Date
July 15, 2025, 2:10 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 105.732955] ================================================================== [ 105.733717] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xd8/0x200 [ 105.734458] Write of size 8 at addr ffff0000c66f6271 by task kunit_try_catch/223 [ 105.734964] [ 105.735162] CPU: 1 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.735713] Hardware name: linux,dummy-virt (DT) [ 105.738126] Call trace: [ 105.738837] dump_backtrace+0xe0/0x134 [ 105.739646] show_stack+0x20/0x2c [ 105.740435] dump_stack_lvl+0x88/0xb4 [ 105.741171] print_report+0x158/0x44c [ 105.741737] kasan_report+0xc8/0x180 [ 105.742130] kasan_check_range+0xe4/0x190 [ 105.742699] memset+0x40/0x70 [ 105.743124] kmalloc_oob_memset_8+0xd8/0x200 [ 105.743563] kunit_try_run_case+0x8c/0x124 [ 105.744110] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.744783] kthread+0x15c/0x170 [ 105.745566] ret_from_fork+0x10/0x20 [ 105.746011] [ 105.746252] Allocated by task 223: [ 105.746626] kasan_save_stack+0x3c/0x70 [ 105.747083] kasan_set_track+0x2c/0x40 [ 105.747546] kasan_save_alloc_info+0x24/0x34 [ 105.748029] __kasan_kmalloc+0xd4/0xe0 [ 105.748500] kmalloc_trace+0x8c/0x150 [ 105.748960] kmalloc_oob_memset_8+0xa0/0x200 [ 105.749456] kunit_try_run_case+0x8c/0x124 [ 105.750343] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.751011] kthread+0x15c/0x170 [ 105.751425] ret_from_fork+0x10/0x20 [ 105.751894] [ 105.752132] The buggy address belongs to the object at ffff0000c66f6200 [ 105.752132] which belongs to the cache kmalloc-128 of size 128 [ 105.753289] The buggy address is located 113 bytes inside of [ 105.753289] 128-byte region [ffff0000c66f6200, ffff0000c66f6280) [ 105.754208] [ 105.754623] The buggy address belongs to the physical page: [ 105.755068] page:000000008cb3a959 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066f6 [ 105.755855] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 105.756580] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 105.757372] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.758023] page dumped because: kasan: bad access detected [ 105.758511] [ 105.758716] Memory state around the buggy address: [ 105.759645] ffff0000c66f6100: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.760306] ffff0000c66f6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.761280] >ffff0000c66f6200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 105.761877] ^ [ 105.762458] ffff0000c66f6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.763072] ffff0000c66f6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.763666] ==================================================================
[ 75.489407] ================================================================== [ 75.490172] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xac/0x154 [ 75.490741] Write of size 8 at addr ffff0000c5a46371 by task kunit_try_catch/139 [ 75.491788] [ 75.492117] CPU: 1 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 75.493342] Hardware name: linux,dummy-virt (DT) [ 75.494078] Call trace: [ 75.494488] dump_backtrace+0xf8/0x118 [ 75.495169] show_stack+0x18/0x24 [ 75.495813] __dump_stack+0x28/0x38 [ 75.496454] dump_stack_lvl+0x54/0x6c [ 75.497136] print_address_description+0x7c/0x1ec [ 75.497917] print_report+0x50/0x68 [ 75.498541] kasan_report+0xac/0x100 [ 75.499160] kasan_check_range+0x260/0x2a0 [ 75.499841] memset+0x40/0x70 [ 75.500356] kmalloc_oob_memset_8+0xac/0x154 [ 75.501115] kunit_try_run_case+0x80/0x184 [ 75.501889] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 75.502708] kthread+0x16c/0x21c [ 75.503310] ret_from_fork+0x10/0x20 [ 75.503841] [ 75.504133] Allocated by task 139: [ 75.504680] kasan_set_track+0x4c/0x80 [ 75.505144] kasan_save_alloc_info+0x28/0x34 [ 75.505545] __kasan_kmalloc+0x88/0xa0 [ 75.506020] kmalloc_trace+0x54/0x68 [ 75.506402] kmalloc_oob_memset_8+0x48/0x154 [ 75.506882] kunit_try_run_case+0x80/0x184 [ 75.507550] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 