Date
July 15, 2025, 2:10 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 104.726053] ================================================================== [ 104.727309] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xec/0x350 [ 104.729174] Write of size 1 at addr ffff0000c67f6178 by task kunit_try_catch/204 [ 104.730104] [ 104.730318] CPU: 1 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 104.730889] Hardware name: linux,dummy-virt (DT) [ 104.731223] Call trace: [ 104.731453] dump_backtrace+0xe0/0x134 [ 104.732886] show_stack+0x20/0x2c [ 104.733511] dump_stack_lvl+0x88/0xb4 [ 104.734522] print_report+0x158/0x44c [ 104.735410] kasan_report+0xc8/0x180 [ 104.736373] __asan_store1+0x68/0x7c [ 104.737383] kmalloc_oob_right+0xec/0x350 [ 104.738435] kunit_try_run_case+0x8c/0x124 [ 104.739465] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.741065] kthread+0x15c/0x170 [ 104.741772] ret_from_fork+0x10/0x20 [ 104.742739] [ 104.743609] Allocated by task 204: [ 104.744250] kasan_save_stack+0x3c/0x70 [ 104.745336] kasan_set_track+0x2c/0x40 [ 104.746321] kasan_save_alloc_info+0x24/0x34 [ 104.747380] __kasan_kmalloc+0xd4/0xe0 [ 104.748360] kmalloc_trace+0x8c/0x150 [ 104.749576] kmalloc_oob_right+0xa0/0x350 [ 104.750272] kunit_try_run_case+0x8c/0x124 [ 104.751279] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.752223] kthread+0x15c/0x170 [ 104.753227] ret_from_fork+0x10/0x20 [ 104.754182] [ 104.754808] The buggy address belongs to the object at ffff0000c67f6100 [ 104.754808] which belongs to the cache kmalloc-128 of size 128 [ 104.756714] The buggy address is located 120 bytes inside of [ 104.756714] 128-byte region [ffff0000c67f6100, ffff0000c67f6180) [ 104.757784] [ 104.757995] The buggy address belongs to the physical page: [ 104.758645] page:00000000e3cb17d3 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067f6 [ 104.759354] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 104.759998] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 104.761067] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 104.762098] page dumped because: kasan: bad access detected [ 104.762866] [ 104.763156] Memory state around the buggy address: [ 104.763775] ffff0000c67f6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 104.764682] ffff0000c67f6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.765621] >ffff0000c67f6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 104.766356] ^ [ 104.767252] ffff0000c67f6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.768134] ffff0000c67f6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.768839] ================================================================== [ 104.769685] ================================================================== [ 104.770189] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x110/0x350 [ 104.770989] Read of size 1 at addr ffff0000c67f6180 by task kunit_try_catch/204 [ 104.771509] [ 104.771704] CPU: 1 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 104.773547] Hardware name: linux,dummy-virt (DT) [ 104.774163] Call trace: [ 104.774533] dump_backtrace+0xe0/0x134 [ 104.775114] show_stack+0x20/0x2c [ 104.775629] dump_stack_lvl+0x88/0xb4 [ 104.776251] print_report+0x158/0x44c [ 104.776829] kasan_report+0xc8/0x180 [ 104.777447] __asan_load1+0x68/0x74 [ 104.778122] kmalloc_oob_right+0x110/0x350 [ 104.778797] kunit_try_run_case+0x8c/0x124 [ 104.779428] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.780138] kthread+0x15c/0x170 [ 104.780535] ret_from_fork+0x10/0x20 [ 104.781168] [ 104.781446] Allocated by task 204: [ 104.781946] kasan_save_stack+0x3c/0x70 [ 104.782544] kasan_set_track+0x2c/0x40 [ 104.782964] kasan_save_alloc_info+0x24/0x34 [ 104.783380] __kasan_kmalloc+0xd4/0xe0 [ 104.783761] kmalloc_trace+0x8c/0x150 [ 104.784381] kmalloc_oob_right+0xa0/0x350 [ 104.785084] kunit_try_run_case+0x8c/0x124 [ 104.785900] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.786675] kthread+0x15c/0x170 [ 104.787216] ret_from_fork+0x10/0x20 [ 104.787786] [ 104.788058] The buggy address belongs to the object at ffff0000c67f6100 [ 104.788058] which belongs to the cache kmalloc-128 of size 128 [ 104.789727] The buggy address is located 0 bytes to the right of [ 104.789727] 128-byte region [ffff0000c67f6100, ffff0000c67f6180) [ 104.791454] [ 104.791709] The buggy address belongs to the physical page: [ 104.792092] page:00000000e3cb17d3 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067f6 [ 104.793129] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 104.794284] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 104.795360] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 104.796357] page dumped because: kasan: bad access detected [ 104.797403] [ 104.797848] Memory state around the buggy address: [ 104.798572] ffff0000c67f6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.799701] ffff0000c67f6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 104.800677] >ffff0000c67f6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.801611] ^ [ 104.802192] ffff0000c67f6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.803290] ffff0000c67f6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.804161] ================================================================== [ 104.685407] ================================================================== [ 104.686238] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xc8/0x350 [ 104.687616] Write of size 1 at addr ffff0000c67f6173 by task kunit_try_catch/204 [ 104.688167] [ 104.688871] CPU: 1 PID: 204 Comm: kunit_try_catch Tainted: G N 6.1.146-rc1 #1 [ 104.690951] Hardware name: linux,dummy-virt (DT) [ 104.691959] Call trace: [ 104.692672] dump_backtrace+0xe0/0x134 [ 104.693595] show_stack+0x20/0x2c [ 104.694245] dump_stack_lvl+0x88/0xb4 [ 104.695048] print_report+0x158/0x44c [ 104.695800] kasan_report+0xc8/0x180 [ 104.696563] __asan_store1+0x68/0x7c [ 104.697369] kmalloc_oob_right+0xc8/0x350 [ 