Date
July 4, 2025, 3:11 p.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 | |
| x86 |
[ 24.992063] ================================================================== [ 25.001164] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 25.008452] Write of size 128 at addr ffff0008018e6d00 by task kunit_try_catch/219 [ 25.016003] [ 25.017488] CPU: 2 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 25.017540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.017556] Hardware name: WinLink E850-96 board (DT) [ 25.017577] Call trace: [ 25.017591] show_stack+0x20/0x38 (C) [ 25.017626] dump_stack_lvl+0x8c/0xd0 [ 25.017666] print_report+0x118/0x608 [ 25.017697] kasan_report+0xdc/0x128 [ 25.017727] kasan_check_range+0x100/0x1a8 [ 25.017759] __asan_memset+0x34/0x78 [ 25.017789] kmalloc_oob_in_memset+0x144/0x2d0 [ 25.017822] kunit_try_run_case+0x170/0x3f0 [ 25.017857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.017893] kthread+0x328/0x630 [ 25.017929] ret_from_fork+0x10/0x20 [ 25.017963] [ 25.083450] Allocated by task 219: [ 25.086839] kasan_save_stack+0x3c/0x68 [ 25.090654] kasan_save_track+0x20/0x40 [ 25.094475] kasan_save_alloc_info+0x40/0x58 [ 25.098729] __kasan_kmalloc+0xd4/0xd8 [ 25.102460] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.106974] kmalloc_oob_in_memset+0xb0/0x2d0 [ 25.111314] kunit_try_run_case+0x170/0x3f0 [ 25.115480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.120949] kthread+0x328/0x630 [ 25.124160] ret_from_fork+0x10/0x20 [ 25.127720] [ 25.129198] The buggy address belongs to the object at ffff0008018e6d00 [ 25.129198] which belongs to the cache kmalloc-128 of size 128 [ 25.141699] The buggy address is located 0 bytes inside of [ 25.141699] allocated 120-byte region [ffff0008018e6d00, ffff0008018e6d78) [ 25.154108] [ 25.155588] The buggy address belongs to the physical page: [ 25.161144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8818e6 [ 25.169128] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.176766] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.183710] page_type: f5(slab) [ 25.186848] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 25.194566] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.202292] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 25.210104] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.217916] head: 0bfffe0000000001 fffffdffe0063981 00000000ffffffff 00000000ffffffff [ 25.225729] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 25.233536] page dumped because: kasan: bad access detected [ 25.239089] [ 25.240565] Memory state around the buggy address: [ 25.245347] ffff0008018e6c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.252548] ffff0008018e6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.259754] >ffff0008018e6d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.266954] ^ [ 25.274075] ffff0008018e6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.281282] ffff0008018e6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.288483] ==================================================================
[ 15.574667] ================================================================== [ 15.574726] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 15.574777] Write of size 128 at addr fff00000c637a500 by task kunit_try_catch/175 [ 15.574824] [ 15.574854] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.574932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.574958] Hardware name: linux,dummy-virt (DT) [ 15.574988] Call trace: [ 15.575009] show_stack+0x20/0x38 (C) [ 15.575077] dump_stack_lvl+0x8c/0xd0 [ 15.575126] print_report+0x118/0x608 [ 15.575169] kasan_report+0xdc/0x128 [ 15.575210] kasan_check_range+0x100/0x1a8 [ 15.575255] __asan_memset+0x34/0x78 [ 15.575299] kmalloc_oob_in_memset+0x144/0x2d0 [ 15.575345] kunit_try_run_case+0x170/0x3f0 [ 15.575391] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.575441] kthread+0x328/0x630 [ 15.575494] ret_from_fork+0x10/0x20 [ 15.575540] [ 15.575557] Allocated by task 175: [ 15.575585] kasan_save_stack+0x3c/0x68 [ 15.575622] kasan_save_track+0x20/0x40 [ 15.576250] kasan_save_alloc_info+0x40/0x58 [ 15.576489] __kasan_kmalloc+0xd4/0xd8 [ 15.576576] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.576617] kmalloc_oob_in_memset+0xb0/0x2d0 [ 15.576665] kunit_try_run_case+0x170/0x3f0 [ 15.576703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.576746] kthread+0x328/0x630 [ 15.576780] ret_from_fork+0x10/0x20 [ 15.576814] [ 15.576833] The buggy address belongs to the object at fff00000c637a500 [ 15.576833] which belongs to the cache kmalloc-128 of size 128 [ 15.576887] The buggy address is located 0 bytes inside of [ 15.576887] allocated 120-byte region [fff00000c637a500, fff00000c637a578) [ 15.576945] [ 15.576965] The buggy address belongs to the physical page: [ 15.576993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.577040] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.577084] page_type: f5(slab) [ 15.577120] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.577167] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.577205] page dumped because: kasan: bad access detected [ 15.577235] [ 15.577253] Memory state around the buggy address: [ 15.577282] fff00000c637a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.577323] fff00000c637a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.577363] >fff00000c637a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.577399] ^ [ 15.577437] fff00000c637a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.577478] fff00000c637a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.577513] ==================================================================
[ 14.303866] ================================================================== [ 14.304314] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 14.305441] Write of size 128 at addr ffff8881029e5500 by task kunit_try_catch/191 [ 14.306304] [ 14.306507] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.306598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.306614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.306640] Call Trace: [ 14.306666] <TASK> [ 14.306698] dump_stack_lvl+0x73/0xb0 [ 14.306736] print_report+0xd1/0x650 [ 14.306763] ? __virt_addr_valid+0x1db/0x2d0 [ 14.306788] ? kmalloc_oob_in_memset+0x15f/0x320 [ 14.306811] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.306834] ? kmalloc_oob_in_memset+0x15f/0x320 [ 14.306857] kasan_report+0x141/0x180 [ 14.306880] ? kmalloc_oob_in_memset+0x15f/0x320 [ 14.306909] kasan_check_range+0x10c/0x1c0 [ 14.306930] __asan_memset+0x27/0x50 [ 14.306951] kmalloc_oob_in_memset+0x15f/0x320 [ 14.306974] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 14.306997] ? __schedule+0x10cc/0x2b60 [ 14.307021] ? __pfx_read_tsc+0x10/0x10 [ 14.307042] ? ktime_get_ts64+0x86/0x230 [ 14.307102] kunit_try_run_case+0x1a5/0x480 [ 14.307167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.307210] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.307261] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.307310] ? __kthread_parkme+0x82/0x180 [ 14.307371] ? preempt_count_sub+0x50/0x80 [ 14.307404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.307428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.307452] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.307475] kthread+0x337/0x6f0 [ 14.307494] ? trace_preempt_on+0x20/0xc0 [ 14.307518] ? __pfx_kthread+0x10/0x10 [ 14.307537] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.307559] ? calculate_sigpending+0x7b/0xa0 [ 14.307581] ? __pfx_kthread+0x10/0x10 [ 14.307602] ret_from_fork+0x41/0x80 [ 14.307624] ? __pfx_kthread+0x10/0x10 [ 14.307643] ret_from_fork_asm+0x1a/0x30 [ 14.307676] </TASK> [ 14.307689] [ 14.319320] Allocated by task 191: [ 14.319857] kasan_save_stack+0x45/0x70 [ 14.320410] kasan_save_track+0x18/0x40 [ 14.320866] kasan_save_alloc_info+0x3b/0x50 [ 14.321252] __kasan_kmalloc+0xb7/0xc0 [ 14.321534] __kmalloc_cache_noprof+0x189/0x420 [ 14.322032] kmalloc_oob_in_memset+0xac/0x320 [ 14.322467] kunit_try_run_case+0x1a5/0x480 [ 14.322964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.323454] kthread+0x337/0x6f0 [ 14.323797] ret_from_fork+0x41/0x80 [ 14.324211] ret_from_fork_asm+0x1a/0x30 [ 14.324574] [ 14.324836] The buggy address belongs to the object at ffff8881029e5500 [ 14.324836] which belongs to the cache kmalloc-128 of size 128 [ 14.325719] The buggy address is located 0 bytes inside of [ 14.325719] allocated 120-byte region [ffff8881029e5500, ffff8881029e5578) [ 14.326422] [ 14.326707] The buggy address belongs to the physical page: [ 14.327225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 14.327822] flags: 0x200000000000000(node=0|zone=2) [ 14.328327] page_type: f5(slab) [ 14.328732] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.329229] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.329888] page dumped because: kasan: bad access detected [ 14.330199] [ 14.330386] Memory state around the buggy address: [ 14.330890] ffff8881029e5400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.331331] ffff8881029e5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.331930] >ffff8881029e5500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.332366] ^ [ 14.332789] ffff8881029e5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.333483] ffff8881029e5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.334059] ==================================================================
