Warning: Permanently added '10.128.1.245' (ED25519) to the list of known hosts.
2025/11/18 07:59:40 parsed 1 programs
[   97.220830][ T1211] cfg80211: failed to load regulatory.db
[   97.733363][ T5833] cgroup: Unknown subsys name 'net'
[   97.862978][ T5833] cgroup: Unknown subsys name 'cpuset'
[   97.871786][ T5833] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   99.677982][ T5833] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  102.533827][ T5846] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  103.671887][ T5873] chnl_net:caif_netlink_parms(): no params data found
[  103.817020][ T5873] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.825785][ T5873] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.833088][ T5873] bridge_slave_0: entered allmulticast mode
[  103.841508][ T5873] bridge_slave_0: entered promiscuous mode
[  103.855093][ T5873] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.862479][ T5873] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.870200][ T5873] bridge_slave_1: entered allmulticast mode
[  103.881538][ T5873] bridge_slave_1: entered promiscuous mode
[  103.924540][ T5873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  103.936226][ T5873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  103.973611][ T5873] team0: Port device team_slave_0 added
[  103.982711][ T5873] team0: Port device team_slave_1 added
[  104.015804][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.023584][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  104.049809][ T5873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.063446][ T5873] batman_adv: batadv0: Adding interface: batadv_slave_1
[  104.070478][ T5873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  104.096670][ T5873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.146820][ T5873] hsr_slave_0: entered promiscuous mode
[  104.153579][ T5873] hsr_slave_1: entered promiscuous mode
[  104.291849][ T5873] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  104.303705][ T5873] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  104.313724][ T5873] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  104.325186][ T5873] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  104.358507][ T5873] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.365715][ T5873] bridge0: port 2(bridge_slave_1) entered forwarding state
[  104.373664][ T5873] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.380892][ T5873] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.434133][ T5873] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.453448][ T3475] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.462003][ T3475] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.478795][ T5873] 8021q: adding VLAN 0 to HW filter on device team0
[  104.492668][ T3475] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.499834][ T3475] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.514880][  T198] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.522114][  T198] bridge0: port 2(bridge_slave_1) entered forwarding state
[  104.703942][ T5873] 8021q: adding VLAN 0 to HW filter on device batadv0
[  104.747555][ T5873] veth0_vlan: entered promiscuous mode
[  104.766707][ T5873] veth1_vlan: entered promiscuous mode
[  104.795052][ T5873] veth0_macvtap: entered promiscuous mode
[  104.805151][ T5873] veth1_macvtap: entered promiscuous mode
[  104.824786][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_0
[  104.839742][ T5873] batman_adv: batadv0: Interface activated: batadv_slave_1
[  104.858759][  T198] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.868282][  T198] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.878113][  T198] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.889032][  T198] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.042586][   T60] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.044740][ T5897] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  105.062740][ T5897] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  105.071115][ T5897] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  105.080089][ T5897] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  105.087974][ T5897] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  105.170255][   T60] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.282689][   T60] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.359519][   T60] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.167149][  T198] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.185618][  T198] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.228661][ T1155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.236697][ T1155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.162486][   T60] bridge_slave_1: left allmulticast mode
