Date
Feb. 5, 2025, 2:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 |
[ 177.366902] ================================================================== [ 177.370266] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0xd0/0x1f0 [ 177.372074] Read of size 1 at addr ffff0000c5e73000 by task kunit_try_catch/120 [ 177.373744] [ 177.374307] CPU: 0 PID: 120 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 177.376237] Hardware name: linux,dummy-virt (DT) [ 177.378186] Call trace: [ 177.379128] dump_backtrace+0x9c/0x128 [ 177.380229] show_stack+0x20/0x38 [ 177.381249] dump_stack_lvl+0x60/0xb0 [ 177.382421] print_report+0xf8/0x5d8 [ 177.383534] kasan_report+0xc8/0x118 [ 177.384676] __asan_load1+0x60/0x70 [ 177.386517] kmalloc_node_oob_right+0xd0/0x1f0 [ 177.387590] kunit_try_run_case+0xf8/0x260 [ 177.389180] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.390718] kthread+0x18c/0x1a8 [ 177.391607] ret_from_fork+0x10/0x20 [ 177.392672] [ 177.393258] Allocated by task 120: [ 177.394153] kasan_save_stack+0x3c/0x68 [ 177.395358] kasan_set_track+0x2c/0x40 [ 177.396428] kasan_save_alloc_info+0x24/0x38 [ 177.397791] __kasan_kmalloc+0xd4/0xd8 [ 177.398987] kmalloc_node_trace+0x64/0x130 [ 177.400035] kmalloc_node_oob_right+0xa4/0x1f0 [ 177.401623] kunit_try_run_case+0xf8/0x260 [ 177.402844] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.404272] kthread+0x18c/0x1a8 [ 177.405417] ret_from_fork+0x10/0x20 [ 177.406348] [ 177.406971] The buggy address belongs to the object at ffff0000c5e72000 [ 177.406971] which belongs to the cache kmalloc-4k of size 4096 [ 177.409869] The buggy address is located 0 bytes to the right of [ 177.409869] allocated 4096-byte region [ffff0000c5e72000, ffff0000c5e73000) [ 177.412478] [ 177.413329] The buggy address belongs to the physical page: [ 177.415183] page:0000000021a8e1ed refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e70 [ 177.417330] head:0000000021a8e1ed order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 177.419072] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 177.420756] page_type: 0xffffffff() [ 177.421743] raw: 0bfffc0000000840 ffff0000c0002140 dead000000000122 0000000000000000 [ 177.423500] raw: 0000000000000000 0000000080040004 00000001ffffffff 0000000000000000 [ 177.425215] page dumped because: kasan: bad access detected [ 177.426454] [ 177.426915] Memory state around the buggy address: [ 177.428442] ffff0000c5e72f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 177.430171] ffff0000c5e72f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 177.431838] >ffff0000c5e73000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.433652] ^ [ 177.434692] ffff0000c5e73080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.436472] ffff0000c5e73100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.438191] ==================================================================