Date
July 15, 2025, 2:10 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 106.035687] ================================================================== [ 106.038030] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xdc/0x260 [ 106.038681] Read of size 1 at addr ffff0000c65e00c8 by task kunit_try_catch/233 [ 106.039510] [ 106.039872] CPU: 1 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 106.040764] Hardware name: linux,dummy-virt (DT) [ 106.041384] Call trace: [ 106.041785] dump_backtrace+0xe0/0x134 [ 106.042364] show_stack+0x20/0x2c [ 106.042892] dump_stack_lvl+0x88/0xb4 [ 106.043343] print_report+0x158/0x44c [ 106.043769] kasan_report+0xc8/0x180 [ 106.044168] __asan_load1+0x68/0x74 [ 106.044973] kmem_cache_oob+0xdc/0x260 [ 106.045474] kunit_try_run_case+0x8c/0x124 [ 106.045939] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.046486] kthread+0x15c/0x170 [ 106.046892] ret_from_fork+0x10/0x20 [ 106.047373] [ 106.047599] Allocated by task 233: [ 106.047943] kasan_save_stack+0x3c/0x70 [ 106.048412] kasan_set_track+0x2c/0x40 [ 106.048853] kasan_save_alloc_info+0x24/0x34 [ 106.049328] __kasan_slab_alloc+0xa8/0xac [ 106.049783] kmem_cache_alloc+0x194/0x3b0 [ 106.050250] kmem_cache_oob+0xbc/0x260 [ 106.050680] kunit_try_run_case+0x8c/0x124 [ 106.051966] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.052882] kthread+0x15c/0x170 [ 106.053288] ret_from_fork+0x10/0x20 [ 106.053712] [ 106.053920] The buggy address belongs to the object at ffff0000c65e0000 [ 106.053920] which belongs to the cache test_cache of size 200 [ 106.054893] The buggy address is located 0 bytes to the right of [ 106.054893] 200-byte region [ffff0000c65e0000, ffff0000c65e00c8) [ 106.056033] [ 106.056315] The buggy address belongs to the physical page: [ 106.058253] page:000000006f441834 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065e0 [ 106.058878] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 106.059714] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c6446300 [ 106.060412] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 106.061209] page dumped because: kasan: bad access detected [ 106.061959] [ 106.062157] Memory state around the buggy address: [ 106.062519] ffff0000c65dff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.063424] ffff0000c65e0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.064352] >ffff0000c65e0080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 106.066125] ^ [ 106.066861] ffff0000c65e0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.067761] ffff0000c65e0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.068530] ==================================================================
[ 75.775864] ================================================================== [ 75.776789] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xb0/0x1cc [ 75.777554] Read of size 1 at addr ffff0000c59b50c8 by task kunit_try_catch/149 [ 75.778144] [ 75.778392] CPU: 1 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 75.779145] Hardware name: linux,dummy-virt (DT) [ 75.779554] Call trace: [ 75.779847] dump_backtrace+0xf8/0x118 [ 75.780352] show_stack+0x18/0x24 [ 75.781465] __dump_stack+0x28/0x38 [ 75.781945] dump_stack_lvl+0x54/0x6c [ 75.782386] print_address_description+0x7c/0x1ec [ 75.782921] print_report+0x50/0x68 [ 75.783354] kasan_report+0xac/0x100 [ 75.783837] __asan_load1+0x6c/0x70 [ 75.784291] kmem_cache_oob+0xb0/0x1cc [ 75.784750] kunit_try_run_case+0x80/0x184 [ 75.785222] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 75.785842] kthread+0x16c/0x21c [ 75.786284] ret_from_fork+0x10/0x20 [ 75.786696] [ 75.786911] Allocated by task 149: [ 75.787220] kasan_set_track+0x4c/0x80 [ 75.787767] kasan_save_alloc_info+0x28/0x34 [ 75.788227] __kasan_slab_alloc+0x58/0x70 [ 75.789338] slab_post_alloc_hook+0x70/0x2f4 [ 75.789842] kmem_cache_alloc+0x168/0x260 [ 75.790302] kmem_cache_oob+0x94/0x1cc [ 75.790728] kunit_try_run_case+0x80/0x184 [ 75.791236] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 75.791813] kthread+0x16c/0x21c [ 75.792225] ret_from_fork+0x10/0x20 [ 75.792655] [ 75.792856] The buggy address belongs to the object at ffff0000c59b5000 [ 75.792856] which belongs to the cache test_cache of size 200 [ 75.793774] The buggy address is located 0 bytes to the right of [ 75.793774] 200-byte region [ffff0000c59b5000, ffff0000c59b50c8) [ 75.794704] [ 75.794951] The buggy address belongs to the physical page: [ 75.795615] page:000000006008d4ec refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059b5 [ 75.796413] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 75.797829] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0f61c80 [ 75.798508] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 75.799126] page dumped because: kasan: bad access detected [ 75.799595] [ 75.799811] Memory state around the buggy address: [ 75.800249] ffff0000c59b4f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 75.800935] ffff0000c59b5000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 75.801519] >ffff0000c59b5080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 75.802124] ^ [ 75.802625] ffff0000c59b5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 75.803268] ffff0000c59b5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 75.803863] ==================================================================
[ 74.821072] ================================================================== [ 74.821972] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xb0/0x1cc [ 74.823215] Read of size 1 at addr ffff0000c3c320c8 by task kunit_try_catch/149 [ 74.824376] [ 74.824592] CPU: 1 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 74.825204] Hardware name: linux,dummy-virt (DT) [ 74.825554] Call trace: [ 74.826122] dump_backtrace+0xf4/0x114 [ 74.827007] show_stack+0x18/0x24 [ 74.827894] __dump_stack+0x28/0x38 [ 74.828902] dump_stack_lvl+0x50/0x68 [ 74.829622] print_address_description+0x7c/0x1ec [ 74.830609] print_report+0x50/0x68 [ 74.831417] kasan_report+0xac/0xfc [ 74.832320] __asan_load1+0x6c/0x70 [ 74.833193] kmem_cache_oob+0xb0/0x1cc [ 74.834054] kunit_try_run_case+0x80/0x184 [ 74.834965] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 74.836245] kthread+0x16c/0x21c [ 74.836985] ret_from_fork+0x10/0x20 [ 74.837879] [ 74.838343] Allocated by task 149: [ 74.838971] kasan_set_track+0x4c/0x80 [ 74.840245] kasan_save_alloc_info+0x28/0x34 [ 74.841079] __kasan_slab_alloc+0x58/0x70 [ 74.842005] slab_post_alloc_hook+0x70/0x2e8 [ 74.842927] kmem_cache_alloc+0x164/0x254 [ 74.843874] kmem_cache_oob+0x94/0x1cc [ 74.844647] kunit_try_run_case+0x80/0x184 [ 74.845341] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 74.846269] kthread+0x16c/0x21c [ 74.847008] ret_from_fork+0x10/0x20 [ 74.847905] [ 74.848493] The buggy address belongs to the object at ffff0000c3c32000 [ 74.848493] which belongs to the cache test_cache of size 200 [ 74.850267] The buggy address is located 0 bytes to the right of [ 74.850267] 200-byte region [ffff0000c3c32000, ffff0000c3c320c8) [ 74.851919] [ 74.852443] The buggy address belongs to the physical page: [ 74.853250] page:00000000cdc41bd8 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c32 [ 74.853917] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 74.854674] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c159e780 [ 74.855388] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 74.856276] page dumped because: kasan: bad access detected [ 74.857085] [ 74.857395] Memory state around the buggy address: [ 74.858055] ffff0000c3c31f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.858678] ffff0000c3c32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 74.859596] >ffff0000c3c32080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 74.860611] ^ [ 74.861747] ffff0000c3c32100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.862325] ffff0000c3c32180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.862851] ==================================================================
