Date
April 20, 2025, 11:09 p.m.
| Environment | |
|---|---|
| x15 | |
| x86 |
[ 92.341705] ================================================================== [ 92.348968] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x544/0x12b0 [ 92.356170] Write of size 121 at addr cc23f200 by task kunit_try_catch/341 [ 92.363098] [ 92.364593] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B W N 6.15.0-rc3 #1 NONE [ 92.364624] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 92.364624] Hardware name: Generic DRA74X (Flattened Device Tree) [ 92.364654] Call trace: [ 92.364654] unwind_backtrace from show_stack+0x18/0x1c [ 92.364685] show_stack from dump_stack_lvl+0x70/0x90 [ 92.364715] dump_stack_lvl from print_report+0x158/0x528 [ 92.364715] print_report from kasan_report+0xdc/0x118 [ 92.364746] kasan_report from kasan_check_range+0x14c/0x198 [ 92.364776] kasan_check_range from copy_user_test_oob+0x544/0x12b0 [ 92.364807] copy_user_test_oob from kunit_try_run_case+0x22c/0x5a8 [ 92.364807] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 92.364837] kunit_generic_run_threadfn_adapter from kthread+0x464/0x810 [ 92.364868] kthread from ret_from_fork+0x14/0x20 [ 92.364898] Exception stack(0xf277bfb0 to 0xf277bff8) [ 92.364898] bfa0: 00000000 00000000 00000000 00000000 [ 92.364929] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 92.364959] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 92.364959] [ 92.476226] Allocated by task 341: [ 92.479644] kasan_save_track+0x30/0x5c [ 92.483489] __kasan_kmalloc+0x8c/0x94 [ 92.487274] __kmalloc_noprof+0x20c/0x488 [ 92.491333] kunit_kmalloc_array+0x28/0x60 [ 92.495452] copy_user_test_oob+0xac/0x12b0 [ 92.499694] kunit_try_run_case+0x22c/0x5a8 [ 92.503906] kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 92.509429] kthread+0x464/0x810 [ 92.512695] ret_from_fork+0x14/0x20 [ 92.516296] [ 92.517791] The buggy address belongs to the object at cc23f200 [ 92.517791] which belongs to the cache kmalloc-128 of size 128 [ 92.529693] The buggy address is located 0 bytes inside of [ 92.529693] allocated 120-byte region [cc23f200, cc23f278) [ 92.540802] [ 92.542327] The buggy address belongs to the physical page: [ 92.547912] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c23f [ 92.555206] flags: 0x0(zone=0) [ 92.558288] page_type: f5(slab) [ 92.561431] raw: 00000000 c7001400 00000122 00000000 00000000 80100010 f5000000 00000000 [ 92.569580] raw: 00000000 [ 92.572235] page dumped because: kasan: bad access detected [ 92.577850] [ 92.579345] Memory state around the buggy address: [ 92.584167] cc23f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 92.590728] cc23f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.597320] >cc23f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 92.603881] ^ [ 92.610351] cc23f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.616943] cc23f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.623504] ================================================================== [ 91.474090] ================================================================== [ 91.481353] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x800/0x12b0 [ 91.488555] Read of size 121 at addr cc23f200 by task kunit_try_catch/341 [ 91.495391] [ 91.496887] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B W N 6.15.0-rc3 #1 NONE [ 91.496917] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 91.496917] Hardware name: Generic DRA74X (Flattened Device Tree) [ 91.496948] Call trace: [ 91.496948] unwind_backtrace from show_stack+0x18/0x1c [ 91.496978] show_stack from dump_stack_lvl+0x70/0x90 [ 91.497009] dump_stack_lvl from print_report+0x158/0x528 [ 91.497039] print_report from kasan_report+0xdc/0x118 [ 91.497039] kasan_report from kasan_check_range+0x14c/0x198 [ 91.497070] kasan_check_range from copy_user_test_oob+0x800/0x12b0 [ 91.497100] copy_user_test_oob from kunit_try_run_case+0x22c/0x5a8 [ 91.497131] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 91.497161] kunit_generic_run_threadfn_adapter from kthread+0x464/0x810 [ 91.497161] kthread from ret_from_fork+0x14/0x20 [ 91.497192] Exception stack(0xf277bfb0 to 0xf277bff8) [ 91.497222] bfa0: 