Date
April 20, 2025, 11:09 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 11.652285] ================================================================== [ 11.652981] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.653301] Write of size 16 at addr ffff888102734d69 by task kunit_try_catch/198 [ 11.653703] [ 11.653822] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.653864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.653875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.653894] Call Trace: [ 11.653905] <TASK> [ 11.653918] dump_stack_lvl+0x73/0xb0 [ 11.653943] print_report+0xd1/0x650 [ 11.653965] ? __virt_addr_valid+0x1db/0x2d0 [ 11.653986] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.654007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.654029] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.654051] kasan_report+0x141/0x180 [ 11.654073] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.654100] kasan_check_range+0x10c/0x1c0 [ 11.654123] __asan_memset+0x27/0x50 [ 11.654142] kmalloc_oob_memset_16+0x166/0x330 [ 11.654165] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.654187] ? __schedule+0x10cc/0x2b30 [ 11.654221] ? __pfx_read_tsc+0x10/0x10 [ 11.654240] ? ktime_get_ts64+0x86/0x230 [ 11.654264] kunit_try_run_case+0x1a5/0x480 [ 11.654287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.654307] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.654341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.654364] ? __kthread_parkme+0x82/0x180 [ 11.654427] ? preempt_count_sub+0x50/0x80 [ 11.654454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.654476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.654498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.654520] kthread+0x337/0x6f0 [ 11.654539] ? trace_preempt_on+0x20/0xc0 [ 11.654562] ? __pfx_kthread+0x10/0x10 [ 11.654583] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.654604] ? calculate_sigpending+0x7b/0xa0 [ 11.654624] ? __pfx_kthread+0x10/0x10 [ 11.654646] ret_from_fork+0x41/0x80 [ 11.654665] ? __pfx_kthread+0x10/0x10 [ 11.654687] ret_from_fork_asm+0x1a/0x30 [ 11.654717] </TASK> [ 11.654727] [ 11.662040] Allocated by task 198: [ 11.662172] kasan_save_stack+0x45/0x70 [ 11.662318] kasan_save_track+0x18/0x40 [ 11.662853] kasan_save_alloc_info+0x3b/0x50 [ 11.663081] __kasan_kmalloc+0xb7/0xc0 [ 11.663452] __kmalloc_cache_noprof+0x189/0x420 [ 11.663680] kmalloc_oob_memset_16+0xac/0x330 [ 11.663844] kunit_try_run_case+0x1a5/0x480 [ 11.663989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.664195] kthread+0x337/0x6f0 [ 11.664376] ret_from_fork+0x41/0x80 [ 11.664560] ret_from_fork_asm+0x1a/0x30 [ 11.664809] [ 11.664902] The buggy address belongs to the object at ffff888102734d00 [ 11.664902] which belongs to the cache kmalloc-128 of size 128 [ 11.665276] The buggy address is located 105 bytes inside of [ 11.665276] allocated 120-byte region [ffff888102734d00, ffff888102734d78) [ 11.665795] [ 11.665895] The buggy address belongs to the physical page: [ 11.666143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102734 [ 11.666512] flags: 0x200000000000000(node=0|zone=2) [ 11.666716] page_type: f5(slab) [ 11.666949] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.667244] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.667479] page dumped because: kasan: bad access detected [ 11.667685] [ 11.668057] Memory state around the buggy address: [ 11.668318] ffff888102734c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.668645] ffff888102734c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.668873] >ffff888102734d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.669234] ^ [ 11.669578] ffff888102734d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.669897] ffff888102734e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.670652] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 11.631375] ================================================================== [ 11.631944] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.632295] Write of size 8 at addr ffff888102734c71 by task kunit_try_catch/196 [ 11.632654] [ 11.632772] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.632815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.632826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.632845] Call Trace: [ 11.632858] <TASK> [ 11.632872] dump_stack_lvl+0x73/0xb0 [ 11.632898] print_report+0xd1/0x650 [ 11.632920] ? __virt_addr_valid+0x1db/0x2d0 [ 11.632941] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.632962] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.632984] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.633006] kasan_report+0x141/0x180 [ 11.633028] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.633055] kasan_check_range+0x10c/0x1c0 [ 11.633079] __asan_memset+0x27/0x50 [ 11.633099] kmalloc_oob_memset_8+0x166/0x330 [ 11.633121] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.633144] ? __schedule+0x10cc/0x2b30 [ 11.633167] ? __pfx_read_tsc+0x10/0x10 [ 11.633186] ? ktime_get_ts64+0x86/0x230 [ 11.633211] kunit_try_run_case+0x1a5/0x480 [ 11.633234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.633265] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.633288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.633311] ? __kthread_parkme+0x82/0x180 [ 11.633345] ? preempt_count_sub+0x50/0x80 [ 11.633369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.633392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.633413] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.633435] kthread+0x337/0x6f0 [ 11.633455] ? trace_preempt_on+0x20/0xc0 [ 11.633477] ? __pfx_kthread+0x10/0x10 [ 11.633545] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.633568] ? calculate_sigpending+0x7b/0xa0 [ 11.633588] ? __pfx_kthread+0x10/0x10 [ 11.633610] ret_from_fork+0x41/0x80 [ 11.633631] ? __pfx_kthread+0x10/0x10 [ 11.633652] ret_from_fork_asm+0x1a/0x30 [ 11.633683] </TASK> [ 11.633694] [ 11.641561] Allocated by task 196: [ 11.641693] kasan_save_stack+0x45/0x70 [ 11.641903] kasan_save_track+0x18/0x40 [ 11.642097] kasan_save_alloc_info+0x3b/0x50 [ 11.642352] __kasan_kmalloc+0xb7/0xc0 [ 11.642497] __kmalloc_cache_noprof+0x189/0x420 [ 11.642758] kmalloc_oob_memset_8+0xac/0x330 [ 11.642975] kunit_try_run_case+0x1a5/0x480 [ 11.643158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.643408] kthread+0x337/0x6f0 [ 11.643535] ret_from_fork+0x41/0x80 [ 11.643754] ret_from_fork_asm+0x1a/0x30 [ 11.643923] [ 11.644020] The buggy address belongs to the object at ffff888102734c00 [ 11.644020] which belongs to the cache kmalloc-128 of size 128 [ 11.644436] The buggy address is located 113 bytes inside of [ 11.644436] allocated 120-byte region [ffff888102734c00, ffff888102734c78) [ 11.644789] [ 11.644881] The buggy address belongs to the physical page: [ 11.645128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102734 [ 11.645723] flags: 0x200000000000000(node=0|zone=2) [ 11.645897] page_type: f5(slab) [ 11.646017] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.646246] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.646999] page dumped because: kasan: bad access detected [ 11.647259] [ 11.647371] Memory state around the buggy address: [ 11.647724] ffff888102734b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.648051] ffff888102734b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.648314] >ffff888102734c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.648563] ^ [ 11.648906] ffff888102734c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.649204] ffff888102734d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.649424] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 11.608661] ================================================================== [ 11.609076] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 11.609374] Write of size 4 at addr ffff888102b31c75 by task kunit_try_catch/194 [ 11.609666] [ 11.609778] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.609821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.609831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.609850] Call Trace: [ 11.609861] <TASK> [ 11.609874] dump_stack_lvl+0x73/0xb0 [ 11.609898] print_report+0xd1/0x650 [ 11.609919] ? __virt_addr_valid+0x1db/0x2d0 [ 11.609941] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.609962] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.609984] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.610006] kasan_report+0x141/0x180 [ 11.610028] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.610055] kasan_check_range+0x10c/0x1c0 [ 11.610078] __asan_memset+0x27/0x50 [ 11.610098] kmalloc_oob_memset_4+0x166/0x330 [ 11.610120] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 11.610145] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 11.610171] kunit_try_run_case+0x1a5/0x480 [ 11.610194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.610215] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.610263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.610286] ? __kthread_parkme+0x82/0x180 [ 11.610307] ? preempt_count_sub+0x50/0x80 [ 11.610343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.610365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.610387] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.610408] kthread+0x337/0x6f0 [ 11.610428] ? trace_preempt_on+0x20/0xc0 [ 11.610450] ? __pfx_kthread+0x10/0x10 [ 11.610472] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.610493] ? calculate_sigpending+0x7b/0xa0 [ 11.610513] ? __pfx_kthread+0x10/0x10 [ 11.610535] ret_from_fork+0x41/0x80 [ 11.610555] ? __pfx_kthread+0x10/0x10 [ 11.610576] ret_from_fork_asm+0x1a/0x30 [ 11.610607] </TASK> [ 11.610616] [ 11.617725] Allocated by task 194: [ 11.617956] kasan_save_stack+0x45/0x70 [ 11.618192] kasan_save_track+0x18/0x40 [ 11.618470] kasan_save_alloc_info+0x3b/0x50 [ 11.618697] __kasan_kmalloc+0xb7/0xc0 [ 11.618868] __kmalloc_cache_noprof+0x189/0x420 [ 11.619018] kmalloc_oob_memset_4+0xac/0x330 [ 11.619162] kunit_try_run_case+0x1a5/0x480 [ 11.619434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.619680] kthread+0x337/0x6f0 [ 11.620015] ret_from_fork+0x41/0x80 [ 11.620236] ret_from_fork_asm+0x1a/0x30 [ 11.620437] [ 11.620538] The buggy address belongs to the object at ffff888102b31c00 [ 11.620538] which belongs to the cache kmalloc-128 of size 128 [ 11.621040] The buggy address is located 117 bytes inside of [ 11.621040] allocated 120-byte region [ffff888102b31c00, ffff888102b31c78) [ 11.621566] [ 11.621668] The buggy address belongs to the physical page: [ 11.621922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 11.622225] flags: 0x200000000000000(node=0|zone=2) [ 11.622455] page_type: f5(slab) [ 11.622684] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.623002] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.623344] page dumped because: kasan: bad access detected [ 11.623725] [ 11.623820] Memory state around the buggy address: [ 11.623976] ffff888102b31b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.624189] ffff888102b31b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.624468] >ffff888102b31c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.624833] ^ [ 11.625142] ffff888102b31c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.625552] ffff888102b31d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.625758] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 11.587342] ================================================================== [ 11.588036] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 11.588376] Write of size 2 at addr ffff888102b31b77 by task kunit_try_catch/192 [ 11.588686] [ 11.588830] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.588871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.588882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.588955] Call Trace: [ 11.588969] <TASK> [ 11.588983] dump_stack_lvl+0x73/0xb0 [ 11.589008] print_report+0xd1/0x650 [ 11.589030] ? __virt_addr_valid+0x1db/0x2d0 [ 11.589052] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.589073] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.589094] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.589116] kasan_report+0x141/0x180 [ 11.589150] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.589177] kasan_check_range+0x10c/0x1c0 [ 11.589200] __asan_memset+0x27/0x50 [ 11.589220] kmalloc_oob_memset_2+0x166/0x330 [ 11.589242] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.589265] ? __schedule+0x10cc/0x2b30 [ 11.589288] ? __pfx_read_tsc+0x10/0x10 [ 11.589307] ? ktime_get_ts64+0x86/0x230 [ 11.589343] kunit_try_run_case+0x1a5/0x480 [ 11.589366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.589386] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.589409] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.589432] ? __kthread_parkme+0x82/0x180 [ 11.589452] ? preempt_count_sub+0x50/0x80 [ 11.589643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.589666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.589689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.589711] kthread+0x337/0x6f0 [ 11.589731] ? trace_preempt_on+0x20/0xc0 [ 11.589754] ? __pfx_kthread+0x10/0x10 [ 11.589782] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.589804] ? calculate_sigpending+0x7b/0xa0 [ 11.589825] ? __pfx_kthread+0x10/0x10 [ 11.589846] ret_from_fork+0x41/0x80 [ 11.589866] ? __pfx_kthread+0x10/0x10 [ 11.589887] ret_from_fork_asm+0x1a/0x30 [ 11.589918] </TASK> [ 11.589928] [ 11.597190] Allocated by task 192: [ 11.597359] kasan_save_stack+0x45/0x70 [ 11.597601] kasan_save_track+0x18/0x40 [ 11.597801] kasan_save_alloc_info+0x3b/0x50 [ 11.598004] __kasan_kmalloc+0xb7/0xc0 [ 11.598216] __kmalloc_cache_noprof+0x189/0x420 [ 11.598526] kmalloc_oob_memset_2+0xac/0x330 [ 11.598752] kunit_try_run_case+0x1a5/0x480 [ 11.598912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.599151] kthread+0x337/0x6f0 [ 11.599320] ret_from_fork+0x41/0x80 [ 11.599584] ret_from_fork_asm+0x1a/0x30 [ 11.599767] [ 11.599837] The buggy address belongs to the object at ffff888102b31b00 [ 11.599837] which belongs to the cache kmalloc-128 of size 128 [ 11.600345] The buggy address is located 119 bytes inside of [ 11.600345] allocated 120-byte region [ffff888102b31b00, ffff888102b31b78) [ 11.600893] [ 11.600990] The buggy address belongs to the physical page: [ 11.601256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 11.601503] flags: 0x200000000000000(node=0|zone=2) [ 11.601664] page_type: f5(slab) [ 11.601787] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.602163] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.602771] page dumped because: kasan: bad access detected [ 11.603031] [ 11.603124] Memory state around the buggy address: [ 11.603372] ffff888102b31a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.603741] ffff888102b31a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.603989] >ffff888102b31b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.604285] ^ [ 11.604792] ffff888102b31b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.605078] ffff888102b31c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.605350] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 11.559909] ================================================================== [ 11.560757] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 11.561091] Write of size 128 at addr ffff888102b31a00 by task kunit_try_catch/190 [ 11.561405] [ 11.561537] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.561582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.561593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.561612] Call Trace: [ 11.561625] <TASK> [ 11.561642] dump_stack_lvl+0x73/0xb0 [ 11.561668] print_report+0xd1/0x650 [ 11.561691] ? __virt_addr_valid+0x1db/0x2d0 [ 11.561714] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.561735] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.561757] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.561785] kasan_report+0x141/0x180 [ 11.561807] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.561835] kasan_check_range+0x10c/0x1c0 [ 11.561859] __asan_memset+0x27/0x50 [ 11.561879] kmalloc_oob_in_memset+0x15f/0x320 [ 11.561901] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.561925] ? __schedule+0x10cc/0x2b30 [ 11.561948] ? __pfx_read_tsc+0x10/0x10 [ 11.561967] ? ktime_get_ts64+0x86/0x230 [ 11.561993] kunit_try_run_case+0x1a5/0x480 [ 11.562017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.562038] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.562061] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.562085] ? __kthread_parkme+0x82/0x180 [ 11.562106] ? preempt_count_sub+0x50/0x80 [ 11.562451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.562485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.562509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.562532] kthread+0x337/0x6f0 [ 11.562554] ? trace_preempt_on+0x20/0xc0 [ 11.562578] ? __pfx_kthread+0x10/0x10 [ 11.562601] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.562623] ? calculate_sigpending+0x7b/0xa0 [ 11.562645] ? __pfx_kthread+0x10/0x10 [ 11.562668] ret_from_fork+0x41/0x80 [ 11.562688] ? __pfx_kthread+0x10/0x10 [ 11.562710] ret_from_fork_asm+0x1a/0x30 [ 11.562743] </TASK> [ 11.562753] [ 11.575925] Allocated by task 190: [ 11.576071] kasan_save_stack+0x45/0x70 [ 11.576436] kasan_save_track+0x18/0x40 [ 11.576580] kasan_save_alloc_info+0x3b/0x50 [ 11.576726] __kasan_kmalloc+0xb7/0xc0 [ 11.576857] __kmalloc_cache_noprof+0x189/0x420 [ 11.577074] kmalloc_oob_in_memset+0xac/0x320 [ 11.577278] kunit_try_run_case+0x1a5/0x480 [ 11.577851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.578090] kthread+0x337/0x6f0 [ 11.578218] ret_from_fork+0x41/0x80 [ 11.578409] ret_from_fork_asm+0x1a/0x30 [ 11.578640] [ 11.578747] The buggy address belongs to the object at ffff888102b31a00 [ 11.578747] which belongs to the cache kmalloc-128 of size 128 [ 11.579380] The buggy address is located 0 bytes inside of [ 11.579380] allocated 120-byte region [ffff888102b31a00, ffff888102b31a78) [ 11.579963] [ 11.580114] The buggy address belongs to the physical page: [ 11.580339] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 11.580725] flags: 0x200000000000000(node=0|zone=2) [ 11.581020] page_type: f5(slab) [ 11.581202] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.581497] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.582047] page dumped because: kasan: bad access detected [ 11.582292] [ 11.582375] Memory state around the buggy address: [ 11.582674] ffff888102b31900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.582886] ffff888102b31980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.583098] >ffff888102b31a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.583459] ^ [ 11.583771] ffff888102b31a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.584083] ffff888102b31b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.584435] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 11.536164] ================================================================== [ 11.536756] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 11.537037] Read of size 16 at addr ffff8881023f82c0 by task kunit_try_catch/188 [ 11.537645] [ 11.537759] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.537814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.537825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.537845] Call Trace: [ 11.537856] <TASK> [ 11.537871] dump_stack_lvl+0x73/0xb0 [ 11.537896] print_report+0xd1/0x650 [ 11.537918] ? __virt_addr_valid+0x1db/0x2d0 [ 11.537939] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.537960] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.537982] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.538004] kasan_report+0x141/0x180 [ 11.538026] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.538053] __asan_report_load16_noabort+0x18/0x20 [ 11.538073] kmalloc_uaf_16+0x47b/0x4c0 [ 11.538095] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 11.538117] ? __schedule+0x10cc/0x2b30 [ 11.538156] ? __pfx_read_tsc+0x10/0x10 [ 11.538176] ? ktime_get_ts64+0x86/0x230 [ 11.538201] kunit_try_run_case+0x1a5/0x480 [ 11.538224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.538245] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.538268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.538292] ? __kthread_parkme+0x82/0x180 [ 11.538313] ? preempt_count_sub+0x50/0x80 [ 11.538349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.538372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.538449] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.538474] kthread+0x337/0x6f0 [ 11.538495] ? trace_preempt_on+0x20/0xc0 [ 11.538519] ? __pfx_kthread+0x10/0x10 [ 11.538541] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.538562] ? calculate_sigpending+0x7b/0xa0 [ 11.538583] ? __pfx_kthread+0x10/0x10 [ 11.538605] ret_from_fork+0x41/0x80 [ 11.538626] ? __pfx_kthread+0x10/0x10 [ 11.538648] ret_from_fork_asm+0x1a/0x30 [ 11.538679] </TASK> [ 11.538690] [ 11.546025] Allocated by task 188: [ 11.546161] kasan_save_stack+0x45/0x70 [ 11.546542] kasan_save_track+0x18/0x40 [ 11.546743] kasan_save_alloc_info+0x3b/0x50 [ 11.546949] __kasan_kmalloc+0xb7/0xc0 [ 11.547140] __kmalloc_cache_noprof+0x189/0x420 [ 11.547349] kmalloc_uaf_16+0x15b/0x4c0 [ 11.547505] kunit_try_run_case+0x1a5/0x480 [ 11.547764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.547972] kthread+0x337/0x6f0 [ 11.548093] ret_from_fork+0x41/0x80 [ 11.548349] ret_from_fork_asm+0x1a/0x30 [ 11.548869] [ 11.548953] Freed by task 188: [ 11.549065] kasan_save_stack+0x45/0x70 [ 11.549204] kasan_save_track+0x18/0x40 [ 11.549558] kasan_save_free_info+0x3f/0x60 [ 11.549767] __kasan_slab_free+0x56/0x70 [ 11.549968] kfree+0x222/0x3f0 [ 11.550124] kmalloc_uaf_16+0x1d6/0x4c0 [ 11.550268] kunit_try_run_case+0x1a5/0x480 [ 11.550588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.550791] kthread+0x337/0x6f0 [ 11.550911] ret_from_fork+0x41/0x80 [ 11.551040] ret_from_fork_asm+0x1a/0x30 [ 11.551358] [ 11.551555] The buggy address belongs to the object at ffff8881023f82c0 [ 11.551555] which belongs to the cache kmalloc-16 of size 16 [ 11.552031] The buggy address is located 0 bytes inside of [ 11.552031] freed 16-byte region [ffff8881023f82c0, ffff8881023f82d0) [ 11.552406] [ 11.552537] The buggy address belongs to the physical page: [ 11.552789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 11.553133] flags: 0x200000000000000(node=0|zone=2) [ 11.553342] page_type: f5(slab) [ 11.553464] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.553932] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.554284] page dumped because: kasan: bad access detected [ 11.554559] [ 11.554672] Memory state around the buggy address: [ 11.554961] ffff8881023f8180: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 11.555209] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.555634] >ffff8881023f8280: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 11.555886] ^ [ 11.556110] ffff8881023f8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.556381] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.556640] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 11.512840] ================================================================== [ 11.513301] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 11.513682] Write of size 16 at addr ffff8881023b8f60 by task kunit_try_catch/186 [ 11.513951] [ 11.514061] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.514105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.514117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.514138] Call Trace: [ 11.514149] <TASK> [ 11.514165] dump_stack_lvl+0x73/0xb0 [ 11.514190] print_report+0xd1/0x650 [ 11.514212] ? __virt_addr_valid+0x1db/0x2d0 [ 11.514235] ? kmalloc_oob_16+0x452/0x4a0 [ 11.514255] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.514277] ? kmalloc_oob_16+0x452/0x4a0 [ 11.514298] kasan_report+0x141/0x180 [ 11.514320] ? kmalloc_oob_16+0x452/0x4a0 [ 11.514358] __asan_report_store16_noabort+0x1b/0x30 [ 11.514379] kmalloc_oob_16+0x452/0x4a0 [ 11.514513] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 11.514536] ? __schedule+0x10cc/0x2b30 [ 11.514560] ? __pfx_read_tsc+0x10/0x10 [ 11.514581] ? ktime_get_ts64+0x86/0x230 [ 11.514607] kunit_try_run_case+0x1a5/0x480 [ 11.514632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.514653] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.514676] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.514699] ? __kthread_parkme+0x82/0x180 [ 11.514721] ? preempt_count_sub+0x50/0x80 [ 11.514745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.514768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.514790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.514812] kthread+0x337/0x6f0 [ 11.514833] ? trace_preempt_on+0x20/0xc0 [ 11.514857] ? __pfx_kthread+0x10/0x10 [ 11.514879] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.514900] ? calculate_sigpending+0x7b/0xa0 [ 11.514922] ? __pfx_kthread+0x10/0x10 [ 11.514944] ret_from_fork+0x41/0x80 [ 11.514964] ? __pfx_kthread+0x10/0x10 [ 11.514986] ret_from_fork_asm+0x1a/0x30 [ 11.515018] </TASK> [ 11.515028] [ 11.523174] Allocated by task 186: [ 11.523313] kasan_save_stack+0x45/0x70 [ 11.523598] kasan_save_track+0x18/0x40 [ 11.523733] kasan_save_alloc_info+0x3b/0x50 [ 11.523875] __kasan_kmalloc+0xb7/0xc0 [ 11.524212] __kmalloc_cache_noprof+0x189/0x420 [ 11.524454] kmalloc_oob_16+0xa8/0x4a0 [ 11.524645] kunit_try_run_case+0x1a5/0x480 [ 11.524842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.525060] kthread+0x337/0x6f0 [ 11.525523] ret_from_fork+0x41/0x80 [ 11.525663] ret_from_fork_asm+0x1a/0x30 [ 11.525809] [ 11.525879] The buggy address belongs to the object at ffff8881023b8f60 [ 11.525879] which belongs to the cache kmalloc-16 of size 16 [ 11.526483] The buggy address is located 0 bytes inside of [ 11.526483] allocated 13-byte region [ffff8881023b8f60, ffff8881023b8f6d) [ 11.527016] [ 11.527112] The buggy address belongs to the physical page: [ 11.527382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023b8 [ 11.527852] flags: 0x200000000000000(node=0|zone=2) [ 11.528069] page_type: f5(slab) [ 11.528357] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.528833] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.529083] page dumped because: kasan: bad access detected [ 11.529251] [ 11.529319] Memory state around the buggy address: [ 11.529533] ffff8881023b8e00: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 11.529854] ffff8881023b8e80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 11.530303] >ffff8881023b8f00: fa fb fc fc fa fb fc fc 00 05 fc fc 00 05 fc fc [ 11.530782] ^ [ 11.531042] ffff8881023b8f80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.531446] ffff8881023b9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.531658] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 11.486636] ================================================================== [ 