Date
June 26, 2025, 11:12 a.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 |
[ 33.333588] ================================================================== [ 33.343260] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 33.349941] Read of size 1 at addr ffff00080193c0c8 by task kunit_try_catch/256 [ 33.357233] [ 33.358720] CPU: 2 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT [ 33.358775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.358791] Hardware name: WinLink E850-96 board (DT) [ 33.358814] Call trace: [ 33.358829] show_stack+0x20/0x38 (C) [ 33.358867] dump_stack_lvl+0x8c/0xd0 [ 33.358905] print_report+0x118/0x608 [ 33.358939] kasan_report+0xdc/0x128 [ 33.358969] __asan_report_load1_noabort+0x20/0x30 [ 33.359005] kmem_cache_oob+0x344/0x430 [ 33.359038] kunit_try_run_case+0x170/0x3f0 [ 33.359079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.359119] kthread+0x328/0x630 [ 33.359154] ret_from_fork+0x10/0x20 [ 33.359193] [ 33.421208] Allocated by task 256: [ 33.424595] kasan_save_stack+0x3c/0x68 [ 33.428411] kasan_save_track+0x20/0x40 [ 33.432231] kasan_save_alloc_info+0x40/0x58 [ 33.436484] __kasan_slab_alloc+0xa8/0xb0 [ 33.440477] kmem_cache_alloc_noprof+0x10c/0x398 [ 33.445078] kmem_cache_oob+0x12c/0x430 [ 33.448897] kunit_try_run_case+0x170/0x3f0 [ 33.453064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.458532] kthread+0x328/0x630 [ 33.461744] ret_from_fork+0x10/0x20 [ 33.465303] [ 33.466780] The buggy address belongs to the object at ffff00080193c000 [ 33.466780] which belongs to the cache test_cache of size 200 [ 33.479194] The buggy address is located 0 bytes to the right of [ 33.479194] allocated 200-byte region [ffff00080193c000, ffff00080193c0c8) [ 33.492126] [ 33.493606] The buggy address belongs to the physical page: [ 33.499161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x88193c [ 33.507145] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.514784] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 33.521728] page_type: f5(slab) [ 33.524866] raw: 0bfffe0000000040 ffff00080193a000 dead000000000122 0000000000000000 [ 33.532583] raw: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 33.540310] head: 0bfffe0000000040 ffff00080193a000 dead000000000122 0000000000000000 [ 33.548121] head: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 33.555934] head: 0bfffe0000000001 fffffdffe0064f01 00000000ffffffff 00000000ffffffff [ 33.563746] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 33.571551] page dumped because: kasan: bad access detected [ 33.577108] [ 33.578584] Memory state around the buggy address: [ 33.583364] ffff00080193bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.590565] ffff00080193c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.597770] >ffff00080193c080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 33.604971] ^ [ 33.610531] ffff00080193c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.617735] ffff00080193c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.624935] ==================================================================
[ 18.584998] ================================================================== [ 18.585062] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 18.585121] Read of size 1 at addr fff00000c79850c8 by task kunit_try_catch/209 [ 18.585554] [ 18.585689] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT [ 18.586081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.586187] Hardware name: linux,dummy-virt (DT) [ 18.586262] Call trace: [ 18.586407] show_stack+0x20/0x38 (C) [ 18.586472] dump_stack_lvl+0x8c/0xd0 [ 18.586564] print_report+0x118/0x608 [ 18.586851] kasan_report+0xdc/0x128 [ 18.587102] __asan_report_load1_noabort+0x20/0x30 [ 18.587174] kmem_cache_oob+0x344/0x430 [ 18.587357] kunit_try_run_case+0x170/0x3f0 [ 18.587467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.587528] kthread+0x328/0x630 [ 18.587574] ret_from_fork+0x10/0x20 [ 18.587630] [ 18.587647] Allocated by task 209: [ 18.587817] kasan_save_stack+0x3c/0x68 [ 18.587992] kasan_save_track+0x20/0x40 [ 18.588093] kasan_save_alloc_info+0x40/0x58 [ 18.588187] __kasan_slab_alloc+0xa8/0xb0 [ 18.588373] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.588467] kmem_cache_oob+0x12c/0x430 [ 18.588692] kunit_try_run_case+0x170/0x3f0 [ 18.588906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.589012] kthread+0x328/0x630 [ 18.589167] ret_from_fork+0x10/0x20 [ 18.589362] [ 18.589418] The buggy address belongs to the object at fff00000c7985000 [ 18.589418] which belongs to the cache test_cache of size 200 [ 18.589602] The buggy address is located 0 bytes to the right of [ 18.589602] allocated 200-byte region [fff00000c7985000, fff00000c79850c8) [ 18.589674] [ 18.589987] The buggy address belongs to the physical page: [ 