00000000 00000000 00000000 00000000 [ 91.497222] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 91.497253] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 91.497253] [ 91.608520] Allocated by task 341: [ 91.611938] kasan_save_track+0x30/0x5c [ 91.615814] __kasan_kmalloc+0x8c/0x94 [ 91.619598] __kmalloc_noprof+0x20c/0x488 [ 91.623626] kunit_kmalloc_array+0x28/0x60 [ 91.627777] copy_user_test_oob+0xac/0x12b0 [ 91.631988] kunit_try_run_case+0x22c/0x5a8 [ 91.636199] kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 91.641723] kthread+0x464/0x810 [ 91.644989] ret_from_fork+0x14/0x20 [ 91.648590] [ 91.650085] The buggy address belongs to the object at cc23f200 [ 91.650085] which belongs to the cache kmalloc-128 of size 128 [ 91.661987] The buggy address is located 0 bytes inside of [ 91.661987] allocated 120-byte region [cc23f200, cc23f278) [ 91.673126] [ 91.674621] The buggy address belongs to the physical page: [ 91.680236] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c23f [ 91.687499] flags: 0x0(zone=0) [ 91.690582] page_type: f5(slab) [ 91.693756] raw: 00000000 c7001400 00000122 00000000 00000000 80100010 f5000000 00000000 [ 91.701904] raw: 00000000 [ 91.704528] page dumped because: kasan: bad access detected [ 91.710144] [ 91.711639] Memory state around the buggy address: [ 91.716461] cc23f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 91.723052] cc23f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.729614] >cc23f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 91.736175] ^ [ 91.742675] cc23f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.749237] cc23f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.755798] ================================================================== [ 91.178466] ================================================================== [ 91.191864] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x24c/0x12b0 [ 91.199066] Write of size 121 at addr cc23f200 by task kunit_try_catch/341 [ 91.205993] [ 91.207519] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B W N 6.15.0-rc3 #1 NONE [ 91.207550] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 91.207550] Hardware name: Generic DRA74X (Flattened Device Tree) [ 91.207550] Call trace: [ 91.207580] unwind_backtrace from show_stack+0x18/0x1c [ 91.207580] show_stack from dump_stack_lvl+0x70/0x90 [ 91.207611] dump_stack_lvl from print_report+0x158/0x528 [ 91.207641] print_report from kasan_report+0xdc/0x118 [ 91.207672] kasan_report from kasan_check_range+0x14c/0x198 [ 91.207702] kasan_check_range from copy_user_test_oob+0x24c/0x12b0 [ 91.207702] copy_user_test_oob from kunit_try_run_case+0x22c/0x5a8 [ 91.207733] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 91.207763] kunit_generic_run_threadfn_adapter from kthread+0x464/0x810 [ 91.207794] kthread from ret_from_fork+0x14/0x20 [ 91.207824] Exception stack(0xf277bfb0 to 0xf277bff8) [ 91.207824] bfa0: 00000000 00000000 00000000 00000000 [ 91.207855] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 91.207855] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 91.207885] [ 91.319122] Allocated by task 341: [ 91.322570] kasan_save_track+0x30/0x5c [ 91.326416] __kasan_kmalloc+0x8c/0x94 [ 91.330200] __kmalloc_noprof+0x20c/0x488 [ 91.334259] kunit_kmalloc_array+0x28/0x60 [ 91.338378] copy_user_test_oob+0xac/0x12b0 [ 91.342620] kunit_try_run_case+0x22c/0x5a8 [ 91.346832] kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 91.352355] kthread+0x464/0x810 [ 91.355621] ret_from_fork+0x14/0x20 [ 91.359222] [ 91.360717] The buggy address belongs to the object at cc23f200 [ 91.360717] which belongs to the cache kmalloc-128 of size 128 [ 91.372619] The buggy address is located 0 bytes inside of [ 91.372619] allocated 120-byte region [cc23f200, cc23f278) [ 91.383728] [ 91.385253] The buggy address belongs to the physical page: [ 91.390838] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c23f [ 91.398132] flags: 0x0(zone=0) [ 91.401214] page_type: f5(slab) [ 91.404388] raw: 00000000 c7001400 00000122 00000000 00000000 80100010 f5000000 00000000 [ 91.412506] raw: 00000000 [ 91.415161] page dumped because: kasan: bad access detected [ 