[[0;32m  OK  [0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.

Debian GNU/Linux 9 syzkaller ttyS0

syzkaller login: [   48.511489][ T4808] systemd-udevd (4808) used greatest stack depth: 23008 bytes left
[   48.525860][ T4884] systemd-udevd (4884) used greatest stack depth: 22704 bytes left
[   48.534037][ T4793] systemd-udevd (4793) used greatest stack depth: 22320 bytes left
[   48.541947][ T4904] systemd-udevd (4904) used greatest stack depth: 22272 bytes left
[   48.563314][ T4866] systemd-udevd (4866) used greatest stack depth: 21568 bytes left
Warning: Permanently added '10.128.10.53' (ECDSA) to the list of known hosts.
executing program
executing program
[   55.795158][ T6797] ==================================================================
[   55.795198][ T6797] BUG: KASAN: global-out-of-bounds in bit_putcs+0xc08/0xd60
[   55.795205][ T6797] Read of size 1 at addr ffffffff88962a0b by task syz-executor174/6797
[   55.795208][ T6797] 
[   55.795218][ T6797] CPU: 0 PID: 6797 Comm: syz-executor174 Not tainted 5.7.0-rc7-next-20200529-syzkaller #0
[   55.795224][ T6797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   55.795227][ T6797] Call Trace:
[   55.795237][ T6797]  dump_stack+0x18f/0x20d
[   55.795247][ T6797]  ? bit_putcs+0xc08/0xd60
[   55.795254][ T6797]  ? bit_putcs+0xc08/0xd60
[   55.795267][ T6797]  print_address_description.constprop.0.cold+0x5/0x413
[   55.795276][ T6797]  ? fb_pad_aligned_buffer+0x10c/0x150
[   55.795288][ T6797]  ? vprintk_func+0x97/0x1a6
[   55.795298][ T6797]  ? bit_putcs+0xc08/0xd60
[   55.795306][ T6797]  kasan_report.cold+0x1f/0x37
[   55.795316][ T6797]  ? bit_putcs+0xc08/0xd60
[   55.795325][ T6797]  bit_putcs+0xc08/0xd60
[   55.795359][ T6797]  ? bit_cursor+0x1870/0x1870
[   55.795368][ T6797]  ? find_held_lock+0x2d/0x110
[   55.795381][ T6797]  ? fb_get_color_depth.part.0+0xc6/0x1f0
[   55.795392][ T6797]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   55.795403][ T6797]  fbcon_putcs+0x345/0x3f0
[   55.795412][ T6797]  ? bit_cursor+0x1870/0x1870
[   55.795420][ T6797]  ? fb_flashcursor+0x3e0/0x3e0
[   55.795431][ T6797]  do_con_write.part.0+0xf16/0x1dc0
[   55.795451][ T6797]  ? do_con_trol+0x5d80/0x5d80
[   55.795468][ T6797]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[   55.795478][ T6797]  con_write+0x41/0xe0
[   55.795488][ T6797]  n_tty_write+0x3f0/0xf90
[   55.795505][ T6797]  ? n_tty_read+0x1b30/0x1b30
[   55.795516][ T6797]  ? prepare_to_wait_exclusive+0x2c0/0x2c0
[   55.795528][ T6797]  ? __might_fault+0x190/0x1d0
[   55.795542][ T6797]  tty_write+0x495/0x800
[   55.795549][ T6797]  ? n_tty_read+0x1b30/0x1b30
[   55.795565][ T6797]  do_iter_write+0x486/0x600
[   55.795581][ T6797]  vfs_writev+0x1b3/0x2f0
[   55.795591][ T6797]  ? vfs_iter_write+0xa0/0xa0
[   55.795598][ T6797]  ? find_held_lock+0x2d/0x110
[   55.795607][ T6797]  ? exc_page_fault+0x5f2/0x14a0
[   55.795620][ T6797]  ? lock_downgrade+0x840/0x840
[   55.795634][ T6797]  ? handle_mm_fault+0xbec/0x3c70
[   55.795653][ T6797]  ? check_preemption_disabled+0x38/0x220
[   55.795670][ T6797]  ? prepare_exit_to_usermode+0xa/0x30
[   55.795687][ T6797]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   55.795704][ T6797]  ? __fget_light+0x1a3/0x280
[   55.795724][ T6797]  do_writev+0x139/0x300
[   55.795738][ T6797]  ? vfs_writev+0x2f0/0x2f0
[   55.795747][ T6797]  ? do_syscall_64+0x1c/0xe0
[   55.795756][ T6797]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[   55.795766][ T6797]  do_syscall_64+0x60/0xe0
[   55.795776][ T6797]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   55.795783][ T6797] RIP: 0033:0x4412c9
[   55.795792][ T6797] Code: e8 3c ad 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   55.795797][ T6797] RSP: 002b:00007ffd4b273448 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   55.795805][ T6797] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004412c9
[   55.795810][ T6797] RDX: 0000000000000003 RSI: 0000000020000000 RDI: 0000000000000003
[   55.795815][ T6797] RBP: 000000000000d9ef R08: 000000000000000d R09: 00000000004002c8
[   55.795820][ T6797] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004020f0
[   55.795825][ T6797] R13: 0000000000402180 R14: 0000000000000000 R15: 0000000000000000
[   55.795838][ T6797] 
[   55.795840][ T6797] The buggy address belongs to the variable:
[   55.795849][ T6797]  __func__.46303+0xb/0x1c0
[   55.795851][ T6797] 
[   55.795854][ T6797] Memory state around the buggy address:
[   55.795861][ T6797]  ffffffff88962900: 00 00 00 00 00 01 fa fa fa fa fa fa 00 00 00 00
[   55.795868][ T6797]  ffffffff88962980: 01 fa fa fa fa fa fa fa 00 00 00 00 fa fa fa fa
[   55.795874][ T6797] >ffffffff88962a00: 00 03 fa fa fa fa fa fa 00 01 fa fa fa fa fa fa
[   55.795877][ T6797]                       ^
[   55.795883][ T6797]  ffffffff88962a80: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa
[   55.795889][ T6797]  ffffffff88962b00: 04 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa
[   55.795893][ T6797] ==================================================================
[   55.795896][ T6797] Disabling lock debugging due to kernel taint
[   55.795900][ T6797] Kernel panic - not syncing: panic_on_warn set ...
