Date
June 2, 2025, 2:11 p.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 |
[ 28.546978] ================================================================== [ 28.556558] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 28.563938] Read of size 1 at addr ffff000802408573 by task kunit_try_catch/241 [ 28.571224] [ 28.572710] CPU: 5 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 28.572763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.572779] Hardware name: WinLink E850-96 board (DT) [ 28.572803] Call trace: [ 28.572816] show_stack+0x20/0x38 (C) [ 28.572854] dump_stack_lvl+0x8c/0xd0 [ 28.572892] print_report+0x118/0x608 [ 28.572920] kasan_report+0xdc/0x128 [ 28.572951] __asan_report_load1_noabort+0x20/0x30 [ 28.572986] ksize_unpoisons_memory+0x628/0x740 [ 28.573020] kunit_try_run_case+0x170/0x3f0 [ 28.573057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.573096] kthread+0x328/0x630 [ 28.573133] ret_from_fork+0x10/0x20 [ 28.573168] [ 28.635895] Allocated by task 241: [ 28.639280] kasan_save_stack+0x3c/0x68 [ 28.643097] kasan_save_track+0x20/0x40 [ 28.646917] kasan_save_alloc_info+0x40/0x58 [ 28.651170] __kasan_kmalloc+0xd4/0xd8 [ 28.654903] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.659417] ksize_unpoisons_memory+0xc0/0x740 [ 28.663844] kunit_try_run_case+0x170/0x3f0 [ 28.668010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.673480] kthread+0x328/0x630 [ 28.676691] ret_from_fork+0x10/0x20 [ 28.680250] [ 28.681727] The buggy address belongs to the object at ffff000802408500 [ 28.681727] which belongs to the cache kmalloc-128 of size 128 [ 28.694227] The buggy address is located 0 bytes to the right of [ 28.694227] allocated 115-byte region [ffff000802408500, ffff000802408573) [ 28.707159] [ 28.708638] The buggy address belongs to the physical page: [ 28.714195] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882408 [ 28.722180] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 28.729817] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 28.736762] page_type: f5(slab) [ 28.739899] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 28.747617] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.755343] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 28.763154] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.770967] head: 0bfffe0000000001 fffffdffe0090201 00000000ffffffff 00000000ffffffff [ 28.778779] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 28.786585] page dumped because: kasan: bad access detected [ 28.792140] [ 28.793616] Memory state around the buggy address: [ 28.798396] ffff000802408400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.805601] ffff000802408480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.812803] >ffff000802408500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.820005] ^ [ 28.826865] ffff000802408580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.834072] ffff000802408600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.841274] ================================================================== [ 29.148098] ================================================================== [ 29.155073] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 29.162448] Read of size 1 at addr ffff00080240857f by task kunit_try_catch/241 [ 29.169739] [ 29.171226] CPU: 5 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 29.171276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.171291] Hardware name: WinLink E850-96 board (DT) [ 29.171312] Call trace: [ 29.171323] show_stack+0x20/0x38 (C) [ 29.171356] dump_stack_lvl+0x8c/0xd0 [ 29.171389] print_report+0x118/0x608 [ 29.171419] kasan_report+0xdc/0x128 [ 29.171447] __asan_report_load1_noabort+0x20/0x30 [ 29.171481] ksize_unpoisons_memory+0x690/0x740 [ 29.171514] kunit_try_run_case+0x170/0x3f0 [ 29.171549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.171586] kthread+0x328/0x630 [ 29.171620] ret_from_fork+0x10/0x20 [ 29.171652] [ 29.234408] Allocated by task 241: [ 29.237796] kasan_save_stack+0x3c/0x68 [ 29.241614] kasan_save_track+0x20/0x40 [ 29.245433] kasan_save_alloc_info+0x40/0x58 [ 29.249686] __kasan_kmalloc+0xd4/0xd8 [ 29.253418] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.257932] ksize_unpoisons_memory+0xc0/0x740 [ 29.262359] kunit_try_run_case+0x170/0x3f0 [ 29.266526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.271994] kthread+0x328/0x630 [ 29.275206] ret_from_fork+0x10/0x20 [ 29.278765] [ 29.280242] The buggy address belongs to the object at ffff000802408500 [ 29.280242] which belongs to the cache kmalloc-128 of size 128 [ 29.292742] The buggy address is located 12 bytes to the right of [ 29.292742] allocated 115-byte region [ffff000802408500, ffff000802408573) [ 29.305761] [ 