[   49.083925][ T1085] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.105682][ T1085] device veth1_macvtap left promiscuous mode
[   49.113670][ T1085] device veth0_macvtap left promiscuous mode
[   49.121061][ T1085] device veth1_vlan left promiscuous mode
[   49.127020][ T1085] device veth0_vlan left promiscuous mode
[   49.337408][ T1085] team0 (unregistering): Port device team_slave_1 removed
[   49.349489][ T1085] team0 (unregistering): Port device team_slave_0 removed
[   49.361623][ T1085] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   49.374267][ T1085] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   49.416502][ T1085] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.0.16' (ECDSA) to the list of known hosts.
[   63.577743][ T4051] ==================================================================
[   63.577765][ T4051] BUG: KASAN: stack-out-of-bounds in sys_imageblit+0x1182/0x1390
[   63.577779][ T4051] Write of size 4 at addr ffffc90004787d38 by task syz-executor699/4051
[   63.577784][ T4051] 
[   63.577787][ T4051] CPU: 1 PID: 4051 Comm: syz-executor699 Not tainted 5.16.0-rc1-syzkaller #0
[   63.577794][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   63.577799][ T4051] Call Trace:
[   63.577802][ T4051]  <TASK>
[   63.577807][ T4051]  dump_stack_lvl+0x57/0x7d
[   63.577817][ T4051]  print_address_description.constprop.0.cold+0xf/0x320
[   63.577830][ T4051]  ? sys_imageblit+0x1182/0x1390
[   63.577835][ T4051]  ? sys_imageblit+0x1182/0x1390
[   63.577841][ T4051]  kasan_report.cold+0x83/0xdf
[   63.577851][ T4051]  ? sys_imageblit+0x1182/0x1390
[   63.577857][ T4051]  sys_imageblit+0x1182/0x1390
[   63.577868][ T4051]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   63.577878][ T4051]  drm_fbdev_fb_imageblit+0x131/0x320
[   63.577886][ T4051]  bit_putcs+0x647/0xc20
[   63.577901][ T4051]  ? bit_clear+0x520/0x520
[   63.577905][ T4051]  ? lockdep_hardirqs_on+0x79/0x100
[   63.577920][ T4051]  fbcon_putcs+0x310/0x500
[   63.577925][ T4051]  ? bit_clear+0x520/0x520
[   63.577931][ T4051]  do_update_region+0x2dc/0x5b0
[   63.577941][ T4051]  ? con_get_trans_old+0x290/0x290
[   63.577947][ T4051]  ? __kmalloc+0x5f/0x340
[   63.577953][ T4051]  ? lock_downgrade+0x6e0/0x6e0
[   63.577960][ T4051]  invert_screen+0x177/0x520
[   63.577966][ T4051]  ? vc_uniscr_copy_line+0x4d0/0x4d0
[   63.577970][ T4051]  ? set_mode+0x460/0x460
[   63.577974][ T4051]  ? rcu_read_lock_sched_held+0x3a/0x70
[   63.577983][ T4051]  clear_selection+0x3f/0x50
[   63.577988][ T4051]  vc_do_resize+0xc0f/0xf50
[   63.577993][ T4051]  ? __mod_lruvec_page_state+0x261/0x340
[   63.578004][ T4051]  ? mark_held_locks+0x9f/0xe0
[   63.578011][ T4051]  ? unblank_screen+0x10/0x10
[   63.578021][ T4051]  fbcon_do_set_font+0x3b1/0x8a0
[   63.578030][ T4051]  ? fbcon_set_def_font+0x3e0/0x3e0
[   63.578034][ T4051]  con_font_op+0x5d7/0xac0
[   63.578040][ T4051]  ? con_write+0x20/0x20
[   63.578054][ T4051]  vt_ioctl+0x169f/0x2120
[   63.578059][ T4051]  ? kfree+0xf6/0x560
[   63.578064][ T4051]  ? vt_waitactive+0x2e0/0x2e0
[   63.578068][ T4051]  ? tomoyo_check_path2_acl+0x250/0x250
[   63.578079][ T4051]  ? tomoyo_path_number_perm+0x1f2/0x4d0
[   63.578095][ T4051]  tty_ioctl+0x478/0x12d0
[   63.578101][ T4051]  ? tty_lookup_driver+0x420/0x420
[   63.578111][ T4051]  ? __context_tracking_exit+0x80/0x90
[   63.578117][ T4051]  ? lock_downgrade+0x6e0/0x6e0
[   63.578121][ T4051]  ? __context_tracking_enter+0x93/0xa0
[   63.578134][ T4051]  __x64_sys_ioctl+0x11f/0x190
[   63.578141][ T4051]  do_syscall_64+0x35/0xb0
[   63.578147][ T4051]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   63.578153][ T4051] RIP: 0033:0x7f8e86e07339
[   63.578158][ T4051] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   63.578162][ T4051] RSP: 002b:00007ffc4740d3b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   63.578169][ T4051] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8e86e07339
[   63.578172][ T4051] RDX: 0000000020000000 RSI: 0000000000004b72 RDI: 0000000000000004
[   63.578176][ T4051] RBP: 00007f8e86dcb120 R08: 000000000000000d R09: 0000000000000000
[   63.578178][ T4051] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e86dcb1b0
[   63.578182][ T4051] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   63.578192][ T4051]  </TASK>
[   63.578195][ T4051] 
[   63.578196][ T4051] 
[   63.578198][ T4051] Memory state around the buggy address:
[   63.578201][ T4051]  ffffc90004787c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   63.578204][ T4051]  ffffc90004787c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   63.578207][ T4051] >ffffc90004787d00: 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f3 f3 00
[   63.578209][ T4051]                                         ^
[   63.578218][ T4051]  ffffc90004787d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   63.578221][ T4051]  ffffc90004787e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   63.578224][ T4051] ==================================================================
[   63.578225][ T4051] Disabling lock debugging due to kernel taint
[   63.578277][ T4051] Kernel panic - not syncing: panic_on_warn set ...
