Warning: Permanently added '[localhost]:58358' (ECDSA) to the list of known hosts.
2020/10/07 05:23:31 parsed 1 programs
2020/10/07 05:23:33 executed programs: 0
syzkaller login: [  269.967335][ T8934] IPVS: ftp: loaded support on port[0] = 21
[  270.272664][ T8934] chnl_net:caif_netlink_parms(): no params data found
[  270.413942][ T8934] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.442134][ T8934] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.480829][ T8934] device bridge_slave_0 entered promiscuous mode
[  270.531058][ T8934] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.546765][ T8934] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.562381][ T8934] device bridge_slave_1 entered promiscuous mode
[  270.622038][ T8934] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  270.665344][ T8934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  270.714320][ T8934] team0: Port device team_slave_0 added
[  270.734305][ T8934] team0: Port device team_slave_1 added
[  270.766636][ T8934] batman_adv: batadv0: Adding interface: batadv_slave_0
[  270.794278][ T8934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  270.877417][ T8934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  270.918829][ T8934] batman_adv: batadv0: Adding interface: batadv_slave_1
[  270.936316][ T8934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  271.038570][ T8934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  271.091828][ T8934] device hsr_slave_0 entered promiscuous mode
[  271.109837][ T8934] device hsr_slave_1 entered promiscuous mode
[  271.348251][ T8934] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  271.380084][ T8934] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  271.399861][ T8934] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  271.420673][ T8934] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  271.558753][ T8934] 8021q: adding VLAN 0 to HW filter on device bond0
[  271.579414][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  271.590311][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  271.610168][ T8934] 8021q: adding VLAN 0 to HW filter on device team0
[  271.623684][ T3824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  271.650248][ T3824] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  271.673101][ T3824] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.688153][ T3824] bridge0: port 1(bridge_slave_0) entered forwarding state
[  271.705874][ T3824] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  271.724730][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  271.737966][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  271.758000][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.770933][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  271.794254][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  271.827504][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  271.845756][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  271.858369][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  271.868639][   T18] Bluetooth: hci0: command 0x0409 tx timeout
[  271.877883][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  271.888627][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  271.904975][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  271.921942][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  271.935996][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  271.956976][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  271.980304][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  272.005638][ T8934] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  272.035744][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  272.046654][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  272.070141][ T8934] 8021q: adding VLAN 0 to HW filter on device batadv0
[  272.126252][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  272.148437][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  272.191478][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  272.207772][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  272.232201][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  272.248898][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  272.270288][ T8934] device veth0_vlan entered promiscuous mode
[  272.290469][ T8934] device veth1_vlan entered promiscuous mode
[  272.310649][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  272.358821][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  272.374049][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  272.395480][ T8934] device veth0_macvtap entered promiscuous mode
[  272.444743][ T8934] device veth1_macvtap entered promiscuous mode
[  272.482205][ T8934] batman_adv: batadv0: Interface activated: batadv_slave_0
[  272.520169][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  272.552195][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  272.596857][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  272.644144][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  272.709792][ T8934] batman_adv: batadv0: Interface activated: batadv_slave_1
