================================================================== BUG: KASAN: null-ptr-deref in memcpy include/linux/string.h:344 [inline] BUG: KASAN: null-ptr-deref in do_convert sound/core/oss/linear.c:52 [inline] BUG: KASAN: null-ptr-deref in convert sound/core/oss/linear.c:81 [inline] BUG: KASAN: null-ptr-deref in linear_transfer+0x64a/0x900 sound/core/oss/linear.c:110 Write of size 2 at addr (null) by task syzkaller455771/3786 CPU: 1 PID: 3786 Comm: syzkaller455771 Not tainted 4.15.0-rc6-next-20180103+ #87 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x137/0x198 lib/dump_stack.c:53 kasan_report_error mm/kasan/report.c:353 [inline] kasan_report+0x13f/0x360 mm/kasan/report.c:413 check_memory_region_inline mm/kasan/kasan.c:260 [inline] check_memory_region+0x137/0x190 mm/kasan/kasan.c:267 memcpy+0x37/0x50 mm/kasan/kasan.c:303 memcpy include/linux/string.h:344 [inline] do_convert sound/core/oss/linear.c:52 [inline] convert sound/core/oss/linear.c:81 [inline] linear_transfer+0x64a/0x900 sound/core/oss/linear.c:110 snd_pcm_plug_write_transfer+0x20b/0x390 sound/core/oss/pcm_plugin.c:611 snd_pcm_oss_write2+0x22e/0x3c0 sound/core/oss/pcm_oss.c:1310 snd_pcm_oss_write1 sound/core/oss/pcm_oss.c:1371 [inline] snd_pcm_oss_write+0x4c1/0x690 sound/core/oss/pcm_oss.c:2645 do_loop_readv_writev fs/read_write.c:676 [inline] do_iter_write+0x3ca/0x540 fs/read_write.c:934 vfs_writev+0x158/0x2d0 fs/read_write.c:977 do_writev+0xe1/0x240 fs/read_write.c:1012 SYSC_writev fs/read_write.c:1085 [inline] SyS_writev+0x27/0x30 fs/read_write.c:1082 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x449c49 RSP: 002b:00007fe3b0f20da8 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 RAX: ffffffffffffffda RBX: 00000000006dbc3c RCX: 0000000000449c49 RDX: 0000000000000001 RSI: 000000002000bff8 RDI: 0000000000000006 RBP: 00000000006dbc38 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e R13: 78756e696c65732f R14: 7073642f7665642f R15: 000000000000000d ================================================================== Kernel panic - not syncing: panic_on_warn set ... CPU: 1 PID: 3786 Comm: syzkaller455771 Tainted: G B 4.15.0-rc6-next-20180103+ #87 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x137/0x198 lib/dump_stack.c:53 panic+0x1e4/0x41c kernel/panic.c:183 kasan_end_report+0x50/0x50 mm/kasan/report.c:180 kasan_report_error mm/kasan/report.c:360 [inline] kasan_report+0x148/0x360 mm/kasan/report.c:413 check_memory_region_inline mm/kasan/kasan.c:260 [inline] check_memory_region+0x137/0x190 mm/kasan/kasan.c:267 memcpy+0x37/0x50 mm/kasan/kasan.c:303 memcpy include/linux/string.h:344 [inline] do_convert sound/core/oss/linear.c:52 [inline] convert sound/core/oss/linear.c:81 [inline] linear_transfer+0x64a/0x900 sound/core/oss/linear.c:110 snd_pcm_plug_write_transfer+0x20b/0x390 sound/core/oss/pcm_plugin.c:611 snd_pcm_oss_write2+0x22e/0x3c0 sound/core/oss/pcm_oss.c:1310 snd_pcm_oss_write1 sound/core/oss/pcm_oss.c:1371 [inline] snd_pcm_oss_write+0x4c1/0x690 sound/core/oss/pcm_oss.c:2645 do_loop_readv_writev fs/read_write.c:676 [inline] do_iter_write+0x3ca/0x540 fs/read_write.c:934 vfs_writev+0x158/0x2d0 fs/read_write.c:977 do_writev+0xe1/0x240 fs/read_write.c:1012 SYSC_writev fs/read_write.c:1085 [inline] SyS_writev+0x27/0x30 fs/read_write.c:1082 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x449c49 RSP: 002b:00007fe3b0f20da8 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 RAX: ffffffffffffffda RBX: 00000000006dbc3c RCX: 0000000000449c49 RDX: 0000000000000001 RSI: 000000002000bff8 RDI: 0000000000000006 RBP: 00000000006dbc38 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e R13: 78756e696c65732f R14: 7073642f7665642f R15: 000000000000000d Dumping ftrace buffer: (ftrace buffer empty) Kernel Offset: disabled Rebooting in 86400 seconds..