Date
July 15, 2025, 2:10 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 107.054786] ================================================================== [ 107.055633] BUG: KASAN: slab-out-of-bounds in memcmp+0x44/0xd0 [ 107.056712] Read of size 1 at addr ffff0000c66ab318 by task kunit_try_catch/247 [ 107.058035] [ 107.058463] CPU: 1 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.059609] Hardware name: linux,dummy-virt (DT) [ 107.060259] Call trace: [ 107.060606] dump_backtrace+0xe0/0x134 [ 107.061007] show_stack+0x20/0x2c [ 107.061498] dump_stack_lvl+0x88/0xb4 [ 107.062174] print_report+0x158/0x44c [ 107.062786] kasan_report+0xc8/0x180 [ 107.063394] __asan_load1+0x68/0x74 [ 107.064009] memcmp+0x44/0xd0 [ 107.064686] kasan_memcmp+0x100/0x210 [ 107.065678] kunit_try_run_case+0x8c/0x124 [ 107.066323] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.066925] kthread+0x15c/0x170 [ 107.067607] ret_from_fork+0x10/0x20 [ 107.068248] [ 107.068700] Allocated by task 247: [ 107.069506] kasan_save_stack+0x3c/0x70 [ 107.070243] kasan_set_track+0x2c/0x40 [ 107.070867] kasan_save_alloc_info+0x24/0x34 [ 107.071639] __kasan_kmalloc+0xd4/0xe0 [ 107.072341] kmalloc_trace+0x8c/0x150 [ 107.073118] kasan_memcmp+0xbc/0x210 [ 107.073776] kunit_try_run_case+0x8c/0x124 [ 107.074200] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.074687] kthread+0x15c/0x170 [ 107.075483] ret_from_fork+0x10/0x20 [ 107.076093] [ 107.076485] The buggy address belongs to the object at ffff0000c66ab300 [ 107.076485] which belongs to the cache kmalloc-128 of size 128 [ 107.078256] The buggy address is located 24 bytes inside of [ 107.078256] 128-byte region [ffff0000c66ab300, ffff0000c66ab380) [ 107.080024] [ 107.080422] The buggy address belongs to the physical page: [ 107.081324] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.082550] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.083709] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.084827] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.085840] page dumped because: kasan: bad access detected [ 107.086227] [ 107.086406] Memory state around the buggy address: [ 107.086788] ffff0000c66ab200: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.087956] ffff0000c66ab280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.088969] >ffff0000c66ab300: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.089900] ^ [ 107.090502] ffff0000c66ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.091417] ffff0000c66ab400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.092298] ==================================================================
[ 76.766266] ================================================================== [ 76.766988] BUG: KASAN: slab-out-of-bounds in memcmp+0x8c/0xd8 [ 76.768004] Read of size 1 at addr ffff0000c5a87618 by task kunit_try_catch/163 [ 76.768806] [ 76.769166] CPU: 1 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 76.770046] Hardware name: linux,dummy-virt (DT) [ 76.770625] Call trace: [ 76.770958] dump_backtrace+0xf8/0x118 [ 76.771482] show_stack+0x18/0x24 [ 76.771984] __dump_stack+0x28/0x38 [ 76.772488] dump_stack_lvl+0x54/0x6c [ 76.773135] print_address_description+0x7c/0x1ec [ 76.773953] print_report+0x50/0x68 [ 76.774432] kasan_report+0xac/0x100 [ 76.774914] __asan_load1+0x6c/0x70 [ 76.775346] memcmp+0x8c/0xd8 [ 76.775719] kasan_memcmp+0xc8/0x178 [ 76.776169] kunit_try_run_case+0x80/0x184 [ 76.776654] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.777228] kthread+0x16c/0x21c [ 76.777631] ret_from_fork+0x10/0x20 [ 76.778109] [ 76.778378] Allocated by task 163: [ 76.778798] kasan_set_track+0x4c/0x80 [ 76.779225] kasan_save_alloc_info+0x28/0x34 [ 76.779632] __kasan_kmalloc+0x88/0xa0 [ 76.780288] kmalloc_trace+0x54/0x68 [ 76.780924] kasan_memcmp+0x58/0x178 [ 76.781558] kunit_try_run_case+0x80/0x184 [ 76.782471] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 76.783296] kthread+0x16c/0x21c [ 