29.307239] The buggy address belongs to the physical page: [ 29.312795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882408 [ 29.320779] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 29.328419] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 29.335363] page_type: f5(slab) [ 29.338495] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 29.346219] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.353945] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 29.361756] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.369569] head: 0bfffe0000000001 fffffdffe0090201 00000000ffffffff 00000000ffffffff [ 29.377381] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 29.385187] page dumped because: kasan: bad access detected [ 29.390743] [ 29.392218] Memory state around the buggy address: [ 29.396999] ffff000802408400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.404201] ffff000802408480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.411406] >ffff000802408500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 29.418607] ^ [ 29.425728] ffff000802408580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.432934] ffff000802408600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.440135] ================================================================== [ 28.848597] ================================================================== [ 28.855688] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 28.863061] Read of size 1 at addr ffff000802408578 by task kunit_try_catch/241 [ 28.870352] [ 28.871838] CPU: 5 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 28.871889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.871905] Hardware name: WinLink E850-96 board (DT) [ 28.871924] Call trace: [ 28.871935] show_stack+0x20/0x38 (C) [ 28.871971] dump_stack_lvl+0x8c/0xd0 [ 28.872005] print_report+0x118/0x608 [ 28.872036] kasan_report+0xdc/0x128 [ 28.872063] __asan_report_load1_noabort+0x20/0x30 [ 28.872098] ksize_unpoisons_memory+0x618/0x740 [ 28.872134] kunit_try_run_case+0x170/0x3f0 [ 28.872168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.872203] kthread+0x328/0x630 [ 28.872239] ret_from_fork+0x10/0x20 [ 28.872272] [ 28.935020] Allocated by task 241: [ 28.938408] kasan_save_stack+0x3c/0x68 [ 28.942225] kasan_save_track+0x20/0x40 [ 28.946045] kasan_save_alloc_info+0x40/0x58 [ 28.950298] __kasan_kmalloc+0xd4/0xd8 [ 28.954030] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.958544] ksize_unpoisons_memory+0xc0/0x740 [ 28.962971] kunit_try_run_case+0x170/0x3f0 [ 28.967138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.972607] kthread+0x328/0x630 [ 28.975818] ret_from_fork+0x10/0x20 [ 28.979377] [ 28.980854] The buggy address belongs to the object at ffff000802408500 [ 28.980854] which belongs to the cache kmalloc-128 of size 128 [ 28.993354] The buggy address is located 5 bytes to the right of [ 28.993354] allocated 115-byte region [ffff000802408500, ffff000802408573) [ 29.006287] [ 29.007766] The buggy address belongs to the physical page: [ 29.013322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882408 [ 29.021307] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 29.028944] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 29.035888] page_type: f5(slab) [ 29.039022] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 29.046744] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.054470] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 29.062282] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.070095] head: 0bfffe0000000001 fffffdffe0090201 00000000ffffffff 00000000ffffffff [ 29.077907] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 29.085712] page dumped because: kasan: bad access detected [ 29.091268] [ 29.092743] Memory state around the buggy address: [ 29.097525] ffff000802408400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.104726] ffff000802408480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.111931] >ffff000802408500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 29.119132] ^ [ 29.126254] ffff000802408580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.133460] ffff000802408600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.140660] ==================================================================
