Hay
Sign in
Date
Nov. 27, 2024, 3:37 a.m.

Environment
qemu-arm64
qemu-x86_64 

[   48.959030] ==================================================================
[   48.960223] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x33c/0x428
[   48.960988] Read of size 1 at addr fff00000c610a0c8 by task kunit_try_catch/196
[   48.962969] 
[   48.963511] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   48.964625] Tainted: [B]=BAD_PAGE, [N]=TEST
[   48.965162] Hardware name: linux,dummy-virt (DT)
[   48.966053] Call trace:
[   48.966508]  show_stack+0x20/0x38 (C)
[   48.967122]  dump_stack_lvl+0x8c/0xd0
[   48.967599]  print_report+0x118/0x5e0
[   48.968225]  kasan_report+0xc8/0x118
[   48.968765]  __asan_report_load1_noabort+0x20/0x30
[   48.969886]  kmem_cache_oob+0x33c/0x428
[   48.970755]  kunit_try_run_case+0x14c/0x3d0
[   48.971373]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   48.972107]  kthread+0x24c/0x2d0
[   48.972834]  ret_from_fork+0x10/0x20
[   48.973638] 
[   48.974049] Allocated by task 196:
[   48.974580]  kasan_save_stack+0x3c/0x68
[   48.975148]  kasan_save_track+0x20/0x40
[   48.975694]  kasan_save_alloc_info+0x40/0x58
[   48.976482]  __kasan_slab_alloc+0xa8/0xb0
[   48.977003]  kmem_cache_alloc_noprof+0x108/0x398
[   48.978110]  kmem_cache_oob+0x12c/0x428
[   48.978866]  kunit_try_run_case+0x14c/0x3d0
[   48.979797]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   48.980613]  kthread+0x24c/0x2d0
[   48.981248]  ret_from_fork+0x10/0x20
[   48.982128] 
[   48.982556] The buggy address belongs to the object at fff00000c610a000
[   48.982556]  which belongs to the cache test_cache of size 200
[   48.984039] The buggy address is located 0 bytes to the right of
[   48.984039]  allocated 200-byte region [fff00000c610a000, fff00000c610a0c8)
[   48.985977] 
[   48.986804] The buggy address belongs to the physical page:
[   48.987598] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10610a
[   48.988571] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   48.989660] page_type: f5(slab)
[   48.990481] raw: 0bfffe0000000000 fff00000c1bf5dc0 dead000000000122 0000000000000000
[   48.991420] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000
[   48.992401] page dumped because: kasan: bad access detected
[   48.993284] 
[   48.994134] Memory state around the buggy address:
[   48.994813]  fff00000c6109f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   48.995722]  fff00000c610a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   48.996668] >fff00000c610a080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[   48.997898]                                               ^
[   48.998508]  fff00000c610a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   48.999422]  fff00000c610a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   49.000223] ==================================================================
Metadata Full log Test run details 

[   26.192614] ==================================================================
[   26.193879] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530
[   26.194494] Read of size 1 at addr ffff888102a510c8 by task kunit_try_catch/215
[   26.194772] 
[   26.194881] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241127 #1
[   26.196174] Tainted: [B]=BAD_PAGE, [N]=TEST
[   26.196496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   26.198286] Call Trace:
[   26.198557]  <TASK>
[   26.199122]  dump_stack_lvl+0x73/0xb0
[   26.199833]  print_report+0xd1/0x640
[   26.200344]  ? __virt_addr_valid+0x1db/0x2d0
[   26.201040]  ? kasan_complete_mode_report_info+0x2a/0x200
[   26.201614]  kasan_report+0x102/0x140
[   26.202019]  ? kmem_cache_oob+0x404/0x530
[   26.202945]  ? kmem_cache_oob+0x404/0x530
[   26.203635]  __asan_report_load1_noabort+0x18/0x20
[   26.204262]  kmem_cache_oob+0x404/0x530
[   26.204646]  ? __pfx_kmem_cache_oob+0x10/0x10
[   26.205347]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   26.205794]  ? __pfx_kmem_cache_oob+0x10/0x10
[   26.206244]  kunit_try_run_case+0x1b3/0x490
[   26.206949]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.207554]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   26.207914]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   26.208684]  ? __kthread_parkme+0x82/0x160
[   26.209112]  ? preempt_count_sub+0x50/0x80
[   26.209681]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.210429]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   26.211232]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.211972]  kthread+0x257/0x310
[   26.212397]  ? __pfx_kthread+0x10/0x10
[   26.212896]  ret_from_fork+0x41/0x80
[   26.213542]  ? __pfx_kthread+0x10/0x10
[   26.214073]  ret_from_fork_asm+0x1a/0x30
[   26.214473]  </TASK>
[   26.214842] 
[   26.215305] Allocated by task 215:
[   26.215671]  kasan_save_stack+0x3d/0x60
[   26.216264]  kasan_save_track+0x18/0x40
[   26.216773]  kasan_save_alloc_info+0x3b/0x50
[   26.217335]  __kasan_slab_alloc+0x91/0xa0
[   26.217732]  kmem_cache_alloc_noprof+0x11e/0x3e0
[   26.218590]  kmem_cache_oob+0x158/0x530
[   26.218970]  kunit_try_run_case+0x1b3/0x490
[   26.219567]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.220452]  kthread+0x257/0x310
[   26.220772]  ret_from_fork+0x41/0x80
[   26.221299]  ret_from_fork_asm+0x1a/0x30
[   26.221875] 
[   26.222330] The buggy address belongs to the object at ffff888102a51000
[   26.222330]  which belongs to the cache test_cache of size 200
[   26.223515] The buggy address is located 0 bytes to the right of
[   26.223515]  allocated 200-byte region [ffff888102a51000, ffff888102a510c8)
[   26.224732] 
[   26.224890] The buggy address belongs to the physical page:
[   26.226067] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a51
[   26.226869] flags: 0x200000000000000(node=0|zone=2)
[   26.227514] page_type: f5(slab)
[   26.227882] raw: 0200000000000000 ffff88810166aa00 dead000000000122 0000000000000000
[   26.230141] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000
[   26.230579] page dumped because: kasan: bad access detected
[   26.231558] 
[   26.231711] Memory state around the buggy address:
[   26.232555]  ffff888102a50f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.233438]  ffff888102a51000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.234061] >ffff888102a51080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[   26.234681]                                               ^
[   26.235540]  ffff888102a51100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.236449]  ffff888102a51180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.237247] ==================================================================
Metadata Full log Test run details