[  272.751213][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  272.810648][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  272.882356][ T8934] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.930484][ T8934] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.973171][ T8934] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.991805][ T8934] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  273.264278][    T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.289728][    T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.336340][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  273.366545][    T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.398213][    T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.475087][ T8944] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  273.651359][ T8934] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
[  273.928042][   T23] Bluetooth: hci0: command 0x041b tx timeout
[  274.047297][ T8948] ==================================================================
[  274.047297][ T8948] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x117f/0x1290
[  274.047297][ T8948] Write of size 4 at addr ffffc90009661000 by task syz-executor.0/8948
[  274.047297][ T8948] 
[  274.047297][ T8948] CPU: 2 PID: 8948 Comm: syz-executor.0 Not tainted 5.9.0-rc8-syzkaller #0
[  274.047297][ T8948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
[  274.047297][ T8948] Call Trace:
[  274.047297][ T8948]  dump_stack+0x198/0x1fd
[  274.047297][ T8948]  ? sys_imageblit+0x117f/0x1290
[  274.047297][ T8948]  ? sys_imageblit+0x117f/0x1290
[  274.047297][ T8948]  print_address_description.constprop.0.cold+0x5/0x497
[  274.047297][ T8948]  ? sys_imageblit+0x117f/0x1290
[  274.047297][ T8948]  ? lockdep_hardirqs_off+0x96/0xd0
[  274.047297][ T8948]  ? vprintk_func+0x95/0x1d4
[  274.047297][ T8948]  ? sys_imageblit+0x117f/0x1290
[  274.047297][ T8948]  ? sys_imageblit+0x117f/0x1290
[  274.047297][ T8948]  kasan_report.cold+0x1f/0x37
[  274.047297][ T8948]  ? sys_imageblit+0x117f/0x1290
[  274.047297][ T8948]  sys_imageblit+0x117f/0x1290
[  274.047297][ T8948]  drm_fb_helper_sys_imageblit+0x1c/0x180
[  274.047297][ T8948]  bit_putcs+0x6e1/0xd20
[  274.047297][ T8948]  ? bit_cursor+0x1720/0x1720
[  274.047297][ T8948]  ? wait_for_completion+0x260/0x260
[  274.047297][ T8948]  ? fb_get_color_depth+0x81/0x240
[  274.047297][ T8948]  ? fb_get_color_depth+0x11a/0x240
[  274.047297][ T8948]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  274.047297][ T8948]  ? bit_cursor+0x1720/0x1720
[  274.047297][ T8948]  fbcon_putcs+0x35a/0x450
[  274.047297][ T8948]  do_update_region+0x399/0x630
[  274.047297][ T8948]  ? con_get_trans_old+0x2a0/0x2a0
[  274.047297][ T8948]  ? fb_get_color_depth+0x11a/0x240
[  274.047297][ T8948]  ? fbcon_set_palette+0x422/0x620
[  274.047297][ T8948]  ? var_to_display+0x7f0/0x7f0
[  274.047297][ T8948]  redraw_screen+0x658/0x790
[  274.047297][ T8948]  ? vc_init+0x5a0/0x5a0
[  274.047297][ T8948]  ? fbcon_set_palette+0x422/0x620
[  274.047297][ T8948]  fbcon_modechanged+0x593/0x6d0
[  274.047297][ T8948]  fbcon_update_vcs+0x3a/0x50
[  274.047297][ T8948]  do_fb_ioctl+0x62e/0x690
[  274.047297][ T8948]  ? fb_set_suspend+0x1a0/0x1a0
[  274.047297][ T8948]  ? lock_downgrade+0x830/0x830
[  274.047297][ T8948]  ? kfree+0x221/0x2b0
[  274.047297][ T8948]  ? check_preemption_disabled+0x50/0x130
[  274.047297][ T8948]  ? kfree+0x221/0x2b0
[  274.047297][ T8948]  ? tomoyo_path_number_perm+0x441/0x590
[  274.047297][ T8948]  ? lockdep_hardirqs_on+0x53/0x100
[  274.047297][ T8948]  ? tomoyo_path_number_perm+0x24e/0x590
[  274.047297][ T8948]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  274.047297][ T8948]  ? lock_is_held_type+0xbb/0xf0
[  274.047297][ T8948]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  274.047297][ T8948]  ? do_vfs_ioctl+0x27d/0x1090
[  274.047297][ T8948]  ? generic_block_fiemap+0x60/0x60
[  274.047297][ T8948]  fb_compat_ioctl+0x17c/0xc30
[  274.047297][ T8948]  ? fb_open+0x430/0x430
[  274.047297][ T8948]  ? __fget_files+0x294/0x400
[  274.047297][ T8948]  ? bpf_lsm_file_ioctl+0x5/0x10
[  274.047297][ T8948]  ? fb_open+0x430/0x430
[  274.047297][ T8948]  __do_compat_sys_ioctl+0x1d3/0x230
[  274.047297][ T8948]  __do_fast_syscall_32+0x60/0x90
[  274.047297][ T8948]  do_fast_syscall_32+0x2f/0x70
[  274.047297][ T8948]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  274.047297][ T8948] RIP: 0023:0xf7f98549
[  274.047297][ T8948] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  274.047297][ T8948] RSP: 002b:00000000f77920bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  274.047297][ T8948] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601
[  274.047297][ T8948] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  274.047297][ T8948] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  274.047297][ T8948] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  274.047297][ T8948] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  274.047297][ T8948] 
[  274.047297][ T8948] 
[  274.047297][ T8948] Memory state around the buggy address:
[  274.047297][ T8948]  ffffc90009660f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  274.047297][ T8948]  ffffc90009660f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  274.047297][ T8948] >ffffc90009661000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  274.047297][ T8948]                    ^
[  274.047297][ T8948]  ffffc90009661080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  274.047297][ T8948]  ffffc90009661100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  274.047297][ T8948] ==================================================================
[  274.047297][ T8948] Disabling lock debugging due to kernel taint
[  274.062147][ T8948] Kernel panic - not syncing: panic_on_warn set ...