[ 73.406015] ================================================================== [ 73.407006] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xd4/0x250 [ 73.407835] Read of size 1 at addr ffff0000c59440c8 by task kunit_try_catch/149 [ 73.408804] [ 73.409128] CPU: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 73.409888] Hardware name: linux,dummy-virt (DT) [ 73.410331] Call trace: [ 73.410564] dump_backtrace.part.0+0xdc/0xf0 [ 73.410991] show_stack+0x18/0x30 [ 73.411348] dump_stack_lvl+0x64/0x80 [ 73.411711] print_report+0x158/0x438 [ 73.412077] kasan_report+0xb4/0xf4 [ 73.412426] __asan_load1+0x68/0x74 [ 73.413128] kmem_cache_oob+0xd4/0x250 [ 73.413724] kunit_try_run_case+0x84/0x120 [ 73.414715] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 73.415447] kthread+0x180/0x190 [ 73.415785] ret_from_fork+0x10/0x20 [ 73.416133] [ 73.416299] Allocated by task 149: [ 73.416791] kasan_save_stack+0x3c/0x70 [ 73.417375] kasan_set_track+0x2c/0x40 [ 73.417948] kasan_save_alloc_info+0x24/0x34 [ 73.418834] __kasan_slab_alloc+0x8c/0x90 [ 73.419666] kmem_cache_alloc+0x170/0x2c4 [ 73.420608] kmem_cache_oob+0xb4/0x250 [ 73.421310] kunit_try_run_case+0x84/0x120 [ 73.422468] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 73.423472] kthread+0x180/0x190 [ 73.424157] ret_from_fork+0x10/0x20 [ 73.424907] [ 73.425308] The buggy address belongs to the object at ffff0000c5944000 [ 73.425308] which belongs to the cache test_cache of size 200 [ 73.426448] The buggy address is located 0 bytes to the right of [ 73.426448] 200-byte region [ffff0000c5944000, ffff0000c59440c8) [ 73.427350] [ 73.427570] The buggy address belongs to the physical page: [ 73.428004] page:00000000b23089e8 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105944 [ 73.428770] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 73.429420] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c1398480 [ 73.430086] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 73.430688] page dumped because: kasan: bad access detected [ 73.431125] [ 73.431306] Memory state around the buggy address: [ 73.431741] ffff0000c5943f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.432342] ffff0000c5944000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 73.433008] >ffff0000c5944080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 73.433588] ^ [ 73.434225] ffff0000c5944100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.434843] ffff0000c5944180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.435426] ==================================================================
[ 64.913860] ================================================================== [ 64.915146] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xec/0x268 [ 64.915936] Read of size 1 at addr ffff0000c58b10c8 by task kunit_try_catch/147 [ 64.916733] [ 64.916994] CPU: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.918092] Hardware name: linux,dummy-virt (DT) [ 64.918812] Call trace: [ 64.919074] dump_backtrace+0x110/0x120 [ 64.919459] show_stack+0x18/0x28 [ 64.919792] dump_stack_lvl+0x68/0x84 [ 64.920138] print_report+0x158/0x484 [ 64.920460] kasan_report+0x98/0xe0 [ 64.920759] __asan_load1+0x68/0x78 [ 64.921056] kmem_cache_oob+0xec/0x268 [ 64.921685] kunit_try_run_case+0x7c/0x120 [ 64.922707] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.923440] kthread+0x1a4/0x1b8 [ 64.923925] ret_from_fork+0x10/0x20 [ 64.924451] [ 64.924691] Allocated by task 147: [ 64.924936] kasan_save_stack+0x2c/0x58 [ 64.925263] kasan_set_track+0x2c/0x40 [ 64.925861] kasan_save_alloc_info+0x24/0x38 [ 64.926480] __kasan_slab_alloc+0x74/0x90 [ 64.927023] slab_post_alloc_hook+0x6c/0x260 [ 64.927637] kmem_cache_alloc+0x164/0x270 [ 64.928214] kmem_cache_oob+0xc8/0x268 [ 64.928765] kunit_try_run_case+0x7c/0x120 [ 64.929351] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.930212] kthread+0x1a4/0x1b8 [ 64.930700] ret_from_fork+0x10/0x20 [ 64.931122] [ 64.931292] The buggy address belongs to the object at ffff0000c58b1000 [ 64.931292] which belongs to the cache test_cache of size 200 [ 64.931909] The