BUG: unable to handle kernel paging request at ffffc9000d047340 PGD 13be43067 P4D 13be43067 PUD 23b831067 PMD 994c0067 PTE 0 Oops: 0002 [#1] PREEMPT SMP KASAN CPU: 1 PID: 13978 Comm: vivid-002-vid-c Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 RIP: 0010:memcpy_erms+0x6/0x10 arch/x86/lib/memcpy_64.S:55 Code: eb 88 90 90 eb 1e 0f 1f 00 48 89 f8 48 89 d1 48 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 c3 66 0f 1f 44 00 00 48 89 f8 48 89 d1 a4 c3 0f 1f 80 00 00 00 00 48 89 f8 48 83 fa 20 72 7e 40 38 fe RSP: 0018:ffff888036f17838 EFLAGS: 00010246 RAX: ffffc9000d047340 RBX: 0000000000000020 RCX: 0000000000000020 RDX: 0000000000000020 RSI: ffffc900026d5000 RDI: ffffc9000d047340 RBP: ffffc900026d5000 R08: 0000000000000001 R09: fffff52001a08e6b R10: ffffc9000d04735f R11: ffff888237a96a60 R12: 0000000000000000 R13: dffffc0000000000 R14: ffffc9000d047340 R15: ffff888237a956a0 FS: 0000000000000000(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffc9000d047340 CR3: 0000000051b93000 CR4: 00000000003406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: memcpy include/linux/string.h:377 [inline] tpg_fill_plane_pattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2358 [inline] tpg_fill_plane_buffer+0x1188/0x2ff0 drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2446 vivid_fillbuff+0x17b8/0x6560 drivers/media/platform/vivid/vivid-kthread-cap.c:473 vivid_thread_vid_cap_tick drivers/media/platform/vivid/vivid-kthread-cap.c:707 [inline] vivid_thread_vid_cap+0x98f/0x2140 drivers/media/platform/vivid/vivid-kthread-cap.c:809 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 Modules linked in: CR2: ffffc9000d047340 ---[ end trace b7a977b5d4bcc8c4 ]--- RIP: 0010:memcpy_erms+0x6/0x10 arch/x86/lib/memcpy_64.S:55 Code: eb 88 90 90 eb 1e 0f 1f 00 48 89 f8 48 89 d1 48 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 c3 66 0f 1f 44 00 00 48 89 f8 48 89 d1 a4 c3 0f 1f 80 00 00 00 00 48 89 f8 48 83 fa 20 72 7e 40 38 fe RSP: 0018:ffff888036f17838 EFLAGS: 00010246 RAX: ffffc9000d047340 RBX: 0000000000000020 RCX: 0000000000000020 RDX: 0000000000000020 RSI: ffffc900026d5000 RDI: ffffc9000d047340 RBP: ffffc900026d5000 R08: 0000000000000001 R09: fffff52001a08e6b R10: ffffc9000d04735f R11: ffff888237a96a60 R12: 0000000000000000 R13: dffffc0000000000 R14: ffffc9000d047340 R15: ffff888237a956a0 FS: 0000000000000000(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffc9000d047340 CR3: 0000000051b93000 CR4: 00000000003406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: eb 88 jmp 0xffffff8a 2: 90 nop 3: 90 nop 4: eb 1e jmp 0x24 6: 0f 1f 00 nopl (%rax) 9: 48 89 f8 mov %rdi,%rax c: 48 89 d1 mov %rdx,%rcx f: 48 c1 e9 03 shr $0x3,%rcx 13: 83 e2 07 and $0x7,%edx 16: f3 48 a5 rep movsq %ds:(%rsi),%es:(%rdi) 19: 89 d1 mov %edx,%ecx 1b: f3 a4 rep movsb %ds:(%rsi),%es:(%rdi) 1d: c3 retq 1e: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1) 24: 48 89 f8 mov %rdi,%rax 27: 48 89 d1 mov %rdx,%rcx * 2a: f3 a4 rep movsb %ds:(%rsi),%es:(%rdi) <-- trapping instruction 2c: c3 retq 2d: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 34: 48 89 f8 mov %rdi,%rax 37: 48 83 fa 20 cmp $0x20,%rdx 3b: 72 7e jb 0xbb 3d: 40 38 fe cmp %dil,%sil