Date
July 4, 2025, 3:11 p.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 | |
| x86 |
[ 16.819797] ================================================================== [ 16.826377] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.833315] Write of size 1 at addr ffff000800dac973 by task kunit_try_catch/185 [ 16.840691] [ 16.842179] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G N 6.15.5-rc2 #1 PREEMPT [ 16.842233] Tainted: [N]=TEST [ 16.842247] Hardware name: WinLink E850-96 board (DT) [ 16.842269] Call trace: [ 16.842282] show_stack+0x20/0x38 (C) [ 16.842317] dump_stack_lvl+0x8c/0xd0 [ 16.842357] print_report+0x118/0x608 [ 16.842389] kasan_report+0xdc/0x128 [ 16.842419] __asan_report_store1_noabort+0x20/0x30 [ 16.842453] kmalloc_oob_right+0x5a4/0x660 [ 16.842490] kunit_try_run_case+0x170/0x3f0 [ 16.842528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.842567] kthread+0x328/0x630 [ 16.842604] ret_from_fork+0x10/0x20 [ 16.842638] [ 16.903799] Allocated by task 185: [ 16.907188] kasan_save_stack+0x3c/0x68 [ 16.911003] kasan_save_track+0x20/0x40 [ 16.914824] kasan_save_alloc_info+0x40/0x58 [ 16.919075] __kasan_kmalloc+0xd4/0xd8 [ 16.922809] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.927322] kmalloc_oob_right+0xb0/0x660 [ 16.931315] kunit_try_run_case+0x170/0x3f0 [ 16.935482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.940950] kthread+0x328/0x630 [ 16.944162] ret_from_fork+0x10/0x20 [ 16.947721] [ 16.949199] The buggy address belongs to the object at ffff000800dac900 [ 16.949199] which belongs to the cache kmalloc-128 of size 128 [ 16.961700] The buggy address is located 0 bytes to the right of [ 16.961700] allocated 115-byte region [ffff000800dac900, ffff000800dac973) [ 16.974631] [ 16.976110] The buggy address belongs to the physical page: [ 16.981668] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880dac [ 16.989649] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.997289] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.004232] page_type: f5(slab) [ 17.007368] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 17.015088] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.022815] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 17.030625] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.038439] head: 0bfffe0000000001 fffffdffe0036b01 00000000ffffffff 00000000ffffffff [ 17.046251] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.054059] page dumped because: kasan: bad access detected [ 17.059612] [ 17.061087] Memory state around the buggy address: [ 17.065869] ffff000800dac800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.073070] ffff000800dac880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.080279] >ffff000800dac900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.087476] ^ [ 17.094337] ffff000800dac980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.101545] ffff000800daca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.108745] ================================================================== [ 17.121316] ================================================================== [ 17.128452] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 17.135392] Write of size 1 at addr ffff000800dac978 by task kunit_try_catch/185 [ 17.142770] [ 17.144256] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.144310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.144325] Hardware name: WinLink E850-96 board (DT) [ 17.144343] Call trace: [ 17.144357] show_stack+0x20/0x38 (C) [ 17.144390] dump_stack_lvl+0x8c/0xd0 [ 17.144427] print_report+0x118/0x608 [ 17.144457] kasan_report+0xdc/0x128 [ 17.144486] __asan_report_store1_noabort+0x20/0x30 [ 17.144520] kmalloc_oob_right+0x538/0x660 [ 17.144551] kunit_try_run_case+0x170/0x3f0 [ 17.144589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.144628] kthread+0x328/0x630 [ 17.144662] ret_from_fork+0x10/0x20 [ 17.144693] [ 17.207092] Allocated by task 185: [ 17.210481] kasan_save_stack+0x3c/0x68 [ 17.214297] kasan_save_track+0x20/0x40 [ 17.218118] kasan_save_alloc_info+0x40/0x58 [ 17.222370] __kasan_kmalloc+0xd4/0xd8 [ 17.226103] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.230616] kmalloc_oob_right+0xb0/0x660 [ 17.234609] kunit_try_run_case+0x170/0x3f0 [ 17.238776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.244244] kthread+0x328/0x630 [ 17.247456] ret_from_fork+0x10/0x20 [ 17.251015] [ 17.252492] The buggy address belongs to the object at ffff000800dac900 [ 17.252492] which belongs to the cache kmalloc-128 of size 128 [ 17.264991] The buggy address is located 5 bytes to the right of [ 17.264991] allocated 115-byte region [ffff000800dac900, ffff000800dac973) [ 17.277924] [ 17.279404] The buggy address belongs to the physical page: [ 17.284961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880dac [ 