[ 19.204282] ================================================================== [ 19.204342] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 19.204752] Read of size 1 at addr fff00000c3f75873 by task kunit_try_catch/197 [ 19.204925] [ 19.204961] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B W N 6.15.1-rc1 #1 PREEMPT [ 19.207434] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 19.207491] Hardware name: linux,dummy-virt (DT) [ 19.207524] Call trace: [ 19.207549] show_stack+0x20/0x38 (C) [ 19.207605] dump_stack_lvl+0x8c/0xd0 [ 19.207652] print_report+0x118/0x608 [ 19.207700] kasan_report+0xdc/0x128 [ 19.207746] __asan_report_load1_noabort+0x20/0x30 [ 19.207798] ksize_unpoisons_memory+0x628/0x740 [ 19.207849] kunit_try_run_case+0x170/0x3f0 [ 19.207900] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.207959] kthread+0x328/0x630 [ 19.208005] ret_from_fork+0x10/0x20 [ 19.208058] [ 19.208075] Allocated by task 197: [ 19.208105] kasan_save_stack+0x3c/0x68 [ 19.208143] kasan_save_track+0x20/0x40 [ 19.208180] kasan_save_alloc_info+0x40/0x58 [ 19.208219] __kasan_kmalloc+0xd4/0xd8 [ 19.208258] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.208300] ksize_unpoisons_memory+0xc0/0x740 [ 19.208342] kunit_try_run_case+0x170/0x3f0 [ 19.208393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.208439] kthread+0x328/0x630 [ 19.208474] ret_from_fork+0x10/0x20 [ 19.208511] [ 19.208531] The buggy address belongs to the object at fff00000c3f75800 [ 19.208531] which belongs to the cache kmalloc-128 of size 128 [ 19.208588] The buggy address is located 0 bytes to the right of [ 19.208588] allocated 115-byte region [fff00000c3f75800, fff00000c3f75873) [ 19.208652] [ 19.208671] The buggy address belongs to the physical page: [ 19.208702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f75 [ 19.208755] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.208803] page_type: f5(slab) [ 19.208843] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.208894] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.208936] page dumped because: kasan: bad access detected [ 19.208966] [ 19.208984] Memory state around the buggy address: [ 19.209016] fff00000c3f75700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.209059] fff00000c3f75780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.209104] >fff00000c3f75800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.209142] ^ [ 19.209182] fff00000c3f75880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.209225] fff00000c3f75900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.209265] ================================================================== [ 19.214928] ================================================================== [ 19.214995] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 19.215085] Read of size 1 at addr fff00000c3f7587f by task kunit_try_catch/197 [ 19.215180] [ 19.215208] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B W N 6.15.1-rc1 #1 PREEMPT [ 19.215291] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 19.215320] Hardware name: linux,dummy-virt (DT) [ 19.215364] Call trace: [ 19.215415] show_stack+0x20/0x38 (C) [ 19.215469] dump_stack_lvl+0x8c/0xd0 [ 19.215518] print_report+0x118/0x608 [ 19.215563] kasan_report+0xdc/0x128 [ 19.215607] __asan_report_load1_noabort+0x20/0x30 [ 19.215681] ksize_unpoisons_memory+0x690/0x740 [ 19.215741] kunit_try_run_case+0x170/0x3f0 [ 19.215800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.215867] kthread+0x328/0x630 [ 19.215912] ret_from_fork+0x10/0x20 [ 19.215985] [ 19.216005] Allocated by task 197: [ 19.216031] kasan_save_stack+0x3c/0x68 [ 19.216089] kasan_save_track+0x20/0x40 [ 19.216126] kasan_save_alloc_info+0x40/0x58 [ 19.216171] __kasan_kmalloc+0xd4/0xd8 [ 19.216207] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.216266] ksize_unpoisons_memory+0xc0/0x740 [ 19.216333] kunit_try_run_case+0x170/0x3f0 [ 19.216387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.216432] kthread+0x328/0x630 [ 19.216468] ret_from_fork+0x10/0x20 [ 19.216535] [ 19.216574] The buggy address belongs to the object at fff00000c3f75800 [ 19.216574] which belongs to the cache kmalloc-128 of size 128 [ 19.216670] The buggy address is located 12 bytes to the right of [ 19.216670] allocated 115-byte region [fff00000c3f75800, fff00000c3f75873) [ 19.216800] [ 19.216827] The buggy address belongs to the physical page: [ 19.216858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f75 [ 19.216936] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.217155] page_type: f5(slab) [ 19.217226] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.217296] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.217471] page dumped because: kasan: bad access detected [ 19.217502] [ 19.217838] Memory state around the buggy address: [ 19.217903] fff00000c3f75700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.217960] fff00000c3f75780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.218003] >fff00000c3f75800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.218041] ^ [ 