Date
July 4, 2025, 3:11 p.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 | |
| x86 |
[ 18.065469] ================================================================== [ 18.074620] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 18.081993] Read of size 1 at addr ffff00080476f000 by task kunit_try_catch/189 [ 18.089284] [ 18.090771] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.090823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.090841] Hardware name: WinLink E850-96 board (DT) [ 18.090863] Call trace: [ 18.090875] show_stack+0x20/0x38 (C) [ 18.090911] dump_stack_lvl+0x8c/0xd0 [ 18.090952] print_report+0x118/0x608 [ 18.090983] kasan_report+0xdc/0x128 [ 18.091013] __asan_report_load1_noabort+0x20/0x30 [ 18.091049] kmalloc_node_oob_right+0x2f4/0x330 [ 18.091077] kunit_try_run_case+0x170/0x3f0 [ 18.091112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.091148] kthread+0x328/0x630 [ 18.091184] ret_from_fork+0x10/0x20 [ 18.091218] [ 18.153953] Allocated by task 189: [ 18.157342] kasan_save_stack+0x3c/0x68 [ 18.161157] kasan_save_track+0x20/0x40 [ 18.164979] kasan_save_alloc_info+0x40/0x58 [ 18.169231] __kasan_kmalloc+0xd4/0xd8 [ 18.172963] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 18.177911] kmalloc_node_oob_right+0xbc/0x330 [ 18.182338] kunit_try_run_case+0x170/0x3f0 [ 18.186504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.191973] kthread+0x328/0x630 [ 18.195185] ret_from_fork+0x10/0x20 [ 18.198744] [ 18.200221] The buggy address belongs to the object at ffff00080476e000 [ 18.200221] which belongs to the cache kmalloc-4k of size 4096 [ 18.212723] The buggy address is located 0 bytes to the right of [ 18.212723] allocated 4096-byte region [ffff00080476e000, ffff00080476f000) [ 18.225740] [ 18.227218] The buggy address belongs to the physical page: [ 18.232774] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x884768 [ 18.240759] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.248398] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.255340] page_type: f5(slab) [ 18.258479] raw: 0bfffe0000000040 ffff000800003040 dead000000000122 0000000000000000 [ 18.266198] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 18.273924] head: 0bfffe0000000040 ffff000800003040 dead000000000122 0000000000000000 [ 18.281735] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 18.289548] head: 0bfffe0000000003 fffffdffe011da01 00000000ffffffff 00000000ffffffff [ 18.297360] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 18.305169] page dumped because: kasan: bad access detected [ 18.310722] [ 18.312197] Memory state around the buggy address: [ 18.316979] ffff00080476ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.324180] ffff00080476ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.331386] >ffff00080476f000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.338586] ^ [ 18.341801] ffff00080476f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.349006] ffff00080476f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.356208] ==================================================================
[ 15.242218] ================================================================== [ 15.242279] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 15.242328] Read of size 1 at addr fff00000c652f000 by task kunit_try_catch/145 [ 15.242375] [ 15.242405] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.242481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.242506] Hardware name: linux,dummy-virt (DT) [ 15.242536] Call trace: [ 15.242556] show_stack+0x20/0x38 (C) [ 15.242602] dump_stack_lvl+0x8c/0xd0 [ 15.243406] print_report+0x118/0x608 [ 15.243648] kasan_report+0xdc/0x128 [ 15.243710] __asan_report_load1_noabort+0x20/0x30 [ 15.243760] kmalloc_node_oob_right+0x2f4/0x330 [ 15.243805] kunit_try_run_case+0x170/0x3f0 [ 15.243889] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.243963] kthread+0x328/0x630 [ 15.244008] ret_from_fork+0x10/0x20 [ 15.244054] [ 15.244072] Allocated by task 145: [ 15.244100] kasan_save_stack+0x3c/0x68 [ 15.244137] kasan_save_track+0x20/0x40 [ 15.244340] kasan_save_alloc_info+0x40/0x58 [ 15.244575] __kasan_kmalloc+0xd4/0xd8 [ 15.244858] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 15.244949] kmalloc_node_oob_right+0xbc/0x330 [ 15.245132] kunit_try_run_case+0x170/0x3f0 [ 15.245178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.245221] kthread+0x328/0x630 [ 15.245254] ret_from_fork+0x10/0x20 [ 15.245288] [ 15.245307] The buggy address belongs to the object at fff00000c652e000 [ 15.245307] which belongs to the cache kmalloc-4k of size 4096 [ 15.245362] The buggy address is located 0 bytes to the right of [ 15.245362] allocated 4096-byte region [fff00000c652e000, fff00000c652f000) [ 15.245423] [ 15.245493] The