76.783875] ret_from_fork+0x10/0x20 [ 76.784458] [ 76.784734] The buggy address belongs to the object at ffff0000c5a87600 [ 76.784734] which belongs to the cache kmalloc-128 of size 128 [ 76.786132] The buggy address is located 24 bytes inside of [ 76.786132] 128-byte region [ffff0000c5a87600, ffff0000c5a87680) [ 76.787464] [ 76.787737] The buggy address belongs to the physical page: [ 76.788301] page:000000005da1e2c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a87 [ 76.789885] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 76.790847] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 76.791809] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 76.792302] page dumped because: kasan: bad access detected [ 76.792674] [ 76.792955] Memory state around the buggy address: [ 76.793566] ffff0000c5a87500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 76.794447] ffff0000c5a87580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.795345] >ffff0000c5a87600: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.796206] ^ [ 76.797360] ffff0000c5a87680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.798271] ffff0000c5a87700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 76.799130] ==================================================================
[ 75.877435] ================================================================== [ 75.878180] BUG: KASAN: slab-out-of-bounds in memcmp+0x8c/0xd8 [ 75.878666] Read of size 1 at addr ffff0000c58a3b18 by task kunit_try_catch/163 [ 75.879775] [ 75.880121] CPU: 1 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 75.881222] Hardware name: linux,dummy-virt (DT) [ 75.881873] Call trace: [ 75.882276] dump_backtrace+0xf4/0x114 [ 75.882957] show_stack+0x18/0x24 [ 75.883578] __dump_stack+0x28/0x38 [ 75.884347] dump_stack_lvl+0x50/0x68 [ 75.884986] print_address_description+0x7c/0x1ec [ 75.885772] print_report+0x50/0x68 [ 75.886409] kasan_report+0xac/0xfc [ 75.887047] __asan_load1+0x6c/0x70 [ 75.887685] memcmp+0x8c/0xd8 [ 75.888272] kasan_memcmp+0xc8/0x178 [ 75.888888] kunit_try_run_case+0x80/0x184 [ 75.889432] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 75.890195] kthread+0x16c/0x21c [ 75.890779] ret_from_fork+0x10/0x20 [ 75.891362] [ 75.891634] Allocated by task 163: [ 75.892221] kasan_set_track+0x4c/0x80 [ 75.892894] kasan_save_alloc_info+0x28/0x34 [ 75.893547] __kasan_kmalloc+0x88/0xa0 [ 75.894189] kmalloc_trace+0x54/0x68 [ 75.894615] kasan_memcmp+0x58/0x178 [ 75.895020] kunit_try_run_case+0x80/0x184 [ 75.895441] kunit_generic_run_threadfn_adapter+0x30/0x4c [ 75.896342] kthread+0x16c/0x21c [ 75.896954] ret_from_fork+0x10/0x20 [ 75.897547] [ 75.897834] The buggy address belongs to the object at ffff0000c58a3b00 [ 75.897834] which belongs to the cache kmalloc-128 of size 128 [ 75.899235] The buggy address is located 24 bytes inside of [ 75.899235] 128-byte region [ffff0000c58a3b00, ffff0000c58a3b80) [ 75.900731] [ 75.901135] The buggy address belongs to the physical page: [ 75.901871] page:000000002b58a59c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a3 [ 75.902999] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 75.904045] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 75.905044] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 75.905779] page dumped because: kasan: bad access detected [ 75.906459] [ 75.906730] Memory state around the buggy address: [ 75.907258] ffff0000c58a3a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 75.908029] ffff0000c58a3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 75.909021] >ffff0000c58a3b00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 75.909907] ^ [ 75.910471] ffff0000c58a3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 75.911370] ffff0000c58a3c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 75.912285] ==================================================================
