2_create_bufs+0x1120/0x1120 [ 67.700367][ T3630] ? __might_fault+0xb6/0x110 [ 67.705197][ T3630] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 67.711216][ T3630] v4l2_m2m_qbuf+0x1e0/0x7a0 [ 67.715880][ T3630] ? v4l_qbuf+0x68/0xc0 [ 67.720077][ T3630] __video_do_ioctl+0xa3a/0xe30 [ 67.725022][ T3630] ? video_ioctl2+0x30/0x30 [ 67.729553][ T3630] ? __might_fault+0xb2/0x110 [ 67.734320][ T3630] video_usercopy+0xa79/0x10c0 [ 67.739133][ T3630] ? video_ioctl2+0x30/0x30 [ 67.743738][ T3630] ? v4l_printk_ioctl+0x130/0x130 [ 67.748842][ T3630] ? print_irqtrace_events+0x210/0x210 [ 67.754412][ T3630] ? print_irqtrace_events+0x210/0x210 [ 67.759918][ T3630] v4l2_ioctl+0x181/0x1d0 [ 67.764320][ T3630] ? v4l2_poll+0x2a0/0x2a0 [ 67.768787][ T3630] __se_sys_ioctl+0xf1/0x160 [ 67.773450][ T3630] do_syscall_64+0x3d/0xb0 [ 67.777926][ T3630] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 67.783975][ T3630] RIP: 0033:0x7f53df035119 [ 67.788412][ T3630] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 67.808087][ T3630] RSP: 002b:00007fffe336bd38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 67.817799][ T3630] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f53df035119 [ 67.825866][ T3630] RDX: 0000000020000180 RSI: 00000000c058560f RDI: 0000000000000003 [ 67.833909][ T3630] RBP: 00007f53deff9100 R08: 0000000000000000 R09: 0000000000000000 [ 67.841927][ T3630] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f53deff9190 [ 67.850079][ T3630] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 67.858136][ T3630] </TASK> [ 67.861164][ T3630] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 67.868457][ T3630] CPU: 1 PID: 3630 Comm: syz-executor301 Not tainted 6.1.20-syzkaller #0 [ 67.876900][ T3630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 67.886962][ T3630] Call Trace: [ 67.890248][ T3630] <TASK> [ 67.893190][ T3630] dump_stack_lvl+0x1e3/0x2cb [ 67.897885][ T3630] ? nf_tcp_handle_invalid+0x642/0x642 [ 67.903376][ T3630] ? panic+0x75d/0x75d [ 67.907476][ T3630] ? vscnprintf+0x59/0x80 [ 67.911815][ T3630] panic+0x318/0x75d [ 67.915741][ T3630] ? __warn+0x168/0x600 [ 67.920013][ T3630] ? memcpy_page_flushcache+0xfc/0xfc [ 67.925419][ T3630] __warn+0x430/0x600 [ 67.929415][ T3630] ? get_vaddr_frames+0x1db/0x220 [ 67.934471][ T3630] report_bug+0x2af/0x500 [ 67.938817][ T3630] ? get_vaddr_frames+0x1db/0x220 [ 67.943861][ T3630] handle_bug+0x3d/0x70 [ 67.948027][ T3630] exc_invalid_op+0x16/0x40 [ 67.952557][ T3630] asm_exc_invalid_op+0x16/0x20 [ 67.957419][ T3630] RIP: 0010:get_vaddr_frames+0x1db/0x220 [ 67.963068][ T3630] Code: 8c 1a ff ff ff 4c 89 e7 e8 e2 a6 cd fa e9 0d ff ff ff e8 e8 41 77 fa c6 05 0a e1 2b 07 01 48 c7 c7 20 df a7 8b e8 55 8a 3f fa <0f> 0b e9 4a ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 1e ff [ 67.983033][ T3630] RSP: 0018:ffffc90003d8f4a8 EFLAGS: 00010246 [ 67.989214][ T3630] RAX: 81ff0a355b45b700 RBX: 1ffff92001700000 RCX: ffff88801f7f0000 [ 67.997199][ T3630] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 68.005177][ T3630] RBP: 0000000000080000 R08: ffffffff8152ac2e