Hay
Sign in
Date
June 2, 2025, 2:13 p.m.

Environment
qemu-arm64
qemu-x86_64 

[   20.794641] ==================================================================
[   20.795213] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8
[   20.795577] Read of size 1 at addr fff00000c3f60218 by task kunit_try_catch/247
[   20.795834] 
[   20.795966] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G    B            N 6.14.10-rc1 #1
[   20.796073] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.796106] Hardware name: linux,dummy-virt (DT)
[   20.796148] Call trace:
[   20.796444]  show_stack+0x20/0x38 (C)
[   20.796542]  dump_stack_lvl+0x8c/0xd0
[   20.796606]  print_report+0x118/0x608
[   20.796668]  kasan_report+0xdc/0x128
[   20.796724]  __asan_report_load1_noabort+0x20/0x30
[   20.796781]  memcmp+0x198/0x1d8
[   20.796832]  kasan_memcmp+0x16c/0x300
[   20.796886]  kunit_try_run_case+0x170/0x3f0
[   20.796945]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.797007]  kthread+0x318/0x620
[   20.797063]  ret_from_fork+0x10/0x20
[   20.797125] 
[   20.801177] Allocated by task 247:
[   20.801401]  kasan_save_stack+0x3c/0x68
[   20.801785]  kasan_save_track+0x20/0x40
[   20.802172]  kasan_save_alloc_info+0x40/0x58
[   20.802677]  __kasan_kmalloc+0xd4/0xd8
[   20.803444]  __kmalloc_cache_noprof+0x16c/0x3c0
[   20.803740]  kasan_memcmp+0xbc/0x300
[   20.804015]  kunit_try_run_case+0x170/0x3f0
[   20.804372]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.804732]  kthread+0x318/0x620
[   20.805044]  ret_from_fork+0x10/0x20
[   20.805262] 
[   20.805492] The buggy address belongs to the object at fff00000c3f60200
[   20.805492]  which belongs to the cache kmalloc-32 of size 32
[   20.806244] The buggy address is located 0 bytes to the right of
[   20.806244]  allocated 24-byte region [fff00000c3f60200, fff00000c3f60218)
[   20.807225] 
[   20.807383] The buggy address belongs to the physical page:
[   20.807765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f60
[   20.808205] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.808768] page_type: f5(slab)
[   20.809105] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000
[   20.809589] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000
[   20.810058] page dumped because: kasan: bad access detected
[   20.810466] 
[   20.811130] Memory state around the buggy address:
[   20.811361]  fff00000c3f60100: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc
[   20.811963]  fff00000c3f60180: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc
[   20.812371] >fff00000c3f60200: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.812842]                             ^
[   20.813134]  fff00000c3f60280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.813517]  fff00000c3f60300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.813869] ==================================================================
Metadata Full log Test run details 

[   14.558786] ==================================================================
[   14.559390] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0
[   14.559816] Read of size 1 at addr ffff888102a33fd8 by task kunit_try_catch/265
[   14.560300] 
[   14.560664] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G    B            N 6.14.10-rc1 #1
[   14.560835] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.560851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.560872] Call Trace:
[   14.560884]  <TASK>
[   14.560899]  dump_stack_lvl+0x73/0xb0
[   14.560929]  print_report+0xd1/0x650
[   14.560953]  ? __virt_addr_valid+0x1db/0x2d0
[   14.560978]  ? memcmp+0x1b4/0x1d0
[   14.561000]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.561041]  ? memcmp+0x1b4/0x1d0
[   14.561063]  kasan_report+0x140/0x180
[   14.561088]  ? memcmp+0x1b4/0x1d0
[   14.561114]  __asan_report_load1_noabort+0x18/0x20
[   14.561140]  memcmp+0x1b4/0x1d0
[   14.561164]  kasan_memcmp+0x190/0x390
[   14.561188]  ? __pfx_kasan_memcmp+0x10/0x10
[   14.561211]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   14.561244]  ? __pfx_kasan_memcmp+0x10/0x10
[   14.561271]  kunit_try_run_case+0x1a6/0x480
[   14.561296]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.561320]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   14.561346]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.561373]  ? __kthread_parkme+0x82/0x160
[   14.561397]  ? preempt_count_sub+0x50/0x80
[   14.561424]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.561450]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.561478]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.561506]  kthread+0x324/0x6e0
[   14.561530]  ? trace_preempt_on+0x20/0xc0
[   14.561579]  ? __pfx_kthread+0x10/0x10
[   14.561605]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.561629]  ? calculate_sigpending+0x7b/0xa0
[   14.561654]  ? __pfx_kthread+0x10/0x10
[   14.561679]  ret_from_fork+0x41/0x80
[   14.561702]  ? __pfx_kthread+0x10/0x10
[   14.561727]  ret_from_fork_asm+0x1a/0x30
[   14.561766]  </TASK>
[   14.561775] 
[   14.571534] Allocated by task 265:
[   14.572160]  kasan_save_stack+0x45/0x70
[   14.572459]  kasan_save_track+0x18/0x40
[   14.572819]  kasan_save_alloc_info+0x3b/0x50
[   14.573160]  __kasan_kmalloc+0xb7/0xc0
[   14.573457]  __kmalloc_cache_noprof+0x18a/0x420
[   14.573858]  kasan_memcmp+0xb8/0x390
[   14.574164]  kunit_try_run_case+0x1a6/0x480
[   14.574456]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.574892]  kthread+0x324/0x6e0
[   14.575179]  ret_from_fork+0x41/0x80
[   14.575448]  ret_from_fork_asm+0x1a/0x30
[   14.575847] 
[   14.575944] The buggy address belongs to the object at ffff888102a33fc0
[   14.575944]  which belongs to the cache kmalloc-32 of size 32
[   14.576416] The buggy address is located 0 bytes to the right of
[   14.576416]  allocated 24-byte region [ffff888102a33fc0, ffff888102a33fd8)
[   14.576905] 
[   14.577004] The buggy address belongs to the physical page:
[   14.577867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a33
[   14.578353] flags: 0x200000000000000(node=0|zone=2)
[   14.578769] page_type: f5(slab)
[   14.579050] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000
[   14.579482] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000
[   14.579973] page dumped because: kasan: bad access detected
[   14.580336] 
[   14.580624] Memory state around the buggy address:
[   14.580937]  ffff888102a33e80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc
[   14.581345]  ffff888102a33f00: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc
[   14.581997] >ffff888102a33f80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc
[   14.582400]                                                     ^
[   14.582760]  ffff888102a34000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.583146]  ffff888102a34080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb
[   14.583700] ==================================================================
Metadata Full log Test run details