17.292943] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.300580] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.307525] page_type: f5(slab) [ 17.310661] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 17.318382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.326108] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 17.333920] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.341733] head: 0bfffe0000000001 fffffdffe0036b01 00000000ffffffff 00000000ffffffff [ 17.349544] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.357350] page dumped because: kasan: bad access detected [ 17.362906] [ 17.364381] Memory state around the buggy address: [ 17.369161] ffff000800dac800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.376365] ffff000800dac880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.383571] >ffff000800dac900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.390770] ^ [ 17.397893] ffff000800dac980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.405098] ffff000800daca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.412299] ================================================================== [ 17.419632] ================================================================== [ 17.426711] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 17.433652] Read of size 1 at addr ffff000800dac980 by task kunit_try_catch/185 [ 17.440943] [ 17.442427] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.442478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.442493] Hardware name: WinLink E850-96 board (DT) [ 17.442510] Call trace: [ 17.442523] show_stack+0x20/0x38 (C) [ 17.442553] dump_stack_lvl+0x8c/0xd0 [ 17.442588] print_report+0x118/0x608 [ 17.442619] kasan_report+0xdc/0x128 [ 17.442649] __asan_report_load1_noabort+0x20/0x30 [ 17.442685] kmalloc_oob_right+0x5d0/0x660 [ 17.442716] kunit_try_run_case+0x170/0x3f0 [ 17.442750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.442785] kthread+0x328/0x630 [ 17.442818] ret_from_fork+0x10/0x20 [ 17.442851] [ 17.505178] Allocated by task 185: [ 17.508565] kasan_save_stack+0x3c/0x68 [ 17.512383] kasan_save_track+0x20/0x40 [ 17.516202] kasan_save_alloc_info+0x40/0x58 [ 17.520456] __kasan_kmalloc+0xd4/0xd8 [ 17.524188] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.528702] kmalloc_oob_right+0xb0/0x660 [ 17.532695] kunit_try_run_case+0x170/0x3f0 [ 17.536861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.542330] kthread+0x328/0x630 [ 17.545542] ret_from_fork+0x10/0x20 [ 17.549101] [ 17.550577] The buggy address belongs to the object at ffff000800dac900 [ 17.550577] which belongs to the cache kmalloc-128 of size 128 [ 17.563077] The buggy address is located 13 bytes to the right of [ 17.563077] allocated 115-byte region [ffff000800dac900, ffff000800dac973) [ 17.576097] [ 17.577576] The buggy address belongs to the physical page: [ 17.583132] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880dac [ 17.591115] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.598753] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.605698] page_type: f5(slab) [ 17.608831] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 17.616555] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.624281] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 17.632094] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.639906] head: 0bfffe0000000001 fffffdffe0036b01 00000000ffffffff 00000000ffffffff [ 17.647717] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.655523] page dumped because: kasan: bad access detected [ 17.661078] [ 17.662554] Memory state around the buggy address: [ 17.667335] ffff000800dac880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.674537] ffff000800dac900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.681743] >ffff000800dac980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.688943] ^ [ 17.692160] ffff000800daca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.699363] ffff000800daca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.706564] ==================================================================
[ 15.205802] ================================================================== [ 15.205840] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 15.205886] Write of size 1 at addr fff00000c637a278 by task kunit_try_catch/141 [ 15.205933] [ 15.205962] CPU: 0 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.206047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.206072] Hardware name: linux,dummy-virt (DT) [ 15.206100] Call trace: [ 15.206122] show_stack+0x20/0x38 (C) [ 15.206167] dump_stack_lvl+0x8c/0xd0 [ 15.206213] print_report+0x118/0x608 [ 15.206273] kasan_report+0xdc/0x128 [ 15.206318] __asan_report_store1_noabort+0x20/0x30 [ 15.206367] kmalloc_oob_right+0x538/0x660 [ 15.206413] kunit_try_run_case+0x170/0x3f0 [ 15.206480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.206532] kthread+0x328/0x630 [ 