================================================================== BUG: KASAN: out-of-bounds in get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] at addr ffff8801ce7a78b8 BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 at addr ffff8801ce7a78b8 Read of size 8 by task syz-executor6/3705 page:ffffea000739e9c0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x8000000000000000() page dumped because: kasan: bad access detected CPU: 0 PID: 3705 Comm: syz-executor6 Not tainted 4.9.66-g38884cc #102 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d15571a0 ffffffff81d90429 ffffed0039cf4f18 0000000000000008 0000000000000000 ffffed0039cf4f18 ffff8801ce7a78b8 ffff8801d1557228 ffffffff8153a583 ffff8801ced7b000 ffffffff8389f09e ffffffff810d41b7 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:208 [inline] [] kasan_report_error mm/kasan/report.c:287 [inline] [] kasan_report.part.1+0x4c3/0x500 mm/kasan/report.c:309 [] kasan_report mm/kasan/report.c:330 [inline] [] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330 [] get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] [] __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 [] unwind_start arch/x86/include/asm/unwind.h:39 [inline] [] __save_stack_trace+0x59/0xf0 arch/x86/kernel/stacktrace.c:41 [] save_stack_trace_tsk+0x48/0x70 arch/x86/kernel/stacktrace.c:71 [] proc_pid_stack+0x146/0x230 fs/proc/base.c:466 [] proc_single_show+0xf8/0x170 fs/proc/base.c:768 [] seq_read+0x32f/0x1290 fs/seq_file.c:240 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] kernel_readv fs/splice.c:363 [inline] [] default_file_splice_read+0x43f/0x7a0 fs/splice.c:435 [] do_splice_to+0x10a/0x160 fs/splice.c:899 [] splice_direct_to_actor+0x24d/0x800 fs/splice.c:971 [] do_splice_direct+0x1a7/0x270 fs/splice.c:1080 [] do_sendfile+0x54b/0xd30 fs/read_write.c:1401 [] SYSC_sendfile64 fs/read_write.c:1456 [inline] [] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1448 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Memory state around the buggy address: ffff8801ce7a7780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801ce7a7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8801ce7a7880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^ ffff8801ce7a7900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801ce7a7980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: out-of-bounds in get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] at addr ffff8801d6e978b8 BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 at addr ffff8801d6e978b8 Read of size 8 by task syz-executor4/3978 page:ffffea00075ba5c0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x8000000000000000() page dumped because: kasan: bad access detected CPU: 1 PID: 3978 Comm: syz-executor4 Tainted: G B 4.9.66-g38884cc #102 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d6e171a0 ffffffff81d90429 ffffed003add2f18 0000000000000008 0000000000000000 ffffed003add2f18 ffff8801d6e978b8 ffff8801d6e17228 ffffffff8153a583 0000000000000000 0000000000000000 ffffffff810d41b7 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:208 [inline] [] kasan_report_error mm/kasan/report.c:287 [inline] [] kasan_report.part.1+0x4c3/0x500 mm/kasan/report.c:309 [] kasan_report mm/kasan/report.c:330 [inline] [] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330 [] get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] [] __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 [] unwind_start arch/x86/include/asm/unwind.h:39 [inline] [] __save_stack_trace+0x59/0xf0 arch/x86/kernel/stacktrace.c:41 [] save_stack_trace_tsk+0x48/0x70 arch/x86/kernel/stacktrace.c:71 [] proc_pid_stack+0x146/0x230 fs/proc/base.c:466 [] proc_single_show+0xf8/0x170 fs/proc/base.c:768 [] seq_read+0x32f/0x1290 fs/seq_file.c:240 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] kernel_readv fs/splice.c:363 [inline] [] default_file_splice_read+0x43f/0x7a0 fs/splice.c:435 [] do_splice_to+0x10a/0x160 fs/splice.c:899 [] splice_direct_to_actor+0x24d/0x800 fs/splice.c:971 [] do_splice_direct+0x1a7/0x270 fs/splice.c:1080 [] do_sendfile+0x54b/0xd30 fs/read_write.c:1401 [] SYSC_sendfile64 fs/read_write.c:1456 [inline] [] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1448 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Memory state around the buggy address: ffff8801d6e97780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801d6e97800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8801d6e97880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^ ffff8801d6e97900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801d6e97980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: out-of-bounds in get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] at addr ffff8801cedef8b8 BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 at addr ffff8801cedef8b8 Read