[  108.168444][   T60] bridge_slave_1: left promiscuous mode
[  108.192108][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.220613][   T60] bridge_slave_0: left allmulticast mode
[  108.226334][   T60] bridge_slave_0: left promiscuous mode
[  108.250259][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
2025/11/18 07:59:54 executed programs: 0
[  108.454970][ T5897] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  108.474252][ T5897] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  108.482415][ T5897] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  108.491708][ T5897] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  108.501286][ T5897] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  108.603666][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  108.614279][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  108.624628][   T60] bond0 (unregistering): Released all slaves
[  108.760616][   T60] hsr_slave_0: left promiscuous mode
[  108.766902][   T60] hsr_slave_1: left promiscuous mode
[  108.781421][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  108.788976][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[  108.797768][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  108.807709][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[  108.833038][   T60] veth1_macvtap: left promiscuous mode
[  108.838789][   T60] veth0_macvtap: left promiscuous mode
[  108.849538][   T60] veth1_vlan: left promiscuous mode
[  108.855077][   T60] veth0_vlan: left promiscuous mode
[  109.364763][   T60] team0 (unregistering): Port device team_slave_1 removed
[  109.393373][   T60] team0 (unregistering): Port device team_slave_0 removed
[  109.748815][ T5943] chnl_net:caif_netlink_parms(): no params data found
[  110.042304][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.053085][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.061322][ T5943] bridge_slave_0: entered allmulticast mode
[  110.069887][ T5943] bridge_slave_0: entered promiscuous mode
[  110.092639][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.100421][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.107712][ T5943] bridge_slave_1: entered allmulticast mode
[  110.118896][ T5943] bridge_slave_1: entered promiscuous mode
[  110.553464][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.580244][ T5897] Bluetooth: hci0: command tx timeout
[  110.582426][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.690828][ T5943] team0: Port device team_slave_0 added
[  110.709003][ T5943] team0: Port device team_slave_1 added
[  110.888377][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.895605][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.926579][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.964567][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.976602][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  111.007670][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.167137][ T5943] hsr_slave_0: entered promiscuous mode
[  111.182244][ T5943] hsr_slave_1: entered promiscuous mode
[  112.074255][ T5943] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  112.086818][ T5943] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  112.098988][ T5943] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  112.114082][ T5943] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  112.242258][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.271269][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[  112.288800][ T1155] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.296093][ T1155] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.317635][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.324901][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.652214][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[  112.659801][ T5897] Bluetooth: hci0: command tx timeout
