Date
July 6, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 | |
| x86 |
[ 19.294603] ================================================================== [ 19.294836] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 19.294894] Read of size 1 at addr fff00000c65c2f58 by task kunit_try_catch/258 [ 19.294944] [ 19.294995] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.295078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.295121] Hardware name: linux,dummy-virt (DT) [ 19.295155] Call trace: [ 19.295180] show_stack+0x20/0x38 (C) [ 19.295231] dump_stack_lvl+0x8c/0xd0 [ 19.295279] print_report+0x118/0x608 [ 19.295325] kasan_report+0xdc/0x128 [ 19.295372] __asan_report_load1_noabort+0x20/0x30 [ 19.295422] memcmp+0x198/0x1d8 [ 19.295465] kasan_memcmp+0x16c/0x300 [ 19.295509] kunit_try_run_case+0x170/0x3f0 [ 19.295560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.295614] kthread+0x328/0x630 [ 19.295657] ret_from_fork+0x10/0x20 [ 19.295705] [ 19.295726] Allocated by task 258: [ 19.295758] kasan_save_stack+0x3c/0x68 [ 19.295799] kasan_save_track+0x20/0x40 [ 19.295839] kasan_save_alloc_info+0x40/0x58 [ 19.295881] __kasan_kmalloc+0xd4/0xd8 [ 19.295917] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.296016] kasan_memcmp+0xbc/0x300 [ 19.296054] kunit_try_run_case+0x170/0x3f0 [ 19.296092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.296137] kthread+0x328/0x630 [ 19.296370] ret_from_fork+0x10/0x20 [ 19.296428] [ 19.296450] The buggy address belongs to the object at fff00000c65c2f40 [ 19.296450] which belongs to the cache kmalloc-32 of size 32 [ 19.296512] The buggy address is located 0 bytes to the right of [ 19.296512] allocated 24-byte region [fff00000c65c2f40, fff00000c65c2f58) [ 19.296593] [ 19.296655] The buggy address belongs to the physical page: [ 19.296765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c2 [ 19.296931] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.297044] page_type: f5(slab) [ 19.297084] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.297137] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.297182] page dumped because: kasan: bad access detected [ 19.297225] [ 19.297244] Memory state around the buggy address: [ 19.297278] fff00000c65c2e00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.297724] fff00000c65c2e80: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.297880] >fff00000c65c2f00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.297958] ^ [ 19.298042] fff00000c65c2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.298089] fff00000c65c3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.298148] ==================================================================
[ 18.938011] ================================================================== [ 18.938220] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 18.938360] Read of size 1 at addr fff00000c76c8718 by task kunit_try_catch/258 [ 18.938492] [ 18.938536] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.938623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.939001] Hardware name: linux,dummy-virt (DT) [ 18.939122] Call trace: [ 18.939183] show_stack+0x20/0x38 (C) [ 18.939379] dump_stack_lvl+0x8c/0xd0 [ 18.939623] print_report+0x118/0x608 [ 18.939728] kasan_report+0xdc/0x128 [ 18.939836] __asan_report_load1_noabort+0x20/0x30 [ 18.939930] memcmp+0x198/0x1d8 [ 18.940109] kasan_memcmp+0x16c/0x300 [ 18.940328] kunit_try_run_case+0x170/0x3f0 [ 18.940389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.940757] kthread+0x328/0x630 [ 18.940881] ret_from_fork+0x10/0x20 [ 18.941008] [ 18.941425] Allocated by task 258: [ 18.941540] kasan_save_stack+0x3c/0x68 [ 18.941627] kasan_save_track+0x20/0x40 [ 18.941841] kasan_save_alloc_info+0x40/0x58 [ 18.941885] __kasan_kmalloc+0xd4/0xd8 [ 18.942091] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.942287] kasan_memcmp+0xbc/0x300 [ 18.942458] kunit_try_run_case+0x170/0x3f0 [ 18.942589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.942676] kthread+0x328/0x630 [ 18.942757] ret_from_fork+0x10/0x20 [ 18.942874] [ 18.942917] The buggy address belongs to the object at fff00000c76c8700 [ 18.942917] which belongs to the cache kmalloc-32 of size 32 [ 