Date
July 4, 2025, 3:11 p.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 |
[ 29.189412] ================================================================== [ 29.196500] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 29.203874] Read of size 1 at addr ffff000800daca7f by task kunit_try_catch/243 [ 29.211167] [ 29.212651] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 29.212700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.212712] Hardware name: WinLink E850-96 board (DT) [ 29.212732] Call trace: [ 29.212746] show_stack+0x20/0x38 (C) [ 29.212780] dump_stack_lvl+0x8c/0xd0 [ 29.212817] print_report+0x118/0x608 [ 29.212846] kasan_report+0xdc/0x128 [ 29.212875] __asan_report_load1_noabort+0x20/0x30 [ 29.212911] ksize_unpoisons_memory+0x690/0x740 [ 29.212945] kunit_try_run_case+0x170/0x3f0 [ 29.212980] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.213017] kthread+0x328/0x630 [ 29.213050] ret_from_fork+0x10/0x20 [ 29.213085] [ 29.275834] Allocated by task 243: [ 29.279224] kasan_save_stack+0x3c/0x68 [ 29.283039] kasan_save_track+0x20/0x40 [ 29.286858] kasan_save_alloc_info+0x40/0x58 [ 29.291112] __kasan_kmalloc+0xd4/0xd8 [ 29.294845] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.299358] ksize_unpoisons_memory+0xc0/0x740 [ 29.303785] kunit_try_run_case+0x170/0x3f0 [ 29.307952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.313424] kthread+0x328/0x630 [ 29.316633] ret_from_fork+0x10/0x20 [ 29.320191] [ 29.321667] The buggy address belongs to the object at ffff000800daca00 [ 29.321667] which belongs to the cache kmalloc-128 of size 128 [ 29.334169] The buggy address is located 12 bytes to the right of [ 29.334169] allocated 115-byte region [ffff000800daca00, ffff000800daca73) [ 29.347188] [ 29.348664] The buggy address belongs to the physical page: [ 29.354222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880dac [ 29.362206] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 29.369845] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 29.376790] page_type: f5(slab) [ 29.379926] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 29.387645] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.395372] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 29.403183] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.410996] head: 0bfffe0000000001 fffffdffe0036b01 00000000ffffffff 00000000ffffffff [ 29.418808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 29.426613] page dumped because: kasan: bad access detected [ 29.432169] [ 29.433645] Memory state around the buggy address: [ 29.438426] ffff000800dac900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.445628] ffff000800dac980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.452834] >ffff000800daca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 29.460033] ^ [ 29.467155] ffff000800daca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.474360] ffff000800dacb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.481561] ================================================================== [ 28.588260] ================================================================== [ 28.597987] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 28.605361] Read of size 1 at addr ffff000800daca73 by task kunit_try_catch/243 [ 28.612650] [ 28.614137] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 28.614193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.614209] Hardware name: WinLink E850-96 board (DT) [ 28.614231] Call trace: [ 28.614244] show_stack+0x20/0x38 (C) [ 28.614283] dump_stack_lvl+0x8c/0xd0 [ 28.614321] print_report+0x118/0x608 [ 28.614350] kasan_report+0xdc/0x128 [ 28.614380] __asan_report_load1_noabort+0x20/0x30 [ 28.614417] ksize_unpoisons_memory+0x628/0x740 [ 28.614454] kunit_try_run_case+0x170/0x3f0 [ 28.614492] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.614532] kthread+0x328/0x630 [ 28.614566] ret_from_fork+0x10/0x20 [ 28.614600] [ 28.677321] Allocated by task 243: [ 28.680708] kasan_save_stack+0x3c/0x68 [ 28.684524] kasan_save_track+0x20/0x40 [ 28.688343] kasan_save_alloc_info+0x40/0x58 [ 28.692597] __kasan_kmalloc+0xd4/0xd8 [ 28.696329] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.700844] ksize_unpoisons_memory+0xc0/0x740 [ 28.705270] kunit_try_run_case+0x170/0x3f0 [ 28.709437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.714907] kthread+0x328/0x630 [ 28.718117] ret_from_fork+0x10/0x20 [ 28.721676] [ 28.723154] The buggy address belongs to the object at ffff000800daca00 [ 28.723154] which belongs to the cache kmalloc-128 of size 128 [ 28.735655] The buggy address is located 0 bytes to the right of [ 28.735655] allocated 115-byte region [ffff000800daca00, ffff000800daca73) [ 28.748586] [ 28.750064] The buggy address belongs to the physical