[  112.726385][ T5943] veth0_vlan: entered promiscuous mode
[  112.746733][ T5943] veth1_vlan: entered promiscuous mode
[  112.792540][ T5943] veth0_macvtap: entered promiscuous mode
[  112.803964][ T5943] veth1_macvtap: entered promiscuous mode
[  112.830703][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[  112.850481][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[  112.870200][   T60] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.888077][   T60] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.918077][   T60] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.939312][   T60] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.003091][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.029520][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.077527][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.087389][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.186585][ T6037] FAULT_INJECTION: forcing a failure.
[  113.186585][ T6037] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  113.186636][ T6037] CPU: 1 UID: 0 PID: 6037 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  113.186670][ T6037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  113.186686][ T6037] Call Trace:
[  113.186695][ T6037]  <TASK>
[  113.186706][ T6037]  dump_stack_lvl+0x16c/0x1f0
[  113.186748][ T6037]  should_fail_ex+0x512/0x640
[  113.186796][ T6037]  should_fail_alloc_page+0xe7/0x130
[  113.186836][ T6037]  prepare_alloc_pages+0x3c2/0x610
[  113.186878][ T6037]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  113.186911][ T6037]  ? __lock_acquire+0x622/0x1c90
[  113.186959][ T6037]  ? __lock_acquire+0x622/0x1c90
[  113.187002][ T6037]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  113.187041][ T6037]  ? __kasan_check_byte+0x13/0x50
[  113.187087][ T6037]  ? unwind_next_frame+0x3f4/0x20a0
[  113.187127][ T6037]  ? rcu_is_watching+0x12/0xc0
[  113.187163][ T6037]  ? __kasan_check_byte+0x13/0x50
[  113.187197][ T6037]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  113.187248][ T6037]  ? policy_nodemask+0xea/0x4e0
[  113.187292][ T6037]  alloc_pages_mpol+0x1fb/0x550
[  113.187334][ T6037]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  113.187369][ T6037]  ? kernel_text_address+0x8d/0x100
[  113.187396][ T6037]  ? __kernel_text_address+0xd/0x40
[  113.187422][ T6037]  ? unwind_get_return_address+0x59/0xa0
[  113.187453][ T6037]  ? __bfs+0x148/0x290
[  113.187490][ T6037]  ___kmalloc_large_node+0xed/0x160
[  113.187537][ T6037]  __kmalloc_large_node_noprof+0x1c/0x70
[  113.187583][ T6037]  __kmalloc_noprof.cold+0xc/0x62
[  113.187623][ T6037]  ? __pfx_stack_trace_save+0x10/0x10
[  113.187657][ T6037]  ? vc_do_resize+0x1de/0x10e0
[  113.187692][ T6037]  ? vc_do_resize+0x1de/0x10e0
[  113.187718][ T6037]  ? is_console_locked+0x9/0x20
[  113.187752][ T6037]  vc_do_resize+0x1de/0x10e0
[  113.187786][ T6037]  ? fb_match_mode+0x2a1/0x350
[  113.187818][ T6037]  ? __pfx_fb_match_mode+0x10/0x10
[  113.187852][ T6037]  ? __pfx_vc_do_resize+0x10/0x10
[  113.187881][ T6037]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  113.187941][ T6037]  fbcon_modechanged+0x334/0x6b0
[  113.187991][ T6037]  rotate_store+0x258/0x2f0
[  113.188032][ T6037]  ? __pfx_rotate_store+0x10/0x10
[  113.188071][ T6037]  dev_attr_store+0x58/0x80
[  113.188123][ T6037]  ? __pfx_dev_attr_store+0x10/0x10
[  113.188164][ T6037]  sysfs_kf_write+0xf2/0x150
[  113.188203][ T6037]  kernfs_fop_write_iter+0x3af/0x570
[  113.188230][ T6037]  ? __pfx_sysfs_kf_write+0x10/0x10
[  113.188267][ T6037]  vfs_write+0x7d3/0x11d0
[  113.188302][ T6037]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  113.188338][ T6037]  ? __pfx_vfs_write+0x10/0x10
[  113.188375][ T6037]  ? __pfx_do_sys_openat2+0x10/0x10
[  113.188415][ T6037]  ? find_held_lock+0x2b/0x80
[  113.188467][ T6037]  ksys_write+0x12a/0x250
[  113.188499][ T6037]  ? __pfx_ksys_write+0x10/0x10
[  113.188545][ T6037]  do_syscall_64+0xcd/0xfa0