19.218083] fff00000c3f75880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.218133] fff00000c3f75900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.218181] ================================================================== [ 19.210020] ================================================================== [ 19.210069] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 19.210122] Read of size 1 at addr fff00000c3f75878 by task kunit_try_catch/197 [ 19.210172] [ 19.210201] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B W N 6.15.1-rc1 #1 PREEMPT [ 19.210284] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 19.210313] Hardware name: linux,dummy-virt (DT) [ 19.210345] Call trace: [ 19.210386] show_stack+0x20/0x38 (C) [ 19.210434] dump_stack_lvl+0x8c/0xd0 [ 19.210483] print_report+0x118/0x608 [ 19.210714] kasan_report+0xdc/0x128 [ 19.210864] __asan_report_load1_noabort+0x20/0x30 [ 19.211145] ksize_unpoisons_memory+0x618/0x740 [ 19.211270] kunit_try_run_case+0x170/0x3f0 [ 19.211417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.211531] kthread+0x328/0x630 [ 19.211589] ret_from_fork+0x10/0x20 [ 19.211750] [ 19.211799] Allocated by task 197: [ 19.211828] kasan_save_stack+0x3c/0x68 [ 19.212050] kasan_save_track+0x20/0x40 [ 19.212208] kasan_save_alloc_info+0x40/0x58 [ 19.212308] __kasan_kmalloc+0xd4/0xd8 [ 19.212420] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.212532] ksize_unpoisons_memory+0xc0/0x740 [ 19.212620] kunit_try_run_case+0x170/0x3f0 [ 19.212787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.212895] kthread+0x328/0x630 [ 19.213058] ret_from_fork+0x10/0x20 [ 19.213165] [ 19.213186] The buggy address belongs to the object at fff00000c3f75800 [ 19.213186] which belongs to the cache kmalloc-128 of size 128 [ 19.213502] The buggy address is located 5 bytes to the right of [ 19.213502] allocated 115-byte region [fff00000c3f75800, fff00000c3f75873) [ 19.213580] [ 19.213600] The buggy address belongs to the physical page: [ 19.213630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f75 [ 19.213682] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.213729] page_type: f5(slab) [ 19.213767] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.213818] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.213861] page dumped because: kasan: bad access detected [ 19.213892] [ 19.213911] Memory state around the buggy address: [ 19.213943] fff00000c3f75700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.213987] fff00000c3f75780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.214031] >fff00000c3f75800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.214069] ^ [ 19.214110] fff00000c3f75880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.214153] fff00000c3f75900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.214192] ==================================================================
[ 17.125145] ================================================================== [ 17.125773] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.126066] Read of size 1 at addr ffff888101de5678 by task kunit_try_catch/215 [ 17.126280] [ 17.126412] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.126498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.126518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.126551] Call Trace: [ 17.126586] <TASK> [ 17.126619] dump_stack_lvl+0x73/0xb0 [ 17.126673] print_report+0xd1/0x650 [ 17.126709] ? __virt_addr_valid+0x1db/0x2d0 [ 17.126746] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.126824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.126878] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.126924] kasan_report+0x141/0x180 [ 17.126970] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.127026] __asan_report_load1_noabort+0x18/0x20 [ 17.127070] ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.127135] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.127185] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.127252] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.127307] kunit_try_run_case+0x1a5/0x480 [ 17.127354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.127407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.127469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.127515] ? __kthread_parkme+0x82/0x180 [ 17.127564] ? preempt_count_sub+0x50/0x80 [ 17.127618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.127670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.127713] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.127774] kthread+0x337/0x6f0 [ 17.127815] ? trace_preempt_on+0x20/0xc0 [ 17.127870] ? __pfx_kthread+0x10/0x10 [ 17.127914] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.127960] ? calculate_sigpending+0x7b/0xa0 [ 17.128000] ? __pfx_kthread+0x10/0x10 [ 17.128035] ret_from_fork+0x41/0x80 [ 