104.698234] kunit_try_run_case+0x8c/0x124 [ 104.699157] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.700080] kthread+0x15c/0x170 [ 104.700938] ret_from_fork+0x10/0x20 [ 104.701891] [ 104.702389] Allocated by task 204: [ 104.703094] kasan_save_stack+0x3c/0x70 [ 104.703597] kasan_set_track+0x2c/0x40 [ 104.704028] kasan_save_alloc_info+0x24/0x34 [ 104.704760] __kasan_kmalloc+0xd4/0xe0 [ 104.705202] kmalloc_trace+0x8c/0x150 [ 104.705871] kmalloc_oob_right+0xa0/0x350 [ 104.706513] kunit_try_run_case+0x8c/0x124 [ 104.706939] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.707424] kthread+0x15c/0x170 [ 104.707790] ret_from_fork+0x10/0x20 [ 104.708384] [ 104.708755] The buggy address belongs to the object at ffff0000c67f6100 [ 104.708755] which belongs to the cache kmalloc-128 of size 128 [ 104.710420] The buggy address is located 115 bytes inside of [ 104.710420] 128-byte region [ffff0000c67f6100, ffff0000c67f6180) [ 104.711813] [ 104.712185] The buggy address belongs to the physical page: [ 104.713191] page:00000000e3cb17d3 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067f6 [ 104.714639] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 104.715974] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 104.717064] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 104.717732] page dumped because: kasan: bad access detected [ 104.718148] [ 104.718341] Memory state around the buggy address: [ 104.718877] ffff0000c67f6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 104.719559] ffff0000c67f6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.720067] >ffff0000c67f6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 104.720581] ^ [ 104.721250] ffff0000c67f6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.722225] ffff0000c67f6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.723113] ==================================================================
[ 74.520063] ================================================================== [ 74.520901] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x9c/0x264 [ 74.522261] Write of size 1 at addr ffff0000c598a973 by task kunit_try_catch/120 [ 74.523270] [ 74.524001] CPU: 1 PID: 120 Comm: kunit_try_catch Tainted: G N 6.1.146-rc1 #1 [ 74.524860] Hardware name: linux,dummy-virt (DT) [ 74.525694] Call trace: [ 74.526030] dump_backtrace+0xf8/0x118 [ 74.526676] show_stack+0x18/0x24 [ 74.527244] __dump_stack+0x28/0x38 [ 74.527700] dump_stack_lvl+0x54/0x6c [ 74.528205] print_address_description+0x7c/0x1ec [ 74.528952] print_report+0x50/0x68 [ 74.529406] kasan_report+0xac/0x100 [ 74.529841] __asan_store1+0x6c/0x70 [ 74.530308] kmalloc_oob_right+0x9c/0x264 [ 74.530712] kunit_try_run_case+0x80/0x184 [ 74.531146] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 74.531637] kthread+0x16c/0x21c [ 74.532027] ret_from_fork+0x10/0x20 [ 74.532581] [ 74.532965] Allocated by task 120: [ 74.533450] kasan_set_track+0x4c/0x80 [ 74.533992] kasan_save_alloc_info+0x28/0x34 [ 74.534449] __kasan_kmalloc+0x88/0xa0 [ 74.534996] kmalloc_trace+0x54/0x68 [ 74.535577] kmalloc_oob_right+0x48/0x264 [ 74.536203] kunit_try_run_case+0x80/0x184 [ 74.536911] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 74.537840] kthread+0x16c/0x21c [ 74.538414] ret_from_fork+0x10/0x20 [ 74.538869] [ 74.539108] The buggy address belongs to the object at ffff0000c598a900 [ 74.539108] which belongs to the cache kmalloc-128 of size 128 [ 74.539886] The buggy address is located 115 bytes inside of [ 74.539886] 128-byte region [ffff0000c598a900, ffff0000c598a980) [ 74.541421] [ 74.541833] The buggy address belongs to the physical page: [ 74.542824] page:00000000c3a27766 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10598a [ 74.544199] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 74.545980] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 74.547001] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 74.547955] page dumped because: kasan: bad access detected [ 74.548696] [ 74.549153] Memory state around the buggy address: [ 74.549862] ffff0000c598a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 74.550398] ffff0000c598a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.551035] >ffff0000c598a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 74.551932] ^ [ 74.552904] ffff0000c598a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.553876] ffff0000c598aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.554770] ================================================================== [ 74.556988] ================================================================== [ 74.557978] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xe8/0x264 [ 74.558898] Write of size 1 at addr ffff0000c598a978 by task kunit_try_catch/120 [ 74.559796] [ 74.560074] CPU: 1 PID: 120 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 74.561374] Hardware name: linux,dummy-virt (DT) [ 74.561722] Call trace: [ 74.561967] dump_backtrace+0xf8/0x118 [ 74.562392] show_stack+0x18/0x24 [ 74.562801] __dump_stack+0x28/0x38 [ 74.563367] dump_stack_lvl+0x54/0x6c [ 74.563960] print_address_description+0x7c/0x1ec [ 74.564894] print_report+0x50/0x68 [ 74.565521] kasan_report+0xac/0x100 [ 74.566144] __asan_store1+0x6c/0x70 [ 74.566768] kmalloc_oob_right+0xe8/0x264 [ 74.567390] kunit_try_run_case+0x80/0x184 [ 74.568043] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 74.569029] kthread+0x16c/0x21c [ 74.569608] ret_from_fork+0x10/0x20 [ 74.570195] [ 74.570464] Allocated by task 120: [ 74.570942] kasan_set_track+0x4c/0x80 [ 74.571563] kasan_save_alloc_info+0x28/0x34 [ 74.572225] __kasan_kmalloc+0x88/0xa0 [ 74.573042] kmalloc_trace+0x54/0x68 [ 74.573638] kmalloc_oob_right+0x48/0x264 [ 74.574264] kunit_try_run_case+0x80/0x184 [ 74.574899] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 74.575402] kthread+0x16c/0x21c [ 74.575786] ret_from_fork+0x10/0x20 [ 74.576158] [ 74.576342] The buggy address belongs to the object at ffff0000c598a900 [ 74.576342] which belongs to the cache kmalloc-128 of size 128 [ 74.578133] The buggy address is located 120 bytes inside of [ 74.578133] 128-byte region [ffff0000c598a900, ffff0000c598a980) [ 74.579037] [ 74.579223] The buggy address belongs to the physical page: [ 74.579582] page:00000000c3a27766 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10598a [ 74.580311] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 74.580947] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 74.581748] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 74.582630] page dumped because: kasan: bad access detected [ 74.583137] [ 74.583316] Memory state around the buggy address: [ 74.583982] ffff0000c598a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 74.584934] ffff0000c598a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.585862] >ffff0000c598a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 74.586357] ^ [ 74.586829] ffff0000c598a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.587310] ffff0000c598aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.587784] ================================================================== [ 74.589225] ================================================================== [ 74.590090] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x134/0x264 [ 74.591017] Read of size 1 at addr ffff0000c598a980 by task kunit_try_catch/120 [ 74.591921] [ 74.592224] CPU: 1 PID: 120 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 74.593377] Hardware name: linux,dummy-virt (DT) [ 74.594008] Call trace: [ 74.594376] dump_backtrace+0xf8/0x118 [ 74.595015] show_stack+0x18/0x24 [ 74.595590] __dump_stack+0x28/0x38 [ 74.596166] dump_stack_lvl+0x54/0x6c [ 74.596953] print_address_description+0x7c/0x1ec [ 74.597702] print_report+0x50/0x68 [ 74.598319] kasan_report+0xac/0x100 [ 74.598946] __asan_load1+0x6c/0x70 [ 74.599549] kmalloc_oob_right+0x134/0x264 [ 74.600192] kunit_try_run_case+0x80/0x184 [ 74.601020] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 74.601882] kthread+0x16c/0x21c [ 74.602450] ret_from_fork+0x10/0x20 [ 74.602877] [ 74.603061] Allocated by task 120: [ 74.603347] kasan_set_track+0x4c/0x80 [ 74.603773] kasan_save_alloc_info+0x28/0x34 [ 74.604196] __kasan_kmalloc+0x88/0xa0 [ 74.604714] kmalloc_trace+0x54/0x68 [ 74.605386] kmalloc_oob_right+0x48/0x264 [ 74.605872] kunit_try_run_case+0x80/0x184 [ 74.606349] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 74.606930] kthread+0x16c/0x21c [ 74.607342] ret_from_fork+0x10/0x20 [ 74.607774] [ 74.607970] The buggy address belongs to the object at ffff0000c598a900 [ 74.607970] which belongs to the cache kmalloc-128 of size 128 [ 74.609708] The buggy address is located 0 bytes to the right of [ 74.609708] 128-byte region [ffff0000c598a900, ffff0000c598a980) [ 74.610645] [ 74.610871] The buggy address belongs to the physical page: [ 74.611322] page:00000000c3a27766 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10598a [ 74.612149] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 74.612986] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 74.613664] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 74.614267] page dumped because: kasan: bad access detected [ 74.614726] [ 74.614983] Memory state around the buggy address: [ 74.615420] ffff0000c598a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.616079] ffff0000c598a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 74.616929] >ffff0000c598a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.617537] ^ [ 74.617906] ffff0000c598aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.618527] ffff0000c598aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.619145] ==================================================================
[ 73.526441] ================================================================== [ 73.527022] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xe8/0x264 [ 73.528556] Write of size 1 at addr ffff0000c5926278 by task kunit_try_catch/120 [ 73.529124] [ 73.529347] CPU: 0 PID: 120 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 73.530417] Hardware name: linux,dummy-virt (DT) [ 73.530780] Call trace: [ 73.531018] dump_backtrace+0xf4/0x114 [ 73.531565] show_stack+0x18/0x24 [ 73.532278] __dump_stack+0x28/0x38 [ 73.532821] dump_stack_lvl+0x50/0x68 [ 73.533280] print_address_description+0x7c/0x1ec [ 73.533829] print_report+0x50/0x68 [ 73.534298] kasan_report+0xac/0xfc [ 73.534755] __asan_store1+0x6c/0x70 [ 73.535196] kmalloc_oob_right+0xe8/0x264 [ 73.535634] kunit_try_run_case+0x80/0x184 [ 73.536129] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 73.536752] kthread+0x16c/0x21c [ 73.537157] ret_from_fork+0x10/0x20 [ 73.537595] [ 73.537791] Allocated by task 120: [ 73.538143] kasan_set_track+0x4c/0x80 [ 73.538607] kasan_save_alloc_info+0x28/0x34 [ 73.539107] __kasan_kmalloc+0x88/0xa0 [ 73.539548] kmalloc_trace+0x54/0x68 [ 73.539971] kmalloc_oob_right+0x48/0x264 [ 73.540485] kunit_try_run_case+0x80/0x184 [ 73.540993] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 73.541580] kthread+0x16c/0x21c [ 73.542023] ret_from_fork+0x10/0x20 [ 73.542416] [ 73.542629] The buggy address belongs to the object at ffff0000c5926200 [ 73.542629] which belongs to the cache kmalloc-128 of size 128 [ 73.543495] The buggy address is located 120 bytes inside of [ 73.543495] 128-byte region [ffff0000c5926200, ffff0000c5926280) [ 73.544629] [ 73.544919] The buggy address belongs to the physical page: [ 73.545400] page:000000009e191ffb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105926 [ 73.546088] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 73.546829] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 73.547481] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 73.548229] page dumped because: kasan: bad access detected [ 73.548723] [ 73.548978] Memory state around the buggy address: [ 73.549384] ffff0000c5926100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 