11.486973] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 11.487311] Read of size 1 at addr ffff888100351200 by task kunit_try_catch/184 [ 11.487630] [ 11.487742] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.487785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.487797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.487816] Call Trace: [ 11.487832] <TASK> [ 11.487849] dump_stack_lvl+0x73/0xb0 [ 11.487874] print_report+0xd1/0x650 [ 11.487896] ? __virt_addr_valid+0x1db/0x2d0 [ 11.487918] ? krealloc_uaf+0x53c/0x5e0 [ 11.487939] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.487961] ? krealloc_uaf+0x53c/0x5e0 [ 11.487982] kasan_report+0x141/0x180 [ 11.488004] ? krealloc_uaf+0x53c/0x5e0 [ 11.488031] __asan_report_load1_noabort+0x18/0x20 [ 11.488051] krealloc_uaf+0x53c/0x5e0 [ 11.488073] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.488093] ? finish_task_switch.isra.0+0x153/0x700 [ 11.488116] ? __switch_to+0x5d9/0xf60 [ 11.488135] ? dequeue_task_fair+0x166/0x4e0 [ 11.488160] ? __schedule+0x10cc/0x2b30 [ 11.488202] ? __pfx_read_tsc+0x10/0x10 [ 11.488220] ? ktime_get_ts64+0x86/0x230 [ 11.488245] kunit_try_run_case+0x1a5/0x480 [ 11.488268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.488289] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.488312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.488346] ? __kthread_parkme+0x82/0x180 [ 11.488366] ? preempt_count_sub+0x50/0x80 [ 11.488390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.488413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.488435] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.488457] kthread+0x337/0x6f0 [ 11.488477] ? trace_preempt_on+0x20/0xc0 [ 11.488499] ? __pfx_kthread+0x10/0x10 [ 11.488520] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.488542] ? calculate_sigpending+0x7b/0xa0 [ 11.488563] ? __pfx_kthread+0x10/0x10 [ 11.488585] ret_from_fork+0x41/0x80 [ 11.488605] ? __pfx_kthread+0x10/0x10 [ 11.488626] ret_from_fork_asm+0x1a/0x30 [ 11.488657] </TASK> [ 11.488667] [ 11.496124] Allocated by task 184: [ 11.496311] kasan_save_stack+0x45/0x70 [ 11.496770] kasan_save_track+0x18/0x40 [ 11.496976] kasan_save_alloc_info+0x3b/0x50 [ 11.497133] __kasan_kmalloc+0xb7/0xc0 [ 11.497447] __kmalloc_cache_noprof+0x189/0x420 [ 11.497651] krealloc_uaf+0xbb/0x5e0 [ 11.497827] kunit_try_run_case+0x1a5/0x480 [ 11.498013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.498284] kthread+0x337/0x6f0 [ 11.498435] ret_from_fork+0x41/0x80 [ 11.498624] ret_from_fork_asm+0x1a/0x30 [ 11.498790] [ 11.498885] Freed by task 184: [ 11.499040] kasan_save_stack+0x45/0x70 [ 11.499200] kasan_save_track+0x18/0x40 [ 11.499404] kasan_save_free_info+0x3f/0x60 [ 11.499615] __kasan_slab_free+0x56/0x70 [ 11.499810] kfree+0x222/0x3f0 [ 11.499966] krealloc_uaf+0x13d/0x5e0 [ 11.500121] kunit_try_run_case+0x1a5/0x480 [ 11.500418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.500709] kthread+0x337/0x6f0 [ 11.500855] ret_from_fork+0x41/0x80 [ 11.500986] ret_from_fork_asm+0x1a/0x30 [ 11.501124] [ 11.501194] The buggy address belongs to the object at ffff888100351200 [ 11.501194] which belongs to the cache kmalloc-256 of size 256 [ 11.501557] The buggy address is located 0 bytes inside of [ 11.501557] freed 256-byte region [ffff888100351200, ffff888100351300) [ 11.502079] [ 11.502228] The buggy address belongs to the physical page: [ 11.502494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.502840] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.503152] flags: 0x200000000000040(head|node=0|zone=2) [ 11.503333] page_type: f5(slab) [ 11.503453] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.503682] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.504032] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.504884] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.505273] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.505641] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.506187] page dumped because: kasan: bad access detected [ 11.506472] [ 11.506553] Memory state around the buggy address: [ 11.506745] ffff888100351100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.507048] ffff888100351180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.507395] >ffff888100351200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.507602] ^ [ 11.507787] ffff888100351280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.508100] ffff888100351300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.508387] ================================================================== [ 11.456246] ================================================================== [ 11.456886] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 11.457186] Read of size 1 at addr ffff888100351200 by task kunit_try_catch/184 [ 11.457584] [ 11.457693] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.457735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.457747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.457767] Call Trace: [ 11.457784] <TASK> [ 11.457799] dump_stack_lvl+0x73/0xb0 [ 11.457825] print_report+0xd1/0x650 [ 11.457848] ? __virt_addr_valid+0x1db/0x2d0 [ 11.457870] ? krealloc_uaf+0x1b8/0x5e0 [ 11.457890] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.457913] ? krealloc_uaf+0x1b8/0x5e0 [ 11.457935] kasan_report+0x141/0x180 [ 11.457957] ? krealloc_uaf+0x1b8/0x5e0 [ 11.457981] ? krealloc_uaf+0x1b8/0x5e0 [ 11.458003] __kasan_check_byte+0x3d/0x50 [ 11.458025] krealloc_noprof+0x3f/0x340 [ 11.458049] krealloc_uaf+0x1b8/0x5e0 [ 11.458071] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.458091] ? finish_task_switch.isra.0+0x153/0x700 [ 11.458114] ? __switch_to+0x5d9/0xf60 [ 11.458134] ? dequeue_task_fair+0x166/0x4e0 [ 11.458159] ? __schedule+0x10cc/0x2b30 [ 11.458182] ? __pfx_read_tsc+0x10/0x10 [ 11.458202] ? ktime_get_ts64+0x86/0x230 [ 11.458252] kunit_try_run_case+0x1a5/0x480 [ 11.458277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.458298] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.458332] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.458355] ? __kthread_parkme+0x82/0x180 [ 11.458377] ? preempt_count_sub+0x50/0x80 [ 11.458418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.458441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.458463] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.458485] kthread+0x337/0x6f0 [ 11.458506] ? trace_preempt_on+0x20/0xc0 [ 11.458529] ? __pfx_kthread+0x10/0x10 [ 11.458551] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.458572] ? calculate_sigpending+0x7b/0xa0 [ 11.458593] ? __pfx_kthread+0x10/0x10 [ 11.458615] ret_from_fork+0x41/0x80 [ 11.458635] ? __pfx_kthread+0x10/0x10 [ 11.458657] ret_from_fork_asm+0x1a/0x30 [ 11.458689] </TASK> [ 11.458699] [ 11.469187] Allocated by task 184: [ 11.469432] kasan_save_stack+0x45/0x70 [ 11.469610] kasan_save_track+0x18/0x40 [ 11.469767] kasan_save_alloc_info+0x3b/0x50 [ 11.469977] __kasan_kmalloc+0xb7/0xc0 [ 11.470155] __kmalloc_cache_noprof+0x189/0x420 [ 11.470443] krealloc_uaf+0xbb/0x5e0 [ 11.470578] kunit_try_run_case+0x1a5/0x480 [ 11.470771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.471024] kthread+0x337/0x6f0 [ 11.471194] ret_from_fork+0x41/0x80 [ 11.471349] ret_from_fork_asm+0x1a/0x30 [ 11.471543] [ 11.471633] Freed by task 184: [ 11.471778] kasan_save_stack+0x45/0x70 [ 11.471950] kasan_save_track+0x18/0x40 [ 11.472446] kasan_save_free_info+0x3f/0x60 [ 11.472613] __kasan_slab_free+0x56/0x70 [ 11.472797] kfree+0x222/0x3f0 [ 11.472943] krealloc_uaf+0x13d/0x5e0 [ 11.473112] kunit_try_run_case+0x1a5/0x480 [ 11.473301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.473487] kthread+0x337/0x6f0 [ 11.473608] ret_from_fork+0x41/0x80 [ 11.473738] ret_from_fork_asm+0x1a/0x30 [ 11.474191] [ 11.474619] The buggy address belongs to the object at ffff888100351200 [ 11.474619] which belongs to the cache kmalloc-256 of size 256 [ 11.475515] The buggy address is located 0 bytes inside of [ 11.475515] freed 256-byte region [ffff888100351200, ffff888100351300) [ 11.476091] [ 11.476511] The buggy address belongs to the physical page: [ 11.476834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.477308] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.477929] flags: 0x200000000000040(head|node=0|zone=2) [ 11.478402] page_type: f5(slab) [ 11.478828] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.479345] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.480018] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.480362] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.480879] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.481354] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.481907] page dumped because: kasan: bad access detected [ 11.482353] [ 11.482625] Memory state around the buggy address: [ 11.482838] ffff888100351100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.483381] ffff888100351180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.484023] >ffff888100351200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.484562] ^ [ 11.484727] ffff888100351280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.485014] ffff888100351300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.485702] ==================================================================
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
[ 104.468140] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 47.785361] ================================================================== [ 47.785734] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 47.785734] [ 47.786105] Use-after-free read at 0x(____ptrval____) (in kfence-#122): [ 47.786373] test_krealloc+0x6fc/0xbe0 [ 47.786669] kunit_try_run_case+0x1a5/0x480 [ 47.786886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.787098] kthread+0x337/0x6f0 [ 47.787225] ret_from_fork+0x41/0x80 [ 47.787763] ret_from_fork_asm+0x1a/0x30 [ 47.787988] [ 47.788084] kfence-#122: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 47.788084] [ 47.788466] allocated by task 358 on cpu 0 at 47.784731s (0.003733s ago): [ 47.788754] test_alloc+0x364/0x10f0 [ 47.788930] test_krealloc+0xad/0xbe0 [ 47.789102] kunit_try_run_case+0x1a5/0x480 [ 47.789742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.789972] kthread+0x337/0x6f0 [ 47.790334] ret_from_fork+0x41/0x80 [ 47.790598] ret_from_fork_asm+0x1a/0x30 [ 47.790757] [ 47.790855] freed by task 358 on cpu 0 at 47.784989s (0.005865s ago): [ 47.791341] krealloc_noprof+0x108/0x340 [ 47.791599] test_krealloc+0x226/0xbe0 [ 47.791848] kunit_try_run_case+0x1a5/0x480 [ 47.792044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.792407] kthread+0x337/0x6f0 [ 47.792566] ret_from_fork+0x41/0x80 [ 47.792864] ret_from_fork_asm+0x1a/0x30 [ 47.793052] [ 47.793326] CPU: 0 UID: 0 PID: 358 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 47.793849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.794055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.794459] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 47.689177] ================================================================== [ 47.690293] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.690293] [ 47.691402] Use-after-free read at 0x(____ptrval____) (in kfence-#121): [ 47.692038] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.692454] kunit_try_run_case+0x1a5/0x480 [ 47.692941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.693444] kthread+0x337/0x6f0 [ 47.693778] ret_from_fork+0x41/0x80 [ 47.693954] ret_from_fork_asm+0x1a/0x30 [ 47.694107] [ 47.694207] kfence-#121: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 47.694207] [ 47.694617] allocated by task 356 on cpu 0 at 47.681708s (0.012906s ago): [ 47.694925] test_alloc+0x2a6/0x10f0 [ 47.695065] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 47.695325] kunit_try_run_case+0x1a5/0x480 [ 47.695518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.695739] kthread+0x337/0x6f0 [ 47.695893] ret_from_fork+0x41/0x80 [ 47.696054] ret_from_fork_asm+0x1a/0x30 [ 47.696244] [ 47.696325] freed by task 356 on cpu 0 at 47.681819s (0.014504s ago): [ 47.696659] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 47.696908] kunit_try_run_case+0x1a5/0x480 [ 47.697078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.697251] kthread+0x337/0x6f0 [ 47.697404] ret_from_fork+0x41/0x80 [ 47.697620] ret_from_fork_asm+0x1a/0x30 [ 47.697829] [ 47.697953] CPU: 0 UID: 0 PID: 356 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 47.698451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.698634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.699017] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 22.109027] ================================================================== [ 22.109884] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 22.109884] [ 22.110188] Invalid read at 0x(____ptrval____): [ 22.111144] test_invalid_access+0xf0/0x210 [ 22.111365] kunit_try_run_case+0x1a5/0x480 [ 22.111657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.111891] kthread+0x337/0x6f0 [ 22.112038] ret_from_fork+0x41/0x80 [ 22.112253] ret_from_fork_asm+0x1a/0x30 [ 22.112566] [ 22.112697] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.113129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.113340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.113819] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 21.888935] ================================================================== [ 21.889423] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 21.889423] [ 21.889799] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#117): [ 21.890408] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 21.890625] kunit_try_run_case+0x1a5/0x480 [ 21.890840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.891068] kthread+0x337/0x6f0 [ 21.891258] ret_from_fork+0x41/0x80 [ 21.891424] ret_from_fork_asm+0x1a/0x30 [ 21.891629] [ 21.891727] kfence-#117: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 21.891727] [ 21.892106] allocated by task 346 on cpu 1 at 21.888681s (0.003423s ago): [ 21.892394] test_alloc+0x364/0x10f0 [ 21.892529] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 21.892885] kunit_try_run_case+0x1a5/0x480 [ 21.893092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.893298] kthread+0x337/0x6f0 [ 21.893429] ret_from_fork+0x41/0x80 [ 21.893583] ret_from_fork_asm+0x1a/0x30 [ 21.893783] [ 21.893880] freed by task 346 on cpu 1 at 21.888821s (0.005057s ago): [ 21.894236] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 21.894493] kunit_try_run_case+0x1a5/0x480 [ 21.894650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.894904] kthread+0x337/0x6f0 [ 21.895058] ret_from_fork+0x41/0x80 [ 21.895300] ret_from_fork_asm+0x1a/0x30 [ 21.895481] [ 21.895591] CPU: 1 UID: 0 PID: 346 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.895918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.896127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.896505] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 21.680942] ================================================================== [ 21.681398] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 21.681398] [ 21.681747] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#115): [ 21.682098] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 21.682434] kunit_try_run_case+0x1a5/0x480 [ 21.682616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.682789] kthread+0x337/0x6f0 [ 21.682954] ret_from_fork+0x41/0x80 [ 21.683162] ret_from_fork_asm+0x1a/0x30 [ 21.683551] [ 21.683831] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 21.683831] [ 21.684526] allocated by task 344 on cpu 0 at 21.680748s (0.003775s ago): [ 21.684853] test_alloc+0x364/0x10f0 [ 21.685341] test_kmalloc_aligned_oob_read+0x105/0x560 [ 21.685689] kunit_try_run_case+0x1a5/0x480 [ 21.685929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.686356] kthread+0x337/0x6f0 [ 21.686549] ret_from_fork+0x41/0x80 [ 21.686857] ret_from_fork_asm+0x1a/0x30 [ 21.687066] [ 21.687332] CPU: 0 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.687796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.687986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.688539] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 17.728780] ================================================================== [ 17.729184] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 17.729184] [ 17.729502] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#77): [ 17.730145] test_corruption+0x2d2/0x3e0 [ 17.730313] kunit_try_run_case+0x1a5/0x480 [ 17.730489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.730745] kthread+0x337/0x6f0 [ 17.730920] ret_from_fork+0x41/0x80 [ 17.731086] ret_from_fork_asm+0x1a/0x30 [ 17.731295] [ 17.731392] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.731392] [ 17.731786] allocated by task 332 on cpu 0 at 17.728616s (0.003168s ago): [ 17.732018] test_alloc+0x364/0x10f0 [ 17.732196] test_corruption+0xe6/0x3e0 [ 17.732443] kunit_try_run_case+0x1a5/0x480 [ 17.732656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.732857] kthread+0x337/0x6f0 [ 17.732990] ret_from_fork+0x41/0x80 [ 17.733228] ret_from_fork_asm+0x1a/0x30 [ 17.733441] [ 17.733558] freed by task 332 on cpu 0 at 17.728714s (0.004841s ago): [ 17.733838] test_corruption+0x2d2/0x3e0 [ 17.733981] kunit_try_run_case+0x1a5/0x480 [ 17.734124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.734425] kthread+0x337/0x6f0 [ 17.734598] ret_from_fork+0x41/0x80 [ 17.734775] ret_from_fork_asm+0x1a/0x30 [ 17.734929] [ 17.735046] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.735555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.735754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.736155] ================================================================== [ 18.248785] ================================================================== [ 18.249179] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 18.249179] [ 18.249490] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#82): [ 18.249889] test_corruption+0x216/0x3e0 [ 18.250038] kunit_try_run_case+0x1a5/0x480 [ 18.250362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.250629] kthread+0x337/0x6f0 [ 18.251002] ret_from_fork+0x41/0x80 [ 18.251386] ret_from_fork_asm+0x1a/0x30 [ 18.251565] [ 18.251669] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.251669] [ 18.251998] allocated by task 334 on cpu 1 at 18.248670s (0.003326s ago): [ 18.252720] test_alloc+0x2a6/0x10f0 [ 18.252884] test_corruption+0x1cb/0x3e0 [ 18.253296] kunit_try_run_case+0x1a5/0x480 [ 18.253504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.253881] kthread+0x337/0x6f0 [ 18.254063] ret_from_fork+0x41/0x80 [ 18.254374] ret_from_fork_asm+0x1a/0x30 [ 18.254644] [ 18.254739] freed by task 334 on cpu 1 at 18.248711s (0.006026s ago): [ 18.255003] test_corruption+0x216/0x3e0 [ 18.255426] kunit_try_run_case+0x1a5/0x480 [ 18.255641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.255846] kthread+0x337/0x6f0 [ 18.256148] ret_from_fork+0x41/0x80 [ 18.256345] ret_from_fork_asm+0x1a/0x30 [ 18.256520] [ 18.256628] CPU: 1 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.257086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.257548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.257906] ================================================================== [ 18.040816] ================================================================== [ 18.041273] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 18.041273] [ 18.041669] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#80): [ 18.042340] test_corruption+0x131/0x3e0 [ 18.042989] kunit_try_run_case+0x1a5/0x480 [ 18.043202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.043398] kthread+0x337/0x6f0 [ 18.043526] ret_from_fork+0x41/0x80 [ 18.043658] ret_from_fork_asm+0x1a/0x30 [ 18.043800] [ 18.043874] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.043874] [ 18.044146] allocated by task 334 on cpu 1 at 18.040687s (0.003456s ago): [ 18.044375] test_alloc+0x2a6/0x10f0 [ 18.044508] test_corruption+0xe6/0x3e0 [ 18.044642] kunit_try_run_case+0x1a5/0x480 [ 18.044786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.045740] kthread+0x337/0x6f0 [ 18.046053] ret_from_fork+0x41/0x80 [ 18.046220] ret_from_fork_asm+0x1a/0x30 [ 18.046418] [ 18.046507] freed by task 334 on cpu 1 at 18.040742s (0.005763s ago): [ 18.046794] test_corruption+0x131/0x3e0 [ 18.046985] kunit_try_run_case+0x1a5/0x480 [ 18.047255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.047484] kthread+0x337/0x6f0 [ 18.047608] ret_from_fork+0x41/0x80 [ 18.047739] ret_from_fork_asm+0x1a/0x30 [ 18.047877] [ 18.047972] CPU: 1 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.049038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.049447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.050218] ================================================================== [ 17.832943] ================================================================== [ 17.833387] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 17.833387] [ 17.833671] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#78): [ 17.834077] test_corruption+0x2df/0x3e0 [ 17.834225] kunit_try_run_case+0x1a5/0x480 [ 17.834422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.834750] kthread+0x337/0x6f0 [ 17.835228] ret_from_fork+0x41/0x80 [ 17.835435] ret_from_fork_asm+0x1a/0x30 [ 17.835600] [ 17.835677] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.835677] [ 17.836106] allocated by task 332 on cpu 0 at 17.832700s (0.003404s ago): [ 17.836370] test_alloc+0x364/0x10f0 [ 17.836668] test_corruption+0x1cb/0x3e0 [ 17.836848] kunit_try_run_case+0x1a5/0x480 [ 17.836997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.837374] kthread+0x337/0x6f0 [ 17.837549] ret_from_fork+0x41/0x80 [ 17.837739] ret_from_fork_asm+0x1a/0x30 [ 17.837911] [ 17.838011] freed by task 332 on cpu 0 at 17.832790s (0.005219s ago): [ 17.838305] test_corruption+0x2df/0x3e0 [ 17.838457] kunit_try_run_case+0x1a5/0x480 [ 17.838658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.838914] kthread+0x337/0x6f0 [ 17.839077] ret_from_fork+0x41/0x80 [ 17.839621] ret_from_fork_asm+0x1a/0x30 [ 17.839787] [ 17.839886] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.840485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.840661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.841010] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 17.624836] ================================================================== [ 17.625350] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 17.625350] [ 17.625736] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 17.626004] test_invalid_addr_free+0xfb/0x260 [ 17.626621] kunit_try_run_case+0x1a5/0x480 [ 17.627110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.627503] kthread+0x337/0x6f0 [ 17.627682] ret_from_fork+0x41/0x80 [ 17.627860] ret_from_fork_asm+0x1a/0x30 [ 17.628051] [ 17.628404] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.628404] [ 17.628839] allocated by task 330 on cpu 0 at 17.624732s (0.004105s ago): [ 17.629105] test_alloc+0x2a6/0x10f0 [ 17.629305] test_invalid_addr_free+0xdb/0x260 [ 17.629488] kunit_try_run_case+0x1a5/0x480 [ 17.629702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.629934] kthread+0x337/0x6f0 [ 17.630060] ret_from_fork+0x41/0x80 [ 17.630239] ret_from_fork_asm+0x1a/0x30 [ 17.630505] [ 17.630612] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.631027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.631234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.631609] ================================================================== [ 17.520790] ================================================================== [ 17.521191] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 17.521191] [ 17.521680] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 17.522222] test_invalid_addr_free+0x1e1/0x260 [ 17.522453] kunit_try_run_case+0x1a5/0x480 [ 17.522615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.523071] kthread+0x337/0x6f0 [ 17.523207] ret_from_fork+0x41/0x80 [ 17.523354] ret_from_fork_asm+0x1a/0x30 [ 17.523496] [ 17.523570] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.523570] [ 17.523856] allocated by task 328 on cpu 1 at 17.520678s (0.003176s ago): [ 17.524073] test_alloc+0x364/0x10f0 [ 17.524203] test_invalid_addr_free+0xdb/0x260 [ 17.524376] kunit_try_run_case+0x1a5/0x480 [ 17.524745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.525586] kthread+0x337/0x6f0 [ 17.525783] ret_from_fork+0x41/0x80 [ 17.525970] ret_from_fork_asm+0x1a/0x30 [ 17.526264] [ 17.526403] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.526893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.527050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.527314] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 17.416884] ================================================================== [ 17.417362] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 17.417362] [ 17.417745] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 17.418025] test_double_free+0x112/0x260 [ 17.418181] kunit_try_run_case+0x1a5/0x480 [ 17.418390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.418671] kthread+0x337/0x6f0 [ 17.418869] ret_from_fork+0x41/0x80 [ 17.419030] ret_from_fork_asm+0x1a/0x30 [ 17.419226] [ 17.419334] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.419334] [ 17.419749] allocated by task 326 on cpu 0 at 17.416714s (0.003033s ago): [ 17.420081] test_alloc+0x2a6/0x10f0 [ 17.420260] test_double_free+0xdb/0x260 [ 17.420486] kunit_try_run_case+0x1a5/0x480 [ 17.420722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.420980] kthread+0x337/0x6f0 [ 17.421140] ret_from_fork+0x41/0x80 [ 17.421269] ret_from_fork_asm+0x1a/0x30 [ 17.421547] [ 17.421643] freed by task 326 on cpu 0 at 17.416769s (0.004873s ago): [ 17.421968] test_double_free+0xfa/0x260 [ 17.422208] kunit_try_run_case+0x1a5/0x480 [ 17.422368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.422586] kthread+0x337/0x6f0 [ 17.422778] ret_from_fork+0x41/0x80 [ 17.422982] ret_from_fork_asm+0x1a/0x30 [ 17.423193] [ 17.423341] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.423868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.424069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.424515] ================================================================== [ 17.312971] ================================================================== [ 17.313497] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 17.313497] [ 17.313877] Invalid free of 0x(____ptrval____) (in kfence-#73): [ 17.314140] test_double_free+0x1d3/0x260 [ 17.314376] kunit_try_run_case+0x1a5/0x480 [ 17.314615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.314869] kthread+0x337/0x6f0 [ 17.315028] ret_from_fork+0x41/0x80 [ 17.315200] ret_from_fork_asm+0x1a/0x30 [ 17.315408] [ 17.315575] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.315575] [ 17.315965] allocated by task 324 on cpu 1 at 17.312748s (0.003215s ago): [ 17.316287] test_alloc+0x364/0x10f0 [ 17.316530] test_double_free+0xdb/0x260 [ 17.316747] kunit_try_run_case+0x1a5/0x480 [ 17.316985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.317236] kthread+0x337/0x6f0 [ 17.317424] ret_from_fork+0x41/0x80 [ 17.317609] ret_from_fork_asm+0x1a/0x30 [ 17.317764] [ 17.317843] freed by task 324 on cpu 1 at 17.312839s (0.005001s ago): [ 17.318690] test_double_free+0x1e0/0x260 [ 17.318917] kunit_try_run_case+0x1a5/0x480 [ 17.319122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.319567] kthread+0x337/0x6f0 [ 17.319763] ret_from_fork+0x41/0x80 [ 17.319946] ret_from_fork_asm+0x1a/0x30 [ 17.320110] [ 17.320207] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.320699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.320857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.321263] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.000844] ================================================================== [ 17.001255] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.001255] [ 17.001822] Use-after-free read at 0x(____ptrval____) (in kfence-#70): [ 17.002162] test_use_after_free_read+0x129/0x270 [ 17.002362] kunit_try_run_case+0x1a5/0x480 [ 17.002573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.002777] kthread+0x337/0x6f0 [ 17.002930] ret_from_fork+0x41/0x80 [ 17.003067] ret_from_fork_asm+0x1a/0x30 [ 17.003210] [ 17.003341] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.003341] [ 17.003600] allocated by task 318 on cpu 0 at 17.000712s (0.002886s ago): [ 17.003922] test_alloc+0x2a6/0x10f0 [ 17.004099] test_use_after_free_read+0xdc/0x270 [ 17.004536] kunit_try_run_case+0x1a5/0x480 [ 17.004825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.005006] kthread+0x337/0x6f0 [ 17.005127] ret_from_fork+0x41/0x80 [ 17.005255] ret_from_fork_asm+0x1a/0x30 [ 17.005404] [ 17.005475] freed by task 318 on cpu 0 at 17.000768s (0.004705s ago): [ 17.005696] test_use_after_free_read+0xfb/0x270 [ 17.005858] kunit_try_run_case+0x1a5/0x480 [ 17.006001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.007474] kthread+0x337/0x6f0 [ 17.007697] ret_from_fork+0x41/0x80 [ 17.007831] ret_from_fork_asm+0x1a/0x30 [ 17.008569] [ 17.008833] CPU: 0 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.009844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.009997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.010256] ================================================================== [ 16.896978] ================================================================== [ 16.897530] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.897530] [ 16.897949] Use-after-free read at 0x(____ptrval____) (in kfence-#69): [ 16.898188] test_use_after_free_read+0x129/0x270 [ 16.898537] kunit_try_run_case+0x1a5/0x480 [ 16.898729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.898931] kthread+0x337/0x6f0 [ 16.899104] ret_from_fork+0x41/0x80 [ 16.899262] ret_from_fork_asm+0x1a/0x30 [ 16.899493] [ 16.899566] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.899566] [ 16.900126] allocated by task 316 on cpu 1 at 16.896678s (0.003446s ago): [ 16.900358] test_alloc+0x364/0x10f0 [ 16.900558] test_use_after_free_read+0xdc/0x270 [ 16.900785] kunit_try_run_case+0x1a5/0x480 [ 16.900969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.901141] kthread+0x337/0x6f0 [ 16.901280] ret_from_fork+0x41/0x80 [ 16.901481] ret_from_fork_asm+0x1a/0x30 [ 16.901679] [ 16.901787] freed by task 316 on cpu 1 at 16.896730s (0.005054s ago): [ 16.902099] test_use_after_free_read+0x1e7/0x270 [ 16.902333] kunit_try_run_case+0x1a5/0x480 [ 16.902506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.902681] kthread+0x337/0x6f0 [ 16.902854] ret_from_fork+0x41/0x80 [ 16.903038] ret_from_fork_asm+0x1a/0x30 [ 16.903254] [ 16.903440] CPU: 1 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.903775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.903940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.904361] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 16.792911] ================================================================== [ 16.793498] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.793498] [ 16.793971] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#68): [ 16.794587] test_out_of_bounds_write+0x10d/0x260 [ 16.795122] kunit_try_run_case+0x1a5/0x480 [ 16.795419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.795675] kthread+0x337/0x6f0 [ 16.795818] ret_from_fork+0x41/0x80 [ 16.796007] ret_from_fork_asm+0x1a/0x30 [ 16.796214] [ 16.796294] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.796294] [ 16.796634] allocated by task 314 on cpu 0 at 16.792852s (0.003780s ago): [ 16.796988] test_alloc+0x2a6/0x10f0 [ 16.797157] test_out_of_bounds_write+0xd4/0x260 [ 16.797441] kunit_try_run_case+0x1a5/0x480 [ 16.797722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.797987] kthread+0x337/0x6f0 [ 16.798226] ret_from_fork+0x41/0x80 [ 16.798421] ret_from_fork_asm+0x1a/0x30 [ 16.798599] [ 16.798741] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.799234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.799455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.799783] ================================================================== [ 16.584802] ================================================================== [ 16.585222] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.585222] [ 16.585675] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#66): [ 16.585956] test_out_of_bounds_write+0x10d/0x260 [ 16.586180] kunit_try_run_case+0x1a5/0x480 [ 16.586407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.586624] kthread+0x337/0x6f0 [ 16.586786] ret_from_fork+0x41/0x80 [ 16.586942] ret_from_fork_asm+0x1a/0x30 [ 16.587085] [ 16.587179] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.587179] [ 16.587707] allocated by task 312 on cpu 1 at 16.584682s (0.003022s ago): [ 16.588002] test_alloc+0x364/0x10f0 [ 16.588150] test_out_of_bounds_write+0xd4/0x260 [ 16.588307] kunit_try_run_case+0x1a5/0x480 [ 16.588526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.588832] kthread+0x337/0x6f0 [ 16.589310] ret_from_fork+0x41/0x80 [ 16.589534] ret_from_fork_asm+0x1a/0x30 [ 16.589697] [ 16.589797] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.590274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.590454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.590775] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.480749] ================================================================== [ 16.481133] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.481133] [ 16.481560] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#65): [ 16.481841] test_out_of_bounds_read+0x216/0x4e0 [ 16.482044] kunit_try_run_case+0x1a5/0x480 [ 16.482290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.482555] kthread+0x337/0x6f0 [ 16.482733] ret_from_fork+0x41/0x80 [ 16.482914] ret_from_fork_asm+0x1a/0x30 [ 16.483117] [ 16.483215] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.483215] [ 16.483554] allocated by task 310 on cpu 1 at 16.480699s (0.002852s ago): [ 16.483905] test_alloc+0x2a6/0x10f0 [ 16.484242] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.484452] kunit_try_run_case+0x1a5/0x480 [ 16.484600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.484856] kthread+0x337/0x6f0 [ 16.485027] ret_from_fork+0x41/0x80 [ 16.485251] ret_from_fork_asm+0x1a/0x30 [ 16.485403] [ 16.485496] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.485965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.486163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.486552] ================================================================== [ 15.753616] ================================================================== [ 15.754063] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.754063] [ 15.754596] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#58): [ 15.754904] test_out_of_bounds_read+0x126/0x4e0 [ 15.755135] kunit_try_run_case+0x1a5/0x480 [ 15.755288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.755657] kthread+0x337/0x6f0 [ 15.755860] ret_from_fork+0x41/0x80 [ 15.756301] ret_from_fork_asm+0x1a/0x30 [ 15.756514] [ 15.756611] kfence-#58: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.756611] [ 15.756990] allocated by task 308 on cpu 1 at 15.752686s (0.004302s ago): [ 15.757700] test_alloc+0x364/0x10f0 [ 15.757936] test_out_of_bounds_read+0xed/0x4e0 [ 15.758166] kunit_try_run_case+0x1a5/0x480 [ 15.758453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.758693] kthread+0x337/0x6f0 [ 15.758849] ret_from_fork+0x41/0x80 [ 15.759007] ret_from_fork_asm+0x1a/0x30 [ 15.759499] [ 15.759622] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.760171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.760536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.761001] ================================================================== [ 16.168881] ================================================================== [ 16.169431] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.169431] [ 16.169848] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#62): [ 16.170638] test_out_of_bounds_read+0x216/0x4e0 [ 16.170863] kunit_try_run_case+0x1a5/0x480 [ 16.171040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.171585] kthread+0x337/0x6f0 [ 16.171760] ret_from_fork+0x41/0x80 [ 16.171901] ret_from_fork_asm+0x1a/0x30 [ 16.172353] [ 16.172447] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.172447] [ 16.172970] allocated by task 308 on cpu 1 at 16.168707s (0.004260s ago): [ 16.173544] test_alloc+0x364/0x10f0 [ 16.173727] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.173928] kunit_try_run_case+0x1a5/0x480 [ 16.174124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.174598] kthread+0x337/0x6f0 [ 16.174739] ret_from_fork+0x41/0x80 [ 16.175041] ret_from_fork_asm+0x1a/0x30 [ 16.175266] [ 16.175396] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.176043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.176376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.176748] ================================================================== [ 16.376746] ================================================================== [ 16.377144] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.377144] [ 16.377525] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#64): [ 16.377874] test_out_of_bounds_read+0x126/0x4e0 [ 16.378098] kunit_try_run_case+0x1a5/0x480 [ 16.378267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.378478] kthread+0x337/0x6f0 [ 16.378658] ret_from_fork+0x41/0x80 [ 16.378844] ret_from_fork_asm+0x1a/0x30 [ 16.379052] [ 16.379144] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.379144] [ 16.379473] allocated by task 310 on cpu 1 at 16.376691s (0.002780s ago): [ 16.379845] test_alloc+0x2a6/0x10f0 [ 16.380017] test_out_of_bounds_read+0xed/0x4e0 [ 16.380269] kunit_try_run_case+0x1a5/0x480 [ 16.380449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.380706] kthread+0x337/0x6f0 [ 16.380859] ret_from_fork+0x41/0x80 [ 16.380992] ret_from_fork_asm+0x1a/0x30 [ 16.381131] [ 16.381247] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.381741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.381935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.382422] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 11.013660] ================================================================== [ 11.015528] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x288/0x520 [ 11.015528] [ 11.016238] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#29): [ 11.017972] kmalloc_track_caller_oob_right+0x288/0x520 [ 11.018297] kunit_try_run_case+0x1a5/0x480 [ 11.018670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.019167] kthread+0x337/0x6f0 [ 11.019342] ret_from_fork+0x41/0x80 [ 11.019927] ret_from_fork_asm+0x1a/0x30 [ 11.020344] [ 11.020727] kfence-#29: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 11.020727] [ 11.021400] allocated by task 162 on cpu 1 at 11.011593s (0.009723s ago): [ 11.022123] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.022690] kunit_try_run_case+0x1a5/0x480 [ 11.022846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.023019] kthread+0x337/0x6f0 [ 11.023160] ret_from_fork+0x41/0x80 [ 11.023297] ret_from_fork_asm+0x1a/0x30 [ 11.024154] [ 11.024395] freed by task 162 on cpu 1 at 11.013175s (0.011129s ago): [ 11.024774] kmalloc_track_caller_oob_right+0x288/0x520 [ 11.025247] kunit_try_run_case+0x1a5/0x480 [ 11.025644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.025978] kthread+0x337/0x6f0 [ 11.026276] ret_from_fork+0x41/0x80 [ 11.026597] ret_from_fork_asm+0x1a/0x30 [ 11.026775] [ 11.026919] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.027604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.027788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.028523] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-cs_dsp_mock_bin_add_name_or_infoisra
[ 149.754172] ================================================================== [ 149.754950] BUG: KASAN: global-out-of-bounds in cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 149.755422] Read of size 12 at addr ffffffff8b2ccd00 by task kunit_try_catch/4185 [ 149.755730] [ 149.755872] CPU: 1 UID: 0 PID: 4185 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 149.755935] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 149.755948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 149.755979] Call Trace: [ 149.755993] <TASK> [ 149.756015] dump_stack_lvl+0x73/0xb0 [ 149.756043] print_report+0xd1/0x650 [ 149.756072] ? __virt_addr_valid+0x1db/0x2d0 [ 149.756095] ? cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 149.756118] ? kasan_addr_to_slab+0x11/0xa0 [ 149.756139] ? cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 149.756162] kasan_report+0x141/0x180 [ 149.756184] ? cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 149.756213] kasan_check_range+0x10c/0x1c0 [ 149.756236] __asan_memcpy+0x27/0x70 [ 149.756268] cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 149.756303] ? __pfx_cs_dsp_mock_bin_add_name_or_info.isra.0+0x10/0x10 [ 149.756328] ? __pfx_cs_dsp_mock_reg_addr_inc_per_unpacked_word+0x10/0x10 [ 149.756352] ? __pfx__cs_dsp_remove_wrapper+0x10/0x10 [ 149.756378] cs_dsp_mock_bin_add_info+0x12/0x20 [ 149.756399] bin_patch_name_and_info+0x1a1/0x8d0 [ 149.756425] ? __pfx_bin_patch_name_and_info+0x10/0x10 [ 149.756449] ? __pfx_kfree_action_wrapper+0x10/0x10 [ 149.756474] ? kunit_add_action_or_reset+0x1d/0x40 [ 149.756495] ? __pfx_read_tsc+0x10/0x10 [ 149.756515] ? ktime_get_ts64+0x86/0x230 [ 149.756542] kunit_try_run_case+0x1a5/0x480 [ 149.756563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 149.756582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 149.756605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 149.756646] ? __kthread_parkme+0x82/0x180 [ 149.756669] ? preempt_count_sub+0x50/0x80 [ 149.756694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 149.756731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 149.756752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 149.756771] kthread+0x337/0x6f0 [ 149.756792] ? trace_preempt_on+0x20/0xc0 [ 149.756816] ? __pfx_kthread+0x10/0x10 [ 149.756837] ? _raw_spin_unlock_irq+0x47/0x80 [ 149.756857] ? calculate_sigpending+0x7b/0xa0 [ 149.756878] ? __pfx_kthread+0x10/0x10 [ 149.756899] ret_from_fork+0x41/0x80 [ 149.756920] ? __pfx_kthread+0x10/0x10 [ 149.756941] ret_from_fork_asm+0x1a/0x30 [ 149.756975] </TASK> [ 149.756987] [ 149.766783] The buggy address belongs to the variable: [ 149.767027] __loc.16+0x80/0x540 [ 149.767234] [ 149.767356] The buggy address belongs to the physical page: [ 149.767614] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x13e2cc [ 149.767979] flags: 0x200000000002000(reserved|node=0|zone=2) [ 149.768320] raw: 0200000000002000 ffffea0004f8b308 ffffea0004f8b308 0000000000000000 [ 149.768665] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 149.769014] page dumped because: kasan: bad access detected [ 149.769325] [ 149.769450] Memory state around the buggy address: [ 149.769679] ffffffff8b2ccc00: 00 00 f9 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 [ 149.769951] ffffffff8b2ccc80: 00 00 f9 f9 f9 f9 f9 f9 00 01 f9 f9 f9 f9 f9 f9 [ 149.770337] >ffffffff8b2ccd00: 00 02 f9 f9 f9 f9 f9 f9 00 00 00 00 00 07 f9 f9 [ 149.770656] ^ [ 149.770779] ffffffff8b2ccd80: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 06 f9 f9 [ 149.771025] ffffffff8b2cce00: f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 00 01 f9 f9 [ 149.771404] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 15.569670] ================================================================== [ 15.570034] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 15.570507] Write of size 121 at addr ffff888102b49800 by task kunit_try_catch/306 [ 15.570808] [ 15.570919] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.570963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.570976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.570997] Call Trace: [ 15.571012] <TASK> [ 15.571028] dump_stack_lvl+0x73/0xb0 [ 15.571053] print_report+0xd1/0x650 [ 15.571077] ? __virt_addr_valid+0x1db/0x2d0 [ 15.571100] ? strncpy_from_user+0x2e/0x1d0 [ 15.571123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.571158] ? strncpy_from_user+0x2e/0x1d0 [ 15.571182] kasan_report+0x141/0x180 [ 15.571206] ? strncpy_from_user+0x2e/0x1d0 [ 15.571235] kasan_check_range+0x10c/0x1c0 [ 15.571261] __kasan_check_write+0x18/0x20 [ 15.571283] strncpy_from_user+0x2e/0x1d0 [ 15.571306] ? __kasan_check_read+0x15/0x20 [ 15.571340] copy_user_test_oob+0x760/0x10f0 [ 15.571364] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.571385] ? finish_task_switch.isra.0+0x153/0x700 [ 15.571411] ? __switch_to+0x5d9/0xf60 [ 15.571432] ? dequeue_task_fair+0x166/0x4e0 [ 15.571458] ? __schedule+0x10cc/0x2b30 [ 15.571482] ? __pfx_read_tsc+0x10/0x10 [ 15.571502] ? ktime_get_ts64+0x86/0x230 [ 15.571528] kunit_try_run_case+0x1a5/0x480 [ 15.571554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.571576] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.571601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.571627] ? __kthread_parkme+0x82/0x180 [ 15.571651] ? preempt_count_sub+0x50/0x80 [ 15.571678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.571703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.571726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.571749] kthread+0x337/0x6f0 [ 15.571771] ? trace_preempt_on+0x20/0xc0 [ 15.571795] ? __pfx_kthread+0x10/0x10 [ 15.571819] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.571842] ? calculate_sigpending+0x7b/0xa0 [ 15.571864] ? __pfx_kthread+0x10/0x10 [ 15.571888] ret_from_fork+0x41/0x80 [ 15.571909] ? __pfx_kthread+0x10/0x10 [ 15.571933] ret_from_fork_asm+0x1a/0x30 [ 15.571966] </TASK> [ 15.571978] [ 15.580014] Allocated by task 306: [ 15.580157] kasan_save_stack+0x45/0x70 [ 15.580303] kasan_save_track+0x18/0x40 [ 15.580449] kasan_save_alloc_info+0x3b/0x50 [ 15.580591] __kasan_kmalloc+0xb7/0xc0 [ 15.580979] __kmalloc_noprof+0x1c9/0x500 [ 15.581422] kunit_kmalloc_array+0x25/0x60 [ 15.581569] copy_user_test_oob+0xab/0x10f0 [ 15.581709] kunit_try_run_case+0x1a5/0x480 [ 15.581859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.582028] kthread+0x337/0x6f0 [ 15.582392] ret_from_fork+0x41/0x80 [ 15.582791] ret_from_fork_asm+0x1a/0x30 [ 15.583221] [ 15.583438] The buggy address belongs to the object at ffff888102b49800 [ 15.583438] which belongs to the cache kmalloc-128 of size 128 [ 15.584590] The buggy address is located 0 bytes inside of [ 15.584590] allocated 120-byte region [ffff888102b49800, ffff888102b49878) [ 15.585720] [ 15.585862] The buggy address belongs to the physical page: [ 15.586378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.586616] flags: 0x200000000000000(node=0|zone=2) [ 15.586776] page_type: f5(slab) [ 15.586897] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.587146] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.587874] page dumped because: kasan: bad access detected [ 15.588418] [ 15.588576] Memory state around the buggy address: [ 15.589056] ffff888102b49700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.589725] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.590394] >ffff888102b49800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.591022] ^ [ 15.591532] ffff888102b49880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.591742] ffff888102b49900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.591949] ================================================================== [ 15.592539] ================================================================== [ 15.593204] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 15.593879] Write of size 1 at addr ffff888102b49878 by task kunit_try_catch/306 [ 15.594548] [ 15.594723] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.594779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.594792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.594823] Call Trace: [ 15.594840] <TASK> [ 15.594857] dump_stack_lvl+0x73/0xb0 [ 15.594881] print_report+0xd1/0x650 [ 15.594905] ? __virt_addr_valid+0x1db/0x2d0 [ 15.594936] ? strncpy_from_user+0x1a5/0x1d0 [ 15.594959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.594983] ? strncpy_from_user+0x1a5/0x1d0 [ 15.595016] kasan_report+0x141/0x180 [ 15.595040] ? strncpy_from_user+0x1a5/0x1d0 [ 15.595068] __asan_report_store1_noabort+0x1b/0x30 [ 15.595091] strncpy_from_user+0x1a5/0x1d0 [ 15.595135] copy_user_test_oob+0x760/0x10f0 [ 15.595159] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.595180] ? finish_task_switch.isra.0+0x153/0x700 [ 15.595204] ? __switch_to+0x5d9/0xf60 [ 15.595224] ? dequeue_task_fair+0x166/0x4e0 [ 15.595250] ? __schedule+0x10cc/0x2b30 [ 15.595275] ? __pfx_read_tsc+0x10/0x10 [ 15.595295] ? ktime_get_ts64+0x86/0x230 [ 15.595329] kunit_try_run_case+0x1a5/0x480 [ 15.595355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.595377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.595401] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.595427] ? __kthread_parkme+0x82/0x180 [ 15.595449] ? preempt_count_sub+0x50/0x80 [ 15.595474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.595498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.595522] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.595546] kthread+0x337/0x6f0 [ 15.595568] ? trace_preempt_on+0x20/0xc0 [ 15.595592] ? __pfx_kthread+0x10/0x10 [ 15.595614] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.595637] ? calculate_sigpending+0x7b/0xa0 [ 15.595659] ? __pfx_kthread+0x10/0x10 [ 15.595682] ret_from_fork+0x41/0x80 [ 15.595703] ? __pfx_kthread+0x10/0x10 [ 15.595727] ret_from_fork_asm+0x1a/0x30 [ 15.595759] </TASK> [ 15.595770] [ 15.607702] Allocated by task 306: [ 15.608030] kasan_save_stack+0x45/0x70 [ 15.608429] kasan_save_track+0x18/0x40 [ 15.608789] kasan_save_alloc_info+0x3b/0x50 [ 15.609124] __kasan_kmalloc+0xb7/0xc0 [ 15.609448] __kmalloc_noprof+0x1c9/0x500 [ 15.609593] kunit_kmalloc_array+0x25/0x60 [ 15.609738] copy_user_test_oob+0xab/0x10f0 [ 15.609887] kunit_try_run_case+0x1a5/0x480 [ 15.610033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.610254] kthread+0x337/0x6f0 [ 15.610436] ret_from_fork+0x41/0x80 [ 15.610569] ret_from_fork_asm+0x1a/0x30 [ 15.610758] [ 15.610851] The buggy address belongs to the object at ffff888102b49800 [ 15.610851] which belongs to the cache kmalloc-128 of size 128 [ 15.611289] The buggy address is located 0 bytes to the right of [ 15.611289] allocated 120-byte region [ffff888102b49800, ffff888102b49878) [ 15.611836] [ 15.611946] The buggy address belongs to the physical page: [ 15.612162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.612437] flags: 0x200000000000000(node=0|zone=2) [ 15.612692] page_type: f5(slab) [ 15.612862] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.613318] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.613996] page dumped because: kasan: bad access detected [ 15.614407] [ 15.614505] Memory state around the buggy address: [ 15.614719] ffff888102b49700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.615018] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.615728] >ffff888102b49800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.616555] ^ [ 15.616865] ffff888102b49880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.617438] ffff888102b49900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.617758] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 15.546801] ================================================================== [ 15.547463] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 15.548150] Read of size 121 at addr ffff888102b49800 by task kunit_try_catch/306 [ 15.548977] [ 15.549168] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.549213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.549226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.549248] Call Trace: [ 15.549262] <TASK> [ 15.549276] dump_stack_lvl+0x73/0xb0 [ 15.549334] print_report+0xd1/0x650 [ 15.549358] ? __virt_addr_valid+0x1db/0x2d0 [ 15.549381] ? copy_user_test_oob+0x604/0x10f0 [ 15.549401] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.549424] ? copy_user_test_oob+0x604/0x10f0 [ 15.549446] kasan_report+0x141/0x180 [ 15.549469] ? copy_user_test_oob+0x604/0x10f0 [ 15.549511] kasan_check_range+0x10c/0x1c0 [ 15.549536] __kasan_check_read+0x15/0x20 [ 15.549556] copy_user_test_oob+0x604/0x10f0 [ 15.549580] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.549600] ? finish_task_switch.isra.0+0x153/0x700 [ 15.549623] ? __switch_to+0x5d9/0xf60 [ 15.549644] ? dequeue_task_fair+0x166/0x4e0 [ 15.549669] ? __schedule+0x10cc/0x2b30 [ 15.549694] ? __pfx_read_tsc+0x10/0x10 [ 15.549714] ? ktime_get_ts64+0x86/0x230 [ 15.549740] kunit_try_run_case+0x1a5/0x480 [ 15.549765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.549795] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.549819] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.549862] ? __kthread_parkme+0x82/0x180 [ 15.549885] ? preempt_count_sub+0x50/0x80 [ 15.549910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.549934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.549959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.549983] kthread+0x337/0x6f0 [ 15.550004] ? trace_preempt_on+0x20/0xc0 [ 15.550027] ? __pfx_kthread+0x10/0x10 [ 15.550051] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.550073] ? calculate_sigpending+0x7b/0xa0 [ 15.550095] ? __pfx_kthread+0x10/0x10 [ 15.550119] ret_from_fork+0x41/0x80 [ 15.550152] ? __pfx_kthread+0x10/0x10 [ 15.550194] ret_from_fork_asm+0x1a/0x30 [ 15.550226] </TASK> [ 15.550239] [ 15.561695] Allocated by task 306: [ 15.561835] kasan_save_stack+0x45/0x70 [ 15.561986] kasan_save_track+0x18/0x40 [ 15.562173] kasan_save_alloc_info+0x3b/0x50 [ 15.562506] __kasan_kmalloc+0xb7/0xc0 [ 15.562697] __kmalloc_noprof+0x1c9/0x500 [ 15.562863] kunit_kmalloc_array+0x25/0x60 [ 15.563027] copy_user_test_oob+0xab/0x10f0 [ 15.563246] kunit_try_run_case+0x1a5/0x480 [ 15.563431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.563641] kthread+0x337/0x6f0 [ 15.563764] ret_from_fork+0x41/0x80 [ 15.563927] ret_from_fork_asm+0x1a/0x30 [ 15.564122] [ 15.564219] The buggy address belongs to the object at ffff888102b49800 [ 15.564219] which belongs to the cache kmalloc-128 of size 128 [ 15.564652] The buggy address is located 0 bytes inside of [ 15.564652] allocated 120-byte region [ffff888102b49800, ffff888102b49878) [ 15.565176] [ 15.565262] The buggy address belongs to the physical page: [ 15.565496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.565799] flags: 0x200000000000000(node=0|zone=2) [ 15.565996] page_type: f5(slab) [ 15.566187] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.566483] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.566781] page dumped because: kasan: bad access detected [ 15.566976] [ 15.567071] Memory state around the buggy address: [ 15.567352] ffff888102b49700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.567628] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.567895] >ffff888102b49800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.568108] ^ [ 15.568436] ffff888102b49880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.568694] ffff888102b49900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.568907] ================================================================== [ 15.528084] ================================================================== [ 15.528580] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 15.528871] Write of size 121 at addr ffff888102b49800 by task kunit_try_catch/306 [ 15.529225] [ 15.529311] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.529365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.529378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.529400] Call Trace: [ 15.529416] <TASK> [ 15.529432] dump_stack_lvl+0x73/0xb0 [ 15.529457] print_report+0xd1/0x650 [ 15.529479] ? __virt_addr_valid+0x1db/0x2d0 [ 15.529502] ? copy_user_test_oob+0x557/0x10f0 [ 15.529522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.529546] ? copy_user_test_oob+0x557/0x10f0 [ 15.529567] kasan_report+0x141/0x180 [ 15.529590] ? copy_user_test_oob+0x557/0x10f0 [ 15.529617] kasan_check_range+0x10c/0x1c0 [ 15.529641] __kasan_check_write+0x18/0x20 [ 15.529662] copy_user_test_oob+0x557/0x10f0 [ 15.529686] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.529706] ? finish_task_switch.isra.0+0x153/0x700 [ 15.529729] ? __switch_to+0x5d9/0xf60 [ 15.529751] ? dequeue_task_fair+0x166/0x4e0 [ 15.529785] ? __schedule+0x10cc/0x2b30 [ 15.529809] ? __pfx_read_tsc+0x10/0x10 [ 15.529830] ? ktime_get_ts64+0x86/0x230 [ 15.529856] kunit_try_run_case+0x1a5/0x480 [ 15.529881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.529904] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.529928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.529975] ? __kthread_parkme+0x82/0x180 [ 15.529999] ? preempt_count_sub+0x50/0x80 [ 15.530025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.530049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.530072] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.530097] kthread+0x337/0x6f0 [ 15.530119] ? trace_preempt_on+0x20/0xc0 [ 15.530143] ? __pfx_kthread+0x10/0x10 [ 15.530166] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.530189] ? calculate_sigpending+0x7b/0xa0 [ 15.530211] ? __pfx_kthread+0x10/0x10 [ 15.530233] ret_from_fork+0x41/0x80 [ 15.530256] ? __pfx_kthread+0x10/0x10 [ 15.530279] ret_from_fork_asm+0x1a/0x30 [ 15.530311] </TASK> [ 15.530331] [ 15.538384] Allocated by task 306: [ 15.538515] kasan_save_stack+0x45/0x70 [ 15.538658] kasan_save_track+0x18/0x40 [ 15.538793] kasan_save_alloc_info+0x3b/0x50 [ 15.538937] __kasan_kmalloc+0xb7/0xc0 [ 15.539108] __kmalloc_noprof+0x1c9/0x500 [ 15.539318] kunit_kmalloc_array+0x25/0x60 [ 15.539557] copy_user_test_oob+0xab/0x10f0 [ 15.539780] kunit_try_run_case+0x1a5/0x480 [ 15.539987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.540313] kthread+0x337/0x6f0 [ 15.540509] ret_from_fork+0x41/0x80 [ 15.540677] ret_from_fork_asm+0x1a/0x30 [ 15.540859] [ 15.540930] The buggy address belongs to the object at ffff888102b49800 [ 15.540930] which belongs to the cache kmalloc-128 of size 128 [ 15.541283] The buggy address is located 0 bytes inside of [ 15.541283] allocated 120-byte region [ffff888102b49800, ffff888102b49878) [ 15.541762] [ 15.541861] The buggy address belongs to the physical page: [ 15.542154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.542512] flags: 0x200000000000000(node=0|zone=2) [ 15.542743] page_type: f5(slab) [ 15.542911] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.543276] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.543598] page dumped because: kasan: bad access detected [ 15.543830] [ 15.543901] Memory state around the buggy address: [ 15.544055] ffff888102b49700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.544603] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.544854] >ffff888102b49800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.545069] ^ [ 15.545625] ffff888102b49880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.545882] ffff888102b49900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.546095] ================================================================== [ 15.509894] ================================================================== [ 15.510345] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 15.510920] Read of size 121 at addr ffff888102b49800 by task kunit_try_catch/306 [ 15.511206] [ 15.511339] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.511384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.511397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.511419] Call Trace: [ 15.511434] <TASK> [ 15.511448] dump_stack_lvl+0x73/0xb0 [ 15.511495] print_report+0xd1/0x650 [ 15.511519] ? __virt_addr_valid+0x1db/0x2d0 [ 15.511542] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.511562] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.511586] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.511607] kasan_report+0x141/0x180 [ 15.511631] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.511675] kasan_check_range+0x10c/0x1c0 [ 15.511701] __kasan_check_read+0x15/0x20 [ 15.511722] copy_user_test_oob+0x4aa/0x10f0 [ 15.511745] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.511765] ? finish_task_switch.isra.0+0x153/0x700 [ 15.511789] ? __switch_to+0x5d9/0xf60 [ 15.511809] ? dequeue_task_fair+0x166/0x4e0 [ 15.511835] ? __schedule+0x10cc/0x2b30 [ 15.511859] ? __pfx_read_tsc+0x10/0x10 [ 15.511880] ? ktime_get_ts64+0x86/0x230 [ 15.511906] kunit_try_run_case+0x1a5/0x480 [ 15.511931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.511954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.511979] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.512004] ? __kthread_parkme+0x82/0x180 [ 15.512026] ? preempt_count_sub+0x50/0x80 [ 15.512051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.512098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.512122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.512146] kthread+0x337/0x6f0 [ 15.512168] ? trace_preempt_on+0x20/0xc0 [ 15.512191] ? __pfx_kthread+0x10/0x10 [ 15.512215] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.512237] ? calculate_sigpending+0x7b/0xa0 [ 15.512259] ? __pfx_kthread+0x10/0x10 [ 15.512282] ret_from_fork+0x41/0x80 [ 15.512303] ? __pfx_kthread+0x10/0x10 [ 15.512333] ret_from_fork_asm+0x1a/0x30 [ 15.512367] </TASK> [ 15.512378] [ 15.519813] Allocated by task 306: [ 15.519945] kasan_save_stack+0x45/0x70 [ 15.520089] kasan_save_track+0x18/0x40 [ 15.520285] kasan_save_alloc_info+0x3b/0x50 [ 15.520519] __kasan_kmalloc+0xb7/0xc0 [ 15.520715] __kmalloc_noprof+0x1c9/0x500 [ 15.520938] kunit_kmalloc_array+0x25/0x60 [ 15.521153] copy_user_test_oob+0xab/0x10f0 [ 15.521398] kunit_try_run_case+0x1a5/0x480 [ 15.521576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.521753] kthread+0x337/0x6f0 [ 15.521948] ret_from_fork+0x41/0x80 [ 15.522137] ret_from_fork_asm+0x1a/0x30 [ 15.522367] [ 15.522461] The buggy address belongs to the object at ffff888102b49800 [ 15.522461] which belongs to the cache kmalloc-128 of size 128 [ 15.522919] The buggy address is located 0 bytes inside of [ 15.522919] allocated 120-byte region [ffff888102b49800, ffff888102b49878) [ 15.523477] [ 15.523550] The buggy address belongs to the physical page: [ 15.523793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.524153] flags: 0x200000000000000(node=0|zone=2) [ 15.524385] page_type: f5(slab) [ 15.524507] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.524735] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.525024] page dumped because: kasan: bad access detected [ 15.525270] [ 15.525367] Memory state around the buggy address: [ 15.525620] ffff888102b49700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.525843] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.526058] >ffff888102b49800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.526525] ^ [ 15.526844] ffff888102b49880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.527185] ffff888102b49900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.527611] ================================================================== [ 15.492146] ================================================================== [ 15.492537] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 15.492856] Write of size 121 at addr ffff888102b49800 by task kunit_try_catch/306 [ 15.493157] [ 15.493246] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.493293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.493307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.493341] Call Trace: [ 15.493355] <TASK> [ 15.493384] dump_stack_lvl+0x73/0xb0 [ 15.493411] print_report+0xd1/0x650 [ 15.493435] ? __virt_addr_valid+0x1db/0x2d0 [ 15.493459] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.493479] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.493504] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.493525] kasan_report+0x141/0x180 [ 15.493549] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.493576] kasan_check_range+0x10c/0x1c0 [ 15.493602] __kasan_check_write+0x18/0x20 [ 15.493623] copy_user_test_oob+0x3fd/0x10f0 [ 15.493647] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.493667] ? finish_task_switch.isra.0+0x153/0x700 [ 15.493691] ? __switch_to+0x5d9/0xf60 [ 15.493712] ? dequeue_task_fair+0x166/0x4e0 [ 15.493738] ? __schedule+0x10cc/0x2b30 [ 15.493762] ? __pfx_read_tsc+0x10/0x10 [ 15.493787] ? ktime_get_ts64+0x86/0x230 [ 15.493813] kunit_try_run_case+0x1a5/0x480 [ 15.493839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.493862] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.493887] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.493912] ? __kthread_parkme+0x82/0x180 [ 15.493935] ? preempt_count_sub+0x50/0x80 [ 15.493960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.493985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.494009] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.494033] kthread+0x337/0x6f0 [ 15.494055] ? trace_preempt_on+0x20/0xc0 [ 15.494079] ? __pfx_kthread+0x10/0x10 [ 15.494103] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.494135] ? calculate_sigpending+0x7b/0xa0 [ 15.494158] ? __pfx_kthread+0x10/0x10 [ 15.494180] ret_from_fork+0x41/0x80 [ 15.494201] ? __pfx_kthread+0x10/0x10 [ 15.494224] ret_from_fork_asm+0x1a/0x30 [ 15.494257] </TASK> [ 15.494268] [ 15.501391] Allocated by task 306: [ 15.501520] kasan_save_stack+0x45/0x70 [ 15.501666] kasan_save_track+0x18/0x40 [ 15.501864] kasan_save_alloc_info+0x3b/0x50 [ 15.502070] __kasan_kmalloc+0xb7/0xc0 [ 15.502258] __kmalloc_noprof+0x1c9/0x500 [ 15.502569] kunit_kmalloc_array+0x25/0x60 [ 15.502714] copy_user_test_oob+0xab/0x10f0 [ 15.502855] kunit_try_run_case+0x1a5/0x480 [ 15.503231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.503496] kthread+0x337/0x6f0 [ 15.503667] ret_from_fork+0x41/0x80 [ 15.503833] ret_from_fork_asm+0x1a/0x30 [ 15.504013] [ 15.504090] The buggy address belongs to the object at ffff888102b49800 [ 15.504090] which belongs to the cache kmalloc-128 of size 128 [ 15.504655] The buggy address is located 0 bytes inside of [ 15.504655] allocated 120-byte region [ffff888102b49800, ffff888102b49878) [ 15.505019] [ 15.505091] The buggy address belongs to the physical page: [ 15.505258] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.505557] flags: 0x200000000000000(node=0|zone=2) [ 15.505784] page_type: f5(slab) [ 15.505976] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.506274] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.506503] page dumped because: kasan: bad access detected [ 15.506667] [ 15.506735] Memory state around the buggy address: [ 15.506886] ffff888102b49700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.507572] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.507890] >ffff888102b49800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.508298] ^ [ 15.508757] ffff888102b49880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.509005] ffff888102b49900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.509417] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 15.457924] ================================================================== [ 15.458851] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 15.459843] Read of size 121 at addr ffff888102b49800 by task kunit_try_catch/306 [ 15.460309] [ 15.460760] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.460816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.461052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.461081] Call Trace: [ 15.461098] <TASK> [ 15.461116] dump_stack_lvl+0x73/0xb0 [ 15.461148] print_report+0xd1/0x650 [ 15.461215] ? __virt_addr_valid+0x1db/0x2d0 [ 15.461240] ? _copy_to_user+0x4a/0x70 [ 15.461264] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.461288] ? _copy_to_user+0x4a/0x70 [ 15.461312] kasan_report+0x141/0x180 [ 15.461473] ? _copy_to_user+0x4a/0x70 [ 15.461511] kasan_check_range+0x10c/0x1c0 [ 15.461538] __kasan_check_read+0x15/0x20 [ 15.461560] _copy_to_user+0x4a/0x70 [ 15.461584] copy_user_test_oob+0x364/0x10f0 [ 15.461608] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.461628] ? finish_task_switch.isra.0+0x153/0x700 [ 15.461652] ? __switch_to+0x5d9/0xf60 [ 15.461673] ? dequeue_task_fair+0x166/0x4e0 [ 15.461701] ? __schedule+0x10cc/0x2b30 [ 15.461728] ? __pfx_read_tsc+0x10/0x10 [ 15.461749] ? ktime_get_ts64+0x86/0x230 [ 15.461782] kunit_try_run_case+0x1a5/0x480 [ 15.461808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.461831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.461856] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.461881] ? __kthread_parkme+0x82/0x180 [ 15.461904] ? preempt_count_sub+0x50/0x80 [ 15.461930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.461954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.461978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.462002] kthread+0x337/0x6f0 [ 15.462023] ? trace_preempt_on+0x20/0xc0 [ 15.462048] ? __pfx_kthread+0x10/0x10 [ 15.462070] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.462094] ? calculate_sigpending+0x7b/0xa0 [ 15.462117] ? __pfx_kthread+0x10/0x10 [ 15.462141] ret_from_fork+0x41/0x80 [ 15.462161] ? __pfx_kthread+0x10/0x10 [ 15.462202] ret_from_fork_asm+0x1a/0x30 [ 15.462234] </TASK> [ 15.462246] [ 15.474200] Allocated by task 306: [ 15.474378] kasan_save_stack+0x45/0x70 [ 15.474707] kasan_save_track+0x18/0x40 [ 15.474889] kasan_save_alloc_info+0x3b/0x50 [ 15.475067] __kasan_kmalloc+0xb7/0xc0 [ 15.475618] __kmalloc_noprof+0x1c9/0x500 [ 15.475953] kunit_kmalloc_array+0x25/0x60 [ 15.476571] copy_user_test_oob+0xab/0x10f0 [ 15.476795] kunit_try_run_case+0x1a5/0x480 [ 15.476995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.477617] kthread+0x337/0x6f0 [ 15.477891] ret_from_fork+0x41/0x80 [ 15.478270] ret_from_fork_asm+0x1a/0x30 [ 15.478760] [ 15.478862] The buggy address belongs to the object at ffff888102b49800 [ 15.478862] which belongs to the cache kmalloc-128 of size 128 [ 15.479858] The buggy address is located 0 bytes inside of [ 15.479858] allocated 120-byte region [ffff888102b49800, ffff888102b49878) [ 15.480753] [ 15.480864] The buggy address belongs to the physical page: [ 15.481102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.481714] flags: 0x200000000000000(node=0|zone=2) [ 15.481955] page_type: f5(slab) [ 15.482119] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.482797] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.483111] page dumped because: kasan: bad access detected [ 15.483352] [ 15.483426] Memory state around the buggy address: [ 15.484021] ffff888102b49700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.484671] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.485153] >ffff888102b49800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.485843] ^ [ 15.486353] ffff888102b49880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.486859] ffff888102b49900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.487383] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 15.424197] ================================================================== [ 15.425422] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 15.426477] Write of size 121 at addr ffff888102b49800 by task kunit_try_catch/306 [ 15.427195] [ 15.427724] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.427794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.427809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.427840] Call Trace: [ 15.427855] <TASK> [ 15.427875] dump_stack_lvl+0x73/0xb0 [ 15.427906] print_report+0xd1/0x650 [ 15.427933] ? __virt_addr_valid+0x1db/0x2d0 [ 15.427957] ? _copy_from_user+0x32/0x90 [ 15.427980] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.428005] ? _copy_from_user+0x32/0x90 [ 15.428029] kasan_report+0x141/0x180 [ 15.428053] ? _copy_from_user+0x32/0x90 [ 15.428082] kasan_check_range+0x10c/0x1c0 [ 15.428107] __kasan_check_write+0x18/0x20 [ 15.428157] _copy_from_user+0x32/0x90 [ 15.428184] copy_user_test_oob+0x2be/0x10f0 [ 15.428208] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.428229] ? finish_task_switch.isra.0+0x153/0x700 [ 15.428254] ? __switch_to+0x5d9/0xf60 [ 15.428277] ? dequeue_task_fair+0x166/0x4e0 [ 15.428304] ? __schedule+0x10cc/0x2b30 [ 15.428341] ? __pfx_read_tsc+0x10/0x10 [ 15.428362] ? ktime_get_ts64+0x86/0x230 [ 15.428446] kunit_try_run_case+0x1a5/0x480 [ 15.428476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.428499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.428524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.428549] ? __kthread_parkme+0x82/0x180 [ 15.428572] ? preempt_count_sub+0x50/0x80 [ 15.428598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.428623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.428646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.428670] kthread+0x337/0x6f0 [ 15.428692] ? trace_preempt_on+0x20/0xc0 [ 15.428718] ? __pfx_kthread+0x10/0x10 [ 15.428741] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.428764] ? calculate_sigpending+0x7b/0xa0 [ 15.428786] ? __pfx_kthread+0x10/0x10 [ 15.428810] ret_from_fork+0x41/0x80 [ 15.428831] ? __pfx_kthread+0x10/0x10 [ 15.428854] ret_from_fork_asm+0x1a/0x30 [ 15.428887] </TASK> [ 15.428899] [ 15.440016] Allocated by task 306: [ 15.440337] kasan_save_stack+0x45/0x70 [ 15.440776] kasan_save_track+0x18/0x40 [ 15.441102] kasan_save_alloc_info+0x3b/0x50 [ 15.441342] __kasan_kmalloc+0xb7/0xc0 [ 15.441796] __kmalloc_noprof+0x1c9/0x500 [ 15.442022] kunit_kmalloc_array+0x25/0x60 [ 15.442399] copy_user_test_oob+0xab/0x10f0 [ 15.442834] kunit_try_run_case+0x1a5/0x480 [ 15.443033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.443871] kthread+0x337/0x6f0 [ 15.444120] ret_from_fork+0x41/0x80 [ 15.444585] ret_from_fork_asm+0x1a/0x30 [ 15.444861] [ 15.444958] The buggy address belongs to the object at ffff888102b49800 [ 15.444958] which belongs to the cache kmalloc-128 of size 128 [ 15.446189] The buggy address is located 0 bytes inside of [ 15.446189] allocated 120-byte region [ffff888102b49800, ffff888102b49878) [ 15.446707] [ 15.446805] The buggy address belongs to the physical page: [ 15.447438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.447949] flags: 0x200000000000000(node=0|zone=2) [ 15.448317] page_type: f5(slab) [ 15.448656] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.448979] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.449517] page dumped because: kasan: bad access detected [ 15.449929] [ 15.450024] Memory state around the buggy address: [ 15.450568] ffff888102b49700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.450876] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.451374] >ffff888102b49800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.451842] ^ [ 15.452314] ffff888102b49880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.452821] ffff888102b49900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.453344] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 15.354083] ================================================================== [ 15.355888] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 15.356467] Read of size 8 at addr ffff888102756778 by task kunit_try_catch/302 [ 15.357318] [ 15.357678] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.357733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.357748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.357779] Call Trace: [ 15.357794] <TASK> [ 15.357814] dump_stack_lvl+0x73/0xb0 [ 15.357845] print_report+0xd1/0x650 [ 15.357871] ? __virt_addr_valid+0x1db/0x2d0 [ 15.357896] ? copy_to_kernel_nofault+0x225/0x260 [ 15.357921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.357945] ? copy_to_kernel_nofault+0x225/0x260 [ 15.357970] kasan_report+0x141/0x180 [ 15.357994] ? copy_to_kernel_nofault+0x225/0x260 [ 15.358024] __asan_report_load8_noabort+0x18/0x20 [ 15.358046] copy_to_kernel_nofault+0x225/0x260 [ 15.358073] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 15.358099] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.358132] ? finish_task_switch.isra.0+0x153/0x700 [ 15.358158] ? __schedule+0x10cc/0x2b30 [ 15.358184] ? trace_hardirqs_on+0x37/0xe0 [ 15.358218] ? __pfx_read_tsc+0x10/0x10 [ 15.358239] ? ktime_get_ts64+0x86/0x230 [ 15.358266] kunit_try_run_case+0x1a5/0x480 [ 15.358291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.358314] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.358479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.358506] ? __kthread_parkme+0x82/0x180 [ 15.358531] ? preempt_count_sub+0x50/0x80 [ 15.358556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.358613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.358639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.358663] kthread+0x337/0x6f0 [ 15.358686] ? trace_preempt_on+0x20/0xc0 [ 15.358710] ? __pfx_kthread+0x10/0x10 [ 15.358733] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.358756] ? calculate_sigpending+0x7b/0xa0 [ 15.358780] ? __pfx_kthread+0x10/0x10 [ 15.358803] ret_from_fork+0x41/0x80 [ 15.358825] ? __pfx_kthread+0x10/0x10 [ 15.358847] ret_from_fork_asm+0x1a/0x30 [ 15.358881] </TASK> [ 15.358893] [ 15.375628] Allocated by task 302: [ 15.376079] kasan_save_stack+0x45/0x70 [ 15.376676] kasan_save_track+0x18/0x40 [ 15.377208] kasan_save_alloc_info+0x3b/0x50 [ 15.377889] __kasan_kmalloc+0xb7/0xc0 [ 15.378307] __kmalloc_cache_noprof+0x189/0x420 [ 15.378776] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.379438] kunit_try_run_case+0x1a5/0x480 [ 15.379766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.379954] kthread+0x337/0x6f0 [ 15.380081] ret_from_fork+0x41/0x80 [ 15.380392] ret_from_fork_asm+0x1a/0x30 [ 15.380893] [ 15.381059] The buggy address belongs to the object at ffff888102756700 [ 15.381059] which belongs to the cache kmalloc-128 of size 128 [ 15.382359] The buggy address is located 0 bytes to the right of [ 15.382359] allocated 120-byte region [ffff888102756700, ffff888102756778) [ 15.383288] [ 15.383375] The buggy address belongs to the physical page: [ 15.383596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102756 [ 15.384354] flags: 0x200000000000000(node=0|zone=2) [ 15.384817] page_type: f5(slab) [ 15.384948] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.385205] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.385976] page dumped because: kasan: bad access detected [ 15.386474] [ 15.386668] Memory state around the buggy address: [ 15.387160] ffff888102756600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.388384] ffff888102756680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.388668] >ffff888102756700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.388887] ^ [ 15.389104] ffff888102756780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.389319] ffff888102756800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.389579] ================================================================== [ 15.391572] ================================================================== [ 15.392024] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 15.392763] Write of size 8 at addr ffff888102756778 by task kunit_try_catch/302 [ 15.393312] [ 15.393425] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.393473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.393485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.393507] Call Trace: [ 15.393519] <TASK> [ 15.393533] dump_stack_lvl+0x73/0xb0 [ 15.393559] print_report+0xd1/0x650 [ 15.393584] ? __virt_addr_valid+0x1db/0x2d0 [ 15.393607] ? copy_to_kernel_nofault+0x99/0x260 [ 15.393631] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.393655] ? copy_to_kernel_nofault+0x99/0x260 [ 15.393681] kasan_report+0x141/0x180 [ 15.393705] ? copy_to_kernel_nofault+0x99/0x260 [ 15.393736] kasan_check_range+0x10c/0x1c0 [ 15.393761] __kasan_check_write+0x18/0x20 [ 15.393795] copy_to_kernel_nofault+0x99/0x260 [ 15.393822] copy_to_kernel_nofault_oob+0x288/0x560 [ 15.393848] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.393872] ? finish_task_switch.isra.0+0x153/0x700 [ 15.393896] ? __schedule+0x10cc/0x2b30 [ 15.393919] ? trace_hardirqs_on+0x37/0xe0 [ 15.393951] ? __pfx_read_tsc+0x10/0x10 [ 15.393971] ? ktime_get_ts64+0x86/0x230 [ 15.393998] kunit_try_run_case+0x1a5/0x480 [ 15.394021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.394044] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.394067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.394092] ? __kthread_parkme+0x82/0x180 [ 15.394114] ? preempt_count_sub+0x50/0x80 [ 15.394139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.394163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.394186] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.394210] kthread+0x337/0x6f0 [ 