[ 74.474977] ================================================================== [ 74.476084] BUG: KASAN: slab-out-of-bounds in memcmp+0x44/0xd0 [ 74.476949] Read of size 1 at addr ffff0000c5840618 by task kunit_try_catch/163 [ 74.477609] [ 74.478410] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 74.479119] Hardware name: linux,dummy-virt (DT) [ 74.479556] Call trace: [ 74.479816] dump_backtrace.part.0+0xdc/0xf0 [ 74.480332] show_stack+0x18/0x30 [ 74.480765] dump_stack_lvl+0x64/0x80 [ 74.481198] print_report+0x158/0x438 [ 74.481654] kasan_report+0xb4/0xf4 [ 74.482331] __asan_load1+0x68/0x74 [ 74.482760] memcmp+0x44/0xd0 [ 74.483145] kasan_memcmp+0xf4/0x200 [ 74.483617] kunit_try_run_case+0x84/0x120 [ 74.484229] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 74.484749] kthread+0x180/0x190 [ 74.485069] ret_from_fork+0x10/0x20 [ 74.485435] [ 74.485692] Allocated by task 163: [ 74.486687] kasan_save_stack+0x3c/0x70 [ 74.487263] kasan_set_track+0x2c/0x40 [ 74.487820] kasan_save_alloc_info+0x24/0x34 [ 74.488452] __kasan_kmalloc+0xb8/0xc0 [ 74.488998] kmalloc_trace+0x58/0x6c [ 74.489552] kasan_memcmp+0xb0/0x200 [ 74.490426] kunit_try_run_case+0x84/0x120 [ 74.491046] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 74.491803] kthread+0x180/0x190 [ 74.492301] ret_from_fork+0x10/0x20 [ 74.492665] [ 74.492836] The buggy address belongs to the object at ffff0000c5840600 [ 74.492836] which belongs to the cache kmalloc-128 of size 128 [ 74.493696] The buggy address is located 24 bytes inside of [ 74.493696] 128-byte region [ffff0000c5840600, ffff0000c5840680) [ 74.495544] [ 74.495819] The buggy address belongs to the physical page: [ 74.496490] page:0000000081b5a301 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105840 [ 74.497553] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 74.498735] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 74.499844] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 74.500320] page dumped because: kasan: bad access detected [ 74.501228] [ 74.501565] Memory state around the buggy address: [ 74.502307] ffff0000c5840500: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.503445] ffff0000c5840580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.504368] >ffff0000c5840600: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.505244] ^ [ 74.506108] ffff0000c5840680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.506774] ffff0000c5840700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.507267] ==================================================================
[ 65.914021] ================================================================== [ 65.914834] BUG: KASAN: slab-out-of-bounds in memcmp+0x34/0xe0 [ 65.915357] Read of size 1 at addr ffff0000c586c318 by task kunit_try_catch/161 [ 65.915966] [ 65.916171] CPU: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.916789] Hardware name: linux,dummy-virt (DT) [ 65.917251] Call trace: [ 65.917504] dump_backtrace+0x110/0x120 [ 65.918051] show_stack+0x18/0x28 [ 65.918470] dump_stack_lvl+0x68/0x84 [ 65.918898] print_report+0x158/0x484 [ 65.919287] kasan_report+0x98/0xe0 [ 65.919667] __asan_load1+0x68/0x78 [ 65.920021] memcmp+0x34/0xe0 [ 65.920385] kasan_memcmp+0x104/0x210 [ 65.920802] kunit_try_run_case+0x7c/0x120 [ 65.921261] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.921859] kthread+0x1a4/0x1b8 [ 65.922321] ret_from_fork+0x10/0x20 [ 65.922695] [ 65.922922] Allocated by task 161: [ 65.923244] kasan_save_stack+0x2c/0x58 [ 65.923671] kasan_set_track+0x2c/0x40 [ 65.924058] kasan_save_alloc_info+0x24/0x38 [ 65.924518] __kasan_kmalloc+0xa0/0xb8 [ 65.924908] kmalloc_trace+0x50/0x68 [ 65.925308] kasan_memcmp+0xb8/0x210 [ 65.925884] kunit_try_run_case+0x7c/0x120 [ 65.926344] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.926903] kthread+0x1a4/0x1b8 [ 65.927267] ret_from_fork+0x10/0x20 [ 65.927663] [ 65.927851] The buggy address belongs to the object at ffff0000c586c300 [ 65.927851] which belongs to the cache kmalloc-128 of size 128 [ 