[   63.578281][ T4051] CPU: 1 PID: 4051 Comm: syz-executor699 Tainted: G    B             5.16.0-rc1-syzkaller #0
[   63.578287][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   63.578291][ T4051] Call Trace:
[   63.578293][ T4051]  <TASK>
[   63.578296][ T4051]  dump_stack_lvl+0x57/0x7d
[   63.578303][ T4051]  panic+0x214/0x49f
[   63.578311][ T4051]  ? __warn_printk+0xee/0xee
[   63.578322][ T4051]  ? sys_imageblit+0x1182/0x1390
[   63.578327][ T4051]  ? sys_imageblit+0x1182/0x1390
[   63.578332][ T4051]  end_report.cold+0x63/0x6f
[   63.578337][ T4051]  kasan_report.cold+0x71/0xdf
[   63.578343][ T4051]  ? sys_imageblit+0x1182/0x1390
[   63.578347][ T4051]  sys_imageblit+0x1182/0x1390
[   63.578354][ T4051]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   63.578360][ T4051]  drm_fbdev_fb_imageblit+0x131/0x320
[   63.578366][ T4051]  bit_putcs+0x647/0xc20
[   63.578375][ T4051]  ? bit_clear+0x520/0x520
[   63.578379][ T4051]  ? lockdep_hardirqs_on+0x79/0x100
[   63.578388][ T4051]  fbcon_putcs+0x310/0x500
[   63.578393][ T4051]  ? bit_clear+0x520/0x520
[   63.578399][ T4051]  do_update_region+0x2dc/0x5b0
[   63.578407][ T4051]  ? con_get_trans_old+0x290/0x290
[   63.578413][ T4051]  ? __kmalloc+0x5f/0x340
[   63.578418][ T4051]  ? lock_downgrade+0x6e0/0x6e0
[   63.578425][ T4051]  invert_screen+0x177/0x520
[   63.578431][ T4051]  ? vc_uniscr_copy_line+0x4d0/0x4d0
[   63.578436][ T4051]  ? set_mode+0x460/0x460
[   63.578441][ T4051]  ? rcu_read_lock_sched_held+0x3a/0x70
[   63.578449][ T4051]  clear_selection+0x3f/0x50
[   63.578455][ T4051]  vc_do_resize+0xc0f/0xf50
[   63.578460][ T4051]  ? __mod_lruvec_page_state+0x261/0x340
[   63.578468][ T4051]  ? mark_held_locks+0x9f/0xe0
[   63.578474][ T4051]  ? unblank_screen+0x10/0x10
[   63.578483][ T4051]  fbcon_do_set_font+0x3b1/0x8a0
[   63.578491][ T4051]  ? fbcon_set_def_font+0x3e0/0x3e0
[   63.578496][ T4051]  con_font_op+0x5d7/0xac0
[   63.578503][ T4051]  ? con_write+0x20/0x20
[   63.578513][ T4051]  vt_ioctl+0x169f/0x2120
[   63.578519][ T4051]  ? kfree+0xf6/0x560
[   63.578523][ T4051]  ? vt_waitactive+0x2e0/0x2e0
[   63.578528][ T4051]  ? tomoyo_check_path2_acl+0x250/0x250
[   63.578535][ T4051]  ? tomoyo_path_number_perm+0x1f2/0x4d0
[   63.578545][ T4051]  tty_ioctl+0x478/0x12d0
[   63.578550][ T4051]  ? tty_lookup_driver+0x420/0x420
[   63.578558][ T4051]  ? __context_tracking_exit+0x80/0x90
[   63.578562][ T4051]  ? lock_downgrade+0x6e0/0x6e0
[   63.578566][ T4051]  ? __context_tracking_enter+0x93/0xa0
[   63.578574][ T4051]  __x64_sys_ioctl+0x11f/0x190
[   63.578580][ T4051]  do_syscall_64+0x35/0xb0
[   63.578587][ T4051]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   63.578594][ T4051] RIP: 0033:0x7f8e86e07339
[   63.578600][ T4051] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   63.578605][ T4051] RSP: 002b:00007ffc4740d3b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   63.578611][ T4051] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8e86e07339
[   63.578616][ T4051] RDX: 0000000020000000 RSI: 0000000000004b72 RDI: 0000000000000004
[   63.578620][ T4051] RBP: 00007f8e86dcb120 R08: 000000000000000d R09: 0000000000000000
[   63.578623][ T4051] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e86dcb1b0
[   63.578627][ T4051] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   63.578634][ T4051]  </TASK>
[   63.578908][ T4051] Kernel Offset: disabled
[   64.328666][ T4051] Rebooting in 86400 seconds..