18.943114] The buggy address is located 0 bytes to the right of [ 18.943114] allocated 24-byte region [fff00000c76c8700, fff00000c76c8718) [ 18.943313] [ 18.943377] The buggy address belongs to the physical page: [ 18.943449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c8 [ 18.943554] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.943677] page_type: f5(slab) [ 18.943753] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.943880] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.943945] page dumped because: kasan: bad access detected [ 18.943979] [ 18.944038] Memory state around the buggy address: [ 18.944228] fff00000c76c8600: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 18.944418] fff00000c76c8680: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.944576] >fff00000c76c8700: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.944673] ^ [ 18.944797] fff00000c76c8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.944862] fff00000c76c8800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.945060] ==================================================================
[ 15.444475] ================================================================== [ 15.445396] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 15.445711] Read of size 1 at addr ffff888102ab8e58 by task kunit_try_catch/275 [ 15.446524] [ 15.446773] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.446859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.446879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.446910] Call Trace: [ 15.446932] <TASK> [ 15.446957] dump_stack_lvl+0x73/0xb0 [ 15.446994] print_report+0xd1/0x650 [ 15.447016] ? __virt_addr_valid+0x1db/0x2d0 [ 15.447038] ? memcmp+0x1b4/0x1d0 [ 15.447054] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.447078] ? memcmp+0x1b4/0x1d0 [ 15.447095] kasan_report+0x141/0x180 [ 15.447151] ? memcmp+0x1b4/0x1d0 [ 15.447199] __asan_report_load1_noabort+0x18/0x20 [ 15.447241] memcmp+0x1b4/0x1d0 [ 15.447275] kasan_memcmp+0x18f/0x390 [ 15.447343] ? trace_hardirqs_on+0x37/0xe0 [ 15.447383] ? __pfx_kasan_memcmp+0x10/0x10 [ 15.447418] ? finish_task_switch.isra.0+0x153/0x700 [ 15.447466] ? __switch_to+0x47/0xf50 [ 15.447522] ? __pfx_read_tsc+0x10/0x10 [ 15.447555] ? ktime_get_ts64+0x86/0x230 [ 15.447593] kunit_try_run_case+0x1a5/0x480 [ 15.447645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.447679] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.447703] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.447725] ? __kthread_parkme+0x82/0x180 [ 15.447743] ? preempt_count_sub+0x50/0x80 [ 15.447765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.447787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.447809] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.447830] kthread+0x337/0x6f0 [ 15.447848] ? trace_preempt_on+0x20/0xc0 [ 15.447869] ? __pfx_kthread+0x10/0x10 [ 15.447889] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.447908] ? calculate_sigpending+0x7b/0xa0 [ 15.447930] ? __pfx_kthread+0x10/0x10 [ 15.447949] ret_from_fork+0x116/0x1d0 [ 15.447967] ? __pfx_kthread+0x10/0x10 [ 15.447985] ret_from_fork_asm+0x1a/0x30 [ 15.448014] </TASK> [ 15.448026] [ 15.459928] Allocated by task 275: [ 15.460427] kasan_save_stack+0x45/0x70 [ 15.460895] kasan_save_track+0x18/0x40 [ 15.461261] kasan_save_alloc_info+0x3b/0x50 [ 15.461683] __kasan_kmalloc+0xb7/0xc0 [ 15.461918] __kmalloc_cache_noprof+0x189/0x420 [ 15.462115] kasan_memcmp+0xb7/0x390 [ 15.462274] kunit_try_run_case+0x1a5/0x480 [ 15.462844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.463297] kthread+0x337/0x6f0 [ 15.463560] ret_from_fork+0x116/0x1d0 [ 15.463999] ret_from_fork_asm+0x1a/0x30 [ 15.464299] [ 15.464505] The buggy address belongs to the object at ffff888102ab8e40 [ 15.464505] which belongs to the cache kmalloc-32 of size 32 [ 15.465038] The buggy address is located 0 bytes to the right of [ 15.465038] allocated 24-byte region [ffff888102ab8e40, ffff888102ab8e58) [ 15.466140] [ 15.466328] The buggy address belongs to the physical page: [ 15.466653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 15.467003] flags: 0x200000000000000(node=0|zone=2) [ 15.467643] page_type: f5(slab) [ 