Date
April 22, 2025, 11:09 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 | |
| rk3399-rock-pi-4b |
[ 17.218050] ================================================================== [ 17.218148] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 17.218266] Write of size 1 at addr fff00000c62d4478 by task kunit_try_catch/138 [ 17.218412] [ 17.218513] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.218672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.218726] Hardware name: linux,dummy-virt (DT) [ 17.218790] Call trace: [ 17.218829] show_stack+0x20/0x38 (C) [ 17.218943] dump_stack_lvl+0x8c/0xd0 [ 17.219026] print_report+0x118/0x608 [ 17.219106] kasan_report+0xdc/0x128 [ 17.219192] __asan_report_store1_noabort+0x20/0x30 [ 17.219289] kmalloc_oob_right+0x538/0x660 [ 17.219726] kunit_try_run_case+0x170/0x3f0 [ 17.220047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.220150] kthread+0x328/0x630 [ 17.220226] ret_from_fork+0x10/0x20 [ 17.220426] [ 17.220491] Allocated by task 138: [ 17.220639] kasan_save_stack+0x3c/0x68 [ 17.220907] kasan_save_track+0x20/0x40 [ 17.221161] kasan_save_alloc_info+0x40/0x58 [ 17.221268] __kasan_kmalloc+0xd4/0xd8 [ 17.221347] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.221433] kmalloc_oob_right+0xb0/0x660 [ 17.221551] kunit_try_run_case+0x170/0x3f0 [ 17.221648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.221742] kthread+0x328/0x630 [ 17.221810] ret_from_fork+0x10/0x20 [ 17.222826] [ 17.222880] The buggy address belongs to the object at fff00000c62d4400 [ 17.222880] which belongs to the cache kmalloc-128 of size 128 [ 17.223038] The buggy address is located 5 bytes to the right of [ 17.223038] allocated 115-byte region [fff00000c62d4400, fff00000c62d4473) [ 17.223183] [ 17.223222] The buggy address belongs to the physical page: [ 17.223286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 17.223402] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.224150] page_type: f5(slab) [ 17.224273] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.224499] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.224662] page dumped because: kasan: bad access detected [ 17.225695] [ 17.225790] Memory state around the buggy address: [ 17.226200] fff00000c62d4300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.226633] fff00000c62d4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.226907] >fff00000c62d4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.226997] ^ [ 17.227086] fff00000c62d4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.227179] fff00000c62d4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.227267] ================================================================== [ 17.208783] ================================================================== [ 17.209173] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 17.210185] Write of size 1 at addr fff00000c62d4473 by task kunit_try_catch/138 [ 17.210314] [ 17.211352] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G N 6.15.0-rc3 #1 PREEMPT [ 17.211667] Tainted: [N]=TEST [ 17.211739] Hardware name: linux,dummy-virt (DT) [ 17.212144] Call trace: [ 17.212326] show_stack+0x20/0x38 (C) [ 17.212494] dump_stack_lvl+0x8c/0xd0 [ 17.212584] print_report+0x118/0x608 [ 17.212635] kasan_report+0xdc/0x128 [ 17.212680] __asan_report_store1_noabort+0x20/0x30 [ 17.212728] kmalloc_oob_right+0x5a4/0x660 [ 17.212773] kunit_try_run_case+0x170/0x3f0 [ 17.212823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.212873] kthread+0x328/0x630 [ 17.212918] ret_from_fork+0x10/0x20 [ 17.213087] [ 17.213134] Allocated by task 138: [ 17.213313] kasan_save_stack+0x3c/0x68 [ 17.213388] kasan_save_track+0x20/0x40 [ 17.213426] kasan_save_alloc_info+0x40/0x58 [ 17.213478] __kasan_kmalloc+0xd4/0xd8 [ 17.213520] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.213582] kmalloc_oob_right+0xb0/0x660 [ 17.213623] kunit_try_run_case+0x170/0x3f0 [ 17.213659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.213700] kthread+0x328/0x630 [ 17.213734] ret_from_fork+0x10/0x20 [ 17.213791] [ 17.213857] The buggy address belongs to the object at fff00000c62d4400 [ 17.213857] which belongs to the cache kmalloc-128 of size 128 [ 17.213959] The buggy address is located 0 bytes to the right of [ 17.213959] allocated 115-byte region [fff00000c62d4400, fff00000c62d4473) [ 17.214025] [ 17.214117] The buggy address belongs to the physical page: [ 17.214355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 