sg_write: data in/out 2127708969/3 bytes for SCSI command 0xe3-- guessing data in;
program syz-executor6 not setting count and/or reply_len properly
==================================================================
BUG: KASAN: wild-memory-access on address ffe708745053f000
Read of size 113 by task syz-executor6/6368
CPU: 1 PID: 6368 Comm: syz-executor6 Not tainted 4.9.54-g34e23de #62
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
ffff8801a738fae8 ffffffff81d93659 ffe708745053f000 0000000000000071
0000000000000000[ 59.197807] device gre0 entered promiscuous mode
ffff8801c99a3000 ffe708745053f000 ffff8801a738fb70
ffffffff8153d48f 0000000000000000 0000000000000001 ffffffff826651bb
Call Trace:
[<ffffffff81d93659>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81d93659>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
[<ffffffff8153d48f>] kasan_report_error mm/kasan/report.c:284 [inline]
[<ffffffff8153d48f>] kasan_report.part.1+0x40f/0x500 mm/kasan/report.c:309
[<ffffffff8153d860>] kasan_report+0x20/0x30 mm/kasan/report.c:296
[<ffffffff8153c1a7>] check_memory_region_inline mm/kasan/kasan.c:308 [inline]
[<ffffffff8153c1a7>] check_memory_region+0x137/0x190 mm/kasan/kasan.c:315
[<ffffffff8153c211>] kasan_check_read+0x11/0x20 mm/kasan/kasan.c:320
[<ffffffff826651bb>] __copy_to_user arch/x86/include/asm/uaccess_64.h:182 [inline]
[<ffffffff826651bb>] sg_read_oxfer drivers/scsi/sg.c:1978 [inline]
[<ffffffff826651bb>] sg_read+0x124b/0x1400 drivers/scsi/sg.c:520
[<ffffffff8156d753>] __vfs_read+0x103/0x670 fs/read_write.c:452
[<ffffffff8156ece7>] vfs_read+0x107/0x330 fs/read_write.c:475
[<ffffffff815728c9>] SYSC_read fs/read_write.c:591 [inline]
[<ffffffff815728c9>] SyS_read+0xd9/0x1b0 fs/read_write.c:584
[<ffffffff838af185>] entry_SYSCALL_64_fastpath+0x23/0xc6
==================================================================
IPVS: Creating netns size=2536 id=16
IPVS: Creating netns size=2536 id=17
nla_parse: 3 callbacks suppressed
netlink: 5 bytes leftover after parsing attributes in process `syz-executor4'.
netlink: 3 bytes leftover after parsing attributes in process `syz-executor6'.
netlink: 3 bytes leftover after parsing attributes in process `syz-executor6'.
netlink: 5 bytes leftover after parsing attributes in process `syz-executor4'.
netlink: 3 bytes leftover after parsing attributes in process `syz-executor6'.
9pnet_virtio: no channels available for device ./file0
netlink: 3 bytes leftover after parsing attributes in process `syz-executor6'.
9pnet_virtio: no channels available for device ./file0
netlink: 1 bytes leftover after parsing attributes in process `syz-executor4'.
netlink: 1 bytes leftover after parsing attributes in process `syz-executor4'.
IPVS: Creating netns size=2536 id=18
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14917 sclass=netlink_route_socket pig=6581 comm=syz-executor4
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14917 sclass=netlink_route_socket pig=6581 comm=syz-executor4
netlink: 9 bytes leftover after parsing attributes in process `syz-executor0'.
A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
netlink: 9 bytes leftover after parsing attributes in process `syz-executor0'.
A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=6817 comm=syz-executor2
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=6817 comm=syz-executor2
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pig=6914 comm=syz-executor5
device syz6 entered promiscuous mode
9pnet_virtio: no channels available for device ./file0
9pnet_virtio: no channels available for device ./file0
device gre0 entered promiscuous mode