of size 8 by task syz-executor6/4168 page:ffffea00073b7bc0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x8000000000000000() page dumped because: kasan: bad access detected CPU: 0 PID: 4168 Comm: syz-executor6 Tainted: G B 4.9.66-g38884cc #102 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d06ff1a0 ffffffff81d90429 ffffed0039dbdf18 0000000000000008 0000000000000000 ffffed0039dbdf18 ffff8801cedef8b8 ffff8801d06ff228 ffffffff8153a583 0000000000000000 0000000000000000 ffffffff810d41b7 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:208 [inline] [] kasan_report_error mm/kasan/report.c:287 [inline] [] kasan_report.part.1+0x4c3/0x500 mm/kasan/report.c:309 [] kasan_report mm/kasan/report.c:330 [inline] [] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330 [] get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] [] __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 [] unwind_start arch/x86/include/asm/unwind.h:39 [inline] [] __save_stack_trace+0x59/0xf0 arch/x86/kernel/stacktrace.c:41 [] save_stack_trace_tsk+0x48/0x70 arch/x86/kernel/stacktrace.c:71 [] proc_pid_stack+0x146/0x230 fs/proc/base.c:466 [] proc_single_show+0xf8/0x170 fs/proc/base.c:768 [] seq_read+0x32f/0x1290 fs/seq_file.c:240 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] kernel_readv fs/splice.c:363 [inline] [] default_file_splice_read+0x43f/0x7a0 fs/splice.c:435 [] do_splice_to+0x10a/0x160 fs/splice.c:899 [] splice_direct_to_actor+0x24d/0x800 fs/splice.c:971 [] do_splice_direct+0x1a7/0x270 fs/splice.c:1080 [] do_sendfile+0x54b/0xd30 fs/read_write.c:1401 [] SYSC_sendfile64 fs/read_write.c:1456 [inline] [] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1448 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Memory state around the buggy address: ffff8801cedef780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801cedef800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8801cedef880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^ ffff8801cedef900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801cedef980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: out-of-bounds in get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] at addr ffff8801d65f78b8 BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 at addr ffff8801d65f78b8 Read of size 8 by task syz-executor5/4506 page:ffffea0007597dc0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x8000000000000000() page dumped because: kasan: bad access detected CPU: 1 PID: 4506 Comm: syz-executor5 Tainted: G B 4.9.66-g38884cc #102 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d927f1a0 ffffffff81d90429 ffffed003acbef18 0000000000000008 0000000000000000 ffffed003acbef18 ffff8801d65f78b8 ffff8801d927f228 ffffffff8153a583 0000000000000000 0000000000000000 ffffffff810d41b7 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:208 [inline] [] kasan_report_error mm/kasan/report.c:287 [inline] [] kasan_report.part.1+0x4c3/0x500 mm/kasan/report.c:309 [] kasan_report mm/kasan/report.c:330 [inline] [] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330 [] get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] [] __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 [] unwind_start arch/x86/include/asm/unwind.h:39 [inline] [] __save_stack_trace+0x59/0xf0 arch/x86/kernel/stacktrace.c:41 [] save_stack_trace_tsk+0x48/0x70 arch/x86/kernel/stacktrace.c:71 [] proc_pid_stack+0x146/0x230 fs/proc/base.c:466 [] proc_single_show+0xf8/0x170 fs/proc/base.c:768 [] seq_read+0x32f/0x1290 fs/seq_file.c:240 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] kernel_readv fs/splice.c:363 [inline] [] default_file_splice_read+0x43f/0x7a0 fs/splice.c:435 [] do_splice_to+0x10a/0x160 fs/splice.c:899 [] splice_direct_to_actor+0x24d/0x800 fs/splice.c:971 [] do_splice_direct+0x1a7/0x270 fs/splice.c:1080 [] do_sendfile+0x54b/0xd30 fs/read_write.c:1401 [] SYSC_sendfile64 fs/read_write.c:1456 [inline] [] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1448 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Memory state around the buggy address: ffff8801d65f7780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801d65f7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8801d65f7880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^ ffff8801d65f7900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801d65f7980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: out-of-bounds in get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] at addr ffff8801c9d478b8 BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 at addr ffff8801c9d478b8 Read of size 8 by task syz-executor5/5066 page:ffffea00072751c0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x8000000000000000() page dumped because: kasan: bad access detected CPU: 0 PID: 5066 Comm: syz-executor5 Tainted: G B 4.9.66-g38884cc #102 