Enabling KASAN on a Wily kernel prints the following:
Jan 27 12:02:05 ubuntu kernel: ================================================================== Jan 27 12:02:05 ubuntu kernel: BUG: KASan: use after free in fuse_direct_IO+0xb1a/0xcc0 at addr ffff88036c414390 Jan 27 12:02:05 ubuntu kernel: Read of size 8 by task qemu-system-x86/2784 Jan 27 12:02:05 ubuntu kernel: ============================================================================= Jan 27 12:02:05 ubuntu kernel: BUG kmalloc-128 (Tainted: G I ): kasan: bad access detected Jan 27 12:02:05 ubuntu kernel: ----------------------------------------------------------------------------- Jan 27 12:02:05 ubuntu kernel: Disabling lock debugging due to kernel taint Jan 27 12:02:05 ubuntu kernel: INFO: Slab 0xffffea000db10500 objects=32 used=26 fp=0xffff88036c414e80 flags=0x2ffff0000000080 Jan 27 12:02:05 ubuntu kernel: INFO: Object 0xffff88036c414380 @offset=896 fp=0x (null) Jan 27 12:02:05 ubuntu kernel: Bytes b4 ffff88036c414370: 18 00 00 00 40 27 a3 1f 3b 56 00 00 00 00 00 00 ....@'..;V...... Jan 27 12:02:05 ubuntu kernel: Object ffff88036c414380: 00 00 00 00 00 00 00 00 00 f0 75 35 00 00 00 00 ..........u5.... Jan 27 12:02:05 ubuntu kernel: Object ffff88036c414390: 80 27 67 81 ff ff ff ff 00 00 00 00 00 00 00 00 .'g............. Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143a0: 05 00 00 00 00 00 00 00 80 82 44 ad 05 88 ff ff ..........D..... Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143b0: 00 00 00 00 00 00 00 00 10 e1 bc 56 49 56 00 00 ...........VIV.. Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143d0: 00 00 00 00 00 00 00 00 80 f6 85 6d 03 88 ff ff ...........m.... Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jan 27 12:02:05 ubuntu kernel: CPU: 0 PID: 2784 Comm: qemu-system-x86 Tainted: G B I 4.2.0-25-generic 0000030 Jan 27 12:02:05 ubuntu kernel: Hardware name: IBM System x3550 M2 -[794654G]-/49Y6512 , BIOS -[D6E131CUS-1.05]- 11/25/2009 Jan 27 12:02:05 ubuntu kernel: ffff88036c414380 00000000d939cde9 ffff8805adf0f7c8 ffffffff828cafee Jan 27 12:02:05 ubuntu kernel: 0000000000000080 ffff880373803680 ffff8805adf0f7f8 ffffffff81546759 Jan 27 12:02:05 ubuntu kernel: ffff880373803680 ffffea000db10500 ffff88036c414380 ffff8805ad56d600 Jan 27 12:02:05 ubuntu kernel: Call Trace:
Jan 27 12:02:05 ubuntu kernel: [< inline >] __dump_stack linux-4.2.0/lib/dump_stack.c:15 Jan 27 12:02:05 ubuntu kernel: [<ffffffff828cafee>] dump_stack+0x45/0x57 linux-4.2.0/lib/dump_stack.c:50 Jan 27 12:02:05 ubuntu kernel: [<ffffffff81546759>] print_trailer+0xf9/0x150 linux-4.2.0/mm/slub.c:650 Jan 27 12:02:05 ubuntu kernel: [<ffffffff8154b9c8>] object_err+0x38/0x50 linux-4.2.0/mm/slub.c:657 Jan 27 12:02:05 ubuntu kernel: [< inline >] print_address_description linux-4.2.0/mm/kasan/report.c:120 Jan 27 12:02:05 ubuntu kernel: [<ffffffff8154e3d8>] kasan_report_error+0x1e8/0x3f0 linux-4.2.0/mm/kasan/report.c:193 Jan 27 12:02:05 ubuntu kernel: [< inline >] kasan_report linux-4.2.0/mm/kasan/report.c:230 Jan 27 12:02:05 ubuntu kernel: [<ffffffff8154e791>] __asan_report_load8_noabort+0x61/0x70 linux-4.2.0/mm/kasan/report.c:251 Jan 27 12:02:05 ubuntu kernel: [<ffffffff818d8bfa>] fuse_direct_IO+0xb1a/0xcc0 linux-4.2.0/fs/fuse/file.c:2842 Jan 