[  113.188585][ T6037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.188615][ T6037] RIP: 0033:0x7fd04158f6c9
[  113.188638][ T6037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.188665][ T6037] RSP: 002b:00007fff34de0398 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  113.188692][ T6037] RAX: ffffffffffffffda RBX: 00007fd0417e5fa0 RCX: 00007fd04158f6c9
[  113.188711][ T6037] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000003
[  113.188727][ T6037] RBP: 00007fff34de03f0 R08: 0000000000000000 R09: 0000000000000000
[  113.188744][ T6037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.188761][ T6037] R13: 00007fd0417e5fa0 R14: 00007fd0417e5fa0 R15: 0000000000000003
[  113.188808][ T6037]  </TASK>
[  113.234414][ T6037] ==================================================================
[  113.234432][ T6037] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60
[  113.234473][ T6037] Write of size 8 at addr ffffc90003749fc0 by task syz.0.17/6037
[  113.234497][ T6037] 
[  113.234510][ T6037] CPU: 0 UID: 0 PID: 6037 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  113.234542][ T6037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  113.234558][ T6037] Call Trace:
[  113.234567][ T6037]  <TASK>
[  113.234578][ T6037]  dump_stack_lvl+0x116/0x1f0
[  113.234613][ T6037]  print_report+0xcd/0x630
[  113.234649][ T6037]  ? __virt_addr_valid+0x81/0x610
[  113.234689][ T6037]  ? sys_imageblit+0x1a6f/0x1e60
[  113.234720][ T6037]  kasan_report+0xe0/0x110
[  113.234757][ T6037]  ? sys_imageblit+0x1a6f/0x1e60
[  113.234794][ T6037]  sys_imageblit+0x1a6f/0x1e60
[  113.234831][ T6037]  ? __pfx_sys_imageblit+0x10/0x10
[  113.234861][ T6037]  ? __mutex_trylock_common+0xe9/0x250
[  113.234902][ T6037]  ? __pfx___mutex_trylock_common+0x10/0x10
[  113.234941][ T6037]  ? __pfx___might_resched+0x10/0x10
[  113.234972][ T6037]  ? rcu_is_watching+0x12/0xc0
[  113.235002][ T6037]  ? trace_contention_end+0xdd/0x130
[  113.235043][ T6037]  ? drm_fb_helper_setcmap+0x117/0x1010
[  113.235088][ T6037]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  113.235120][ T6037]  cw_putcs+0x917/0xbb0
[  113.235157][ T6037]  ? __pfx_cw_putcs+0x10/0x10
[  113.235188][ T6037]  ? fb_get_color_depth+0x120/0x250
[  113.235228][ T6037]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  113.235278][ T6037]  ? __pfx_cw_putcs+0x10/0x10
[  113.235303][ T6037]  fbcon_putcs+0x387/0x450
[  113.235344][ T6037]  do_update_region+0x2e9/0x3f0
[  113.235397][ T6037]  redraw_screen+0x63f/0x760
[  113.235425][ T6037]  ? __pfx_redraw_screen+0x10/0x10
[  113.235453][ T6037]  ? fbcon_set_palette+0x401/0x5f0
[  113.235494][ T6037]  fbcon_modechanged+0x456/0x6b0
[  113.235537][ T6037]  rotate_store+0x258/0x2f0
[  113.235575][ T6037]  ? __pfx_rotate_store+0x10/0x10
[  113.235613][ T6037]  dev_attr_store+0x58/0x80
[  113.235654][ T6037]  ? __pfx_dev_attr_store+0x10/0x10
[  113.235694][ T6037]  sysfs_kf_write+0xf2/0x150
[  113.235728][ T6037]  kernfs_fop_write_iter+0x3af/0x570
[  113.235753][ T6037]  ? __pfx_sysfs_kf_write+0x10/0x10
[  113.235785][ T6037]  vfs_write+0x7d3/0x11d0
[  113.235817][ T6037]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  113.235846][ T6037]  ? __pfx_vfs_write+0x10/0x10
[  113.235877][ T6037]  ? __pfx_do_sys_openat2+0x10/0x10
[  113.235918][ T6037]  ? find_held_lock+0x2b/0x80
[  113.235955][ T6037]  ksys_write+0x12a/0x250
[  113.235986][ T6037]  ? __pfx_ksys_write+0x10/0x10
[  113.236021][ T6037]  do_syscall_64+0xcd/0xfa0
[  113.236057][ T6037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.236085][ T6037] RIP: 0033:0x7fd04158f6c9
[  113.236108][ T6037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.236135][ T6037] RSP: 002b:00007fff34de0398 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  113.236162][ T6037] RAX: ffffffffffffffda RBX: 00007fd0417e5fa0 RCX: 00007fd04158f6c9
[  113.236181][ T6037] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000003
[  113.236197][ T6037] RBP: 00007fff34de03f0 R08: 0000000000000000 R09: 0000000000000000
[  113.236214][ T6037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.236231][ T6037] R13: 00007fd0417e5fa0 R14: 00007fd0417e5fa0 R15: 0000000000000003
[  113.236260][ T6037]  </TASK>
[  113.236270][ T6037] 
