Date
July 4, 2025, 3:11 p.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 | |
| x86 |
[ 17.715385] ================================================================== [ 17.724711] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 17.731565] Read of size 1 at addr ffff000803af22ff by task kunit_try_catch/187 [ 17.738856] [ 17.740340] CPU: 2 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.740392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.740409] Hardware name: WinLink E850-96 board (DT) [ 17.740429] Call trace: [ 17.740443] show_stack+0x20/0x38 (C) [ 17.740476] dump_stack_lvl+0x8c/0xd0 [ 17.740513] print_report+0x118/0x608 [ 17.740543] kasan_report+0xdc/0x128 [ 17.740575] __asan_report_load1_noabort+0x20/0x30 [ 17.740610] kmalloc_oob_left+0x2ec/0x320 [ 17.740641] kunit_try_run_case+0x170/0x3f0 [ 17.740676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.740711] kthread+0x328/0x630 [ 17.740744] ret_from_fork+0x10/0x20 [ 17.740778] [ 17.803004] Allocated by task 67: [ 17.806305] kasan_save_stack+0x3c/0x68 [ 17.810121] kasan_save_track+0x20/0x40 [ 17.813940] kasan_save_alloc_info+0x40/0x58 [ 17.818194] __kasan_kmalloc+0xd4/0xd8 [ 17.821928] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.827482] kstrdup+0x54/0xc8 [ 17.830520] kstrdup_const+0x48/0x60 [ 17.834079] __kernfs_new_node+0xb0/0x578 [ 17.838072] kernfs_new_node+0x128/0x1a8 [ 17.841979] kernfs_create_link+0xac/0x228 [ 17.846058] sysfs_do_create_link_sd+0x8c/0x128 [ 17.850572] sysfs_create_link+0x48/0xb8 [ 17.854480] bus_add_device+0xf4/0x3a0 [ 17.858211] device_add+0x694/0x12b8 [ 17.861770] cdev_device_add+0xdc/0x208 [ 17.865589] mmc_blk_probe+0xa94/0x1508 [ 17.869409] mmc_bus_probe+0x60/0x88 [ 17.872967] really_probe+0x188/0x7f0 [ 17.876613] __driver_probe_device+0x164/0x378 [ 17.881041] driver_probe_device+0x64/0x180 [ 17.885208] __device_attach_driver+0x174/0x280 [ 17.889721] bus_for_each_drv+0x118/0x1b0 [ 17.893714] __device_attach+0x174/0x378 [ 17.897620] device_initial_probe+0x1c/0x30 [ 17.901787] bus_probe_device+0x12c/0x170 [ 17.905780] device_add+0xc44/0x12b8 [ 17.909339] mmc_add_card+0x304/0x660 [ 17.912984] mmc_attach_mmc+0x290/0x388 [ 17.916805] mmc_rescan+0x5d8/0xc80 [ 17.920276] process_one_work+0x530/0xf98 [ 17.924269] worker_thread+0x618/0xf38 [ 17.928002] kthread+0x328/0x630 [ 17.931214] ret_from_fork+0x10/0x20 [ 17.934772] [ 17.936250] The buggy address belongs to the object at ffff000803af22e0 [ 17.936250] which belongs to the cache kmalloc-16 of size 16 [ 17.948576] The buggy address is located 19 bytes to the right of [ 17.948576] allocated 12-byte region [ffff000803af22e0, ffff000803af22ec) [ 17.961508] [ 17.962987] The buggy address belongs to the physical page: [ 17.968545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883af2 [ 17.976529] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.983037] page_type: f5(slab) [ 17.986173] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 17.993892] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.001613] page dumped because: kasan: bad access detected [ 18.007167] [ 18.008642] Memory state around the buggy address: [ 18.013423] ffff000803af2180: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 05 fc fc [ 18.020627] ffff000803af2200: 00 00 fc fc 00 05 fc fc 00 05 fc fc 00 05 fc fc [ 18.027835] >ffff000803af2280: 00 05 fc fc 00 04 fc fc 00 04 fc fc 00 04 fc fc [ 18.035031] ^ [ 18.042153] ffff000803af2300: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.049358] ffff000803af2380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.056561] ==================================================================
[ 15.228070] ================================================================== [ 15.228128] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 15.228181] Read of size 1 at addr fff00000c627125f by task kunit_try_catch/143 [ 15.228229] [ 15.228262] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.228340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.228365] Hardware name: linux,dummy-virt (DT) [ 15.228394] Call trace: [ 15.228415] show_stack+0x20/0x38 (C) [ 15.228461] dump_stack_lvl+0x8c/0xd0 [ 15.228508] print_report+0x118/0x608 [ 15.228574] kasan_report+0xdc/0x128 [ 15.228619] __asan_report_load1_noabort+0x20/0x30 [ 15.228977] kmalloc_oob_left+0x2ec/0x320 [ 15.229104] kunit_try_run_case+0x170/0x3f0 [ 15.229202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.229543] kthread+0x328/0x630 [ 15.229864] ret_from_fork+0x10/0x20 [ 15.230015] [ 15.230034] Allocated by task 10: [ 15.230138] kasan_save_stack+0x3c/0x68 [ 15.230196] kasan_save_track+0x20/0x40 [ 15.230291] kasan_save_alloc_info+0x40/0x58 [ 