[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.37' (ECDSA) to the list of known hosts. syzkaller login: [ 61.173705][ T6796] IPVS: ftp: loaded support on port[0] = 21 [ 61.266612][ T6796] chnl_net:caif_netlink_parms(): no params data found [ 61.321473][ T6796] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.329086][ T6796] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.337865][ T6796] device bridge_slave_0 entered promiscuous mode [ 61.347134][ T6796] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.354946][ T6796] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.363063][ T6796] device bridge_slave_1 entered promiscuous mode [ 61.382862][ T6796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.393806][ T6796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.416326][ T6796] team0: Port device team_slave_0 added [ 61.424273][ T6796] team0: Port device team_slave_1 added [ 61.442758][ T6796] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.450068][ T6796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.476788][ T6796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.489663][ T6796] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.497278][ T6796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.523781][ T6796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.593660][ T6796] device hsr_slave_0 entered promiscuous mode [ 61.640756][ T6796] device hsr_slave_1 entered promiscuous mode [ 61.788273][ T6796] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 61.833388][ T6796] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 61.902965][ T6796] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 61.962399][ T6796] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.017795][ T6796] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.025089][ T6796] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.033100][ T6796] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.040290][ T6796] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.085263][ T6796] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.098612][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.110656][ T23] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.118440][ T23] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.128253][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 62.141956][ T6796] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.154064][ T2433] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 62.163528][ T2433] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.170971][ T2433] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.190505][ T2433] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 62.199003][ T2433] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.206242][ T2433] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.222476][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 62.231779][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 62.241624][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 62.255361][ T2433] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 62.264286][ T2433] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 62.277089][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 62.287228][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 62.300754][ T6796] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 62.323571][ T2433] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 62.332087][ T2433] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 62.345508][ T6796] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.367249][ T2433] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 62.376625][ T2433] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 