Date
July 15, 2025, 2:10 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 105.012715] ================================================================== [ 105.013687] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xc8/0x200 [ 105.014440] Write of size 1 at addr ffff0000c654df00 by task kunit_try_catch/212 [ 105.015065] [ 105.015312] CPU: 1 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.016104] Hardware name: linux,dummy-virt (DT) [ 105.017036] Call trace: [ 105.017330] dump_backtrace+0xe0/0x134 [ 105.017796] show_stack+0x20/0x2c [ 105.018196] dump_stack_lvl+0x88/0xb4 [ 105.018677] print_report+0x158/0x44c [ 105.019113] kasan_report+0xc8/0x180 [ 105.019546] __asan_store1+0x68/0x7c [ 105.019959] kmalloc_large_oob_right+0xc8/0x200 [ 105.021374] kunit_try_run_case+0x8c/0x124 [ 105.021848] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.022411] kthread+0x15c/0x170 [ 105.022807] ret_from_fork+0x10/0x20 [ 105.023212] [ 105.023423] Allocated by task 212: [ 105.023788] kasan_save_stack+0x3c/0x70 [ 105.024266] kasan_set_track+0x2c/0x40 [ 105.024673] kasan_save_alloc_info+0x24/0x34 [ 105.025188] __kasan_kmalloc+0xd4/0xe0 [ 105.025625] kmalloc_trace+0x8c/0x150 [ 105.026401] kmalloc_large_oob_right+0x9c/0x200 [ 105.026944] kunit_try_run_case+0x8c/0x124 [ 105.027390] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.027979] kthread+0x15c/0x170 [ 105.028365] ret_from_fork+0x10/0x20 [ 105.029580] [ 105.029804] The buggy address belongs to the object at ffff0000c654c000 [ 105.029804] which belongs to the cache kmalloc-8k of size 8192 [ 105.030729] The buggy address is located 7936 bytes inside of [ 105.030729] 8192-byte region [ffff0000c654c000, ffff0000c654e000) [ 105.031638] [ 105.031874] The buggy address belongs to the physical page: [ 105.032346] page:000000000a5b8ac5 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106548 [ 105.033637] head:000000000a5b8ac5 order:3 compound_mapcount:0 compound_pincount:0 [ 105.034263] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 105.034971] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002c00 [ 105.035598] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 105.036244] page dumped because: kasan: bad access detected [ 105.037477] [ 105.037706] Memory state around the buggy address: [ 105.038177] ffff0000c654de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.038815] ffff0000c654de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.039437] >ffff0000c654df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.040014] ^ [ 105.040335] ffff0000c654df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.040967] ffff0000c654e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.041561] ==================================================================
[ 74.795207] ================================================================== [ 74.795920] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xa0/0x14c [ 74.796505] Write of size 1 at addr ffff0000c4085f00 by task kunit_try_catch/128 [ 74.797712] [ 74.798035] CPU: 1 PID: 128 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 74.799088] Hardware name: linux,dummy-virt (DT) [ 74.799678] Call trace: [ 74.800059] dump_backtrace+0xf8/0x118 [ 74.800765] show_stack+0x18/0x24 [ 74.801457] __dump_stack+0x28/0x38 [ 74.802039] dump_stack_lvl+0x54/0x6c [ 74.802630] print_address_description+0x7c/0x1ec [ 74.803377] print_report+0x50/0x68 [ 74.803993] kasan_report+0xac/0x100 [ 74.804437] __asan_store1+0x6c/0x70 [ 74.805148] kmalloc_large_oob_right+0xa0/0x14c [ 74.805864] kunit_try_run_case+0x80/0x184 [ 74.806511] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 74.807311] kthread+0x16c/0x21c [ 74.807804] ret_from_fork+0x10/0x20 [ 74.808180] [ 74.808367] Allocated by task 128: [ 74.808653] kasan_set_track+0x4c/0x80 [ 74.809453] kasan_save_alloc_info+0x28/0x34 [ 74.810116] __kasan_kmalloc+0x88/0xa0 [ 74.810742] kmalloc_trace+0x54/0x68 [ 74.811335] kmalloc_large_oob_right+0x48/0x14c [ 74.812027] kunit_try_run_case+0x80/0x184 [ 74.812724] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 74.813540] kthread+0x16c/0x21c [ 74.814117] ret_from_fork+0x10/0x20 [ 