15.206584] ret_from_fork+0x10/0x20 [ 15.206640] [ 15.206657] Allocated by task 141: [ 15.206682] kasan_save_stack+0x3c/0x68 [ 15.206718] kasan_save_track+0x20/0x40 [ 15.206752] kasan_save_alloc_info+0x40/0x58 [ 15.206788] __kasan_kmalloc+0xd4/0xd8 [ 15.206820] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.206855] kmalloc_oob_right+0xb0/0x660 [ 15.206891] kunit_try_run_case+0x170/0x3f0 [ 15.206927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.206968] kthread+0x328/0x630 [ 15.207001] ret_from_fork+0x10/0x20 [ 15.207035] [ 15.207052] The buggy address belongs to the object at fff00000c637a200 [ 15.207052] which belongs to the cache kmalloc-128 of size 128 [ 15.207105] The buggy address is located 5 bytes to the right of [ 15.207105] allocated 115-byte region [fff00000c637a200, fff00000c637a273) [ 15.207164] [ 15.207183] The buggy address belongs to the physical page: [ 15.207225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.207273] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.207330] page_type: f5(slab) [ 15.207365] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.207411] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.207448] page dumped because: kasan: bad access detected [ 15.207477] [ 15.207494] Memory state around the buggy address: [ 15.207522] fff00000c637a100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.207579] fff00000c637a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207637] >fff00000c637a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.207673] ^ [ 15.207710] fff00000c637a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207757] fff00000c637a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207792] ================================================================== [ 15.196505] ================================================================== [ 15.197535] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 15.199608] Write of size 1 at addr fff00000c637a273 by task kunit_try_catch/141 [ 15.199779] [ 15.200622] CPU: 0 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G N 6.15.5-rc2 #1 PREEMPT [ 15.200785] Tainted: [N]=TEST [ 15.200817] Hardware name: linux,dummy-virt (DT) [ 15.201047] Call trace: [ 15.201219] show_stack+0x20/0x38 (C) [ 15.201353] dump_stack_lvl+0x8c/0xd0 [ 15.201414] print_report+0x118/0x608 [ 15.201458] kasan_report+0xdc/0x128 [ 15.201501] __asan_report_store1_noabort+0x20/0x30 [ 15.201549] kmalloc_oob_right+0x5a4/0x660 [ 15.201595] kunit_try_run_case+0x170/0x3f0 [ 15.201660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.201712] kthread+0x328/0x630 [ 15.201758] ret_from_fork+0x10/0x20 [ 15.201916] [ 15.201959] Allocated by task 141: [ 15.202081] kasan_save_stack+0x3c/0x68 [ 15.202143] kasan_save_track+0x20/0x40 [ 15.202177] kasan_save_alloc_info+0x40/0x58 [ 15.202214] __kasan_kmalloc+0xd4/0xd8 [ 15.202247] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.202284] kmalloc_oob_right+0xb0/0x660 [ 15.202320] kunit_try_run_case+0x170/0x3f0 [ 15.202357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.202398] kthread+0x328/0x630 [ 15.202432] ret_from_fork+0x10/0x20 [ 15.202486] [ 15.202545] The buggy address belongs to the object at fff00000c637a200 [ 15.202545] which belongs to the cache kmalloc-128 of size 128 [ 15.202653] The buggy address is located 0 bytes to the right of [ 15.202653] allocated 115-byte region [fff00000c637a200, fff00000c637a273) [ 15.202724] [ 15.202806] The buggy address belongs to the physical page: [ 15.202982] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.203253] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.203553] page_type: f5(slab) [ 15.203862] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.203926] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.204095] page dumped because: kasan: bad access detected [ 15.204138] [ 15.204163] Memory state around the buggy address: [ 15.204391] fff00000c637a100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.204465] fff00000c637a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.204519] >fff00000c637a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.204570] ^ [ 15.204665] fff00000c637a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.204706] fff00000c637a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.204771] ================================================================== [ 15.208099] ================================================================== [ 15.208268] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 15.208312] Read of size 1 at addr fff00000c637a280 by task kunit_try_catch/141 [ 15.208357] [ 15.208383] CPU: 0 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.208458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.208482] Hardware name: linux,dummy-virt (DT) [ 15.208583] Call trace: [ 15.208625] show_stack+0x20/0x38 (C) [ 15.208685] dump_stack_lvl+0x8c/0xd0 [ 15.208730] print_report+0x118/0x608 [ 15.208773] kasan_report+0xdc/0x128 [ 15.208814] __asan_report_load1_noabort+0x20/0x30 [ 15.208861] kmalloc_oob_right+0x5d0/0x660 [ 15.208918] kunit_try_run_case+0x170/0x3f0 [ 15.208996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.209194] kthread+0x328/0x630 [ 15.209309] ret_from_fork+0x10/0x20 [ 15.209424] [ 15.209502] Allocated by task 141: [ 15.209600] kasan_save_stack+0x3c/0x68 [ 15.209646] kasan_save_track+0x20/0x40 [ 15.209818] kasan_save_alloc_info+0x40/0x58 [ 15.209944] __kasan_kmalloc+0xd4/0xd8 [ 15.210060] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.210216] kmalloc_oob_right+0xb0/0x660 [ 15.210332] kunit_try_run_case+0x170/0x3f0 [ 15.210424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.210544] kthread+0x328/0x630 [ 15.210578] ret_from_fork+0x10/0x20 [ 15.210844] [ 15.210912] The buggy address belongs to the object at fff00000c637a200 [ 15.210912] which belongs to the cache kmalloc-128 of size 128 [ 15.211069] The buggy address is located 13 bytes to the right of [ 15.211069] allocated 115-byte region [fff00000c637a200, fff00000c637a273) [ 15.211197] [ 15.211216] The buggy address belongs to the physical page: [ 15.211244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.211538] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.211718] page_type: f5(slab) [ 15.211890] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.212038] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.212076] page dumped because: kasan: bad access detected [ 15.212105] [ 15.212144] Memory state around the buggy address: [ 15.212173] fff00000c637a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.212214] fff00000c637a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.212255] >fff00000c637a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.212290] ^ [ 15.212315] fff00000c637a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.212354] fff00000c637a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.212389] ==================================================================
[ 13.208939] ================================================================== [ 13.209568] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 13.209988] Write of size 1 at addr ffff8881025fa078 by task kunit_try_catch/157 [ 13.210901] [ 13.211560] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.211671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.211697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.211736] Call Trace: [ 13.211766] <TASK> [ 13.211804] dump_stack_lvl+0x73/0xb0 [ 13.211865] print_report+0xd1/0x650 [ 13.211914] ? __virt_addr_valid+0x1db/0x2d0 [ 13.211944] ? kmalloc_oob_right+0x6bd/0x7f0 [ 13.211968] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.211993] ? kmalloc_oob_right+0x6bd/0x7f0 [ 13.212017] kasan_report+0x141/0x180 [ 13.212042] ? kmalloc_oob_right+0x6bd/0x7f0 [ 13.212102] __asan_report_store1_noabort+0x1b/0x30 [ 13.212125] kmalloc_oob_right+0x6bd/0x7f0 [ 13.212150] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 13.212175] ? __schedule+0x10cc/0x2b60 [ 13.212201] ? __pfx_read_tsc+0x10/0x10 [ 13.212222] ? ktime_get_ts64+0x86/0x230 [ 13.212251] kunit_try_run_case+0x1a5/0x480 [ 13.212278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.212302] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.212328] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.212375] ? __kthread_parkme+0x82/0x180 [ 13.212400] ? preempt_count_sub+0x50/0x80 [ 13.212428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.212454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.212480] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.212504] kthread+0x337/0x6f0 [ 13.212523] ? trace_preempt_on+0x20/0xc0 [ 13.212549] ? __pfx_kthread+0x10/0x10 [ 13.212569] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.212592] ? calculate_sigpending+0x7b/0xa0 [ 13.212616] ? __pfx_kthread+0x10/0x10 [ 13.212635] ret_from_fork+0x41/0x80 [ 13.212658] ? __pfx_kthread+0x10/0x10 [ 13.212677] ret_from_fork_asm+0x1a/0x30 [ 13.212711] </TASK> [ 13.212724] [ 13.224740] Allocated by task 157: [ 13.224954] kasan_save_stack+0x45/0x70 [ 13.225449] kasan_save_track+0x18/0x40 [ 13.225753] kasan_save_alloc_info+0x3b/0x50 [ 13.225960] __kasan_kmalloc+0xb7/0xc0 [ 13.226377] __kmalloc_cache_noprof+0x189/0x420 [ 13.226839] kmalloc_oob_right+0xa9/0x7f0 [ 13.227226] kunit_try_run_case+0x1a5/0x480 [ 13.227450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.227773] kthread+0x337/0x6f0 [ 13.228140] ret_from_fork+0x41/0x80 [ 13.228488] ret_from_fork_asm+0x1a/0x30 [ 13.228783] [ 13.228903] The buggy address belongs to the object at ffff8881025fa000 [ 13.228903] which belongs to the cache kmalloc-128 of size 128 [ 13.229632] The buggy address is located 5 bytes to the right of [ 13.229632] allocated 115-byte region [ffff8881025fa000, ffff8881025fa073) [ 13.230684] [ 13.230871] The buggy address