18.590039] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107985 [ 18.590207] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.590301] page_type: f5(slab) [ 18.590481] raw: 0bfffe0000000000 fff00000c59d63c0 dead000000000122 0000000000000000 [ 18.590734] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.590888] page dumped because: kasan: bad access detected [ 18.590975] [ 18.591121] Memory state around the buggy address: [ 18.591195] fff00000c7984f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.591332] fff00000c7985000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.591380] >fff00000c7985080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.591423] ^ [ 18.591460] fff00000c7985100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.591547] fff00000c7985180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.591589] ==================================================================
[ 11.576538] ================================================================== [ 11.577799] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 11.578443] Read of size 1 at addr ffff888102f730c8 by task kunit_try_catch/226 [ 11.579258] [ 11.579555] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 11.579697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.579727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.579750] Call Trace: [ 11.579765] <TASK> [ 11.579786] dump_stack_lvl+0x73/0xb0 [ 11.579817] print_report+0xd1/0x650 [ 11.579841] ? __virt_addr_valid+0x1db/0x2d0 [ 11.579864] ? kmem_cache_oob+0x402/0x530 [ 11.579883] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.579905] ? kmem_cache_oob+0x402/0x530 [ 11.579937] kasan_report+0x141/0x180 [ 11.579959] ? kmem_cache_oob+0x402/0x530 [ 11.579983] __asan_report_load1_noabort+0x18/0x20 [ 11.580003] kmem_cache_oob+0x402/0x530 [ 11.580021] ? trace_hardirqs_on+0x37/0xe0 [ 11.580045] ? __pfx_kmem_cache_oob+0x10/0x10 [ 11.580063] ? finish_task_switch.isra.0+0x153/0x700 [ 11.580087] ? __switch_to+0x5d9/0xf60 [ 11.580111] ? dequeue_task_fair+0x166/0x4e0 [ 11.580138] ? __pfx_read_tsc+0x10/0x10 [ 11.580158] ? ktime_get_ts64+0x86/0x230 [ 11.580183] kunit_try_run_case+0x1a5/0x480 [ 11.580209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.580230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.580262] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.580284] ? __kthread_parkme+0x82/0x180 [ 11.580306] ? preempt_count_sub+0x50/0x80 [ 11.580330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.580353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.580376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.580398] kthread+0x337/0x6f0 [ 11.580414] ? trace_preempt_on+0x20/0xc0 [ 11.580435] ? __pfx_kthread+0x10/0x10 [ 11.580452] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.580473] ? calculate_sigpending+0x7b/0xa0 [ 11.580495] ? __pfx_kthread+0x10/0x10 [ 11.580515] ret_from_fork+0x41/0x80 [ 11.580536] ? __pfx_kthread+0x10/0x10 [ 11.580553] ret_from_fork_asm+0x1a/0x30 [ 11.580595] </TASK> [ 11.580606] [ 11.596689] Allocated by task 226: [ 11.597077] kasan_save_stack+0x45/0x70 [ 11.597477] kasan_save_track+0x18/0x40 [ 11.597851] kasan_save_alloc_info+0x3b/0x50 [ 11.598349] __kasan_slab_alloc+0x91/0xa0 [ 11.598537] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.599162] kmem_cache_oob+0x157/0x530 [ 11.599549] kunit_try_run_case+0x1a5/0x480 [ 11.600031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.600449] kthread+0x337/0x6f0 [ 11.600585] ret_from_fork+0x41/0x80 [ 11.601104] ret_from_fork_asm+0x1a/0x30 [ 11.601616] [ 11.601893] The buggy address belongs to the object at ffff888102f73000 [ 11.601893] which belongs to the cache test_cache of size 200 [ 11.602275] The buggy address is located 0 bytes to the right of [ 11.602275] allocated 200-byte region [ffff888102f73000, ffff888102f730c8) [ 11.602663] [ 11.602737] The buggy address belongs to the physical page: [ 11.603450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f73 [ 11.604113] flags: 0x200000000000000(node=0|zone=2) [ 11.604425] page_type: f5(slab) [ 11.604557] raw: 0200000000000000 ffff88810128f280 dead000000000122 0000000000000000 [ 11.605117] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.605496] page dumped because: kasan: bad access detected [ 11.605927] [ 11.606120] Memory state around the buggy address: [ 11.606336] ffff888102f72f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.606811] ffff888102f73000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.607192] >ffff888102f73080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.607454] ^ [ 11.607847] ffff888102f73100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.608126] ffff888102f73180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.608550] ==================================================================