[  113.236278][ T6037] The buggy address belongs to a vmalloc virtual mapping
[  113.236297][ T6037] Memory state around the buggy address:
[  113.236311][ T6037]  ffffc90003749e80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  113.236331][ T6037]  ffffc90003749f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  113.236350][ T6037] >ffffc90003749f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  113.236373][ T6037]                                            ^
[  113.236389][ T6037]  ffffc9000374a000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  113.236409][ T6037]  ffffc9000374a080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  113.236424][ T6037] ==================================================================
[  113.236438][ T6037] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  113.236455][ T6037] CPU: 0 UID: 0 PID: 6037 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  113.236487][ T6037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  113.236504][ T6037] Call Trace:
[  113.236513][ T6037]  <TASK>
[  113.236524][ T6037]  dump_stack_lvl+0x3d/0x1f0
[  113.236557][ T6037]  vpanic+0x640/0x6f0
[  113.236598][ T6037]  panic+0xca/0xd0
[  113.236637][ T6037]  ? __pfx_panic+0x10/0x10
[  113.236682][ T6037]  ? check_panic_on_warn+0x1f/0xb0
[  113.236724][ T6037]  check_panic_on_warn+0xab/0xb0
[  113.236766][ T6037]  end_report+0x107/0x170
[  113.236801][ T6037]  kasan_report+0xee/0x110
[  113.236838][ T6037]  ? sys_imageblit+0x1a6f/0x1e60
[  113.236876][ T6037]  sys_imageblit+0x1a6f/0x1e60
[  113.236913][ T6037]  ? __pfx_sys_imageblit+0x10/0x10
[  113.236945][ T6037]  ? __mutex_trylock_common+0xe9/0x250
[  113.236985][ T6037]  ? __pfx___mutex_trylock_common+0x10/0x10
[  113.237025][ T6037]  ? __pfx___might_resched+0x10/0x10
[  113.237056][ T6037]  ? rcu_is_watching+0x12/0xc0
[  113.237085][ T6037]  ? trace_contention_end+0xdd/0x130
[  113.237126][ T6037]  ? drm_fb_helper_setcmap+0x117/0x1010
[  113.237169][ T6037]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  113.237202][ T6037]  cw_putcs+0x917/0xbb0
[  113.237240][ T6037]  ? __pfx_cw_putcs+0x10/0x10
[  113.237272][ T6037]  ? fb_get_color_depth+0x120/0x250
[  113.237310][ T6037]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  113.237368][ T6037]  ? __pfx_cw_putcs+0x10/0x10
[  113.237396][ T6037]  fbcon_putcs+0x387/0x450
[  113.237438][ T6037]  do_update_region+0x2e9/0x3f0
[  113.237483][ T6037]  redraw_screen+0x63f/0x760
[  113.237513][ T6037]  ? __pfx_redraw_screen+0x10/0x10
[  113.237543][ T6037]  ? fbcon_set_palette+0x401/0x5f0
[  113.237585][ T6037]  fbcon_modechanged+0x456/0x6b0
[  113.237630][ T6037]  rotate_store+0x258/0x2f0
[  113.237670][ T6037]  ? __pfx_rotate_store+0x10/0x10
[  113.237709][ T6037]  dev_attr_store+0x58/0x80
[  113.237749][ T6037]  ? __pfx_dev_attr_store+0x10/0x10
[  113.237791][ T6037]  sysfs_kf_write+0xf2/0x150
[  113.237824][ T6037]  kernfs_fop_write_iter+0x3af/0x570
[  113.237850][ T6037]  ? __pfx_sysfs_kf_write+0x10/0x10
[  113.237884][ T6037]  vfs_write+0x7d3/0x11d0
[  113.237917][ T6037]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  113.237948][ T6037]  ? __pfx_vfs_write+0x10/0x10
[  113.237983][ T6037]  ? __pfx_do_sys_openat2+0x10/0x10
[  113.238024][ T6037]  ? find_held_lock+0x2b/0x80
[  113.238063][ T6037]  ksys_write+0x12a/0x250
[  113.238094][ T6037]  ? __pfx_ksys_write+0x10/0x10
[  113.238132][ T6037]  do_syscall_64+0xcd/0xfa0
[  113.238168][ T6037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.238197][ T6037] RIP: 0033:0x7fd04158f6c9
[  113.238218][ T6037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.238245][ T6037] RSP: 002b:00007fff34de0398 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  113.238272][ T6037] RAX: ffffffffffffffda RBX: 00007fd0417e5fa0 RCX: 00007fd04158f6c9
[  113.238291][ T6037] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000003
[  113.238308][ T6037] RBP: 00007fff34de03f0 R08: 0000000000000000 R09: 0000000000000000
[  113.238326][ T6037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.238344][ T6037] R13: 00007fd0417e5fa0 R14: 00007fd0417e5fa0 R15: 0000000000000003
[  113.238385][ T6037]  </TASK>
[  113.239369][ T6037] Kernel Offset: disabled