91.420776] [ 91.422271] Memory state around the buggy address: [ 91.427093] cc23f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 91.433654] cc23f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.440246] >cc23f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 91.446807] ^ [ 91.453308] cc23f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.459869] cc23f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 91.466430] ================================================================== [ 92.052673] ================================================================== [ 92.059936] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x484/0x12b0 [ 92.067138] Read of size 121 at addr cc23f200 by task kunit_try_catch/341 [ 92.073974] [ 92.075469] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B W N 6.15.0-rc3 #1 NONE [ 92.075500] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 92.075500] Hardware name: Generic DRA74X (Flattened Device Tree) [ 92.075531] Call trace: [ 92.075531] unwind_backtrace from show_stack+0x18/0x1c [ 92.075561] show_stack from dump_stack_lvl+0x70/0x90 [ 92.075561] dump_stack_lvl from print_report+0x158/0x528 [ 92.075592] print_report from kasan_report+0xdc/0x118 [ 92.075622] kasan_report from kasan_check_range+0x14c/0x198 [ 92.075653] kasan_check_range from copy_user_test_oob+0x484/0x12b0 [ 92.075683] copy_user_test_oob from kunit_try_run_case+0x22c/0x5a8 [ 92.075683] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 92.075714] kunit_generic_run_threadfn_adapter from kthread+0x464/0x810 [ 92.075744] kthread from ret_from_fork+0x14/0x20 [ 92.075775] Exception stack(0xf277bfb0 to 0xf277bff8) [ 92.075775] bfa0: 00000000 00000000 00000000 00000000 [ 92.075805] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 92.075805] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 92.075836] [ 92.187072] Allocated by task 341: [ 92.190521] kasan_save_track+0x30/0x5c [ 92.194366] __kasan_kmalloc+0x8c/0x94 [ 92.198150] __kmalloc_noprof+0x20c/0x488 [ 92.202209] kunit_kmalloc_array+0x28/0x60 [ 92.206329] copy_user_test_oob+0xac/0x12b0 [ 92.210540] kunit_try_run_case+0x22c/0x5a8 [ 92.214782] kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 92.220306] kthread+0x464/0x810 [ 92.223571] ret_from_fork+0x14/0x20 [ 92.227172] [ 92.228668] The buggy address belongs to the object at cc23f200 [ 92.228668] which belongs to the cache kmalloc-128 of size 128 [ 92.240570] The buggy address is located 0 bytes inside of [ 92.240570] allocated 120-byte region [cc23f200, cc23f278) [ 92.251678] [ 92.253204] The buggy address belongs to the physical page: [ 92.258789] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c23f [ 92.266082] flags: 0x0(zone=0) [ 92.269165] page_type: f5(slab) [ 92.272338] raw: 00000000 c7001400 00000122 00000000 00000000 80100010 f5000000 00000000 [ 92.280456] raw: 00000000 [ 92.283111] page dumped because: kasan: bad access detected [ 92.288726] [ 92.290222] Memory state around the buggy address: [ 92.295043] cc23f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 92.301605] cc23f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.308197] >cc23f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 92.314758] ^ [ 92.321228] cc23f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.327819] cc23f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.334381] ================================================================== [ 92.630828] ================================================================== [ 92.638092] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x12b0 [ 92.645263] Read of size 121 at addr cc23f200 by task kunit_try_catch/341 [ 92.652130] [ 92.653625] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B W N 6.15.0-rc3 #1 NONE [ 92.653656] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 92.653656] Hardware name: Generic DRA74X (Flattened Device Tree) [ 92.653686] Call trace: [ 92.653686] unwind_backtrace from show_stack+0x18/0x1c [ 92.653717] show_stack from dump_stack_lvl+0x70/0x90 [ 92.653717] dump_stack_lvl from print_report+0x158/0x528 [ 92.653747] print_report from kasan_report+0xdc/0x118 [ 92.653778] kasan_report from kasan_check_range+0x14c/0x198 [ 92.653808] kasan_check_range from copy_user_test_oob+0x604/0x12b0 [ 92.653839] copy_user_test_oob from kunit_try_run_case+0x22c/0x5a8 [ 92.653839] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 92.653869] kunit_generic_run_threadfn_adapter from kthread+0x464/0x810 [ 92.653900] kthread from ret_from_fork+0x14/0x20 [ 92.653930] Exception stack(0xf277bfb0 to 0xf277bff8) [ 92.653930] bfa0: 00000000 00000000 00000000 00000000 [ 92.653961] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 92.653961] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 92.653991] [ 92.765228] Allocated by task 341: [ 92.768676] kasan_save_track+0x30/0x5c [ 92.772521] __kasan_kmalloc+0x8c/0x94 [ 92.776306] __kmalloc_noprof+0x20c/0x488 [ 92.780364] kunit_kmalloc_array+0x28/0x60 [ 92.784484] copy_user_test_oob+0xac/0x12b0 [ 92.788696] kunit_try_run_case+0x22c/0x5a8 [ 92.792938] kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 92.798461] kthread+0x464/0x810 [ 92.801696] ret_from_fork+0x14/0x20 [ 92.805328] [ 92.806823] The buggy address belongs to the object at cc23f200 [ 92.806823] which belongs to the cache kmalloc-128 of size 128 [ 92.818725] The buggy address is located 0 bytes inside of [ 92.818725] allocated 120-byte region [cc23f200, cc23f278) [ 92.829833] [ 92.831329] The buggy address belongs to the physical page: [ 92.836944] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c23f [ 92.844207] flags: 0x0(zone=0) [ 92.847290] page_type: f5(slab) [ 92.850463] raw: 00000000 c7001400 00000122 00000000 00000000 80100010 f5000000 00000000 [ 92.858612] raw: 00000000 [ 92.861236] page dumped because: kasan: bad access detected [ 92.866851] [ 92.868347] Memory state around the buggy address: [ 92.873168] cc23f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 92.879760] cc23f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.886322] >cc23f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 92.892883] ^ [ 92.899383] cc23f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.905944] cc23f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.912536] ================================================================== [ 91.763458] ================================================================== [ 91.770721] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c4/0x12b0 [ 91.777923] Write of size 121 at addr cc23f200 by task kunit_try_catch/341 [ 91.784851] [ 91.786346] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B W N 6.15.0-rc3 #1 NONE [ 91.786376] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 91.786407] Hardware name: Generic DRA74X (Flattened Device Tree) [ 91.786407] Call trace: [ 91.786407] unwind_backtrace from show_stack+0x18/0x1c [ 91.786437] show_stack from dump_stack_lvl+0x70/0x90 [ 91.786468] dump_stack_lvl from print_report+0x158/0x528 [ 91.786499] print_report from kasan_report+0xdc/0x118 [ 91.786499] kasan_report from kasan_check_range+0x14c/0x198 [ 91.786529] kasan_check_range from copy_user_test_oob+0x3c4/0x12b0 [ 91.786560] copy_user_test_oob from kunit_try_run_case+0x22c/0x5a8 [ 91.786590] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 91.786621] kunit_generic_run_threadfn_adapter from kthread+0x464/0x810 [ 91.786651] kthread from ret_from_fork+0x14/0x20 [ 91.786651] Exception stack(0xf277bfb0 to 0xf277bff8) [ 91.786682] bfa0: 00000000 00000000 00000000 00000000 [ 91.786682] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 91.786712] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 91.786712] [ 91.897979] Allocated by task 341: [ 91.901397] kasan_save_track+0x30/0x5c [ 91.905273] __kasan_kmalloc+0x8c/0x94 [ 91.909057] __kmalloc_noprof+0x20c/0x488 [ 91.913116] kunit_kmalloc_array+0x28/0x60 [ 91.917236] copy_user_test_oob+0xac/0x12b0 [ 91.921447] kunit_try_run_case+0x22c/0x5a8 [ 91.925659] kunit_generic_run_threadfn_adapter+0xc4/0x128 [ 91.931213] kthread+0x464/0x810 [ 91.934448] ret_from_fork+0x14/0x20 [ 91.938049] [ 91.939575] The buggy address belongs to the object at cc23f200 [ 91.939575] which belongs to the cache kmalloc-128 of size 128 [ 91.951477] The buggy address is located 0 bytes inside of [ 91.951477] allocated 120-byte region [cc23f200, cc23f278) [ 91.962585] [ 91.964080] The buggy address belongs to the physical page: [ 91.969696] page: refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x8c23f [ 91.976959] flags: 0x0(zone=0) [ 91.980041] page_type: f5(slab) [ 91.983215] raw: 00000000 c7001400 00000122 00000000 00000000 80100010 f5000000 00000000 [ 91.991363] raw: 00000000 [ 91.993988] page dumped because: kasan: bad access detected [ 91.999603] [ 92.001098] Memory state around the buggy address: [ 92.005920] cc23f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 92.012512] cc23f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.019073] >cc23f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 92.025634] ^ [ 92.032135] cc23f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.038696] cc23f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 92.045257] ==================================================================
[ 78.253756] ================================================================== [ 78.260997] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 78.268132] Read of size 121 at addr ffff888104ee9700 by task kunit_try_catch/328 [ 78.275619] [ 78.277118] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 78.277126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 78.277128] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 78.277131] Call Trace: [ 78.277133] <TASK> [ 78.277135] dump_stack_lvl+0x73/0xb0 [ 78.277139] print_report+0xd1/0x650 [ 78.277143] ? __virt_addr_valid+0x1db/0x2d0 [ 78.277147] ? copy_user_test_oob+0x604/0x10f0 [ 78.277150] ? kasan_complete_mode_report_info+0x2a/0x200 [ 78.277155] ? copy_user_test_oob+0x604/0x10f0 [ 78.277158] kasan_report+0x141/0x180 [ 78.277163] ? copy_user_test_oob+0x604/0x10f0 [ 78.277167] kasan_check_range+0x10c/0x1c0 [ 78.277172] __kasan_check_read+0x15/0x20 [ 78.277176] copy_user_test_oob+0x604/0x10f0 [ 78.277180] ? __pfx_copy_user_test_oob+0x10/0x10 [ 78.277184] ? finish_task_switch.isra.0+0x153/0x700 [ 78.277188] ? __switch_to+0x5d9/0xf60 [ 78.277192] ? dequeue_task_fair+0x166/0x4e0 [ 78.277197] ? __schedule+0x10cc/0x2b30 [ 78.277201] ? ktime_get_ts64+0x83/0x230 [ 78.277206] kunit_try_run_case+0x1a2/0x480 [ 78.277211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 78.277215] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 78.277220] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 78.277224] ? __kthread_parkme+0x82/0x180 [ 78.277229] ? preempt_count_sub+0x50/0x80 [ 78.277233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 78.277238] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 78.277242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 78.277246] kthread+0x334/0x6f0 [ 78.277250] ? trace_preempt_on+0x20/0xc0 [ 78.277255] ? __pfx_kthread+0x10/0x10 [ 78.277259] ? _raw_spin_unlock_irq+0x47/0x80 [ 78.277263] ? calculate_sigpending+0x7b/0xa0 [ 78.277267] ? __pfx_kthread+0x10/0x10 [ 78.277272] ret_from_fork+0x3e/0x80 [ 78.277276] ? __pfx_kthread+0x10/0x10 [ 78.277280] ret_from_fork_asm+0x1a/0x30 [ 78.277286] </TASK> [ 78.277288] [ 78.457141] Allocated by task 328: [ 78.460548] kasan_save_stack+0x45/0x70 [ 78.464386] kasan_save_track+0x18/0x40 [ 78.468227] kasan_save_alloc_info+0x3b/0x50 [ 78.472500] __kasan_kmalloc+0xb7/0xc0 [ 78.476259] __kmalloc_noprof+0x1c9/0x500 [ 78.480274] kunit_kmalloc_array+0x25/0x60 [ 78.484380] copy_user_test_oob+0xab/0x10f0 [ 78.488567] kunit_try_run_case+0x1a2/0x480 [ 78.492762] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 78.498159] kthread+0x334/0x6f0 [ 78.501393] ret_from_fork+0x3e/0x80 [ 78.504981] ret_from_fork_asm+0x1a/0x30 [ 78.508905] [ 78.510405] The buggy address belongs to the object at ffff888104ee9700 [ 78.510405] which belongs to the cache kmalloc-128 of size 128 [ 78.522920] The buggy address is located 0 bytes inside of [ 78.522920] allocated 120-byte region [ffff888104ee9700, ffff888104ee9778) [ 78.535355] [ 78.536854] The buggy address belongs to the physical page: [ 78.542426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104ee9 [ 78.550426] flags: 0x200000000000000(node=0|zone=2) [ 78.555305] page_type: f5(slab) [ 78.558453] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 