Date
April 20, 2025, 11:09 p.m.
| Environment | |
|---|---|
| x15 | |
| x86 |
[ 47.941772] ================================================================== [ 47.953155] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e8/0x330 [ 47.960693] Write of size 1 at addr ccb3a00a by task kunit_try_catch/202 [ 47.967437] [ 47.968933] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B W N 6.15.0-rc3 #1 NONE [ 47.968963] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 47.968994] Hardware name: Generic DRA74X (Flattened Device Tree) [ 47.968994] Call trace: [ 47.968994] unwind_backtrace from show_stack+0x18/0x1c [ 47.969024] show_stack from dump_stack_lvl+0x70/0x90 [ 47.969055] dump_stack_lvl from print_report+0x158/0x528 [ 47.969085] print_report from kasan_report+0xdc/0x118 [ 47.969085] kasan_report from kmalloc_large_oob_right+0x2e8/0x330 [ 47.969116] kmalloc_large_oob_right from kunit_try_run_case+0x22c/0x5a8 [ 47.969146] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 47.969177] kunit_generic_run_threadfn_adapter from kthread+0x464/0x810 [ 47.969207] kthread from ret_from_fork+0x14/0x20 [ 47.969207] Exception stack(0xf237bfb0 to 0xf237bff8) [ 47.969238] bfa0: 00000000 00000000 00000000 00000000 [ 47.969238] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 47.969268] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 47.969268] [ 48.075195] The buggy address belongs to the physical page: [ 48.080810] page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x8cb38 [ 48.088073] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 48.095794] flags: 0x40(head|zone=0) [ 48.099395] page_type: f8(unknown) [ 48.102813] raw: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001 [ 48.110961] raw: 00000000 [ 48.113616] head: 00000040 00000000 00000122 00000000 00000000 00000000 f8000000 00000001 [ 48.121826] head: 00000000 00000002 eebc83e1 ffffffff 00000000 ffffffff 00000000 ffffffff [ 48.130065] head: 00000000 00000004 [ 48.133575] page dumped because: kasan: bad access detected [ 48.139190] [ 48.140686] Memory state around the buggy address: [ 48.145507] ccb39f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 48.152099] ccb39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 48.158660] >ccb3a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 48.165222] ^ [ 48.168029] ccb3a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 48.174621] ccb3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 48.181182] ==================================================================
[ 16.136953] ================================================================== [ 16.148286] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 16.155775] Write of size 1 at addr ffff88810802a00a by task kunit_try_catch/189 [ 16.163174] [ 16.164692] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.164700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.164702] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 16.164718] Call Trace: [ 16.164719] <TASK> [ 16.164721] dump_stack_lvl+0x73/0xb0 [ 16.164725] print_report+0xd1/0x650 [ 16.164730] ? __virt_addr_valid+0x1db/0x2d0 [ 16.164733] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.164737] ? kasan_addr_to_slab+0x11/0xa0 [ 16.164741] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.164745] kasan_report+0x141/0x180 [ 16.164750] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.164755] __asan_report_store1_noabort+0x1b/0x30 [ 16.164758] kmalloc_large_oob_right+0x2e9/0x330 [ 16.164762] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 16.164767] ? __schedule+0x10cc/0x2b30 [ 16.164771] ? ktime_get_ts64+0x83/0x230 [ 16.164776] kunit_try_run_case+0x1a2/0x480 [ 16.164780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.164784] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.164789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.164793] ? __kthread_parkme+0x82/0x180 [ 16.164797] ? preempt_count_sub+0x50/0x80 [ 16.164802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.164806] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 16.164810] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.164814] kthread+0x334/0x6f0 [ 16.164818] ? trace_preempt_on+0x20/0xc0 [ 16.164822] ? __pfx_kthread+0x10/0x10 [ 16.164826] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.164830] ? calculate_sigpending+0x7b/0xa0 [ 16.164834] ? __pfx_kthread+0x10/0x10 [ 16.164838] ret_from_fork+0x3e/0x80 [ 16.164842] ? __pfx_kthread+0x10/0x10 [ 16.164846] ret_from_fork_asm+0x1a/0x30 [ 16.164852] </TASK> [ 16.164853] [ 16.329118] The buggy address belongs to the physical page: [ 16.334701] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x108028 [ 16.342746] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.350402] flags: 0x200000000000040(head|node=0|zone=2) [ 16.355734] page_type: f8(unknown) [ 16.359145] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.366885] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.374634] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.382466] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.390294] head: 0200000000000002 ffffea0004200a01 00000000ffffffff 00000000ffffffff [ 16.398128] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.405960] page dumped because: kasan: bad access detected [ 16.411532] [ 16.413031] Memory state around the buggy address: [ 16.417824] ffff888108029f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.425045] ffff888108029f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.432264] >ffff88810802a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.439483] ^ [ 16.442973] ffff88810802a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.450192] ffff88810802a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.457413] ==================================================================