From: bugzilla-daemon@kernel.org
To: linux-usb@vger.kernel.org
Subject: [Bug 220042] New: kmalloc Redzone overwritten in usb_get_device_descriptor
Date: Mon, 21 Apr 2025 16:15:34 +0000 [thread overview]
Message-ID: <bug-220042-208809@https.bugzilla.kernel.org/> (raw)
https://bugzilla.kernel.org/show_bug.cgi?id=220042
Bug ID: 220042
Summary: kmalloc Redzone overwritten in
usb_get_device_descriptor
Product: Drivers
Version: 2.5
Hardware: ARM
OS: Linux
Status: NEW
Severity: normal
Priority: P3
Component: USB
Assignee: drivers_usb@kernel-bugs.kernel.org
Reporter: m95d@psihoexpert.ro
Regression: No
Created attachment 308005
--> https://bugzilla.kernel.org/attachment.cgi?id=308005&action=edit
kernel config
Hi.
Asus Tinkerboard S (RK3288, armv7).
I get this error while booting, and every time I connect an USB device:
[ 23.437577] [ T282]
=============================================================================
[ 23.447578] [ T282] BUG kmalloc-64 (Tainted: G W ): kmalloc
Redzone overwritten
[ 23.457246] [ T282]
-----------------------------------------------------------------------------
[ 23.469617] [ T282] 0xc5818c52-0xc5818c53 @offset=3154. First byte 0x44
instead of 0xcc
[ 23.478587] [ T282] FIX kmalloc-64: Restoring kmalloc Redzone
0xc5818c52-0xc5818c53=0xcc
[ 23.487655] [ T282] Allocated in usb_get_device_descriptor+0x90/0x1a0
age=1713 cpu=2 pid=27
[ 23.497031] [ T282] usb_get_device_descriptor+0x90/0x1a0
[ 23.503086] [ T282] hub_port_init+0x15bc/0x26e8
[ 23.508268] [ T282] hub_port_connect+0xacc/0x2438
[ 23.513642] [ T282] hub_port_connect_change+0x218/0x500
[ 23.519599] [ T282] port_event+0xaa0/0xddc
[ 23.524292] [ T282] hub_event+0x458/0x9b0
[ 23.528883] [ T282] process_one_work+0x8a8/0x10b0
[ 23.534258] [ T282] worker_thread+0x784/0x10a0
[ 23.539338] [ T282] kthread+0x2e0/0x344
[ 23.543738] [ T282] ret_from_fork+0x14/0x28
I did a git bisect and this is the result:
# first bad commit: [fb5eda0dfe2256b468fc4e95207a4df88457274f] mm/kasan: Don't
store metadata inside kmalloc object when slub_debug_orig_size is on
I also saw a redzone error in usb hid driver, but I didn't get to bisect that
one yet - kernel build is really slow on this SBC. I'm going to open a separate
bug report for that when it's ready.
I'm attaching kernel config and complete error from dmesg.
Thanks.
--
You may reply to this email to add a comment.
You are receiving this mail because:
You are watching the assignee of the bug.
next reply other threads:[~2025-04-21 16:15 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-21 16:15 bugzilla-daemon [this message]
2025-04-21 16:18 ` [Bug 220042] kmalloc Redzone overwritten in usb_get_device_descriptor bugzilla-daemon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-220042-208809@https.bugzilla.kernel.org/ \
--to=bugzilla-daemon@kernel.org \
--cc=linux-usb@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).