Date
May 30, 2025, 4:14 a.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 | |
| x15 |
[ 39.961634] ================================================================== [ 39.971845] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 39.977832] Read of size 1 at addr ffff0008050026d8 by task kunit_try_catch/301 [ 39.985120] [ 39.986605] CPU: 5 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT [ 39.986670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.986690] Hardware name: WinLink E850-96 board (DT) [ 39.986714] Call trace: [ 39.986728] show_stack+0x20/0x38 (C) [ 39.986766] dump_stack_lvl+0x8c/0xd0 [ 39.986804] print_report+0x118/0x608 [ 39.986844] kasan_report+0xdc/0x128 [ 39.986878] __asan_report_load1_noabort+0x20/0x30 [ 39.986913] memcmp+0x198/0x1d8 [ 39.986944] kasan_memcmp+0x16c/0x300 [ 39.986977] kunit_try_run_case+0x170/0x3f0 [ 39.987017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.987056] kthread+0x328/0x630 [ 39.987088] ret_from_fork+0x10/0x20 [ 39.987125] [ 40.052914] Allocated by task 301: [ 40.056301] kasan_save_stack+0x3c/0x68 [ 40.060118] kasan_save_track+0x20/0x40 [ 40.063936] kasan_save_alloc_info+0x40/0x58 [ 40.068190] __kasan_kmalloc+0xd4/0xd8 [ 40.071923] __kmalloc_cache_noprof+0x15c/0x3c0 [ 40.076436] kasan_memcmp+0xbc/0x300 [ 40.079997] kunit_try_run_case+0x170/0x3f0 [ 40.084162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.089631] kthread+0x328/0x630 [ 40.092842] ret_from_fork+0x10/0x20 [ 40.096403] [ 40.097879] The buggy address belongs to the object at ffff0008050026c0 [ 40.097879] which belongs to the cache kmalloc-32 of size 32 [ 40.110208] The buggy address is located 0 bytes to the right of [ 40.110208] allocated 24-byte region [ffff0008050026c0, ffff0008050026d8) [ 40.123050] [ 40.124530] The buggy address belongs to the physical page: [ 40.130086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x885002 [ 40.138071] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 40.144579] page_type: f5(slab) [ 40.147716] raw: 0bfffe0000000000 ffff000800002780 dead000000000122 0000000000000000 [ 40.155435] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 40.163155] page dumped because: kasan: bad access detected [ 40.168711] [ 40.170185] Memory state around the buggy address: [ 40.174968] ffff000805002580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 40.182168] ffff000805002600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 40.189374] >ffff000805002680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 40.196573] ^ [ 40.202653] ffff000805002700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.209858] ffff000805002780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.217061] ==================================================================
[ 28.452138] ================================================================== [ 28.452310] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 28.452879] Read of size 1 at addr fff00000c7895a98 by task kunit_try_catch/258 [ 28.453072] [ 28.453281] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT [ 28.453492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.453565] Hardware name: linux,dummy-virt (DT) [ 28.453650] Call trace: [ 28.453748] show_stack+0x20/0x38 (C) [ 28.454512] dump_stack_lvl+0x8c/0xd0 [ 28.454779] print_report+0x118/0x608 [ 28.455060] kasan_report+0xdc/0x128 [ 28.455539] __asan_report_load1_noabort+0x20/0x30 [ 28.455766] memcmp+0x198/0x1d8 [ 28.455946] kasan_memcmp+0x16c/0x300 [ 28.456104] kunit_try_run_case+0x170/0x3f0 [ 28.456265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.456407] kthread+0x328/0x630 [ 28.456570] ret_from_fork+0x10/0x20 [ 28.456746] [ 28.457074] Allocated by task 258: [ 28.457414] kasan_save_stack+0x3c/0x68 [ 28.457552] kasan_save_track+0x20/0x40 [ 28.457754] kasan_save_alloc_info+0x40/0x58 [ 28.457870] __kasan_kmalloc+0xd4/0xd8 [ 28.457976] __kmalloc_cache_noprof+0x15c/0x3c0 [ 28.458469] kasan_memcmp+0xbc/0x300 [ 28.458566] kunit_try_run_case+0x170/0x3f0 [ 