78.566201] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 78.573946] page dumped because: kasan: bad access detected [ 78.579517] [ 78.581019] Memory state around the buggy address: [ 78.585811] ffff888104ee9600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 78.593038] ffff888104ee9680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 78.600258] >ffff888104ee9700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 78.607474] ^ [ 78.614609] ffff888104ee9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 78.621837] ffff888104ee9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 78.629056] ================================================================== [ 77.488256] ================================================================== [ 77.495482] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 77.502615] Read of size 121 at addr ffff888104ee9700 by task kunit_try_catch/328 [ 77.510102] [ 77.511601] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 77.511609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 77.511611] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 77.511615] Call Trace: [ 77.511617] <TASK> [ 77.511619] dump_stack_lvl+0x73/0xb0 [ 77.511623] print_report+0xd1/0x650 [ 77.511627] ? __virt_addr_valid+0x1db/0x2d0 [ 77.511631] ? copy_user_test_oob+0x4aa/0x10f0 [ 77.511635] ? kasan_complete_mode_report_info+0x2a/0x200 [ 77.511639] ? copy_user_test_oob+0x4aa/0x10f0 [ 77.511643] kasan_report+0x141/0x180 [ 77.511647] ? copy_user_test_oob+0x4aa/0x10f0 [ 77.511652] kasan_check_range+0x10c/0x1c0 [ 77.511657] __kasan_check_read+0x15/0x20 [ 77.511661] copy_user_test_oob+0x4aa/0x10f0 [ 77.511665] ? __pfx_copy_user_test_oob+0x10/0x10 [ 77.511668] ? finish_task_switch.isra.0+0x153/0x700 [ 77.511690] ? __switch_to+0x5d9/0xf60 [ 77.511694] ? dequeue_task_fair+0x166/0x4e0 [ 77.511699] ? __schedule+0x10cc/0x2b30 [ 77.511704] ? ktime_get_ts64+0x83/0x230 [ 77.511709] kunit_try_run_case+0x1a2/0x480 [ 77.511714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 77.511718] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 77.511735] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 77.511740] ? __kthread_parkme+0x82/0x180 [ 77.511744] ? preempt_count_sub+0x50/0x80 [ 77.511749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 77.511753] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 77.511758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 77.511762] kthread+0x334/0x6f0 [ 77.511766] ? trace_preempt_on+0x20/0xc0 [ 77.511771] ? __pfx_kthread+0x10/0x10 [ 77.511775] ? _raw_spin_unlock_irq+0x47/0x80 [ 77.511780] ? calculate_sigpending+0x7b/0xa0 [ 77.511784] ? __pfx_kthread+0x10/0x10 [ 77.511788] ret_from_fork+0x3e/0x80 [ 77.511792] ? __pfx_kthread+0x10/0x10 [ 77.511797] ret_from_fork_asm+0x1a/0x30 [ 77.511803] </TASK> [ 77.511805] [ 77.691762] Allocated by task 328: [ 77.695170] kasan_save_stack+0x45/0x70 [ 77.699010] kasan_save_track+0x18/0x40 [ 77.702857] kasan_save_alloc_info+0x3b/0x50 [ 77.707129] __kasan_kmalloc+0xb7/0xc0 [ 77.710880] __kmalloc_noprof+0x1c9/0x500 [ 77.714893] kunit_kmalloc_array+0x25/0x60 [ 77.718994] copy_user_test_oob+0xab/0x10f0 [ 77.723179] kunit_try_run_case+0x1a2/0x480 [ 77.727365] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 77.732764] kthread+0x334/0x6f0 [ 77.735995] ret_from_fork+0x3e/0x80 [ 77.739574] ret_from_fork_asm+0x1a/0x30 [ 77.743500] [ 77.744999] The buggy address belongs to the object at ffff888104ee9700 [ 77.744999] which belongs to the cache kmalloc-128 of size 128 [ 77.757505] The buggy address is located 0 bytes inside of [ 77.757505] allocated 120-byte region [ffff888104ee9700, ffff888104ee9778) [ 77.769934] [ 77.771433] The buggy address belongs to the physical page: [ 77.777006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104ee9 [ 77.785012] flags: 0x200000000000000(node=0|zone=2) [ 77.789893] page_type: f5(slab) [ 77.793038] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 77.800778] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 77.808525] page dumped because: kasan: bad access detected [ 77.814096] [ 77.815595] Memory state around the buggy address: [ 