Warning: Permanently added '10.128.1.23' (ECDSA) to the list of known hosts. 2020/05/31 11:34:37 parsed 1 programs 2020/05/31 11:34:37 executed programs: 0 [ 40.719460] audit: type=1400 audit(1590924877.931:10): avc: denied { execmem } for pid=6413 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 40.988499] IPVS: ftp: loaded support on port[0] = 21 [ 41.755371] IPVS: ftp: loaded support on port[0] = 21 [ 41.819900] chnl_net:caif_netlink_parms(): no params data found [ 41.871197] IPVS: ftp: loaded support on port[0] = 21 [ 41.888834] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.895195] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.903238] device bridge_slave_0 entered promiscuous mode [ 41.929570] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.935928] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.943260] device bridge_slave_1 entered promiscuous mode [ 41.961356] chnl_net:caif_netlink_parms(): no params data found [ 41.975957] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 41.992643] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.023107] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.030675] team0: Port device team_slave_0 added [ 42.044407] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.052476] IPVS: ftp: loaded support on port[0] = 21 [ 42.054021] team0: Port device team_slave_1 added [ 42.063634] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.070868] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.077872] device bridge_slave_0 entered promiscuous mode [ 42.085975] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.092492] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.099732] device bridge_slave_1 entered promiscuous mode [ 42.106043] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.121727] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.139092] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.153373] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.180150] device hsr_slave_0 entered promiscuous mode [ 42.217498] device hsr_slave_1 entered promiscuous mode [ 42.262929] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.279371] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.286432] team0: Port device team_slave_0 added [ 42.291775] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.304547] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.311973] team0: Port device team_slave_1 added [ 42.326105] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.353649] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.395562] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.402032] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.408930] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.415701] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.426514] IPVS: ftp: loaded support on port[0] = 21 [ 42.489280] device hsr_slave_0 entered promiscuous mode [ 42.527305] device hsr_slave_1 entered promiscuous mode [ 42.567293] chnl_net:caif_netlink_parms(): no params data found [ 42.608607] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.643821] chnl_net:caif_netlink_parms(): no params data found [ 42.659633] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.715130] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.721503] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.728158] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.734500] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.750449] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.756797] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.765407] device bridge_slave_0 entered promiscuous mode [ 42.772574] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.779162] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.785962] device bridge_slave_1 entered promiscuous mode [ 42.812261] IPVS: ftp: loaded support on port[0] = 21 [ 42.823930] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.841746] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.848434] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.855236] device bridge_slave_0 entered promiscuous mode [ 42.863974] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.870902] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.878156] device bridge_slave_1 entered promiscuous mode [ 42.884897] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.906980] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.914152] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.921739] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.928686] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.960625] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.967831] team0: Port device team_slave_0 added [ 42.974235] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.983032] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.006549] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 43.014675] team0: Port device team_slave_1 added [ 43.021527] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 43.069081] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.078153] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.084409] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 43.096542] chnl_net:caif_netlink_parms(): no params data found [ 43.111981] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.119392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.127698] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.200363] device hsr_slave_0 entered promiscuous mode [ 43.227036] device hsr_slave_1 entered promiscuous mode [ 43.271288] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 