buggy address belongs to the physical page: [ 15.245687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106528 [ 15.246451] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.246551] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.247090] page_type: f5(slab) [ 15.247239] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.247427] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.247743] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.247822] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.247888] head: 0bfffe0000000003 ffffc1ffc3194a01 00000000ffffffff 00000000ffffffff [ 15.247935] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.248655] page dumped because: kasan: bad access detected [ 15.248753] [ 15.248773] Memory state around the buggy address: [ 15.248813] fff00000c652ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.248855] fff00000c652ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.248899] >fff00000c652f000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.248965] ^ [ 15.249052] fff00000c652f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.249250] fff00000c652f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.249487] ==================================================================
[ 13.311431] ================================================================== [ 13.311930] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 13.312674] Read of size 1 at addr ffff888102667000 by task kunit_try_catch/161 [ 13.313460] [ 13.313763] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.313911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.313941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.313987] Call Trace: [ 13.314018] <TASK> [ 13.314060] dump_stack_lvl+0x73/0xb0 [ 13.314166] print_report+0xd1/0x650 [ 13.314275] ? __virt_addr_valid+0x1db/0x2d0 [ 13.314329] ? kmalloc_node_oob_right+0x369/0x3c0 [ 13.314390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.314439] ? kmalloc_node_oob_right+0x369/0x3c0 [ 13.314478] kasan_report+0x141/0x180 [ 13.314532] ? kmalloc_node_oob_right+0x369/0x3c0 [ 13.314582] __asan_report_load1_noabort+0x18/0x20 [ 13.314615] kmalloc_node_oob_right+0x369/0x3c0 [ 13.314639] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 13.314662] ? __schedule+0x10cc/0x2b60 [ 13.314688] ? __pfx_read_tsc+0x10/0x10 [ 13.314712] ? ktime_get_ts64+0x86/0x230 [ 13.314740] kunit_try_run_case+0x1a5/0x480 [ 13.314769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.314792] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.314819] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.314844] ? __kthread_parkme+0x82/0x180 [ 13.314868] ? preempt_count_sub+0x50/0x80 [ 13.314897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.314922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.314947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.314971] kthread+0x337/0x6f0 [ 13.314989] ? trace_preempt_on+0x20/0xc0 [ 13.315015] ? __pfx_kthread+0x10/0x10 [ 13.315034] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.315057] ? calculate_sigpending+0x7b/0xa0 [ 13.315101] ? __pfx_kthread+0x10/0x10 [ 13.315122] ret_from_fork+0x41/0x80 [ 13.315145] ? __pfx_kthread+0x10/0x10 [ 13.315164] ret_from_fork_asm+0x1a/0x30 [ 13.315199] </TASK> [ 13.315221] [ 13.329115] Allocated by task 161: [ 13.329662] kasan_save_stack+0x45/0x70 [ 13.329973] kasan_save_track+0x18/0x40 [ 13.330884] kasan_save_alloc_info+0x3b/0x50 [ 13.331175] __kasan_kmalloc+0xb7/0xc0 [ 13.331419] __kmalloc_cache_node_noprof+0x188/0x420 [ 13.332079] kmalloc_node_oob_right+0xab/0x3c0 [ 13.332288] kunit_try_run_case+0x1a5/0x480 [ 13.332695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.332992] kthread+0x337/0x6f0 [ 13.333746] ret_from_fork+0x41/0x80 [ 13.334067] ret_from_fork_asm+0x1a/0x30 [ 13.334600] [ 13.334881] The buggy address belongs to the object at ffff888102666000 [ 13.334881] which belongs to the cache kmalloc-4k of size 4096 [ 13.335705] The buggy address is located 0 bytes to the right of [ 13.335705] allocated 4096-byte region [ffff888102666000, ffff888102667000) [ 13.337114] [ 13.337264] The buggy address belongs to the physical page: [ 13.337651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102660 [ 13.338892] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.339243] flags: 0x200000000000040(head|node=0|zone=2) [ 13.340031] page_type: f5(slab) [ 13.340715] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 13.341428] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 13.341917] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 13.342672] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 13.343015] head: 0200000000000003 ffffea0004099801 00000000ffffffff 00000000ffffffff [ 13.344009] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 13.344614] page dumped because: kasan: bad access detected [ 13.344950] [ 13.345464] Memory state around the buggy address: [ 13.345907] ffff888102666f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.346439] ffff888102666f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.346972] >ffff888102667000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.347513] ^ [ 13.347817] ffff888102667080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.348122] ffff888102667100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.348632] ==================================================================