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801cb18f1a0 ffffffff81d90429 ffffed00393a8f18 0000000000000008 0000000000000000 ffffed00393a8f18 ffff8801c9d478b8 ffff8801cb18f228 ffffffff8153a583 0000000000000000 0000000000000000 ffffffff810d41b7 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:208 [inline] [] kasan_report_error mm/kasan/report.c:287 [inline] [] kasan_report.part.1+0x4c3/0x500 mm/kasan/report.c:309 [] kasan_report mm/kasan/report.c:330 [inline] [] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330 [] get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] [] __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 [] unwind_start arch/x86/include/asm/unwind.h:39 [inline] [] __save_stack_trace+0x59/0xf0 arch/x86/kernel/stacktrace.c:41 [] save_stack_trace_tsk+0x48/0x70 arch/x86/kernel/stacktrace.c:71 [] proc_pid_stack+0x146/0x230 fs/proc/base.c:466 [] proc_single_show+0xf8/0x170 fs/proc/base.c:768 [] seq_read+0x32f/0x1290 fs/seq_file.c:240 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] kernel_readv fs/splice.c:363 [inline] [] default_file_splice_read+0x43f/0x7a0 fs/splice.c:435 [] do_splice_to+0x10a/0x160 fs/splice.c:899 [] splice_direct_to_actor+0x24d/0x800 fs/splice.c:971 [] do_splice_direct+0x1a7/0x270 fs/splice.c:1080 [] do_sendfile+0x54b/0xd30 fs/read_write.c:1401 [] SYSC_sendfile64 fs/read_write.c:1456 [inline] [] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1448 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Memory state around the buggy address: ffff8801c9d47780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801c9d47800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8801c9d47880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^ ffff8801c9d47900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801c9d47980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: out-of-bounds in get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] at addr ffff8801c75278b8 BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 at addr ffff8801c75278b8 Read of size 8 by task syz-executor5/5232 page:ffffea00071d49c0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x8000000000000000() page dumped because: kasan: bad access detected CPU: 1 PID: 5232 Comm: syz-executor5 Tainted: G B 4.9.66-g38884cc #102 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c752f1a0 ffffffff81d90429 ffffed0038ea4f18 0000000000000008 0000000000000000 ffffed0038ea4f18 ffff8801c75278b8 ffff8801c752f228 ffffffff8153a583 0000000000000000 0000000000000000 ffffffff810d41b7 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:208 [inline] [] kasan_report_error mm/kasan/report.c:287 [inline] [] kasan_report.part.1+0x4c3/0x500 mm/kasan/report.c:309 [] kasan_report mm/kasan/report.c:330 [inline] [] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330 [] get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] [] __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 [] unwind_start arch/x86/include/asm/unwind.h:39 [inline] [] __save_stack_trace+0x59/0xf0 arch/x86/kernel/stacktrace.c:41 [] save_stack_trace_tsk+0x48/0x70 arch/x86/kernel/stacktrace.c:71 [] proc_pid_stack+0x146/0x230 fs/proc/base.c:466 [] proc_single_show+0xf8/0x170 fs/proc/base.c:768 [] seq_read+0x32f/0x1290 fs/seq_file.c:240 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] kernel_readv fs/splice.c:363 [inline] [] default_file_splice_read+0x43f/0x7a0 fs/splice.c:435 [] do_splice_to+0x10a/0x160 fs/splice.c:899 [] splice_direct_to_actor+0x24d/0x800 fs/splice.c:971 [] do_splice_direct+0x1a7/0x270 fs/splice.c:1080 [] do_sendfile+0x54b/0xd30 fs/read_write.c:1401 [] SYSC_sendfile64 fs/read_write.c:1456 [inline] [] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1448 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Memory state around the buggy address: ffff8801c7527780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801c7527800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8801c7527880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^ ffff8801c7527900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801c7527980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: out-of-bounds in get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] at addr ffff8801cf0f78b8 BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 at addr ffff8801cf0f78b8 Read of size 8 by task syz-executor0/5952 page:ffffea00073c3dc0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x8000000000000000() page dumped because: kasan: bad access detected CPU: 1 PID: 5952 Comm: syz-executor0 Tainted: G B 4.9.66-g38884cc #102 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801cf0371a0 ffffffff81d90429 ffffed0039e1ef18 0000000000000008 0000000000000000 ffffed0039e1ef18 ffff8801cf0f78b8 ffff8801cf037228 ffffffff8153a583 0000000000000000 0000000000000000 ffffffff810d41b7 