62.397259][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 62.406470][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 62.417422][ T6796] device veth0_vlan entered promiscuous mode [ 62.424625][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 62.433832][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 62.446263][ T6796] device veth1_vlan entered promiscuous mode [ 62.468530][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 62.477520][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 62.486956][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 62.495627][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 62.506520][ T6796] device veth0_macvtap entered promiscuous mode [ 62.518274][ T6796] device veth1_macvtap entered promiscuous mode [ 62.536103][ T6796] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.544061][ T2433] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 62.554122][ T2433] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 62.562925][ T2433] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 62.572185][ T2433] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 62.585221][ T6796] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.593534][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 62.603266][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 62.889451][ C1] general protection fault, probably for non-canonical address 0x1ffffffff135a2b4: 0000 [#1] PREEMPT SMP KASAN [ 62.889464][ C1] CPU: 1 PID: 6796 Comm: syz-executor097 Not tainted 5.8.0-rc2-syzkaller #0 [ 62.889469][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 62.889486][ C1] RIP: 0010:pvclock_gtod_notify+0x0/0x4d0 [ 62.889495][ C1] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <00> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 62.889500][ C1] RSP: 0018:ffffc90000da8bf8 EFLAGS: 00010046 [ 62.889508][ C1] RAX: 1ffffffff135a2b4 RBX: 00000000ffffffff RCX: ffffffff814db41b [ 62.889513][ C1] RDX: ffffffff8c90b9c0 RSI: 0000000000000000 RDI: ffffffff89ad15a0 [ 62.889518][ C1] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffffffff8c58ba27 [ 62.889523][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 62.889528][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff89ad15a0 [ 62.889536][ C1] FS: 0000000000726940(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 62.889541][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 62.889546][ C1] CR2: 0000000000000010 CR3: 000000009168a000 CR4: 00000000001406e0 [ 62.889554][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 62.889559][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 62.889561][ C1] Call Trace: [ 62.889567][ C1] [ 62.889578][ C1] notifier_call_chain+0xb5/0x200 [ 62.889590][ C1] timekeeping_update+0x28a/0x4a0 [ 62.889600][ C1] timekeeping_advance+0x663/0x9a0 [ 62.889611][ C1] ? tick_do_update_jiffies64.part.0+0x183/0x290 [ 62.889621][ C1] ? timekeeping_inject_offset+0x4d0/0x4d0 [ 62.889631][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 62.889641][ C1] ? trace_hardirqs_off+0x27/0x210 [ 62.889653][ C1] tick_do_update_jiffies64.part.0+0x183/0x290 [ 62.889663][ C1] tick_sched_timer+0x22c/0x290 [ 62.889672][ C1] __hrtimer_run_queues+0x1d5/0xfc0 [ 62.889682][ C1] ? can_stop_idle_tick+0x290/0x290 [ 62.889694][ C1] ? hrtimer_sleeper_start_expires+0x80/0x80 [ 62.889704][ C1] ? ktime_get_update_offsets_now+0x1c4/0x250 [ 62.889714][ C1] hrtimer_interrupt+0x32a/0x930 [ 62.889730][ C1] __sysvec_apic_timer_interrupt+0x142/0x5e0 [ 62.889742][ C1] asm_call_on_stack+0xf/0x20 [ 62.889746][ C1] [ 62.889755][ C1] sysvec_apic_timer_interrupt+0x18f/0x220 [ 62.889766][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 