[] do_syscall_64+0x1a6/0x490 arch/x86/entry/common.c:282 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb IPv6: NLM_F_REPLACE set, but no existing node found! IPVS: Creating netns size=2536 id=66 ================================================================== BUG: KASAN: slab-out-of-bounds in pdu_read net/9p/protocol.c:59 [inline] BUG: KASAN: slab-out-of-bounds in p9pdu_vreadf net/9p/protocol.c:162 [inline] BUG: KASAN: slab-out-of-bounds in p9pdu_readf+0x535/0x1d50 net/9p/protocol.c:535 Read of size 65409 at addr ffff88019c4ec02d by task syz-executor6/27497 CPU: 0 PID: 27497 Comm: syz-executor6 Not tainted 4.9.116-g52be322 #17 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d53775a0 ffffffff81eb46a9 ffffea0006713b00 ffff88019c4ec02d 0000000000000000 ffff88019c4ee025 0000000081f1c21c ffff8801d53775d8 ffffffff81567d49 ffff88019c4ec02d 000000000000ff81 0000000000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description+0x6c/0x234 mm/kasan/report.c:256 [] kasan_report_error mm/kasan/report.c:355 [inline] [] kasan_report.cold.6+0x242/0x2fe mm/kasan/report.c:412 [] check_memory_region_inline mm/kasan/kasan.c:318 [inline] [] check_memory_region+0x14f/0x1b0 mm/kasan/kasan.c:325 [] memcpy+0x23/0x50 mm/kasan/kasan.c:360 [] pdu_read net/9p/protocol.c:59 [inline] [] p9pdu_vreadf net/9p/protocol.c:162 [inline] [] p9pdu_readf+0x535/0x1d50 net/9p/protocol.c:535 [] p9_client_version net/9p/client.c:960 [inline] [] p9_client_create+0xa3f/0x10a0 net/9p/client.c:1043 [] v9fs_session_init+0x333/0x13a0 fs/9p/v9fs.c:343 [] v9fs_mount+0x7d/0x810 fs/9p/vfs_super.c:130 [] mount_fs+0x28c/0x370 fs/super.c:1206 [] vfs_kern_mount.part.29+0xd1/0x3d0 fs/namespace.c:991 [] vfs_kern_mount fs/namespace.c:973 [inline] [] do_new_mount fs/namespace.c:2513 [inline] [] do_mount+0x3c9/0x2740 fs/namespace.c:2835 [] SYSC_mount fs/namespace.c:3051 [inline] [] SyS_mount+0xfe/0x110 fs/namespace.c:3028 [] do_syscall_64+0x1a6/0x490 arch/x86/entry/common.c:282 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb The buggy address belongs to the page: page:ffffea0006713b00 count:1 mapcount:0 mapping: (null) index:0x0 compound_mapcount: 0 flags: 0x8000000000004000(head) page dumped because: kasan: bad access detected Memory state around the buggy address: ffff88019c4edf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff88019c4edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff88019c4ee000: 00 00 00 00 fe fe fe fe fe fe fe fe fe fe fe fe ^ ffff88019c4ee080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe ffff88019c4ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe ==================================================================