17.128079] ? __pfx_kthread+0x10/0x10 [ 17.128116] ret_from_fork_asm+0x1a/0x30 [ 17.128179] </TASK> [ 17.128207] [ 17.140717] Allocated by task 215: [ 17.141499] kasan_save_stack+0x45/0x70 [ 17.141956] kasan_save_track+0x18/0x40 [ 17.142314] kasan_save_alloc_info+0x3b/0x50 [ 17.142773] __kasan_kmalloc+0xb7/0xc0 [ 17.142984] __kmalloc_cache_noprof+0x189/0x420 [ 17.143364] ksize_unpoisons_memory+0xc7/0x9b0 [ 17.143669] kunit_try_run_case+0x1a5/0x480 [ 17.144054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.144446] kthread+0x337/0x6f0 [ 17.144822] ret_from_fork+0x41/0x80 [ 17.145239] ret_from_fork_asm+0x1a/0x30 [ 17.145571] [ 17.145729] The buggy address belongs to the object at ffff888101de5600 [ 17.145729] which belongs to the cache kmalloc-128 of size 128 [ 17.146375] The buggy address is located 5 bytes to the right of [ 17.146375] allocated 115-byte region [ffff888101de5600, ffff888101de5673) [ 17.147208] [ 17.147411] The buggy address belongs to the physical page: [ 17.147779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101de5 [ 17.148397] flags: 0x200000000000000(node=0|zone=2) [ 17.148824] page_type: f5(slab) [ 17.149201] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.149696] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.150130] page dumped because: kasan: bad access detected [ 17.150547] [ 17.150735] Memory state around the buggy address: [ 17.151046] ffff888101de5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.151602] ffff888101de5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.152192] >ffff888101de5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.152597] ^ [ 17.153075] ffff888101de5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.153558] ffff888101de5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.154055] ================================================================== [ 17.155672] ================================================================== [ 17.156557] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.157181] Read of size 1 at addr ffff888101de567f by task kunit_try_catch/215 [ 17.158026] [ 17.158320] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.158621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.158683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.158743] Call Trace: [ 17.158801] <TASK> [ 17.158848] dump_stack_lvl+0x73/0xb0 [ 17.158928] print_report+0xd1/0x650 [ 17.158963] ? __virt_addr_valid+0x1db/0x2d0 [ 17.158991] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.159016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.159039] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.159064] kasan_report+0x141/0x180 [ 17.159088] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.159129] __asan_report_load1_noabort+0x18/0x20 [ 17.159184] ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.159211] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.159236] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.159268] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.159297] kunit_try_run_case+0x1a5/0x480 [ 17.159326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.159348] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.159375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.159399] ? __kthread_parkme+0x82/0x180 [ 17.159423] ? preempt_count_sub+0x50/0x80 [ 17.159450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.159474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.159498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.159522] kthread+0x337/0x6f0 [ 17.159541] ? trace_preempt_on+0x20/0xc0 [ 17.159566] ? __pfx_kthread+0x10/0x10 [ 17.159586] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.159608] ? calculate_sigpending+0x7b/0xa0 [ 17.159644] ? __pfx_kthread+0x10/0x10 [ 17.159666] ret_from_fork+0x41/0x80 [ 17.159691] ? __pfx_kthread+0x10/0x10 [ 17.159710] ret_from_fork_asm+0x1a/0x30 [ 17.159745] </TASK> [ 17.159782] [ 17.170468] Allocated by task 215: [ 17.170760] kasan_save_stack+0x45/0x70 [ 17.171007] kasan_save_track+0x18/0x40 [ 17.171234] kasan_save_alloc_info+0x3b/0x50 [ 17.171778] __kasan_kmalloc+0xb7/0xc0 [ 17.172133] __kmalloc_cache_noprof+0x189/0x420 [ 17.172531] ksize_unpoisons_memory+0xc7/0x9b0 [ 17.172987] kunit_try_run_case+0x1a5/0x480 [ 17.173525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.173817] kthread+0x337/0x6f0 [ 17.174015] ret_from_fork+0x41/0x80 [ 17.174205] ret_from_fork_asm+0x1a/0x30 [ 17.174564] [ 17.174726] The buggy address belongs to the object at ffff888101de5600 [ 17.174726] which belongs to the cache kmalloc-128 of size 128 [ 17.175190] The buggy address is located 12 bytes to the right of [ 17.175190] allocated 115-byte region [ffff888101de5600, ffff888101de5673) [ 17.176154] [ 17.176352] The