Hay
Sign in
Date
Feb. 5, 2025, 2:09 p.m.

Environment
qemu-armv7
qemu-x86_64 

[  144.414014] ==================================================================
[  144.415174] BUG: KASAN: slab-out-of-bounds in kmalloc_pagealloc_oob_right+0xb4/0x1bc
[  144.415900] Write of size 1 at addr c4ffe00a by task kunit_try_catch/117
[  144.416714] 
[  144.417012] CPU: 0 PID: 117 Comm: kunit_try_catch Tainted: G    B            N 6.6.76-rc1 #1
[  144.417861] Hardware name: Generic DT based system
[  144.418597]  unwind_backtrace from show_stack+0x18/0x1c
[  144.419322]  show_stack from dump_stack_lvl+0x58/0x70
[  144.419986]  dump_stack_lvl from print_report+0x164/0x51c
[  144.420850]  print_report from kasan_report+0xc8/0x104
[  144.421475]  kasan_report from kmalloc_pagealloc_oob_right+0xb4/0x1bc
[  144.422450]  kmalloc_pagealloc_oob_right from kunit_try_run_case+0x11c/0x2e4
[  144.423354]  kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48
[  144.424305]  kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8
[  144.425152]  kthread from ret_from_fork+0x14/0x30
[  144.425744] Exception stack(0xf9ec3fb0 to 0xf9ec3ff8)
[  144.426330] 3fa0:                                     00000000 00000000 00000000 00000000
[  144.427236] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[  144.428158] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000
[  144.428869] 
[  144.429164] The buggy address belongs to the physical page:
[  144.429865] page:a8595845 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44ffc
[  144.430729] head:a8595845 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  144.431558] flags: 0x40(head|zone=0)
[  144.432069] page_type: 0xffffffff()
[  144.432677] raw: 00000040 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001
[  144.433508] raw: 00000000
[  144.433889] page dumped because: kasan: bad access detected
[  144.434493] 
[  144.434813] Memory state around the buggy address:
[  144.435424]  c4ffdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  144.436217]  c4ffdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  144.437018] >c4ffe000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  144.437674]               ^
[  144.438081]  c4ffe080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  144.438801]  c4ffe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  144.439485] ==================================================================
Metadata Full log Test run details 

[   46.834440] ==================================================================
[   46.835983] BUG: KASAN: slab-out-of-bounds in kmalloc_pagealloc_oob_right+0xab/0x1c0
[   46.836777] Write of size 1 at addr ffff88810207a00a by task kunit_try_catch/140
[   46.837474] 
[   46.837719] CPU: 0 PID: 140 Comm: kunit_try_catch Tainted: G    B            N 6.6.76-rc1 #1
[   46.838943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   46.840519] Call Trace:
[   46.840913]  <TASK>
[   46.841284]  dump_stack_lvl+0x4e/0x90
[   46.841883]  print_report+0xd2/0x660
[   46.842463]  ? __virt_addr_valid+0x156/0x1e0
[   46.843100]  ? kasan_addr_to_slab+0x11/0xb0
[   46.844084]  kasan_report+0xff/0x140
[   46.844976]  ? kmalloc_pagealloc_oob_right+0xab/0x1c0
[   46.845528]  ? kmalloc_pagealloc_oob_right+0xab/0x1c0
[   46.846254]  __asan_store1+0x69/0x70
[   46.846774]  kmalloc_pagealloc_oob_right+0xab/0x1c0
[   46.847364]  ? __pfx_kmalloc_pagealloc_oob_right+0x10/0x10
[   46.847893]  ? __pfx_kmalloc_pagealloc_oob_right+0x10/0x10
[   46.848804]  ? kunit_try_run_case+0x11b/0x290
[   46.849610]  kunit_try_run_case+0x126/0x290
[   46.850274]  ? __pfx_kunit_try_run_case+0x10/0x10
[   46.851182]  ? __kasan_check_write+0x18/0x20
[   46.851982]  ? trace_preempt_on+0x20/0xa0
[   46.852532]  ? __kthread_parkme+0x4f/0xd0
[   46.853134]  ? preempt_count_sub+0x50/0x80
[   46.853711]  ? __pfx_kunit_try_run_case+0x10/0x10
[   46.854348]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   46.855253]  kunit_generic_run_threadfn_adapter+0x33/0x50
[   46.856255]  kthread+0x19e/0x1e0
[   46.856837]  ? __pfx_kthread+0x10/0x10
[   46.857370]  ret_from_fork+0x41/0x70
[   46.857930]  ? __pfx_kthread+0x10/0x10
[   46.858505]  ret_from_fork_asm+0x1b/0x30
[   46.859208]  </TASK>
[   46.859999] 
[   46.860334] The buggy address belongs to the physical page:
[   46.861402] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102078
[   46.862300] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   46.863487] flags: 0x200000000000040(head|node=0|zone=2)
[   46.864130] page_type: 0xffffffff()
[   46.864672] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   46.865461] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   46.866199] page dumped because: kasan: bad access detected
[   46.866837] 
[   46.867293] Memory state around the buggy address:
[   46.867778]  ffff888102079f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   46.869172]  ffff888102079f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   46.869914] >ffff88810207a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   46.870643]                       ^
[   46.871074]  ffff88810207a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   46.872377]  ffff88810207a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   46.873010] ==================================================================
Metadata Full log Test run details