43.283759] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.294699] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 43.308446] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.314622] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.323615] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.335684] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.342764] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.356105] device bridge_slave_0 entered promiscuous mode [ 43.362722] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 43.372073] team0: Port device team_slave_0 added [ 43.378631] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.387495] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.396358] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.402732] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.409711] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.416086] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.423140] device bridge_slave_1 entered promiscuous mode [ 43.435783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.443505] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.451759] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.458146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.465028] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.472581] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.479717] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 43.486819] team0: Port device team_slave_1 added [ 43.492237] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 43.509857] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.517969] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.525786] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.534986] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.541462] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.548963] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.556032] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 43.564611] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.572464] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.578844] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.585977] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 43.603446] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.612325] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.658890] device hsr_slave_0 entered promiscuous mode [ 43.707050] device hsr_slave_1 entered promiscuous mode [ 43.749121] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 43.771136] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.799035] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 43.828901] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 43.837573] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.845247] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.851634] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.860000] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 43.869437] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 43.885110] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.892339] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 43.899842] team0: Port device team_slave_0 added [ 43.910361] chnl_net:caif_netlink_parms(): no params data found [ 43.922109] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 43.929736] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 43.939346] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 43.950165] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 43.958343] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 43.965327] team0: Port device team_slave_1 added [ 43.976237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 43.984200] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 43.993587] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.003924] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.021978] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.030290] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.041661] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.050035] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.058210] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.072982] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.079836] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.088273] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.095616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.103475] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.111589] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.119991] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.138143] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.144497] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.151998] device bridge_slave_0 entered promiscuous mode [ 44.158813] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.165136] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.172430] device bridge_slave_1 entered promiscuous mode [ 44.179799] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.188461] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.198189] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.238547] device hsr_slave_0 entered promiscuous mode [ 44.276621] device hsr_slave_1 entered promiscuous mode [ 44.317043] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 44.324336] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 44.342599] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.349568] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.357577] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.364979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.372447] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.381569] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 