62.889777][ C1] RIP: 0010:write_comp_data+0xa/0x80 [ 62.889785][ C1] Code: 65 48 8b 04 25 00 ff 01 00 48 8b 80 f8 13 00 00 c3 0f 1f 44 00 00 66 2e 0f 1f 84 00 00 00 00 00 49 89 f2 65 8b 05 86 b2 8e 7e <65> 48 8b 34 25 00 ff 01 00 a9 00 01 ff 00 74 0f f6 c4 01 74 59 8b [ 62.889789][ C1] RSP: 0018:ffffc90001656de8 EFLAGS: 00000246 [ 62.889796][ C1] RAX: 0000000080000000 RBX: 0000000000000000 RCX: ffffffff83c1938b [ 62.889800][ C1] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000005 [ 62.889805][ C1] RBP: 0000000000000001 R08: 0000000000000280 R09: 0000000000000040 [ 62.889810][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 000000000000000a [ 62.889814][ C1] R13: ffff8880012274d0 R14: 0000000000000000 R15: 0000000000000002 [ 62.889826][ C1] ? bitfill_aligned+0x16b/0x200 [ 62.889837][ C1] bitfill_aligned+0x16b/0x200 [ 62.889847][ C1] cfb_fillrect+0x40b/0x7b0 [ 62.889855][ C1] ? cfb_fillrect+0x7b0/0x7b0 [ 62.889866][ C1] vga16fb_fillrect+0x683/0x193b [ 62.889877][ C1] ? memcpy+0x39/0x60 [ 62.889886][ C1] bit_clear_margins+0x2d5/0x4a0 [ 62.889894][ C1] ? bit_bmove+0x210/0x210 [ 62.889902][ C1] ? vga16fb_update_fix+0x4a0/0x4a0 [ 62.889916][ C1] fbcon_clear_margins+0x1d5/0x230 [ 62.889924][ C1] fbcon_switch+0xb6e/0x16c0 [ 62.889934][ C1] ? fbcon_scroll+0x3600/0x3600 [ 62.889947][ C1] ? fbcon_cursor+0x52b/0x650 [ 62.889955][ C1] ? kmalloc_array.constprop.0+0x20/0x20 [ 62.889965][ C1] ? is_console_locked+0x5/0x10 [ 62.889973][ C1] ? fbcon_set_origin+0x26/0x50 [ 62.889984][ C1] redraw_screen+0x2ae/0x770 [ 62.889992][ C1] ? vga16fb_update_fix+0x4a0/0x4a0 [ 62.890000][ C1] ? vc_init+0x440/0x440 [ 62.890011][ C1] ? fbcon_set_palette+0x3a8/0x490 [ 62.890019][ C1] fbcon_modechanged+0x575/0x710 [ 62.890029][ C1] fbcon_update_vcs+0x3a/0x50 [ 62.890038][ C1] fb_set_var+0xae8/0xd60 [ 62.890047][ C1] ? fb_blank+0x190/0x190 [ 62.890062][ C1] ? fb_pad_aligned_buffer+0xf7/0x150 [ 62.890076][ C1] ? fb_get_color_depth+0x11a/0x240 [ 62.890084][ C1] ? bit_cursor+0xa2a/0x17d0 [ 62.890094][ C1] ? fb_videomode_to_var+0xf/0x610 [ 62.890102][ C1] fbcon_switch+0x52c/0x16c0 [ 62.890112][ C1] ? fbcon_scroll+0x3600/0x3600 [ 62.890125][ C1] ? fbcon_cursor+0x52b/0x650 [ 62.890133][ C1] ? kmalloc_array.constprop.0+0x20/0x20 [ 62.890142][ C1] ? is_console_locked+0x5/0x10 [ 62.890149][ C1] ? fbcon_set_origin+0x26/0x50 [ 62.890159][ C1] redraw_screen+0x2ae/0x770 [ 62.890167][ C1] ? wait_for_completion+0x260/0x260 [ 62.890176][ C1] ? vc_init+0x440/0x440 [ 62.890187][ C1] vc_do_resize+0x110e/0x13f0 [ 62.890208][ C1] ? store_bind+0x6a0/0x6a0 [ 62.890220][ C1] fbcon_modechanged+0x36c/0x710 [ 62.890229][ C1] fbcon_set_all_vcs+0x3b6/0x470 [ 62.890240][ C1] fbcon_update_vcs+0x26/0x50 [ 62.890248][ C1] fb_set_var+0xae8/0xd60 [ 62.890257][ C1] ? fb_blank+0x190/0x190 [ 62.890265][ C1] ? lock_release+0x8d0/0x8d0 [ 62.890279][ C1] ? do_fb_ioctl+0x2f2/0x6c0 [ 62.890294][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 62.890303][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 62.890314][ C1] do_fb_ioctl+0x33f/0x6c0 [ 62.890323][ C1] ? fb_set_suspend+0x1a0/0x1a0 [ 62.890333][ C1] ? tomoyo_execute_permission+0x470/0x470 [ 62.890346][ C1] ? __local_bh_enable_ip+0x159/0x250 [ 62.890358][ C1] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 62.890369][ C1] ? do_vfs_ioctl+0x27d/0x1090 [ 62.890384][ C1] ? check_preemption_disabled+0x38/0x220 [ 62.890394][ C1] fb_ioctl+0xdd/0x130 [ 62.890403][ C1] ? do_fb_ioctl+0x6c0/0x6c0 [ 62.890411][ C1] ksys_ioctl+0x11a/0x180 [ 62.890421][ C1] __x64_sys_ioctl+0x6f/0xb0 [ 62.890430][ C1] do_syscall_64+0x60/0xe0 [ 62.890440][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 64.068652][ C1] BUG: unable to handle page fault