27 12:02:05 ubuntu kernel: [<ffffffff8145eda6>] generic_file_direct_write+0x246/0x540 linux-4.2.0/mm/filemap.c:2398 Jan 27 12:02:05 ubuntu kernel: [<ffffffff818da16c>] fuse_file_write_iter+0x31c/0x780 linux-4.2.0/fs/fuse/file.c:1182 Jan 27 12:02:05 ubuntu kernel: [<ffffffff81673aba>] aio_run_iocb+0x68a/0x870 linux-4.2.0/fs/aio.c:1446 Jan 27 12:02:05 ubuntu kernel: [< inline >] io_submit_one linux-4.2.0/fs/aio.c:1548 Jan 27 12:02:05 ubuntu kernel: [<ffffffff81676567>] do_io_submit+0x4a7/0xb40 linux-4.2.0/fs/aio.c:1606 Jan 27 12:02:05 ubuntu kernel: [< inline >] SYSC_io_submit linux-4.2.0/fs/aio.c:1631 Jan 27 12:02:05 ubuntu kernel: [<ffffffff81676c10>] SyS_io_submit+0x10/0x20 linux-4.2.0/fs/aio.c:1628 Jan 27 12:02:05 ubuntu kernel: [<ffffffff828dc632>] entry_SYSCALL_64_fastpath+0x16/0x75 linux-4.2.0/arch/x86/entry/entry_64.S:186 Jan 27 12:02:05 ubuntu kernel: Memory state around the buggy address: Jan 27 12:02:05 ubuntu kernel: ffff88036c414280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb Jan 27 12:02:05 ubuntu kernel: ffff88036c414300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Jan 27 12:02:05 ubuntu kernel: >ffff88036c414380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb Jan 27 12:02:05 ubuntu kernel: ^ Jan 27 12:02:05 ubuntu kernel: ffff88036c414400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Jan 27 12:02:05 ubuntu kernel: ffff88036c414480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc Jan 27 12:02:05 ubuntu kernel: ==================================================================
Enabling KASAN on a Wily kernel prints the following:
Jan 27 12:02:05 ubuntu kernel: ======= ======= ======= ======= ======= ======= ======= ======= ======= === IO+0xb1a/ 0xcc0 at addr ffff88036c414390 x86/2784 ======= ======= ======= ======= ======= ======= ======= ======= ======= ======= ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- 414e80 flags=0x2ffff00 00000080
Jan 27 12:02:05 ubuntu kernel: BUG: KASan: use after free in fuse_direct_
Jan 27 12:02:05 ubuntu kernel: Read of size 8 by task qemu-system-
Jan 27 12:02:05 ubuntu kernel: =======
Jan 27 12:02:05 ubuntu kernel: BUG kmalloc-128 (Tainted: G I ): kasan: bad access detected
Jan 27 12:02:05 ubuntu kernel: -------
Jan 27 12:02:05 ubuntu kernel: Disabling lock debugging due to kernel taint
Jan 27 12:02:05 ubuntu kernel: INFO: Slab 0xffffea000db10500 objects=32 used=26 fp=0xffff88036c
Jan 27 12:02:05 ubuntu kernel: INFO: Object 0xffff88036c414380 @offset=896 fp=0x (null)
Jan 27 12:02:05 ubuntu kernel: Bytes b4 ffff88036c414370: 18 00 00 00 40 27 a3 1f 3b 56 00 00 00 00 00 00 ....@'..;V......
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c414380: 00 00 00 00 00 00 00 00 00 f0 75 35 00 00 00 00 ..........u5....
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c414390: 80 27 67 81 ff ff ff ff 00 00 00 00 00 00 00 00 .'g.............
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143a0: 05 00 00 00 00 00 00 00 80 82 44 ad 05 88 ff ff ..........D.....
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143b0: 00 00 00 00 00 00 00 00 10 e1 bc 56 49 56 00 00 ...........VIV..
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143d0: 00 00 00 00 00 00 00 00 80 f6 85 6d 03 88 ff ff ...........m....