page: [ 28.755622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880dac [ 28.763605] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 28.771243] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 28.778187] page_type: f5(slab) [ 28.781325] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 28.789044] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.796770] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 28.804581] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.812394] head: 0bfffe0000000001 fffffdffe0036b01 00000000ffffffff 00000000ffffffff [ 28.820206] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 28.828011] page dumped because: kasan: bad access detected [ 28.833567] [ 28.835042] Memory state around the buggy address: [ 28.839826] ffff000800dac900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.847027] ffff000800dac980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.854232] >ffff000800daca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.861431] ^ [ 28.868292] ffff000800daca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.875498] ffff000800dacb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.882701] ================================================================== [ 28.890269] ================================================================== [ 28.897113] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 28.904487] Read of size 1 at addr ffff000800daca78 by task kunit_try_catch/243 [ 28.911778] [ 28.913262] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 28.913316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.913331] Hardware name: WinLink E850-96 board (DT) [ 28.913353] Call trace: [ 28.913367] show_stack+0x20/0x38 (C) [ 28.913402] dump_stack_lvl+0x8c/0xd0 [ 28.913437] print_report+0x118/0x608 [ 28.913466] kasan_report+0xdc/0x128 [ 28.913497] __asan_report_load1_noabort+0x20/0x30 [ 28.913531] ksize_unpoisons_memory+0x618/0x740 [ 28.913566] kunit_try_run_case+0x170/0x3f0 [ 28.913603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.913639] kthread+0x328/0x630 [ 28.913676] ret_from_fork+0x10/0x20 [ 28.913710] [ 28.976447] Allocated by task 243: [ 28.979836] kasan_save_stack+0x3c/0x68 [ 28.983651] kasan_save_track+0x20/0x40 [ 28.987471] kasan_save_alloc_info+0x40/0x58 [ 28.991724] __kasan_kmalloc+0xd4/0xd8 [ 28.995457] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.999971] ksize_unpoisons_memory+0xc0/0x740 [ 29.004398] kunit_try_run_case+0x170/0x3f0 [ 29.008564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.014035] kthread+0x328/0x630 [ 29.017245] ret_from_fork+0x10/0x20 [ 29.020804] [ 29.022279] The buggy address belongs to the object at ffff000800daca00 [ 29.022279] which belongs to the cache kmalloc-128 of size 128 [ 29.034779] The buggy address is located 5 bytes to the right of [ 29.034779] allocated 115-byte region [ffff000800daca00, ffff000800daca73) [ 29.047713] [ 29.049190] The buggy address belongs to the physical page: [ 29.054748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880dac [ 29.062732] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 29.070371] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 29.077315] page_type: f5(slab) [ 29.080451] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 29.088171] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.095897] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000 [ 29.103708] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.111522] head: 0bfffe0000000001 fffffdffe0036b01 00000000ffffffff 00000000ffffffff [ 29.119333] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 29.127139] page dumped because: kasan: bad access detected [ 29.132693] [ 29.134170] Memory state around the buggy address: [ 29.138952] ffff000800dac900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.146153] ffff000800dac980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.153359] >ffff000800daca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 29.160559] ^ [ 29.167681] ffff000800daca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.174885] ffff000800dacb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.182086] ==================================================================