17.214690] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.215020] page_type: f5(slab) [ 17.215433] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.215576] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.215787] page dumped because: kasan: bad access detected [ 17.215875] [ 17.215935] Memory state around the buggy address: [ 17.216274] fff00000c62d4300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.216353] fff00000c62d4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.216412] >fff00000c62d4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.216468] ^ [ 17.216584] fff00000c62d4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.216628] fff00000c62d4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.216697] ================================================================== [ 17.227970] ================================================================== [ 17.228072] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 17.228172] Read of size 1 at addr fff00000c62d4480 by task kunit_try_catch/138 [ 17.228271] [ 17.228561] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.228875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.228947] Hardware name: linux,dummy-virt (DT) [ 17.229062] Call trace: [ 17.229149] show_stack+0x20/0x38 (C) [ 17.229352] dump_stack_lvl+0x8c/0xd0 [ 17.229528] print_report+0x118/0x608 [ 17.229646] kasan_report+0xdc/0x128 [ 17.229771] __asan_report_load1_noabort+0x20/0x30 [ 17.229905] kmalloc_oob_right+0x5d0/0x660 [ 17.230503] kunit_try_run_case+0x170/0x3f0 [ 17.230663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.230813] kthread+0x328/0x630 [ 17.230908] ret_from_fork+0x10/0x20 [ 17.231010] [ 17.231046] Allocated by task 138: [ 17.231101] kasan_save_stack+0x3c/0x68 [ 17.231185] kasan_save_track+0x20/0x40 [ 17.231262] kasan_save_alloc_info+0x40/0x58 [ 17.231340] __kasan_kmalloc+0xd4/0xd8 [ 17.231410] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.231658] kmalloc_oob_right+0xb0/0x660 [ 17.231800] kunit_try_run_case+0x170/0x3f0 [ 17.231880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.232104] kthread+0x328/0x630 [ 17.232186] ret_from_fork+0x10/0x20 [ 17.232251] [ 17.232289] The buggy address belongs to the object at fff00000c62d4400 [ 17.232289] which belongs to the cache kmalloc-128 of size 128 [ 17.232428] The buggy address is located 13 bytes to the right of [ 17.232428] allocated 115-byte region [fff00000c62d4400, fff00000c62d4473) [ 17.232625] [ 17.232696] The buggy address belongs to the physical page: [ 17.232758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 17.232878] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.232975] page_type: f5(slab) [ 17.233210] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.233377] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.233505] page dumped because: kasan: bad access detected [ 17.233582] [ 17.233621] Memory state around the buggy address: [ 17.233687] fff00000c62d4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.233991] fff00000c62d4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.234127] >fff00000c62d4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.234214] ^ [ 17.234272] fff00000c62d4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.234369] fff00000c62d4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.234456] ==================================================================
[ 16.604278] ================================================================== [ 16.605050] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 16.605937] Write of size 1 at addr ffff888103199578 by task kunit_try_catch/156 [ 16.607326] [ 16.607626] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.607752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.607789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.607847] Call Trace: [ 16.607889] <TASK> [ 16.607934] dump_stack_lvl+0x73/0xb0 [ 16.608012] print_report+0xd1/0x650 [ 16.608068] ? __virt_addr_valid+0x1db/0x2d0 [ 16.608105] ? kmalloc_oob_right+0x6bd/0x7f0 [ 16.608154] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.608186] ? kmalloc_oob_right+0x6bd/0x7f0 [ 16.608216] kasan_report+0x141/0x180 [ 16.608246] ? kmalloc_oob_right+0x6bd/0x7f0 [ 16.608282] __asan_report_store1_noabort+0x1b/0x30 [ 16.608310] kmalloc_oob_right+0x6bd/0x7f0 [ 16.608341] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.608371] ? __schedule+0x10cc/0x2b30 [ 16.608403] ? __pfx_read_tsc+0x10/0x10 [ 16.608429] ? ktime_get_ts64+0x86/0x230 [ 16.608535] kunit_try_run_case+0x1a5/0x480 [ 16.608602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.608635] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.608667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.608699] ? __kthread_parkme+0x82/0x180 [ 16.608728] ? preempt_count_sub+0x50/0x80 [ 16.608761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.608792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.608822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.608852] kthread+0x337/0x6f0 [ 16.608880] ? trace_preempt_on+0x20/0xc0 [ 16.608911] ? __pfx_kthread+0x10/0x10 [ 16.608940] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.608970] ? calculate_sigpending+0x7b/0xa0 [ 16.608998] ? __pfx_kthread+0x10/0x10 [ 16.609028] ret_from_fork+0x41/0x80 [ 16.609056] ? __pfx_kthread+0x10/0x10 [ 16.609086] ret_from_fork_asm+0x1a/0x30 [ 16.609127] </TASK> [ 16.609139] [ 16.629790] Allocated by task 156: [ 16.630416] kasan_save_stack+0x45/0x70 [ 16.631303] kasan_save_track+0x18/0x40 [ 16.631934] kasan_save_alloc_info+0x3b/0x50 [ 16.632366] __kasan_kmalloc+0xb7/0xc0 [ 16.633211] __kmalloc_cache_noprof+0x189/0x420 [ 16.634190] kmalloc_oob_right+0xa9/0x7f0 [ 16.634558] kunit_try_run_case+0x1a5/0x480 [ 16.635320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.636270] kthread+0x337/0x6f0 [ 16.636903] ret_from_fork+0x41/0x80 [ 16.637196] ret_from_fork_asm+0x1a/0x30 [ 16.638359] [ 16.638656] The buggy address belongs to the object at ffff888103199500 [ 16.638656] which belongs to the cache kmalloc-128 of size 128 [ 16.639558] The buggy address is located 5 bytes to the right of [ 16.639558] allocated 115-byte region [ffff888103199500, ffff888103199573) [ 16.641163] [ 16.641331] The buggy address belongs to the physical page: [ 16.641845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 16.643122] flags: 0x200000000000000(node=0|zone=2) [ 16.643860] page_type: f5(slab) [ 16.644375] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.645301] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.646455] page dumped because: kasan: bad access detected [ 16.647060] [ 16.647220] Memory state around the buggy address: [ 16.648331] ffff888103199400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.649207] ffff888103199480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.650204] >ffff888103199500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.651190] ^ [ 16.652009] ffff888103199580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.652599] ffff888103199600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.653445] ================================================================== [ 16.554271] ================================================================== [ 16.555837] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 16.556900] Write of size 1 at addr ffff888103199573 by task kunit_try_catch/156 [ 16.557861] [ 16.559575] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.560067] Tainted: [N]=TEST [ 16.560112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.560380] Call Trace: [ 16.560538] <TASK> [ 16.560761] dump_stack_lvl+0x73/0xb0 [ 16.560876] print_report+0xd1/0x650 [ 16.560921] ? __virt_addr_valid+0x1db/0x2d0 [ 16.560956] ? kmalloc_oob_right+0x6f0/0x7f0 [ 16.560986] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.561016] ? kmalloc_oob_right+0x6f0/0x7f0 [ 16.561046] kasan_report+0x141/0x180 [ 16.561076] ? kmalloc_oob_right+0x6f0/0x7f0 [ 16.561112] __asan_report_store1_noabort+0x1b/0x30 [ 16.561140] kmalloc_oob_right+0x6f0/0x7f0 [ 16.561171] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.561202] ? __schedule+0x10cc/0x2b30 [ 16.561235] ? __pfx_read_tsc+0x10/0x10 [ 16.561262] ? ktime_get_ts64+0x86/0x230 [ 16.561297] kunit_try_run_case+0x1a5/0x480 [ 16.561331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.561359] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.561392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.561424] ? __kthread_parkme+0x82/0x180 [ 16.561528] ? preempt_count_sub+0x50/0x80 [ 16.561634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.561672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.561718] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.561786] kthread+0x337/0x6f0 [ 16.561838] ? trace_preempt_on+0x20/0xc0 [ 16.561873] ? __pfx_kthread+0x10/0x10 [ 16.561903] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.561933] ? calculate_sigpending+0x7b/0xa0 [ 16.561962] ? __pfx_kthread+0x10/0x10 [ 