Warning: Permanently added '10.128.0.255' (ECDSA) to the list of known hosts. 2020/10/20 00:34:28 parsed 1 programs 2020/10/20 00:34:28 executed programs: 0 syzkaller login: [ 1579.926072] audit: type=1400 audit(1603154068.621:8): avc: denied { execmem } for pid=6514 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 1581.108483] IPVS: ftp: loaded support on port[0] = 21 [ 1581.207965] chnl_net:caif_netlink_parms(): no params data found [ 1581.322832] bridge0: port 1(bridge_slave_0) entered blocking state [ 1581.329957] bridge0: port 1(bridge_slave_0) entered disabled state [ 1581.337254] device bridge_slave_0 entered promiscuous mode [ 1581.345578] bridge0: port 2(bridge_slave_1) entered blocking state [ 1581.352247] bridge0: port 2(bridge_slave_1) entered disabled state [ 1581.360159] device bridge_slave_1 entered promiscuous mode [ 1581.379120] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 1581.388547] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 1581.408499] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 1581.416558] team0: Port device team_slave_0 added [ 1581.423003] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 1581.431678] team0: Port device team_slave_1 added [ 1581.447208] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1581.454045] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1581.479907] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1581.491791] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1581.498029] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1581.524707] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1581.536128] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 1581.544308] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 1581.565458] device hsr_slave_0 entered promiscuous mode [ 1581.571689] device hsr_slave_1 entered promiscuous mode [ 1581.578226] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 1581.586968] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 1581.657158] bridge0: port 2(bridge_slave_1) entered blocking state [ 1581.664332] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1581.671753] bridge0: port 1(bridge_slave_0) entered blocking state [ 1581.678263] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1581.714901] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 1581.722412] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1581.731820] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 1581.742702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1581.751405] bridge0: port 1(bridge_slave_0) entered disabled state [ 1581.759048] bridge0: port 2(bridge_slave_1) entered disabled state [ 1581.766099] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1581.777364] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 1581.783739] 8021q: adding VLAN 0 to HW filter on device team0 [ 1581.793921] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1581.801994] bridge0: port 1(bridge_slave_0) entered blocking state [ 1581.808384] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1581.821102] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1581.829655] bridge0: port 2(bridge_slave_1) entered blocking state [ 1581.836525] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1581.857684] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1581.867946] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1581.880665] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 1581.887567] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1581.896024] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1581.904873] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1581.913793] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1581.921733] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1581.929139] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1581.943430] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 1581.955848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1581.962993] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1581.972000] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1581.985304] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 1581.996491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1582.029981] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 1582.037055] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 1582.044993] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 1582.054687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1582.062837] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1582.070207] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1582.080524] device veth0_vlan entered promiscuous mode [ 1582.091060] device veth1_vlan entered promiscuous mode [ 1582.097237] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 1582.106745] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 1582.120558] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 1582.131591] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1582.139858] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1582.147968] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1582.157952] device veth0_macvtap entered promiscuous mode [ 1582.164472] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 1582.173686] device veth1_macvtap entered promiscuous mode [ 1582.184216] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 1582.194764] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 1582.204640] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1582.215742] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 1582.224001] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1582.231150] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1582.240174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1582.252922] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 