================================================================== BUG: KASAN: stack-out-of-bounds in memcpy include/linux/string.h:352 [inline] BUG: KASAN: stack-out-of-bounds in _copy_to_iter+0xd2f/0x1440 lib/iov_iter.c:570 kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access Read of size 128 at addr ffff8881dad81000 by task kworker/u4:4/15489 CPU: 1 PID: 15489 Comm: kworker/u4:4 Not tainted 4.20.0-rc4+ #329 general protection fault: 0000 [#1] PREEMPT SMP KASAN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 CPU: 0 PID: 15461 Comm: syz-executor0 Not tainted 4.20.0-rc4+ #329 Call Trace: Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x244/0x39d lib/dump_stack.c:113 RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405 ------------[ cut here ]------------ Bad or missing usercopy whitelist? Kernel memory overwrite attempt detected to SLAB object '' (offset 18446744069414615263, size 64)! WARNING: CPU: 0 PID: 15461 at mm/usercopy.c:83 usercopy_warn+0xee/0x110 mm/usercopy.c:78 print_address_description.cold.7+0x9/0x1ff mm/kasan/report.c:256 Kernel panic - not syncing: panic_on_warn set ... kasan_report_error mm/kasan/report.c:354 [inline] kasan_report.cold.8+0x242/0x309 mm/kasan/report.c:412 check_memory_region_inline mm/kasan/kasan.c:260 [inline] check_memory_region+0x13e/0x1b0 mm/kasan/kasan.c:267 memcpy+0x23/0x50 mm/kasan/kasan.c:302 memcpy include/linux/string.h:352 [inline] _copy_to_iter+0xd2f/0x1440 lib/iov_iter.c:570 copy_to_iter include/linux/uio.h:143 [inline] copy_page_to_iter+0x6e3/0x1000 lib/iov_iter.c:841 generic_file_buffered_read mm/filemap.c:2112 [inline] generic_file_read_iter+0xcf0/0x2d70 mm/filemap.c:2289 ext4_file_read_iter+0x18b/0x3c0 fs/ext4/file.c:77 call_read_iter include/linux/fs.h:1851 [inline] new_sync_read fs/read_write.c:406 [inline] __vfs_read+0x6ac/0x9b0 fs/read_write.c:418 vfs_read+0x17f/0x3c0 fs/read_write.c:452 kernel_read+0xab/0x120 fs/read_write.c:431 prepare_binprm+0x73b/0xab0 fs/exec.c:1582 __do_execve_file.isra.33+0x137a/0x25d0 fs/exec.c:1801 do_execveat_common fs/exec.c:1867 [inline] do_execve+0x33/0x40 fs/exec.c:1884 call_usermodehelper_exec_async+0x6cf/0xa80 kernel/umh.c:107 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 The buggy address belongs to the page: page:ffffea00076b6040 count:2 mapcount:0 mapping:ffff8881cc4eea70 index:0x0 flags: 0x2fffc0000020036(referenced|uptodate|lru|active|mappedtodisk) raw: 02fffc0000020036 ffffea00076b6008 ffffea00076b5a08 ffff8881cc4eea70 raw: 0000000000000000 0000000000000000 00000002ffffffff ffff8881d9a46b80 page dumped because: kasan: bad access detected page->mem_cgroup:ffff8881d9a46b80 Memory state around the buggy address: ffff8881dad80f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8881dad80f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 >ffff8881dad81000: f1 00 f2 f2 f2 f2 f2 f2 f2 f8 f2 f2 f2 00 00 00 ^ ffff8881dad81080: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 ffff8881dad81100: f1 f8 f2 f2 f2 00 00 00 00 00 00 00 00 00 00 00 ================================================================== Kernel Offset: disabled Rebooting in 86400 seconds..