belongs to the physical page: [ 13.231130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fa [ 13.231425] flags: 0x200000000000000(node=0|zone=2) [ 13.231834] page_type: f5(slab) [ 13.232254] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.232805] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.233130] page dumped because: kasan: bad access detected [ 13.233580] [ 13.233837] Memory state around the buggy address: [ 13.234636] ffff8881025f9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.235195] ffff8881025f9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.235571] >ffff8881025fa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.236328] ^ [ 13.236726] ffff8881025fa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.237408] ffff8881025fa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.238006] ================================================================== [ 13.163387] ================================================================== [ 13.165980] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 13.167753] Write of size 1 at addr ffff8881025fa073 by task kunit_try_catch/157 [ 13.168921] [ 13.171481] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.172116] Tainted: [N]=TEST [ 13.172183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.172853] Call Trace: [ 13.173024] <TASK> [ 13.173553] dump_stack_lvl+0x73/0xb0 [ 13.173761] print_report+0xd1/0x650 [ 13.173827] ? __virt_addr_valid+0x1db/0x2d0 [ 13.173880] ? kmalloc_oob_right+0x6f0/0x7f0 [ 13.173926] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.173974] ? kmalloc_oob_right+0x6f0/0x7f0 [ 13.174018] kasan_report+0x141/0x180 [ 13.174060] ? kmalloc_oob_right+0x6f0/0x7f0 [ 13.174149] __asan_report_store1_noabort+0x1b/0x30 [ 13.174189] kmalloc_oob_right+0x6f0/0x7f0 [ 13.174246] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 13.174285] ? __schedule+0x10cc/0x2b60 [ 13.174326] ? __pfx_read_tsc+0x10/0x10 [ 13.174380] ? ktime_get_ts64+0x86/0x230 [ 13.174415] kunit_try_run_case+0x1a5/0x480 [ 13.174448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.174471] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.174499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.174524] ? __kthread_parkme+0x82/0x180 [ 13.174549] ? preempt_count_sub+0x50/0x80 [ 13.174577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.174602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.174626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.174651] kthread+0x337/0x6f0 [ 13.174669] ? trace_preempt_on+0x20/0xc0 [ 13.174695] ? __pfx_kthread+0x10/0x10 [ 13.174715] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.174738] ? calculate_sigpending+0x7b/0xa0 [ 13.174762] ? __pfx_kthread+0x10/0x10 [ 13.174782] ret_from_fork+0x41/0x80 [ 13.174804] ? __pfx_kthread+0x10/0x10 [ 13.174824] ret_from_fork_asm+0x1a/0x30 [ 13.174900] </TASK> [ 13.174987] [ 13.188384] Allocated by task 157: [ 13.188979] kasan_save_stack+0x45/0x70 [ 13.189529] kasan_save_track+0x18/0x40 [ 13.189830] kasan_save_alloc_info+0x3b/0x50 [ 13.190037] __kasan_kmalloc+0xb7/0xc0 [ 13.190634] __kmalloc_cache_noprof+0x189/0x420 [ 13.191004] kmalloc_oob_right+0xa9/0x7f0 [ 13.191757] kunit_try_run_case+0x1a5/0x480 [ 13.192247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.192507] kthread+0x337/0x6f0 [ 13.192822] ret_from_fork+0x41/0x80 [ 13.193150] ret_from_fork_asm+0x1a/0x30 [ 13.193677] [ 13.193827] The buggy address belongs to the object at ffff8881025fa000 [ 13.193827] which belongs to the cache kmalloc-128 of size 128 [ 13.194161] The buggy address is located 0 bytes to the right of [ 13.194161] allocated 115-byte region [ffff8881025fa000, ffff8881025fa073) [ 13.194512] [ 13.194958] The buggy address belongs to the physical page: [ 13.196370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fa [ 13.197470] flags: 0x200000000000000(node=0|zone=2) [ 13.198585] page_type: f5(slab) [ 13.199263] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.199645] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.200229] page dumped because: kasan: bad access detected [ 13.200745] [ 13.201301] Memory state around the buggy address: [ 13.202149] ffff8881025f9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.202980] ffff8881025f9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.203612] >ffff8881025fa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.203995] ^ [ 13.204880] ffff8881025fa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.205552] ffff8881025fa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.206109] ================================================================== [ 13.240157] ================================================================== [ 13.240603] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 13.241075] Read of size 1 at addr ffff8881025fa080 by task kunit_try_catch/157 [ 13.241563] [ 