73.550088] ffff0000c5926180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.550683] >ffff0000c5926200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 73.551306] ^ [ 73.551966] ffff0000c5926280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.552644] ffff0000c5926300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.553403] ================================================================== [ 73.487546] ================================================================== [ 73.488859] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x9c/0x264 [ 73.490373] Write of size 1 at addr ffff0000c5926273 by task kunit_try_catch/120 [ 73.491229] [ 73.491652] CPU: 0 PID: 120 Comm: kunit_try_catch Tainted: G N 6.1.146-rc1 #1 [ 73.493002] Hardware name: linux,dummy-virt (DT) [ 73.493833] Call trace: [ 73.494268] dump_backtrace+0xf4/0x114 [ 73.494978] show_stack+0x18/0x24 [ 73.495564] __dump_stack+0x28/0x38 [ 73.496206] dump_stack_lvl+0x50/0x68 [ 73.496816] print_address_description+0x7c/0x1ec [ 73.497563] print_report+0x50/0x68 [ 73.498178] kasan_report+0xac/0xfc [ 73.498681] __asan_store1+0x6c/0x70 [ 73.499362] kmalloc_oob_right+0x9c/0x264 [ 73.500123] kunit_try_run_case+0x80/0x184 [ 73.500714] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 73.501236] kthread+0x16c/0x21c [ 73.501632] ret_from_fork+0x10/0x20 [ 73.502324] [ 73.502650] Allocated by task 120: [ 73.503224] kasan_set_track+0x4c/0x80 [ 73.504082] kasan_save_alloc_info+0x28/0x34 [ 73.504772] __kasan_kmalloc+0x88/0xa0 [ 73.505408] kmalloc_trace+0x54/0x68 [ 73.506003] kmalloc_oob_right+0x48/0x264 [ 73.506627] kunit_try_run_case+0x80/0x184 [ 73.507284] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 73.508193] kthread+0x16c/0x21c [ 73.508829] ret_from_fork+0x10/0x20 [ 73.509455] [ 73.509798] The buggy address belongs to the object at ffff0000c5926200 [ 73.509798] which belongs to the cache kmalloc-128 of size 128 [ 73.511256] The buggy address is located 115 bytes inside of [ 73.511256] 128-byte region [ffff0000c5926200, ffff0000c5926280) [ 73.512698] [ 73.513158] The buggy address belongs to the physical page: [ 73.514036] page:000000009e191ffb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105926 [ 73.515033] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 73.516223] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 73.517252] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 73.518225] page dumped because: kasan: bad access detected [ 73.518949] [ 73.519260] Memory state around the buggy address: [ 73.520112] ffff0000c5926100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 73.521060] ffff0000c5926180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.521995] >ffff0000c5926200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 73.522885] ^ [ 73.523848] ffff0000c5926280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.524693] ffff0000c5926300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.525216] ================================================================== [ 73.554437] ================================================================== [ 73.554988] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x134/0x264 [ 73.555647] Read of size 1 at addr ffff0000c5926280 by task kunit_try_catch/120 [ 73.556425] [ 73.556647] CPU: 0 PID: 120 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 73.557399] Hardware name: linux,dummy-virt (DT) [ 73.557956] Call trace: [ 73.558237] dump_backtrace+0xf4/0x114 [ 73.558749] show_stack+0x18/0x24 [ 73.559170] __dump_stack+0x28/0x38 [ 73.559603] dump_stack_lvl+0x50/0x68 [ 73.560191] print_address_description+0x7c/0x1ec [ 73.560723] print_report+0x50/0x68 [ 73.561173] kasan_report+0xac/0xfc [ 73.561662] __asan_load1+0x6c/0x70 [ 73.562123] kmalloc_oob_right+0x134/0x264 [ 73.562567] kunit_try_run_case+0x80/0x184 [ 73.563031] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 73.563595] kthread+0x16c/0x21c [ 73.564191] ret_from_fork+0x10/0x20 [ 73.564598] [ 73.564813] Allocated by task 120: [ 73.565179] kasan_set_track+0x4c/0x80 [ 73.565682] kasan_save_alloc_info+0x28/0x34 [ 73.566180] __kasan_kmalloc+0x88/0xa0 [ 73.566681] kmalloc_trace+0x54/0x68 [ 73.567106] kmalloc_oob_right+0x48/0x264 [ 73.567544] kunit_try_run_case+0x80/0x184 [ 73.568176] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 73.568751] kthread+0x16c/0x21c [ 73.569243] ret_from_fork+0x10/0x20 [ 73.569658] [ 73.569887] The buggy address belongs to the object at ffff0000c5926200 [ 73.569887] which belongs to the cache kmalloc-128 of size 128 [ 73.570793] The buggy address is located 0 bytes to the right of [ 73.570793] 128-byte region [ffff0000c5926200, ffff0000c5926280) [ 73.571902] [ 73.572134] The buggy address belongs to the physical page: [ 73.572599] page:000000009e191ffb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105926 [ 73.573382] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 73.574072] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 73.574750] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 73.575338] page dumped because: kasan: bad access detected [ 73.576342] [ 73.576568] Memory state around the buggy address: [ 73.577020] ffff0000c5926180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.577688] ffff0000c5926200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 73.578334] >ffff0000c5926280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.578934] ^ [ 73.579283] ffff0000c5926300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.580083] ffff0000c5926380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.580703] ==================================================================