[ 15.747736] ================================================================== [ 15.747795] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 15.748220] Read of size 1 at addr fff00000c637ab73 by task kunit_try_catch/199 [ 15.748354] [ 15.748388] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.748797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.748876] Hardware name: linux,dummy-virt (DT) [ 15.749034] Call trace: [ 15.749091] show_stack+0x20/0x38 (C) [ 15.749217] dump_stack_lvl+0x8c/0xd0 [ 15.749270] print_report+0x118/0x608 [ 15.749571] kasan_report+0xdc/0x128 [ 15.749704] __asan_report_load1_noabort+0x20/0x30 [ 15.749762] ksize_unpoisons_memory+0x628/0x740 [ 15.750084] kunit_try_run_case+0x170/0x3f0 [ 15.750256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.750799] kthread+0x328/0x630 [ 15.751034] ret_from_fork+0x10/0x20 [ 15.751092] [ 15.751110] Allocated by task 199: [ 15.751425] kasan_save_stack+0x3c/0x68 [ 15.751546] kasan_save_track+0x20/0x40 [ 15.751984] kasan_save_alloc_info+0x40/0x58 [ 15.752087] __kasan_kmalloc+0xd4/0xd8 [ 15.752175] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.752258] ksize_unpoisons_memory+0xc0/0x740 [ 15.752648] kunit_try_run_case+0x170/0x3f0 [ 15.752754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.752845] kthread+0x328/0x630 [ 15.752947] ret_from_fork+0x10/0x20 [ 15.752983] [ 15.753394] The buggy address belongs to the object at fff00000c637ab00 [ 15.753394] which belongs to the cache kmalloc-128 of size 128 [ 15.753553] The buggy address is located 0 bytes to the right of [ 15.753553] allocated 115-byte region [fff00000c637ab00, fff00000c637ab73) [ 15.753928] [ 15.753971] The buggy address belongs to the physical page: [ 15.754025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.754324] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.754673] page_type: f5(slab) [ 15.754765] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.754865] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.754944] page dumped because: kasan: bad access detected [ 15.755277] [ 15.755406] Memory state around the buggy address: [ 15.755461] fff00000c637aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.755722] fff00000c637aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.756004] >fff00000c637ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.756265] ^ [ 15.756640] fff00000c637ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.756836] fff00000c637ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.757120] ================================================================== [ 15.760100] ================================================================== [ 15.760396] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 15.760482] Read of size 1 at addr fff00000c637ab78 by task kunit_try_catch/199 [ 15.760650] [ 15.760739] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.760976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.761067] Hardware name: linux,dummy-virt (DT) [ 15.761163] Call trace: [ 15.761185] show_stack+0x20/0x38 (C) [ 15.761262] dump_stack_lvl+0x8c/0xd0 [ 15.761505] print_report+0x118/0x608 [ 15.761811] kasan_report+0xdc/0x128 [ 15.761941] __asan_report_load1_noabort+0x20/0x30 [ 15.762174] ksize_unpoisons_memory+0x618/0x740 [ 15.762382] kunit_try_run_case+0x170/0x3f0 [ 15.762436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.762518] kthread+0x328/0x630 [ 15.762563] ret_from_fork+0x10/0x20 [ 15.762726] [ 15.762749] Allocated by task 199: [ 15.762779] kasan_save_stack+0x3c/0x68 [ 15.762831] kasan_save_track+0x20/0x40 [ 15.762867] kasan_save_alloc_info+0x40/0x58 [ 15.762917] __kasan_kmalloc+0xd4/0xd8 [ 15.762950] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.762985] ksize_unpoisons_memory+0xc0/0x740 [ 15.763033] kunit_try_run_case+0x170/0x3f0 [ 15.763081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.763135] kthread+0x328/0x630 [ 15.763170] ret_from_fork+0x10/0x20 [ 15.763204] [ 15.763222] The buggy address belongs to the object at fff00000c637ab00 [ 15.763222] which belongs to the cache kmalloc-128 of size 128 [ 15.763278] The buggy address is located 5 bytes to the right of [ 15.763278] allocated 115-byte region [fff00000c637ab00, fff00000c637ab73) [ 15.763363] [ 15.763383] The buggy address belongs to the physical page: [ 15.763422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.763474] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.763522] page_type: f5(slab) [ 15.763569] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.763788] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.763924] page dumped because: kasan: bad access detected [ 15.764398] [ 15.764415] Memory state around the buggy address: [ 15.764449] fff00000c637aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.764494] fff00000c637aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.764706] >fff00000c637ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.764794] ^ [ 15.764997] fff00000c637ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.765060] fff00000c637ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.765230] ================================================================== [ 15.766130] ================================================================== [ 15.766179] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 