74.814694] [ 74.814972] The buggy address belongs to the object at ffff0000c4084000 [ 74.814972] which belongs to the cache kmalloc-8k of size 8192 [ 74.816354] The buggy address is located 7936 bytes inside of [ 74.816354] 8192-byte region [ffff0000c4084000, ffff0000c4086000) [ 74.817971] [ 74.818289] The buggy address belongs to the physical page: [ 74.819054] page:000000002acc5e88 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104080 [ 74.819781] head:000000002acc5e88 order:3 compound_mapcount:0 compound_pincount:0 [ 74.820278] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 74.821134] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002c00 [ 74.822130] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 74.823028] page dumped because: kasan: bad access detected [ 74.823694] [ 74.823972] Memory state around the buggy address: [ 74.824608] ffff0000c4085e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 74.825525] ffff0000c4085e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 74.826401] >ffff0000c4085f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.827248] ^ [ 74.827730] ffff0000c4085f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.828628] ffff0000c4086000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.829578] ==================================================================
[ 73.806788] ================================================================== [ 73.808479] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xa0/0x14c [ 73.809964] Write of size 1 at addr ffff0000c59f1f00 by task kunit_try_catch/128 [ 73.811476] [ 73.811875] CPU: 0 PID: 128 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 73.813204] Hardware name: linux,dummy-virt (DT) [ 73.813992] Call trace: [ 73.814508] dump_backtrace+0xf4/0x114 [ 73.815321] show_stack+0x18/0x24 [ 73.816043] __dump_stack+0x28/0x38 [ 73.816902] dump_stack_lvl+0x50/0x68 [ 73.817795] print_address_description+0x7c/0x1ec [ 73.818843] print_report+0x50/0x68 [ 73.819611] kasan_report+0xac/0xfc [ 73.820051] __asan_store1+0x6c/0x70 [ 73.820473] kmalloc_large_oob_right+0xa0/0x14c [ 73.821147] kunit_try_run_case+0x80/0x184 [ 73.821848] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 73.822672] kthread+0x16c/0x21c [ 73.823278] ret_from_fork+0x10/0x20 [ 73.823935] [ 73.824252] Allocated by task 128: [ 73.824776] kasan_set_track+0x4c/0x80 [ 73.825442] kasan_save_alloc_info+0x28/0x34 [ 73.826119] __kasan_kmalloc+0x88/0xa0 [ 73.826778] kmalloc_trace+0x54/0x68 [ 73.827389] kmalloc_large_oob_right+0x48/0x14c [ 73.828197] kunit_try_run_case+0x80/0x184 [ 73.828934] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 73.829791] kthread+0x16c/0x21c [ 73.830379] ret_from_fork+0x10/0x20 [ 73.830770] [ 73.831121] The buggy address belongs to the object at ffff0000c59f0000 [ 73.831121] which belongs to the cache kmalloc-8k of size 8192 [ 73.832780] The buggy address is located 7936 bytes inside of [ 73.832780] 8192-byte region [ffff0000c59f0000, ffff0000c59f2000) [ 73.834073] [ 73.834259] The buggy address belongs to the physical page: [ 73.834620] page:000000007696d2f2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059f0 [ 73.835900] head:000000007696d2f2 order:3 compound_mapcount:0 compound_pincount:0 [ 73.837070] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 73.838099] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002c00 [ 73.839097] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 73.840124] page dumped because: kasan: bad access detected [ 73.840829] [ 73.841014] Memory state around the buggy address: [ 73.841380] ffff0000c59f1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 73.841878] ffff0000c59f1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 73.842367] >ffff0000c59f1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.842911] ^ [ 73.843422] ffff0000c59f1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.844458] ffff0000c59f2000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.845351] ==================================================================