15.394231] ? trace_preempt_on+0x20/0xc0 [ 15.394254] ? __pfx_kthread+0x10/0x10 [ 15.394277] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.394299] ? calculate_sigpending+0x7b/0xa0 [ 15.394333] ? __pfx_kthread+0x10/0x10 [ 15.394356] ret_from_fork+0x41/0x80 [ 15.394377] ? __pfx_kthread+0x10/0x10 [ 15.394400] ret_from_fork_asm+0x1a/0x30 [ 15.394432] </TASK> [ 15.394444] [ 15.402456] Allocated by task 302: [ 15.402635] kasan_save_stack+0x45/0x70 [ 15.402787] kasan_save_track+0x18/0x40 [ 15.402928] kasan_save_alloc_info+0x3b/0x50 [ 15.403193] __kasan_kmalloc+0xb7/0xc0 [ 15.403425] __kmalloc_cache_noprof+0x189/0x420 [ 15.403654] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.403856] kunit_try_run_case+0x1a5/0x480 [ 15.404047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.404305] kthread+0x337/0x6f0 [ 15.404569] ret_from_fork+0x41/0x80 [ 15.404757] ret_from_fork_asm+0x1a/0x30 [ 15.404932] [ 15.405005] The buggy address belongs to the object at ffff888102756700 [ 15.405005] which belongs to the cache kmalloc-128 of size 128 [ 15.405407] The buggy address is located 0 bytes to the right of [ 15.405407] allocated 120-byte region [ffff888102756700, ffff888102756778) [ 15.405942] [ 15.406037] The buggy address belongs to the physical page: [ 15.406320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102756 [ 15.406669] flags: 0x200000000000000(node=0|zone=2) [ 15.406832] page_type: f5(slab) [ 15.406952] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.407301] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.408191] page dumped because: kasan: bad access detected [ 15.408386] [ 15.408790] Memory state around the buggy address: [ 15.409040] ffff888102756600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.409727] ffff888102756680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.410249] >ffff888102756700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.410781] ^ [ 15.411088] ffff888102756780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.411786] ffff888102756800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.412299] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.345304] ================================================================== [ 14.345756] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 14.346311] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.346817] [ 14.346944] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.346994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.347007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.347029] Call Trace: [ 14.347047] <TASK> [ 14.347065] dump_stack_lvl+0x73/0xb0 [ 14.347092] print_report+0xd1/0x650 [ 14.347117] ? __virt_addr_valid+0x1db/0x2d0 [ 14.347140] ? kasan_atomics_helper+0xc70/0x5450 [ 14.347173] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.347198] ? kasan_atomics_helper+0xc70/0x5450 [ 14.347221] kasan_report+0x141/0x180 [ 14.347246] ? kasan_atomics_helper+0xc70/0x5450 [ 14.347274] kasan_check_range+0x10c/0x1c0 [ 14.347301] __kasan_check_write+0x18/0x20 [ 14.347335] kasan_atomics_helper+0xc70/0x5450 [ 14.347360] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.347383] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.347407] ? kasan_atomics+0x152/0x310 [ 14.347432] kasan_atomics+0x1dc/0x310 [ 14.347453] ? __pfx_kasan_atomics+0x10/0x10 [ 14.347475] ? __pfx_read_tsc+0x10/0x10 [ 14.347496] ? ktime_get_ts64+0x86/0x230 [ 14.347523] kunit_try_run_case+0x1a5/0x480 [ 14.347548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.347570] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.347594] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.347619] ? __kthread_parkme+0x82/0x180 [ 14.347641] ? preempt_count_sub+0x50/0x80 [ 14.347668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.347693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.347716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.347740] kthread+0x337/0x6f0 [ 14.347761] ? trace_preempt_on+0x20/0xc0 [ 14.347786] ? __pfx_kthread+0x10/0x10 [ 14.347809] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.347832] ? calculate_sigpending+0x7b/0xa0 [ 14.347854] ? __pfx_kthread+0x10/0x10 [ 14.347878] ret_from_fork+0x41/0x80 [ 14.347900] ? __pfx_kthread+0x10/0x10 [ 14.347923] ret_from_fork_asm+0x1a/0x30 [ 14.347957] </TASK> [ 14.347968] [ 14.355460] Allocated by task 285: [ 14.355639] kasan_save_stack+0x45/0x70 [ 14.355848] kasan_save_track+0x18/0x40 [ 14.356025] kasan_save_alloc_info+0x3b/0x50 [ 14.356249] __kasan_kmalloc+0xb7/0xc0 [ 14.356420] __kmalloc_cache_noprof+0x189/0x420 [ 14.356642] kasan_atomics+0x95/0x310 [ 14.356813] kunit_try_run_case+0x1a5/0x480 [ 14.356994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.357224] kthread+0x337/0x6f0 [ 14.357370] ret_from_fork+0x41/0x80 [ 14.357555] ret_from_fork_asm+0x1a/0x30 [ 14.357741] [ 14.357816] The buggy address belongs to the object at ffff888102b4cd00 [ 14.357816] which belongs to the cache kmalloc-64 of size 64 [ 14.358256] The buggy address is located 0 bytes to the right of [ 14.358256] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.358626] [ 14.358699] The buggy address belongs to the physical page: [ 14.359224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.359584] flags: 0x200000000000000(node=0|zone=2) [ 14.359760] page_type: f5(slab) [ 14.359881] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.360111] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.360468] page dumped because: kasan: bad access detected [ 14.360724] [ 14.360818] Memory state around the buggy address: [ 14.361053] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.361428] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.361647] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.361956] ^ [ 14.362222] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.362546] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.362835] ================================================================== [ 14.153954] ================================================================== [ 14.154540] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 14.154858] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.155131] [ 14.155295] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.155355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.155368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.155390] Call Trace: [ 14.155407] <TASK> [ 14.155425] dump_stack_lvl+0x73/0xb0 [ 14.155450] print_report+0xd1/0x650 [ 14.155474] ? __virt_addr_valid+0x1db/0x2d0 [ 14.155497] ? kasan_atomics_helper+0x697/0x5450 [ 14.155542] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.155567] ? kasan_atomics_helper+0x697/0x5450 [ 14.155590] kasan_report+0x141/0x180 [ 14.155614] ? kasan_atomics_helper+0x697/0x5450 [ 14.155642] kasan_check_range+0x10c/0x1c0 [ 14.155668] __kasan_check_write+0x18/0x20 [ 14.155689] kasan_atomics_helper+0x697/0x5450 [ 14.155713] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.155737] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.155761] ? kasan_atomics+0x152/0x310 [ 14.155786] kasan_atomics+0x1dc/0x310 [ 14.155807] ? __pfx_kasan_atomics+0x10/0x10 [ 14.155829] ? __pfx_read_tsc+0x10/0x10 [ 14.155850] ? ktime_get_ts64+0x86/0x230 [ 14.155877] kunit_try_run_case+0x1a5/0x480 [ 14.155902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.155925] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.155950] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.155975] ? __kthread_parkme+0x82/0x180 [ 14.155998] ? preempt_count_sub+0x50/0x80 [ 14.156024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.156048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.156083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.156107] kthread+0x337/0x6f0 [ 14.156521] ? trace_preempt_on+0x20/0xc0 [ 14.156554] ? __pfx_kthread+0x10/0x10 [ 14.156578] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.156603] ? calculate_sigpending+0x7b/0xa0 [ 14.156625] ? __pfx_kthread+0x10/0x10 [ 14.156648] ret_from_fork+0x41/0x80 [ 14.156671] ? __pfx_kthread+0x10/0x10 [ 14.156694] ret_from_fork_asm+0x1a/0x30 [ 14.156727] </TASK> [ 14.156739] [ 14.171907] Allocated by task 285: [ 14.172050] kasan_save_stack+0x45/0x70 [ 14.172207] kasan_save_track+0x18/0x40 [ 14.172354] kasan_save_alloc_info+0x3b/0x50 [ 14.172500] __kasan_kmalloc+0xb7/0xc0 [ 14.172634] __kmalloc_cache_noprof+0x189/0x420 [ 14.172786] kasan_atomics+0x95/0x310 [ 14.172916] kunit_try_run_case+0x1a5/0x480 [ 14.173063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.173244] kthread+0x337/0x6f0 [ 14.173425] ret_from_fork+0x41/0x80 [ 14.173611] ret_from_fork_asm+0x1a/0x30 [ 14.173823] [ 14.173921] The buggy address belongs to the object at ffff888102b4cd00 [ 14.173921] which belongs to the cache kmalloc-64 of size 64 [ 14.174486] The buggy address is located 0 bytes to the right of [ 14.174486] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.175039] [ 14.175167] The buggy address belongs to the physical page: [ 14.175441] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.175795] flags: 0x200000000000000(node=0|zone=2) [ 14.176035] page_type: f5(slab) [ 14.176234] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.176590] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.176927] page dumped because: kasan: bad access detected [ 14.177210] [ 14.177304] Memory state around the buggy address: [ 14.177502] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.177716] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.177935] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.178173] ^ [ 14.178403] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.178734] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.179053] ================================================================== [ 13.977350] ================================================================== [ 13.977983] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 13.978494] Read of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 13.979033] [ 13.979305] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.979366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.979378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.979397] Call Trace: [ 13.979411] <TASK> [ 13.979428] dump_stack_lvl+0x73/0xb0 [ 13.979453] print_report+0xd1/0x650 [ 13.979476] ? __virt_addr_valid+0x1db/0x2d0 [ 13.979496] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.979518] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.979540] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.979563] kasan_report+0x141/0x180 [ 13.979585] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.979612] __asan_report_load4_noabort+0x18/0x20 [ 13.979633] kasan_atomics_helper+0x4b88/0x5450 [ 13.979656] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.979678] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.979700] ? kasan_atomics+0x152/0x310 [ 13.979723] kasan_atomics+0x1dc/0x310 [ 13.979742] ? __pfx_kasan_atomics+0x10/0x10 [ 13.979763] ? __pfx_read_tsc+0x10/0x10 [ 13.979781] ? ktime_get_ts64+0x86/0x230 [ 13.979806] kunit_try_run_case+0x1a5/0x480 [ 13.979830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.979852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.979875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.979899] ? __kthread_parkme+0x82/0x180 [ 13.979920] ? preempt_count_sub+0x50/0x80 [ 13.979945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.979968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.979992] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.980015] kthread+0x337/0x6f0 [ 13.980036] ? trace_preempt_on+0x20/0xc0 [ 13.980188] ? __pfx_kthread+0x10/0x10 [ 13.980212] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.980252] ? calculate_sigpending+0x7b/0xa0 [ 13.980275] ? __pfx_kthread+0x10/0x10 [ 13.980299] ret_from_fork+0x41/0x80 [ 13.980333] ? __pfx_kthread+0x10/0x10 [ 13.980357] ret_from_fork_asm+0x1a/0x30 [ 13.980390] </TASK> [ 13.980402] [ 13.991033] Allocated by task 285: [ 13.991537] kasan_save_stack+0x45/0x70 [ 13.991728] kasan_save_track+0x18/0x40 [ 13.992070] kasan_save_alloc_info+0x3b/0x50 [ 13.992389] __kasan_kmalloc+0xb7/0xc0 [ 13.992671] __kmalloc_cache_noprof+0x189/0x420 [ 13.992881] kasan_atomics+0x95/0x310 [ 13.993046] kunit_try_run_case+0x1a5/0x480 [ 13.993431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.993777] kthread+0x337/0x6f0 [ 13.994053] ret_from_fork+0x41/0x80 [ 13.994336] ret_from_fork_asm+0x1a/0x30 [ 13.994525] [ 13.994600] The buggy address belongs to the object at ffff888102b4cd00 [ 13.994600] which belongs to the cache kmalloc-64 of size 64 [ 13.995116] The buggy address is located 0 bytes to the right of [ 13.995116] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 13.995950] [ 13.996156] The buggy address belongs to the physical page: [ 13.996521] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 13.996956] flags: 0x200000000000000(node=0|zone=2) [ 13.997389] page_type: f5(slab) [ 13.997642] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.997981] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.998469] page dumped because: kasan: bad access detected [ 13.998819] [ 13.998896] Memory state around the buggy address: [ 13.999266] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.999719] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.000137] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.000541] ^ [ 14.000843] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.001298] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.001712] ================================================================== [ 14.363253] ================================================================== [ 14.363879] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 14.364312] Read of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.364618] [ 14.364704] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.364748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.364761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.364782] Call Trace: [ 14.364798] <TASK> [ 14.364813] dump_stack_lvl+0x73/0xb0 [ 14.364838] print_report+0xd1/0x650 [ 14.364862] ? __virt_addr_valid+0x1db/0x2d0 [ 14.364884] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.364907] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.364930] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.364954] kasan_report+0x141/0x180 [ 14.364977] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.365006] __asan_report_load4_noabort+0x18/0x20 [ 14.365028] kasan_atomics_helper+0x4a84/0x5450 [ 14.365052] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.365076] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.365099] ? kasan_atomics+0x152/0x310 [ 14.365123] kasan_atomics+0x1dc/0x310 [ 14.365144] ? __pfx_kasan_atomics+0x10/0x10 [ 14.365166] ? __pfx_read_tsc+0x10/0x10 [ 14.365186] ? ktime_get_ts64+0x86/0x230 [ 14.365212] kunit_try_run_case+0x1a5/0x480 [ 14.365237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.365260] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.365285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.365310] ? __kthread_parkme+0x82/0x180 [ 14.365343] ? preempt_count_sub+0x50/0x80 [ 14.365369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.365393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.365417] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.365440] kthread+0x337/0x6f0 [ 14.365462] ? trace_preempt_on+0x20/0xc0 [ 14.365497] ? __pfx_kthread+0x10/0x10 [ 14.365520] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.365543] ? calculate_sigpending+0x7b/0xa0 [ 14.365565] ? __pfx_kthread+0x10/0x10 [ 14.365588] ret_from_fork+0x41/0x80 [ 14.365609] ? __pfx_kthread+0x10/0x10 [ 14.365632] ret_from_fork_asm+0x1a/0x30 [ 14.365665] </TASK> [ 14.365677] [ 14.372878] Allocated by task 285: [ 14.373057] kasan_save_stack+0x45/0x70 [ 14.373293] kasan_save_track+0x18/0x40 [ 14.373437] kasan_save_alloc_info+0x3b/0x50 [ 14.373583] __kasan_kmalloc+0xb7/0xc0 [ 14.373715] __kmalloc_cache_noprof+0x189/0x420 [ 14.373872] kasan_atomics+0x95/0x310 [ 14.374001] kunit_try_run_case+0x1a5/0x480 [ 14.374252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.374514] kthread+0x337/0x6f0 [ 14.374682] ret_from_fork+0x41/0x80 [ 14.374864] ret_from_fork_asm+0x1a/0x30 [ 14.375057] [ 14.375169] The buggy address belongs to the object at ffff888102b4cd00 [ 14.375169] which belongs to the cache kmalloc-64 of size 64 [ 14.375681] The buggy address is located 0 bytes to the right of [ 14.375681] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.376043] [ 14.376115] The buggy address belongs to the physical page: [ 14.376384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.376737] flags: 0x200000000000000(node=0|zone=2) [ 14.376975] page_type: f5(slab) [ 14.377156] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.377476] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.377747] page dumped because: kasan: bad access detected [ 14.377920] [ 14.377989] Memory state around the buggy address: [ 14.378299] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.378633] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.378961] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.379274] ^ [ 14.379489] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.379750] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.380068] ================================================================== [ 14.866341] ================================================================== [ 14.866717] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 14.867291] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.867560] [ 14.867646] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.867691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.867704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.867726] Call Trace: [ 14.867742] <TASK> [ 14.867780] dump_stack_lvl+0x73/0xb0 [ 14.867806] print_report+0xd1/0x650 [ 14.867830] ? __virt_addr_valid+0x1db/0x2d0 [ 14.867869] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.867892] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.867932] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.867956] kasan_report+0x141/0x180 [ 14.867980] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.868036] kasan_check_range+0x10c/0x1c0 [ 14.868075] __kasan_check_write+0x18/0x20 [ 14.868096] kasan_atomics_helper+0x18b1/0x5450 [ 14.868143] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.868168] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.868191] ? kasan_atomics+0x152/0x310 [ 14.868216] kasan_atomics+0x1dc/0x310 [ 14.868236] ? __pfx_kasan_atomics+0x10/0x10 [ 14.868259] ? __pfx_read_tsc+0x10/0x10 [ 14.868280] ? ktime_get_ts64+0x86/0x230 [ 14.868306] kunit_try_run_case+0x1a5/0x480 [ 14.868339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.868361] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.868386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.868412] ? __kthread_parkme+0x82/0x180 [ 14.868434] ? preempt_count_sub+0x50/0x80 [ 14.868460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.868484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.868507] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.868531] kthread+0x337/0x6f0 [ 14.868573] ? trace_preempt_on+0x20/0xc0 [ 14.868597] ? __pfx_kthread+0x10/0x10 [ 14.868633] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.868669] ? calculate_sigpending+0x7b/0xa0 [ 14.868706] ? __pfx_kthread+0x10/0x10 [ 14.868730] ret_from_fork+0x41/0x80 [ 14.868763] ? __pfx_kthread+0x10/0x10 [ 14.868787] ret_from_fork_asm+0x1a/0x30 [ 14.868834] </TASK> [ 14.868846] [ 14.876575] Allocated by task 285: [ 14.876771] kasan_save_stack+0x45/0x70 [ 14.876990] kasan_save_track+0x18/0x40 [ 14.877201] kasan_save_alloc_info+0x3b/0x50 [ 14.877421] __kasan_kmalloc+0xb7/0xc0 [ 14.877664] __kmalloc_cache_noprof+0x189/0x420 [ 14.877933] kasan_atomics+0x95/0x310 [ 14.878138] kunit_try_run_case+0x1a5/0x480 [ 14.878353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.878603] kthread+0x337/0x6f0 [ 14.878752] ret_from_fork+0x41/0x80 [ 14.878883] ret_from_fork_asm+0x1a/0x30 [ 14.879022] [ 14.879093] The buggy address belongs to the object at ffff888102b4cd00 [ 14.879093] which belongs to the cache kmalloc-64 of size 64 [ 14.879630] The buggy address is located 0 bytes to the right of [ 14.879630] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.880239] [ 14.880361] The buggy address belongs to the physical page: [ 14.880636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.880921] flags: 0x200000000000000(node=0|zone=2) [ 14.881167] page_type: f5(slab) [ 14.881359] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.881702] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.882026] page dumped because: kasan: bad access detected [ 14.882295] [ 14.882403] Memory state around the buggy address: [ 14.882632] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.882969] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.883393] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.883709] ^ [ 14.883929] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.884267] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.884532] ================================================================== [ 15.199528] ================================================================== [ 15.199869] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 15.200124] Read of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.201109] [ 15.202577] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.202629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.202643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.202665] Call Trace: [ 15.202684] <TASK> [ 15.202702] dump_stack_lvl+0x73/0xb0 [ 15.202731] print_report+0xd1/0x650 [ 15.202756] ? __virt_addr_valid+0x1db/0x2d0 [ 15.202778] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.202802] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.202826] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.202850] kasan_report+0x141/0x180 [ 15.202874] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.202903] __asan_report_load8_noabort+0x18/0x20 [ 15.202924] kasan_atomics_helper+0x4fb2/0x5450 [ 15.202948] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.202972] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.202995] ? kasan_atomics+0x152/0x310 [ 15.203019] kasan_atomics+0x1dc/0x310 [ 15.203039] ? __pfx_kasan_atomics+0x10/0x10 [ 15.203060] ? __pfx_read_tsc+0x10/0x10 [ 15.203081] ? ktime_get_ts64+0x86/0x230 [ 15.203107] kunit_try_run_case+0x1a5/0x480 [ 15.203462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.203495] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.203523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.203549] ? __kthread_parkme+0x82/0x180 [ 15.203572] ? preempt_count_sub+0x50/0x80 [ 15.203599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.203623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.203647] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.203671] kthread+0x337/0x6f0 [ 15.203693] ? trace_preempt_on+0x20/0xc0 [ 15.203717] ? __pfx_kthread+0x10/0x10 [ 15.203740] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.203763] ? calculate_sigpending+0x7b/0xa0 [ 15.203786] ? __pfx_kthread+0x10/0x10 [ 15.203810] ret_from_fork+0x41/0x80 [ 15.203831] ? __pfx_kthread+0x10/0x10 [ 15.203855] ret_from_fork_asm+0x1a/0x30 [ 15.203887] </TASK> [ 15.203900] [ 15.220347] Allocated by task 285: [ 15.220517] kasan_save_stack+0x45/0x70 [ 15.220704] kasan_save_track+0x18/0x40 [ 15.220870] kasan_save_alloc_info+0x3b/0x50 [ 15.221053] __kasan_kmalloc+0xb7/0xc0 [ 15.221919] __kmalloc_cache_noprof+0x189/0x420 [ 15.222758] kasan_atomics+0x95/0x310 [ 15.222975] kunit_try_run_case+0x1a5/0x480 [ 15.223429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.223649] kthread+0x337/0x6f0 [ 15.223801] ret_from_fork+0x41/0x80 [ 15.223964] ret_from_fork_asm+0x1a/0x30 [ 15.224782] [ 15.224910] The buggy address belongs to the object at ffff888102b4cd00 [ 15.224910] which belongs to the cache kmalloc-64 of size 64 [ 15.226383] The buggy address is located 0 bytes to the right of [ 15.226383] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.226899] [ 15.226990] The buggy address belongs to the physical page: [ 15.227457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.227952] flags: 0x200000000000000(node=0|zone=2) [ 15.228379] page_type: f5(slab) [ 15.228671] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.228983] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.229667] page dumped because: kasan: bad access detected [ 15.229943] [ 15.230165] Memory state around the buggy address: [ 15.230653] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.231157] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.231464] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.231742] ^ [ 15.231952] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.232644] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233137] ================================================================== [ 15.261807] ================================================================== [ 15.262165] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 15.262506] Read of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.262788] [ 15.263022] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.263145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.263161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.263440] Call Trace: [ 15.263472] <TASK> [ 15.263489] dump_stack_lvl+0x73/0xb0 [ 15.263515] print_report+0xd1/0x650 [ 15.263540] ? __virt_addr_valid+0x1db/0x2d0 [ 15.263563] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.263585] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.263609] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.263631] kasan_report+0x141/0x180 [ 15.263655] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.263684] __asan_report_load8_noabort+0x18/0x20 [ 15.263706] kasan_atomics_helper+0x4fa5/0x5450 [ 15.263731] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.263754] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.263777] ? kasan_atomics+0x152/0x310 [ 15.263802] kasan_atomics+0x1dc/0x310 [ 15.263823] ? __pfx_kasan_atomics+0x10/0x10 [ 15.263845] ? __pfx_read_tsc+0x10/0x10 [ 15.263865] ? ktime_get_ts64+0x86/0x230 [ 15.263891] kunit_try_run_case+0x1a5/0x480 [ 15.263916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.263940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.263965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.263991] ? __kthread_parkme+0x82/0x180 [ 15.264013] ? preempt_count_sub+0x50/0x80 [ 15.264039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.264064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.264087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.264111] kthread+0x337/0x6f0 [ 15.264411] ? trace_preempt_on+0x20/0xc0 [ 15.264441] ? __pfx_kthread+0x10/0x10 [ 15.264465] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.264488] ? calculate_sigpending+0x7b/0xa0 [ 15.264511] ? __pfx_kthread+0x10/0x10 [ 15.264535] ret_from_fork+0x41/0x80 [ 15.264556] ? __pfx_kthread+0x10/0x10 [ 15.264579] ret_from_fork_asm+0x1a/0x30 [ 15.264611] </TASK> [ 15.264623] [ 15.275232] Allocated by task 285: [ 15.275497] kasan_save_stack+0x45/0x70 [ 15.275912] kasan_save_track+0x18/0x40 [ 15.276104] kasan_save_alloc_info+0x3b/0x50 [ 15.276284] __kasan_kmalloc+0xb7/0xc0 [ 15.276594] __kmalloc_cache_noprof+0x189/0x420 [ 15.277033] kasan_atomics+0x95/0x310 [ 15.277349] kunit_try_run_case+0x1a5/0x480 [ 15.277649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.277994] kthread+0x337/0x6f0 [ 15.278316] ret_from_fork+0x41/0x80 [ 15.278608] ret_from_fork_asm+0x1a/0x30 [ 15.278896] [ 15.279026] The buggy address belongs to the object at ffff888102b4cd00 [ 15.279026] which belongs to the cache kmalloc-64 of size 64 [ 15.279742] The buggy address is located 0 bytes to the right of [ 15.279742] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.280446] [ 15.280541] The buggy address belongs to the physical page: [ 15.280862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.281458] flags: 0x200000000000000(node=0|zone=2) [ 15.281682] page_type: f5(slab) [ 15.281942] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.282343] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.282669] page dumped because: kasan: bad access detected [ 15.283030] [ 15.283240] Memory state around the buggy address: [ 15.283547] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.283954] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.284317] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.284740] ^ [ 15.285042] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.285450] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.285854] ================================================================== [ 13.924366] ================================================================== [ 13.925667] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 13.926050] Read of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 13.926643] [ 13.926819] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.926868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.926882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.926904] Call Trace: [ 13.926916] <TASK> [ 13.926932] dump_stack_lvl+0x73/0xb0 [ 13.926960] print_report+0xd1/0x650 [ 13.926983] ? __virt_addr_valid+0x1db/0x2d0 [ 13.927007] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.927029] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.927051] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.927074] kasan_report+0x141/0x180 [ 13.927100] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.927150] __asan_report_load4_noabort+0x18/0x20 [ 13.927171] kasan_atomics_helper+0x4bbc/0x5450 [ 13.927195] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.927216] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.927238] ? kasan_atomics+0x152/0x310 [ 13.927261] kasan_atomics+0x1dc/0x310 [ 13.927280] ? __pfx_kasan_atomics+0x10/0x10 [ 13.927301] ? __pfx_read_tsc+0x10/0x10 [ 13.927320] ? ktime_get_ts64+0x86/0x230 [ 13.927359] kunit_try_run_case+0x1a5/0x480 [ 13.927384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.927405] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.927431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.927454] ? __kthread_parkme+0x82/0x180 [ 13.927477] ? preempt_count_sub+0x50/0x80 [ 13.927506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.927531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.927553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.927576] kthread+0x337/0x6f0 [ 13.927598] ? trace_preempt_on+0x20/0xc0 [ 13.927624] ? __pfx_kthread+0x10/0x10 [ 13.927646] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.927668] ? calculate_sigpending+0x7b/0xa0 [ 13.927691] ? __pfx_kthread+0x10/0x10 [ 13.927713] ret_from_fork+0x41/0x80 [ 13.927734] ? __pfx_kthread+0x10/0x10 [ 13.927755] ret_from_fork_asm+0x1a/0x30 [ 13.927789] </TASK> [ 13.927800] [ 13.938976] Allocated by task 285: [ 13.939307] kasan_save_stack+0x45/0x70 [ 13.939663] kasan_save_track+0x18/0x40 [ 13.940008] kasan_save_alloc_info+0x3b/0x50 [ 13.940424] __kasan_kmalloc+0xb7/0xc0 [ 13.940772] __kmalloc_cache_noprof+0x189/0x420 [ 13.941186] kasan_atomics+0x95/0x310 [ 13.941537] kunit_try_run_case+0x1a5/0x480 [ 13.941907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.942395] kthread+0x337/0x6f0 [ 13.942695] ret_from_fork+0x41/0x80 [ 13.942883] ret_from_fork_asm+0x1a/0x30 [ 13.943023] [ 13.943094] The buggy address belongs to the object at ffff888102b4cd00 [ 13.943094] which belongs to the cache kmalloc-64 of size 64 [ 13.944140] The buggy address is located 0 bytes to the right of [ 13.944140] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 13.944919] [ 13.944992] The buggy address belongs to the physical page: [ 13.945279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 13.945944] flags: 0x200000000000000(node=0|zone=2) [ 13.946417] page_type: f5(slab) [ 13.946709] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.947144] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.947769] page dumped because: kasan: bad access detected [ 13.947937] [ 13.948004] Memory state around the buggy address: [ 13.948242] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.948839] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.949473] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.950064] ^ [ 13.950279] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.950500] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.950709] ================================================================== [ 15.123854] ================================================================== [ 15.124152] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 15.124497] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.124851] [ 15.124961] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.125003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.125016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.125037] Call Trace: [ 15.125051] <TASK> [ 15.125065] dump_stack_lvl+0x73/0xb0 [ 15.125088] print_report+0xd1/0x650 [ 15.125110] ? __virt_addr_valid+0x1db/0x2d0 [ 15.125167] ? kasan_atomics_helper+0x2006/0x5450 [ 15.125191] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.125215] ? kasan_atomics_helper+0x2006/0x5450 [ 15.125238] kasan_report+0x141/0x180 [ 15.125262] ? kasan_atomics_helper+0x2006/0x5450 [ 15.125291] kasan_check_range+0x10c/0x1c0 [ 15.125316] __kasan_check_write+0x18/0x20 [ 15.125349] kasan_atomics_helper+0x2006/0x5450 [ 15.125374] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.125398] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.125421] ? kasan_atomics+0x152/0x310 [ 15.125445] kasan_atomics+0x1dc/0x310 [ 15.125466] ? __pfx_kasan_atomics+0x10/0x10 [ 15.125489] ? __pfx_read_tsc+0x10/0x10 [ 15.125509] ? ktime_get_ts64+0x86/0x230 [ 15.125536] kunit_try_run_case+0x1a5/0x480 [ 15.125560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.125583] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.125608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.125651] ? __kthread_parkme+0x82/0x180 [ 15.125674] ? preempt_count_sub+0x50/0x80 [ 15.125700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.125724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.125748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.125776] kthread+0x337/0x6f0 [ 15.125797] ? trace_preempt_on+0x20/0xc0 [ 15.125821] ? __pfx_kthread+0x10/0x10 [ 15.125845] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.125867] ? calculate_sigpending+0x7b/0xa0 [ 15.125890] ? __pfx_kthread+0x10/0x10 [ 15.125913] ret_from_fork+0x41/0x80 [ 15.125935] ? __pfx_kthread+0x10/0x10 [ 15.125960] ret_from_fork_asm+0x1a/0x30 [ 15.125992] </TASK> [ 15.126004] [ 15.133389] Allocated by task 285: [ 15.133516] kasan_save_stack+0x45/0x70 [ 15.133700] kasan_save_track+0x18/0x40 [ 15.133920] kasan_save_alloc_info+0x3b/0x50 [ 15.134136] __kasan_kmalloc+0xb7/0xc0 [ 15.134335] __kmalloc_cache_noprof+0x189/0x420 [ 15.134572] kasan_atomics+0x95/0x310 [ 15.134724] kunit_try_run_case+0x1a5/0x480 [ 15.134949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.135123] kthread+0x337/0x6f0 [ 15.135245] ret_from_fork+0x41/0x80 [ 15.135386] ret_from_fork_asm+0x1a/0x30 [ 15.135582] [ 15.135703] The buggy address belongs to the object at ffff888102b4cd00 [ 15.135703] which belongs to the cache kmalloc-64 of size 64 [ 15.136228] The buggy address is located 0 bytes to the right of [ 15.136228] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.136895] [ 15.136967] The buggy address belongs to the physical page: [ 15.137335] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.137682] flags: 0x200000000000000(node=0|zone=2) [ 15.137920] page_type: f5(slab) [ 15.138098] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.138374] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.138627] page dumped because: kasan: bad access detected [ 15.138876] [ 15.138968] Memory state around the buggy address: [ 15.139204] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.139569] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.139783] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.140066] ^ [ 15.140489] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.140826] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.141078] ================================================================== [ 14.197617] ================================================================== [ 14.197975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.198347] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.198693] [ 14.198794] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.198839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.198852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.198874] Call Trace: [ 14.198889] <TASK> [ 14.198904] dump_stack_lvl+0x73/0xb0 [ 14.198928] print_report+0xd1/0x650 [ 14.198952] ? __virt_addr_valid+0x1db/0x2d0 [ 14.198975] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.198997] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.199021] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.199044] kasan_report+0x141/0x180 [ 14.199068] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.199096] kasan_check_range+0x10c/0x1c0 [ 14.199143] __kasan_check_write+0x18/0x20 [ 14.199165] kasan_atomics_helper+0x7c7/0x5450 [ 14.199190] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.199214] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.199237] ? kasan_atomics+0x152/0x310 [ 14.199261] kasan_atomics+0x1dc/0x310 [ 14.199282] ? __pfx_kasan_atomics+0x10/0x10 [ 14.199304] ? __pfx_read_tsc+0x10/0x10 [ 14.199333] ? ktime_get_ts64+0x86/0x230 [ 14.199360] kunit_try_run_case+0x1a5/0x480 [ 14.199384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.199407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.199432] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.199458] ? __kthread_parkme+0x82/0x180 [ 14.199481] ? preempt_count_sub+0x50/0x80 [ 14.199507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.199531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.199555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.199579] kthread+0x337/0x6f0 [ 14.199602] ? trace_preempt_on+0x20/0xc0 [ 14.199627] ? __pfx_kthread+0x10/0x10 [ 14.199650] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.199673] ? calculate_sigpending+0x7b/0xa0 [ 14.199695] ? __pfx_kthread+0x10/0x10 [ 14.199719] ret_from_fork+0x41/0x80 [ 14.199741] ? __pfx_kthread+0x10/0x10 [ 14.199764] ret_from_fork_asm+0x1a/0x30 [ 14.199796] </TASK> [ 14.199808] [ 14.206927] Allocated by task 285: [ 14.207054] kasan_save_stack+0x45/0x70 [ 14.207222] kasan_save_track+0x18/0x40 [ 14.207384] kasan_save_alloc_info+0x3b/0x50 [ 14.207589] __kasan_kmalloc+0xb7/0xc0 [ 14.207778] __kmalloc_cache_noprof+0x189/0x420 [ 14.207997] kasan_atomics+0x95/0x310 [ 14.208207] kunit_try_run_case+0x1a5/0x480 [ 14.208422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.208673] kthread+0x337/0x6f0 [ 14.208795] ret_from_fork+0x41/0x80 [ 14.208924] ret_from_fork_asm+0x1a/0x30 [ 14.209062] [ 14.209166] The buggy address belongs to the object at ffff888102b4cd00 [ 14.209166] which belongs to the cache kmalloc-64 of size 64 [ 14.209689] The buggy address is located 0 bytes to the right of [ 14.209689] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.210234] [ 14.210306] The buggy address belongs to the physical page: [ 14.210520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.210871] flags: 0x200000000000000(node=0|zone=2) [ 14.211089] page_type: f5(slab) [ 14.211251] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.211550] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.211857] page dumped because: kasan: bad access detected [ 14.212077] [ 14.212196] Memory state around the buggy address: [ 14.212361] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.212577] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.212792] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.213106] ^ [ 14.213354] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.213675] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.214003] ================================================================== [ 14.966296] ================================================================== [ 14.966768] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 14.967118] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.967815] [ 14.968064] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.968244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.968260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.968281] Call Trace: [ 14.968298] <TASK> [ 14.968313] dump_stack_lvl+0x73/0xb0 [ 14.968348] print_report+0xd1/0x650 [ 14.968372] ? __virt_addr_valid+0x1db/0x2d0 [ 14.968394] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.968417] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.968441] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.968464] kasan_report+0x141/0x180 [ 14.968487] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.968515] kasan_check_range+0x10c/0x1c0 [ 14.968540] __kasan_check_write+0x18/0x20 [ 14.968561] kasan_atomics_helper+0x1c18/0x5450 [ 14.968586] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.968609] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.968633] ? kasan_atomics+0x152/0x310 [ 14.968658] kasan_atomics+0x1dc/0x310 [ 14.968678] ? __pfx_kasan_atomics+0x10/0x10 [ 14.968700] ? __pfx_read_tsc+0x10/0x10 [ 14.968721] ? ktime_get_ts64+0x86/0x230 [ 14.968747] kunit_try_run_case+0x1a5/0x480 [ 14.968771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.968793] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.968817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.968842] ? __kthread_parkme+0x82/0x180 [ 14.968864] ? preempt_count_sub+0x50/0x80 [ 14.968890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.968914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.968937] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.968962] kthread+0x337/0x6f0 [ 14.968983] ? trace_preempt_on+0x20/0xc0 [ 14.969006] ? __pfx_kthread+0x10/0x10 [ 14.969029] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.969051] ? calculate_sigpending+0x7b/0xa0 [ 14.969073] ? __pfx_kthread+0x10/0x10 [ 14.969096] ret_from_fork+0x41/0x80 [ 14.969118] ? __pfx_kthread+0x10/0x10 [ 14.969149] ret_from_fork_asm+0x1a/0x30 [ 14.969181] </TASK> [ 14.969193] [ 14.978891] Allocated by task 285: [ 14.979097] kasan_save_stack+0x45/0x70 [ 14.979349] kasan_save_track+0x18/0x40 [ 14.979543] kasan_save_alloc_info+0x3b/0x50 [ 14.979753] __kasan_kmalloc+0xb7/0xc0 [ 14.979950] __kmalloc_cache_noprof+0x189/0x420 [ 14.980177] kasan_atomics+0x95/0x310 [ 14.980404] kunit_try_run_case+0x1a5/0x480 [ 14.980636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.980903] kthread+0x337/0x6f0 [ 14.981063] ret_from_fork+0x41/0x80 [ 14.981390] ret_from_fork_asm+0x1a/0x30 [ 14.981595] [ 14.981707] The buggy address belongs to the object at ffff888102b4cd00 [ 14.981707] which belongs to the cache kmalloc-64 of size 64 [ 14.982291] The buggy address is located 0 bytes to the right of [ 14.982291] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.982826] [ 14.982940] The buggy address belongs to the physical page: [ 14.983164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.983512] flags: 0x200000000000000(node=0|zone=2) [ 14.983773] page_type: f5(slab) [ 14.983977] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.984351] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.984735] page dumped because: kasan: bad access detected [ 14.984965] [ 14.985072] Memory state around the buggy address: [ 14.985380] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.985706] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.986038] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.986404] ^ [ 14.986670] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.987050] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.987418] ================================================================== [ 15.088668] ================================================================== [ 15.089006] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 15.089498] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.089792] [ 15.089903] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.089947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.089960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.089981] Call Trace: [ 15.089996] <TASK> [ 15.090011] dump_stack_lvl+0x73/0xb0 [ 15.090036] print_report+0xd1/0x650 [ 15.090060] ? __virt_addr_valid+0x1db/0x2d0 [ 15.090082] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.090105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.090128] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.090153] kasan_report+0x141/0x180 [ 15.090177] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.090205] kasan_check_range+0x10c/0x1c0 [ 15.090231] __kasan_check_write+0x18/0x20 [ 15.090252] kasan_atomics_helper+0x1f43/0x5450 [ 15.090279] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.090305] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.090340] ? kasan_atomics+0x152/0x310 [ 15.090365] kasan_atomics+0x1dc/0x310 [ 15.090386] ? __pfx_kasan_atomics+0x10/0x10 [ 15.090409] ? __pfx_read_tsc+0x10/0x10 [ 15.090429] ? ktime_get_ts64+0x86/0x230 [ 15.090457] kunit_try_run_case+0x1a5/0x480 [ 15.090483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.090506] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.090531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.090557] ? __kthread_parkme+0x82/0x180 [ 15.090581] ? preempt_count_sub+0x50/0x80 [ 15.090619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.090644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.090669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.090693] kthread+0x337/0x6f0 [ 15.090714] ? trace_preempt_on+0x20/0xc0 [ 15.090740] ? __pfx_kthread+0x10/0x10 [ 15.090763] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.090786] ? calculate_sigpending+0x7b/0xa0 [ 15.090809] ? __pfx_kthread+0x10/0x10 [ 15.090832] ret_from_fork+0x41/0x80 [ 15.090855] ? __pfx_kthread+0x10/0x10 [ 15.090878] ret_from_fork_asm+0x1a/0x30 [ 15.090910] </TASK> [ 15.090922] [ 15.098269] Allocated by task 285: [ 15.098446] kasan_save_stack+0x45/0x70 [ 15.098633] kasan_save_track+0x18/0x40 [ 15.098806] kasan_save_alloc_info+0x3b/0x50 [ 15.098950] __kasan_kmalloc+0xb7/0xc0 [ 15.099084] __kmalloc_cache_noprof+0x189/0x420 [ 15.099524] kasan_atomics+0x95/0x310 [ 15.099712] kunit_try_run_case+0x1a5/0x480 [ 15.099923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.100163] kthread+0x337/0x6f0 [ 15.100301] ret_from_fork+0x41/0x80 [ 15.100472] ret_from_fork_asm+0x1a/0x30 [ 15.100653] [ 15.100751] The buggy address belongs to the object at ffff888102b4cd00 [ 15.100751] which belongs to the cache kmalloc-64 of size 64 [ 15.101239] The buggy address is located 0 bytes to the right of [ 15.101239] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.101725] [ 15.101828] The buggy address belongs to the physical page: [ 15.102065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.102409] flags: 0x200000000000000(node=0|zone=2) [ 15.102620] page_type: f5(slab) [ 15.102764] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.103065] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.103401] page dumped because: kasan: bad access detected [ 15.103566] [ 15.103634] Memory state around the buggy address: [ 15.103780] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.103986] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.104225] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.104532] ^ [ 15.104798] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.105106] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.105406] ================================================================== [ 14.567592] ================================================================== [ 14.567930] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 14.568290] Read of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.568632] [ 14.568742] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.568786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.568799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.568820] Call Trace: [ 14.568838] <TASK> [ 14.568855] dump_stack_lvl+0x73/0xb0 [ 14.568880] print_report+0xd1/0x650 [ 14.568903] ? __virt_addr_valid+0x1db/0x2d0 [ 14.568926] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.568948] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.568972] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.568996] kasan_report+0x141/0x180 [ 14.569020] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.569048] __asan_report_load4_noabort+0x18/0x20 [ 14.569072] kasan_atomics_helper+0x4a02/0x5450 [ 14.569098] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.569143] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.569170] ? kasan_atomics+0x152/0x310 [ 14.569194] kasan_atomics+0x1dc/0x310 [ 14.569215] ? __pfx_kasan_atomics+0x10/0x10 [ 14.569236] ? __pfx_read_tsc+0x10/0x10 [ 14.569257] ? ktime_get_ts64+0x86/0x230 [ 14.569283] kunit_try_run_case+0x1a5/0x480 [ 14.569308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.569348] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.569373] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.569398] ? __kthread_parkme+0x82/0x180 [ 14.569433] ? preempt_count_sub+0x50/0x80 [ 14.569458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.569482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.569506] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.569530] kthread+0x337/0x6f0 [ 14.569551] ? trace_preempt_on+0x20/0xc0 [ 14.569577] ? __pfx_kthread+0x10/0x10 [ 14.569600] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.569623] ? calculate_sigpending+0x7b/0xa0 [ 14.569645] ? __pfx_kthread+0x10/0x10 [ 14.569669] ret_from_fork+0x41/0x80 [ 14.569690] ? __pfx_kthread+0x10/0x10 [ 14.569713] ret_from_fork_asm+0x1a/0x30 [ 14.569746] </TASK> [ 14.569757] [ 14.576944] Allocated by task 285: [ 14.577137] kasan_save_stack+0x45/0x70 [ 14.577305] kasan_save_track+0x18/0x40 [ 14.577492] kasan_save_alloc_info+0x3b/0x50 [ 14.577723] __kasan_kmalloc+0xb7/0xc0 [ 14.577901] __kmalloc_cache_noprof+0x189/0x420 [ 14.578129] kasan_atomics+0x95/0x310 [ 14.578306] kunit_try_run_case+0x1a5/0x480 [ 14.578527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.578702] kthread+0x337/0x6f0 [ 14.578831] ret_from_fork+0x41/0x80 [ 14.579034] ret_from_fork_asm+0x1a/0x30 [ 14.579252] [ 14.579365] The buggy address belongs to the object at ffff888102b4cd00 [ 14.579365] which belongs to the cache kmalloc-64 of size 64 [ 14.579826] The buggy address is located 0 bytes to the right of [ 14.579826] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.580389] [ 14.580485] The buggy address belongs to the physical page: [ 14.580736] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.581099] flags: 0x200000000000000(node=0|zone=2) [ 14.581397] page_type: f5(slab) [ 14.581619] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.582016] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.582424] page dumped because: kasan: bad access detected [ 14.582764] [ 14.582889] Memory state around the buggy address: [ 14.583152] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.583527] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.583849] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.584194] ^ [ 14.584426] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.584736] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.585030] ================================================================== [ 14.987948] ================================================================== [ 14.988884] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 14.989451] Read of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.989691] [ 14.989784] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.989830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.989843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.989865] Call Trace: [ 14.989922] <TASK> [ 14.989962] dump_stack_lvl+0x73/0xb0 [ 14.989990] print_report+0xd1/0x650 [ 14.990041] ? __virt_addr_valid+0x1db/0x2d0 [ 14.990065] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.990087] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.990112] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.990146] kasan_report+0x141/0x180 [ 14.990170] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.990228] __asan_report_load8_noabort+0x18/0x20 [ 14.990250] kasan_atomics_helper+0x4f30/0x5450 [ 14.990275] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.990299] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.990333] ? kasan_atomics+0x152/0x310 [ 14.990359] kasan_atomics+0x1dc/0x310 [ 14.990379] ? __pfx_kasan_atomics+0x10/0x10 [ 14.990401] ? __pfx_read_tsc+0x10/0x10 [ 14.990421] ? ktime_get_ts64+0x86/0x230 [ 14.990448] kunit_try_run_case+0x1a5/0x480 [ 14.990504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.990528] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.990553] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.990577] ? __kthread_parkme+0x82/0x180 [ 14.990600] ? preempt_count_sub+0x50/0x80 [ 14.990627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.990650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.990705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.990729] kthread+0x337/0x6f0 [ 14.990752] ? trace_preempt_on+0x20/0xc0 [ 14.990776] ? __pfx_kthread+0x10/0x10 [ 14.990828] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.990851] ? calculate_sigpending+0x7b/0xa0 [ 14.990873] ? __pfx_kthread+0x10/0x10 [ 14.990897] ret_from_fork+0x41/0x80 [ 14.990918] ? __pfx_kthread+0x10/0x10 [ 14.990969] ret_from_fork_asm+0x1a/0x30 [ 14.991004] </TASK> [ 14.991016] [ 14.999380] Allocated by task 285: [ 