buggy address is located 0 bytes to the right of [ 64.931909] 200-byte region [ffff0000c58b1000, ffff0000c58b10c8) [ 64.932921] [ 64.933168] The buggy address belongs to the physical page: [ 64.933862] page:00000000c4ca2d38 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058b1 [ 64.935308] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.936184] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c59c6000 [ 64.937076] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 64.938022] page dumped because: kasan: bad access detected [ 64.938708] [ 64.938954] Memory state around the buggy address: [ 64.939543] ffff0000c58b0f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 64.940383] ffff0000c58b1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.941191] >ffff0000c58b1080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 64.942150] ^ [ 64.942726] ffff0000c58b1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.943159] ffff0000c58b1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.943658] ==================================================================
[ 31.157489] ================================================================== [ 31.157982] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xe4/0x210 [ 31.158453] Read of size 1 at addr ffff88810349b0c8 by task kunit_try_catch/253 [ 31.158782] [ 31.158918] CPU: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 31.159431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.159892] Call Trace: [ 31.160140] <TASK> [ 31.160396] dump_stack_lvl+0x49/0x62 [ 31.160640] print_report+0x189/0x492 [ 31.160878] ? kasan_complete_mode_report_info+0x3c/0x200 [ 31.161259] ? kmem_cache_oob+0xe4/0x210 [ 31.161526] kasan_report+0x10c/0x190 [ 31.161811] ? kasan_set_track+0x25/0x40 [ 31.162193] ? kmem_cache_oob+0xe4/0x210 [ 31.162484] __asan_load1+0x62/0x70 [ 31.162814] kmem_cache_oob+0xe4/0x210 [ 31.163184] ? kmem_cache_double_free+0x1e0/0x1e0 [ 31.163430] ? __kunit_add_resource+0xd1/0x100 [ 31.163845] kunit_try_run_case+0x8f/0xd0 [ 31.164051] ? kunit_catch_run_case+0x80/0x80 [ 31.164313] ? kunit_try_catch_throw+0x40/0x40 [ 31.164654] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 31.165134] kthread+0x17b/0x1b0 [ 31.165444] ? kthread_complete_and_exit+0x30/0x30 [ 31.165820] ret_from_fork+0x22/0x30 [ 31.166121] </TASK> [ 31.166326] [ 31.166437] Allocated by task 253: [ 31.166692] kasan_save_stack+0x41/0x70 [ 31.166985] kasan_set_track+0x25/0x40 [ 31.167261] kasan_save_alloc_info+0x1e/0x30 [ 31.167447] __kasan_slab_alloc+0x90/0xa0 [ 31.167744] kmem_cache_alloc+0x150/0x370 [ 31.168137] kmem_cache_oob+0xbd/0x210 [ 31.168512] kunit_try_run_case+0x8f/0xd0 [ 31.168708] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 31.169013] kthread+0x17b/0x1b0 [ 31.169277] ret_from_fork+0x22/0x30 [ 31.169589] [ 31.169703] The buggy address belongs to the object at ffff88810349b000 [ 31.169703] which belongs to the cache test_cache of size 200 [ 31.170231] The buggy address is located 0 bytes to the right of [ 31.170231] 200-byte region [ffff88810349b000, ffff88810349b0c8) [ 31.170895] [ 31.171009] The buggy address belongs to the physical page: [ 31.171460] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10349b [ 31.171865] flags: 0x200000000000200(slab|node=0|zone=2) [ 31.172186] raw: 0200000000000200 0000000000000000 dead000000000122 ffff88810316c3c0 [ 31.172586] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 31.172916] page dumped because: kasan: bad access detected [ 31.173271] [ 31.173472] Memory state around the buggy address: [ 31.173757] ffff88810349af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.174075] ffff88810349b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.174534] >ffff88810349b080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 31.175072] ^ [ 31.175413] ffff88810349b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.175869] ffff88810349b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.176314] ==================================================================