13.241666] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.241728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.241742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.241767] Call Trace: [ 13.241792] <TASK> [ 13.241819] dump_stack_lvl+0x73/0xb0 [ 13.241855] print_report+0xd1/0x650 [ 13.241881] ? __virt_addr_valid+0x1db/0x2d0 [ 13.241908] ? kmalloc_oob_right+0x68a/0x7f0 [ 13.241932] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.241957] ? kmalloc_oob_right+0x68a/0x7f0 [ 13.241982] kasan_report+0x141/0x180 [ 13.242008] ? kmalloc_oob_right+0x68a/0x7f0 [ 13.242037] __asan_report_load1_noabort+0x18/0x20 [ 13.242061] kmalloc_oob_right+0x68a/0x7f0 [ 13.242113] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 13.242152] ? __schedule+0x10cc/0x2b60 [ 13.242195] ? __pfx_read_tsc+0x10/0x10 [ 13.242234] ? ktime_get_ts64+0x86/0x230 [ 13.242284] kunit_try_run_case+0x1a5/0x480 [ 13.242333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.242396] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.242443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.242489] ? __kthread_parkme+0x82/0x180 [ 13.242536] ? preempt_count_sub+0x50/0x80 [ 13.242593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.242643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.242686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.242723] kthread+0x337/0x6f0 [ 13.242752] ? trace_preempt_on+0x20/0xc0 [ 13.242797] ? __pfx_kthread+0x10/0x10 [ 13.242830] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.242874] ? calculate_sigpending+0x7b/0xa0 [ 13.242919] ? __pfx_kthread+0x10/0x10 [ 13.242959] ret_from_fork+0x41/0x80 [ 13.242999] ? __pfx_kthread+0x10/0x10 [ 13.243036] ret_from_fork_asm+0x1a/0x30 [ 13.243098] </TASK> [ 13.243123] [ 13.252172] Allocated by task 157: [ 13.252513] kasan_save_stack+0x45/0x70 [ 13.252733] kasan_save_track+0x18/0x40 [ 13.253104] kasan_save_alloc_info+0x3b/0x50 [ 13.253329] __kasan_kmalloc+0xb7/0xc0 [ 13.253668] __kmalloc_cache_noprof+0x189/0x420 [ 13.253876] kmalloc_oob_right+0xa9/0x7f0 [ 13.254245] kunit_try_run_case+0x1a5/0x480 [ 13.254472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.254842] kthread+0x337/0x6f0 [ 13.255157] ret_from_fork+0x41/0x80 [ 13.255369] ret_from_fork_asm+0x1a/0x30 [ 13.255567] [ 13.255685] The buggy address belongs to the object at ffff8881025fa000 [ 13.255685] which belongs to the cache kmalloc-128 of size 128 [ 13.256215] The buggy address is located 13 bytes to the right of [ 13.256215] allocated 115-byte region [ffff8881025fa000, ffff8881025fa073) [ 13.257148] [ 13.257350] The buggy address belongs to the physical page: [ 13.257622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fa [ 13.258152] flags: 0x200000000000000(node=0|zone=2) [ 13.258560] page_type: f5(slab) [ 13.258828] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.259235] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.259528] page dumped because: kasan: bad access detected [ 13.259748] [ 13.259861] Memory state around the buggy address: [ 13.260094] ffff8881025f9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.260376] ffff8881025fa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.260890] >ffff8881025fa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.261529] ^ [ 13.261840] ffff8881025fa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.262387] ffff8881025fa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.262904] ==================================================================
[ 18.179975] ================================================================== [ 18.187217] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 18.194176] Write of size 1 at addr ffff888102acc278 by task kunit_try_catch/179 [ 18.201570] [ 18.203071] CPU: 3 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.203080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.203082] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 18.203085] Call Trace: [ 18.203087] <TASK> [ 18.203088] dump_stack_lvl+0x73/0xb0 [ 18.203092] print_report+0xd1/0x650 [ 18.203096] ? __virt_addr_valid+0x1db/0x2d0 [ 18.203100] ? kmalloc_oob_right+0x6bd/0x7f0 [ 18.203104] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.203109] ? kmalloc_oob_right+0x6bd/0x7f0 [ 18.203113] kasan_report+0x141/0x180 [ 18.203117] ? kmalloc_oob_right+0x6bd/0x7f0 [ 18.203123] __asan_report_store1_noabort+0x1b/0x30 [ 18.203127] kmalloc_oob_right+0x6bd/0x7f0 [ 18.203131] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 18.203135] ? __schedule+0x10cc/0x2b60 [ 18.203140] ? ktime_get_ts64+0x83/0x230 [ 18.203145] kunit_try_run_case+0x1a2/0x480 [ 18.203149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.203154] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.203158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.203163] ? __kthread_parkme+0x82/0x180 [ 18.203167] ? preempt_count_sub+0x50/0x80 [ 