Hay
Sign in
Date
July 11, 2025, 10:11 a.m.

Environment
e850-96
qemu-arm64
qemu-x86_64 

[   56.994016] ==================================================================
[   57.004148] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8
[   57.010138] Read of size 1 at addr ffff000806058358 by task kunit_try_catch/341
[   57.017425] 
[   57.018914] CPU: 6 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   57.018975] Tainted: [B]=BAD_PAGE, [N]=TEST
[   57.018993] Hardware name: WinLink E850-96 board (DT)
[   57.019017] Call trace:
[   57.019034]  show_stack+0x20/0x38 (C)
[   57.019077]  dump_stack_lvl+0x8c/0xd0
[   57.019111]  print_report+0x118/0x5d0
[   57.019144]  kasan_report+0xdc/0x128
[   57.019173]  __asan_report_load1_noabort+0x20/0x30
[   57.019209]  memcmp+0x198/0x1d8
[   57.019243]  kasan_memcmp+0x16c/0x300
[   57.019276]  kunit_try_run_case+0x170/0x3f0
[   57.019317]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   57.019352]  kthread+0x328/0x630
[   57.019384]  ret_from_fork+0x10/0x20
[   57.019420] 
[   57.085568] Allocated by task 341:
[   57.088955]  kasan_save_stack+0x3c/0x68
[   57.092771]  kasan_save_track+0x20/0x40
[   57.096591]  kasan_save_alloc_info+0x40/0x58
[   57.100844]  __kasan_kmalloc+0xd4/0xd8
[   57.104577]  __kmalloc_cache_noprof+0x16c/0x3c0
[   57.109090]  kasan_memcmp+0xbc/0x300
[   57.112650]  kunit_try_run_case+0x170/0x3f0
[   57.116816]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   57.122286]  kthread+0x328/0x630
[   57.125497]  ret_from_fork+0x10/0x20
[   57.129055] 
[   57.130534] The buggy address belongs to the object at ffff000806058340
[   57.130534]  which belongs to the cache kmalloc-32 of size 32
[   57.142860] The buggy address is located 0 bytes to the right of
[   57.142860]  allocated 24-byte region [ffff000806058340, ffff000806058358)
[   57.155706] 
[   57.157183] The buggy address belongs to the physical page:
[   57.162740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886058
[   57.170724] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   57.177235] page_type: f5(slab)
[   57.180369] raw: 0bfffe0000000000 ffff000800002780 dead000000000122 0000000000000000
[   57.188089] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000
[   57.195809] page dumped because: kasan: bad access detected
[   57.201363] 
[   57.202839] Memory state around the buggy address:
[   57.207619]  ffff000806058200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[   57.214822]  ffff000806058280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[   57.222028] >ffff000806058300: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc
[   57.229228]                                                     ^
[   57.235307]  ffff000806058380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   57.242514]  ffff000806058400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   57.249713] ==================================================================
Metadata Full log Test run details 

[   32.642611] ==================================================================
[   32.642919] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8
[   32.643048] Read of size 1 at addr fff00000c9acbe58 by task kunit_try_catch/288
[   32.643107] 
[   32.643181] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   32.643280] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.643521] Hardware name: linux,dummy-virt (DT)
[   32.643592] Call trace:
[   32.643885]  show_stack+0x20/0x38 (C)
[   32.643969]  dump_stack_lvl+0x8c/0xd0
[   32.644105]  print_report+0x118/0x5d0
[   32.644160]  kasan_report+0xdc/0x128
[   32.644205]  __asan_report_load1_noabort+0x20/0x30
[   32.644468]  memcmp+0x198/0x1d8
[   32.644550]  kasan_memcmp+0x16c/0x300
[   32.644610]  kunit_try_run_case+0x170/0x3f0
[   32.644709]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.644795]  kthread+0x328/0x630
[   32.645001]  ret_from_fork+0x10/0x20
[   32.645084] 
[   32.645125] Allocated by task 288:
[   32.645160]  kasan_save_stack+0x3c/0x68
[   32.645206]  kasan_save_track+0x20/0x40
[   32.645341]  kasan_save_alloc_info+0x40/0x58
[   32.645476]  __kasan_kmalloc+0xd4/0xd8
[   32.645601]  __kmalloc_cache_noprof+0x16c/0x3c0
[   32.645649]  kasan_memcmp+0xbc/0x300
[   32.645690]  kunit_try_run_case+0x170/0x3f0
[   32.646032]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.646118]  kthread+0x328/0x630
[   32.646267]  ret_from_fork+0x10/0x20
[   32.646379] 
[   32.646471] The buggy address belongs to the object at fff00000c9acbe40
[   32.646471]  which belongs to the cache kmalloc-32 of size 32
[   32.646553] The buggy address is located 0 bytes to the right of
[   32.646553]  allocated 24-byte region [fff00000c9acbe40, fff00000c9acbe58)
[   32.646731] 
[   32.646798] The buggy address belongs to the physical page:
[   32.646835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109acb
[   32.646925] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   32.647049] page_type: f5(slab)
[   32.647137] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000
[   32.647282] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000
[   32.647359] page dumped because: kasan: bad access detected
[   32.647606] 
[   32.647780] Memory state around the buggy address:
[   32.647860]  fff00000c9acbd00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc
[   32.647944]  fff00000c9acbd80: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc
[   32.648215] >fff00000c9acbe00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc
[   32.648283]                                                     ^
[   32.648421]  fff00000c9acbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.648505]  fff00000c9acbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.648590] ==================================================================
Metadata Full log Test run details 