R09: ffffed1017324f1c [ 68.013172][ T3630] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc9000b800004 [ 68.021150][ T3630] R13: dffffc0000000000 R14: 0000000000000000 R15: 00000000fffffff2 [ 68.029138][ T3630] ? __warn_printk+0x28e/0x350 [ 68.033924][ T3630] ? get_vaddr_frames+0x1db/0x220 [ 68.038968][ T3630] vb2_create_framevec+0x4a/0xb0 [ 68.043940][ T3630] vb2_vmalloc_get_userptr+0xe7/0x400 [ 68.049327][ T3630] ? __fill_vb2_buffer+0x451/0x4b0 [ 68.054471][ T3630] ? vb2_vmalloc_get_dmabuf+0x250/0x250 [ 68.060028][ T3630] __buf_prepare+0xc22/0x4460 [ 68.064762][ T3630] ? vb2_core_prepare_buf+0x300/0x300 [ 68.070160][ T3630] ? unwind_next_frame+0x1a3f/0x2220 [ 68.075457][ T3630] ? deref_stack_reg+0x17c/0x210 [ 68.080415][ T3630] ? preempt_count_add+0x8f/0x180 [ 68.085456][ T3630] ? unwind_next_frame+0x1a3f/0x2220 [ 68.090758][ T3630] ? stack_trace_save+0x1c0/0x1c0 [ 68.095807][ T3630] ? is_bpf_text_address+0x24f/0x260 [ 68.101107][ T3630] ? is_module_text_address+0x20/0x160 [ 68.106580][ T3630] ? stack_trace_save+0x1c0/0x1c0 [ 68.111664][ T3630] ? kernel_text_address+0x9f/0xd0 [ 68.116795][ T3630] ? __kernel_text_address+0x9/0x40 [ 68.122106][ T3630] ? mark_lock+0x9a/0x340 [ 68.126538][ T3630] ? __lock_acquire+0x125b/0x1f80 [ 68.131812][ T3630] vb2_core_qbuf+0x2b4/0x1360 [ 68.136787][ T3630] vb2_qbuf+0x184/0x240 [ 68.140956][ T3630] ? __video_do_ioctl+0x505/0xe30 [ 68.145991][ T3630] ? vb2_create_bufs+0x1120/0x1120 [ 68.151478][ T3630] ? __might_fault+0xb6/0x110 [ 68.156345][ T3630] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 68.162373][ T3630] v4l2_m2m_qbuf+0x1e0/0x7a0 [ 68.167330][ T3630] ? v4l_qbuf+0x68/0xc0 [ 68.171509][ T3630] __video_do_ioctl+0xa3a/0xe30 [ 68.176385][ T3630] ? video_ioctl2+0x30/0x30 [ 68.180900][ T3630] ? __might_fault+0xb2/0x110 [ 68.185627][ T3630] video_usercopy+0xa79/0x10c0 [ 68.190409][ T3630] ? video_ioctl2+0x30/0x30 [ 68.194921][ T3630] ? v4l_printk_ioctl+0x130/0x130 [ 68.199977][ T3630] ? print_irqtrace_events+0x210/0x210 [ 68.205463][ T3630] ? print_irqtrace_events+0x210/0x210 [ 68.210957][ T3630] v4l2_ioctl+0x181/0x1d0 [ 68.215310][ T3630] ? v4l2_poll+0x2a0/0x2a0 [ 68.219748][ T3630] __se_sys_ioctl+0xf1/0x160 [ 68.224378][ T3630] do_syscall_64+0x3d/0xb0 [ 68.228827][ T3630] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 68.234744][ T3630] RIP: 0033:0x7f53df035119 [ 68.239173][ T3630] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 68.258790][ T3630] RSP: 002b:00007fffe336bd38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 68.267227][ T3630] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f53df035119 [ 68.275205][ T3630] RDX: 0000000020000180 RSI: 00000000c058560f RDI: 0000000000000003 [ 68.283201][ T3630] RBP: 00007f53deff9100 R08: 0000000000000000 R09: 0000000000000000 [ 68.291177][ T3630] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f53deff9190 [ 68.299165][ T3630] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 68.307157][ T3630] </TASK> [ 68.310402][ T3630] Kernel Offset: disabled [ 68.314815][ T3630] Rebooting in 86400 seconds..