15.766577] Read of size 1 at addr fff00000c637ab7f by task kunit_try_catch/199 [ 15.766681] [ 15.766742] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.766823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.766850] Hardware name: linux,dummy-virt (DT) [ 15.766944] Call trace: [ 15.767014] show_stack+0x20/0x38 (C) [ 15.767066] dump_stack_lvl+0x8c/0xd0 [ 15.767359] print_report+0x118/0x608 [ 15.767421] kasan_report+0xdc/0x128 [ 15.767465] __asan_report_load1_noabort+0x20/0x30 [ 15.767656] ksize_unpoisons_memory+0x690/0x740 [ 15.767749] kunit_try_run_case+0x170/0x3f0 [ 15.767860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.768003] kthread+0x328/0x630 [ 15.768121] ret_from_fork+0x10/0x20 [ 15.768353] [ 15.768374] Allocated by task 199: [ 15.768403] kasan_save_stack+0x3c/0x68 [ 15.768481] kasan_save_track+0x20/0x40 [ 15.768538] kasan_save_alloc_info+0x40/0x58 [ 15.768715] __kasan_kmalloc+0xd4/0xd8 [ 15.768860] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.768964] ksize_unpoisons_memory+0xc0/0x740 [ 15.769061] kunit_try_run_case+0x170/0x3f0 [ 15.769149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.769238] kthread+0x328/0x630 [ 15.769383] ret_from_fork+0x10/0x20 [ 15.769453] [ 15.769479] The buggy address belongs to the object at fff00000c637ab00 [ 15.769479] which belongs to the cache kmalloc-128 of size 128 [ 15.769793] The buggy address is located 12 bytes to the right of [ 15.769793] allocated 115-byte region [fff00000c637ab00, fff00000c637ab73) [ 15.769933] [ 15.770039] The buggy address belongs to the physical page: [ 15.770125] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.770261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.770445] page_type: f5(slab) [ 15.770518] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.770583] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.770953] page dumped because: kasan: bad access detected [ 15.771049] [ 15.771272] Memory state around the buggy address: [ 15.771453] fff00000c637aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.771533] fff00000c637aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.771607] >fff00000c637ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.771870] ^ [ 15.771951] fff00000c637ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.772059] fff00000c637ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.772186] ==================================================================
[ 14.826978] ================================================================== [ 14.827280] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.827606] Read of size 1 at addr ffff8881029e5a78 by task kunit_try_catch/215 [ 14.828231] [ 14.828585] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.828683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.828709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.828775] Call Trace: [ 14.828822] <TASK> [ 14.828865] dump_stack_lvl+0x73/0xb0 [ 14.828925] print_report+0xd1/0x650 [ 14.828974] ? __virt_addr_valid+0x1db/0x2d0 [ 14.829055] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.829105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.829154] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.829198] kasan_report+0x141/0x180 [ 14.829405] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.829468] __asan_report_load1_noabort+0x18/0x20 [ 14.829507] ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.829552] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.829591] ? finish_task_switch.isra.0+0x153/0x700 [ 14.829640] ? __switch_to+0x5d9/0xf60 [ 14.829682] ? dequeue_task_fair+0x166/0x4e0 [ 14.829751] ? __schedule+0x10cc/0x2b60 [ 14.829800] ? __pfx_read_tsc+0x10/0x10 [ 14.829843] ? ktime_get_ts64+0x86/0x230 [ 14.829885] kunit_try_run_case+0x1a5/0x480 [ 14.829914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.829937] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.829965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.829990] ? __kthread_parkme+0x82/0x180 [ 14.830018] ? preempt_count_sub+0x50/0x80 [ 14.830061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.830100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.830144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.830190] kthread+0x337/0x6f0 [ 14.830377] ? trace_preempt_on+0x20/0xc0 [ 14.830435] ? __pfx_kthread+0x10/0x10 [ 14.830476] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.830522] ? calculate_sigpending+0x7b/0xa0 [ 14.830595] ? __pfx_kthread+0x10/0x10 [ 14.830635] ret_from_fork+0x41/0x80 [ 14.830679] ? __pfx_kthread+0x10/0x10 [ 14.830713] ret_from_fork_asm+0x1a/0x30 [ 14.830765] </TASK> [ 14.830780] [ 14.843385] Allocated by task 215: [ 14.843744] kasan_save_stack+0x45/0x70 [ 14.844024] kasan_save_track+0x18/0x40 [ 