Date
July 4, 2025, 3:11 p.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 | |
| x86 |
[ 18.364896] ================================================================== [ 18.374787] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 18.382859] Write of size 1 at addr ffff0008018e6b78 by task kunit_try_catch/191 [ 18.390234] [ 18.391721] CPU: 2 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.391777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.391793] Hardware name: WinLink E850-96 board (DT) [ 18.391815] Call trace: [ 18.391828] show_stack+0x20/0x38 (C) [ 18.391861] dump_stack_lvl+0x8c/0xd0 [ 18.391899] print_report+0x118/0x608 [ 18.391931] kasan_report+0xdc/0x128 [ 18.391961] __asan_report_store1_noabort+0x20/0x30 [ 18.391996] kmalloc_track_caller_oob_right+0x40c/0x488 [ 18.392028] kunit_try_run_case+0x170/0x3f0 [ 18.392063] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.392102] kthread+0x328/0x630 [ 18.392137] ret_from_fork+0x10/0x20 [ 18.392171] [ 18.455686] Allocated by task 191: [ 18.459074] kasan_save_stack+0x3c/0x68 [ 18.462889] kasan_save_track+0x20/0x40 [ 18.466709] kasan_save_alloc_info+0x40/0x58 [ 18.470962] __kasan_kmalloc+0xd4/0xd8 [ 18.474695] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 18.480250] kmalloc_track_caller_oob_right+0xa8/0x488 [ 18.485371] kunit_try_run_case+0x170/0x3f0 [ 18.489538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.495006] kthread+0x328/0x630 [ 18.498219] ret_from_fork+0x10/0x20 [ 18.501778] [ 18.503255] The buggy address belongs to the object at ffff0008018e6b00 [ 18.503255] which belongs to the cache kmalloc-128 of size 128 [ 18.515756] The buggy address is located 0 bytes to the right of [ 18.515756] allocated 120-byte region [ffff0008018e6b00, ffff0008018e6b78) [ 18.528687] [ 18.530166] The buggy address belongs to the physical page: [ 18.535723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8818e6 [ 18.543706] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.551345] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.558289] page_type: f5(slab) [ 18.561426] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 18.569145] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.576871] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 18.584682] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.592495] head: 0bfffe0000000001 fffffdffe0063981 00000000ffffffff 00000000ffffffff [ 18.600307] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.608113] page dumped because: kasan: bad access detected [ 18.613668] [ 18.615144] Memory state around the buggy address: [ 18.619926] ffff0008018e6a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.627127] ffff0008018e6a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.634333] >ffff0008018e6b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.641533] ^ [ 18.648653] ffff0008018e6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.655861] ffff0008018e6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.663061] ==================================================================
[ 15.267646] ================================================================== [ 15.267708] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 15.268001] Write of size 1 at addr fff00000c637a478 by task kunit_try_catch/147 [ 15.268192] [ 15.268258] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.268377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.268413] Hardware name: linux,dummy-virt (DT) [ 15.268463] Call trace: [ 15.268494] show_stack+0x20/0x38 (C) [ 15.268543] dump_stack_lvl+0x8c/0xd0 [ 15.268600] print_report+0x118/0x608 [ 15.268654] kasan_report+0xdc/0x128 [ 15.268707] __asan_report_store1_noabort+0x20/0x30 [ 15.268756] kmalloc_track_caller_oob_right+0x418/0x488 [ 15.268806] kunit_try_run_case+0x170/0x3f0 [ 15.268876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.269120] kthread+0x328/0x630 [ 15.269391] ret_from_fork+0x10/0x20 [ 15.269685] [ 15.269763] Allocated by task 147: [ 15.269895] kasan_save_stack+0x3c/0x68 [ 15.270030] kasan_save_track+0x20/0x40 [ 15.270066] kasan_save_alloc_info+0x40/0x58 [ 15.270283] __kasan_kmalloc+0xd4/0xd8 [ 15.270425] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.270699] kmalloc_track_caller_oob_right+0x184/0x488 [ 15.270873] kunit_try_run_case+0x170/0x3f0 [ 15.271073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.271119] kthread+0x328/0x630 [ 15.271185] ret_from_fork+0x10/0x20 [ 15.271377] [ 15.271461] The buggy address belongs to the object at fff00000c637a400 [ 15.271461] which belongs to the cache kmalloc-128 of size 128 [ 15.271564] The buggy address is located 0 bytes to the right of [ 15.271564] allocated 120-byte region [fff00000c637a400, fff00000c637a478) [ 15.271763] [ 15.271991] The buggy address belongs to the physical page: [ 15.272023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.272233] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.272437] page_type: f5(slab) [ 15.272624] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.272710] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.272873] page dumped because: kasan: bad access detected [ 15.273084] [ 15.273291] Memory state around the buggy address: [ 