1582.260325] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1582.268008] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1582.278787] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1582.405474] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 1582.412950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1582.437033] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1582.437441] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 1582.451987] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1582.461570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1582.471262] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1582.478813] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1583.119990] Bluetooth: hci0: command 0x0409 tx timeout 2020/10/20 00:34:33 executed programs: 10 [ 1585.189042] Bluetooth: hci0: command 0x041b tx timeout [ 1587.268541] Bluetooth: hci0: command 0x040f tx timeout [ 1588.036947] BUG: unable to handle kernel paging request at ffff888001000028 [ 1588.036953] PGD e001067 P4D e001067 PUD e002067 PMD 80000000010001e1 [ 1588.036966] Oops: 0003 [#1] PREEMPT SMP KASAN [ 1588.036974] CPU: 0 PID: 6906 Comm: syz-executor.0 Not tainted 4.19.152-syzkaller #0 [ 1588.036978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1588.037039] RIP: 0010:cfb_imageblit+0x9f3/0x149c [ 1588.037046] Code: 89 e8 d3 e0 41 09 c6 e8 fb 0b ab fd 44 39 64 24 04 0f 87 40 ff ff ff e8 fb 0a ab fd 48 8b 4c 24 08 48 8d 79 04 48 89 7c 24 08 <44> 89 31 44 8b 74 24 04 44 89 e6 44 89 f7 e8 ca 0b ab fd 45 39 e6 [ 1588.037050] RSP: 0018:ffff88808d75f588 EFLAGS: 00010293 [ 1588.037056] RAX: ffff8880982de640 RBX: ffff8880a535142a RCX: ffff888001000028 [ 1588.037060] RDX: 0000000000000000 RSI: ffffffff83c6c7d5 RDI: ffff88800100002c [ 1588.037064] RBP: 0000000000000000 R08: 000000000000061c R09: 000000000000001c [ 1588.037068] R10: 0000000000000004 R11: 0000000000000005 R12: 000000000000001c [ 1588.037072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1588.037078] FS: 00007f0decd1a700(0000) GS:ffff8880ae200000(0000) knlGS:0000000000000000 [ 1588.037082] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1588.037086] CR2: ffff888001000028 CR3: 00000000925dc000 CR4: 00000000001406f0 [ 1588.037093] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1588.037097] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1588.037099] Call Trace: [ 1588.037114] vga16fb_imageblit+0x694/0x2250 [ 1588.037149] ? fb_get_buffer_offset+0x17e/0x330 [ 1588.037157] bit_putcs+0x708/0xd35 [ 1588.037168] ? bit_cursor+0x1750/0x1750 [ 1588.037177] ? fb_get_color_depth+0x11a/0x240 [ 1588.037234] ? __sanitizer_cov_trace_switch+0x4b/0x80 [ 1588.037242] ? bit_cursor+0x1750/0x1750 [ 1588.037247] fbcon_putcs+0x389/0x5d0 [ 1588.037254] ? fbcon_cursor+0x7f0/0x7f0 [ 1588.037297] do_con_write+0x144f/0x1f40 [ 1588.037310] ? do_con_trol+0x5d50/0x5d50 [ 1588.037344] ? __mutex_add_waiter+0x160/0x160 [ 1588.037352] con_write+0x22/0xb0 [ 1588.037382] n_tty_write+0x3c0/0xff0 [ 1588.037392] ? n_tty_ioctl+0x360/0x360 [ 1588.037434] ? do_wait_intr_irq+0x340/0x340 [ 1588.037488] ? __might_fault+0x192/0x1d0 [ 1588.037495] tty_write+0x496/0x890 [ 1588.037502] ? n_tty_ioctl+0x360/0x360 [ 1588.037546] __vfs_write+0xf7/0x770 [ 1588.037552] ? tty_compat_ioctl+0x270/0x270 [ 1588.037559] ? kernel_read+0x110/0x110 [ 1588.037583] ? __inode_security_revalidate+0xef/0x140 [ 1588.037605] ? avc_policy_seqno+0x9/0x70 [ 1588.037612] ? selinux_file_permission+0xc1/0x5a0 [ 1588.037621] ? security_file_permission+0x1c0/0x230 [ 1588.037629] vfs_write+0x1f3/0x540 [ 1588.037637] ksys_write+0x12b/0x2a0 [ 1588.037644] ? __ia32_sys_read+0xb0/0xb0 [ 1588.037677] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1588.037704] ? do_syscall_64+0x21/0x670 [ 1588.037712] do_syscall_64+0xf9/0x670 [ 1588.037736] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1588.037742] RIP: 0033:0x45de59 [ 1588.037750] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1588.037753] RSP: 002b:00007f0decd19c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1588.037760] RAX: ffffffffffffffda RBX: 000000000003a600 RCX: 000000000045de59 [ 1588.037764] RDX: 0000000000001006 RSI: 0000000020001440 RDI: 0000000000000007 [ 1588.037767] RBP: 000000000118c008 R08: 0000000000000000 R09: 0000000000000000 [ 1588.037771] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bfd4 [ 1588.037775] R13: 00007ffc3495948f R14: 00007f0decd1a9c0 R15: 000000000118bfd4 [ 1588.037781] Modules linked in: [ 1588.037787] CR2: ffff888001000028 [ 1588.037795] ---[ end trace f8e45cd69063e99c ]--- [ 1588.037803] RIP: 0010:cfb_imageblit+0x9f3/0x149c [ 1588.037809] Code: 89 e8 d3 e0 41 09 c6 e8 fb 0b ab fd 44 39 64 24 04 0f 87 40 ff ff ff e8 fb 0a ab fd 48 8b 4c 24 08 48 8d 79 04 48 89 7c 24 08 <44> 89 31 44 8b 74 24 04 44 89 e6 44 89 f7 e8 ca 0b ab fd 45 39 e6 [ 1588.037813] RSP: 0018:ffff88808d75f588 EFLAGS: 00010293 [ 1588.037818] RAX: ffff8880982de640 RBX: ffff8880a535142a RCX: ffff888001000028 [ 1588.037822] RDX: 0000000000000000 RSI: ffffffff83c6c7d5 RDI: ffff88800100002c [ 1588.037825] RBP: 0000000000000000 R08: 000000000000061c R09: 000000000000001c [ 1588.037829] R10: 0000000000000004 R11: 0000000000000005 R12: 000000000000001c [ 1588.037832] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1588.037838] FS: 00007f0decd1a700(0000) GS:ffff8880ae200000(0000) knlGS:0000000000000000 [ 1588.037842] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1588.037846] CR2: ffff888001000028 CR3: 00000000925dc000 CR4: 00000000001406f0 [ 1588.037852] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1588.037855] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1588.037860] Kernel panic - not syncing: Fatal exception [ 1588.040113] Kernel Offset: disabled [ 1588.520141] Rebooting in 86400 seconds..