device gre0 entered promiscuous mode
==================================================================
BUG: KASAN: stack-out-of-bounds in iov_iter_advance+0x406/0x490 /syzkaller/managers/android-44-kasan-gce/kernel/lib/iov_iter.c:491 at addr ffff8800b8a2fd48
Read of size 8 by task syzkaller147879/3324
page:ffffea0002e28bc0 count:0 mapcount:0 mapping:          (null) index:0x0
flags: 0x4000000000000000()
page dumped because: kasan: bad access detected
CPU: 1 PID: 3324 Comm: syzkaller147879 Not tainted 4.4.104-ged884eb #2
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 e0f28c3d166fbdbc ffff8800b8a2f978 ffffffff81cc9b0f
 ffffed0017145fa9 ffffed0017145fa9 ffff8800b8a2fa00 ffffffff814db3d5
 0000000000000001 ffff8800b8a2fc4a ffffffff81d03d36 0000000000000286
Call Trace:
 [<ffffffff81cc9b0f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b0f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff814db3d5>] print_address_description /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:151 [inline]
 [<ffffffff814db3d5>] kasan_report_error /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:237 [inline]
 [<ffffffff814db3d5>] kasan_report.part.2+0x445/0x530 /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:262
 [<ffffffff814db579>] kasan_report /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:283 [inline]
 [<ffffffff814db579>] __asan_report_load8_noabort+0x29/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:283
 [<ffffffff81d03d36>] iov_iter_advance+0x406/0x490 /syzkaller/managers/android-44-kasan-gce/kernel/lib/iov_iter.c:491
 [<ffffffff825fea0d>] tun_put_user /syzkaller/managers/android-44-kasan-gce/kernel/drivers/net/tun.c:1369 [inline]
 [<ffffffff825fea0d>] tun_do_read+0x6cd/0x10b0 /syzkaller/managers/android-44-kasan-gce/kernel/drivers/net/tun.c:1421
 [<ffffffff82601df6>] tun_chr_read_iter+0xd6/0x1e0 /syzkaller/managers/android-44-kasan-gce/kernel/drivers/net/tun.c:1439
 [<ffffffff814f6f0e>] new_sync_read /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:422 [inline]
 [<ffffffff814f6f0e>] __vfs_read+0x29e/0x3e0 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:434
 [<ffffffff814f89e1>] vfs_read+0xe1/0x340 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:454
 [<ffffffff814fb353>] SYSC_read /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:569 [inline]
 [<ffffffff814fb353>] SyS_read+0xd3/0x1c0 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:562
 [<ffffffff8374b236>] entry_SYSCALL_64_fastpath+0x16/0x76
Memory state around the buggy address:
 ffff8800b8a2fc00: 04 f2 f2 f2 f2 f2 f2 f2 00 02 f2 f2 00 00 00 00
 ffff8800b8a2fc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff8800b8a2fd00: 00 00 f1 f1 f1 f1 00 00 f2 f2 f2 f2 f2 f2 00 00
                                              ^
 ffff8800b8a2fd80: 00 00 00 f2 f2 f2 f2 f2 f2 f2 00 00 00 00 00 f2
 ffff8800b8a2fe00: f2 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00
==================================================================