Re: [f2fs-dev] [syzbot] [f2fs?] KASAN: slab-out-of-bounds Read in f2fs_get_node_info
Hello, syzbot has tested the proposed patch and the reproducer did not trigger any issue: Reported-and-tested-by: syzbot+3694e283cf5c40df6...@syzkaller.appspotmail.com Tested on: commit: 77d6a556 f2fs: fix to do sanity check on i_xattr_nid i.. git tree: git://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git bugfix/syzbot console output: https://syzkaller.appspot.com/x/log.txt?x=1535f23718 kernel config: https://syzkaller.appspot.com/x/.config?x=5a05c230e142f2bc dashboard link: https://syzkaller.appspot.com/bug?extid=3694e283cf5c40df6d14 compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 Note: no patches were applied. Note: testing is done by a robot and is best-effort only. ___ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
Re: [f2fs-dev] [syzbot] [f2fs?] KASAN: slab-out-of-bounds Read in f2fs_get_node_info
#syz test git://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git bugfix/syzbot On 2024/4/25 15:59, syzbot wrote: Hello, syzbot found the following issue on: HEAD commit:ed30a4a51bb1 Linux 6.9-rc5 git tree: upstream console+strace: https://syzkaller.appspot.com/x/log.txt?x=1116bc3098 kernel config: https://syzkaller.appspot.com/x/.config?x=5a05c230e142f2bc dashboard link: https://syzkaller.appspot.com/bug?extid=3694e283cf5c40df6d14 compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1128486b18 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1516bc3098 Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/7a2e1a02882c/disk-ed30a4a5.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/329966999344/vmlinux-ed30a4a5.xz kernel image: https://storage.googleapis.com/syzbot-assets/1befbdf4dcac/bzImage-ed30a4a5.xz mounted in repro: https://storage.googleapis.com/syzbot-assets/42ddf2738cf7/mount_0.gz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+3694e283cf5c40df6...@syzkaller.appspotmail.com F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 == BUG: KASAN: slab-out-of-bounds in f2fs_test_bit fs/f2fs/f2fs.h:2933 [inline] BUG: KASAN: slab-out-of-bounds in current_nat_addr fs/f2fs/node.h:213 [inline] BUG: KASAN: slab-out-of-bounds in f2fs_get_node_info+0xece/0x1200 fs/f2fs/node.c:600 Read of size 1 at addr 88807a58c76c by task syz-executor280/5076 CPU: 1 PID: 5076 Comm: syz-executor280 Not tainted 6.9.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 f2fs_test_bit fs/f2fs/f2fs.h:2933 [inline] current_nat_addr fs/f2fs/node.h:213 [inline] f2fs_get_node_info+0xece/0x1200 fs/f2fs/node.c:600 f2fs_xattr_fiemap fs/f2fs/data.c:1848 [inline] f2fs_fiemap+0x55d/0x1ee0 fs/f2fs/data.c:1925 ioctl_fiemap fs/ioctl.c:220 [inline] do_vfs_ioctl+0x1c07/0x2e50 fs/ioctl.c:838 __do_sys_ioctl fs/ioctl.c:902 [inline] __se_sys_ioctl+0x81/0x170 fs/ioctl.c:890 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f60d34ae739 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:7ffc9f2f1148 EFLAGS: 0246 ORIG_RAX: 0010 RAX: ffda RBX: 7ffc9f2f1318 RCX: 7f60d34ae739 RDX: 2040 RSI: c020660b RDI: 0004 RBP: 7f60d3527610 R08: R09: 7ffc9f2f1318 R10: 551a R11: 0246 R12: 0001 R13: 7ffc9f2f1308 R14: 0001 R15: 0001 Allocated by task 