65.928710] The buggy address is located 24 bytes inside of [ 65.928710] 128-byte region [ffff0000c586c300, ffff0000c586c380) [ 65.929718] [ 65.929894] The buggy address belongs to the physical page: [ 65.930303] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 65.931059] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 65.931790] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 65.932400] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 65.932993] page dumped because: kasan: bad access detected [ 65.933591] [ 65.933781] Memory state around the buggy address: [ 65.934160] ffff0000c586c200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.934739] ffff0000c586c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.935307] >ffff0000c586c300: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.935834] ^ [ 65.936191] ffff0000c586c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.936750] ffff0000c586c400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.937296] ==================================================================
[ 32.051953] ================================================================== [ 32.052771] BUG: KASAN: slab-out-of-bounds in memcmp+0x39/0xb0 [ 32.053095] Read of size 1 at addr ffff888103734198 by task kunit_try_catch/267 [ 32.053606] [ 32.053956] CPU: 1 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 32.054480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.054997] Call Trace: [ 32.055337] <TASK> [ 32.055593] dump_stack_lvl+0x49/0x62 [ 32.055947] print_report+0x189/0x492 [ 32.056339] ? kasan_complete_mode_report_info+0x3c/0x200 [ 32.056742] ? memcmp+0x39/0xb0 [ 32.057058] kasan_report+0x10c/0x190 [ 32.057424] ? memcmp+0x39/0xb0 [ 32.057662] __asan_load1+0x62/0x70 [ 32.057846] memcmp+0x39/0xb0 [ 32.058034] kasan_memcmp+0x127/0x260 [ 32.058565] ? kmalloc_oob_in_memset+0x1d0/0x1d0 [ 32.058933] ? preempt_count_sub+0x4c/0x70 [ 32.059346] kunit_try_run_case+0x8f/0xd0 [ 32.059690] ? kunit_catch_run_case+0x80/0x80 [ 32.060032] ? kunit_try_catch_throw+0x40/0x40 [ 32.060444] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 32.060852] kthread+0x17b/0x1b0 [ 32.061180] ? kthread_complete_and_exit+0x30/0x30 [ 32.061573] ret_from_fork+0x22/0x30 [ 32.061910] </TASK> [ 32.062215] [ 32.062335] Allocated by task 267: [ 32.062541] kasan_save_stack+0x41/0x70 [ 32.062906] kasan_set_track+0x25/0x40 [ 32.063234] kasan_save_alloc_info+0x1e/0x30 [ 32.063597] __kasan_kmalloc+0xb6/0xc0 [ 32.063840] kmalloc_trace+0x48/0xb0 [ 32.064033] kasan_memcmp+0xd8/0x260 [ 32.064479] kunit_try_run_case+0x8f/0xd0 [ 32.064717] kunit_generic_run_threadfn_adapter+0x2f/0x50 [ 32.065088] kthread+0x17b/0x1b0 [ 32.065406] ret_from_fork+0x22/0x30 [ 32.065731] [ 32.065934] The buggy address belongs to the object at ffff888103734180 [ 32.065934] which belongs to the cache kmalloc-32 of size 32 [ 32.066625] The buggy address is located 24 bytes inside of [ 32.066625] 32-byte region [ffff888103734180, ffff8881037341a0) [ 32.067077] [ 32.067206] The buggy address belongs to the physical page: [ 32.067507] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103734 [ 32.068302] flags: 0x200000000000200(slab|node=0|zone=2) [ 32.068609] raw: 0200000000000200 0000000000000000 dead000000000122 ffff888100041500 [ 32.068967] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 32.069504] page dumped because: kasan: bad access detected [ 32.069866] [ 32.069979] Memory state around the buggy address: [ 32.070433] ffff888103734080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 32.070861] ffff888103734100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 32.071321] >ffff888103734180: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.071792] ^ [ 32.072095] ffff888103734200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.072637] ffff888103734280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.073065] ==================================================================