18.203172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.203176] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 18.203181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.203185] kthread+0x334/0x6f0 [ 18.203188] ? trace_preempt_on+0x20/0xc0 [ 18.203192] ? __pfx_kthread+0x10/0x10 [ 18.203195] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.203199] ? calculate_sigpending+0x7b/0xa0 [ 18.203203] ? __pfx_kthread+0x10/0x10 [ 18.203206] ret_from_fork+0x3e/0x80 [ 18.203210] ? __pfx_kthread+0x10/0x10 [ 18.203213] ret_from_fork_asm+0x1a/0x30 [ 18.203219] </TASK> [ 18.203220] [ 18.366168] Allocated by task 179: [ 18.369572] kasan_save_stack+0x45/0x70 [ 18.373412] kasan_save_track+0x18/0x40 [ 18.377253] kasan_save_alloc_info+0x3b/0x50 [ 18.381524] __kasan_kmalloc+0xb7/0xc0 [ 18.385278] __kmalloc_cache_noprof+0x189/0x420 [ 18.389817] kmalloc_oob_right+0xa9/0x7f0 [ 18.393830] kunit_try_run_case+0x1a2/0x480 [ 18.398017] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 18.403417] kthread+0x334/0x6f0 [ 18.406649] ret_from_fork+0x3e/0x80 [ 18.410229] ret_from_fork_asm+0x1a/0x30 [ 18.414155] [ 18.415653] The buggy address belongs to the object at ffff888102acc200 [ 18.415653] which belongs to the cache kmalloc-128 of size 128 [ 18.428161] The buggy address is located 5 bytes to the right of [ 18.428161] allocated 115-byte region [ffff888102acc200, ffff888102acc273) [ 18.441107] [ 18.442606] The buggy address belongs to the physical page: [ 18.448178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102acc [ 18.456180] flags: 0x200000000000000(node=0|zone=2) [ 18.461056] page_type: f5(slab) [ 18.464205] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 18.471956] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.479709] page dumped because: kasan: bad access detected [ 18.485281] [ 18.486781] Memory state around the buggy address: [ 18.491572] ffff888102acc100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.498792] ffff888102acc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.506011] >ffff888102acc200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.513231] ^ [ 18.520364] ffff888102acc280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.527583] ffff888102acc300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.534802] ================================================================== [ 17.813831] ================================================================== [ 17.821062] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 17.828038] Write of size 1 at addr ffff888102acc273 by task kunit_try_catch/179 [ 17.835439] [ 17.836965] CPU: 3 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 17.836973] Tainted: [N]=TEST [ 17.836975] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 17.836979] Call Trace: [ 17.836980] <TASK> [ 17.836983] dump_stack_lvl+0x73/0xb0 [ 17.836988] print_report+0xd1/0x650 [ 17.836993] ? __virt_addr_valid+0x1db/0x2d0 [ 17.836997] ? kmalloc_oob_right+0x6f0/0x7f0 [ 17.837001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.837006] ? kmalloc_oob_right+0x6f0/0x7f0 [ 17.837010] kasan_report+0x141/0x180 [ 17.837015] ? kmalloc_oob_right+0x6f0/0x7f0 [ 17.837020] __asan_report_store1_noabort+0x1b/0x30 [ 17.837024] kmalloc_oob_right+0x6f0/0x7f0 [ 17.837028] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 17.837033] ? __schedule+0x10cc/0x2b60 [ 17.837038] ? ktime_get_ts64+0x83/0x230 [ 17.837043] kunit_try_run_case+0x1a2/0x480 [ 17.837049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.837054] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.837059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.837064] ? __kthread_parkme+0x82/0x180 [ 17.837068] ? preempt_count_sub+0x50/0x80 [ 17.837074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.837078] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 17.837083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.837087] kthread+0x334/0x6f0 [ 17.837090] ? trace_preempt_on+0x20/0xc0 [ 17.837095] ? __pfx_kthread+0x10/0x10 [ 17.837098] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.837102] ? calculate_sigpending+0x7b/0xa0 [ 17.837107] ? __pfx_kthread+0x10/0x10 [ 17.837110] ret_from_fork+0x3e/0x80 [ 17.837115] ? __pfx_kthread+0x10/0x10 [ 17.837118] ret_from_fork_asm+0x1a/0x30 [ 17.837124] </TASK> [ 17.837126] [ 17.998806] Allocated by task 179: [ 18.002213] kasan_save_stack+0x45/0x70 [ 18.006061] kasan_save_track+0x18/0x40 [ 18.009918] kasan_save_alloc_info+0x3b/0x50 [ 18.014197] __kasan_kmalloc+0xb7/0xc0 [ 18.017971] __kmalloc_cache_noprof+0x189/0x420 [ 18.022510] kmalloc_oob_right+0xa9/0x7f0 [ 18.026529] kunit_try_run_case+0x1a2/0x480 [ 18.030716] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 18.036115] kthread+0x334/0x6f0 [ 18.039348] ret_from_fork+0x3e/0x80 [ 18.042929] ret_from_fork_asm+0x1a/0x30 [ 18.046880] [ 18.048380] The buggy address belongs to the object at ffff888102acc200 [ 18.048380] which