[   25.739546] ==================================================================
[   25.740820] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0
[   25.741098] Read of size 1 at addr ffff88810613f218 by task kunit_try_catch/307
[   25.741855] 
[   25.742189] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) 
[   25.742250] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.742263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.742357] Call Trace:
[   25.742373]  <TASK>
[   25.742392]  dump_stack_lvl+0x73/0xb0
[   25.742438]  print_report+0xd1/0x610
[   25.742464]  ? __virt_addr_valid+0x1db/0x2d0
[   25.742489]  ? memcmp+0x1b4/0x1d0
[   25.742508]  ? kasan_complete_mode_report_info+0x2a/0x200
[   25.742534]  ? memcmp+0x1b4/0x1d0
[   25.742553]  kasan_report+0x141/0x180
[   25.742575]  ? memcmp+0x1b4/0x1d0
[   25.742598]  __asan_report_load1_noabort+0x18/0x20
[   25.742622]  memcmp+0x1b4/0x1d0
[   25.742643]  kasan_memcmp+0x18f/0x390
[   25.742665]  ? __pfx_kasan_memcmp+0x10/0x10
[   25.742685]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   25.742715]  ? __pfx_kasan_memcmp+0x10/0x10
[   25.742752]  kunit_try_run_case+0x1a5/0x480
[   25.742776]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.742797]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.742820]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.742844]  ? __kthread_parkme+0x82/0x180
[   25.742866]  ? preempt_count_sub+0x50/0x80
[   25.742890]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.742911]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.742937]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.742964]  kthread+0x337/0x6f0
[   25.742984]  ? trace_preempt_on+0x20/0xc0
[   25.743009]  ? __pfx_kthread+0x10/0x10
[   25.743031]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.743054]  ? calculate_sigpending+0x7b/0xa0
[   25.743079]  ? __pfx_kthread+0x10/0x10
[   25.743102]  ret_from_fork+0x116/0x1d0
[   25.743124]  ? __pfx_kthread+0x10/0x10
[   25.743146]  ret_from_fork_asm+0x1a/0x30
[   25.743179]  </TASK>
[   25.743191] 
[   25.752213] Allocated by task 307:
[   25.752533]  kasan_save_stack+0x45/0x70
[   25.752685]  kasan_save_track+0x18/0x40
[   25.752827]  kasan_save_alloc_info+0x3b/0x50
[   25.753029]  __kasan_kmalloc+0xb7/0xc0
[   25.753613]  __kmalloc_cache_noprof+0x189/0x420
[   25.753864]  kasan_memcmp+0xb7/0x390
[   25.754015]  kunit_try_run_case+0x1a5/0x480
[   25.754156]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.754327]  kthread+0x337/0x6f0
[   25.754443]  ret_from_fork+0x116/0x1d0
[   25.754571]  ret_from_fork_asm+0x1a/0x30
[   25.754704] 
[   25.754782] The buggy address belongs to the object at ffff88810613f200
[   25.754782]  which belongs to the cache kmalloc-32 of size 32
[   25.755128] The buggy address is located 0 bytes to the right of
[   25.755128]  allocated 24-byte region [ffff88810613f200, ffff88810613f218)
[   25.755487] 
[   25.755554] The buggy address belongs to the physical page:
[   25.755720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10613f
[   25.757058] flags: 0x200000000000000(node=0|zone=2)
[   25.757754] page_type: f5(slab)
[   25.757927] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000
[   25.758213] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000
[   25.758798] page dumped because: kasan: bad access detected
[   25.759202] 
[   25.759509] Memory state around the buggy address:
[   25.759747]  ffff88810613f100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[   25.760034]  ffff88810613f180: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc
[   25.760578] >ffff88810613f200: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.760993]                             ^
[   25.761178]  ffff88810613f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.761822]  ffff88810613f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.762209] ==================================================================
Metadata Full log Test run details