[ 72.413249] ================================================================== [ 72.414217] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xc0/0x1f0 [ 72.414915] Write of size 1 at addr ffff0000c5a19f00 by task kunit_try_catch/128 [ 72.415525] [ 72.415729] CPU: 1 PID: 128 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 72.416851] Hardware name: linux,dummy-virt (DT) [ 72.417256] Call trace: [ 72.417540] dump_backtrace.part.0+0xdc/0xf0 [ 72.418597] show_stack+0x18/0x30 [ 72.419097] dump_stack_lvl+0x64/0x80 [ 72.419581] print_report+0x158/0x438 [ 72.420029] kasan_report+0xb4/0xf4 [ 72.420496] __asan_store1+0x68/0x7c [ 72.420922] kmalloc_large_oob_right+0xc0/0x1f0 [ 72.421449] kunit_try_run_case+0x84/0x120 [ 72.422546] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 72.423158] kthread+0x180/0x190 [ 72.423579] ret_from_fork+0x10/0x20 [ 72.424017] [ 72.424211] Allocated by task 128: [ 72.424587] kasan_save_stack+0x3c/0x70 [ 72.425060] kasan_set_track+0x2c/0x40 [ 72.425485] kasan_save_alloc_info+0x24/0x34 [ 72.426144] __kasan_kmalloc+0xb8/0xc0 [ 72.426596] kmalloc_trace+0x58/0x6c [ 72.427210] kmalloc_large_oob_right+0x94/0x1f0 [ 72.427759] kunit_try_run_case+0x84/0x120 [ 72.428243] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 72.428800] kthread+0x180/0x190 [ 72.429197] ret_from_fork+0x10/0x20 [ 72.429628] [ 72.429977] The buggy address belongs to the object at ffff0000c5a18000 [ 72.429977] which belongs to the cache kmalloc-8k of size 8192 [ 72.431343] The buggy address is located 7936 bytes inside of [ 72.431343] 8192-byte region [ffff0000c5a18000, ffff0000c5a1a000) [ 72.432313] [ 72.432564] The buggy address belongs to the physical page: [ 72.433037] page:00000000873a2410 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a18 [ 72.433776] head:00000000873a2410 order:3 compound_mapcount:0 compound_pincount:0 [ 72.434425] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 72.435378] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002c00 [ 72.436082] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 72.436711] page dumped because: kasan: bad access detected [ 72.437190] [ 72.437382] Memory state around the buggy address: [ 72.437815] ffff0000c5a19e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 72.438602] ffff0000c5a19e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 72.439590] >ffff0000c5a19f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.440186] ^ [ 72.440513] ffff0000c5a19f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.441125] ffff0000c5a1a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.441714] ==================================================================
[ 64.113003] ================================================================== [ 64.114513] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xd8/0x1f0 [ 64.115810] Write of size 1 at addr ffff0000c17ddf00 by task kunit_try_catch/126 [ 64.117002] [ 64.117327] CPU: 0 PID: 126 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.118501] Hardware name: linux,dummy-virt (DT) [ 64.119065] Call trace: [ 64.119438] dump_backtrace+0x110/0x120 [ 64.120100] show_stack+0x18/0x28 [ 64.120668] dump_stack_lvl+0x68/0x84 [ 64.121251] print_report+0x158/0x484 [ 64.121883] kasan_report+0x98/0xe0 [ 64.122492] __asan_store1+0x68/0x78 [ 64.123072] kmalloc_large_oob_right+0xd8/0x1f0 [ 64.123769] kunit_try_run_case+0x7c/0x120 [ 64.124382] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.124913] kthread+0x1a4/0x1b8 [ 64.125209] ret_from_fork+0x10/0x20 [ 64.125613] [ 64.125785] Allocated by task 126: [ 64.126082] kasan_save_stack+0x2c/0x58 [ 64.126653] kasan_set_track+0x2c/0x40 [ 64.127245] kasan_save_alloc_info+0x24/0x38 [ 64.127682] __kasan_kmalloc+0xa0/0xb8 [ 64.128072] kmalloc_trace+0x50/0x68 [ 64.128456] kmalloc_large_oob_right+0xa8/0x1f0 [ 64.128892] kunit_try_run_case+0x7c/0x120 [ 64.129334] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.130364] kthread+0x1a4/0x1b8 [ 64.130729] ret_from_fork+0x10/0x20 [ 64.131114] [ 64.131321] The buggy address belongs to the object at ffff0000c17dc000 [ 64.131321] which belongs to the cache kmalloc-8k of size 8192 [ 64.132208] The buggy address is located 7936 bytes inside of [ 64.132208] 8192-byte region [ffff0000c17dc000, ffff0000c17de000) [ 64.133086] [ 64.133324] The buggy address belongs to the physical page: [ 64.133918] page:0000000063f2cd7d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017d8 [ 64.134776] head:0000000063f2cd7d order:3 compound_mapcount:0 compound_pincount:0 [ 64.135366] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 64.136001] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002c00 [ 64.136631] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 64.137185] page dumped because: kasan: bad access detected [ 64.138074] [ 64.138297] Memory state around the buggy address: [ 64.138733] ffff0000c17dde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.139316] ffff0000c17dde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.139893] >ffff0000c17ddf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.140461] ^ [ 64.140768] ffff0000c17ddf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.141362] ffff0000c17de000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.142172] ==================================================================
[ 30.423116] ================================================================== [ 30.423707] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xcc/0x1e0 [ 30.424125] Write of size 1 at addr ffff8881035f1f00 by task kunit_try_catch/232 [ 30.424455] [ 30.424581] CPU: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 30.424988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.425921] Call Trace: [ 30.426094] <TASK> [ 30.426266] dump_stack_lvl+0x49/0x62 [ 30.426618] print_report+0x189/0x492 [ 30.426856] ? kasan_complete_mode_report_info+0x3c/0x200 [ 30.427154] ? kmalloc_large_oob_right+0xcc/0x1e0 [ 30.427714] kasan_report+0x10c/0x190 [ 30.427971] ? kmalloc_large_oob_right+0xcc/0x1e0 [ 30.428298] __asan_store1+0x65/0x70 [ 30.428627] kmalloc_large_oob_right+0xcc/0x1e0 [ 30.428880] ? kmalloc_oob_16+0x250/0x250 [ 30.429095] ? __kunit_add_resource+0xd1/0x100 [ 30.429400] ? kasan_test_init+0x13e/0x1b0 [ 30.429658] kunit_try_run_case+0x8f/0xd0 [ 30.429878] ? kunit_catch_run_case+0x80/0x80 [ 30.430102] ? kunit_try_catch_throw+0x40/0x40 [ 30.430365] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 30.430667] kthread+0x17b/0x1b0 [ 30.430879] ? kthread_complete_and_exit+0x30/0x30 [ 30.431148] ret_from_fork+0x22/0x30 [ 30.431584] </TASK> [ 30.431730] [ 30.431817] Allocated by task 232: [ 30.432014] kasan_save_stack+0x41/0x70 [ 30.432304] kasan_set_track+0x25/0x40 [ 30.432581] kasan_save_alloc_info+0x1e/0x30 [ 30.432830] __kasan_kmalloc+0xb6/0xc0 [ 30.433024] kmalloc_trace+0x48/0xb0 [ 30.433280] kmalloc_large_oob_right+0x99/0x1e0 [ 30.433830] kunit_try_run_case+0x8f/0xd0 [ 30.434053] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 30.434357] kthread+0x17b/0x1b0 [ 30.434663] ret_from_fork+0x22/0x30 [ 30.434860] [ 30.434970] The buggy address belongs to the object at ffff8881035f0000 [ 30.434970] which belongs to the cache kmalloc-8k of size 8192 [ 30.435589] The buggy address is located 7936 bytes inside of [ 30.435589] 8192-byte region [ffff8881035f0000, ffff8881035f2000) [ 30.436141] [ 30.436243] The buggy address belongs to the physical page: [ 30.436617] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1035f0 [ 30.437003] head:(____ptrval____) order:3 compound_mapcount:0 compound_pincount:0 [ 30.437489] flags: 0x200000000010200(slab|head|node=0|zone=2) [ 30.437778] raw: 0200000000010200 0000000000000000 dead000000000122 ffff888100042280 [ 30.438124] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 30.438774] page dumped because: kasan: bad access detected [ 30.439040] [ 30.439154] Memory state around the buggy address: [ 30.439392] ffff8881035f1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.439822] ffff8881035f1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.440153] >ffff8881035f1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.440564] ^ [ 30.440764] ffff8881035f1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.441087] ffff8881035f2000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.441515] ==================================================================