28.458930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.459071] kthread+0x328/0x630 [ 28.459376] ret_from_fork+0x10/0x20 [ 28.459491] [ 28.459551] The buggy address belongs to the object at fff00000c7895a80 [ 28.459551] which belongs to the cache kmalloc-32 of size 32 [ 28.460261] The buggy address is located 0 bytes to the right of [ 28.460261] allocated 24-byte region [fff00000c7895a80, fff00000c7895a98) [ 28.460528] [ 28.460595] The buggy address belongs to the physical page: [ 28.460774] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107895 [ 28.460996] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.461161] page_type: f5(slab) [ 28.461369] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 28.461645] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 28.461772] page dumped because: kasan: bad access detected [ 28.461869] [ 28.462317] Memory state around the buggy address: [ 28.462409] fff00000c7895980: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 28.462535] fff00000c7895a00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.462782] >fff00000c7895a80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.462887] ^ [ 28.462977] fff00000c7895b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.463136] fff00000c7895b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.463458] ==================================================================
[ 21.224823] ================================================================== [ 21.226128] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 21.227172] Read of size 1 at addr ffff888102b71d98 by task kunit_try_catch/274 [ 21.227988] [ 21.228655] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.228908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.228953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.229012] Call Trace: [ 21.229034] <TASK> [ 21.229058] dump_stack_lvl+0x73/0xb0 [ 21.229098] print_report+0xd1/0x650 [ 21.229134] ? __virt_addr_valid+0x1db/0x2d0 [ 21.229167] ? memcmp+0x1b4/0x1d0 [ 21.229195] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.229245] ? memcmp+0x1b4/0x1d0 [ 21.229361] kasan_report+0x141/0x180 [ 21.229398] ? memcmp+0x1b4/0x1d0 [ 21.229434] __asan_report_load1_noabort+0x18/0x20 [ 21.229464] memcmp+0x1b4/0x1d0 [ 21.229494] kasan_memcmp+0x18f/0x390 [ 21.229523] ? trace_hardirqs_on+0x37/0xe0 [ 21.229556] ? __pfx_kasan_memcmp+0x10/0x10 [ 21.229586] ? finish_task_switch.isra.0+0x153/0x700 [ 21.229618] ? __switch_to+0x47/0xf50 [ 21.229661] ? __pfx_read_tsc+0x10/0x10 [ 21.229716] ? ktime_get_ts64+0x86/0x230 [ 21.229755] kunit_try_run_case+0x1a5/0x480 [ 21.229787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.229816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.229852] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.229887] ? __kthread_parkme+0x82/0x180 [ 21.229916] ? preempt_count_sub+0x50/0x80 [ 21.229973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.230005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.230043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.230079] kthread+0x337/0x6f0 [ 21.230106] ? trace_preempt_on+0x20/0xc0 [ 21.230138] ? __pfx_kthread+0x10/0x10 [ 21.230178] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.230326] ? calculate_sigpending+0x7b/0xa0 [ 21.230364] ? __pfx_kthread+0x10/0x10 [ 21.230395] ret_from_fork+0x116/0x1d0 [ 21.230423] ? __pfx_kthread+0x10/0x10 [ 21.230453] ret_from_fork_asm+0x1a/0x30 [ 21.230495] </TASK> [ 21.230510] [ 21.252034] Allocated by task 274: [ 21.253098] kasan_save_stack+0x45/0x70 [ 21.253834] kasan_save_track+0x18/0x40 [ 21.254141] kasan_save_alloc_info+0x3b/0x50 [ 21.255168] __kasan_kmalloc+0xb7/0xc0 [ 21.256029] __kmalloc_cache_noprof+0x189/0x420 [ 21.256508] kasan_memcmp+0xb7/0x390 [ 21.257029] kunit_try_run_case+0x1a5/0x480 [ 21.258188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.259064] kthread+0x337/0x6f0 [ 21.260071] ret_from_fork+0x116/0x1d0 [ 21.260514] ret_from_fork_asm+0x1a/0x30 [ 21.260976] [ 21.261652] The buggy address belongs to the object