Date
July 4, 2025, 3:11 p.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 |
[ 31.251374] ================================================================== [ 31.260893] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 31.267573] Read of size 1 at addr ffff000801bc80c8 by task kunit_try_catch/256 [ 31.274864] [ 31.276349] CPU: 4 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 31.276407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.276424] Hardware name: WinLink E850-96 board (DT) [ 31.276446] Call trace: [ 31.276460] show_stack+0x20/0x38 (C) [ 31.276494] dump_stack_lvl+0x8c/0xd0 [ 31.276532] print_report+0x118/0x608 [ 31.276563] kasan_report+0xdc/0x128 [ 31.276592] __asan_report_load1_noabort+0x20/0x30 [ 31.276625] kmem_cache_oob+0x344/0x430 [ 31.276657] kunit_try_run_case+0x170/0x3f0 [ 31.276690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.276727] kthread+0x328/0x630 [ 31.276765] ret_from_fork+0x10/0x20 [ 31.276801] [ 31.338839] Allocated by task 256: [ 31.342225] kasan_save_stack+0x3c/0x68 [ 31.346041] kasan_save_track+0x20/0x40 [ 31.349861] kasan_save_alloc_info+0x40/0x58 [ 31.354115] __kasan_slab_alloc+0xa8/0xb0 [ 31.358108] kmem_cache_alloc_noprof+0x10c/0x398 [ 31.362708] kmem_cache_oob+0x12c/0x430 [ 31.366527] kunit_try_run_case+0x170/0x3f0 [ 31.370694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.376163] kthread+0x328/0x630 [ 31.379374] ret_from_fork+0x10/0x20 [ 31.382934] [ 31.384410] The buggy address belongs to the object at ffff000801bc8000 [ 31.384410] which belongs to the cache test_cache of size 200 [ 31.396826] The buggy address is located 0 bytes to the right of [ 31.396826] allocated 200-byte region [ffff000801bc8000, ffff000801bc80c8) [ 31.409756] [ 31.411236] The buggy address belongs to the physical page: [ 31.416791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x881bc8 [ 31.424775] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 31.432414] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 31.439356] page_type: f5(slab) [ 31.442494] raw: 0bfffe0000000040 ffff000801bc6000 dead000000000122 0000000000000000 [ 31.450214] raw: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 31.457940] head: 0bfffe0000000040 ffff000801bc6000 dead000000000122 0000000000000000 [ 31.465752] head: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 31.473564] head: 0bfffe0000000001 fffffdffe006f201 00000000ffffffff 00000000ffffffff [ 31.481376] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 31.489183] page dumped because: kasan: bad access detected [ 31.494737] [ 31.496213] Memory state around the buggy address: [ 31.500995] ffff000801bc7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.508196] ffff000801bc8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.515402] >ffff000801bc8080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 31.522602] ^ [ 31.528161] ffff000801bc8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.535366] ffff000801bc8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.542568] ==================================================================
[ 15.977711] ================================================================== [ 15.977845] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 15.977909] Read of size 1 at addr fff00000c65af0c8 by task kunit_try_catch/212 [ 15.977960] [ 15.978031] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.978170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.978214] Hardware name: linux,dummy-virt (DT) [ 15.978252] Call trace: [ 15.978329] show_stack+0x20/0x38 (C) [ 15.978389] dump_stack_lvl+0x8c/0xd0 [ 15.978438] print_report+0x118/0x608 [ 15.978573] kasan_report+0xdc/0x128 [ 15.980275] __asan_report_load1_noabort+0x20/0x30 [ 15.980341] kmem_cache_oob+0x344/0x430 [ 15.980389] kunit_try_run_case+0x170/0x3f0 [ 15.980441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.980495] kthread+0x328/0x630 [ 15.980541] ret_from_fork+0x10/0x20 [ 15.980589] [ 15.980606] Allocated by task 212: [ 15.980647] kasan_save_stack+0x3c/0x68 [ 15.980686] kasan_save_track+0x20/0x40 [ 15.980720] kasan_save_alloc_info+0x40/0x58 [ 15.980757] __kasan_slab_alloc+0xa8/0xb0 [ 15.980793] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.980831] kmem_cache_oob+0x12c/0x430 [ 15.980869] kunit_try_run_case+0x170/0x3f0 [ 15.980907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.980951] kthread+0x328/0x630 [ 15.980984] ret_from_fork+0x10/0x20 [ 15.981018] [ 15.981036] The buggy address belongs to the object at fff00000c65af000 [ 15.981036] which belongs to the cache test_cache of size 200 [ 15.981091] The buggy address is located 0 bytes to the right of [ 15.981091] allocated 200-byte region [fff00000c65af000, fff00000c65af0c8) [ 15.981155] [ 15.981175] The buggy address belongs to the physical page: [ 