14.844214] kasan_save_alloc_info+0x3b/0x50 [ 14.844428] __kasan_kmalloc+0xb7/0xc0 [ 14.844981] __kmalloc_cache_noprof+0x189/0x420 [ 14.845469] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.845864] kunit_try_run_case+0x1a5/0x480 [ 14.846412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.847466] kthread+0x337/0x6f0 [ 14.847671] ret_from_fork+0x41/0x80 [ 14.847860] ret_from_fork_asm+0x1a/0x30 [ 14.848300] [ 14.848652] The buggy address belongs to the object at ffff8881029e5a00 [ 14.848652] which belongs to the cache kmalloc-128 of size 128 [ 14.849573] The buggy address is located 5 bytes to the right of [ 14.849573] allocated 115-byte region [ffff8881029e5a00, ffff8881029e5a73) [ 14.851039] [ 14.851180] The buggy address belongs to the physical page: [ 14.851462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 14.852304] flags: 0x200000000000000(node=0|zone=2) [ 14.853281] page_type: f5(slab) [ 14.853485] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.854400] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.854782] page dumped because: kasan: bad access detected [ 14.855657] [ 14.855814] Memory state around the buggy address: [ 14.856046] ffff8881029e5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.856933] ffff8881029e5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.858073] >ffff8881029e5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.858671] ^ [ 14.859149] ffff8881029e5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.859648] ffff8881029e5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.860060] ================================================================== [ 14.792974] ================================================================== [ 14.793926] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 14.794956] Read of size 1 at addr ffff8881029e5a73 by task kunit_try_catch/215 [ 14.795703] [ 14.796164] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.796269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.796292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.796330] Call Trace: [ 14.796370] <TASK> [ 14.796399] dump_stack_lvl+0x73/0xb0 [ 14.796439] print_report+0xd1/0x650 [ 14.796466] ? __virt_addr_valid+0x1db/0x2d0 [ 14.796493] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 14.796514] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.796537] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 14.796558] kasan_report+0x141/0x180 [ 14.796582] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 14.796608] __asan_report_load1_noabort+0x18/0x20 [ 14.796630] ksize_unpoisons_memory+0x81c/0x9b0 [ 14.796651] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.796671] ? finish_task_switch.isra.0+0x153/0x700 [ 14.796697] ? __switch_to+0x5d9/0xf60 [ 14.796720] ? dequeue_task_fair+0x166/0x4e0 [ 14.796745] ? __schedule+0x10cc/0x2b60 [ 14.796769] ? __pfx_read_tsc+0x10/0x10 [ 14.796790] ? ktime_get_ts64+0x86/0x230 [ 14.796818] kunit_try_run_case+0x1a5/0x480 [ 14.796846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.796868] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.796893] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.796917] ? __kthread_parkme+0x82/0x180 [ 14.796941] ? preempt_count_sub+0x50/0x80 [ 14.796966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.796989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.797023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.797052] kthread+0x337/0x6f0 [ 14.797088] ? trace_preempt_on+0x20/0xc0 [ 14.797116] ? __pfx_kthread+0x10/0x10 [ 14.797136] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.797159] ? calculate_sigpending+0x7b/0xa0 [ 14.797183] ? __pfx_kthread+0x10/0x10 [ 14.797207] ret_from_fork+0x41/0x80 [ 14.797244] ? __pfx_kthread+0x10/0x10 [ 14.797278] ret_from_fork_asm+0x1a/0x30 [ 14.797314] </TASK> [ 14.797328] [ 14.810638] Allocated by task 215: [ 14.810869] kasan_save_stack+0x45/0x70 [ 14.811814] kasan_save_track+0x18/0x40 [ 14.812152] kasan_save_alloc_info+0x3b/0x50 [ 14.812392] __kasan_kmalloc+0xb7/0xc0 [ 14.812712] __kmalloc_cache_noprof+0x189/0x420 [ 14.813324] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.813578] kunit_try_run_case+0x1a5/0x480 [ 14.813789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.814084] kthread+0x337/0x6f0 [ 14.814575] ret_from_fork+0x41/0x80 [ 14.814916] ret_from_fork_asm+0x1a/0x30 [ 14.815411] [ 14.815721] The buggy address belongs to the object at ffff8881029e5a00 [ 14.815721] which belongs to the cache kmalloc-128 of size 128 [ 14.817043] The buggy address is located 0 bytes to the right of [ 14.817043] allocated 115-byte region [ffff8881029e5a00, ffff8881029e5a73) [ 14.818069] [ 14.818227] The buggy address belongs to the physical page: [ 14.818636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 