Date
Feb. 5, 2025, 2:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 |
[ 179.071305] ================================================================== [ 179.073864] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0xf8/0x268 [ 179.075633] Write of size 16 at addr ffff0000c5e9f560 by task kunit_try_catch/144 [ 179.077861] [ 179.078543] CPU: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 179.080370] Hardware name: linux,dummy-virt (DT) [ 179.081606] Call trace: [ 179.082257] dump_backtrace+0x9c/0x128 [ 179.083314] show_stack+0x20/0x38 [ 179.084278] dump_stack_lvl+0x60/0xb0 [ 179.085621] print_report+0xf8/0x5d8 [ 179.086711] kasan_report+0xc8/0x118 [ 179.087839] __asan_store16+0xa4/0xa8 [ 179.089169] kmalloc_oob_16+0xf8/0x268 [ 179.090325] kunit_try_run_case+0xf8/0x260 [ 179.091491] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.093008] kthread+0x18c/0x1a8 [ 179.094319] ret_from_fork+0x10/0x20 [ 179.095429] [ 179.095909] Allocated by task 144: [ 179.096729] kasan_save_stack+0x3c/0x68 [ 179.098332] kasan_set_track+0x2c/0x40 [ 179.099549] kasan_save_alloc_info+0x24/0x38 [ 179.101293] __kasan_kmalloc+0xd4/0xd8 [ 179.102464] kmalloc_trace+0x68/0x130 [ 179.103477] kmalloc_oob_16+0xa4/0x268 [ 179.104546] kunit_try_run_case+0xf8/0x260 [ 179.105883] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.107550] kthread+0x18c/0x1a8 [ 179.108559] ret_from_fork+0x10/0x20 [ 179.109967] [ 179.110608] The buggy address belongs to the object at ffff0000c5e9f560 [ 179.110608] which belongs to the cache kmalloc-16 of size 16 [ 179.113010] The buggy address is located 0 bytes inside of [ 179.113010] allocated 13-byte region [ffff0000c5e9f560, ffff0000c5e9f56d) [ 179.116184] [ 179.116740] The buggy address belongs to the physical page: [ 179.118082] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 179.120141] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 179.122024] page_type: 0xffffffff() [ 179.123080] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 179.124887] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 179.126553] page dumped because: kasan: bad access detected [ 179.127867] [ 179.128451] Memory state around the buggy address: [ 179.130022] ffff0000c5e9f400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 179.131678] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 179.133347] >ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 179.135308] ^ [ 179.136800] ffff0000c5e9f580: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.139066] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.140517] ==================================================================