15.981205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065af [ 15.981256] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.981303] page_type: f5(slab) [ 15.981341] raw: 0bfffe0000000000 fff00000c590bdc0 dead000000000122 0000000000000000 [ 15.981390] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.981429] page dumped because: kasan: bad access detected [ 15.981459] [ 15.981478] Memory state around the buggy address: [ 15.981508] fff00000c65aef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.981551] fff00000c65af000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.981593] >fff00000c65af080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.981640] ^ [ 15.981676] fff00000c65af100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.981717] fff00000c65af180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.981755] ==================================================================
[ 15.161114] ================================================================== [ 15.161718] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 15.162482] Read of size 1 at addr ffff888102b4e0c8 by task kunit_try_catch/228 [ 15.163252] [ 15.163537] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 15.163644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.163670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.163718] Call Trace: [ 15.163750] <TASK> [ 15.163793] dump_stack_lvl+0x73/0xb0 [ 15.163857] print_report+0xd1/0x650 [ 15.164069] ? __virt_addr_valid+0x1db/0x2d0 [ 15.164123] ? kmem_cache_oob+0x402/0x530 [ 15.164168] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.164218] ? kmem_cache_oob+0x402/0x530 [ 15.164256] kasan_report+0x141/0x180 [ 15.164295] ? kmem_cache_oob+0x402/0x530 [ 15.164444] __asan_report_load1_noabort+0x18/0x20 [ 15.164492] kmem_cache_oob+0x402/0x530 [ 15.164523] ? trace_hardirqs_on+0x37/0xe0 [ 15.164565] ? __pfx_kmem_cache_oob+0x10/0x10 [ 15.164596] ? finish_task_switch.isra.0+0x153/0x700 [ 15.164635] ? __switch_to+0x5d9/0xf60 [ 15.164670] ? dequeue_task_fair+0x166/0x4e0 [ 15.164715] ? __pfx_read_tsc+0x10/0x10 [ 15.164736] ? ktime_get_ts64+0x86/0x230 [ 15.164764] kunit_try_run_case+0x1a5/0x480 [ 15.164791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.164813] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.164839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.164863] ? __kthread_parkme+0x82/0x180 [ 15.164886] ? preempt_count_sub+0x50/0x80 [ 15.164911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.164934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.164958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.164981] kthread+0x337/0x6f0 [ 15.164999] ? trace_preempt_on+0x20/0xc0 [ 15.165037] ? __pfx_kthread+0x10/0x10 [ 15.165059] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.165104] ? calculate_sigpending+0x7b/0xa0 [ 15.165130] ? __pfx_kthread+0x10/0x10 [ 15.165151] ret_from_fork+0x41/0x80 [ 15.165173] ? __pfx_kthread+0x10/0x10 [ 15.165192] ret_from_fork_asm+0x1a/0x30 [ 15.165248] </TASK> [ 15.165269] [ 15.181028] Allocated by task 228: [ 15.181530] kasan_save_stack+0x45/0x70 [ 15.181812] kasan_save_track+0x18/0x40 [ 15.182141] kasan_save_alloc_info+0x3b/0x50 [ 15.183110] __kasan_slab_alloc+0x91/0xa0 [ 15.183358] kmem_cache_alloc_noprof+0x123/0x3f0 [ 15.183555] kmem_cache_oob+0x157/0x530 [ 15.184671] kunit_try_run_case+0x1a5/0x480 [ 15.184990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.185363] kthread+0x337/0x6f0 [ 15.185596] ret_from_fork+0x41/0x80 [ 15.185836] ret_from_fork_asm+0x1a/0x30 [ 15.186073] [ 15.186234] The buggy address belongs to the object at ffff888102b4e000 [ 15.186234] which belongs to the cache test_cache of size 200 [ 15.187406] The buggy address is located 0 bytes to the right of [ 15.187406] allocated 200-byte region [ffff888102b4e000, ffff888102b4e0c8) [ 15.188627] [ 15.188841] The buggy address belongs to the physical page: [ 15.189207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4e [ 15.189792] flags: 0x200000000000000(node=0|zone=2) [ 15.190728] page_type: f5(slab) [ 15.190937] raw: 0200000000000000 ffff888101c20a00 dead000000000122 0000000000000000 [ 15.191608] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.192015] page dumped because: kasan: bad access detected [ 15.192648] [ 15.192930] Memory state around the buggy address: [ 15.193411] ffff888102b4df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.193817] ffff888102b4e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.194564] >ffff888102b4e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.195211] ^ [ 15.195683] ffff888102b4e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.196149] ffff888102b4e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.196639] ==================================================================