[ 19.270235] ================================================================== [ 19.281190] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 19.288590] Read of size 1 at addr ffff888105f47000 by task kunit_try_catch/183 [ 19.295927] [ 19.297477] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.297485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.297487] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 19.297491] Call Trace: [ 19.297492] <TASK> [ 19.297494] dump_stack_lvl+0x73/0xb0 [ 19.297498] print_report+0xd1/0x650 [ 19.297503] ? __virt_addr_valid+0x1db/0x2d0 [ 19.297507] ? kmalloc_node_oob_right+0x369/0x3c0 [ 19.297510] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.297515] ? kmalloc_node_oob_right+0x369/0x3c0 [ 19.297519] kasan_report+0x141/0x180 [ 19.297523] ? kmalloc_node_oob_right+0x369/0x3c0 [ 19.297528] __asan_report_load1_noabort+0x18/0x20 [ 19.297532] kmalloc_node_oob_right+0x369/0x3c0 [ 19.297535] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 19.297539] ? __schedule+0x10cc/0x2b60 [ 19.297544] ? ktime_get_ts64+0x83/0x230 [ 19.297549] kunit_try_run_case+0x1a2/0x480 [ 19.297553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.297558] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.297563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.297567] ? __kthread_parkme+0x82/0x180 [ 19.297571] ? preempt_count_sub+0x50/0x80 [ 19.297576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.297581] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 19.297585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.297590] kthread+0x334/0x6f0 [ 19.297593] ? trace_preempt_on+0x20/0xc0 [ 19.297597] ? __pfx_kthread+0x10/0x10 [ 19.297600] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.297605] ? calculate_sigpending+0x7b/0xa0 [ 19.297609] ? __pfx_kthread+0x10/0x10 [ 19.297612] ret_from_fork+0x3e/0x80 [ 19.297616] ? __pfx_kthread+0x10/0x10 [ 19.297619] ret_from_fork_asm+0x1a/0x30 [ 19.297625] </TASK> [ 19.297626] [ 19.462694] Allocated by task 183: [ 19.466101] kasan_save_stack+0x45/0x70 [ 19.469956] kasan_save_track+0x18/0x40 [ 19.473813] kasan_save_alloc_info+0x3b/0x50 [ 19.478087] __kasan_kmalloc+0xb7/0xc0 [ 19.481838] __kmalloc_cache_node_noprof+0x188/0x420 [ 19.486806] kmalloc_node_oob_right+0xab/0x3c0 [ 19.491251] kunit_try_run_case+0x1a2/0x480 [ 19.495438] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 19.500845] kthread+0x334/0x6f0 [ 19.504077] ret_from_fork+0x3e/0x80 [ 19.507657] ret_from_fork_asm+0x1a/0x30 [ 19.511584] [ 19.513082] The buggy address belongs to the object at ffff888105f46000 [ 19.513082] which belongs to the cache kmalloc-4k of size 4096 [ 19.525597] The buggy address is located 0 bytes to the right of [ 19.525597] allocated 4096-byte region [ffff888105f46000, ffff888105f47000) [ 19.538631] [ 19.540130] The buggy address belongs to the physical page: [ 19.545705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f40 [ 19.553711] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.561364] flags: 0x200000000000040(head|node=0|zone=2) [ 19.566678] page_type: f5(slab) [ 19.569825] raw: 0200000000000040 ffff888100043040 dead000000000122 0000000000000000 [ 19.577573] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 19.585319] head: 0200000000000040 ffff888100043040 dead000000000122 0000000000000000 [ 19.593161] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 19.600995] head: 0200000000000003 ffffea000417d001 00000000ffffffff 00000000ffffffff [ 19.608824] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 19.616649] page dumped because: kasan: bad access detected [ 19.622220] [ 19.623712] Memory state around the buggy address: [ 19.628505] ffff888105f46f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.635725] ffff888105f46f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.642977] >ffff888105f47000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.650198] ^ [ 19.653429] ffff888105f47080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.660648] ffff888105f47100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.667868] ==================================================================