Date
Feb. 5, 2025, 2:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 |
[ 177.529926] ================================================================== [ 177.532418] BUG: KASAN: use-after-free in kmalloc_pagealloc_uaf+0xac/0x1b0 [ 177.534310] Read of size 1 at addr ffff0000c5f9c000 by task kunit_try_catch/124 [ 177.536633] [ 177.537260] CPU: 1 PID: 124 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 177.539215] Hardware name: linux,dummy-virt (DT) [ 177.540325] Call trace: [ 177.541152] dump_backtrace+0x9c/0x128 [ 177.542688] show_stack+0x20/0x38 [ 177.543753] dump_stack_lvl+0x60/0xb0 [ 177.545117] print_report+0xf8/0x5d8 [ 177.546294] kasan_report+0xc8/0x118 [ 177.547496] __asan_load1+0x60/0x70 [ 177.548626] kmalloc_pagealloc_uaf+0xac/0x1b0 [ 177.550082] kunit_try_run_case+0xf8/0x260 [ 177.551734] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.553199] kthread+0x18c/0x1a8 [ 177.554695] ret_from_fork+0x10/0x20 [ 177.555863] [ 177.556551] The buggy address belongs to the physical page: [ 177.557952] page:00000000875d9a5f refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 177.559801] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 177.561920] page_type: 0xffffffff() [ 177.562908] raw: 0bfffc0000000000 fffffc000317e808 ffff0000daa324f8 0000000000000000 [ 177.564684] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 177.566279] page dumped because: kasan: bad access detected [ 177.567592] [ 177.568558] Memory state around the buggy address: [ 177.570006] ffff0000c5f9bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.571668] ffff0000c5f9bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.573248] >ffff0000c5f9c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 177.574926] ^ [ 177.575846] ffff0000c5f9c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 177.577809] ffff0000c5f9c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 177.579237] ==================================================================