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:208 [inline] [] kasan_report_error mm/kasan/report.c:287 [inline] [] kasan_report.part.1+0x4c3/0x500 mm/kasan/report.c:309 [] kasan_report mm/kasan/report.c:330 [inline] [] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330 [] get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] [] __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 [] unwind_start arch/x86/include/asm/unwind.h:39 [inline] [] __save_stack_trace+0x59/0xf0 arch/x86/kernel/stacktrace.c:41 [] save_stack_trace_tsk+0x48/0x70 arch/x86/kernel/stacktrace.c:71 [] proc_pid_stack+0x146/0x230 fs/proc/base.c:466 [] proc_single_show+0xf8/0x170 fs/proc/base.c:768 [] seq_read+0x32f/0x1290 fs/seq_file.c:240 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] kernel_readv fs/splice.c:363 [inline] [] default_file_splice_read+0x43f/0x7a0 fs/splice.c:435 [] do_splice_to+0x10a/0x160 fs/splice.c:899 [] splice_direct_to_actor+0x24d/0x800 fs/splice.c:971 [] do_splice_direct+0x1a7/0x270 fs/splice.c:1080 [] do_sendfile+0x54b/0xd30 fs/read_write.c:1401 [] SYSC_sendfile64 fs/read_write.c:1456 [inline] [] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1448 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Memory state around the buggy address: ffff8801cf0f7780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801cf0f7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8801cf0f7880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^ ffff8801cf0f7900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801cf0f7980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: out-of-bounds in get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] at addr ffff8801d90a78b8 BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 at addr ffff8801d90a78b8 Read of size 8 by task syz-executor7/6071 page:ffffea00076429c0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x8000000000000000() page dumped because: kasan: bad access detected CPU: 1 PID: 6071 Comm: syz-executor7 Tainted: G B 4.9.66-g38884cc #102 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d94471a0 ffffffff81d90429 ffffed003b214f18 0000000000000008 0000000000000000 ffffed003b214f18 ffff8801d90a78b8 ffff8801d9447228 ffffffff8153a583 0000000000000000 0000000000000000 ffffffff810d41b7 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:208 [inline] [] kasan_report_error mm/kasan/report.c:287 [inline] [] kasan_report.part.1+0x4c3/0x500 mm/kasan/report.c:309 [] kasan_report mm/kasan/report.c:330 [inline] [] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330 [] get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] [] __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 [] unwind_start arch/x86/include/asm/unwind.h:39 [inline] [] __save_stack_trace+0x59/0xf0 arch/x86/kernel/stacktrace.c:41 [] save_stack_trace_tsk+0x48/0x70 arch/x86/kernel/stacktrace.c:71 [] proc_pid_stack+0x146/0x230 fs/proc/base.c:466 [] proc_single_show+0xf8/0x170 fs/proc/base.c:768 [] seq_read+0x32f/0x1290 fs/seq_file.c:240 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] kernel_readv fs/splice.c:363 [inline] [] default_file_splice_read+0x43f/0x7a0 fs/splice.c:435 [] do_splice_to+0x10a/0x160 fs/splice.c:899 [] splice_direct_to_actor+0x24d/0x800 fs/splice.c:971 [] do_splice_direct+0x1a7/0x270 fs/splice.c:1080 [] do_sendfile+0x54b/0xd30 fs/read_write.c:1401 [] SYSC_sendfile64 fs/read_write.c:1456 [inline] [] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1448 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Memory state around the buggy address: ffff8801d90a7780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801d90a7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8801d90a7880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^ ffff8801d90a7900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801d90a7980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: out-of-bounds in get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] at addr ffff8801c82bf8b8 BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 at addr ffff8801c82bf8b8 Read of size 8 by task syz-executor3/6505 page:ffffea000720afc0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x8000000000000000() page dumped because: kasan: bad access detected CPU: 1 PID: 6505 Comm: syz-executor3 Tainted: G B 4.9.66-g38884cc #102 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c7c9f1a0 ffffffff81d90429 ffffed0039057f18 0000000000000008 0000000000000000 ffffed0039057f18 ffff8801c82bf8b8 ffff8801c7c9f228 ffffffff8153a583 0000000000000000 0000000000000000 ffffffff810d41b7 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:208 [inline] [] kasan_report_error mm/kasan/report.c:287 [inline] [] kasan_report.part.1+0x4c3/0x500 mm/kasan/report.c:309 [] kasan_report mm/kasan/report.c:330 [inline] [] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330 [] get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] [] __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 [] unwind_start arch/x86/include/asm/unwind.h:39 [inline] [] __save_stack_trace+0x59/0xf0 arch/x86/kernel/stacktrace.c:41 [] save_stack_trace_tsk+0x48/0x70 arch/x86/kernel/stacktrace.c:71 [] proc_pid_stack+0x146/0x230 fs/proc/base.c:466 [] proc_single_show+0xf8/0x170 fs/proc/base.c:768 [] seq_read+0x32f/0x1290 fs/seq_file.c:240 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] kernel_readv fs/splice.c:363 [inline] [] default_file_splice_read+0x43f/0x7a0 fs/splice.c:435 [] do_splice_to+0x10a/0x160 fs/splice.c:899 [] splice_direct_to_actor+0x24d/0x800 fs/splice.c:971 [] do_splice_direct+0x1a7/0x270 fs/splice.c:1080 [] do_sendfile+0x54b/0xd30 fs/read_write.c:1401 [] SYSC_sendfile64 fs/read_write.c:1456 [inline] [] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1448 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Memory state around the buggy address: ffff8801c82bf780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801c82bf800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8801c82bf880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^ ffff8801c82bf900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801c82bf980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: out-of-bounds in get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] at addr ffff8801cce2f8b8 BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 at addr ffff8801cce2f8b8 Read of size 8 by task syz-executor2/6941 page:ffffea0007338bc0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x8000000000000000() page dumped because: kasan: bad access detected CPU: 0 PID: 6941 Comm: syz-executor2 Tainted: G B 4.9.66-g38884cc #102 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c880f1a0 ffffffff81d90429 ffffed00399c5f18 0000000000000008 0000000000000000 ffffed00399c5f18 ffff8801cce2f8b8 ffff8801c880f228 ffffffff8153a583 0000000000000000 0000000000000000 ffffffff810d41b7 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:208 [inline] [] kasan_report_error mm/kasan/report.c:287 [inline] [] kasan_report.part.1+0x4c3/0x500 mm/kasan/report.c:309 [] kasan_report mm/kasan/report.c:330 [inline] [] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330 [] get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] [] __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 [] unwind_start arch/x86/include/asm/unwind.h:39 [inline] [] __save_stack_trace+0x59/0xf0 arch/x86/kernel/stacktrace.c:41 [] save_stack_trace_tsk+0x48/0x70 arch/x86/kernel/stacktrace.c:71 [] proc_pid_stack+0x146/0x230 fs/proc/base.c:466 [] proc_single_show+0xf8/0x170 fs/proc/base.c:768 [] seq_read+0x32f/0x1290 fs/seq_file.c:240 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] kernel_readv fs/splice.c:363 [inline] [] default_file_splice_read+0x43f/0x7a0 fs/splice.c:435 [] do_splice_to+0x10a/0x160 fs/splice.c:899 [] splice_direct_to_actor+0x24d/0x800 fs/splice.c:971 [] do_splice_direct+0x1a7/0x270 fs/splice.c:1080 [] do_sendfile+0x54b/0xd30 fs/read_write.c:1401 [] SYSC_sendfile64 fs/read_write.c:1456 [inline] [] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1448 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Memory state around the buggy address: ffff8801cce2f780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801cce2f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8801cce2f880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^ ffff8801cce2f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801cce2f980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: out-of-bounds in get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] at addr ffff8801c827f8b8 BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 at addr ffff8801c827f8b8 Read of size 8 by task syz-executor7/7234 page:ffffea0007209fc0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x8000000000000000() page dumped because: kasan: bad access detected CPU: 1 PID: 7234 Comm: syz-executor7 Tainted: G B 4.9.66-g38884cc #102 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d5a671a0 ffffffff81d90429 ffffed003904ff18 0000000000000008 0000000000000000 ffffed003904ff18 ffff8801c827f8b8 ffff8801d5a67228 ffffffff8153a583 0000000000000000 0000000000000000 ffffffff810d41b7 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:208 [inline] [] kasan_report_error mm/kasan/report.c:287 [inline] [] kasan_report.part.1+0x4c3/0x500 mm/kasan/report.c:309 [] kasan_report mm/kasan/report.c:330 [inline] [] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330 [] get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] [] __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 [] unwind_start arch/x86/include/asm/unwind.h:39 [inline] [] __save_stack_trace+0x59/0xf0 arch/x86/kernel/stacktrace.c:41 [] save_stack_trace_tsk+0x48/0x70 