15.468087] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.468645] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.469137] page dumped because: kasan: bad access detected [ 15.469463] [ 15.469836] Memory state around the buggy address: [ 15.470121] ffff888102ab8d00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.470713] ffff888102ab8d80: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 15.470955] >ffff888102ab8e00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.471752] ^ [ 15.471989] ffff888102ab8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.472401] ffff888102ab8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.472967] ==================================================================
[ 15.480878] ================================================================== [ 15.481345] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 15.481653] Read of size 1 at addr ffff8881031d1498 by task kunit_try_catch/274 [ 15.482279] [ 15.482395] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.482444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.482456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.482478] Call Trace: [ 15.482491] <TASK> [ 15.482506] dump_stack_lvl+0x73/0xb0 [ 15.482535] print_report+0xd1/0x650 [ 15.482559] ? __virt_addr_valid+0x1db/0x2d0 [ 15.482581] ? memcmp+0x1b4/0x1d0 [ 15.482599] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.482625] ? memcmp+0x1b4/0x1d0 [ 15.482643] kasan_report+0x141/0x180 [ 15.482666] ? memcmp+0x1b4/0x1d0 [ 15.482688] __asan_report_load1_noabort+0x18/0x20 [ 15.482786] memcmp+0x1b4/0x1d0 [ 15.482810] kasan_memcmp+0x18f/0x390 [ 15.482832] ? trace_hardirqs_on+0x37/0xe0 [ 15.482857] ? __pfx_kasan_memcmp+0x10/0x10 [ 15.482876] ? finish_task_switch.isra.0+0x153/0x700 [ 15.482899] ? __switch_to+0x47/0xf50 [ 15.482929] ? __pfx_read_tsc+0x10/0x10 [ 15.482952] ? ktime_get_ts64+0x86/0x230 [ 15.482976] kunit_try_run_case+0x1a5/0x480 [ 15.483000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.483022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.483046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.483080] ? __kthread_parkme+0x82/0x180 [ 15.483102] ? preempt_count_sub+0x50/0x80 [ 15.483126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.483150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.483173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.483197] kthread+0x337/0x6f0 [ 15.483215] ? trace_preempt_on+0x20/0xc0 [ 15.483239] ? __pfx_kthread+0x10/0x10 [ 15.483259] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.483280] ? calculate_sigpending+0x7b/0xa0 [ 15.483303] ? __pfx_kthread+0x10/0x10 [ 15.483325] ret_from_fork+0x116/0x1d0 [ 15.483343] ? __pfx_kthread+0x10/0x10 [ 15.483364] ret_from_fork_asm+0x1a/0x30 [ 15.483396] </TASK> [ 15.483408] [ 15.491118] Allocated by task 274: [ 15.491263] kasan_save_stack+0x45/0x70 [ 15.491461] kasan_save_track+0x18/0x40 [ 15.491661] kasan_save_alloc_info+0x3b/0x50 [ 15.491876] __kasan_kmalloc+0xb7/0xc0 [ 15.492099] __kmalloc_cache_noprof+0x189/0x420 [ 15.492311] kasan_memcmp+0xb7/0x390 [ 15.492447] kunit_try_run_case+0x1a5/0x480 [ 15.492601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.493165] kthread+0x337/0x6f0 [ 15.493359] ret_from_fork+0x116/0x1d0 [ 15.493563] ret_from_fork_asm+0x1a/0x30 [ 15.493877] [ 15.493987] The buggy address belongs to the object at ffff8881031d1480 [ 15.493987] which belongs to the cache kmalloc-32 of size 32 [ 15.494570] The buggy address is located 0 bytes to the right of [ 15.494570] allocated 24-byte region [ffff8881031d1480, ffff8881031d1498) [ 15.495163] [ 15.495273] The buggy address belongs to the physical page: [ 15.495475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d1 [ 15.496008] flags: 0x200000000000000(node=0|zone=2) [ 15.496249] page_type: f5(slab) [ 15.496420] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.496665] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.496903] page dumped because: kasan: bad access detected [ 15.497154] [ 15.497256] Memory state around the buggy address: [ 15.497909] ffff8881031d1380: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.498274] ffff8881031d1400: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.498589] >ffff8881031d1480: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.499096] ^ [ 15.499357] ffff8881031d1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.499623] ffff8881031d1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.499849] ==================================================================
