Date
May 15, 2025, 10:38 a.m.
| Environment | |
|---|---|
| e850-96 |
[ 21.433627] ================================================================== [ 21.443329] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 21.449923] Read of size 1 at addr ffff000803500000 by task kunit_try_catch/193 [ 21.457214] [ 21.458701] CPU: 7 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250515 #1 PREEMPT [ 21.458755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.458772] Hardware name: WinLink E850-96 board (DT) [ 21.458793] Call trace: [ 21.458806] show_stack+0x20/0x38 (C) [ 21.458844] dump_stack_lvl+0x8c/0xd0 [ 21.458876] print_report+0x118/0x608 [ 21.458909] kasan_report+0xdc/0x128 [ 21.458943] __asan_report_load1_noabort+0x20/0x30 [ 21.458981] kmalloc_large_uaf+0x2cc/0x2f8 [ 21.459007] kunit_try_run_case+0x170/0x3f0 [ 21.459039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.459073] kthread+0x328/0x630 [ 21.459107] ret_from_fork+0x10/0x20 [ 21.459143] [ 21.522667] The buggy address belongs to the physical page: [ 21.528222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883500 [ 21.536209] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.542730] raw: 0bfffe0000000000 ffff00085b012f00 ffff00085b012f00 0000000000000000 [ 21.550447] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 21.558168] page dumped because: kasan: bad access detected [ 21.563722] [ 21.565197] Memory state around the buggy address: [ 21.569981] ffff0008034fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.577180] ffff0008034fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.584387] >ffff000803500000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.591586] ^ [ 21.594801] ffff000803500080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.602006] ffff000803500100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.609209] ==================================================================