[ 28.930167] ================================================================== [ 28.940987] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 28.948293] Write of size 128 at addr ffff8881049b7000 by task kunit_try_catch/213 [ 28.955861] [ 28.957361] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 28.957369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.957371] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 28.957374] Call Trace: [ 28.957375] <TASK> [ 28.957377] dump_stack_lvl+0x73/0xb0 [ 28.957381] print_report+0xd1/0x650 [ 28.957385] ? __virt_addr_valid+0x1db/0x2d0 [ 28.957389] ? kmalloc_oob_in_memset+0x15f/0x320 [ 28.957393] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.957398] ? kmalloc_oob_in_memset+0x15f/0x320 [ 28.957402] kasan_report+0x141/0x180 [ 28.957407] ? kmalloc_oob_in_memset+0x15f/0x320 [ 28.957412] kasan_check_range+0x10c/0x1c0 [ 28.957415] __asan_memset+0x27/0x50 [ 28.957419] kmalloc_oob_in_memset+0x15f/0x320 [ 28.957424] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 28.957428] ? __schedule+0x10cc/0x2b60 [ 28.957433] ? ktime_get_ts64+0x83/0x230 [ 28.957437] kunit_try_run_case+0x1a2/0x480 [ 28.957442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.957447] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.957451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.957456] ? __kthread_parkme+0x82/0x180 [ 28.957460] ? preempt_count_sub+0x50/0x80 [ 28.957465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.957469] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 28.957474] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.957478] kthread+0x334/0x6f0 [ 28.957481] ? trace_preempt_on+0x20/0xc0 [ 28.957485] ? __pfx_kthread+0x10/0x10 [ 28.957489] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.957493] ? calculate_sigpending+0x7b/0xa0 [ 28.957497] ? __pfx_kthread+0x10/0x10 [ 28.957500] ret_from_fork+0x3e/0x80 [ 28.957504] ? __pfx_kthread+0x10/0x10 [ 28.957507] ret_from_fork_asm+0x1a/0x30 [ 28.957513] </TASK> [ 28.957514] [ 29.124950] Allocated by task 213: [ 29.128361] kasan_save_stack+0x45/0x70 [ 29.132199] kasan_save_track+0x18/0x40 [ 29.136038] kasan_save_alloc_info+0x3b/0x50 [ 29.140313] __kasan_kmalloc+0xb7/0xc0 [ 29.144063] __kmalloc_cache_noprof+0x189/0x420 [ 29.148595] kmalloc_oob_in_memset+0xac/0x320 [ 29.152956] kunit_try_run_case+0x1a2/0x480 [ 29.157141] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 29.162541] kthread+0x334/0x6f0 [ 29.165775] ret_from_fork+0x3e/0x80 [ 29.169353] ret_from_fork_asm+0x1a/0x30 [ 29.173280] [ 29.174778] The buggy address belongs to the object at ffff8881049b7000 [ 29.174778] which belongs to the cache kmalloc-128 of size 128 [ 29.187284] The buggy address is located 0 bytes inside of [ 29.187284] allocated 120-byte region [ffff8881049b7000, ffff8881049b7078) [ 29.199713] [ 29.201210] The buggy address belongs to the physical page: [ 29.206784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1049b7 [ 29.214783] flags: 0x200000000000000(node=0|zone=2) [ 29.219662] page_type: f5(slab) [ 29.222812] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 29.230558] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.238297] page dumped because: kasan: bad access detected [ 29.243868] [ 29.245360] Memory state around the buggy address: [ 29.250153] ffff8881049b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.257374] ffff8881049b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.264593] >ffff8881049b7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.271819] ^ [ 29.278953] ffff8881049b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.286172] ffff8881049b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.293390] ==================================================================