16.561992] ret_from_fork+0x41/0x80 [ 16.562020] ? __pfx_kthread+0x10/0x10 [ 16.562050] ret_from_fork_asm+0x1a/0x30 [ 16.562131] </TASK> [ 16.562215] [ 16.576242] Allocated by task 156: [ 16.578041] kasan_save_stack+0x45/0x70 [ 16.578707] kasan_save_track+0x18/0x40 [ 16.579119] kasan_save_alloc_info+0x3b/0x50 [ 16.579723] __kasan_kmalloc+0xb7/0xc0 [ 16.580125] __kmalloc_cache_noprof+0x189/0x420 [ 16.580746] kmalloc_oob_right+0xa9/0x7f0 [ 16.581177] kunit_try_run_case+0x1a5/0x480 [ 16.582471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.582900] kthread+0x337/0x6f0 [ 16.583189] ret_from_fork+0x41/0x80 [ 16.583763] ret_from_fork_asm+0x1a/0x30 [ 16.584297] [ 16.584805] The buggy address belongs to the object at ffff888103199500 [ 16.584805] which belongs to the cache kmalloc-128 of size 128 [ 16.586115] The buggy address is located 0 bytes to the right of [ 16.586115] allocated 115-byte region [ffff888103199500, ffff888103199573) [ 16.587263] [ 16.588655] The buggy address belongs to the physical page: [ 16.589637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 16.590890] flags: 0x200000000000000(node=0|zone=2) [ 16.592051] page_type: f5(slab) [ 16.593122] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.593736] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.594450] page dumped because: kasan: bad access detected [ 16.594998] [ 16.595250] Memory state around the buggy address: [ 16.596465] ffff888103199400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.597168] ffff888103199480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.598017] >ffff888103199500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.599077] ^ [ 16.599657] ffff888103199580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.600402] ffff888103199600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.601099] ================================================================== [ 16.654677] ================================================================== [ 16.656405] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 16.657143] Read of size 1 at addr ffff888103199580 by task kunit_try_catch/156 [ 16.658236] [ 16.658518] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.658651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.658687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.658820] Call Trace: [ 16.658866] <TASK> [ 16.658913] dump_stack_lvl+0x73/0xb0 [ 16.658953] print_report+0xd1/0x650 [ 16.658987] ? __virt_addr_valid+0x1db/0x2d0 [ 16.659018] ? kmalloc_oob_right+0x68a/0x7f0 [ 16.659050] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.659081] ? kmalloc_oob_right+0x68a/0x7f0 [ 16.659113] kasan_report+0x141/0x180 [ 16.659145] ? kmalloc_oob_right+0x68a/0x7f0 [ 16.659182] __asan_report_load1_noabort+0x18/0x20 [ 16.659210] kmalloc_oob_right+0x68a/0x7f0 [ 16.659243] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.659276] ? __schedule+0x10cc/0x2b30 [ 16.659309] ? __pfx_read_tsc+0x10/0x10 [ 16.659336] ? ktime_get_ts64+0x86/0x230 [ 16.659372] kunit_try_run_case+0x1a5/0x480 [ 16.659406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.659440] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.659630] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.659707] ? __kthread_parkme+0x82/0x180 [ 16.659778] ? preempt_count_sub+0x50/0x80 [ 16.659856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.659913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.659949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.659981] kthread+0x337/0x6f0 [ 16.660012] ? trace_preempt_on+0x20/0xc0 [ 16.660046] ? __pfx_kthread+0x10/0x10 [ 16.660078] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.660109] ? calculate_sigpending+0x7b/0xa0 [ 16.660139] ? __pfx_kthread+0x10/0x10 [ 16.660170] ret_from_fork+0x41/0x80 [ 16.660199] ? __pfx_kthread+0x10/0x10 [ 16.660231] ret_from_fork_asm+0x1a/0x30 [ 16.660276] </TASK> [ 16.660290] [ 16.678212] Allocated by task 156: [ 16.678565] kasan_save_stack+0x45/0x70 [ 16.679153] kasan_save_track+0x18/0x40 [ 16.679663] kasan_save_alloc_info+0x3b/0x50 [ 16.680111] __kasan_kmalloc+0xb7/0xc0 [ 16.680696] __kmalloc_cache_noprof+0x189/0x420 [ 16.681099] kmalloc_oob_right+0xa9/0x7f0 [ 16.682382] kunit_try_run_case+0x1a5/0x480 [ 16.683758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.684146] kthread+0x337/0x6f0 [ 16.684484] ret_from_fork+0x41/0x80 [ 16.685234] ret_from_fork_asm+0x1a/0x30 [ 16.685697] [ 16.685898] The buggy address belongs to the object at ffff888103199500 [ 