77.820388] ffff888104ee9600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 77.827608] ffff888104ee9680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 77.834837] >ffff888104ee9700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 77.842063] ^ [ 77.849195] ffff888104ee9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 77.856413] ffff888104ee9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 77.863632] ================================================================== [ 77.870878] ================================================================== [ 77.878098] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 77.885238] Write of size 121 at addr ffff888104ee9700 by task kunit_try_catch/328 [ 77.892804] [ 77.894305] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 77.894313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 77.894316] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 77.894319] Call Trace: [ 77.894321] <TASK> [ 77.894323] dump_stack_lvl+0x73/0xb0 [ 77.894326] print_report+0xd1/0x650 [ 77.894331] ? __virt_addr_valid+0x1db/0x2d0 [ 77.894335] ? copy_user_test_oob+0x557/0x10f0 [ 77.894338] ? kasan_complete_mode_report_info+0x2a/0x200 [ 77.894343] ? copy_user_test_oob+0x557/0x10f0 [ 77.894347] kasan_report+0x141/0x180 [ 77.894351] ? copy_user_test_oob+0x557/0x10f0 [ 77.894356] kasan_check_range+0x10c/0x1c0 [ 77.894360] __kasan_check_write+0x18/0x20 [ 77.894364] copy_user_test_oob+0x557/0x10f0 [ 77.894368] ? __pfx_copy_user_test_oob+0x10/0x10 [ 77.894372] ? finish_task_switch.isra.0+0x153/0x700 [ 77.894376] ? __switch_to+0x5d9/0xf60 [ 77.894380] ? dequeue_task_fair+0x166/0x4e0 [ 77.894385] ? __schedule+0x10cc/0x2b30 [ 77.894389] ? ktime_get_ts64+0x83/0x230 [ 77.894394] kunit_try_run_case+0x1a2/0x480 [ 77.894399] ? __pfx_kunit_try_run_case+0x10/0x10 [ 77.894403] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 77.894408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 77.894413] ? __kthread_parkme+0x82/0x180 [ 77.894417] ? preempt_count_sub+0x50/0x80 [ 77.894421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 77.894426] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 77.894430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 77.894434] kthread+0x334/0x6f0 [ 77.894438] ? trace_preempt_on+0x20/0xc0 [ 77.894443] ? __pfx_kthread+0x10/0x10 [ 77.894447] ? _raw_spin_unlock_irq+0x47/0x80 [ 77.894452] ? calculate_sigpending+0x7b/0xa0 [ 77.894456] ? __pfx_kthread+0x10/0x10 [ 77.894460] ret_from_fork+0x3e/0x80 [ 77.894464] ? __pfx_kthread+0x10/0x10 [ 77.894469] ret_from_fork_asm+0x1a/0x30 [ 77.894475] </TASK> [ 77.894476] [ 78.074439] Allocated by task 328: [ 78.077847] kasan_save_stack+0x45/0x70 [ 78.081708] kasan_save_track+0x18/0x40 [ 78.085550] kasan_save_alloc_info+0x3b/0x50 [ 78.089822] __kasan_kmalloc+0xb7/0xc0 [ 78.093574] __kmalloc_noprof+0x1c9/0x500 [ 78.097587] kunit_kmalloc_array+0x25/0x60 [ 78.101705] copy_user_test_oob+0xab/0x10f0 [ 78.105899] kunit_try_run_case+0x1a2/0x480 [ 78.110085] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 78.115485] kthread+0x334/0x6f0 [ 78.118742] ret_from_fork+0x3e/0x80 [ 78.122322] ret_from_fork_asm+0x1a/0x30 [ 78.126255] [ 78.127754] The buggy address belongs to the object at ffff888104ee9700 [ 78.127754] which belongs to the cache kmalloc-128 of size 128 [ 78.140268] The buggy address is located 0 bytes inside of [ 78.140268] allocated 120-byte region [ffff888104ee9700, ffff888104ee9778) [ 78.152704] [ 78.154231] The buggy address belongs to the physical page: [ 78.159803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104ee9 [ 78.167809] flags: 0x200000000000000(node=0|zone=2) [ 78.172705] page_type: f5(slab) [ 78.175879] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 78.183626] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 78.191364] page dumped because: kasan: bad access detected [ 78.196938] [ 78.198437] Memory state around the buggy address: [ 78.203230] ffff888104ee9600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 78.210450] ffff888104ee9680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 78.217703] >ffff888104ee9700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 78.224930] ^ [ 