15.273350] fff00000c637a300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.273498] fff00000c637a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.273651] >fff00000c637a400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.273690] ^ [ 15.273773] fff00000c637a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.273998] fff00000c637a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.274143] ================================================================== [ 15.258862] ================================================================== [ 15.258974] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.259218] Write of size 1 at addr fff00000c637a378 by task kunit_try_catch/147 [ 15.259280] [ 15.259476] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.259572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.259598] Hardware name: linux,dummy-virt (DT) [ 15.259640] Call trace: [ 15.259662] show_stack+0x20/0x38 (C) [ 15.259710] dump_stack_lvl+0x8c/0xd0 [ 15.259757] print_report+0x118/0x608 [ 15.259829] kasan_report+0xdc/0x128 [ 15.259874] __asan_report_store1_noabort+0x20/0x30 [ 15.259922] kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.260311] kunit_try_run_case+0x170/0x3f0 [ 15.260368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.260492] kthread+0x328/0x630 [ 15.260555] ret_from_fork+0x10/0x20 [ 15.260711] [ 15.260836] Allocated by task 147: [ 15.260942] kasan_save_stack+0x3c/0x68 [ 15.261071] kasan_save_track+0x20/0x40 [ 15.261109] kasan_save_alloc_info+0x40/0x58 [ 15.261221] __kasan_kmalloc+0xd4/0xd8 [ 15.261650] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.262116] kmalloc_track_caller_oob_right+0xa8/0x488 [ 15.262213] kunit_try_run_case+0x170/0x3f0 [ 15.262303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.262450] kthread+0x328/0x630 [ 15.262772] ret_from_fork+0x10/0x20 [ 15.262843] [ 15.262928] The buggy address belongs to the object at fff00000c637a300 [ 15.262928] which belongs to the cache kmalloc-128 of size 128 [ 15.263133] The buggy address is located 0 bytes to the right of [ 15.263133] allocated 120-byte region [fff00000c637a300, fff00000c637a378) [ 15.263348] [ 15.263563] The buggy address belongs to the physical page: [ 15.263597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.263810] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.264029] page_type: f5(slab) [ 15.264069] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.264123] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.264161] page dumped because: kasan: bad access detected [ 15.264190] [ 15.264207] Memory state around the buggy address: [ 15.264542] fff00000c637a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.264646] fff00000c637a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264699] >fff00000c637a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.264737] ^ [ 15.264784] fff00000c637a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264826] fff00000c637a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264872] ==================================================================
[ 13.355630] ================================================================== [ 13.356137] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 13.357043] Write of size 1 at addr ffff8881029e5378 by task kunit_try_catch/163 [ 13.357780] [ 13.358032] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 13.358132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.358511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.358548] Call Trace: [ 13.358576] <TASK> [ 13.358608] dump_stack_lvl+0x73/0xb0 [ 13.358648] print_report+0xd1/0x650 [ 13.358674] ? __virt_addr_valid+0x1db/0x2d0 [ 13.358699] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 13.358720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.358743] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 13.358765] kasan_report+0x141/0x180 [ 13.358788] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 13.358815] __asan_report_store1_noabort+0x1b/0x30 [ 13.358836] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 13.358858] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 13.358881] ? __schedule+0x10cc/0x2b60 [ 13.358905] ? __pfx_read_tsc+0x10/0x10 [ 13.358926] ? ktime_get_ts64+0x86/0x230 [ 13.358954] kunit_try_run_case+0x1a5/0x480 [ 13.358980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.359002] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.359027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.359051] ? __kthread_parkme+0x82/0x180 [ 13.359094] ? preempt_count_sub+0x50/0x80 [ 13.359122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.359145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.359169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.359192] kthread+0x337/0x6f0 [ 13.359235] ? trace_preempt_on+0x20/0xc0 [ 13.359287] ? __pfx_kthread+0x10/0x10 [ 13.359320] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.359368] ? calculate_sigpending+0x7b/0xa0 [ 13.359393] ? __pfx_kthread+0x10/0x10 [ 13.359413] ret_from_fork+0x41/0x80 [ 13.359436] ? __pfx_kthread+0x10/0x10 [ 13.359456] ret_from_fork_asm+0x1a/0x30 [ 13.359490] </TASK> [ 13.359503] [ 13.370625] Allocated by task 163: [ 13.370821] kasan_save_stack+0x45/0x70 [ 13.371548] kasan_save_track+0x18/0x40 [ 13.371908] kasan_save_alloc_info+0x3b/0x50 [ 13.372488] __kasan_kmalloc+0xb7/0xc0 [ 13.372839] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 