buggy address belongs to the physical page: [ 17.176643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101de5 [ 17.177154] flags: 0x200000000000000(node=0|zone=2) [ 17.177527] page_type: f5(slab) [ 17.177862] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.178206] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.178632] page dumped because: kasan: bad access detected [ 17.179072] [ 17.179298] Memory state around the buggy address: [ 17.179600] ffff888101de5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.180055] ffff888101de5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.180573] >ffff888101de5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.181013] ^ [ 17.181391] ffff888101de5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.181941] ffff888101de5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.182355] ================================================================== [ 17.092927] ================================================================== [ 17.093584] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 17.094155] Read of size 1 at addr ffff888101de5673 by task kunit_try_catch/215 [ 17.094657] [ 17.095227] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.095351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.095372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.095398] Call Trace: [ 17.095415] <TASK> [ 17.095439] dump_stack_lvl+0x73/0xb0 [ 17.095482] print_report+0xd1/0x650 [ 17.095508] ? __virt_addr_valid+0x1db/0x2d0 [ 17.095535] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 17.095561] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.095584] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 17.095609] kasan_report+0x141/0x180 [ 17.095652] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 17.095684] __asan_report_load1_noabort+0x18/0x20 [ 17.095707] ksize_unpoisons_memory+0x81c/0x9b0 [ 17.095732] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.095781] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.095834] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.095887] kunit_try_run_case+0x1a5/0x480 [ 17.095938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.095978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.096019] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.096058] ? __kthread_parkme+0x82/0x180 [ 17.096102] ? preempt_count_sub+0x50/0x80 [ 17.096146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.096193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.096240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.096285] kthread+0x337/0x6f0 [ 17.096322] ? trace_preempt_on+0x20/0xc0 [ 17.096372] ? __pfx_kthread+0x10/0x10 [ 17.096408] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.096448] ? calculate_sigpending+0x7b/0xa0 [ 17.096489] ? __pfx_kthread+0x10/0x10 [ 17.096524] ret_from_fork+0x41/0x80 [ 17.096570] ? __pfx_kthread+0x10/0x10 [ 17.096612] ret_from_fork_asm+0x1a/0x30 [ 17.096674] </TASK> [ 17.096702] [ 17.109108] Allocated by task 215: [ 17.109697] kasan_save_stack+0x45/0x70 [ 17.110157] kasan_save_track+0x18/0x40 [ 17.110490] kasan_save_alloc_info+0x3b/0x50 [ 17.110867] __kasan_kmalloc+0xb7/0xc0 [ 17.111405] __kmalloc_cache_noprof+0x189/0x420 [ 17.111729] ksize_unpoisons_memory+0xc7/0x9b0 [ 17.112282] kunit_try_run_case+0x1a5/0x480 [ 17.112624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.112867] kthread+0x337/0x6f0 [ 17.113174] ret_from_fork+0x41/0x80 [ 17.113508] ret_from_fork_asm+0x1a/0x30 [ 17.113727] [ 17.113923] The buggy address belongs to the object at ffff888101de5600 [ 17.113923] which belongs to the cache kmalloc-128 of size 128 [ 17.114829] The buggy address is located 0 bytes to the right of [ 17.114829] allocated 115-byte region [ffff888101de5600, ffff888101de5673) [ 17.115501] [ 17.115635] The buggy address belongs to the physical page: [ 17.116086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101de5 [ 17.117082] flags: 0x200000000000000(node=0|zone=2) [ 17.117593] page_type: f5(slab) [ 17.117809] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.118310] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.119019] page dumped because: kasan: bad access detected [ 17.119257] [ 17.119439] Memory state around the buggy address: [ 17.120009] ffff888101de5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.120947] ffff888101de5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.121389] >ffff888101de5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.121706] ^ [ 17.122259] ffff888101de5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.122884] ffff888101de5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.123618] ==================================================================