15.230418] __kasan_kmalloc+0xd4/0xd8 [ 15.230451] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.230493] kvasprintf+0xe0/0x180 [ 15.230548] __kthread_create_on_node+0x16c/0x350 [ 15.230585] kthread_create_on_node+0xe4/0x130 [ 15.230619] create_worker+0x380/0x6b8 [ 15.230663] worker_thread+0x808/0xf38 [ 15.230947] kthread+0x328/0x630 [ 15.230985] ret_from_fork+0x10/0x20 [ 15.231019] [ 15.231038] The buggy address belongs to the object at fff00000c6271240 [ 15.231038] which belongs to the cache kmalloc-16 of size 16 [ 15.231092] The buggy address is located 19 bytes to the right of [ 15.231092] allocated 12-byte region [fff00000c6271240, fff00000c627124c) [ 15.231314] [ 15.231495] The buggy address belongs to the physical page: [ 15.231542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106271 [ 15.231727] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.231797] page_type: f5(slab) [ 15.231890] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.232037] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.232279] page dumped because: kasan: bad access detected [ 15.232406] [ 15.232494] Memory state around the buggy address: [ 15.232607] fff00000c6271100: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 15.232756] fff00000c6271180: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.232938] >fff00000c6271200: fa fb fc fc fa fb fc fc 00 04 fc fc 00 07 fc fc [ 15.233028] ^ [ 15.233171] fff00000c6271280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233213] fff00000c6271300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233248] ==================================================================
[ 13.270855] ================================================================== [ 13.271473] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 13.272330] Read of size 1 at addr ffff88810231789f by task kunit_try_catch/159 [ 13.272937] [ 13.273111] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.273219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.273242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.273282] Call Trace: [ 13.273306] <TASK> [ 13.273359] dump_stack_lvl+0x73/0xb0 [ 13.273425] print_report+0xd1/0x650 [ 13.273472] ? __virt_addr_valid+0x1db/0x2d0 [ 13.273523] ? kmalloc_oob_left+0x361/0x3c0 [ 13.273566] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.273603] ? kmalloc_oob_left+0x361/0x3c0 [ 13.273638] kasan_report+0x141/0x180 [ 13.273675] ? kmalloc_oob_left+0x361/0x3c0 [ 13.273720] __asan_report_load1_noabort+0x18/0x20 [ 13.273754] kmalloc_oob_left+0x361/0x3c0 [ 13.273789] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 13.273824] ? __schedule+0x10cc/0x2b60 [ 13.273865] ? __pfx_read_tsc+0x10/0x10 [ 13.273900] ? ktime_get_ts64+0x86/0x230 [ 13.273944] kunit_try_run_case+0x1a5/0x480 [ 13.273982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.274013] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.274047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.274640] ? __kthread_parkme+0x82/0x180 [ 13.274732] ? preempt_count_sub+0x50/0x80 [ 13.274845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.274889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.274929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.274967] kthread+0x337/0x6f0 [ 13.274996] ? trace_preempt_on+0x20/0xc0 [ 13.275038] ? __pfx_kthread+0x10/0x10 [ 13.275070] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.275111] ? calculate_sigpending+0x7b/0xa0 [ 13.275154] ? __pfx_kthread+0x10/0x10 [ 13.275194] ret_from_fork+0x41/0x80 [ 13.275239] ? __pfx_kthread+0x10/0x10 [ 13.275280] ret_from_fork_asm+0x1a/0x30 [ 13.275368] </TASK> [ 13.275493] [ 13.288112] Allocated by task 24: [ 13.288360] kasan_save_stack+0x45/0x70 [ 13.288556] kasan_save_track+0x18/0x40 [ 13.288707] kasan_save_alloc_info+0x3b/0x50 [ 13.289109] __kasan_kmalloc+0xb7/0xc0 [ 13.289686] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 13.290581] kvasprintf+0xc5/0x150 [ 13.290932] __kthread_create_on_node+0x18b/0x3a0 [ 13.291482] kthread_create_on_node+0xab/0xe0 [ 13.292095] create_worker+0x3e5/0x7b0 [ 13.292309] worker_thread+0x992/0x1220 [ 13.292503] kthread+0x337/0x6f0 [ 13.293177] ret_from_fork+0x41/0x80 [ 13.293819] ret_from_fork_asm+0x1a/0x30 [ 13.294101] [ 13.294701] The buggy address belongs to the object at ffff888102317880 [ 13.294701] which belongs to the cache kmalloc-16 of size 16 [ 13.295682] The buggy address is located 19 bytes to the right of [ 13.295682] allocated 12-byte region [ffff888102317880, ffff88810231788c) [ 13.297162] [ 13.297420] The buggy address belongs to the physical page: [ 13.297652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102317 [ 13.298568] flags: 