14.999569] kasan_save_stack+0x45/0x70 [ 14.999776] kasan_save_track+0x18/0x40 [ 14.999959] kasan_save_alloc_info+0x3b/0x50 [ 15.000207] __kasan_kmalloc+0xb7/0xc0 [ 15.000426] __kmalloc_cache_noprof+0x189/0x420 [ 15.000654] kasan_atomics+0x95/0x310 [ 15.000866] kunit_try_run_case+0x1a5/0x480 [ 15.001077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.001401] kthread+0x337/0x6f0 [ 15.001609] ret_from_fork+0x41/0x80 [ 15.001803] ret_from_fork_asm+0x1a/0x30 [ 15.001989] [ 15.002075] The buggy address belongs to the object at ffff888102b4cd00 [ 15.002075] which belongs to the cache kmalloc-64 of size 64 [ 15.002653] The buggy address is located 0 bytes to the right of [ 15.002653] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.003239] [ 15.003314] The buggy address belongs to the physical page: [ 15.003496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.003842] flags: 0x200000000000000(node=0|zone=2) [ 15.004072] page_type: f5(slab) [ 15.004239] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.004673] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.004899] page dumped because: kasan: bad access detected [ 15.005068] [ 15.005151] Memory state around the buggy address: [ 15.005387] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.005772] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.006210] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.006571] ^ [ 15.006832] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.007158] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.007451] ================================================================== [ 14.513077] ================================================================== [ 14.513707] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 14.513976] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.514447] [ 14.514545] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.514589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.514603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.514625] Call Trace: [ 14.514641] <TASK> [ 14.514657] dump_stack_lvl+0x73/0xb0 [ 14.514683] print_report+0xd1/0x650 [ 14.514710] ? __virt_addr_valid+0x1db/0x2d0 [ 14.514735] ? kasan_atomics_helper+0x1079/0x5450 [ 14.514758] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.514781] ? kasan_atomics_helper+0x1079/0x5450 [ 14.514806] kasan_report+0x141/0x180 [ 14.514832] ? kasan_atomics_helper+0x1079/0x5450 [ 14.514860] kasan_check_range+0x10c/0x1c0 [ 14.514886] __kasan_check_write+0x18/0x20 [ 14.514907] kasan_atomics_helper+0x1079/0x5450 [ 14.514932] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.514954] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.514978] ? kasan_atomics+0x152/0x310 [ 14.515003] kasan_atomics+0x1dc/0x310 [ 14.515024] ? __pfx_kasan_atomics+0x10/0x10 [ 14.515046] ? __pfx_read_tsc+0x10/0x10 [ 14.515068] ? ktime_get_ts64+0x86/0x230 [ 14.515095] kunit_try_run_case+0x1a5/0x480 [ 14.515119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.515151] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.515176] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.515201] ? __kthread_parkme+0x82/0x180 [ 14.515222] ? preempt_count_sub+0x50/0x80 [ 14.515248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.515272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.515296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.515319] kthread+0x337/0x6f0 [ 14.515351] ? trace_preempt_on+0x20/0xc0 [ 14.515375] ? __pfx_kthread+0x10/0x10 [ 14.515399] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.515421] ? calculate_sigpending+0x7b/0xa0 [ 14.515444] ? __pfx_kthread+0x10/0x10 [ 14.515467] ret_from_fork+0x41/0x80 [ 14.515489] ? __pfx_kthread+0x10/0x10 [ 14.515511] ret_from_fork_asm+0x1a/0x30 [ 14.515545] </TASK> [ 14.515557] [ 14.522834] Allocated by task 285: [ 14.522963] kasan_save_stack+0x45/0x70 [ 14.523104] kasan_save_track+0x18/0x40 [ 14.523295] kasan_save_alloc_info+0x3b/0x50 [ 14.523692] __kasan_kmalloc+0xb7/0xc0 [ 14.523883] __kmalloc_cache_noprof+0x189/0x420 [ 14.524062] kasan_atomics+0x95/0x310 [ 14.524191] kunit_try_run_case+0x1a5/0x480 [ 14.524346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.524522] kthread+0x337/0x6f0 [ 14.524643] ret_from_fork+0x41/0x80 [ 14.524835] ret_from_fork_asm+0x1a/0x30 [ 14.525034] [ 14.525126] The buggy address belongs to the object at ffff888102b4cd00 [ 14.525126] which belongs to the cache kmalloc-64 of size 64 [ 14.525867] The buggy address is located 0 bytes to the right of [ 14.525867] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.526459] [ 14.526559] The buggy address belongs to the physical page: [ 14.526773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.527068] flags: 0x200000000000000(node=0|zone=2) [ 14.527427] page_type: f5(slab) [ 14.527549] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.527777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.528107] page dumped because: kasan: bad access detected [ 14.528372] [ 14.528467] Memory state around the buggy address: [ 14.528695] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.528977] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.529305] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.529590] ^ [ 14.529774] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.530039] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.530625] ================================================================== [ 15.286736] ================================================================== [ 15.287446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 15.287891] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.288344] [ 15.288703] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.288753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.288767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.288788] Call Trace: [ 15.288912] <TASK> [ 15.288933] dump_stack_lvl+0x73/0xb0 [ 15.288960] print_report+0xd1/0x650 [ 15.288985] ? __virt_addr_valid+0x1db/0x2d0 [ 15.289007] ? kasan_atomics_helper+0x224c/0x5450 [ 15.289029] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.289053] ? kasan_atomics_helper+0x224c/0x5450 [ 15.289076] kasan_report+0x141/0x180 [ 15.289100] ? kasan_atomics_helper+0x224c/0x5450 [ 15.289138] kasan_check_range+0x10c/0x1c0 [ 15.289164] __kasan_check_write+0x18/0x20 [ 15.289185] kasan_atomics_helper+0x224c/0x5450 [ 15.289209] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.289233] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.289256] ? kasan_atomics+0x152/0x310 [ 15.289282] kasan_atomics+0x1dc/0x310 [ 15.289302] ? __pfx_kasan_atomics+0x10/0x10 [ 15.289336] ? __pfx_read_tsc+0x10/0x10 [ 15.289357] ? ktime_get_ts64+0x86/0x230 [ 15.289383] kunit_try_run_case+0x1a5/0x480 [ 15.289407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.289430] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.289455] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.289480] ? __kthread_parkme+0x82/0x180 [ 15.289503] ? preempt_count_sub+0x50/0x80 [ 15.289528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.289552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.289576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.289600] kthread+0x337/0x6f0 [ 15.289621] ? trace_preempt_on+0x20/0xc0 [ 15.289646] ? __pfx_kthread+0x10/0x10 [ 15.289669] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.289692] ? calculate_sigpending+0x7b/0xa0 [ 15.289715] ? __pfx_kthread+0x10/0x10 [ 15.289738] ret_from_fork+0x41/0x80 [ 15.289759] ? __pfx_kthread+0x10/0x10 [ 15.289786] ret_from_fork_asm+0x1a/0x30 [ 15.289819] </TASK> [ 15.289831] [ 15.301278] Allocated by task 285: [ 15.301475] kasan_save_stack+0x45/0x70 [ 15.301772] kasan_save_track+0x18/0x40 [ 15.302050] kasan_save_alloc_info+0x3b/0x50 [ 15.302423] __kasan_kmalloc+0xb7/0xc0 [ 15.302700] __kmalloc_cache_noprof+0x189/0x420 [ 15.303014] kasan_atomics+0x95/0x310 [ 15.303292] kunit_try_run_case+0x1a5/0x480 [ 15.303647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.304008] kthread+0x337/0x6f0 [ 15.304232] ret_from_fork+0x41/0x80 [ 15.304479] ret_from_fork_asm+0x1a/0x30 [ 15.304852] [ 15.304984] The buggy address belongs to the object at ffff888102b4cd00 [ 15.304984] which belongs to the cache kmalloc-64 of size 64 [ 15.305696] The buggy address is located 0 bytes to the right of [ 15.305696] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.306453] [ 15.306555] The buggy address belongs to the physical page: [ 15.306767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.307340] flags: 0x200000000000000(node=0|zone=2) [ 15.307696] page_type: f5(slab) [ 15.307970] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.308542] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.308962] page dumped because: kasan: bad access detected [ 15.309306] [ 15.309458] Memory state around the buggy address: [ 15.309844] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.310269] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.310691] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.311088] ^ [ 15.311471] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.311891] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.312338] ================================================================== [ 14.750216] ================================================================== [ 14.750647] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.750973] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.751356] [ 14.751530] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.751574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.751588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.751609] Call Trace: [ 14.751625] <TASK> [ 14.751640] dump_stack_lvl+0x73/0xb0 [ 14.751687] print_report+0xd1/0x650 [ 14.751725] ? __virt_addr_valid+0x1db/0x2d0 [ 14.751761] ? kasan_atomics_helper+0x151d/0x5450 [ 14.751798] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.751836] ? kasan_atomics_helper+0x151d/0x5450 [ 14.751874] kasan_report+0x141/0x180 [ 14.751924] ? kasan_atomics_helper+0x151d/0x5450 [ 14.751967] kasan_check_range+0x10c/0x1c0 [ 14.751992] __kasan_check_write+0x18/0x20 [ 14.752012] kasan_atomics_helper+0x151d/0x5450 [ 14.752037] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.752061] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.752084] ? kasan_atomics+0x152/0x310 [ 14.752109] kasan_atomics+0x1dc/0x310 [ 14.752130] ? __pfx_kasan_atomics+0x10/0x10 [ 14.752152] ? __pfx_read_tsc+0x10/0x10 [ 14.752172] ? ktime_get_ts64+0x86/0x230 [ 14.752199] kunit_try_run_case+0x1a5/0x480 [ 14.752223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.752246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.752271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.752296] ? __kthread_parkme+0x82/0x180 [ 14.752319] ? preempt_count_sub+0x50/0x80 [ 14.752357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.752381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.752405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.752428] kthread+0x337/0x6f0 [ 14.752459] ? trace_preempt_on+0x20/0xc0 [ 14.752483] ? __pfx_kthread+0x10/0x10 [ 14.752506] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.752529] ? calculate_sigpending+0x7b/0xa0 [ 14.752552] ? __pfx_kthread+0x10/0x10 [ 14.752575] ret_from_fork+0x41/0x80 [ 14.752615] ? __pfx_kthread+0x10/0x10 [ 14.752639] ret_from_fork_asm+0x1a/0x30 [ 14.752672] </TASK> [ 14.752699] [ 14.760214] Allocated by task 285: [ 14.760429] kasan_save_stack+0x45/0x70 [ 14.760673] kasan_save_track+0x18/0x40 [ 14.760893] kasan_save_alloc_info+0x3b/0x50 [ 14.761134] __kasan_kmalloc+0xb7/0xc0 [ 14.761333] __kmalloc_cache_noprof+0x189/0x420 [ 14.761555] kasan_atomics+0x95/0x310 [ 14.761738] kunit_try_run_case+0x1a5/0x480 [ 14.761894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.762202] kthread+0x337/0x6f0 [ 14.762383] ret_from_fork+0x41/0x80 [ 14.762585] ret_from_fork_asm+0x1a/0x30 [ 14.762731] [ 14.762811] The buggy address belongs to the object at ffff888102b4cd00 [ 14.762811] which belongs to the cache kmalloc-64 of size 64 [ 14.763383] The buggy address is located 0 bytes to the right of [ 14.763383] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.763916] [ 14.763995] The buggy address belongs to the physical page: [ 14.764265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.764633] flags: 0x200000000000000(node=0|zone=2) [ 14.764851] page_type: f5(slab) [ 14.765031] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.765535] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.765836] page dumped because: kasan: bad access detected [ 14.766074] [ 14.766250] Memory state around the buggy address: [ 14.766498] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.766815] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.767141] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.767463] ^ [ 14.767708] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.768023] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.768232] ================================================================== [ 14.090664] ================================================================== [ 14.091018] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 14.091402] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.091900] [ 14.092013] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.092058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.092071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.092092] Call Trace: [ 14.092108] <TASK> [ 14.092124] dump_stack_lvl+0x73/0xb0 [ 14.092149] print_report+0xd1/0x650 [ 14.092172] ? __virt_addr_valid+0x1db/0x2d0 [ 14.092195] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.092218] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.092242] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.092266] kasan_report+0x141/0x180 [ 14.092289] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.092318] __asan_report_store4_noabort+0x1b/0x30 [ 14.092362] kasan_atomics_helper+0x4b3a/0x5450 [ 14.092387] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.092411] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.092434] ? kasan_atomics+0x152/0x310 [ 14.092459] kasan_atomics+0x1dc/0x310 [ 14.092480] ? __pfx_kasan_atomics+0x10/0x10 [ 14.092503] ? __pfx_read_tsc+0x10/0x10 [ 14.092524] ? ktime_get_ts64+0x86/0x230 [ 14.092551] kunit_try_run_case+0x1a5/0x480 [ 14.092575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.092597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.092621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.092646] ? __kthread_parkme+0x82/0x180 [ 14.092668] ? preempt_count_sub+0x50/0x80 [ 14.092694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.092718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.092741] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.092765] kthread+0x337/0x6f0 [ 14.092786] ? trace_preempt_on+0x20/0xc0 [ 14.092810] ? __pfx_kthread+0x10/0x10 [ 14.092833] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.092856] ? calculate_sigpending+0x7b/0xa0 [ 14.092879] ? __pfx_kthread+0x10/0x10 [ 14.092902] ret_from_fork+0x41/0x80 [ 14.092924] ? __pfx_kthread+0x10/0x10 [ 14.092946] ret_from_fork_asm+0x1a/0x30 [ 14.092979] </TASK> [ 14.092990] [ 14.100430] Allocated by task 285: [ 14.100566] kasan_save_stack+0x45/0x70 [ 14.100712] kasan_save_track+0x18/0x40 [ 14.100847] kasan_save_alloc_info+0x3b/0x50 [ 14.101053] __kasan_kmalloc+0xb7/0xc0 [ 14.101244] __kmalloc_cache_noprof+0x189/0x420 [ 14.101604] kasan_atomics+0x95/0x310 [ 14.101793] kunit_try_run_case+0x1a5/0x480 [ 14.102002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.102415] kthread+0x337/0x6f0 [ 14.102553] ret_from_fork+0x41/0x80 [ 14.102683] ret_from_fork_asm+0x1a/0x30 [ 14.102825] [ 14.102897] The buggy address belongs to the object at ffff888102b4cd00 [ 14.102897] which belongs to the cache kmalloc-64 of size 64 [ 14.103414] The buggy address is located 0 bytes to the right of [ 14.103414] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.103961] [ 14.104059] The buggy address belongs to the physical page: [ 14.104304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.104552] flags: 0x200000000000000(node=0|zone=2) [ 14.104712] page_type: f5(slab) [ 14.104893] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.105367] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.105710] page dumped because: kasan: bad access detected [ 14.105971] [ 14.106083] Memory state around the buggy address: [ 14.106341] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.106587] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.106804] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.107015] ^ [ 14.107170] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.107419] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.107735] ================================================================== [ 15.141594] ================================================================== [ 15.141971] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 15.142465] Read of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.142782] [ 15.142863] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.142904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.142916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.142936] Call Trace: [ 15.142950] <TASK> [ 15.142965] dump_stack_lvl+0x73/0xb0 [ 15.142988] print_report+0xd1/0x650 [ 15.143012] ? __virt_addr_valid+0x1db/0x2d0 [ 15.143058] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.143080] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.143104] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.143137] kasan_report+0x141/0x180 [ 15.143161] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.143190] __asan_report_load8_noabort+0x18/0x20 [ 15.143212] kasan_atomics_helper+0x4f98/0x5450 [ 15.143254] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.143278] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.143301] ? kasan_atomics+0x152/0x310 [ 15.143336] kasan_atomics+0x1dc/0x310 [ 15.143357] ? __pfx_kasan_atomics+0x10/0x10 [ 15.143379] ? __pfx_read_tsc+0x10/0x10 [ 15.143399] ? ktime_get_ts64+0x86/0x230 [ 15.143426] kunit_try_run_case+0x1a5/0x480 [ 15.143450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.143489] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.143514] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.143539] ? __kthread_parkme+0x82/0x180 [ 15.143561] ? preempt_count_sub+0x50/0x80 [ 15.143587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.143611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.143634] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.143658] kthread+0x337/0x6f0 [ 15.143680] ? trace_preempt_on+0x20/0xc0 [ 15.143703] ? __pfx_kthread+0x10/0x10 [ 15.143726] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.143749] ? calculate_sigpending+0x7b/0xa0 [ 15.143771] ? __pfx_kthread+0x10/0x10 [ 15.143795] ret_from_fork+0x41/0x80 [ 15.143816] ? __pfx_kthread+0x10/0x10 [ 15.143839] ret_from_fork_asm+0x1a/0x30 [ 15.143871] </TASK> [ 15.143882] [ 15.151255] Allocated by task 285: [ 15.151397] kasan_save_stack+0x45/0x70 [ 15.151551] kasan_save_track+0x18/0x40 [ 15.151751] kasan_save_alloc_info+0x3b/0x50 [ 15.151991] __kasan_kmalloc+0xb7/0xc0 [ 15.152254] __kmalloc_cache_noprof+0x189/0x420 [ 15.152468] kasan_atomics+0x95/0x310 [ 15.152644] kunit_try_run_case+0x1a5/0x480 [ 15.152854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.153108] kthread+0x337/0x6f0 [ 15.153267] ret_from_fork+0x41/0x80 [ 15.153409] ret_from_fork_asm+0x1a/0x30 [ 15.153549] [ 15.153621] The buggy address belongs to the object at ffff888102b4cd00 [ 15.153621] which belongs to the cache kmalloc-64 of size 64 [ 15.154552] The buggy address is located 0 bytes to the right of [ 15.154552] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.154935] [ 15.155009] The buggy address belongs to the physical page: [ 15.155313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.155699] flags: 0x200000000000000(node=0|zone=2) [ 15.155951] page_type: f5(slab) [ 15.156143] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.156861] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.157836] page dumped because: kasan: bad access detected [ 15.158218] [ 15.158380] Memory state around the buggy address: [ 15.158540] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.158756] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.158972] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.159192] ^ [ 15.159361] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.159576] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.159788] ================================================================== [ 14.380894] ================================================================== [ 14.381389] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 14.381723] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.382024] [ 14.382119] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.382175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.382188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.382208] Call Trace: [ 14.382222] <TASK> [ 14.382236] dump_stack_lvl+0x73/0xb0 [ 14.382259] print_report+0xd1/0x650 [ 14.382282] ? __virt_addr_valid+0x1db/0x2d0 [ 14.382304] ? kasan_atomics_helper+0xd47/0x5450 [ 14.382337] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.382362] ? kasan_atomics_helper+0xd47/0x5450 [ 14.382385] kasan_report+0x141/0x180 [ 14.382408] ? kasan_atomics_helper+0xd47/0x5450 [ 14.382437] kasan_check_range+0x10c/0x1c0 [ 14.382462] __kasan_check_write+0x18/0x20 [ 14.382483] kasan_atomics_helper+0xd47/0x5450 [ 14.382507] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.382531] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.382554] ? kasan_atomics+0x152/0x310 [ 14.382578] kasan_atomics+0x1dc/0x310 [ 14.382599] ? __pfx_kasan_atomics+0x10/0x10 [ 14.382622] ? __pfx_read_tsc+0x10/0x10 [ 14.382642] ? ktime_get_ts64+0x86/0x230 [ 14.382668] kunit_try_run_case+0x1a5/0x480 [ 14.382692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.382715] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.382739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.382764] ? __kthread_parkme+0x82/0x180 [ 14.382786] ? preempt_count_sub+0x50/0x80 [ 14.382811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.382836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.382859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.382883] kthread+0x337/0x6f0 [ 14.382905] ? trace_preempt_on+0x20/0xc0 [ 14.382929] ? __pfx_kthread+0x10/0x10 [ 14.382952] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.382975] ? calculate_sigpending+0x7b/0xa0 [ 14.382998] ? __pfx_kthread+0x10/0x10 [ 14.383022] ret_from_fork+0x41/0x80 [ 14.383043] ? __pfx_kthread+0x10/0x10 [ 14.383066] ret_from_fork_asm+0x1a/0x30 [ 14.383098] </TASK> [ 14.383109] [ 14.390350] Allocated by task 285: [ 14.390478] kasan_save_stack+0x45/0x70 [ 14.390619] kasan_save_track+0x18/0x40 [ 14.390755] kasan_save_alloc_info+0x3b/0x50 [ 14.390900] __kasan_kmalloc+0xb7/0xc0 [ 14.391092] __kmalloc_cache_noprof+0x189/0x420 [ 14.391557] kasan_atomics+0x95/0x310 [ 14.391749] kunit_try_run_case+0x1a5/0x480 [ 14.391957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.392246] kthread+0x337/0x6f0 [ 14.392409] ret_from_fork+0x41/0x80 [ 14.392572] ret_from_fork_asm+0x1a/0x30 [ 14.392731] [ 14.392827] The buggy address belongs to the object at ffff888102b4cd00 [ 14.392827] which belongs to the cache kmalloc-64 of size 64 [ 14.393282] The buggy address is located 0 bytes to the right of [ 14.393282] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.393789] [ 14.393886] The buggy address belongs to the physical page: [ 14.394115] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.394440] flags: 0x200000000000000(node=0|zone=2) [ 14.394637] page_type: f5(slab) [ 14.394788] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.395090] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.395448] page dumped because: kasan: bad access detected [ 14.395618] [ 14.395690] Memory state around the buggy address: [ 14.395844] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.396059] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.396379] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.397016] ^ [ 14.397243] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.397573] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.397814] ================================================================== [ 14.631962] ================================================================== [ 14.632510] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 14.632879] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.633214] [ 14.633314] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.633370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.633383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.633442] Call Trace: [ 14.633458] <TASK> [ 14.633473] dump_stack_lvl+0x73/0xb0 [ 14.633498] print_report+0xd1/0x650 [ 14.633523] ? __virt_addr_valid+0x1db/0x2d0 [ 14.633546] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.633568] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.633592] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.633616] kasan_report+0x141/0x180 [ 14.633640] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.633668] kasan_check_range+0x10c/0x1c0 [ 14.633693] __kasan_check_write+0x18/0x20 [ 14.633714] kasan_atomics_helper+0x12e6/0x5450 [ 14.633739] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.633762] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.633792] ? kasan_atomics+0x152/0x310 [ 14.633817] kasan_atomics+0x1dc/0x310 [ 14.633837] ? __pfx_kasan_atomics+0x10/0x10 [ 14.633860] ? __pfx_read_tsc+0x10/0x10 [ 14.633880] ? ktime_get_ts64+0x86/0x230 [ 14.633907] kunit_try_run_case+0x1a5/0x480 [ 14.633931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.633954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.633980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.634004] ? __kthread_parkme+0x82/0x180 [ 14.634026] ? preempt_count_sub+0x50/0x80 [ 14.634052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.634076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.634099] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.634134] kthread+0x337/0x6f0 [ 14.634156] ? trace_preempt_on+0x20/0xc0 [ 14.634179] ? __pfx_kthread+0x10/0x10 [ 14.634203] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.634225] ? calculate_sigpending+0x7b/0xa0 [ 14.634248] ? __pfx_kthread+0x10/0x10 [ 14.634272] ret_from_fork+0x41/0x80 [ 14.634293] ? __pfx_kthread+0x10/0x10 [ 14.634316] ret_from_fork_asm+0x1a/0x30 [ 14.634360] </TASK> [ 14.634371] [ 14.642088] Allocated by task 285: [ 14.642286] kasan_save_stack+0x45/0x70 [ 14.642497] kasan_save_track+0x18/0x40 [ 14.642690] kasan_save_alloc_info+0x3b/0x50 [ 14.642882] __kasan_kmalloc+0xb7/0xc0 [ 14.643042] __kmalloc_cache_noprof+0x189/0x420 [ 14.643251] kasan_atomics+0x95/0x310 [ 14.643422] kunit_try_run_case+0x1a5/0x480 [ 