75.508375] kthread+0x16c/0x21c [ 75.509061] ret_from_fork+0x10/0x20 [ 75.509673] [ 75.509979] The buggy address belongs to the object at ffff0000c5a46300 [ 75.509979] which belongs to the cache kmalloc-128 of size 128 [ 75.511406] The buggy address is located 113 bytes inside of [ 75.511406] 128-byte region [ffff0000c5a46300, ffff0000c5a46380) [ 75.512870] [ 75.513206] The buggy address belongs to the physical page: [ 75.513985] page:00000000e850444c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a46 [ 75.514884] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 75.515441] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 75.516218] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 75.517269] page dumped because: kasan: bad access detected [ 75.518064] [ 75.518356] Memory state around the buggy address: [ 75.519004] ffff0000c5a46200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 75.519921] ffff0000c5a46280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 75.520906] >ffff0000c5a46300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 75.521954] ^ [ 75.522824] ffff0000c5a46380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 75.523739] ffff0000c5a46400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 75.524637] ==================================================================
[ 74.524566] ================================================================== [ 74.525467] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xac/0x154 [ 74.526121] Write of size 8 at addr ffff0000c5a09c71 by task kunit_try_catch/139 [ 74.526747] [ 74.526961] CPU: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 74.527708] Hardware name: linux,dummy-virt (DT) [ 74.528480] Call trace: [ 74.528879] dump_backtrace+0xf4/0x114 [ 74.529460] show_stack+0x18/0x24 [ 74.530006] __dump_stack+0x28/0x38 [ 74.530530] dump_stack_lvl+0x50/0x68 [ 74.531067] print_address_description+0x7c/0x1ec [ 74.531877] print_report+0x50/0x68 [ 74.532468] kasan_report+0xac/0xfc [ 74.532896] kasan_check_range+0x258/0x290 [ 74.533574] memset+0x40/0x70 [ 74.534043] kmalloc_oob_memset_8+0xac/0x154 [ 74.534590] kunit_try_run_case+0x80/0x184 [ 74.535110] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 74.535729] kthread+0x16c/0x21c [ 74.536341] ret_from_fork+0x10/0x20 [ 74.536838] [ 74.537056] Allocated by task 139: [ 74.537430] kasan_set_track+0x4c/0x80 [ 74.537973] kasan_save_alloc_info+0x28/0x34 [ 74.538462] __kasan_kmalloc+0x88/0xa0 [ 74.538944] kmalloc_trace+0x54/0x68 [ 74.539350] kmalloc_oob_memset_8+0x48/0x154 [ 74.539850] kunit_try_run_case+0x80/0x184 [ 74.540556] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 74.541170] kthread+0x16c/0x21c [ 74.541578] ret_from_fork+0x10/0x20 [ 74.542004] [ 74.542203] The buggy address belongs to the object at ffff0000c5a09c00 [ 74.542203] which belongs to the cache kmalloc-128 of size 128 [ 74.543092] The buggy address is located 113 bytes inside of [ 74.543092] 128-byte region [ffff0000c5a09c00, ffff0000c5a09c80) [ 74.544098] [ 74.544291] The buggy address belongs to the physical page: [ 74.544817] page:000000009f2754ee refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a09 [ 74.545575] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 74.546388] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 74.547075] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 74.547858] page dumped because: kasan: bad access detected [ 74.548308] [ 74.548526] Memory state around the buggy address: [ 74.548952] ffff0000c5a09b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 74.549591] ffff0000c5a09b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.550411] >ffff0000c5a09c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 74.551008] ^ [ 74.551586] ffff0000c5a09c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.552685] ffff0000c5a09d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.553304] ==================================================================