[ 72.148829] ================================================================== [ 72.150409] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xc0/0x340 [ 72.151968] Write of size 1 at addr ffff0000c5966d73 by task kunit_try_catch/120 [ 72.152886] [ 72.153376] CPU: 0 PID: 120 Comm: kunit_try_catch Tainted: G N 6.1.146-rc1 #1 [ 72.154702] Hardware name: linux,dummy-virt (DT) [ 72.155509] Call trace: [ 72.155911] dump_backtrace.part.0+0xdc/0xf0 [ 72.156425] show_stack+0x18/0x30 [ 72.156790] dump_stack_lvl+0x64/0x80 [ 72.157133] print_report+0x158/0x438 [ 72.157505] kasan_report+0xb4/0xf4 [ 72.158048] __asan_store1+0x68/0x7c [ 72.158642] kmalloc_oob_right+0xc0/0x340 [ 72.159252] kunit_try_run_case+0x84/0x120 [ 72.159877] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 72.160635] kthread+0x180/0x190 [ 72.161135] ret_from_fork+0x10/0x20 [ 72.161802] [ 72.162274] Allocated by task 120: [ 72.162825] kasan_save_stack+0x3c/0x70 [ 72.163507] kasan_set_track+0x2c/0x40 [ 72.164079] kasan_save_alloc_info+0x24/0x34 [ 72.164704] __kasan_kmalloc+0xb8/0xc0 [ 72.165240] kmalloc_trace+0x58/0x6c [ 72.165797] kmalloc_oob_right+0x98/0x340 [ 72.167165] kunit_try_run_case+0x84/0x120 [ 72.167818] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 72.168403] kthread+0x180/0x190 [ 72.168725] ret_from_fork+0x10/0x20 [ 72.169100] [ 72.169315] The buggy address belongs to the object at ffff0000c5966d00 [ 72.169315] which belongs to the cache kmalloc-128 of size 128 [ 72.170551] The buggy address is located 115 bytes inside of [ 72.170551] 128-byte region [ffff0000c5966d00, ffff0000c5966d80) [ 72.171890] [ 72.172257] The buggy address belongs to the physical page: [ 72.173081] page:00000000797bbbfa refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105966 [ 72.174736] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 72.176028] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 72.177012] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 72.178127] page dumped because: kasan: bad access detected [ 72.178833] [ 72.179064] Memory state around the buggy address: [ 72.179599] ffff0000c5966c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 72.180096] ffff0000c5966c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.180736] >ffff0000c5966d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 72.181578] ^ [ 72.182693] ffff0000c5966d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.183587] ffff0000c5966e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.184450] ================================================================== [ 72.219228] ================================================================== [ 72.219836] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x108/0x340 [ 72.220532] Read of size 1 at addr ffff0000c5966d80 by task kunit_try_catch/120 [ 72.221096] [ 72.221327] CPU: 0 PID: 120 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 72.222664] Hardware name: linux,dummy-virt (DT) [ 72.223067] Call trace: [ 72.223370] dump_backtrace.part.0+0xdc/0xf0 [ 72.223937] show_stack+0x18/0x30 [ 72.224349] dump_stack_lvl+0x64/0x80 [ 72.224793] print_report+0x158/0x438 [ 72.225242] kasan_report+0xb4/0xf4 [ 72.225647] __asan_load1+0x68/0x74 [ 72.226194] kmalloc_oob_right+0x108/0x340 [ 72.226686] kunit_try_run_case+0x84/0x120 [ 72.227123] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 72.227703] kthread+0x180/0x190 [ 72.228076] ret_from_fork+0x10/0x20 [ 72.228485] [ 72.228657] Allocated by task 120: [ 72.228992] kasan_save_stack+0x3c/0x70 [ 72.229440] kasan_set_track+0x2c/0x40 [ 72.229828] kasan_save_alloc_info+0x24/0x34 [ 72.230288] __kasan_kmalloc+0xb8/0xc0 [ 72.230849] kmalloc_trace+0x58/0x6c [ 72.231271] kmalloc_oob_right+0x98/0x340 [ 72.231700] kunit_try_run_case+0x84/0x120 [ 72.232154] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 72.232691] kthread+0x180/0x190 [ 72.233079] ret_from_fork+0x10/0x20 [ 72.233485] [ 72.233698] The buggy address belongs to the object at ffff0000c5966d00 [ 72.233698] which belongs to the cache kmalloc-128 of size 128 [ 72.234773] The buggy address is located 0 bytes to the right of [ 72.234773] 128-byte region [ffff0000c5966d00, ffff0000c5966d80) [ 72.235714] [ 72.235930] The buggy address belongs to the physical page: [ 72.236375] page:00000000797bbbfa refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105966 [ 72.237144] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 72.237775] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 72.238540] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 72.239114] page dumped because: kasan: bad access detected [ 72.239583] [ 72.239786] Memory state around the buggy address: [ 72.240212] ffff0000c5966c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.240786] ffff0000c5966d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 72.241408] >ffff0000c5966d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.242644] ^ [ 72.242943] ffff0000c5966e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.243419] ffff0000c5966e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.244021] ================================================================== [ 72.187391] ================================================================== [ 72.188233] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xe4/0x340 [ 72.189146] Write of size 1 at addr ffff0000c5966d78 by task kunit_try_catch/120 [ 72.189745] [ 72.190295] CPU: 0 PID: 120 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 72.191294] Hardware name: linux,dummy-virt (DT) [ 72.191645] Call trace: [ 72.191861] dump_backtrace.part.0+0xdc/0xf0 [ 72.192282] show_stack+0x18/0x30 [ 72.192836] dump_stack_lvl+0x64/0x80 [ 72.193392] print_report+0x158/0x438 [ 72.194125] kasan_report+0xb4/0xf4 [ 72.194665] __asan_store1+0x68/0x7c [ 72.195192] kmalloc_oob_right+0xe4/0x340 [ 72.195813] kunit_try_run_case+0x84/0x120 [ 72.196431] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 72.197173] kthread+0x180/0x190 [ 72.197672] ret_from_fork+0x10/0x20 [ 72.198359] [ 72.198638] Allocated by task 120: [ 72.198999] kasan_save_stack+0x3c/0x70 [ 72.199345] kasan_set_track+0x2c/0x40 [ 72.199756] kasan_save_alloc_info+0x24/0x34 [ 72.200183] __kasan_kmalloc+0xb8/0xc0 [ 72.200616] kmalloc_trace+0x58/0x6c [ 72.201059] kmalloc_oob_right+0x98/0x340 [ 72.201537] kunit_try_run_case+0x84/0x120 [ 72.202255] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 72.202802] kthread+0x180/0x190 [ 72.203174] ret_from_fork+0x10/0x20 [ 72.203595] [ 72.203812] The buggy address belongs to the object at ffff0000c5966d00 [ 72.203812] which belongs to the cache kmalloc-128 of size 128 [ 72.204723] The buggy address is located 120 bytes inside of [ 72.204723] 128-byte region [ffff0000c5966d00, ffff0000c5966d80) [ 72.205582] [ 72.205777] The buggy address belongs to the physical page: [ 72.206881] page:00000000797bbbfa refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105966 [ 72.207638] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 72.208289] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 72.208945] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 72.209496] page dumped because: kasan: bad access detected [ 72.210370] [ 72.211638] Memory state around the buggy address: [ 72.211983] ffff0000c5966c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 72.212459] ffff0000c5966c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.212913] >ffff0000c5966d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 72.213338] ^ [ 72.215198] ffff0000c5966d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.216546] ffff0000c5966e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 72.217961] ==================================================================
[ 63.902585] ================================================================== [ 63.903441] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x12c/0x328 [ 63.904418] Read of size 1 at addr ffff0000c586de80 by task kunit_try_catch/118 [ 63.905249] [ 63.905664] CPU: 1 PID: 118 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 63.906753] Hardware name: linux,dummy-virt (DT) [ 63.907322] Call trace: [ 63.907667] dump_backtrace+0x110/0x120 [ 63.908254] show_stack+0x18/0x28 [ 63.908736] dump_stack_lvl+0x68/0x84 [ 63.909079] print_report+0x158/0x484 [ 63.909401] kasan_report+0x98/0xe0 [ 63.909746] __asan_load1+0x68/0x78 [ 63.910052] kmalloc_oob_right+0x12c/0x328 [ 63.910782] kunit_try_run_case+0x7c/0x120 [ 63.911251] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.911772] kthread+0x1a4/0x1b8 [ 63.912095] ret_from_fork+0x10/0x20 [ 63.912496] [ 63.912665] Allocated by task 118: [ 63.913001] kasan_save_stack+0x2c/0x58 [ 63.913389] kasan_set_track+0x2c/0x40 [ 63.914070] kasan_save_alloc_info+0x24/0x38 [ 63.914518] __kasan_kmalloc+0xa0/0xb8 [ 63.914889] kmalloc_trace+0x50/0x68 [ 63.915265] kmalloc_oob_right+0xa8/0x328 [ 63.915702] kunit_try_run_case+0x7c/0x120 [ 63.916123] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.916630] kthread+0x1a4/0x1b8 [ 63.916956] ret_from_fork+0x10/0x20 [ 63.917351] [ 63.917689] The buggy address belongs to the object at ffff0000c586de00 [ 63.917689] which belongs to the cache kmalloc-128 of size 128 [ 63.918560] The buggy address is located 0 bytes to the right of [ 63.918560] 128-byte region [ffff0000c586de00, ffff0000c586de80) [ 63.919428] [ 63.919595] The buggy address belongs to the physical page: [ 63.920005] page:00000000f16aa132 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586d [ 63.920693] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 63.921307] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 63.922241] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 63.922773] page dumped because: kasan: bad access detected [ 63.923193] [ 63.923370] Memory state around the buggy address: [ 63.923784] ffff0000c586dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.924333] ffff0000c586de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 63.924902] >ffff0000c586de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.926244] ^ [ 63.926557] ffff0000c586df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.927108] ffff0000c586df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.927637] ================================================================== [ 63.876042] ================================================================== [ 63.876847] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x100/0x328 [ 63.877785] Write of size 1 at addr ffff0000c586de78 by task kunit_try_catch/118 [ 63.878805] [ 63.879081] CPU: 1 PID: 118 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 63.879879] Hardware name: linux,dummy-virt (DT) [ 63.880181] Call trace: [ 63.880412] dump_backtrace+0x110/0x120 [ 63.880844] show_stack+0x18/0x28 [ 63.881175] dump_stack_lvl+0x68/0x84 [ 63.881752] print_report+0x158/0x484 [ 63.882349] kasan_report+0x98/0xe0 [ 63.882851] __asan_store1+0x68/0x78 [ 63.883363] kmalloc_oob_right+0x100/0x328 [ 63.883951] kunit_try_run_case+0x7c/0x120 [ 63.884547] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.885269] kthread+0x1a4/0x1b8 [ 63.885746] ret_from_fork+0x10/0x20 [ 63.886222] [ 63.886394] Allocated by task 118: [ 63.886642] kasan_save_stack+0x2c/0x58 [ 63.886958] kasan_set_track+0x2c/0x40 [ 63.887276] kasan_save_alloc_info+0x24/0x38 [ 63.887750] __kasan_kmalloc+0xa0/0xb8 [ 63.888128] kmalloc_trace+0x50/0x68 [ 63.888517] kmalloc_oob_right+0xa8/0x328 [ 63.888902] kunit_try_run_case+0x7c/0x120 [ 63.889368] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.889975] kthread+0x1a4/0x1b8 [ 63.890279] ret_from_fork+0x10/0x20 [ 63.890585] [ 63.890745] The buggy address belongs to the object at ffff0000c586de00 [ 63.890745] which belongs to the cache kmalloc-128 of size 128 [ 63.891387] The buggy address is located 120 bytes inside of [ 63.891387] 128-byte region [ffff0000c586de00, ffff0000c586de80) [ 63.892006] [ 63.892162] The buggy address belongs to the physical page: [ 63.892579] page:00000000f16aa132 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586d [ 63.893126] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 63.893629] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 63.894626] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 