Hay
Sign in
Date
Dec. 3, 2024, 11:38 p.m.

Environment
qemu-arm64
qemu-x86_64 

[   33.484047] ==================================================================
[   33.485219] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8
[   33.486098] Read of size 1 at addr fff00000c5921ad8 by task kunit_try_catch/246
[   33.486997] 
[   33.487575] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241203 #1
[   33.488444] Tainted: [B]=BAD_PAGE, [N]=TEST
[   33.489132] Hardware name: linux,dummy-virt (DT)
[   33.489706] Call trace:
[   33.490205]  show_stack+0x20/0x38 (C)
[   33.490876]  dump_stack_lvl+0x8c/0xd0
[   33.491907]  print_report+0x118/0x5e0
[   33.492393]  kasan_report+0xc8/0x118
[   33.493138]  __asan_report_load1_noabort+0x20/0x30
[   33.493893]  memcmp+0x198/0x1d8
[   33.494375]  kasan_memcmp+0x16c/0x300
[   33.495493]  kunit_try_run_case+0x14c/0x3d0
[   33.496587]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.497440]  kthread+0x24c/0x2d0
[   33.498167]  ret_from_fork+0x10/0x20
[   33.498952] 
[   33.499825] Allocated by task 246:
[   33.500249]  kasan_save_stack+0x3c/0x68
[   33.500802]  kasan_save_track+0x20/0x40
[   33.501408]  kasan_save_alloc_info+0x40/0x58
[   33.502124]  __kasan_kmalloc+0xd4/0xd8
[   33.502771]  __kmalloc_cache_noprof+0x15c/0x3c0
[   33.503739]  kasan_memcmp+0xbc/0x300
[   33.504567]  kunit_try_run_case+0x14c/0x3d0
[   33.505374]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.506174]  kthread+0x24c/0x2d0
[   33.506837]  ret_from_fork+0x10/0x20
[   33.507717] 
[   33.508039] The buggy address belongs to the object at fff00000c5921ac0
[   33.508039]  which belongs to the cache kmalloc-32 of size 32
[   33.509528] The buggy address is located 0 bytes to the right of
[   33.509528]  allocated 24-byte region [fff00000c5921ac0, fff00000c5921ad8)
[   33.510953] 
[   33.511363] The buggy address belongs to the physical page:
[   33.512029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105921
[   33.513352] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   33.514214] page_type: f5(slab)
[   33.514728] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000
[   33.515915] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000
[   33.516860] page dumped because: kasan: bad access detected
[   33.517497] 
[   33.517874] Memory state around the buggy address:
[   33.518574]  fff00000c5921980: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc
[   33.519712]  fff00000c5921a00: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc
[   33.520750] >fff00000c5921a80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc
[   33.521777]                                                     ^
[   33.522573]  fff00000c5921b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.523611]  fff00000c5921b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.524632] ==================================================================
Metadata Full log Test run details 

[   28.778298] ==================================================================
[   28.779335] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0
[   28.779730] Read of size 1 at addr ffff888102998458 by task kunit_try_catch/266
[   28.780595] 
[   28.780824] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G    B            N 6.13.0-rc1-next-20241203 #1
[   28.781656] Tainted: [B]=BAD_PAGE, [N]=TEST
[   28.781946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   28.783488] Call Trace:
[   28.783973]  <TASK>
[   28.784267]  dump_stack_lvl+0x73/0xb0
[   28.784670]  print_report+0xd1/0x640
[   28.785257]  ? __virt_addr_valid+0x1db/0x2d0
[   28.786229]  ? kasan_complete_mode_report_info+0x2a/0x200
[   28.786942]  kasan_report+0x102/0x140
[   28.787246]  ? memcmp+0x1b4/0x1d0
[   28.787509]  ? memcmp+0x1b4/0x1d0
[   28.787788]  __asan_report_load1_noabort+0x18/0x20
[   28.788270]  memcmp+0x1b4/0x1d0
[   28.788590]  kasan_memcmp+0x190/0x390
[   28.788965]  ? trace_hardirqs_on+0x37/0xe0
[   28.790281]  ? __pfx_kasan_memcmp+0x10/0x10
[   28.790851]  ? finish_task_switch.isra.0+0x153/0x700
[   28.791215]  ? __switch_to+0x5d9/0xf60
[   28.791618]  ? __pfx_read_tsc+0x10/0x10
[   28.792105]  ? ktime_get_ts64+0x86/0x230
[   28.792431]  kunit_try_run_case+0x1b3/0x490
[   28.792843]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.793392]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   28.794512]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   28.794941]  ? __kthread_parkme+0x82/0x160
[   28.795482]  ? preempt_count_sub+0x50/0x80
[   28.795970]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.796322]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   28.796822]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.797351]  kthread+0x257/0x310
[   28.798559]  ? __pfx_kthread+0x10/0x10
[   28.799110]  ret_from_fork+0x41/0x80
[   28.799384]  ? __pfx_kthread+0x10/0x10
[   28.799806]  ret_from_fork_asm+0x1a/0x30
[   28.800251]  </TASK>
[   28.800487] 
[   28.800643] Allocated by task 266:
[   28.801167]  kasan_save_stack+0x3d/0x60
[   28.801597]  kasan_save_track+0x18/0x40
[   28.802502]  kasan_save_alloc_info+0x3b/0x50
[   28.803040]  __kasan_kmalloc+0xb7/0xc0
[   28.803736]  __kmalloc_cache_noprof+0x184/0x410
[   28.804090]  kasan_memcmp+0xb8/0x390
[   28.804347]  kunit_try_run_case+0x1b3/0x490
[   28.804861]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.805375]  kthread+0x257/0x310
[   28.806392]  ret_from_fork+0x41/0x80
[   28.806910]  ret_from_fork_asm+0x1a/0x30
[   28.807204] 
[   28.807370] The buggy address belongs to the object at ffff888102998440
[   28.807370]  which belongs to the cache kmalloc-32 of size 32
[   28.808421] The buggy address is located 0 bytes to the right of
[   28.808421]  allocated 24-byte region [ffff888102998440, ffff888102998458)
[   28.809517] 
[   28.809746] The buggy address belongs to the physical page:
[   28.810044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102998
[   28.810721] flags: 0x200000000000000(node=0|zone=2)
[   28.811188] page_type: f5(slab)
[   28.812508] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000
[   28.813346] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000
[   28.813982] page dumped because: kasan: bad access detected
[   28.814321] 
[   28.814564] Memory state around the buggy address:
[   28.815402]  ffff888102998300: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc
[   28.815822]  ffff888102998380: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc
[   28.816992] >ffff888102998400: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc
[   28.817651]                                                     ^
[   28.819013]  ffff888102998480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.819407]  ffff888102998500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.820540] ==================================================================
Metadata Full log Test run details