Created attachment 276443 [details] Found this bug with modified syzkaller ================================================================== BUG: KASAN: slab-out-of-bounds in predicate_parse kernel/trace/trace_events_filter.c:557 [inline] BUG: KASAN: slab-out-of-bounds in process_preds+0x140a/0x16b0 kernel/trace/trace_events_filter.c:1509 Write of size 4 at addr ffff8800695b3a10 by task syz-executor1/26773 CPU: 0 PID: 26773 Comm: syz-executor1 Not tainted 4.17.0 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014 Call Trace: Allocated by task 2813: (stack is not available) Freed by task 2813: (stack is not available) The buggy address belongs to the object at ffff8800695b39c0 which belongs to the cache kmalloc-64 of size 64 The buggy address is located 16 bytes to the right of 64-byte region [ffff8800695b39c0, ffff8800695b3a00) The buggy address belongs to the page: page:ffffea0001a56cc0 count:1 mapcount:0 mapping:ffff88006d0018c0 index:0x0 flags: 0x100000000000100(slab) raw: 0100000000000100 ffffea0001a626c0 0000000c0000000c ffff88006d0018c0 raw: 0000000000000000 00000000802a002a 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff8800695b3900: 00 00 00 00 00 00 00 00 fc fc fc fc fb fb fb fb ffff8800695b3980: fb fb fb fb fc fc fc fc 00 00 00 00 00 00 00 fc >ffff8800695b3a00: fc fc fc fc 00 00 00 00 00 00 fc fc fc fc fc fc ^ ffff8800695b3a80: fb fb fb fb fb fb fb fb fc fc fc fc fb fb fb fb ffff8800695b3b00: fb fb fb fb fc fc fc fc fb fb fb fb fb fb fb fb ==================================================================
*** This bug has been marked as a duplicate of bug 200019 ***