[   55.795909][ T6797] CPU: 0 PID: 6797 Comm: syz-executor174 Tainted: G    B             5.7.0-rc7-next-20200529-syzkaller #0
[   55.795913][ T6797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   55.795915][ T6797] Call Trace:
[   55.795922][ T6797]  dump_stack+0x18f/0x20d
[   55.795930][ T6797]  ? bit_putcs+0xb70/0xd60
[   55.795938][ T6797]  panic+0x2e3/0x75c
[   55.795945][ T6797]  ? __warn_printk+0xf3/0xf3
[   55.795955][ T6797]  ? trace_hardirqs_on+0x55/0x220
[   55.795962][ T6797]  ? bit_putcs+0xc08/0xd60
[   55.795968][ T6797]  ? bit_putcs+0xc08/0xd60
[   55.795975][ T6797]  end_report+0x4d/0x53
[   55.795982][ T6797]  kasan_report.cold+0xd/0x37
[   55.795990][ T6797]  ? bit_putcs+0xc08/0xd60
[   55.795997][ T6797]  bit_putcs+0xc08/0xd60
[   55.796008][ T6797]  ? bit_cursor+0x1870/0x1870
[   55.796014][ T6797]  ? find_held_lock+0x2d/0x110
[   55.796023][ T6797]  ? fb_get_color_depth.part.0+0xc6/0x1f0
[   55.796031][ T6797]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   55.796038][ T6797]  fbcon_putcs+0x345/0x3f0
[   55.796045][ T6797]  ? bit_cursor+0x1870/0x1870
[   55.796052][ T6797]  ? fb_flashcursor+0x3e0/0x3e0
[   55.796059][ T6797]  do_con_write.part.0+0xf16/0x1dc0
[   55.796069][ T6797]  ? do_con_trol+0x5d80/0x5d80
[   55.796079][ T6797]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[   55.796091][ T6797]  con_write+0x41/0xe0
[   55.796098][ T6797]  n_tty_write+0x3f0/0xf90
[   55.796108][ T6797]  ? n_tty_read+0x1b30/0x1b30
[   55.796116][ T6797]  ? prepare_to_wait_exclusive+0x2c0/0x2c0
[   55.796124][ T6797]  ? __might_fault+0x190/0x1d0
[   55.796133][ T6797]  tty_write+0x495/0x800
[   55.796139][ T6797]  ? n_tty_read+0x1b30/0x1b30
[   55.796148][ T6797]  do_iter_write+0x486/0x600
[   55.796158][ T6797]  vfs_writev+0x1b3/0x2f0
[   55.796166][ T6797]  ? vfs_iter_write+0xa0/0xa0
[   55.796172][ T6797]  ? find_held_lock+0x2d/0x110
[   55.796179][ T6797]  ? exc_page_fault+0x5f2/0x14a0
[   55.796187][ T6797]  ? lock_downgrade+0x840/0x840
[   55.796194][ T6797]  ? handle_mm_fault+0xbec/0x3c70
[   55.796202][ T6797]  ? check_preemption_disabled+0x38/0x220
[   55.796210][ T6797]  ? prepare_exit_to_usermode+0xa/0x30
[   55.796217][ T6797]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   55.796225][ T6797]  ? __fget_light+0x1a3/0x280
[   55.796233][ T6797]  do_writev+0x139/0x300
[   55.796240][ T6797]  ? vfs_writev+0x2f0/0x2f0
[   55.796247][ T6797]  ? do_syscall_64+0x1c/0xe0
[   55.796254][ T6797]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[   55.796261][ T6797]  do_syscall_64+0x60/0xe0
[   55.796269][ T6797]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   55.796274][ T6797] RIP: 0033:0x4412c9
[   55.796280][ T6797] Code: e8 3c ad 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   55.796284][ T6797] RSP: 002b:00007ffd4b273448 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   55.796290][ T6797] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004412c9
[   55.796294][ T6797] RDX: 0000000000000003 RSI: 0000000020000000 RDI: 0000000000000003
[   55.796298][ T6797] RBP: 000000000000d9ef R08: 000000000000000d R09: 00000000004002c8
[   55.796302][ T6797] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004020f0
[   55.796306][ T6797] R13: 0000000000402180 R14: 0000000000000000 R15: 0000000000000000
[   55.797552][ T6797] Kernel Offset: disabled
[   56.536509][ T6797] Rebooting in 86400 seconds..