Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.15.199' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 53.424536][ T6524] BUG: unable to handle page fault for address: ffff888001000030 [ 53.424548][ T6524] #PF: supervisor write access in kernel mode [ 53.424553][ T6524] #PF: error_code(0x0003) - permissions violation [ 53.424560][ T6524] PGD 11201067 P4D 11201067 PUD 11202067 PMD 80000000010001e1 [ 53.424578][ T6524] Oops: 0003 [#1] PREEMPT SMP KASAN [ 53.424588][ T6524] CPU: 0 PID: 6524 Comm: syz-executor260 Not tainted 5.16.0-rc4-syzkaller #0 [ 53.424598][ T6524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.424604][ T6524] RIP: 0010:bitfill_aligned+0x1d2/0x270 [ 53.424624][ T6524] Code: 39 1b fd eb 09 e8 3e 39 1b fd 48 83 c3 40 31 ff 89 ee e8 41 3d 1b fd 85 ed 74 2c 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 ff cd <4c> 89 33 85 ed 74 0b 48 83 c3 08 e8 0e 39 1b fd eb ec e8 07 39 1b [ 53.424632][ T6524] RSP: 0018:ffffc90002b4ee38 EFLAGS: 00010202 [ 53.424640][ T6524] RAX: 0000000000000000 RBX: ffff888001000030 RCX: ffff888020209d00 [ 53.424647][ T6524] RDX: ffff888020209d00 RSI: 0000000000000002 RDI: 0000000000000000 [ 53.424653][ T6524] RBP: 0000000000000001 R08: ffffffff84695e4f R09: 0000000000000040 [ 53.424659][ T6524] R10: 0000000000000002 R11: ffff888020209d00 R12: ffffffffffffffff [ 53.424665][ T6524] R13: 0000000000000080 R14: 0000000000000000 R15: 0000000000000000 [ 53.424671][ T6524] FS: 0000555555c14300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 53.424679][ T6524] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 53.424686][ T6524] CR2: ffff888001000030 CR3: 00000000708fb000 CR4: 00000000003506f0 [ 53.424695][ T6524] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 53.424700][ T6524] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 53.424706][ T6524] Call Trace: [ 53.424710][ T6524] [ 53.424716][ T6524] ? bitfill_aligned_rev+0x270/0x270 [ 53.424727][ T6524] cfb_fillrect+0x5d8/0x800 [ 53.424739][ T6524] bit_clear_margins+0x2d7/0x6e0 [ 53.424749][ T6524] ? bit_putcs+0x1df0/0x1df0 [ 53.424759][ T6524] fbcon_switch+0x1569/0x21f0 [ 53.424770][ T6524] ? fbcon_scroll+0x680/0x680 [ 53.424778][ T6524] ? _raw_spin_unlock_irqrestore+0x8b/0x130 [ 53.424800][ T6524] ? fbcon_cursor+0x3cd/0x5b0 [ 53.424813][ T6524] redraw_screen+0x53d/0x1280 [ 53.424824][ T6524] ? do_raw_read_unlock+0x42/0xf0 [ 53.424834][ T6524] ? clear_buffer_attributes+0x1b0/0x1b0 [ 53.424845][ T6524] ? tty_do_resize+0xe5/0x180 [ 53.424855][ T6524] vc_do_resize+0x1361/0x1930 [ 53.424868][ T6524] ? vc_resize+0x50/0x50 [ 53.424876][ T6524] ? rcu_read_lock_sched_held+0x89/0x130 [ 53.424886][ T6524] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 53.424896][ T6524] ? __kasan_kmalloc_large+0x90/0xb0 [ 53.424908][ T6524] fbcon_do_set_font+0x9ef/0x10d0 [ 53.424919][ T6524] fbcon_set_font+0x9f9/0xc80 [ 53.424930][ T6524] ? fbcon_blank+0xa50/0xa50 [ 53.424938][ T6524] con_font_op+0xbcd/0x1080 [ 53.424948][ T6524] ? reset_palette+0x720/0x720 [ 53.424957][ T6524] ? __might_fault+0xb6/0x110 [ 53.424966][ T6524] ? __lock_acquire+0x2b00/0x2b00 [ 53.424974][ T6524] ? __kernel_text_address+0x9/0x40 [ 53.424985][ T6524] ? unwind_get_return_address+0x48/0x80 [ 53.424996][ T6524] ? __might_fault+0xb2/0x110 [ 53.425006][ T6524] vt_ioctl+0x1838/0x3860 [ 53.425017][ T6524] ? __vt_event_wait+0x250/0x250 [ 53.425026][ T6524] ? kfree+0xe1/0x330 [ 53.425034][ T6524] ? kasan_set_track+0x68/0x80 [ 53.425042][ T6524] ? kasan_set_track+0x4c/0x80 [ 53.425050][ T6524] ? kasan_set_free_info+0x1f/0x40 [ 53.425060][ T6524] ? ____kasan_slab_free+0x10d/0x150 [ 53.425069][ T6524] ? slab_free_freelist_hook+0x12e/0x1a0 [ 53.425077][ T6524] ? kfree+0xe1/0x330 [ 53.425084][ T6524] ? tomoyo_path_number_perm+0x5f1/0x7c0 [ 53.425094][ T6524] ? security_file_ioctl+0x55/0xb0 [ 53.425104][ T6524] ? __se_sys_ioctl+0x48/0x170 [ 53.425113][ T6524] ? do_syscall_64+0x44/0xd0 [ 53.425123][ T6524] ? entry_SYSCALL_64_after_hwframe+0x44/0xae [ 53.425136][ T6524] ? rcu_read_lock_sched_held+0x89/0x130 [ 53.425145][ T6524] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 53.425155][ T6524] ? lockdep_hardirqs_on_prepare+0x412/0x780 [ 53.425166][ T6524] ? do_vfs_ioctl+0xcb2/0x2b90 [ 53.425175][ T6524] ? __x64_compat_sys_ioctl+0x80/0x80 [ 53.425184][ T6524] ? rcu_lock_release+0x5/0x20 [ 53.425193][ T6524] ? __lock_acquire+0x2b00/0x2b00 [ 53.425201][ T6524] ? slab_free_freelist_hook+0x12e/0x1a0 [ 53.425211][ T6524] ? tomoyo_path_number_perm+0x5f1/0x7c0 [ 53.425221][ T6524] ? tomoyo_path_number_perm+0x65a/0x7c0 [ 53.425232][ T6524] tty_ioctl+0xfb2/0x17d0 [ 53.425241][ T6524] ? tty_get_icount+0xa0/0xa0 [ 53.425252][ T6524] ? memset+0x1f/0x40 [ 53.425259][ T6524] ? smack_file_ioctl+0x298/0x3a0 [ 53.425268][ T6524] ? smack_file_alloc_security+0xd0/0xd0 [ 53.425278][ T6524] ? lockdep_hardirqs_on_prepare+0x412/0x780 [ 53.425289][ T6524] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 53.425300][ T6524] ? print_irqtrace_events+0x220/0x220 [ 53.425308][ T6524] ? vtime_user_exit+0x2b2/0x3e0 [ 53.425320][ T6524] ? bpf_lsm_file_ioctl+0x5/0x10 [ 53.425334][ T6524] ? security_file_ioctl+0x9d/0xb0 [ 53.425349][ T6524] ? tty_get_icount+0xa0/0xa0 [ 53.425361][ T6524] __se_sys_ioctl+0xfb/0x170 [ 53.425377][ T6524] do_syscall_64+0x44/0xd0 [ 53.425393][ T6524] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 53.425405][ T6524] RIP: 0033:0x7f44f1232229 [ 53.425414][ T6524] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 53.425421][ T6524] RSP: 002b:00007fffb8c823a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 53.425431][ T6524] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f44f1232229 [ 53.425438][ T6524] RDX: 0000000020000400 RSI: 0000000000004b72 RDI: 0000000000000004 [ 53.425444][ T6524] RBP: 0000000000000000 R08: 000000000000000d R09: 00007fffb8c82548 [ 53.425449][ T6524] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f44f11f5820 [ 53.425455][ T6524] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 53.425464][ T6524] [ 53.425467][ T6524] Modules linked in: [ 53.425474][ T6524] CR2: ffff888001000030 [ 53.425480][ T6524] ---[ end trace 3cf2fa8eab0f5f7d ]--- [ 53.425485][ T6524] RIP: 0010:bitfill_aligned+0x1d2/0x270 [ 53.425495][ T6524] Code: 39 1b fd eb 09 e8 3e 39 1b fd 48 83 c3 40 31 ff 89 ee e8 41 3d 1b fd 85 ed 74 2c 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 ff cd <4c> 89 33 85 ed 74 0b 48 83 c3 08 e8 0e 39 1b fd eb ec e8 07 39 1b [ 53.425502][ T6524] RSP: 0018:ffffc90002b4ee38 EFLAGS: 00010202 [ 53.425509][ T6524] RAX: 0000000000000000 RBX: ffff888001000030 RCX: ffff888020209d00 [ 53.425516][ T6524] RDX: ffff888020209d00 RSI: 0000000000000002 RDI: 0000000000000000 [ 53.425521][ T6524] RBP: 0000000000000001 R08: ffffffff84695e4f R09: 0000000000000040 [ 53.425527][ T6524] R10: 0000000000000002 R11: ffff888020209d00 R12: ffffffffffffffff [ 53.425533][ T6524] R13: 0000000000000080 R14: 0000000000000000 R15: 0000000000000000 [ 53.425539][ T6524] FS: 0000555555c14300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 53.425547][ T6524] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 53.425554][ T6524] CR2: ffff888001000030 CR3: 00000000708fb000 CR4: 00000000003506f0 [ 53.425563][ T6524] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 53.425568][ T6524] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 53.425574][ T6524] Kernel panic - not syncing: Fatal exception [ 53.425869][ T6524] Kernel Offset: disabled [ 54.135075][ T6524] Rebooting in 86400 seconds..