63.895628] page dumped because: kasan: bad access detected [ 63.896271] [ 63.896514] Memory state around the buggy address: [ 63.897097] ffff0000c586dd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.897925] ffff0000c586dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.898874] >ffff0000c586de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 63.899729] ^ [ 63.900431] ffff0000c586de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.900864] ffff0000c586df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.901307] ================================================================== [ 63.843339] ================================================================== [ 63.844264] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xd4/0x328 [ 63.845371] Write of size 1 at addr ffff0000c586de73 by task kunit_try_catch/118 [ 63.846125] [ 63.846684] CPU: 1 PID: 118 Comm: kunit_try_catch Tainted: G N 6.1.146-rc1 #1 [ 63.847766] Hardware name: linux,dummy-virt (DT) [ 63.848278] Call trace: [ 63.848512] dump_backtrace+0x110/0x120 [ 63.848908] show_stack+0x18/0x28 [ 63.849256] dump_stack_lvl+0x68/0x84 [ 63.849627] print_report+0x158/0x484 [ 63.850305] kasan_report+0x98/0xe0 [ 63.850767] __asan_store1+0x68/0x78 [ 63.851154] kmalloc_oob_right+0xd4/0x328 [ 63.851685] kunit_try_run_case+0x7c/0x120 [ 63.852043] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.852669] kthread+0x1a4/0x1b8 [ 63.852971] ret_from_fork+0x10/0x20 [ 63.853403] [ 63.853609] Allocated by task 118: [ 63.854073] kasan_save_stack+0x2c/0x58 [ 63.854733] kasan_set_track+0x2c/0x40 [ 63.855264] kasan_save_alloc_info+0x24/0x38 [ 63.855844] __kasan_kmalloc+0xa0/0xb8 [ 63.856362] kmalloc_trace+0x50/0x68 [ 63.856868] kmalloc_oob_right+0xa8/0x328 [ 63.857481] kunit_try_run_case+0x7c/0x120 [ 63.858077] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.858812] kthread+0x1a4/0x1b8 [ 63.859292] ret_from_fork+0x10/0x20 [ 63.859849] [ 63.860150] The buggy address belongs to the object at ffff0000c586de00 [ 63.860150] which belongs to the cache kmalloc-128 of size 128 [ 63.860834] The buggy address is located 115 bytes inside of [ 63.860834] 128-byte region [ffff0000c586de00, ffff0000c586de80) [ 63.861651] [ 63.862251] The buggy address belongs to the physical page: [ 63.862756] page:00000000f16aa132 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586d [ 63.863732] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 63.864978] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 63.866029] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 63.866958] page dumped because: kasan: bad access detected [ 63.867642] [ 63.867898] Memory state around the buggy address: [ 63.868655] ffff0000c586dd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.869545] ffff0000c586dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.870524] >ffff0000c586de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 63.871340] ^ [ 63.872179] ffff0000c586de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.872894] ffff0000c586df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.873359] ==================================================================
[ 30.228966] ================================================================== [ 30.229459] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xfd/0x310 [ 30.229823] Write of size 1 at addr ffff8881030daf78 by task kunit_try_catch/224 [ 30.230136] [ 30.230297] CPU: 1 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 30.230772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.231354] Call Trace: [ 30.231520] <TASK> [ 30.231661] dump_stack_lvl+0x49/0x62 [ 30.231858] print_report+0x189/0x492 [ 30.232065] ? kasan_complete_mode_report_info+0x3c/0x200 [ 30.232489] ? kmalloc_oob_right+0xfd/0x310 [ 30.232750] kasan_report+0x10c/0x190 [ 30.232980] ? kmalloc_oob_right+0xfd/0x310 [ 30.233239] __asan_store1+0x65/0x70 [ 30.233565] kmalloc_oob_right+0xfd/0x310 [ 30.233817] ? kmalloc_oob_left+0x1e0/0x1e0 [ 30.234038] ? __kunit_add_resource+0xd1/0x100 [ 30.234365] kunit_try_run_case+0x8f/0xd0 [ 30.234648] ? kunit_catch_run_case+0x80/0x80 [ 30.234849] ? kunit_try_catch_throw+0x40/0x40 [ 30.235085] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 30.235494] kthread+0x17b/0x1b0 [ 30.235662] ? kthread_complete_and_exit+0x30/0x30 [ 30.236174] ret_from_fork+0x22/0x30 [ 30.236459] </TASK> [ 30.236593] [ 30.236693] Allocated by task 224: [ 30.236840] kasan_save_stack+0x41/0x70 [ 30.237073] kasan_set_track+0x25/0x40 [ 30.237362] kasan_save_alloc_info+0x1e/0x30 [ 30.237621] __kasan_kmalloc+0xb6/0xc0 [ 30.237844] kmalloc_trace+0x48/0xb0 [ 30.238027] kmalloc_oob_right+0x9b/0x310 [ 30.238339] kunit_try_run_case+0x8f/0xd0 [ 30.238595] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 30.238860] kthread+0x17b/0x1b0 [ 30.239041] ret_from_fork+0x22/0x30 [ 30.239233] [ 30.239320] The buggy address belongs to the object at ffff8881030daf00 [ 30.239320] which belongs to the cache kmalloc-128 of size 128 [ 30.239933] The buggy address is located 120 bytes inside of [ 30.239933] 128-byte region [ffff8881030daf00, ffff8881030daf80) [ 30.240588] [ 30.240751] The buggy address belongs to the physical page: [ 30.241013] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030da [ 30.241452] flags: 0x200000000000200(slab|node=0|zone=2) [ 30.241754] raw: 0200000000000200 0000000000000000 dead000000000122 ffff8881000418c0 [ 30.242169] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 30.242576] page dumped because: kasan: bad access detected [ 30.242785] [ 30.242871] Memory state around the buggy address: [ 30.243124] ffff8881030dae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.243764] ffff8881030dae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.244019] >ffff8881030daf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.244822] ^ [ 30.245745] ffff8881030daf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.246524] ffff8881030db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 