belongs to the cache kmalloc-128 of size 128 [ 18.060895] The buggy address is located 0 bytes to the right of [ 18.060895] allocated 115-byte region [ffff888102acc200, ffff888102acc273) [ 18.073867] [ 18.075367] The buggy address belongs to the physical page: [ 18.080939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102acc [ 18.088979] flags: 0x200000000000000(node=0|zone=2) [ 18.093862] page_type: f5(slab) [ 18.097011] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 18.104757] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.112504] page dumped because: kasan: bad access detected [ 18.118076] [ 18.119576] Memory state around the buggy address: [ 18.124369] ffff888102acc100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.131587] ffff888102acc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.138806] >ffff888102acc200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.146027] ^ [ 18.152915] ffff888102acc280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.160146] ffff888102acc300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.167372] ================================================================== [ 18.542045] ================================================================== [ 18.549275] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 18.556235] Read of size 1 at addr ffff888102acc280 by task kunit_try_catch/179 [ 18.563550] [ 18.565049] CPU: 3 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 18.565057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.565059] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 18.565062] Call Trace: [ 18.565064] <TASK> [ 18.565065] dump_stack_lvl+0x73/0xb0 [ 18.565069] print_report+0xd1/0x650 [ 18.565073] ? __virt_addr_valid+0x1db/0x2d0 [ 18.565077] ? kmalloc_oob_right+0x68a/0x7f0 [ 18.565081] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.565085] ? kmalloc_oob_right+0x68a/0x7f0 [ 18.565090] kasan_report+0x141/0x180 [ 18.565094] ? kmalloc_oob_right+0x68a/0x7f0 [ 18.565099] __asan_report_load1_noabort+0x18/0x20 [ 18.565103] kmalloc_oob_right+0x68a/0x7f0 [ 18.565107] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 18.565112] ? __schedule+0x10cc/0x2b60 [ 18.565116] ? ktime_get_ts64+0x83/0x230 [ 18.565121] kunit_try_run_case+0x1a2/0x480 [ 18.565125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.565130] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.565134] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.565139] ? __kthread_parkme+0x82/0x180 [ 18.565143] ? preempt_count_sub+0x50/0x80 [ 18.565148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.565152] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 18.565157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.565161] kthread+0x334/0x6f0 [ 18.565164] ? trace_preempt_on+0x20/0xc0 [ 18.565168] ? __pfx_kthread+0x10/0x10 [ 18.565171] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.565175] ? calculate_sigpending+0x7b/0xa0 [ 18.565179] ? __pfx_kthread+0x10/0x10 [ 18.565182] ret_from_fork+0x3e/0x80 [ 18.565186] ? __pfx_kthread+0x10/0x10 [ 18.565189] ret_from_fork_asm+0x1a/0x30 [ 18.565195] </TASK> [ 18.565196] [ 18.727971] Allocated by task 179: [ 18.731378] kasan_save_stack+0x45/0x70 [ 18.735219] kasan_save_track+0x18/0x40 [ 18.739057] kasan_save_alloc_info+0x3b/0x50 [ 18.743331] __kasan_kmalloc+0xb7/0xc0 [ 18.747083] __kmalloc_cache_noprof+0x189/0x420 [ 18.751615] kmalloc_oob_right+0xa9/0x7f0 [ 18.755629] kunit_try_run_case+0x1a2/0x480 [ 18.759823] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 18.765231] kthread+0x334/0x6f0 [ 18.768462] ret_from_fork+0x3e/0x80 [ 18.772041] ret_from_fork_asm+0x1a/0x30 [ 18.775970] [ 18.777468] The buggy address belongs to the object at ffff888102acc200 [ 18.777468] which belongs to the cache kmalloc-128 of size 128 [ 18.789982] The buggy address is located 13 bytes to the right of [ 18.789982] allocated 115-byte region [ffff888102acc200, ffff888102acc273) [ 18.803019] [ 18.804516] The buggy address belongs to the physical page: [ 18.810088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102acc [ 18.818087] flags: 0x200000000000000(node=0|zone=2) [ 18.822967] page_type: f5(slab) [ 18.826115] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 18.833863] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.841610] page dumped because: kasan: bad access detected [ 18.847183] [ 18.848681] Memory state around the buggy address: [ 18.853475] ffff888102acc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.860704] ffff888102acc200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.867932] >ffff888102acc280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.875148] ^ [ 18.878383] ffff888102acc300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.885602] ffff888102acc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.892820] ==================================================================