pkg/report/testdata/linux/report/398 - platform/external/syzkaller - Git at Google

 TITLE: BUG: bad usercopy in sg_io

 [ 1211.293569] usercopy: Kernel memory overwrite attempt detected to kernel text (offset 22791744, size 7)!
 [ 1211.303669] ------------[ cut here ]------------
 [ 1211.308449] kernel BUG at mm/usercopy.c:102!
 [ 1211.312951] invalid opcode: 0000 [#1] SMP KASAN PTI
 [ 1211.317966] Modules linked in:
 [ 1211.327515] CPU: 1 PID: 2118 Comm: syz-executor.3 Not tainted 4.15.0 #30
 [ 1211.334355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 [ 1211.343736] RIP: 0010:usercopy_abort+0xbd/0xbf
 [ 1211.348336] RSP: 0018:ffff88014d26f8a0 EFLAGS: 00010282
 [ 1211.353713] RAX: 000000000000005c RBX: ffffffff849801a0 RCX: 0000000000000000
 [ 1211.361000] RDX: 0000000000000000 RSI: ffffffff81572e02 RDI: ffffed0029a4df06
 [ 1211.368286] RBP: ffff88014d26f8f8 R08: 000000000000005c R09: 0000000000000000
 [ 1211.375561] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff849805c0
 [ 1211.382839] R13: ffffffff849802e0 R14: ffffffff849801a0 R15: ffffffff849801a0
 [ 1211.390118] FS:  0000000000000000(0000) GS:ffff8801dad00000(0063) knlGS:00000000f5d99b40
 [ 1211.404708] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
 [ 1211.410597] CR2: 00000000080db897 CR3: 000000015f0d4003 CR4: 00000000001626f0
 [ 1211.417915] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
 [ 1211.425240] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
 [ 1211.432509] Call Trace:
 [ 1211.446836]  [<ffffffff81aa3299>] __check_object_size.cold+0x48/0xaf
 [ 1211.459111]  [<ffffffff820ed214>] sg_io+0x324/0x1350
 [ 1211.483447]  [<ffffffff820eeb66>] sg_io_filtered+0xd6/0x186
 [ 1211.495319]  [<ffffffff820dfde3>] foo_ioctl+0x613/0x3c70
 [ 1211.544801]  [<ffffffff82142c3a>] compat_blkdev_ioctl+0x38a/0x1a40
 [ 1211.577464]  [<ffffffff81c0e88c>] compat_SyS_ioctl+0x13c/0x2940
 [ 1211.596163]  [<ffffffff8101da17>] do_fast_syscall_32+0x357/0xe1c
 [ 1211.608956]  [<ffffffff84401a9b>] entry_SYSENTER_compat+0x8b/0x9d
 [ 1211.615171] RIP: 0023:0xf7f9dc69
 [ 1211.618522] RSP: 002b:00000000f5d990cc EFLAGS: 00000286 ORIG_RAX: 0000000000000036
 [ 1211.626233] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c05812fe
 [ 1211.633484] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000000000000
 [ 1211.640734] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
 [ 1211.647999] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
 [ 1211.655249] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 [ 1211.662521] Code: 55 c0 e8 c5 71 c2 ff 48 8b 55 c0 49 89 d9 4d 89 f0 ff 75 c8 4c 89 e1 4c 89 ee 48 c7 c7 80 04 98 84 ff 75 d0 41 57 e8 2b ea ac ff <0f> 0b e8 9a 71 c2 ff e8 d5 fa f8 ff 8b 55 cc 4d 89 e8 31 c9 31
 [ 1212.422926] RIP: usercopy_abort+0xbd/0xbf RSP: ffff88014d26f8a0
 [ 1212.429802] ---[ end trace d011b40e52d131d2 ]---
	TITLE: BUG: bad usercopy in sg_io

	[ 1211.293569] usercopy: Kernel memory overwrite attempt detected to kernel text (offset 22791744, size 7)!
	[ 1211.303669] ------------[ cut here ]------------
	[ 1211.308449] kernel BUG at mm/usercopy.c:102!
	[ 1211.312951] invalid opcode: 0000 [#1] SMP KASAN PTI
	[ 1211.317966] Modules linked in:
	[ 1211.327515] CPU: 1 PID: 2118 Comm: syz-executor.3 Not tainted 4.15.0 #30
	[ 1211.334355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
	[ 1211.343736] RIP: 0010:usercopy_abort+0xbd/0xbf
	[ 1211.348336] RSP: 0018:ffff88014d26f8a0 EFLAGS: 00010282
	[ 1211.353713] RAX: 000000000000005c RBX: ffffffff849801a0 RCX: 0000000000000000
	[ 1211.361000] RDX: 0000000000000000 RSI: ffffffff81572e02 RDI: ffffed0029a4df06
	[ 1211.368286] RBP: ffff88014d26f8f8 R08: 000000000000005c R09: 0000000000000000
	[ 1211.375561] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff849805c0
	[ 1211.382839] R13: ffffffff849802e0 R14: ffffffff849801a0 R15: ffffffff849801a0
	[ 1211.390118] FS: 0000000000000000(0000) GS:ffff8801dad00000(0063) knlGS:00000000f5d99b40
	[ 1211.404708] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033
	[ 1211.410597] CR2: 00000000080db897 CR3: 000000015f0d4003 CR4: 00000000001626f0
	[ 1211.417915] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
	[ 1211.425240] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
	[ 1211.432509] Call Trace:
	[ 1211.446836] [<ffffffff81aa3299>] __check_object_size.cold+0x48/0xaf
	[ 1211.459111] [<ffffffff820ed214>] sg_io+0x324/0x1350
	[ 1211.483447] [<ffffffff820eeb66>] sg_io_filtered+0xd6/0x186
	[ 1211.495319] [<ffffffff820dfde3>] foo_ioctl+0x613/0x3c70
	[ 1211.544801] [<ffffffff82142c3a>] compat_blkdev_ioctl+0x38a/0x1a40
	[ 1211.577464] [<ffffffff81c0e88c>] compat_SyS_ioctl+0x13c/0x2940
	[ 1211.596163] [<ffffffff8101da17>] do_fast_syscall_32+0x357/0xe1c
	[ 1211.608956] [<ffffffff84401a9b>] entry_SYSENTER_compat+0x8b/0x9d
	[ 1211.615171] RIP: 0023:0xf7f9dc69
	[ 1211.618522] RSP: 002b:00000000f5d990cc EFLAGS: 00000286 ORIG_RAX: 0000000000000036
	[ 1211.626233] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c05812fe
	[ 1211.633484] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000000000000
	[ 1211.640734] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
	[ 1211.647999] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
	[ 1211.655249] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
	[ 1211.662521] Code: 55 c0 e8 c5 71 c2 ff 48 8b 55 c0 49 89 d9 4d 89 f0 ff 75 c8 4c 89 e1 4c 89 ee 48 c7 c7 80 04 98 84 ff 75 d0 41 57 e8 2b ea ac ff <0f> 0b e8 9a 71 c2 ff e8 d5 fa f8 ff 8b 55 cc 4d 89 e8 31 c9 31
	[ 1212.422926] RIP: usercopy_abort+0xbd/0xbf RSP: ffff88014d26f8a0
	[ 1212.429802] ---[ end trace d011b40e52d131d2 ]---