arch/x86/kernel/stacktrace.c:71 [] proc_pid_stack+0x146/0x230 fs/proc/base.c:466 [] proc_single_show+0xf8/0x170 fs/proc/base.c:768 [] seq_read+0x32f/0x1290 fs/seq_file.c:240 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] kernel_readv fs/splice.c:363 [inline] [] default_file_splice_read+0x43f/0x7a0 fs/splice.c:435 [] do_splice_to+0x10a/0x160 fs/splice.c:899 [] splice_direct_to_actor+0x24d/0x800 fs/splice.c:971 [] do_splice_direct+0x1a7/0x270 fs/splice.c:1080 [] do_sendfile+0x54b/0xd30 fs/read_write.c:1401 [] SYSC_sendfile64 fs/read_write.c:1456 [inline] [] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1448 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Memory state around the buggy address: ffff8801c827f780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801c827f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8801c827f880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^ ffff8801c827f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801c827f980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: out-of-bounds in get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] at addr ffff8801d94ff8b8 BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 at addr ffff8801d94ff8b8 Read of size 8 by task syz-executor7/7466 page:ffffea0007653fc0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x8000000000000000() page dumped because: kasan: bad access detected CPU: 0 PID: 7466 Comm: syz-executor7 Tainted: G B 4.9.66-g38884cc #102 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d9adf1a0 ffffffff81d90429 ffffed003b29ff18 0000000000000008 0000000000000000 ffffed003b29ff18 ffff8801d94ff8b8 ffff8801d9adf228 ffffffff8153a583 0000000000000000 0000000000000000 ffffffff810d41b7 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:208 [inline] [] kasan_report_error mm/kasan/report.c:287 [inline] [] kasan_report.part.1+0x4c3/0x500 mm/kasan/report.c:309 [] kasan_report mm/kasan/report.c:330 [inline] [] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330 [] get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] [] __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 [] unwind_start arch/x86/include/asm/unwind.h:39 [inline] [] __save_stack_trace+0x59/0xf0 arch/x86/kernel/stacktrace.c:41 [] save_stack_trace_tsk+0x48/0x70 arch/x86/kernel/stacktrace.c:71 [] proc_pid_stack+0x146/0x230 fs/proc/base.c:466 [] proc_single_show+0xf8/0x170 fs/proc/base.c:768 [] seq_read+0x32f/0x1290 fs/seq_file.c:240 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] kernel_readv fs/splice.c:363 [inline] [] default_file_splice_read+0x43f/0x7a0 fs/splice.c:435 [] do_splice_to+0x10a/0x160 fs/splice.c:899 [] splice_direct_to_actor+0x24d/0x800 fs/splice.c:971 [] do_splice_direct+0x1a7/0x270 fs/splice.c:1080 [] do_sendfile+0x54b/0xd30 fs/read_write.c:1401 [] SYSC_sendfile64 fs/read_write.c:1456 [inline] [] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1448 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Memory state around the buggy address: ffff8801d94ff780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801d94ff800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8801d94ff880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^ ffff8801d94ff900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801d94ff980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== ================================================================== BUG: KASAN: out-of-bounds in get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] at addr ffff8801c79678b8 BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 at addr ffff8801c79678b8 Read of size 8 by task syz-executor7/7746 page:ffffea00071e59c0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x8000000000000000() page dumped because: kasan: bad access detected CPU: 1 PID: 7746 Comm: syz-executor7 Tainted: G B 4.9.66-g38884cc #102 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c780f1a0 ffffffff81d90429 ffffed0038f2cf18 0000000000000008 0000000000000000 ffffed0038f2cf18 ffff8801c79678b8 ffff8801c780f228 ffffffff8153a583 0000000000000000 0000000000000000 ffffffff810d41b7 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_address_description mm/kasan/report.c:208 [inline] [] kasan_report_error mm/kasan/report.c:287 [inline] [] kasan_report.part.1+0x4c3/0x500 mm/kasan/report.c:309 [] kasan_report mm/kasan/report.c:330 [inline] [] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330 [] get_frame_pointer arch/x86/include/asm/stacktrace.h:64 [inline] [] __unwind_start+0x3a7/0x3c0 arch/x86/kernel/unwind_frame.c:76 [] unwind_start arch/x86/include/asm/unwind.h:39 [inline] [] __save_stack_trace+0x59/0xf0 arch/x86/kernel/stacktrace.c:41 [] save_stack_trace_tsk+0x48/0x70 arch/x86/kernel/stacktrace.c:71 [] proc_pid_stack+0x146/0x230 fs/proc/base.c:466 [] proc_single_show+0xf8/0x170 fs/proc/base.c:768