5076: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:370 [inline] __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387 kasan_kmalloc include/linux/kasan.h:211 [inline] __do_kmalloc_node mm/slub.c:3966 [inline] __kmalloc_node_track_caller+0x24e/0x4e0 mm/slub.c:3986 kmemdup+0x2a/0x60 mm/util.c:131 init_node_manager fs/f2fs/node.c:3268 [inline] f2fs_build_node_manager+0x8cc/0x2870 fs/f2fs/node.c:3329 f2fs_fill_super+0x583c/0x8120 fs/f2fs/super.c:4540 mount_bdev+0x20a/0x2d0 fs/super.c:1658 legacy_get_tree+0xee/0x190 fs/fs_context.c:662 vfs_get_tree+0x90/0x2a0 fs/super.c:1779 do_new_mount+0x2be/0xb40 fs/namespace.c:3352 do_mount fs/namespace.c:3692 [inline] __do_sys_mount fs/namespace.c:3898 [inline] __se_sys_mount+0x2d9/0x3c0 fs/namespace.c:3875 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f The buggy address belongs to the object at 88807a58c700 which belongs to the cache kmalloc-64 of size 64 The buggy address is located 44 bytes to the right of allocated 64-byte region [88807a58c700, 88807a58c740) The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping: index:0x0 pfn:0x7a58c flags: 0xfff8000800(slab|node=0|zone=1|lastcpupid=0xfff) page_type: 0x() raw: 00fff8000800 888015041640 eaaa6400 dead0004 raw: 00200020 0001 page dumped because: kasan: bad access detected page_owner tracks the page as allocated pag
Re: [f2fs-dev] [syzbot] [f2fs?] KASAN: slab-out-of-bounds Read in f2fs_get_node_info
Hello, syzbot tried to test the proposed patch but the build/boot failed: ][T1] usbcore: registered new interface driver port100 [7.895087][T1] usbcore: registered new interface driver nfcmrvl [7.905107][T1] Loading iSCSI transport class v2.0-870. [7.922010][T1] virtio_scsi virtio0: 1/0/0 default/read/poll queues [7.931607][T1] [ cut here ] [7.932648][T1] refcount_t: decrement hit 0; leaking memory. [7.933996][T1] WARNING: CPU: 0 PID: 1 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0 [7.935773][T1] Modules linked in: [7.936430][T1] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.9.0-rc1-syzkaller-00035-g5f5d424df7e0 #0 [7.938346][T1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [7.940220][T1] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0 [7.941129][T1] Code: b2 00 00 00 e8 e7 3e f2 fc 5b 5d c3 cc cc cc cc e8 db 3e f2 fc c6 05 d1 c3 ce 0a 01 90 48 c7 c7 60 57 fe 8b e8 37 bd b4 fc 90 <0f> 0b 90 90 eb d9 e8 bb 3e f2 fc c6 05 ae c3 ce 0a 01 90 48 c7 c7 [7.944817][T1] RSP: :c9066e18 EFLAGS: 00010246 [7.946204][T1] RAX: 66500b6c8a695200 RBX: 88814074d61c RCX: 8880166c8000 [7.947881][T1] RDX: RSI: RDI: [7.949474][T1] RBP: 0004 R08: 8157ffe2 R09: fbfff1bf96e0 [7.950651][T1] R10: dc00 R11: fbfff1bf96e0 R12: ea83fdc0 [7.952066][T1] R13: ea83fdc8 R14: 1d4000107fb9 R15: [7.953537][T1] FS: () GS:8880b940() knlGS: [7.955023][T1] CS: 0010 DS: ES: CR0: 80050033 [7.956765][T1] CR2: 88823000 CR3: 0df32000 CR4: 003506f0 [7.958239][T1] DR0: DR1: DR2: [7.959594][T1] DR3: DR6: fffe0ff0 DR7: 0400 [7.960858][T1] Call Trace: [7.961668][T1] [7.962214][T1] ? __warn+0x163/0x4e0 [7.963029][T1] ? refcount_warn_saturate+0xfa/0x1d0 [7.964034][T1] ? report_bug+0x2b3/0x500 [7.964911][T1] ? refcount_warn_saturate+0xfa/0x1d0 [7.965754][T1] ? handle_bug+0x3e/0x70 [7.966390][T1] ? exc_invalid_op+0x1a/0x50 [7.967476][T1] ? asm_exc_invalid_op+0x1a/0x20 [7.968393][T1] ? __warn_printk+0x292/0x360 [7.969171][T1] ? refcount_warn_saturate+0xfa/0x1d0 [7.969977][T1] ? refcount_warn_saturate+0xf9/0x1d0 [7.971093][T1] __free_pages_ok+0xc54/0xd80 [7.971989][T1] make_alloc_exact+0xa3/0xf0 [7.972707][T1] vring_alloc_queue_split+0x20a/0x600 [7.974010][T1] ? __pfx_vring_alloc_queue_split+0x10/0x10 [7.975606][T1] ? vp_find_vqs+0x4c/0x4e0 [7.976506][T1] ? virtscsi_probe+0x3ea/0xf60 [7.977276][T1] ? virtio_dev_probe+0x991/0xaf0 [7.978066][T1] ? really_probe+0x2b8/0xad0 [7.978729][T1] ? driver_probe_device+0x50/0x430 [7.979895][T1] vring_create_virtqueue_split+0xc6/0x310 [7.980907][T1] ? ret_from_fork+0x4b/0x80 [7.981907][T1] ? __pfx_vring_create_virtqueue_split+0x10/0x10 [7.983053][T1] vring_create_virtqueue+0xca/0x110 [7.984261][T1] ? __pfx_vp_notify+0x10/0x10 [7.985081][T1] ? __pfx_virtscsi_ctrl_done+0x10/0x10 [7.986232][T1] setup_vq+0xe9/0x2d0 [7.987144][T1] ? __pfx_vp_notify+0x10/0x10 [7.988136][T1] ? __pfx_virtscsi_ctrl_done+0x10/0x10 [7.989737][T1] ? __pfx_virtscsi_ctrl_done+0x10/0x10 [7.990898][T1] ? __pfx_virtscsi_ctrl_done+0x10/0x10 [7.992460][T1] vp_setup_vq+0xbf/0x330 [7.993445][T1] ? __pfx_vp_config_changed+0x10/0x10 [7.994457][T1] ? ioread16+0x2f/0x90 [7.995411][T1] ? __pfx_virtscsi_ctrl_done+0x10/0x10 [7.996442][T1] vp_find_vqs_msix+0x8b2/0xc80 [7.997332][T1] vp_find_vqs+0x4c/0x4e0 [7.998606][T1] virtscsi_init+0x8db/0xd00 [7.999359][T1] ? __pfx_virtscsi_init+0x10/0x10 [8.96][T1] ? __pfx_default_calc_sets+0x10/0x10 [8.001321][T1] ? scsi_host_alloc+0xa57/0xea0 [8.002518][T1] ? vp_get+0xfd/0x140 [8.003649][T1] virtscsi_probe+0x3ea/0xf60 [8.004550][T1] ? __pfx_virtscsi_probe+0x10/0x10 [8.005302][T1] ? vp_setup_vq+0x26d/0x330 [8.006401][T1] ? __pfx_vp_set_status+0x10/0x10 [8.007509][T1] ? vp_set_status+0x1a/0x40 [8.008360][T1] ? virtio_no_restricted_mem_acc+0x9/0x10 [8.009422][T1] ? virtio_features_ok+0x10c/0x270 [8.010463][T1] virtio_dev_probe+0x991/0xaf0 [8.011159][T1] ? __pfx_virtio_dev_probe+0x10/0x10 [8.012074][T1] really_probe+0x2b8/0xad0 [8.012764][T1] __driver_probe_device+0x1a2/0x3
Re: [f2fs-dev] [syzbot] [f2fs?] KASAN: slab-out-of-bounds Read in f2fs_get_node_info
#syz test git://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git bugfix/syzbot On 2024/4/25 15:59, syzbot wrote: Hello, syzbot found the following issue on: HEAD commit:ed30a4a51bb1 Linux 6.9-rc5 git tree: upstream console+strace: https://syzkaller.appspot.com/x/log.txt?x=1116bc3098 kernel config: https://syzkaller.appspot.com/x/.config?x=5a05c230e142f2bc dashboard link: https://syzkaller.appspot.com/bug?extid=3694e283cf5c40df6d14 compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1128486b18 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1516bc3098 Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/7a2e1a02882c/disk-ed30a4a5.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/329966999344/vmlinux-ed30a4a5.xz kernel image: https://storage.googleapis.com/syzbot-assets/1befbdf4dcac/bzImage-ed30a4a5.xz mounted in repro: https://storage.googleapis.com/syzbot-assets/42ddf2738cf7/mount_0.gz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+3694e283cf5c40df6...