13.373556] kmalloc_track_caller_oob_right+0x99/0x520 [ 13.373963] kunit_try_run_case+0x1a5/0x480 [ 13.374575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.374909] kthread+0x337/0x6f0 [ 13.375460] ret_from_fork+0x41/0x80 [ 13.375738] ret_from_fork_asm+0x1a/0x30 [ 13.375993] [ 13.376170] The buggy address belongs to the object at ffff8881029e5300 [ 13.376170] which belongs to the cache kmalloc-128 of size 128 [ 13.377103] The buggy address is located 0 bytes to the right of [ 13.377103] allocated 120-byte region [ffff8881029e5300, ffff8881029e5378) [ 13.378480] [ 13.378683] The buggy address belongs to the physical page: [ 13.378997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 13.379694] flags: 0x200000000000000(node=0|zone=2) [ 13.380169] page_type: f5(slab) [ 13.380679] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.381100] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.381834] page dumped because: kasan: bad access detected [ 13.382108] [ 13.382555] Memory state around the buggy address: [ 13.382979] ffff8881029e5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.383579] ffff8881029e5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.384040] >ffff8881029e5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.384694] ^ [ 13.385049] ffff8881029e5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.385475] ffff8881029e5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.386058] ==================================================================
[ 19.675394] ================================================================== [ 19.686805] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 19.694890] Write of size 1 at addr ffff8881043d8e78 by task kunit_try_catch/185 [ 19.702308] [ 19.703809] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 19.703817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.703819] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 19.703823] Call Trace: [ 19.703824] <TASK> [ 19.703826] dump_stack_lvl+0x73/0xb0 [ 19.703830] print_report+0xd1/0x650 [ 19.703834] ? __virt_addr_valid+0x1db/0x2d0 [ 19.703838] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 19.703842] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.703846] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 19.703850] kasan_report+0x141/0x180 [ 19.703855] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 19.703860] __asan_report_store1_noabort+0x1b/0x30 [ 19.703864] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 19.703868] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 19.703872] ? __schedule+0x10cc/0x2b60 [ 19.703876] ? ktime_get_ts64+0x83/0x230 [ 19.703881] kunit_try_run_case+0x1a2/0x480 [ 19.703886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.703890] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.703895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.703916] ? __kthread_parkme+0x82/0x180 [ 19.703920] ? preempt_count_sub+0x50/0x80 [ 19.703925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.703930] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 19.703934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.703939] kthread+0x334/0x6f0 [ 19.703954] ? trace_preempt_on+0x20/0xc0 [ 19.703959] ? __pfx_kthread+0x10/0x10 [ 19.703962] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.703966] ? calculate_sigpending+0x7b/0xa0 [ 19.703970] ? __pfx_kthread+0x10/0x10 [ 19.703973] ret_from_fork+0x3e/0x80 [ 19.703977] ? __pfx_kthread+0x10/0x10 [ 19.703980] ret_from_fork_asm+0x1a/0x30 [ 19.703986] </TASK> [ 19.703987] [ 19.872529] Allocated by task 185: [ 19.875937] kasan_save_stack+0x45/0x70 [ 19.879802] kasan_save_track+0x18/0x40 [ 19.883640] kasan_save_alloc_info+0x3b/0x50 [ 19.887933] __kasan_kmalloc+0xb7/0xc0 [ 19.891683] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 19.897256] kmalloc_track_caller_oob_right+0x99/0x520 [ 19.902397] kunit_try_run_case+0x1a2/0x480 [ 19.906590] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 19.911989] kthread+0x334/0x6f0 [ 19.915224] ret_from_fork+0x3e/0x80 [ 19.918809] ret_from_fork_asm+0x1a/0x30 [ 19.922737] [ 19.924236] The buggy address belongs to the object at ffff8881043d8e00 [ 19.924236] which belongs to the cache kmalloc-128 of size 128 [ 19.936741] The buggy address is located 0 bytes to the right of [ 19.936741] allocated 120-byte region [ffff8881043d8e00, ffff8881043d8e78) [ 19.949690] [ 19.951189] The buggy address belongs to the physical page: [ 19.956762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1043d8 [ 19.964768] flags: 0x200000000000000(node=0|zone=2) [ 19.969651] page_type: f5(slab) [ 19.972797] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 19.980545] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.988292] page dumped because: kasan: bad access detected [ 19.993864] [ 19.995362] Memory state around the buggy address: [ 20.000156] ffff8881043d8d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.007375] ffff8881043d8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.014594] >ffff8881043d8e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.021812] ^ [ 20.028958] ffff8881043d8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.036182] ffff8881043d8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.043403] ==================================================================