44.394034] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.407382] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 44.415876] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 44.427409] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.435370] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 44.446925] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 44.453039] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 44.460482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.469072] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.476891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.484542] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.492956] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 44.499093] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 44.531325] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 44.551085] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.558791] team0: Port device team_slave_0 added [ 44.564224] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.572978] team0: Port device team_slave_1 added [ 44.581968] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 44.592933] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 44.600842] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.608975] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 44.622891] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 44.629733] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 44.637209] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.699230] device hsr_slave_0 entered promiscuous mode [ 44.736509] device hsr_slave_1 entered promiscuous mode [ 44.776930] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 44.783326] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 44.796928] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.805732] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 44.815900] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 44.822930] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 44.841754] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.849976] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.860454] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.875759] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.885487] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.895747] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 44.909036] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.917801] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.927740] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 44.935725] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 44.945430] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 44.952348] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.959981] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.966999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.973880] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.981117] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.994363] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 45.007688] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 45.013756] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.022902] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.030708] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.039369] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 45.045444] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.052712] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.061408] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.073394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 45.082950] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 45.092228] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.098633] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.112066] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 45.112464] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 45.112733] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.112760] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.113351] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 45.113664] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 45.118052] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.166108] ================================================================== [ 45.166133] BUG: KASAN: global-out-of-bounds in fb_pad_aligned_buffer+0xd3/0x130 [ 45.166139] Read of size 1 at addr ffffffff87061436 by task syz-executor.2/7309 [ 45.166141] [ 45.166147] CPU: 1 PID: 7309 Comm: syz-executor.2 Not tainted 4.14.182-syzkaller #0 [ 45.166150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.166154] Call Trace: [ 45.166163] dump_stack+0xf7/0x13b [ 45.166169] ? fb_pad_aligned_buffer+0xd3/0x130 [ 45.166177] print_address_description.cold.7+0x135/0x1c9 [ 45.166183] ? fb_pad_aligned_buffer+0xd3/0x130 [ 45.166188] kasan_report.cold.8+0x11a/0x2d3 [ 45.166196] __asan_report_load1_noabort+0x14/0x20 [ 45.166201] fb_pad_aligned_buffer+0xd3/0x130 [ 45.166212] bit_putcs+0x798/0xdc0 [ 45.166229] ? bit_update_start+0x1f0/0x1f0 [ 45.166240] ? fb_get_color_depth+0x49/0x60 [ 45.166248] fbcon_putcs+0x2fb/0x5a0 [ 45.166255] ? bit_update_start+0x1f0/0x1f0 [ 45.166263] do_update_region+0x304/0x630 [ 45.166269] ? fb_set_cmap+0x34e/0x550 [ 45.166277] ? con_get_trans_old+0x200/0x200 [ 45.166292] redraw_screen+0x50e/0x7f0 [ 45.166297] ? bit_bmove+0x200/0x200 [ 45.166303] ? con_flush_chars+0x60/0x60 [ 45.166315] fbcon_do_set_font+0x656/0xa30 [ 45.166323] ? lock_acquire+0x173/0x400 [ 45.166338] fbcon_copy_font+0x116/0x1a0 [ 45.166346] con_font_op+0x219/0x1020 [ 45.166351] ? __might_fault+0xf1/0x1b0 [ 45.166356] ? lock_downgrade+0x7f0/0x7f0 [ 45.166362] ? con_write+0x80/0x80 [ 45.166373] ? kasan_check_write+0x14/0x20 [ 45.166380] vt_ioctl+0x9da/0x21f0 [ 45.166385] ? find_held_lock+0x36/0x1d0 [ 45.166390] ? complete_change_console+0x300/0x300 [ 45.166399] ? avc_has_extended_perms+0x477/0x1100 [ 45.166405] ? lock_downgrade+0x7f0/0x7f0 [ 45.166423] ? do_futex+0x56d/0x17f0 [ 45.166431] tty_ioctl+0x434/0x1260 [ 45.166436] ? avc_ss_reset+0xd0/0xd0 [ 45.166442] ? tty_vhangup+0x20/0x20 [ 45.166447] ? __lock_acquire+0x6a4/0x4500 [ 45.166452] ? trace_hardirqs_on+0x10/0x10 [ 45.166458] ? trace_hardirqs_off+0x10/0x10 [ 45.166478] ? __might_sleep+0x93/0xb0 [ 45.166489] do_vfs_ioctl+0x180/0xfb0 [ 45.166494] ? __fget+0x1ad/0x2f0 [ 45.166501] ? ioctl_preallocate+0x1a0/0x1a0 [ 45.166511] ? __fget+0x1ca/0x2f0 [ 45.166526] ? security_file_ioctl+0x6a/0xa0 [ 45.166531] ? SyS_clock_settime+0x1a0/0x1a0 [ 45.166535] ? security_file_ioctl+0x6a/0xa0 [ 45.166541] SyS_ioctl+0x74/0x80 [ 45.166548] ? do_vfs_ioctl+0xfb0/0xfb0 [ 45.166554] do_syscall_64+0x1c7/0x5b0 [ 45.166559] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 45.166570] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 45.166575] RIP: 0033:0x45a6f9 [ 45.166578] RSP: 002b:00007f401d3b9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 45.166585] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a6f9 [ 45.166588] RDX: 0000000020000000 RSI: 0000000000004b72 RDI: 0000000000000004 [ 45.166591] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 45.166594] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f401d3ba6d4 [ 45.166597] R13: 00000000004c382b R14: 00000000004d8d78 R15: 00000000ffffffff [ 45.166609] [ 45.166611] The buggy address belongs to the variable: [ 45.166617] oid_index+0x76/0x9a0 [ 45.166618] [ 45.166620] Memory state around the buggy address: [ 45.166626] ffffffff87061300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 45.166629] ffffffff87061380: 00 00 00 05 fa fa fa fa 00 00 00 00 00 00 00 00 [ 45.166633] >ffffffff87061400: 00 00 00 00 00 00 06 fa fa fa fa fa 00 02 fa fa [ 45.166636] ^ [ 45.166640] ffffffff87061480: fa fa fa fa 00 01 fa fa fa fa fa fa 00 00 02 fa [ 45.166643] ffffffff87061500: fa fa fa fa 00 03 fa fa fa fa fa fa 07 fa fa fa [ 45.166645] ================================================================== [ 45.166647] Disabling lock debugging due to kernel taint [ 45.166915] Kernel panic - not syncing: panic_on_warn set ... [ 45.166915] [ 45.166920] CPU: 1 PID: 7309 Comm: syz-executor.2 Tainted: G B 4.14.182-syzkaller #0 [ 45.166922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.166924] Call Trace: [ 45.166930] dump_stack+0xf7/0x13b [ 45.166936] ? fb_pad_aligned_buffer+0xd3/0x130 [ 45.166941] panic+0x1b0/0x358 [ 45.166945] ? add_taint.cold.5+0x11/0x11 [ 45.166953] ? fb_pad_aligned_buffer+0xd3/0x130 [ 45.166957] kasan_end_report+0x47/0x4f [ 45.166961] kasan_report.cold.8+0x76/0x2d3 [ 45.166967] __asan_report_load1_noabort+0x14/0x20 [ 45.166971] fb_pad_aligned_buffer+0xd3/0x130 [ 45.166977] bit_putcs+0x798/0xdc0 [ 45.166987] ? bit_update_start+0x1f0/0x1f0 [ 45.166994] ? fb_get_color_depth+0x49/0x60 [ 45.166999] fbcon_putcs+0x2fb/0x5a0 [ 45.167004] ? bit_update_start+0x1f0/0x1f0 [ 45.167009] do_update_region+0x304/0x630 [ 45.167013] ? fb_set_cmap+0x34e/0x550 [ 45.167019] ? con_get_trans_old+0x200/0x200 [ 45.167028] redraw_screen+0x50e/0x7f0 [ 45.167031] ? bit_bmove+0x200/0x200 [ 45.167036] ? con_flush_chars+0x60/0x60 [ 45.167043] fbcon_do_set_font+0x656/0xa30 [ 45.167048] ? lock_acquire+0x173/0x400 [ 45.167054] fbcon_copy_font+0x116/0x1a0 [ 45.167059] con_font_op+0x219/0x1020 [ 45.167062] ? __might_fault+0xf1/0x1b0 [ 45.167067] ? lock_downgrade+0x7f0/0x7f0 [ 45.167070] ? con_write+0x80/0x80 [ 45.167078] ? kasan_check_write+0x14/0x20 [ 45.167083] vt_ioctl+0x9da/0x21f0 [ 45.167087] ? find_held_lock+0x36/0x1d0 [ 45.167091] ? complete_change_console+0x300/0x300 [ 45.167099] ? avc_has_extended_perms+0x477/0x1100 [ 45.167104] ? lock_downgrade+0x7f0/0x7f0 [ 45.167112] ? do_futex+0x56d/0x17f0 [ 45.167117] tty_ioctl+0x434/0x1260 [ 45.167121] ? avc_ss_reset+0xd0/0xd0 [ 45.167125] ? tty_vhangup+0x20/0x20 [ 45.167128] ? __lock_acquire+0x6a4/0x4500 [ 45.167133] ? trace_hardirqs_on+0x10/0x10 [ 45.167137] ? trace_hardirqs_off+0x10/0x10 [ 45.167148] ? __might_sleep+0x93/0xb0 [ 45.167155] do_vfs_ioctl+0x180/0xfb0 [ 45.167159] ? __fget+0x1ad/0x2f0 [ 45.167164] ? ioctl_preallocate+0x1a0/0x1a0 [ 45.167170] ? __fget+0x1ca/0x2f0 [ 45.167176] ? security_file_ioctl+0x6a/0xa0 [ 45.167179] ? SyS_clock_settime+0x1a0/0x1a0 [ 45.167183] ? security_file_ioctl+0x6a/0xa0 [ 45.167187] SyS_ioctl+0x74/0x80 [ 45.167192] ? do_vfs_ioctl+0xfb0/0xfb0 [ 45.167196] do_syscall_64+0x1c7/0x5b0 [ 45.167200] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 45.167206] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 45.167209] RIP: 0033:0x45a6f9 [ 45.167211] RSP: 002b:00007f401d3b9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 45.167215] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a6f9 [ 45.167218] RDX: 0000000020000000 RSI: 0000000000004b72 RDI: 0000000000000004 [ 45.167220] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 45.167222] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f401d3ba6d4 [ 45.167224] R13: 00000000004c382b R14: 00000000004d8d78 R15: 00000000ffffffff [ 45.167893] Kernel Offset: disabled [ 45.837569] Rebooting in 86400 seconds..