at ffff888102b71d80 [ 21.261652] which belongs to the cache kmalloc-32 of size 32 [ 21.263010] The buggy address is located 0 bytes to the right of [ 21.263010] allocated 24-byte region [ffff888102b71d80, ffff888102b71d98) [ 21.265017] [ 21.265220] The buggy address belongs to the physical page: [ 21.265993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b71 [ 21.266415] flags: 0x200000000000000(node=0|zone=2) [ 21.266604] page_type: f5(slab) [ 21.267051] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.268295] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.269011] page dumped because: kasan: bad access detected [ 21.269816] [ 21.270002] Memory state around the buggy address: [ 21.270647] ffff888102b71c80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.271533] ffff888102b71d00: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 21.272239] >ffff888102b71d80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.273076] ^ [ 21.273401] ffff888102b71e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.274763] ffff888102b71e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.275693] ==================================================================
[ 66.977935] ================================================================== [ 66.988983] BUG: KASAN: slab-out-of-bounds in memcmp+0x19c/0x1b0 [ 66.995056] Read of size 1 at addr cc90a298 by task kunit_try_catch/309 [ 67.001708] [ 67.003204] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B W N 6.15.0-next-20250530 #1 NONE [ 67.003234] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 67.003234] Hardware name: Generic DRA74X (Flattened Device Tree) [ 67.003265] Call trace: [ 67.003265] unwind_backtrace from show_stack+0x18/0x1c [ 67.003295] show_stack from dump_stack_lvl+0x70/0x90 [ 67.003326] dump_stack_lvl from print_report+0x158/0x528 [ 67.003356] print_report from kasan_report+0xdc/0x118 [ 67.003356] kasan_report from memcmp+0x19c/0x1b0 [ 67.003387] memcmp from kasan_memcmp+0x1d0/0x388 [ 67.003417] kasan_memcmp from kunit_try_run_case+0x22c/0x5a8 [ 67.003448] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 67.003479] kunit_generic_run_threadfn_adapter from kthread+0x464/0x810 [ 67.003509] kthread from ret_from_fork+0x14/0x20 [ 67.003509] Exception stack(0xf24b3fb0 to 0xf24b3ff8) [ 67.003540] 3fa0: 00000000 00000000 00000000 00000000 [ 67.003540] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 67.003570] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 67.003570] [ 67.112640] Allocated by task 309: [ 67.116058] kasan_save_track+0x30/0x5c [ 67.119934] __kasan_kmalloc+0x8c/0x94 [ 67.123718] kasan_memcmp+0xe0/0x388 [ 67.127319] kunit_try_run_case+0x22c/0x5a8 [ 67.131561] kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 67.137084] kthread+0x464/0x810 [ 67.140319] ret_from_fork+0x14/0x20 [ 67.143951] [ 67.145446] The buggy address belongs to the object at cc90a280 [ 67.145446] which belongs to the cache kmalloc-64 of size 64 [ 67.157165] The buggy address is located 0 bytes to the right of [ 67.157165] allocated 24-byte region [cc90a280, cc90a298) [ 67.168731] [ 67.170227] The buggy address belongs to the physical page: [ 67.175842] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c90a [ 67.183105] flags: 0x0(zone=0) [ 67.186187] page_type: f5(slab) [ 67.189361] raw: 00000000 c7001300 00000122 00000000 00000000 80200020 f5000000 00000000 [ 67.197479] raw: 00000000 [ 67.200134] page dumped because: kasan: bad access detected [ 67.205749] [ 67.207244] Memory state around the buggy address: [ 67.212066] cc90a180: 00 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 67.218627] cc90a200: 00 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 67.225219] >cc90a280: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 67.231781] ^ [ 67.235107] cc90a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 67.241699] cc90a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 67.248260] ==================================================================