[  274.062288][ T8948] CPU: 2 PID: 8948 Comm: syz-executor.0 Tainted: G    B             5.9.0-rc8-syzkaller #0
[  274.062292][ T8948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
[  274.062327][ T8948] Call Trace:
[  274.062579][ T8948]  dump_stack+0x198/0x1fd
[  274.062592][ T8948]  ? sys_imageblit+0x1080/0x1290
[  274.062822][ T8948]  panic+0x382/0x7fb
[  274.062831][ T8948]  ? __warn_printk+0xf3/0xf3
[  274.062884][ T8948]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[  274.062938][ T8948]  ? trace_hardirqs_on+0x55/0x220
[  274.062946][ T8948]  ? sys_imageblit+0x117f/0x1290
[  274.062952][ T8948]  ? sys_imageblit+0x117f/0x1290
[  274.062960][ T8948]  end_report+0x4d/0x53
[  274.062967][ T8948]  kasan_report.cold+0xd/0x37
[  274.062974][ T8948]  ? sys_imageblit+0x117f/0x1290
[  274.062981][ T8948]  sys_imageblit+0x117f/0x1290
[  274.062994][ T8948]  drm_fb_helper_sys_imageblit+0x1c/0x180
[  274.063003][ T8948]  bit_putcs+0x6e1/0xd20
[  274.063014][ T8948]  ? bit_cursor+0x1720/0x1720
[  274.063028][ T8948]  ? wait_for_completion+0x260/0x260
[  274.063040][ T8948]  ? fb_get_color_depth+0x81/0x240
[  274.063058][ T8948]  ? fb_get_color_depth+0x11a/0x240
[  274.063071][ T8948]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  274.063083][ T8948]  ? bit_cursor+0x1720/0x1720
[  274.063094][ T8948]  fbcon_putcs+0x35a/0x450
[  274.063107][ T8948]  do_update_region+0x399/0x630
[  274.063120][ T8948]  ? con_get_trans_old+0x2a0/0x2a0
[  274.063131][ T8948]  ? fb_get_color_depth+0x11a/0x240
[  274.063142][ T8948]  ? fbcon_set_palette+0x422/0x620
[  274.063154][ T8948]  ? var_to_display+0x7f0/0x7f0
[  274.063168][ T8948]  redraw_screen+0x658/0x790
[  274.063182][ T8948]  ? vc_init+0x5a0/0x5a0
[  274.063194][ T8948]  ? fbcon_set_palette+0x422/0x620
[  274.063206][ T8948]  fbcon_modechanged+0x593/0x6d0
[  274.063217][ T8948]  fbcon_update_vcs+0x3a/0x50
[  274.063228][ T8948]  do_fb_ioctl+0x62e/0x690
[  274.063238][ T8948]  ? fb_set_suspend+0x1a0/0x1a0
[  274.063255][ T8948]  ? lock_downgrade+0x830/0x830
[  274.063269][ T8948]  ? kfree+0x221/0x2b0
[  274.063283][ T8948]  ? check_preemption_disabled+0x50/0x130
[  274.063293][ T8948]  ? kfree+0x221/0x2b0
[  274.063307][ T8948]  ? tomoyo_path_number_perm+0x441/0x590
[  274.063320][ T8948]  ? lockdep_hardirqs_on+0x53/0x100
[  274.063332][ T8948]  ? tomoyo_path_number_perm+0x24e/0x590
[  274.063345][ T8948]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  274.063357][ T8948]  ? lock_is_held_type+0xbb/0xf0
[  274.063368][ T8948]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  274.063381][ T8948]  ? do_vfs_ioctl+0x27d/0x1090
[  274.063392][ T8948]  ? generic_block_fiemap+0x60/0x60
[  274.063406][ T8948]  fb_compat_ioctl+0x17c/0xc30
[  274.063421][ T8948]  ? fb_open+0x430/0x430
[  274.063433][ T8948]  ? __fget_files+0x294/0x400
[  274.063445][ T8948]  ? bpf_lsm_file_ioctl+0x5/0x10
[  274.063455][ T8948]  ? fb_open+0x430/0x430
[  274.063467][ T8948]  __do_compat_sys_ioctl+0x1d3/0x230
[  274.063479][ T8948]  __do_fast_syscall_32+0x60/0x90
[  274.063490][ T8948]  do_fast_syscall_32+0x2f/0x70
[  274.063503][ T8948]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  274.063516][ T8948] RIP: 0023:0xf7f98549
[  274.063614][ T8948] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  274.063623][ T8948] RSP: 002b:00000000f77920bc EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  274.063714][ T8948] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601
[  274.063724][ T8948] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  274.063733][ T8948] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  274.063742][ T8948] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  274.063751][ T8948] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  274.066347][ T8948] Kernel Offset: disabled
[  274.071289][ T8948] Rebooting in 86400 seconds..