for address: 0000000080010002 [ 64.068656][ C1] #PF: supervisor write access in kernel mode [ 64.068658][ C1] #PF: error_code(0x0002) - not-present page [ 64.068660][ C1] PGD 91f04067 P4D 91f04067 PUD 0 [ 64.068667][ C1] Oops: 0002 [#2] PREEMPT SMP KASAN [ 64.068670][ C1] CPU: 1 PID: 6796 Comm: syz-executor097 Not tainted 5.8.0-rc2-syzkaller #0 [ 64.068674][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.068677][ C1] RIP: 0010:in_gate_area_no_mm+0x0/0x6a [ 64.068685][ C1] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <00> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.068687][ C1] RSP: 0018:ffffc90000da81e0 EFLAGS: 00010046 [ 64.068692][ C1] RAX: 0000000080010002 RBX: ffffc90000da8280 RCX: ffffffff8169f800 [ 64.068695][ C1] RDX: ffff8880927b6180 RSI: ffffffff8169f82b RDI: 0000000000446de9 [ 64.068698][ C1] RBP: 0000000000446de9 R08: ffffc90000da8390 R09: ffffffff8c8c8109 [ 64.068702][ C1] R10: 0000000000446de9 R11: 0000000000000000 R12: ffffc90000da8390 [ 64.068705][ C1] R13: 0000000000000001 R14: 0000000000446de9 R15: ffffc90000da82a0 [ 64.068709][ C1] FS: 0000000000726940(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 64.068711][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 64.068715][ C1] CR2: 0000000080010002 CR3: 000000009168a000 CR4: 00000000001406e0 [ 64.068718][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 64.068721][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 64.068723][ C1] Call Trace: [ 64.068724][ C1] [ 64.068726][ C1] kallsyms_lookup+0xc3/0x2e0 [ 64.068728][ C1] __sprint_symbol+0x9c/0x1c0 [ 64.068730][ C1] ? kallsyms_lookup+0x2e0/0x2e0 [ 64.068732][ C1] ? kallsyms_lookup+0xff/0x2e0 [ 64.068734][ C1] ? __sprint_symbol+0x12b/0x1c0 [ 64.068736][ C1] symbol_string+0x14c/0x370 [ 64.068738][ C1] ? set_precision+0x160/0x160 [ 64.068740][ C1] ? ip6_addr_string+0x330/0x330 [ 64.068743][ C1] ? symbol_string+0x297/0x370 [ 64.068744][ C1] ? mark_lock+0xbc/0x1710 [ 64.068747][ C1] ? ip6_addr_string+0x330/0x330 [ 64.068748][ C1] ? hex_string+0xf8/0x4c0 [ 64.068750][ C1] ? set_precision+0x160/0x160 [ 64.068752][ C1] ? number+0x7ca/0xa90 [ 64.068754][ C1] ? widen_string+0xd8/0x2a0 [ 64.068756][ C1] ? set_precision+0x160/0x160 [ 64.068758][ C1] ? number+0x7ca/0xa90 [ 64.068760][ C1] pointer+0x185/0x970 [ 64.068762][ C1] ? pointer+0x44f/0x970 [ 64.068764][ C1] ? resource_string.isra.0+0x16c0/0x16c0 [ 64.068767][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 64.068769][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 64.068771][ C1] vsnprintf+0x5b2/0x14f0 [ 64.068773][ C1] ? pointer+0x970/0x970 [ 64.068775][ C1] ? lock_release+0x8d0/0x8d0 [ 64.068777][ C1] vscnprintf+0x29/0x80 [ 64.068779][ C1] vprintk_store+0x44/0x4a0 [ 64.068781][ C1] vprintk_emit+0x139/0x770 [ 64.068783][ C1] vprintk_func+0x8f/0x1a6 [ 64.068790][ C1] printk+0xba/0xed [ 64.068792][ C1] ? log_store.cold+0x16/0x16 [ 64.068794][ C1] ? unwind_next_frame+0xe3b/0x1f90 [ 64.068796][ C1] show_ip+0x22/0x30 [ 64.068798][ C1] show_iret_regs+0x10/0x32 [ 64.068800][ C1] __show_regs+0x18/0x50 [ 64.068802][ C1] ? is_bpf_text_address+0xcb/0x160 [ 64.068804][ C1] show_trace_log_lvl+0x255/0x2b4 [ 64.068806][ C1] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 64.068808][ C1] die_addr.cold+0x8/0xd [ 64.068811][ C1] exc_general_protection+0x259/0x720 [ 64.068813][ C1] ? exc_bounds+0x1d0/0x1d0 [ 64.068815][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 64.068817][ C1] ? mark_lock+0xbc/0x1710 [ 64.068819][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 64.068822][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 64.068824][ C1] asm_exc_general_protection+0x1e/0x30 [ 64.068826][ C1] RIP: 0010:pvclock_gtod_notify+0x0/0x4d0 [ 64.068834][ C1] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <00> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.068836][ C1] RSP: 0018:ffffc90000da8bf8 EFLAGS: 00010046 [ 64.068841][ C1] RAX: 1ffffffff135a2b4 RBX: 00000000ffffffff RCX: ffffffff814db41b [ 64.068844][ C1] RDX: ffffffff8c90b9c0 RSI: 0000000000000000 RDI: ffffffff89ad15a0 [ 64.068848][ C1] RBP: dffffc0000000000 R08: 0000000000000000 R09: ffffffff8c58ba27 [ 64.068851][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 64.068854][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff89ad15a0 [ 64.068856][ C1] ? notifier_call_chain+0x16b/0x200 [ 64.068858][ C1] notifier_call_chain+0xb5/0x200 [ 64.068861][ C1] timekeeping_update+0x28a/0x4a0 [ 64.068863][ C1] timekeeping_advance+0x663/0x9a0 [ 64.068865][ C1] ? tick_do_update_jiffies64.part.0+0x183/0x290 [ 64.068868][ C1] ? timekeeping_inject_offset+0x4d0/0x4d0 [ 64.068870][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 64.068872][ C1] ? trace_hardirqs_off+0x27/0x210 [ 64.068875][ C1] tick_do_update_jiffies64.part.0+0x183/0x290 [ 64.068877][ C1] tick_sched_timer+0x22c/0x290 [ 64.068879][ C1] __hrtimer_run_queues+0x1d5/0xfc0 [ 64.068881][ C1] ? can_stop_idle_tick+0x290/0x290 [ 64.068884][ C1] ? hrtimer_sleeper_start_expires+0x80/0x80 [ 64.068886][ C1] ? ktime_get_update_offsets_now+0x1c4/0x250 [ 64.068888][ C1] hrtimer_interrupt+0x32a/0x930 [ 64.068891][ C1] __sysvec_apic_timer_interrupt+0x142/0x5e0 [ 64.068893][ C1] asm_call_on_stack+0xf/0x20 [ 64.068895][ C1] [ 64.068897][ C1] sysvec_apic_timer_interrupt+0x18f/0x220 [ 64.068900][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 64.068902][ C1] RIP: 0010:write_comp_data+0xa/0x80 [ 64.068945][ C1] Code: 65 48 8b 04 25 00 ff 01 00 48 8b 80 f8 13 00 00 c3 0f 1f 44 00 00 66 2e 0f 1f 84 00 00 00 00 00 49 89 f2 65 8b 05 86 b2 8e 7e <65> 48 8b 34 25 00 ff 01 00 a9 00 01 ff 00 74 0f f6 c4 01 74 59 8b [ 64.068948][ C1] RSP: 0018:ffffc90001656de8 EFLAGS: 00000246 [ 64.068952][ C1] RAX: 0000000080000000 RBX: 0000000000000000 RCX: ffffffff83c1938b [ 64.068955][ C1] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000005 [ 64.068959][ C1] RBP: 0000000000000001 R08: 0000000000000280 R09: 0000000000000040 [ 64.068962][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 000000000000000a [ 64.068965][ C1] R13: ffff8880012274d0 R14: 0000000000000000 R15: 0000000000000002 [ 64.068967][ C1] ? bitfill_aligned+0x16b/0x200 [ 64.068969][ C1] bitfill_aligned+0x16b/0x200 [ 64.068972][ C1] cfb_fillrect+0x40b/0x7b0 [ 64.068974][ C1] ? cfb_fillrect+0x7b0/0x7b0 [ 64.068976][ C1] vga16fb_fillrect+0x683/0x193b [ 64.068977][ C1] ? memcpy+0x39/0x60 [ 64.068980][ C1] bit_clear_margins+0x2d5/0x4a0 [ 64.068982][ C1] ? bit_bmove+0x210/0x210 [ 64.068984][ C1] ? vga16fb_update_fix+0x4a0/0x4a0 [ 64.068986][ C1] fbcon_clear_margins+0x1d5/0x230 [ 64.068988][ C1] fbcon_switch+0xb6e/0x16c0 [ 64.068990][ C1] ? fbcon_scroll+0x3600/0x3600 [ 64.068992][ C1] ? fbcon_cursor+0x52b/0x650 [ 64.068994][ C1] ? kmalloc_array.constprop.0+0x20/0x20 [ 64.068996][ C1] ? is_console_locked+0x5/0x10 [ 64.068999][ C1] ? fbcon_set_origin+0x26/0x50 [ 64.069001][ C1] redraw_screen+0x2ae/0x770 [ 64.069003][ C1] ? vga16fb_update_fix+0x4a0/0x4a0 [ 64.069005][ C1] ? vc_init+0x440/0x440 [ 64.069007][ C1] ? fbcon_set_palette+0x3a8/0x490 [ 64.069009][ C1] fbcon_modechanged+0x575/0x710 [ 64.069011][ C1] fbcon_update_vcs+0x3a/0x50 [ 64.069013][ C1] fb_set_var+0xae8/0xd60 [ 64.069015][ C1] ? fb_blank+0x190/0x190 [ 64.069017][ C1] ? fb_pad_aligned_buffer+0xf7/0x150 [ 64.069019][ C1] ? fb_get_color_depth+0x11a/0x240 [ 64.069021][ C1] ? bit_cursor+0xa2a/0x17d0 [ 64.069023][ C1] ? fb_videomode_to_var+0xf/0x610 [ 64.069025][ C1] fbcon_switch+0x52c/0x16c0 [ 64.069027][ C1] ? fbcon_scroll+0x3600/0x3600 [ 64.069029][ C1] ? fbcon_cursor+0x52b/0x650 [ 64.069032][ C1] ? kmalloc_array.constprop.0+0x20/0x20 [ 64.069034][ C1] ? is_console_locked+0x5/0x10 [ 64.069036][ C1] ? fbcon_set_origin+0x26/0x50 [ 64.069038][ C1] redraw_screen+0x2ae/0x770 [ 64.069040][ C1] ? wait_for_completion+0x260/0x260 [ 64.069042][ C1] ? vc_init+0x440/0x440 [ 64.069044][ C1] vc_do_resize+0x110e/0x13f0 [ 64.069046][ C1] ? store_bind+0x6a0/0x6a0 [ 64.069048][ C1] fbcon_modechanged+0x36c/0x710 [ 64.069050][ C1] fbcon_set_all_vcs+0x3b6/0x470 [ 64.069052][ C1] fbcon_update_vcs+0x26/0x50 [ 64.069054][ C1] fb_set_var+0xae8/0xd60 [ 64.069056][ C1] ? fb_blank+0x190/0x190 [ 64.069058][ C1] ? lock_release+0x8d0/0x8d0 [ 64.069060][ C1] ? do_fb_ioctl+0x2f2/0x6c0 [ 64.069062][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 64.069065][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 64.069067][ C1] do_fb_ioctl+0x33f/0x6c0 [ 64.069069][ C1] ? fb_set_suspend+0x1a0/0x1a0 [ 64.069071][ C1] ? tomoyo_execute_permission+0x470/0x470 [ 64.069074][ C1] ? __local_bh_enable_ip+0x159/0x250 [ 64.069076][ C1] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 64.069078][ C1] ? do_vfs_ioctl+0x27d/0x1090 [ 64.069081][ C1] ? check_preemption_disabled+0x38/0x220 [ 64.069082][ C1] fb_ioctl+0xdd/0x130 [ 64.069084][ C1] ? do_fb_ioctl+0x6c0/0x6c0 [ 64.069086][ C1] ksys_ioctl+0x11a/0x180 [ 64.069088][ C1] __x64_sys_ioctl+0x6f/0xb0 [ 64.069090][ C1] do_syscall_64+0x60/0xe0 [ 64.069093][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 64.069096][ C1] BUG: unable to handle page fault for address: 0000000080010002 [ 64.069099][ C1] #PF: supervisor write access in kernel mode [ 64.069101][ C1] #PF: error_code(0x0002) - not-present page [ 64.069103][ C1] PGD 91f04067 P4D 91f04067 PUD 0 [ 64.069109][ C1] Oops: 0002 [#3] PREEMPT SMP KASAN [ 64.069113][ C1] CPU: 1 PID: 6796 Comm: syz-executor097 Not tainted 5.8.0-rc2-syzkaller #0 [ 64.069117][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.069119][ C1] RIP: 0010:in_gate_area_no_mm+0x0/0x6a [ 64.069127][ C1] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <00> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.069129][ C1] RSP: 0018:ffffc90000da76f8 EFLAGS: 00010046 [ 64.069134][ C1] RAX: 0000000080010002 RBX: ffffc90000da7798 RCX: ffffffff8169f800 [ 64.069137][ C1] RDX: ffff8880927b6180 RSI: ffffffff8169f82b RDI: 0000000000446de9 [ 64.069140][ C1] RBP: 0000000000446de9 R08: ffffc90000da78a8 R09: ffff8880ae72496a [ 64.069144][ C1] R10: 0000000000446de9 R11: 0000000000000001 R12: ffffc90000da78a8 [ 64.069147][ C1] R13: 0000000000000001 R14: 0000000000446de9 R15: ffffc90000da77b8 [ 64.069151][ C1] FS: 0000000000726940(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 64.069153][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 64.069165][ C1] CR2: 0000000080010002 CR3: 000000009168a000 CR4: 00000000001406e0 [ 64.069169][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 64.069173][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 64.069174][ C1] Call Trace: [ 64.069176][ C1] [ 64.069178][ C1] kallsyms_lookup+0xc3/0x2e0 [ 64.069180][ C1] __sprint_symbol+0x9c/0x1c0 [ 64.069182][ C1] ? kallsyms_lookup+0x2e0/0x2e0 [ 64.069184][ C1] ? kallsyms_lookup+0xff/0x2e0 [ 64.069186][ C1] ? __sprint_symbol+0x12b/0x1c0 [ 64.069188][ C1] symbol_string+0x14c/0x370 [ 64.069190][ C1] ? set_precision+0x160/0x160 [ 64.069192][ C1] ? ip6_addr_string+0x330/0x330 [ 64.069194][ C1] ? symbol_string+0x297/0x370 [ 64.069196][ C1] ? tcp_v4_send_synack+0x226/0x460 [ 64.069198][ C1] ? ip6_addr_string+0x330/0x330 [ 64.069200][ C1] ? hex_strin [ 64.069205][ C1] Lost 221 message(s)!