@syzkaller.appspotmail.com F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 == BUG: KASAN: slab-out-of-bounds in f2fs_test_bit fs/f2fs/f2fs.h:2933 [inline] BUG: KASAN: slab-out-of-bounds in current_nat_addr fs/f2fs/node.h:213 [inline] BUG: KASAN: slab-out-of-bounds in f2fs_get_node_info+0xece/0x1200 fs/f2fs/node.c:600 Read of size 1 at addr 88807a58c76c by task syz-executor280/5076 CPU: 1 PID: 5076 Comm: syz-executor280 Not tainted 6.9.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 f2fs_test_bit fs/f2fs/f2fs.h:2933 [inline] current_nat_addr fs/f2fs/node.h:213 [inline] f2fs_get_node_info+0xece/0x1200 fs/f2fs/node.c:600 f2fs_xattr_fiemap fs/f2fs/data.c:1848 [inline] f2fs_fiemap+0x55d/0x1ee0 fs/f2fs/data.c:1925 ioctl_fiemap fs/ioctl.c:220 [inline] do_vfs_ioctl+0x1c07/0x2e50 fs/ioctl.c:838 __do_sys_ioctl fs/ioctl.c:902 [inline] __se_sys_ioctl+0x81/0x170 fs/ioctl.c:890 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f60d34ae739 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:7ffc9f2f1148 EFLAGS: 0246 ORIG_RAX: 0010 RAX: ffda RBX: 7ffc9f2f1318 RCX: 7f60d34ae739 RDX: 2040 RSI: c020660b RDI: 0004 RBP: 7f60d3527610 R08: R09: 7ffc9f2f1318 R10: 551a R11: 0246 R12: 0001 R13: 7ffc9f2f1308 R14: 0001 R15: 0001 Allocated by task 5076: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:370 [inline] __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387 kasan_kmalloc include/linux/kasan.h:211 [inline] __do_kmalloc_node mm/slub.c:3966 [inline] __kmalloc_node_track_caller+0x24e/0x4e0 mm/slub.c:3986 kmemdup+0x2a/0x60 mm/util.c:131 init_node_manager fs/f2fs/node.c:3268 [inline] f2fs_build_node_manager+0x8cc/0x2870 fs/f2fs/node.c:3329 f2fs_fill_super+0x583c/0x8120 fs/f2fs/super.c:4540 mount_bdev+0x20a/0x2d0 fs/super.c:1658 legacy_get_tree+0xee/0x190 fs/fs_context.c:662 vfs_get_tree+0x90/0x2a0 fs/super.c:1779 do_new_mount+0x2be/0xb40 fs/namespace.c:3352 do_mount fs/namespace.c:3692 [inline] __do_sys_mount fs/namespace.c:3898 [inline] __se_sys_mount+0x2d9/0x3c0 fs/namespace.c:3875 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f The buggy address belongs to the object at 88807a58c700 which belongs to the cache kmalloc-64 of size 64 The buggy address is located 44 bytes to the right of allocated 64-byte region [88807a58c700, 88807a58c740) The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping: index:0x0 pfn:0x7a58c flags: 0xfff8000800(slab|node=0|zone=1|lastcpupid=0xfff) page_type: 0x() raw: 00fff8000800 888015041640 eaaa6400 dead0004 raw: 00200020 0001 page dumped because: kasan: bad access detected page_owner tracks the page as allocated pag
[f2fs-dev] [syzbot] [f2fs?] KASAN: slab-out-of-bounds Read in f2fs_get_node_info