14.818941] flags: 0x200000000000000(node=0|zone=2) [ 14.819469] page_type: f5(slab) [ 14.819780] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.820379] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.820826] page dumped because: kasan: bad access detected [ 14.821068] [ 14.821181] Memory state around the buggy address: [ 14.821616] ffff8881029e5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.822482] ffff8881029e5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.823035] >ffff8881029e5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.823774] ^ [ 14.824136] ffff8881029e5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.824515] ffff8881029e5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.825681] ================================================================== [ 14.861416] ================================================================== [ 14.862390] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.862868] Read of size 1 at addr ffff8881029e5a7f by task kunit_try_catch/215 [ 14.863771] [ 14.864374] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 14.864445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.864460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.864484] Call Trace: [ 14.864511] <TASK> [ 14.864540] dump_stack_lvl+0x73/0xb0 [ 14.864579] print_report+0xd1/0x650 [ 14.864605] ? __virt_addr_valid+0x1db/0x2d0 [ 14.864629] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.864650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.864673] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.864694] kasan_report+0x141/0x180 [ 14.864717] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.864743] __asan_report_load1_noabort+0x18/0x20 [ 14.864764] ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.864786] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.864805] ? finish_task_switch.isra.0+0x153/0x700 [ 14.864829] ? __switch_to+0x5d9/0xf60 [ 14.864851] ? dequeue_task_fair+0x166/0x4e0 [ 14.864876] ? __schedule+0x10cc/0x2b60 [ 14.864899] ? __pfx_read_tsc+0x10/0x10 [ 14.864919] ? ktime_get_ts64+0x86/0x230 [ 14.864945] kunit_try_run_case+0x1a5/0x480 [ 14.864971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.864993] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.865033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.865061] ? __kthread_parkme+0x82/0x180 [ 14.865096] ? preempt_count_sub+0x50/0x80 [ 14.865122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.865147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.865172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.865196] kthread+0x337/0x6f0 [ 14.865227] ? trace_preempt_on+0x20/0xc0 [ 14.865266] ? __pfx_kthread+0x10/0x10 [ 14.865297] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.865327] ? calculate_sigpending+0x7b/0xa0 [ 14.865369] ? __pfx_kthread+0x10/0x10 [ 14.865390] ret_from_fork+0x41/0x80 [ 14.865412] ? __pfx_kthread+0x10/0x10 [ 14.865431] ret_from_fork_asm+0x1a/0x30 [ 14.865464] </TASK> [ 14.865477] [ 14.879723] Allocated by task 215: [ 14.880223] kasan_save_stack+0x45/0x70 [ 14.880482] kasan_save_track+0x18/0x40 [ 14.881598] kasan_save_alloc_info+0x3b/0x50 [ 14.881869] __kasan_kmalloc+0xb7/0xc0 [ 14.882044] __kmalloc_cache_noprof+0x189/0x420 [ 14.882577] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.883234] kunit_try_run_case+0x1a5/0x480 [ 14.883494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.883784] kthread+0x337/0x6f0 [ 14.883972] ret_from_fork+0x41/0x80 [ 14.884806] ret_from_fork_asm+0x1a/0x30 [ 14.885020] [ 14.885377] The buggy address belongs to the object at ffff8881029e5a00 [ 14.885377] which belongs to the cache kmalloc-128 of size 128 [ 14.886536] The buggy address is located 12 bytes to the right of [ 14.886536] allocated 115-byte region [ffff8881029e5a00, ffff8881029e5a73) [ 14.887866] [ 14.888169] The buggy address belongs to the physical page: [ 14.888416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e5 [ 14.889305] flags: 0x200000000000000(node=0|zone=2) [ 14.889713] page_type: f5(slab) [ 14.889937] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.890904] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.891806] page dumped because: kasan: bad access detected [ 14.892009] [ 14.892110] Memory state around the buggy address: [ 14.893048] ffff8881029e5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.893592] ffff8881029e5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.893963] >ffff8881029e5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.894580] ^ [ 14.895089] ffff8881029e5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.895629] ffff8881029e5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.896378] ==================================================================