Comment 12 for bug 1505948

Robert Doebbelin (2-robert-3) wrote :

Enabling KASAN on a Wily kernel prints the following:

Jan 27 12:02:05 ubuntu kernel: ==================================================================
Jan 27 12:02:05 ubuntu kernel: BUG: KASan: use after free in fuse_direct_IO+0xb1a/0xcc0 at addr ffff88036c414390
Jan 27 12:02:05 ubuntu kernel: Read of size 8 by task qemu-system-x86/2784
Jan 27 12:02:05 ubuntu kernel: =============================================================================
Jan 27 12:02:05 ubuntu kernel: BUG kmalloc-128 (Tainted: G I ): kasan: bad access detected
Jan 27 12:02:05 ubuntu kernel: -----------------------------------------------------------------------------
Jan 27 12:02:05 ubuntu kernel: Disabling lock debugging due to kernel taint
Jan 27 12:02:05 ubuntu kernel: INFO: Slab 0xffffea000db10500 objects=32 used=26 fp=0xffff88036c414e80 flags=0x2ffff0000000080
Jan 27 12:02:05 ubuntu kernel: INFO: Object 0xffff88036c414380 @offset=896 fp=0x (null)
Jan 27 12:02:05 ubuntu kernel: Bytes b4 ffff88036c414370: 18 00 00 00 40 27 a3 1f 3b 56 00 00 00 00 00 00 ....@'..;V......
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c414380: 00 00 00 00 00 00 00 00 00 f0 75 35 00 00 00 00 ..........u5....
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c414390: 80 27 67 81 ff ff ff ff 00 00 00 00 00 00 00 00 .'g.............
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143a0: 05 00 00 00 00 00 00 00 80 82 44 ad 05 88 ff ff ..........D.....
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143b0: 00 00 00 00 00 00 00 00 10 e1 bc 56 49 56 00 00 ...........VIV..
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143d0: 00 00 00 00 00 00 00 00 80 f6 85 6d 03 88 ff ff ...........m....
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Jan 27 12:02:05 ubuntu kernel: CPU: 0 PID: 2784 Comm: qemu-system-x86 Tainted: G B I 4.2.0-25-generic 0000030
Jan 27 12:02:05 ubuntu kernel: Hardware name: IBM System x3550 M2 -[794654G]-/49Y6512 , BIOS -[D6E131CUS-1.05]- 11/25/2009
Jan 27 12:02:05 ubuntu kernel: ffff88036c414380 00000000d939cde9 ffff8805adf0f7c8 ffffffff828cafee
Jan 27 12:02:05 ubuntu kernel: 0000000000000080 ffff880373803680 ffff8805adf0f7f8 ffffffff81546759
Jan 27 12:02:05 ubuntu kernel: ffff880373803680 ffffea000db10500 ffff88036c414380 ffff8805ad56d600
Jan 27 12:02:05 ubuntu kernel: Call Trace:

Jan 27 12:02:05 ubuntu kernel: [< inline >] __dump_stack linux-4.2.0/lib/dump_stack.c:15
Jan 27 12:02:05 ubuntu kernel: [<ffffffff828cafee>] dump_stack+0x45/0x57 linux-4.2.0/lib/dump_stack.c:50
Jan 27 12:02:05 ubuntu kernel: [<ffffffff81546759>] print_trailer+0xf9/0x150 linux-4.2.0/mm/slub.c:650
Jan 27 12:02:05 ubuntu kernel: [<ffffffff8154b9c8>] object_err+0x38/0x50 linux-4.2.0/mm/slub.c:657
Jan 27 12:02:05 ubuntu kernel: [< inline >] print_address_description linux-4.2.0/mm/kasan/report.c:120
Jan 27 12:02:05 ubuntu kernel: [<ffffffff8154e3d8>] kasan_report_error+0x1e8/0x3f0 linux-4.2.0/mm/kasan/report.c:193
Jan 27 12:02:05 ubuntu kernel: [< inline >] kasan_report linux-4.2.0/mm/kasan/report.c:230
Jan 27 12:02:05 ubuntu kernel: [<ffffffff8154e791>] __asan_report_load8_noabort+0x61/0x70 linux-4.2.0/mm/kasan/report.c:251
Jan 27 12:02:05 ubuntu kernel: [<ffffffff818d8bfa>] fuse_direct_IO+0xb1a/0xcc0 linux-4.2.0/fs/fuse/file.c:2842
Jan 27 12:02:05 ubuntu kernel: [<ffffffff8145eda6>] generic_file_direct_write+0x246/0x540 linux-4.2.0/mm/filemap.c:2398
Jan 27 12:02:05 ubuntu kernel: [<ffffffff818da16c>] fuse_file_write_iter+0x31c/0x780 linux-4.2.0/fs/fuse/file.c:1182
Jan 27 12:02:05 ubuntu kernel: [<ffffffff81673aba>] aio_run_iocb+0x68a/0x870 linux-4.2.0/fs/aio.c:1446
Jan 27 12:02:05 ubuntu kernel: [< inline >] io_submit_one linux-4.2.0/fs/aio.c:1548
Jan 27 12:02:05 ubuntu kernel: [<ffffffff81676567>] do_io_submit+0x4a7/0xb40 linux-4.2.0/fs/aio.c:1606
Jan 27 12:02:05 ubuntu kernel: [< inline >] SYSC_io_submit linux-4.2.0/fs/aio.c:1631
Jan 27 12:02:05 ubuntu kernel: [<ffffffff81676c10>] SyS_io_submit+0x10/0x20 linux-4.2.0/fs/aio.c:1628
Jan 27 12:02:05 ubuntu kernel: [<ffffffff828dc632>] entry_SYSCALL_64_fastpath+0x16/0x75 linux-4.2.0/arch/x86/entry/entry_64.S:186
Jan 27 12:02:05 ubuntu kernel: Memory state around the buggy address:
Jan 27 12:02:05 ubuntu kernel: ffff88036c414280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
Jan 27 12:02:05 ubuntu kernel: ffff88036c414300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Jan 27 12:02:05 ubuntu kernel: >ffff88036c414380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
Jan 27 12:02:05 ubuntu kernel: ^
Jan 27 12:02:05 ubuntu kernel: ffff88036c414400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Jan 27 12:02:05 ubuntu kernel: ffff88036c414480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
Jan 27 12:02:05 ubuntu kernel: ==================================================================