[ 41.684217] ================================================================== [ 41.695190] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 41.701198] Read of size 1 at addr ffff888101328f98 by task kunit_try_catch/298 [ 41.708510] [ 41.710012] CPU: 2 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G S B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 41.710021] Tainted: [S]=CPU_OUT_OF_SPEC, [B]=BAD_PAGE, [N]=TEST [ 41.710024] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 41.710027] Call Trace: [ 41.710029] <TASK> [ 41.710031] dump_stack_lvl+0x73/0xb0 [ 41.710036] print_report+0xd1/0x650 [ 41.710040] ? __virt_addr_valid+0x1db/0x2d0 [ 41.710044] ? memcmp+0x1b4/0x1d0 [ 41.710047] ? kasan_complete_mode_report_info+0x2a/0x200 [ 41.710052] ? memcmp+0x1b4/0x1d0 [ 41.710055] kasan_report+0x141/0x180 [ 41.710059] ? memcmp+0x1b4/0x1d0 [ 41.710063] __asan_report_load1_noabort+0x18/0x20 [ 41.710068] memcmp+0x1b4/0x1d0 [ 41.710071] kasan_memcmp+0x18f/0x390 [ 41.710075] ? trace_hardirqs_on+0x37/0xe0 [ 41.710079] ? __pfx_kasan_memcmp+0x10/0x10 [ 41.710083] ? finish_task_switch.isra.0+0x153/0x700 [ 41.710087] ? __switch_to+0x544/0xf50 [ 41.710092] ? ktime_get_ts64+0x83/0x230 [ 41.710096] kunit_try_run_case+0x1a2/0x480 [ 41.710101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 41.710105] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 41.710110] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 41.710114] ? __kthread_parkme+0x82/0x180 [ 41.710117] ? preempt_count_sub+0x50/0x80 [ 41.710121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 41.710126] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 41.710130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 41.710134] kthread+0x334/0x6f0 [ 41.710138] ? trace_preempt_on+0x20/0xc0 [ 41.710142] ? __pfx_kthread+0x10/0x10 [ 41.710146] ? _raw_spin_unlock_irq+0x47/0x80 [ 41.710150] ? calculate_sigpending+0x7b/0xa0 [ 41.710154] ? __pfx_kthread+0x10/0x10 [ 41.710158] ret_from_fork+0x113/0x1d0 [ 41.710161] ? __pfx_kthread+0x10/0x10 [ 41.710165] ret_from_fork_asm+0x1a/0x30 [ 41.710171] </TASK> [ 41.710173] [ 41.883391] Allocated by task 298: [ 41.886802] kasan_save_stack+0x45/0x70 [ 41.890650] kasan_save_track+0x18/0x40 [ 41.894489] kasan_save_alloc_info+0x3b/0x50 [ 41.898769] __kasan_kmalloc+0xb7/0xc0 [ 41.902521] __kmalloc_cache_noprof+0x189/0x420 [ 41.907056] kasan_memcmp+0xb7/0x390 [ 41.910635] kunit_try_run_case+0x1a2/0x480 [ 41.914819] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 41.920219] kthread+0x334/0x6f0 [ 41.923452] ret_from_fork+0x113/0x1d0 [ 41.927206] ret_from_fork_asm+0x1a/0x30 [ 41.931129] [ 41.932629] The buggy address belongs to the object at ffff888101328f80 [ 41.932629] which belongs to the cache kmalloc-32 of size 32 [ 41.944972] The buggy address is located 0 bytes to the right of [ 41.944972] allocated 24-byte region [ffff888101328f80, ffff888101328f98) [ 41.957841] [ 41.959349] The buggy address belongs to the physical page: [ 41.964949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101328 [ 41.972957] flags: 0x200000000000000(node=0|zone=2) [ 41.977843] page_type: f5(slab) [ 41.980991] raw: 0200000000000000 ffff888100042780 dead000000000122 0000000000000000 [ 41.988737] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 41.996477] page dumped because: kasan: bad access detected [ 42.002050] [ 42.003548] Memory state around the buggy address: [ 42.008350] ffff888101328e80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 42.015596] ffff888101328f00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 42.022814] >ffff888101328f80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 42.030033] ^ [ 42.034046] ffff888101329000: fa fb fb fb fb fb fb fb fb fb fc fc fc fc fa fb [ 42.041268] ffff888101329080: fb fb fb fb fb fb fb fb fc fc fc fc fa fb fb fb [ 42.048485] ==================================================================