[ 73.121147] ================================================================== [ 73.122270] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xd0/0x200 [ 73.123404] Write of size 8 at addr ffff0000c5916f71 by task kunit_try_catch/139 [ 73.124335] [ 73.124547] CPU: 1 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 73.125081] Hardware name: linux,dummy-virt (DT) [ 73.125418] Call trace: [ 73.125926] dump_backtrace.part.0+0xdc/0xf0 [ 73.126744] show_stack+0x18/0x30 [ 73.127358] dump_stack_lvl+0x64/0x80 [ 73.127982] print_report+0x158/0x438 [ 73.128610] kasan_report+0xb4/0xf4 [ 73.129178] kasan_check_range+0xe4/0x190 [ 73.129850] memset+0x40/0x70 [ 73.130463] kmalloc_oob_memset_8+0xd0/0x200 [ 73.131141] kunit_try_run_case+0x84/0x120 [ 73.131802] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 73.132579] kthread+0x180/0x190 [ 73.133098] ret_from_fork+0x10/0x20 [ 73.133665] [ 73.133994] Allocated by task 139: [ 73.134557] kasan_save_stack+0x3c/0x70 [ 73.135213] kasan_set_track+0x2c/0x40 [ 73.135858] kasan_save_alloc_info+0x24/0x34 [ 73.136513] __kasan_kmalloc+0xb8/0xc0 [ 73.137065] kmalloc_trace+0x58/0x6c [ 73.137640] kmalloc_oob_memset_8+0x98/0x200 [ 73.138321] kunit_try_run_case+0x84/0x120 [ 73.139010] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 73.139786] kthread+0x180/0x190 [ 73.140171] ret_from_fork+0x10/0x20 [ 73.140522] [ 73.140687] The buggy address belongs to the object at ffff0000c5916f00 [ 73.140687] which belongs to the cache kmalloc-128 of size 128 [ 73.141368] The buggy address is located 113 bytes inside of [ 73.141368] 128-byte region [ffff0000c5916f00, ffff0000c5916f80) [ 73.142913] [ 73.143207] The buggy address belongs to the physical page: [ 73.143975] page:00000000a76cf208 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105916 [ 73.145069] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 73.146002] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 73.147061] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 73.147986] page dumped because: kasan: bad access detected [ 73.148660] [ 73.148934] Memory state around the buggy address: [ 73.149552] ffff0000c5916e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 73.150553] ffff0000c5916e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.151540] >ffff0000c5916f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 73.152380] ^ [ 73.153165] ffff0000c5916f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.153641] ffff0000c5917000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 73.154618] ==================================================================
[ 64.667980] ================================================================== [ 64.668754] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xe4/0x1f0 [ 64.669440] Write of size 8 at addr ffff0000c58b8971 by task kunit_try_catch/137 [ 64.669927] [ 64.670125] CPU: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.670835] Hardware name: linux,dummy-virt (DT) [ 64.671195] Call trace: [ 64.671471] dump_backtrace+0x110/0x120 [ 64.671938] show_stack+0x18/0x28 [ 64.672360] dump_stack_lvl+0x68/0x84 [ 64.672838] print_report+0x158/0x484 [ 64.673194] kasan_report+0x98/0xe0 [ 64.673639] kasan_check_range+0x160/0x1d8 [ 64.674034] memset+0x3c/0x80 [ 64.674416] kmalloc_oob_memset_8+0xe4/0x1f0 [ 64.674953] kunit_try_run_case+0x7c/0x120 [ 64.675370] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.675889] kthread+0x1a4/0x1b8 [ 64.676435] ret_from_fork+0x10/0x20 [ 64.676772] [ 64.676964] Allocated by task 137: [ 64.677297] kasan_save_stack+0x2c/0x58 [ 64.677713] kasan_set_track+0x2c/0x40 [ 64.678078] kasan_save_alloc_info+0x24/0x38 [ 64.678473] __kasan_kmalloc+0xa0/0xb8 [ 64.678839] kmalloc_trace+0x50/0x68 [ 64.679211] kmalloc_oob_memset_8+0xa8/0x1f0 [ 64.679682] kunit_try_run_case+0x7c/0x120 [ 64.680082] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.680563] kthread+0x1a4/0x1b8 [ 64.680894] ret_from_fork+0x10/0x20 [ 64.681264] [ 64.681507] The buggy address belongs to the object at ffff0000c58b8900 [ 64.681507] which belongs to the cache kmalloc-128 of size 128 [ 64.682322] The