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Jan 27 12:02:05 ubuntu kernel: Object ffff88036c4143f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Jan 27 12:02:05 ubuntu kernel: CPU: 0 PID: 2784 Comm: qemu-system-x86 Tainted: G B I 4.2.0-25-generic 0000030
Jan 27 12:02:05 ubuntu kernel: Hardware name: IBM System x3550 M2 -[794654G]-/49Y6512 , BIOS -[D6E131CUS-1.05]- 11/25/2009
Jan 27 12:02:05 ubuntu kernel: ffff88036c414380 00000000d939cde9 ffff8805adf0f7c8 ffffffff828cafee
Jan 27 12:02:05 ubuntu kernel: 0000000000000080 ffff880373803680 ffff8805adf0f7f8 ffffffff81546759
Jan 27 12:02:05 ubuntu kernel: ffff880373803680 ffffea000db10500 ffff88036c414380 ffff8805ad56d600
Jan 27 12:02:05 ubuntu kernel: Call Trace:
Jan 27 12:02:05 ubuntu kernel: [< inline >] __dump_stack linux-4. 2.0/lib/ dump_stack. c:15 fee>] dump_stack+ 0x45/0x57 linux-4. 2.0/lib/ dump_stack. c:50 759>] print_trailer+ 0xf9/0x150 linux-4. 2.0/mm/ slub.c: 650 9c8>] object_ err+0x38/ 0x50 linux-4. 2.0/mm/ slub.c: 657 description linux-4. 2.0/mm/ kasan/report. c:120 3d8>] kasan_report_ error+0x1e8/ 0x3f0 linux-4. 2.0/mm/ kasan/report. c:193 2.0/mm/ kasan/report. c:230 791>] __asan_ report_ load8_noabort+ 0x61/0x70 linux-4. 2.0/mm/ kasan/report. c:251 bfa>] fuse_direct_ IO+0xb1a/ 0xcc0 linux-4. 2.0/fs/ fuse/file. c:2842 da6>] generic_ file_direct_ write+0x246/ 0x540 linux-4. 2.0/mm/ filemap. c:2398 16c>] fuse_file_ write_iter+ 0x31c/0x780 linux-4. 2.0/fs/ fuse/file. c:1182 aba>] aio_run_ iocb+0x68a/ 0x870 linux-4. 2.0/fs/ aio.c:1446 2.0/fs/ aio.c:1548 567>] do_io_submit+ 0x4a7/0xb40 linux-4. 2.0/fs/ aio.c:1606 2.0/fs/ aio.c:1631 c10>] SyS_io_ submit+ 0x10/0x20 linux-4. 2.0/fs/ aio.c:1628 632>] entry_SYSCALL_ 64_fastpath+ 0x16/0x75 linux-4. 2.0/arch/ x86/entry/ entry_64. S:186 ======= ======= ======= ======= ======= ======= ======= ======= ===
Jan 27 12:02:05 ubuntu kernel: [<ffffffff828ca
Jan 27 12:02:05 ubuntu kernel: [<ffffffff81546
Jan 27 12:02:05 ubuntu kernel: [<ffffffff8154b
Jan 27 12:02:05 ubuntu kernel: [< inline >] print_address_
Jan 27 12:02:05 ubuntu kernel: [<ffffffff8154e
Jan 27 12:02:05 ubuntu kernel: [< inline >] kasan_report linux-4.
Jan 27 12:02:05 ubuntu kernel: [<ffffffff8154e
Jan 27 12:02:05 ubuntu kernel: [<ffffffff818d8
Jan 27 12:02:05 ubuntu kernel: [<ffffffff8145e
Jan 27 12:02:05 ubuntu kernel: [<ffffffff818da
Jan 27 12:02:05 ubuntu kernel: [<ffffffff81673
Jan 27 12:02:05 ubuntu kernel: [< inline >] io_submit_one linux-4.
Jan 27 12:02:05 ubuntu kernel: [<ffffffff81676
Jan 27 12:02:05 ubuntu kernel: [< inline >] SYSC_io_submit linux-4.
Jan 27 12:02:05 ubuntu kernel: [<ffffffff81676
Jan 27 12:02:05 ubuntu kernel: [<ffffffff828dc
Jan 27 12:02:05 ubuntu kernel: Memory state around the buggy address:
Jan 27 12:02:05 ubuntu kernel: ffff88036c414280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
Jan 27 12:02:05 ubuntu kernel: ffff88036c414300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Jan 27 12:02:05 ubuntu kernel: >ffff88036c414380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
Jan 27 12:02:05 ubuntu kernel: ^
Jan 27 12:02:05 ubuntu kernel: ffff88036c414400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Jan 27 12:02:05 ubuntu kernel: ffff88036c414480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
Jan 27 12:02:05 ubuntu kernel: =======