Date
July 4, 2025, 3:11 p.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 |
[ 37.806179] ================================================================== [ 37.816409] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 37.822394] Read of size 1 at addr ffff000800d61358 by task kunit_try_catch/306 [ 37.829687] [ 37.831174] CPU: 7 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 37.831230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.831247] Hardware name: WinLink E850-96 board (DT) [ 37.831271] Call trace: [ 37.831285] show_stack+0x20/0x38 (C) [ 37.831322] dump_stack_lvl+0x8c/0xd0 [ 37.831360] print_report+0x118/0x608 [ 37.831395] kasan_report+0xdc/0x128 [ 37.831427] __asan_report_load1_noabort+0x20/0x30 [ 37.831465] memcmp+0x198/0x1d8 [ 37.831493] kasan_memcmp+0x16c/0x300 [ 37.831528] kunit_try_run_case+0x170/0x3f0 [ 37.831566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.831607] kthread+0x328/0x630 [ 37.831643] ret_from_fork+0x10/0x20 [ 37.831680] [ 37.896612] Allocated by task 306: [ 37.900001] kasan_save_stack+0x3c/0x68 [ 37.903816] kasan_save_track+0x20/0x40 [ 37.907636] kasan_save_alloc_info+0x40/0x58 [ 37.911889] __kasan_kmalloc+0xd4/0xd8 [ 37.915621] __kmalloc_cache_noprof+0x16c/0x3c0 [ 37.920135] kasan_memcmp+0xbc/0x300 [ 37.923694] kunit_try_run_case+0x170/0x3f0 [ 37.927861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.933329] kthread+0x328/0x630 [ 37.936541] ret_from_fork+0x10/0x20 [ 37.940100] [ 37.941577] The buggy address belongs to the object at ffff000800d61340 [ 37.941577] which belongs to the cache kmalloc-32 of size 32 [ 37.953906] The buggy address is located 0 bytes to the right of [ 37.953906] allocated 24-byte region [ffff000800d61340, ffff000800d61358) [ 37.966749] [ 37.968228] The buggy address belongs to the physical page: [ 37.973785] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880d61 [ 37.981768] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.988278] page_type: f5(slab) [ 37.991414] raw: 0bfffe0000000000 ffff000800002780 dead000000000122 0000000000000000 [ 37.999135] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 38.006854] page dumped because: kasan: bad access detected [ 38.012408] [ 38.013884] Memory state around the buggy address: [ 38.018667] ffff000800d61200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 38.025867] ffff000800d61280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 38.033074] >ffff000800d61300: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 38.040272] ^ [ 38.046353] ffff000800d61380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.053559] ffff000800d61400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.060760] ==================================================================
[ 17.823980] ================================================================== [ 17.824135] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 17.824344] Read of size 1 at addr fff00000c7949158 by task kunit_try_catch/262 [ 17.824565] [ 17.824614] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.824751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.824779] Hardware name: linux,dummy-virt (DT) [ 17.824810] Call trace: [ 17.824952] show_stack+0x20/0x38 (C) [ 17.825145] dump_stack_lvl+0x8c/0xd0 [ 17.825303] print_report+0x118/0x608 [ 17.825640] kasan_report+0xdc/0x128 [ 17.825792] __asan_report_load1_noabort+0x20/0x30 [ 17.825963] memcmp+0x198/0x1d8 [ 17.826108] kasan_memcmp+0x16c/0x300 [ 17.826170] kunit_try_run_case+0x170/0x3f0 [ 17.826465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.826668] kthread+0x328/0x630 [ 17.826719] ret_from_fork+0x10/0x20 [ 17.827064] [ 17.827127] Allocated by task 262: [ 17.827229] kasan_save_stack+0x3c/0x68 [ 17.827330] kasan_save_track+0x20/0x40 [ 17.827605] kasan_save_alloc_info+0x40/0x58 [ 17.827726] __kasan_kmalloc+0xd4/0xd8 [ 17.827835] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.827940] kasan_memcmp+0xbc/0x300 [ 17.827981] kunit_try_run_case+0x170/0x3f0 [ 17.828274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.828373] kthread+0x328/0x630 [ 17.828470] ret_from_fork+0x10/0x20 [ 17.828622] [ 17.828651] The buggy address belongs to the object at fff00000c7949140 [ 17.828651] which belongs to the cache kmalloc-32 of size 32 [ 17.828708] The buggy address is located 0 bytes to the right of [ 17.828708] allocated 24-byte region [fff00000c7949140, fff00000c7949158) [ 17.828883] [ 17.828975] The buggy address belongs to the physical page: [ 17.829102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107949 [ 17.829261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.829401] page_type: f5(slab) [ 17.829454] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.829662] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.829807] page dumped because: kasan: bad access detected [ 17.829909] [ 17.829992] Memory state around the buggy address: [ 17.830127] fff00000c7949000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.830209] fff00000c7949080: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.830561] >fff00000c7949100: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.830618] ^ [ 17.830726] fff00000c7949180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.831072] fff00000c7949200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.831189] ==================================================================
[ 16.677117] ================================================================== [ 16.677899] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 16.678318] Read of size 1 at addr ffff8881029f4698 by task kunit_try_catch/278 [ 16.678658] [ 16.678888] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT(voluntary) [ 16.678966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.678982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.679007] Call Trace: [ 16.679024] <TASK> [ 16.679053] dump_stack_lvl+0x73/0xb0 [ 16.679101] print_report+0xd1/0x650 [ 16.679144] ? __virt_addr_valid+0x1db/0x2d0 [ 16.679193] ? memcmp+0x1b4/0x1d0 [ 16.679230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.679276] ? memcmp+0x1b4/0x1d0 [ 16.679318] kasan_report+0x141/0x180 [ 16.679379] ? memcmp+0x1b4/0x1d0 [ 16.679709] __asan_report_load1_noabort+0x18/0x20 [ 16.679814] memcmp+0x1b4/0x1d0 [ 16.679867] kasan_memcmp+0x18f/0x390 [ 16.679917] ? trace_hardirqs_on+0x37/0xe0 [ 16.679974] ? __pfx_kasan_memcmp+0x10/0x10 [ 16.680017] ? finish_task_switch.isra.0+0x153/0x700 [ 16.680068] ? __switch_to+0x5d9/0xf60 [ 16.680116] ? dequeue_task_fair+0x166/0x4e0 [ 16.680158] ? __pfx_read_tsc+0x10/0x10 [ 16.680193] ? ktime_get_ts64+0x86/0x230 [ 16.680238] kunit_try_run_case+0x1a5/0x480 [ 16.680280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.680315] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.680374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.680412] ? __kthread_parkme+0x82/0x180 [ 16.680439] ? preempt_count_sub+0x50/0x80 [ 16.680465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.680490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.680515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.680542] kthread+0x337/0x6f0 [ 16.680561] ? trace_preempt_on+0x20/0xc0 [ 16.680585] ? __pfx_kthread+0x10/0x10 [ 16.680604] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.680627] ? calculate_sigpending+0x7b/0xa0 [ 16.680651] ? __pfx_kthread+0x10/0x10 [ 16.680671] ret_from_fork+0x41/0x80 [ 16.680693] ? __pfx_kthread+0x10/0x10 [ 16.680713] ret_from_fork_asm+0x1a/0x30 [ 16.680747] </TASK> [ 16.680759] [ 16.695940] Allocated by task 278: [ 16.696550] kasan_save_stack+0x45/0x70 [ 16.696873] kasan_save_track+0x18/0x40 [ 16.697371] kasan_save_alloc_info+0x3b/0x50 [ 16.697618] __kasan_kmalloc+0xb7/0xc0 [ 16.698527] __kmalloc_cache_noprof+0x189/0x420 [ 16.698865] kasan_memcmp+0xb7/0x390 [ 16.699053] kunit_try_run_case+0x1a5/0x480 [ 16.699454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.699689] kthread+0x337/0x6f0 [ 16.700132] ret_from_fork+0x41/0x80 [ 16.700502] ret_from_fork_asm+0x1a/0x30 [ 16.701075] [ 16.701370] The buggy address belongs to the object at ffff8881029f4680 [ 16.701370] which belongs to the cache kmalloc-32 of size 32 [ 16.702607] The buggy address is located 0 bytes to the right of [ 16.702607] allocated 24-byte region [ffff8881029f4680, ffff8881029f4698) [ 16.703794] [ 16.704017] The buggy address belongs to the physical page: [ 16.704395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f4 [ 16.705105] flags: 0x200000000000000(node=0|zone=2) [ 16.705566] page_type: f5(slab) [ 16.705818] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 16.706947] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.707431] page dumped because: kasan: bad access detected [ 16.707793] [ 16.707967] Memory state around the buggy address: [ 16.708309] ffff8881029f4580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 16.708859] ffff8881029f4600: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 16.709534] >ffff8881029f4680: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.709980] ^ [ 16.710425] ffff8881029f4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.711057] ffff8881029f4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.711653] ==================================================================