78.232061] ffff888104ee9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 78.239282] ffff888104ee9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 78.246508] ================================================================== [ 77.105322] ================================================================== [ 77.112555] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 77.119705] Write of size 121 at addr ffff888104ee9700 by task kunit_try_catch/328 [ 77.127296] [ 77.128795] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 77.128804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 77.128807] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 77.128810] Call Trace: [ 77.128812] <TASK> [ 77.128814] dump_stack_lvl+0x73/0xb0 [ 77.128819] print_report+0xd1/0x650 [ 77.128823] ? __virt_addr_valid+0x1db/0x2d0 [ 77.128827] ? copy_user_test_oob+0x3fd/0x10f0 [ 77.128831] ? kasan_complete_mode_report_info+0x2a/0x200 [ 77.128836] ? copy_user_test_oob+0x3fd/0x10f0 [ 77.128839] kasan_report+0x141/0x180 [ 77.128844] ? copy_user_test_oob+0x3fd/0x10f0 [ 77.128848] kasan_check_range+0x10c/0x1c0 [ 77.128853] __kasan_check_write+0x18/0x20 [ 77.128857] copy_user_test_oob+0x3fd/0x10f0 [ 77.128861] ? __pfx_copy_user_test_oob+0x10/0x10 [ 77.128865] ? finish_task_switch.isra.0+0x153/0x700 [ 77.128870] ? __switch_to+0x5d9/0xf60 [ 77.128874] ? dequeue_task_fair+0x166/0x4e0 [ 77.128878] ? __schedule+0x10cc/0x2b30 [ 77.128883] ? ktime_get_ts64+0x83/0x230 [ 77.128888] kunit_try_run_case+0x1a2/0x480 [ 77.128893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 77.128897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 77.128902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 77.128907] ? __kthread_parkme+0x82/0x180 [ 77.128911] ? preempt_count_sub+0x50/0x80 [ 77.128916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 77.128920] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 77.128925] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 77.128929] kthread+0x334/0x6f0 [ 77.128933] ? trace_preempt_on+0x20/0xc0 [ 77.128938] ? __pfx_kthread+0x10/0x10 [ 77.128942] ? _raw_spin_unlock_irq+0x47/0x80 [ 77.128947] ? calculate_sigpending+0x7b/0xa0 [ 77.128951] ? __pfx_kthread+0x10/0x10 [ 77.128955] ret_from_fork+0x3e/0x80 [ 77.128960] ? __pfx_kthread+0x10/0x10 [ 77.128964] ret_from_fork_asm+0x1a/0x30 [ 77.128970] </TASK> [ 77.128972] [ 77.308957] Allocated by task 328: [ 77.312363] kasan_save_stack+0x45/0x70 [ 77.316202] kasan_save_track+0x18/0x40 [ 77.320041] kasan_save_alloc_info+0x3b/0x50 [ 77.324315] __kasan_kmalloc+0xb7/0xc0 [ 77.328074] __kmalloc_noprof+0x1c9/0x500 [ 77.332086] kunit_kmalloc_array+0x25/0x60 [ 77.336187] copy_user_test_oob+0xab/0x10f0 [ 77.340372] kunit_try_run_case+0x1a2/0x480 [ 77.344557] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 77.349957] kthread+0x334/0x6f0 [ 77.353190] ret_from_fork+0x3e/0x80 [ 77.356769] ret_from_fork_asm+0x1a/0x30 [ 77.360707] [ 77.362229] The buggy address belongs to the object at ffff888104ee9700 [ 77.362229] which belongs to the cache kmalloc-128 of size 128 [ 77.374748] The buggy address is located 0 bytes inside of [ 77.374748] allocated 120-byte region [ffff888104ee9700, ffff888104ee9778) [ 77.387178] [ 77.388704] The buggy address belongs to the physical page: [ 77.394303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104ee9 [ 77.402311] flags: 0x200000000000000(node=0|zone=2) [ 77.407189] page_type: f5(slab) [ 77.410336] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 77.418084] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 77.425831] page dumped because: kasan: bad access detected [ 77.431403] [ 77.432903] Memory state around the buggy address: [ 77.437707] ffff888104ee9600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 77.444933] ffff888104ee9680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 77.452160] >ffff888104ee9700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 77.459386] ^ [ 77.466519] ffff888104ee9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 77.473757] ffff888104ee9800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 77.480982] ==================================================================