30.246942] ================================================================== [ 30.200455] ================================================================== [ 30.201366] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xcb/0x310 [ 30.202474] Write of size 1 at addr ffff8881030daf73 by task kunit_try_catch/224 [ 30.203234] [ 30.203814] CPU: 1 PID: 224 Comm: kunit_try_catch Tainted: G N 6.1.146-rc1 #1 [ 30.204291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.205534] Call Trace: [ 30.205878] <TASK> [ 30.206126] dump_stack_lvl+0x49/0x62 [ 30.206796] print_report+0x189/0x492 [ 30.207290] ? kasan_complete_mode_report_info+0x3c/0x200 [ 30.207933] ? kmalloc_oob_right+0xcb/0x310 [ 30.208141] kasan_report+0x10c/0x190 [ 30.208575] ? kmalloc_oob_right+0xcb/0x310 [ 30.209100] __asan_store1+0x65/0x70 [ 30.209563] kmalloc_oob_right+0xcb/0x310 [ 30.209828] ? kmalloc_oob_left+0x1e0/0x1e0 [ 30.210303] ? __kunit_add_resource+0xd1/0x100 [ 30.210857] kunit_try_run_case+0x8f/0xd0 [ 30.211146] ? kunit_catch_run_case+0x80/0x80 [ 30.211668] ? kunit_try_catch_throw+0x40/0x40 [ 30.211885] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 30.212117] kthread+0x17b/0x1b0 [ 30.212438] ? kthread_complete_and_exit+0x30/0x30 [ 30.213002] ret_from_fork+0x22/0x30 [ 30.213508] </TASK> [ 30.213813] [ 30.214020] Allocated by task 224: [ 30.214509] kasan_save_stack+0x41/0x70 [ 30.214945] kasan_set_track+0x25/0x40 [ 30.215401] kasan_save_alloc_info+0x1e/0x30 [ 30.215668] __kasan_kmalloc+0xb6/0xc0 [ 30.215857] kmalloc_trace+0x48/0xb0 [ 30.216025] kmalloc_oob_right+0x9b/0x310 [ 30.216250] kunit_try_run_case+0x8f/0xd0 [ 30.216723] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 30.217289] kthread+0x17b/0x1b0 [ 30.217638] ret_from_fork+0x22/0x30 [ 30.217844] [ 30.217985] The buggy address belongs to the object at ffff8881030daf00 [ 30.217985] which belongs to the cache kmalloc-128 of size 128 [ 30.218996] The buggy address is located 115 bytes inside of [ 30.218996] 128-byte region [ffff8881030daf00, ffff8881030daf80) [ 30.220261] [ 30.220587] The buggy address belongs to the physical page: [ 30.221400] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030da [ 30.222722] flags: 0x200000000000200(slab|node=0|zone=2) [ 30.223885] raw: 0200000000000200 0000000000000000 dead000000000122 ffff8881000418c0 [ 30.224225] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 30.224575] page dumped because: kasan: bad access detected [ 30.224844] [ 30.224965] Memory state around the buggy address: [ 30.225453] ffff8881030dae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.225805] ffff8881030dae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.226173] >ffff8881030daf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.226529] ^ [ 30.226928] ffff8881030daf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.227309] ffff8881030db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 30.227736] ================================================================== [ 30.247945] ================================================================== [ 30.248364] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x132/0x310 [ 30.248753] Read of size 1 at addr ffff8881030daf80 by task kunit_try_catch/224 [ 30.249016] [ 30.249134] CPU: 1 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 30.249909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.250356] Call Trace: [ 30.250482] <TASK> [ 30.250663] dump_stack_lvl+0x49/0x62 [ 30.251067] print_report+0x189/0x492 [ 30.251493] ? kasan_complete_mode_report_info+0x3c/0x200 [ 30.251803] ? kmalloc_oob_right+0x132/0x310 [ 30.252047] kasan_report+0x10c/0x190 [ 30.252431] ? kmalloc_oob_right+0x132/0x310 [ 30.252737] __asan_load1+0x62/0x70 [ 30.252968] kmalloc_oob_right+0x132/0x310 [ 30.253249] ? kmalloc_oob_left+0x1e0/0x1e0 [ 30.253681] ? __kunit_add_resource+0xd1/0x100 [ 30.253929] kunit_try_run_case+0x8f/0xd0 [ 30.254233] ? kunit_catch_run_case+0x80/0x80 [ 30.254458] ? kunit_try_catch_throw+0x40/0x40 [ 30.254756] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 30.255123] kthread+0x17b/0x1b0 [ 30.255406] ? kthread_complete_and_exit+0x30/0x30 [ 30.255678] ret_from_fork+0x22/0x30 [ 30.255908] </TASK> [ 30.256055] [ 30.256224] Allocated by task 224: [ 30.256391] kasan_save_stack+0x41/0x70 [ 30.256639] kasan_set_track+0x25/0x40 [ 30.256850] kasan_save_alloc_info+0x1e/0x30 [ 30.257077] __kasan_kmalloc+0xb6/0xc0 [ 30.257419] kmalloc_trace+0x48/0xb0 [ 30.257600] kmalloc_oob_right+0x9b/0x310 [ 30.257782] kunit_try_run_case+0x8f/0xd0 [ 30.257964] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 30.258474] kthread+0x17b/0x1b0 [ 30.258681] ret_from_fork+0x22/0x30 [ 30.259069] [ 30.259204] The buggy address belongs to the object at ffff8881030daf00 [ 30.259204] which belongs to the cache kmalloc-128 of size 128 [ 30.260347] The buggy address is located 0 bytes to the right of [ 30.260347] 128-byte region [ffff8881030daf00, ffff8881030daf80) [ 30.261065] [ 30.261526] The buggy address belongs to the physical page: [ 30.261808] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030da [ 30.262449] flags: 0x200000000000200(slab|node=0|zone=2) [ 30.262908] raw: 0200000000000200 0000000000000000 dead000000000122 ffff8881000418c0 [ 30.263459] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 30.263843] page dumped because: kasan: bad access detected [ 30.264629] [ 30.264815] Memory state around the buggy address: [ 30.265570] ffff8881030dae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.266594] ffff8881030daf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.267422] >ffff8881030daf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.268078] ^ [ 30.268391] ffff8881030db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 30.269021] ffff8881030db080: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 30.269447] ==================================================================