Hello, syzbot found the following issue on: HEAD commit:ed30a4a51bb1 Linux 6.9-rc5 git tree: upstream console+strace: https://syzkaller.appspot.com/x/log.txt?x=1116bc3098 kernel config: https://syzkaller.appspot.com/x/.config?x=5a05c230e142f2bc dashboard link: https://syzkaller.appspot.com/bug?extid=3694e283cf5c40df6d14 compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1128486b18 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1516bc3098 Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/7a2e1a02882c/disk-ed30a4a5.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/329966999344/vmlinux-ed30a4a5.xz kernel image: https://storage.googleapis.com/syzbot-assets/1befbdf4dcac/bzImage-ed30a4a5.xz mounted in repro: https://storage.googleapis.com/syzbot-assets/42ddf2738cf7/mount_0.gz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+3694e283cf5c40df6...@syzkaller.appspotmail.com F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 == BUG: KASAN: slab-out-of-bounds in f2fs_test_bit fs/f2fs/f2fs.h:2933 [inline] BUG: KASAN: slab-out-of-bounds in current_nat_addr fs/f2fs/node.h:213 [inline] BUG: KASAN: slab-out-of-bounds in f2fs_get_node_info+0xece/0x1200 fs/f2fs/node.c:600 Read of size 1 at addr 88807a58c76c by task syz-executor280/5076 CPU: 1 PID: 5076 Comm: syz-executor280 Not tainted 6.9.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 f2fs_test_bit fs/f2fs/f2fs.h:2933 [inline] current_nat_addr fs/f2fs/node.h:213 [inline] f2fs_get_node_info+0xece/0x1200 fs/f2fs/node.c:600 f2fs_xattr_fiemap fs/f2fs/data.c:1848 [inline] f2fs_fiemap+0x55d/0x1ee0 fs/f2fs/data.c:1925 ioctl_fiemap fs/ioctl.c:220 [inline] do_vfs_ioctl+0x1c07/0x2e50 fs/ioctl.c:838 __do_sys_ioctl fs/ioctl.c:902 [inline] __se_sys_ioctl+0x81/0x170 fs/ioctl.c:890 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f60d34ae739 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:7ffc9f2f1148 EFLAGS: 0246 ORIG_RAX: 0010 RAX: ffda RBX: 7ffc9f2f1318 RCX: 7f60d34ae739 RDX: 2040 RSI: c020660b RDI: 0004 RBP: 7f60d3527610 R08: R09: 7ffc9f2f1318 R10: 551a R11: 0246 R12: 0001 R13: 7ffc9f2f1308 R14: 0001 R15: 0001 Allocated by task 5076: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:370 [inline] __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387 kasan_kmalloc include/linux/kasan.h:211 [inline] __do_kmalloc_node mm/slub.c:3966 [inline] __kmalloc_node_track_caller+0x24e/0x4e0 mm/slub.c:3986 kmemdup+0x2a/0x60 mm/util.c:131 init_node_manager fs/f2fs/node.c:3268 [inline] f2fs_build_node_manager+0x8cc/0x2870 fs/f2fs/node.c:3329 f2fs_fill_super+0x583c/0x8120 fs/f2fs/super.c:4540 mount_bdev+0x20a/0x2d0 fs/super.c:1658 legacy_get_tree+0xee/0x190 fs/fs_context.c:662 vfs_get_tree+0x90/0x2a0 fs/super.c:1779 do_new_mount+0x2be/0xb40 fs/namespace.c:3352 do_mount fs/namespace.c:3692 [inline] __do_sys_mount fs/namespace.c:3898 [inline] __se_sys_mount+0x2d9/0x3c0 fs/namespace.c:3875 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f The buggy address belongs to the object at 88807a58c700 which belongs to the cache kmalloc-64 of size 64 The buggy address is located 44 bytes to the right of allocated 64-byte region [88807a58c700, 88807a58c740) The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping: index:0x0 pfn:0x7a58c flags: 0xfff8000800(slab|node=0|zone=1|lastcpupid=0xfff) page_type: 0x() raw: 00fff8000800 888015041640 eaaa6400 dead0004 raw: 00200020 0001 page dumped because: kasan: bad access detected page_owner tracks the page as allocated page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY), pid 4536, tgid 106643948 (udevd), ts 4536, free_ts 4304