Hay
Sign in
Date
June 7, 2025, 10:40 a.m.

Environment
qemu-arm64
qemu-x86_64 

[   20.406623] ==================================================================
[   20.407711] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x28c/0x2d0
[   20.408475] Write of size 1 at addr fff00000c695e00a by task kunit_try_catch/134
[   20.410091] 
[   20.410449] CPU: 0 UID: 0 PID: 134 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   20.410654] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.410726] Hardware name: linux,dummy-virt (DT)
[   20.410809] Call trace:
[   20.410873]  dump_backtrace+0x9c/0x128
[   20.411011]  show_stack+0x20/0x38
[   20.411118]  dump_stack_lvl+0x8c/0xd0
[   20.411231]  print_report+0x118/0x5f0
[   20.411340]  kasan_report+0xdc/0x128
[   20.411678]  __asan_report_store1_noabort+0x20/0x30
[   20.411755]  kmalloc_large_oob_right+0x28c/0x2d0
[   20.411806]  kunit_try_run_case+0x170/0x3f0
[   20.411852]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.411904]  kthread+0x24c/0x2d0
[   20.411949]  ret_from_fork+0x10/0x20
[   20.412047] 
[   20.419229] The buggy address belongs to the physical page:
[   20.420295] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10695c
[   20.421093] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.421871] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.422693] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.424332] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.425089] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.425870] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.426752] head: 0bfffe0000000002 ffffc1ffc31a5701 ffffffffffffffff 0000000000000000
[   20.427517] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   20.428647] page dumped because: kasan: bad access detected
[   20.429367] 
[   20.429659] Memory state around the buggy address:
[   20.430190]  fff00000c695df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.430975]  fff00000c695df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.431631] >fff00000c695e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.433179]                       ^
[   20.433699]  fff00000c695e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.434422]  fff00000c695e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.435119] ==================================================================
Metadata Full log Test run details 

[   16.509815] ==================================================================
[   16.510580] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340
[   16.512773] Write of size 1 at addr ffff888102bde00a by task kunit_try_catch/151
[   16.513338] 
[   16.513820] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G    B            N 6.12.33-rc1 #1
[   16.514003] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.514042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   16.514098] Call Trace:
[   16.514146]  <TASK>
[   16.514187]  dump_stack_lvl+0x73/0xb0
[   16.514256]  print_report+0xd1/0x640
[   16.514294]  ? __virt_addr_valid+0x1db/0x2d0
[   16.514329]  ? kmalloc_large_oob_right+0x2eb/0x340
[   16.514362]  ? kasan_addr_to_slab+0x11/0xa0
[   16.514393]  ? kmalloc_large_oob_right+0x2eb/0x340
[   16.514427]  kasan_report+0x140/0x180
[   16.514490]  ? kmalloc_large_oob_right+0x2eb/0x340
[   16.514574]  __asan_report_store1_noabort+0x1b/0x30
[   16.514610]  kmalloc_large_oob_right+0x2eb/0x340
[   16.514647]  ? __pfx_kmalloc_large_oob_right+0x10/0x10
[   16.514686]  ? __pfx_kmalloc_large_oob_right+0x10/0x10
[   16.514726]  kunit_try_run_case+0x1a6/0x480
[   16.514759]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.514787]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   16.514839]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   16.514883]  ? __kthread_parkme+0x82/0x160
[   16.514912]  ? preempt_count_sub+0x50/0x80
[   16.514944]  ? __pfx_kunit_try_run_case+0x10/0x10
[   16.514972]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   16.515009]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   16.515046]  kthread+0x257/0x310
[   16.515072]  ? __pfx_kthread+0x10/0x10
[   16.515099]  ret_from_fork+0x41/0x80
[   16.515128]  ? __pfx_kthread+0x10/0x10
[   16.515154]  ret_from_fork_asm+0x1a/0x30
[   16.515196]  </TASK>
[   16.515229] 
[   16.534288] The buggy address belongs to the physical page:
[   16.535094] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bdc
[   16.535812] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   16.536456] flags: 0x200000000000040(head|node=0|zone=2)
[   16.537374] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.538139] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   16.539342] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   16.539915] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   16.540412] head: 0200000000000002 ffffea00040af701 ffffffffffffffff 0000000000000000
[   16.541389] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   16.542279] page dumped because: kasan: bad access detected
[   16.542701] 
[   16.542910] Memory state around the buggy address:
[   16.543720]  ffff888102bddf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.544423]  ffff888102bddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   16.545104] >ffff888102bde000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.545792]                       ^
[   16.546420]  ffff888102bde080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.547065]  ffff888102bde100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   16.547648] ==================================================================
Metadata Full log Test run details