buggy address is located 113 bytes inside of [ 64.682322] 128-byte region [ffff0000c58b8900, ffff0000c58b8980) [ 64.683126] [ 64.683337] The buggy address belongs to the physical page: [ 64.683769] page:0000000079d9b0ef refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058b8 [ 64.684446] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.685076] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 64.685736] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.686314] page dumped because: kasan: bad access detected [ 64.686708] [ 64.686893] Memory state around the buggy address: [ 64.687298] ffff0000c58b8800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.687826] ffff0000c58b8880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.688369] >ffff0000c58b8900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 64.688854] ^ [ 64.689384] ffff0000c58b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.689933] ffff0000c58b8a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.690511] ==================================================================
[ 30.966446] ================================================================== [ 30.967638] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xd9/0x1d0 [ 30.968383] Write of size 8 at addr ffff8881030def71 by task kunit_try_catch/243 [ 30.968985] [ 30.969095] CPU: 1 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 30.969862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.970981] Call Trace: [ 30.971276] <TASK> [ 30.971620] dump_stack_lvl+0x49/0x62 [ 30.971845] print_report+0x189/0x492 [ 30.972032] ? kasan_complete_mode_report_info+0x3c/0x200 [ 30.972328] ? kmalloc_oob_memset_8+0xd9/0x1d0 [ 30.972870] kasan_report+0x10c/0x190 [ 30.973309] ? kmalloc_oob_memset_8+0xd9/0x1d0 [ 30.973839] kasan_check_range+0x10b/0x1c0 [ 30.974270] memset+0x23/0x50 [ 30.974650] kmalloc_oob_memset_8+0xd9/0x1d0 [ 30.975075] ? kmalloc_oob_memset_16+0x1d0/0x1d0 [ 30.975799] ? __kunit_add_resource+0xd1/0x100 [ 30.976029] kunit_try_run_case+0x8f/0xd0 [ 30.976238] ? kunit_catch_run_case+0x80/0x80 [ 30.976489] ? kunit_try_catch_throw+0x40/0x40 [ 30.976852] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 30.977174] kthread+0x17b/0x1b0 [ 30.977404] ? kthread_complete_and_exit+0x30/0x30 [ 30.977773] ret_from_fork+0x22/0x30 [ 30.978026] </TASK> [ 30.978179] [ 30.978266] Allocated by task 243: [ 30.978491] kasan_save_stack+0x41/0x70 [ 30.978775] kasan_set_track+0x25/0x40 [ 30.979005] kasan_save_alloc_info+0x1e/0x30 [ 30.979282] __kasan_kmalloc+0xb6/0xc0 [ 30.979515] kmalloc_trace+0x48/0xb0 [ 30.979838] kmalloc_oob_memset_8+0x9b/0x1d0 [ 30.980038] kunit_try_run_case+0x8f/0xd0 [ 30.980292] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 30.980849] kthread+0x17b/0x1b0 [ 30.981068] ret_from_fork+0x22/0x30 [ 30.981299] [ 30.981504] The buggy address belongs to the object at ffff8881030def00 [ 30.981504] which belongs to the cache kmalloc-128 of size 128 [ 30.982040] The buggy address is located 113 bytes inside of [ 30.982040] 128-byte region [ffff8881030def00, ffff8881030def80) [ 30.982501] [ 30.982620] The buggy address belongs to the physical page: [ 30.983099] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030de [ 30.983609] flags: 0x200000000000200(slab|node=0|zone=2) [ 30.983970] raw: 0200000000000200 0000000000000000 dead000000000122 ffff8881000418c0 [ 30.984371] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 30.984710] page dumped because: kasan: bad access detected [ 30.984992] [ 30.985094] Memory state around the buggy address: [ 30.985429] ffff8881030dee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 30.985742] ffff8881030dee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.986073] >ffff8881030def00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.986381] ^ [ 30.986997] ffff8881030def80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.987336] ffff8881030df000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.987738] ==================================================================