BUG: unable to handle page fault for address: fffff52002f00000
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 21ffee067 P4D 21ffee067 PUD aa51c067 PMD 9755d067 PTE 0
Oops: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 14146 Comm: syz-executor.2 Not tainted 5.5.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:memory_is_nonzero mm/kasan/generic.c:121 [inline]
RIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:135 [inline]
RIP: 0010:memory_is_poisoned mm/kasan/generic.c:166 [inline]
RIP: 0010:check_memory_region_inline mm/kasan/generic.c:182 [inline]
RIP: 0010:check_memory_region+0x9c/0x1a0 mm/kasan/generic.c:192
Code: c9 4d 0f 49 c1 49 c1 f8 03 45 85 c0 0f 84 10 01 00 00 41 83 e8 01 4e 8d 44 c0 08 eb 0d 48 83 c0 08 4c 39 c0 0f 84 a7 00 00 00 <48> 83 38 00 74 ed 4c 8d 40 08 eb 09 48 83 c0 01 49 39 c0 74 53 80
RSP: 0018:ffffc900030678d0 EFLAGS: 00010216
RAX: fffff52002f00000 RBX: fffff52002f04000 RCX: ffffffff85ded8c9
RDX: 0000000000000001 RSI: 0000000000020000 RDI: ffffc90017800000
RBP: ffffc900030678e8 R08: fffff52002f04000 R09: 0000000000004000
R10: fffff52002f03fff R11: ffffc9001781ffff R12: fffff52002f00000
R13: 0000000000020000 R14: 0000000000000000 R15: ffffc90003067b20
FS:  0000000000000000(0000) GS:ffff8880ae900000(0063) knlGS:00000000f5ddeb40
CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
CR2: fffff52002f00000 CR3: 00000000a3d94000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 memset+0x24/0x40 mm/kasan/common.c:108
 memset include/linux/string.h:365 [inline]
 ion_heap_clear_pages+0x49/0x70 drivers/staging/android/ion/ion_heap.c:106
 ion_heap_sglist_zero+0x210/0x270 drivers/staging/android/ion/ion_heap.c:123
 ion_heap_buffer_zero+0xf5/0x150 drivers/staging/android/ion/ion_heap.c:145
 ion_system_heap_free+0x1eb/0x250 drivers/staging/android/ion/ion_system_heap.c:163
 ion_buffer_destroy+0x159/0x2d0 drivers/staging/android/ion/ion.c:93
 _ion_heap_freelist_drain+0x304/0x480 drivers/staging/android/ion/ion_heap.c:201
 ion_heap_freelist_drain+0x20/0x30 drivers/staging/android/ion/ion_heap.c:211
 ion_buffer_create drivers/staging/android/ion/ion.c:56 [inline]
 ion_alloc drivers/staging/android/ion/ion.c:383 [inline]
 ion_ioctl+0x9e3/0xd20 drivers/staging/android/ion/ion.c:509
 compat_ptr_ioctl+0x6e/0xa0 fs/ioctl.c:788
 __do_compat_sys_ioctl fs/compat_ioctl.c:214 [inline]
 __se_compat_sys_ioctl fs/compat_ioctl.c:142 [inline]
 __ia32_compat_sys_ioctl+0x233/0x610 fs/compat_ioctl.c:142
 do_syscall_32_irqs_on arch/x86/entry/common.c:337 [inline]
 do_fast_syscall_32+0x27b/0xe16 arch/x86/entry/common.c:408
 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139
RIP: 0023:0xf7fe2a39
Code: 00 00 00 89 d3 5b 5e 5f 5d c3 b8 80 96 98 00 eb c4 8b 04 24 c3 8b 1c 24 c3 8b 34 24 c3 8b 3c 24 c3 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 002b:00000000f5dde0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000c0184900
RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
Modules linked in:
CR2: fffff52002f00000
---[ end trace 2a1d0b3d43645bb6 ]---
RIP: 0010:memory_is_nonzero mm/kasan/generic.c:121 [inline]
RIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:135 [inline]
RIP: 0010:memory_is_poisoned mm/kasan/generic.c:166 [inline]
RIP: 0010:check_memory_region_inline mm/kasan/generic.c:182 [inline]
RIP: 0010:check_memory_region+0x9c/0x1a0 mm/kasan/generic.c:192
Code: c9 4d 0f 49 c1 49 c1 f8 03 45 85 c0 0f 84 10 01 00 00 41 83 e8 01 4e 8d 44 c0 08 eb 0d 48 83 c0 08 4c 39 c0 0f 84 a7 00 00 00 <48> 83 38 00 74 ed 4c 8d 40 08 eb 09 48 83 c0 01 49 39 c0 74 53 80
RSP: 0018:ffffc900030678d0 EFLAGS: 00010216
RAX: fffff52002f00000 RBX: fffff52002f04000 RCX: ffffffff85ded8c9
RDX: 0000000000000001 RSI: 0000000000020000 RDI: ffffc90017800000
RBP: ffffc900030678e8 R08: fffff52002f04000 R09: 0000000000004000
R10: fffff52002f03fff R11: ffffc9001781ffff R12: fffff52002f00000
R13: 0000000000020000 R14: 0000000000000000 R15: ffffc90003067b20
FS:  0000000000000000(0000) GS:ffff8880ae900000(0063) knlGS:00000000f5ddeb40
CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
CR2: fffff52002f00000 CR3: 00000000a3d94000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400