16.685898] which belongs to the cache kmalloc-128 of size 128 [ 16.687072] The buggy address is located 13 bytes to the right of [ 16.687072] allocated 115-byte region [ffff888103199500, ffff888103199573) [ 16.689344] [ 16.689761] The buggy address belongs to the physical page: [ 16.690274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 16.691298] flags: 0x200000000000000(node=0|zone=2) [ 16.692112] page_type: f5(slab) [ 16.692613] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.693219] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.693609] page dumped because: kasan: bad access detected [ 16.693918] [ 16.694200] Memory state around the buggy address: [ 16.694669] ffff888103199480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.696142] ffff888103199500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.697128] >ffff888103199580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.697818] ^ [ 16.698100] ffff888103199600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.699184] ffff888103199680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.699668] ==================================================================
[ 18.933917] ================================================================== [ 18.934632] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 18.935300] Write of size 1 at addr ffff00000d788473 by task kunit_try_catch/194 [ 18.935985] [ 18.936151] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G N 6.15.0-rc3 #1 PREEMPT [ 18.936196] Tainted: [N]=TEST [ 18.936208] Hardware name: Radxa ROCK Pi 4B (DT) [ 18.936225] Call trace: [ 18.936236] show_stack+0x20/0x38 (C) [ 18.936269] dump_stack_lvl+0x8c/0xd0 [ 18.936300] print_report+0x118/0x608 [ 18.936329] kasan_report+0xdc/0x128 [ 18.936357] __asan_report_store1_noabort+0x20/0x30 [ 18.936391] kmalloc_oob_right+0x5a4/0x660 [ 18.936424] kunit_try_run_case+0x170/0x3f0 [ 18.936459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.936498] kthread+0x328/0x630 [ 18.936531] ret_from_fork+0x10/0x20 [ 18.936564] [ 18.942047] Allocated by task 194: [ 18.942378] kasan_save_stack+0x3c/0x68 [ 18.942755] kasan_save_track+0x20/0x40 [ 18.943127] kasan_save_alloc_info+0x40/0x58 [ 18.943539] __kasan_kmalloc+0xd4/0xd8 [ 18.943903] __kmalloc_cache_noprof+0x15c/0x3c0 [ 18.944344] kmalloc_oob_right+0xb0/0x660 [ 18.944735] kunit_try_run_case+0x170/0x3f0 [ 18.945143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.945667] kthread+0x328/0x630 [ 18.945991] ret_from_fork+0x10/0x20 [ 18.946341] [ 18.946494] The buggy address belongs to the object at ffff00000d788400 [ 18.946494] which belongs to the cache kmalloc-128 of size 128 [ 18.947627] The buggy address is located 0 bytes to the right of [ 18.947627] allocated 115-byte region [ffff00000d788400, ffff00000d788473) [ 18.948800] [ 18.948954] The buggy address belongs to the physical page: [ 18.949469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xd788 [ 18.950193] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 18.950804] page_type: f5(slab) [ 18.951118] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 18.951834] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.952540] page dumped because: kasan: bad access detected [ 18.953054] [ 18.953206] Memory state around the buggy address: [ 18.953655] ffff00000d788300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.954320] ffff00000d788380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.954985] >ffff00000d788400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.955646] ^ [ 18.956278] ffff00000d788480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.956943] ffff00000d788500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.957604] ================================================================== [ 18.959082] ================================================================== [ 18.959740] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 18.960393] Write of size 1 at addr ffff00000d788478 by task kunit_try_catch/194 [ 18.961070] [ 18.961230] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 18.961271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.961282] Hardware name: Radxa ROCK Pi 4B (DT) [ 18.961297] Call trace: [ 18.961307] show_stack+0x20/0x38 (C) [ 18.961333] dump_stack_lvl+0x8c/0xd0 [ 18.961359] print_report+0x118/0x608 [ 18.961383] kasan_report+0xdc/0x128 [ 18.961407] __asan_report_store1_noabort+0x20/0x30 [ 18.961435] kmalloc_oob_right+0x538/0x660 [ 18.961463] kunit_try_run_case+0x170/0x3f0 [ 18.961493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.961526] kthread+0x328/0x630 [ 18.961554] ret_from_fork+0x10/0x20 [ 18.961582] [ 18.967140] Allocated by task 194: [ 18.967460] kasan_save_stack+0x3c/0x68 [ 18.967826] kasan_save_track+0x20/0x40 [ 18.968191] kasan_save_alloc_info+0x40/0x58 [ 18.968596] __kasan_kmalloc+0xd4/0xd8 [ 18.968951] __kmalloc_cache_noprof+0x15c/0x3c0 [ 18.969384] kmalloc_oob_right+0xb0/0x660 [ 18.969768] kunit_try_run_case+0x170/0x3f0 [ 18.970168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.970684] kthread+0x328/0x630 [ 18.970999] ret_from_fork+0x10/0x20 [ 18.971342] [ 18.971491] The buggy address belongs to the object at ffff00000d788400 [ 18.971491] which belongs to the cache kmalloc-128 of size 128 [ 18.972615] The buggy address is located 5 bytes to the right of [ 18.972615] allocated 115-byte region [ffff00000d788400, ffff00000d788473) [ 18.973780] [ 18.973930] The buggy address belongs to the physical page: [ 18.974440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xd788 [ 18.975156] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 18.975759] page_type: f5(slab) [ 18.976063] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 18.976771] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.977471] page dumped because: kasan: bad access detected [ 18.977980] [ 18.978129] Memory state around the buggy address: [ 18.978572] ffff00000d788300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.979230] ffff00000d788380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.979889] >ffff00000d788400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.980544] ^ [ 18.981192] ffff00000d788480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.981851] ffff00000d788500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.982506] ================================================================== [ 18.983417] ================================================================== [ 18.984085] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 18.984733] Read of size 1 at addr ffff00000d788480 by task kunit_try_catch/194 [ 18.985401] [ 18.985560] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 18.985600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.985612] Hardware name: Radxa ROCK Pi 4B (DT) [ 18.985626] Call trace: [ 18.985636] show_stack+0x20/0x38 (C) [ 18.985662] dump_stack_lvl+0x8c/0xd0 [ 18.985688] print_report+0x118/0x608 [ 18.985713] kasan_report+0xdc/0x128 [ 18.985736] __asan_report_load1_noabort+0x20/0x30 [ 18.985764] kmalloc_oob_right+0x5d0/0x660 [ 18.985792] kunit_try_run_case+0x170/0x3f0 [ 18.985821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.985853] kthread+0x328/0x630 [ 18.985880] ret_from_fork+0x10/0x20 [ 18.985907] [ 18.991455] Allocated by task 194: [ 18.991776] kasan_save_stack+0x3c/0x68 [ 18.992141] kasan_save_track+0x20/0x40 [ 18.992506] kasan_save_alloc_info+0x40/0x58 [ 18.992912] __kasan_kmalloc+0xd4/0xd8 [ 18.993270] __kmalloc_cache_noprof+0x15c/0x3c0 [ 18.993703] kmalloc_oob_right+0xb0/0x660 [ 18.994087] kunit_try_run_case+0x170/0x3f0 [ 18.994486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.995001] kthread+0x328/0x630 [ 18.995316] ret_from_fork+0x10/0x20 [ 18.995659] [ 18.995808] The buggy address belongs to the object at ffff00000d788400 [ 18.995808] which belongs to the cache kmalloc-128 of size 128 [ 18.996931] The buggy address is located 13 bytes to the right of [ 18.996931] allocated 115-byte region [ffff00000d788400, ffff00000d788473) [ 18.998103] [ 18.998252] The buggy address belongs to the physical page: [ 18.998763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xd788 [ 18.999478] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 19.000081] page_type: f5(slab) [ 19.000387] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 19.001093] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.001794] page dumped because: kasan: bad access detected [ 19.002303] [ 19.002451] Memory state around the buggy address: [ 19.002894] ffff00000d788380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.003552] ffff00000d788400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.004211] >ffff00000d788480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.004866] ^ [ 19.005171] ffff00000d788500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.005829] ffff00000d788580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.006484] ==================================================================