0x200000000000000(node=0|zone=2) [ 13.298825] page_type: f5(slab) [ 13.299120] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.299461] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.299793] page dumped because: kasan: bad access detected [ 13.300070] [ 13.300238] Memory state around the buggy address: [ 13.301487] ffff888102317780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.301903] ffff888102317800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.303145] >ffff888102317880: 00 04 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 13.303541] ^ [ 13.303859] ffff888102317900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.304914] ffff888102317980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.305494] ==================================================================
[ 18.900421] ================================================================== [ 18.911392] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 18.918265] Read of size 1 at addr ffff88810496299f by task kunit_try_catch/181 [ 18.925570] [ 18.927072] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.927080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.927082] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 18.927085] Call Trace: [ 18.927087] <TASK> [ 18.927089] dump_stack_lvl+0x73/0xb0 [ 18.927093] print_report+0xd1/0x650 [ 18.927097] ? __virt_addr_valid+0x1db/0x2d0 [ 18.927101] ? kmalloc_oob_left+0x361/0x3c0 [ 18.927105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.927110] ? kmalloc_oob_left+0x361/0x3c0 [ 18.927114] kasan_report+0x141/0x180 [ 18.927118] ? kmalloc_oob_left+0x361/0x3c0 [ 18.927123] __asan_report_load1_noabort+0x18/0x20 [ 18.927127] kmalloc_oob_left+0x361/0x3c0 [ 18.927132] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 18.927136] ? __schedule+0x10cc/0x2b60 [ 18.927140] ? ktime_get_ts64+0x83/0x230 [ 18.927145] kunit_try_run_case+0x1a2/0x480 [ 18.927150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.927154] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.927159] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.927163] ? __kthread_parkme+0x82/0x180 [ 18.927168] ? preempt_count_sub+0x50/0x80 [ 18.927172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.927177] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 18.927181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.927186] kthread+0x334/0x6f0 [ 18.927189] ? trace_preempt_on+0x20/0xc0 [ 18.927193] ? __pfx_kthread+0x10/0x10 [ 18.927196] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.927200] ? calculate_sigpending+0x7b/0xa0 [ 18.927204] ? __pfx_kthread+0x10/0x10 [ 18.927207] ret_from_fork+0x3e/0x80 [ 18.927211] ? __pfx_kthread+0x10/0x10 [ 18.927214] ret_from_fork_asm+0x1a/0x30 [ 18.927220] </TASK> [ 18.927221] [ 19.089604] Allocated by task 25: [ 19.092926] kasan_save_stack+0x45/0x70 [ 19.096815] kasan_save_track+0x18/0x40 [ 19.100653] kasan_save_alloc_info+0x3b/0x50 [ 19.104927] __kasan_kmalloc+0xb7/0xc0 [ 19.108724] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 19.114303] kvasprintf+0xc5/0x150 [ 19.117712] __kthread_create_on_node+0x18b/0x3a0 [ 19.122416] kthread_create_on_node+0xab/0xe0 [ 19.126777] create_worker+0x3e5/0x7b0 [ 19.130528] worker_thread+0x992/0x1220 [ 19.134369] kthread+0x334/0x6f0 [ 19.137601] ret_from_fork+0x3e/0x80 [ 19.141181] ret_from_fork_asm+0x1a/0x30 [ 19.145105] [ 19.146605] The buggy address belongs to the object at ffff888104962980 [ 19.146605] which belongs to the cache kmalloc-16 of size 16 [ 19.158939] The buggy address is located 18 bytes to the right of [ 19.158939] allocated 13-byte region [ffff888104962980, ffff88810496298d) [ 19.171927] [ 19.173471] The buggy address belongs to the physical page: [ 19.179043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104962 [ 19.187045] flags: 0x200000000000000(node=0|zone=2) [ 19.191928] page_type: f5(slab) [ 19.195123] raw: 0200000000000000 ffff888100042640 dead000000000122 0000000000000000 [ 19.202871] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.210610] page dumped because: kasan: bad access detected [ 19.216181] [ 19.217682] Memory state around the buggy address: [ 19.222475] ffff888104962880: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 03 fc fc [ 19.229701] ffff888104962900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.236930] >ffff888104962980: 00 05 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 19.244200] ^ [ 19.248212] ffff888104962a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.255432] ffff888104962a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.262651] ==================================================================