14.643608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.643831] kthread+0x337/0x6f0 [ 14.643954] ret_from_fork+0x41/0x80 [ 14.644085] ret_from_fork_asm+0x1a/0x30 [ 14.644287] [ 14.644392] The buggy address belongs to the object at ffff888102b4cd00 [ 14.644392] which belongs to the cache kmalloc-64 of size 64 [ 14.645072] The buggy address is located 0 bytes to the right of [ 14.645072] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.645445] [ 14.645546] The buggy address belongs to the physical page: [ 14.645914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.646249] flags: 0x200000000000000(node=0|zone=2) [ 14.646422] page_type: f5(slab) [ 14.646543] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.646773] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.647072] page dumped because: kasan: bad access detected [ 14.647577] [ 14.647674] Memory state around the buggy address: [ 14.647904] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.648355] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.648685] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.648982] ^ [ 14.649210] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.649493] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.649783] ================================================================== [ 14.071841] ================================================================== [ 14.072232] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 14.072829] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.073222] [ 14.073341] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.073388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.073401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.073424] Call Trace: [ 14.073441] <TASK> [ 14.073458] dump_stack_lvl+0x73/0xb0 [ 14.073484] print_report+0xd1/0x650 [ 14.073508] ? __virt_addr_valid+0x1db/0x2d0 [ 14.073531] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.073553] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.073577] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.073600] kasan_report+0x141/0x180 [ 14.073623] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.073651] kasan_check_range+0x10c/0x1c0 [ 14.073676] __kasan_check_write+0x18/0x20 [ 14.073697] kasan_atomics_helper+0x4a0/0x5450 [ 14.073721] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.073745] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.073771] ? kasan_atomics+0x152/0x310 [ 14.073795] kasan_atomics+0x1dc/0x310 [ 14.073816] ? __pfx_kasan_atomics+0x10/0x10 [ 14.073837] ? __pfx_read_tsc+0x10/0x10 [ 14.073858] ? ktime_get_ts64+0x86/0x230 [ 14.073884] kunit_try_run_case+0x1a5/0x480 [ 14.073908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.073930] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.073955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.073980] ? __kthread_parkme+0x82/0x180 [ 14.074002] ? preempt_count_sub+0x50/0x80 [ 14.074029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.074053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.074076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.074100] kthread+0x337/0x6f0 [ 14.074121] ? trace_preempt_on+0x20/0xc0 [ 14.074154] ? __pfx_kthread+0x10/0x10 [ 14.074176] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.074199] ? calculate_sigpending+0x7b/0xa0 [ 14.074222] ? __pfx_kthread+0x10/0x10 [ 14.074246] ret_from_fork+0x41/0x80 [ 14.074267] ? __pfx_kthread+0x10/0x10 [ 14.074290] ret_from_fork_asm+0x1a/0x30 [ 14.074333] </TASK> [ 14.074344] [ 14.081992] Allocated by task 285: [ 14.082186] kasan_save_stack+0x45/0x70 [ 14.082375] kasan_save_track+0x18/0x40 [ 14.082554] kasan_save_alloc_info+0x3b/0x50 [ 14.082732] __kasan_kmalloc+0xb7/0xc0 [ 14.082865] __kmalloc_cache_noprof+0x189/0x420 [ 14.083017] kasan_atomics+0x95/0x310 [ 14.083157] kunit_try_run_case+0x1a5/0x480 [ 14.083385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.083636] kthread+0x337/0x6f0 [ 14.083848] ret_from_fork+0x41/0x80 [ 14.084022] ret_from_fork_asm+0x1a/0x30 [ 14.084161] [ 14.084233] The buggy address belongs to the object at ffff888102b4cd00 [ 14.084233] which belongs to the cache kmalloc-64 of size 64 [ 14.084744] The buggy address is located 0 bytes to the right of [ 14.084744] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.085474] [ 14.085559] The buggy address belongs to the physical page: [ 14.085786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.086100] flags: 0x200000000000000(node=0|zone=2) [ 14.086315] page_type: f5(slab) [ 14.086456] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.086759] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.087063] page dumped because: kasan: bad access detected [ 14.087374] [ 14.087449] Memory state around the buggy address: [ 14.087639] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.087853] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.088065] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.088277] ^ [ 14.088491] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.089105] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.089448] ================================================================== [ 14.109352] ================================================================== [ 14.109717] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.110059] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.110754] [ 14.110894] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.110940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.110953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.110974] Call Trace: [ 14.110990] <TASK> [ 14.111006] dump_stack_lvl+0x73/0xb0 [ 14.111033] print_report+0xd1/0x650 [ 14.111056] ? __virt_addr_valid+0x1db/0x2d0 [ 14.111079] ? kasan_atomics_helper+0x565/0x5450 [ 14.111101] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.111126] ? kasan_atomics_helper+0x565/0x5450 [ 14.111150] kasan_report+0x141/0x180 [ 14.111194] ? kasan_atomics_helper+0x565/0x5450 [ 14.111222] kasan_check_range+0x10c/0x1c0 [ 14.111248] __kasan_check_write+0x18/0x20 [ 14.111285] kasan_atomics_helper+0x565/0x5450 [ 14.111310] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.111343] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.111367] ? kasan_atomics+0x152/0x310 [ 14.111391] kasan_atomics+0x1dc/0x310 [ 14.111412] ? __pfx_kasan_atomics+0x10/0x10 [ 14.111434] ? __pfx_read_tsc+0x10/0x10 [ 14.111455] ? ktime_get_ts64+0x86/0x230 [ 14.111539] kunit_try_run_case+0x1a5/0x480 [ 14.111588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.111613] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.111638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.111664] ? __kthread_parkme+0x82/0x180 [ 14.111686] ? preempt_count_sub+0x50/0x80 [ 14.111712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.111753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.111777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.111801] kthread+0x337/0x6f0 [ 14.111823] ? trace_preempt_on+0x20/0xc0 [ 14.111848] ? __pfx_kthread+0x10/0x10 [ 14.111870] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.111893] ? calculate_sigpending+0x7b/0xa0 [ 14.111917] ? __pfx_kthread+0x10/0x10 [ 14.111940] ret_from_fork+0x41/0x80 [ 14.111962] ? __pfx_kthread+0x10/0x10 [ 14.111984] ret_from_fork_asm+0x1a/0x30 [ 14.112017] </TASK> [ 14.112029] [ 14.119402] Allocated by task 285: [ 14.119576] kasan_save_stack+0x45/0x70 [ 14.119967] kasan_save_track+0x18/0x40 [ 14.120172] kasan_save_alloc_info+0x3b/0x50 [ 14.120331] __kasan_kmalloc+0xb7/0xc0 [ 14.120466] __kmalloc_cache_noprof+0x189/0x420 [ 14.120686] kasan_atomics+0x95/0x310 [ 14.120873] kunit_try_run_case+0x1a5/0x480 [ 14.121074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.121456] kthread+0x337/0x6f0 [ 14.121630] ret_from_fork+0x41/0x80 [ 14.121796] ret_from_fork_asm+0x1a/0x30 [ 14.121935] [ 14.122006] The buggy address belongs to the object at ffff888102b4cd00 [ 14.122006] which belongs to the cache kmalloc-64 of size 64 [ 14.122500] The buggy address is located 0 bytes to the right of [ 14.122500] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.123171] [ 14.123255] The buggy address belongs to the physical page: [ 14.123437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.123714] flags: 0x200000000000000(node=0|zone=2) [ 14.123965] page_type: f5(slab) [ 14.124144] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.124491] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.124819] page dumped because: kasan: bad access detected [ 14.125035] [ 14.125135] Memory state around the buggy address: [ 14.125312] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.125537] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.125817] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.126749] ^ [ 14.126996] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.127287] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.127565] ================================================================== [ 14.548694] ================================================================== [ 14.548992] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 14.550364] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.550682] [ 14.550787] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.550832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.550845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.550867] Call Trace: [ 14.550880] <TASK> [ 14.550895] dump_stack_lvl+0x73/0xb0 [ 14.550921] print_report+0xd1/0x650 [ 14.550945] ? __virt_addr_valid+0x1db/0x2d0 [ 14.550966] ? kasan_atomics_helper+0x1148/0x5450 [ 14.550989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.551013] ? kasan_atomics_helper+0x1148/0x5450 [ 14.551036] kasan_report+0x141/0x180 [ 14.551060] ? kasan_atomics_helper+0x1148/0x5450 [ 14.551089] kasan_check_range+0x10c/0x1c0 [ 14.551122] __kasan_check_write+0x18/0x20 [ 14.551143] kasan_atomics_helper+0x1148/0x5450 [ 14.551168] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.551193] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.551216] ? kasan_atomics+0x152/0x310 [ 14.551240] kasan_atomics+0x1dc/0x310 [ 14.551260] ? __pfx_kasan_atomics+0x10/0x10 [ 14.551282] ? __pfx_read_tsc+0x10/0x10 [ 14.551302] ? ktime_get_ts64+0x86/0x230 [ 14.551337] kunit_try_run_case+0x1a5/0x480 [ 14.551361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.551410] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.551435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.551471] ? __kthread_parkme+0x82/0x180 [ 14.551493] ? preempt_count_sub+0x50/0x80 [ 14.551518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.551542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.551575] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.551598] kthread+0x337/0x6f0 [ 14.551619] ? trace_preempt_on+0x20/0xc0 [ 14.551653] ? __pfx_kthread+0x10/0x10 [ 14.551676] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.551699] ? calculate_sigpending+0x7b/0xa0 [ 14.551729] ? __pfx_kthread+0x10/0x10 [ 14.551753] ret_from_fork+0x41/0x80 [ 14.551774] ? __pfx_kthread+0x10/0x10 [ 14.551807] ret_from_fork_asm+0x1a/0x30 [ 14.551839] </TASK> [ 14.551851] [ 14.559104] Allocated by task 285: [ 14.559250] kasan_save_stack+0x45/0x70 [ 14.559440] kasan_save_track+0x18/0x40 [ 14.559631] kasan_save_alloc_info+0x3b/0x50 [ 14.559860] __kasan_kmalloc+0xb7/0xc0 [ 14.560046] __kmalloc_cache_noprof+0x189/0x420 [ 14.560286] kasan_atomics+0x95/0x310 [ 14.560477] kunit_try_run_case+0x1a5/0x480 [ 14.560685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.560935] kthread+0x337/0x6f0 [ 14.561102] ret_from_fork+0x41/0x80 [ 14.561302] ret_from_fork_asm+0x1a/0x30 [ 14.561516] [ 14.561612] The buggy address belongs to the object at ffff888102b4cd00 [ 14.561612] which belongs to the cache kmalloc-64 of size 64 [ 14.562006] The buggy address is located 0 bytes to the right of [ 14.562006] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.562568] [ 14.562681] The buggy address belongs to the physical page: [ 14.562937] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.563342] flags: 0x200000000000000(node=0|zone=2) [ 14.563574] page_type: f5(slab) [ 14.563735] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.564076] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.564430] page dumped because: kasan: bad access detected [ 14.564682] [ 14.564772] Memory state around the buggy address: [ 14.564928] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.565197] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.565532] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.565850] ^ [ 14.566069] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.566335] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.566635] ================================================================== [ 14.808582] ================================================================== [ 14.808931] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.809467] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.809829] [ 14.809938] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.810001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.810015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.810036] Call Trace: [ 14.810048] <TASK> [ 14.810063] dump_stack_lvl+0x73/0xb0 [ 14.810087] print_report+0xd1/0x650 [ 14.810112] ? __virt_addr_valid+0x1db/0x2d0 [ 14.810145] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.810168] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.810191] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.810215] kasan_report+0x141/0x180 [ 14.810239] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.810286] kasan_check_range+0x10c/0x1c0 [ 14.810312] __kasan_check_write+0x18/0x20 [ 14.810345] kasan_atomics_helper+0x16e7/0x5450 [ 14.810369] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.810393] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.810416] ? kasan_atomics+0x152/0x310 [ 14.810458] kasan_atomics+0x1dc/0x310 [ 14.810479] ? __pfx_kasan_atomics+0x10/0x10 [ 14.810501] ? __pfx_read_tsc+0x10/0x10 [ 14.810521] ? ktime_get_ts64+0x86/0x230 [ 14.810548] kunit_try_run_case+0x1a5/0x480 [ 14.810572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.810594] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.810636] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.810662] ? __kthread_parkme+0x82/0x180 [ 14.810684] ? preempt_count_sub+0x50/0x80 [ 14.810710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.810735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.810758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.810798] kthread+0x337/0x6f0 [ 14.810820] ? trace_preempt_on+0x20/0xc0 [ 14.810843] ? __pfx_kthread+0x10/0x10 [ 14.810866] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.810889] ? calculate_sigpending+0x7b/0xa0 [ 14.810911] ? __pfx_kthread+0x10/0x10 [ 14.810951] ret_from_fork+0x41/0x80 [ 14.810973] ? __pfx_kthread+0x10/0x10 [ 14.810996] ret_from_fork_asm+0x1a/0x30 [ 14.811029] </TASK> [ 14.811040] [ 14.818966] Allocated by task 285: [ 14.819103] kasan_save_stack+0x45/0x70 [ 14.819302] kasan_save_track+0x18/0x40 [ 14.819535] kasan_save_alloc_info+0x3b/0x50 [ 14.819745] __kasan_kmalloc+0xb7/0xc0 [ 14.819936] __kmalloc_cache_noprof+0x189/0x420 [ 14.820150] kasan_atomics+0x95/0x310 [ 14.820348] kunit_try_run_case+0x1a5/0x480 [ 14.820721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.820971] kthread+0x337/0x6f0 [ 14.821165] ret_from_fork+0x41/0x80 [ 14.821304] ret_from_fork_asm+0x1a/0x30 [ 14.821457] [ 14.821527] The buggy address belongs to the object at ffff888102b4cd00 [ 14.821527] which belongs to the cache kmalloc-64 of size 64 [ 14.822074] The buggy address is located 0 bytes to the right of [ 14.822074] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.822685] [ 14.822799] The buggy address belongs to the physical page: [ 14.823102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.823484] flags: 0x200000000000000(node=0|zone=2) [ 14.823716] page_type: f5(slab) [ 14.823886] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.824259] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.824506] page dumped because: kasan: bad access detected [ 14.824677] [ 14.824746] Memory state around the buggy address: [ 14.824928] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.825356] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.825962] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.826303] ^ [ 14.826529] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.826856] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.827095] ================================================================== [ 14.712030] ================================================================== [ 14.712420] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.712871] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.713190] [ 14.713341] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.713387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.713401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.713422] Call Trace: [ 14.713436] <TASK> [ 14.713471] dump_stack_lvl+0x73/0xb0 [ 14.713497] print_report+0xd1/0x650 [ 14.713522] ? __virt_addr_valid+0x1db/0x2d0 [ 14.713544] ? kasan_atomics_helper+0x1467/0x5450 [ 14.713567] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.713591] ? kasan_atomics_helper+0x1467/0x5450 [ 14.713615] kasan_report+0x141/0x180 [ 14.713639] ? kasan_atomics_helper+0x1467/0x5450 [ 14.713684] kasan_check_range+0x10c/0x1c0 [ 14.713710] __kasan_check_write+0x18/0x20 [ 14.713731] kasan_atomics_helper+0x1467/0x5450 [ 14.713777] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.713802] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.713825] ? kasan_atomics+0x152/0x310 [ 14.713849] kasan_atomics+0x1dc/0x310 [ 14.713871] ? __pfx_kasan_atomics+0x10/0x10 [ 14.713893] ? __pfx_read_tsc+0x10/0x10 [ 14.713913] ? ktime_get_ts64+0x86/0x230 [ 14.713955] kunit_try_run_case+0x1a5/0x480 [ 14.713979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.714001] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.714025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.714051] ? __kthread_parkme+0x82/0x180 [ 14.714072] ? preempt_count_sub+0x50/0x80 [ 14.714098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.714132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.714155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.714179] kthread+0x337/0x6f0 [ 14.714200] ? trace_preempt_on+0x20/0xc0 [ 14.714224] ? __pfx_kthread+0x10/0x10 [ 14.714247] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.714269] ? calculate_sigpending+0x7b/0xa0 [ 14.714291] ? __pfx_kthread+0x10/0x10 [ 14.714315] ret_from_fork+0x41/0x80 [ 14.714347] ? __pfx_kthread+0x10/0x10 [ 14.714370] ret_from_fork_asm+0x1a/0x30 [ 14.714402] </TASK> [ 14.714413] [ 14.722081] Allocated by task 285: [ 14.722436] kasan_save_stack+0x45/0x70 [ 14.722628] kasan_save_track+0x18/0x40 [ 14.722766] kasan_save_alloc_info+0x3b/0x50 [ 14.722913] __kasan_kmalloc+0xb7/0xc0 [ 14.723102] __kmalloc_cache_noprof+0x189/0x420 [ 14.723339] kasan_atomics+0x95/0x310 [ 14.723544] kunit_try_run_case+0x1a5/0x480 [ 14.723774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.724046] kthread+0x337/0x6f0 [ 14.724255] ret_from_fork+0x41/0x80 [ 14.724476] ret_from_fork_asm+0x1a/0x30 [ 14.724674] [ 14.724769] The buggy address belongs to the object at ffff888102b4cd00 [ 14.724769] which belongs to the cache kmalloc-64 of size 64 [ 14.725417] The buggy address is located 0 bytes to the right of [ 14.725417] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.725785] [ 14.725857] The buggy address belongs to the physical page: [ 14.726106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.726502] flags: 0x200000000000000(node=0|zone=2) [ 14.726771] page_type: f5(slab) [ 14.726957] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.727340] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.727686] page dumped because: kasan: bad access detected [ 14.727938] [ 14.728049] Memory state around the buggy address: [ 14.728294] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.728640] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.728901] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.729113] ^ [ 14.729346] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.729732] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.730033] ================================================================== [ 15.313045] ================================================================== [ 15.313700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 15.314150] Read of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.314461] [ 15.314570] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.314615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.314630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.314746] Call Trace: [ 15.314762] <TASK> [ 15.314776] dump_stack_lvl+0x73/0xb0 [ 15.314804] print_report+0xd1/0x650 [ 15.314827] ? __virt_addr_valid+0x1db/0x2d0 [ 15.314849] ? kasan_atomics_helper+0x5115/0x5450 [ 15.314872] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.314895] ? kasan_atomics_helper+0x5115/0x5450 [ 15.314919] kasan_report+0x141/0x180 [ 15.314943] ? kasan_atomics_helper+0x5115/0x5450 [ 15.314971] __asan_report_load8_noabort+0x18/0x20 [ 15.314993] kasan_atomics_helper+0x5115/0x5450 [ 15.315017] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.315041] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.315063] ? kasan_atomics+0x152/0x310 [ 15.315088] kasan_atomics+0x1dc/0x310 [ 15.315108] ? __pfx_kasan_atomics+0x10/0x10 [ 15.315299] ? __pfx_read_tsc+0x10/0x10 [ 15.315331] ? ktime_get_ts64+0x86/0x230 [ 15.315358] kunit_try_run_case+0x1a5/0x480 [ 15.315383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.315405] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.315429] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.315454] ? __kthread_parkme+0x82/0x180 [ 15.315476] ? preempt_count_sub+0x50/0x80 [ 15.315503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.315526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.315550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.315574] kthread+0x337/0x6f0 [ 15.315595] ? trace_preempt_on+0x20/0xc0 [ 15.315618] ? __pfx_kthread+0x10/0x10 [ 15.315641] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.315664] ? calculate_sigpending+0x7b/0xa0 [ 15.315687] ? __pfx_kthread+0x10/0x10 [ 15.315709] ret_from_fork+0x41/0x80 [ 15.315731] ? __pfx_kthread+0x10/0x10 [ 15.315753] ret_from_fork_asm+0x1a/0x30 [ 15.315786] </TASK> [ 15.315797] [ 15.325800] Allocated by task 285: [ 15.325946] kasan_save_stack+0x45/0x70 [ 15.326347] kasan_save_track+0x18/0x40 [ 15.326623] kasan_save_alloc_info+0x3b/0x50 [ 15.326790] __kasan_kmalloc+0xb7/0xc0 [ 15.327092] __kmalloc_cache_noprof+0x189/0x420 [ 15.327373] kasan_atomics+0x95/0x310 [ 15.327693] kunit_try_run_case+0x1a5/0x480 [ 15.327909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.328341] kthread+0x337/0x6f0 [ 15.328595] ret_from_fork+0x41/0x80 [ 15.328745] ret_from_fork_asm+0x1a/0x30 [ 15.329052] [ 15.329129] The buggy address belongs to the object at ffff888102b4cd00 [ 15.329129] which belongs to the cache kmalloc-64 of size 64 [ 15.329784] The buggy address is located 0 bytes to the right of [ 15.329784] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.330566] [ 15.330650] The buggy address belongs to the physical page: [ 15.331048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.331602] flags: 0x200000000000000(node=0|zone=2) [ 15.331817] page_type: f5(slab) [ 15.332129] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.332611] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.332980] page dumped because: kasan: bad access detected [ 15.333268] [ 15.333376] Memory state around the buggy address: [ 15.333759] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.334104] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.334557] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.334817] ^ [ 15.335042] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335496] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335889] ================================================================== [ 14.650244] ================================================================== [ 14.650759] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 14.651075] Read of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.651473] [ 14.651585] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.651629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.651642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.651665] Call Trace: [ 14.651682] <TASK> [ 14.651698] dump_stack_lvl+0x73/0xb0 [ 14.651724] print_report+0xd1/0x650 [ 14.651747] ? __virt_addr_valid+0x1db/0x2d0 [ 14.651769] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.651792] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.651816] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.651839] kasan_report+0x141/0x180 [ 14.651863] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.651891] __asan_report_load4_noabort+0x18/0x20 [ 14.651913] kasan_atomics_helper+0x49ce/0x5450 [ 14.651938] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.651962] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.651986] ? kasan_atomics+0x152/0x310 [ 14.652010] kasan_atomics+0x1dc/0x310 [ 14.652031] ? __pfx_kasan_atomics+0x10/0x10 [ 14.652053] ? __pfx_read_tsc+0x10/0x10 [ 14.652073] ? ktime_get_ts64+0x86/0x230 [ 14.652100] kunit_try_run_case+0x1a5/0x480 [ 14.652125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.652147] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.652172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.652196] ? __kthread_parkme+0x82/0x180 [ 14.652219] ? preempt_count_sub+0x50/0x80 [ 14.652246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.652270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.652295] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.652320] kthread+0x337/0x6f0 [ 14.652353] ? trace_preempt_on+0x20/0xc0 [ 14.652377] ? __pfx_kthread+0x10/0x10 [ 14.652399] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.652422] ? calculate_sigpending+0x7b/0xa0 [ 14.652445] ? __pfx_kthread+0x10/0x10 [ 14.652468] ret_from_fork+0x41/0x80 [ 14.652489] ? __pfx_kthread+0x10/0x10 [ 14.652512] ret_from_fork_asm+0x1a/0x30 [ 14.652544] </TASK> [ 14.652556] [ 14.659744] Allocated by task 285: [ 14.659897] kasan_save_stack+0x45/0x70 [ 14.660083] kasan_save_track+0x18/0x40 [ 14.660253] kasan_save_alloc_info+0x3b/0x50 [ 14.660410] __kasan_kmalloc+0xb7/0xc0 [ 14.660544] __kmalloc_cache_noprof+0x189/0x420 [ 14.660696] kasan_atomics+0x95/0x310 [ 14.660824] kunit_try_run_case+0x1a5/0x480 [ 14.660969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.661219] kthread+0x337/0x6f0 [ 14.661396] ret_from_fork+0x41/0x80 [ 14.661576] ret_from_fork_asm+0x1a/0x30 [ 14.661774] [ 14.661867] The buggy address belongs to the object at ffff888102b4cd00 [ 14.661867] which belongs to the cache kmalloc-64 of size 64 [ 14.662387] The buggy address is located 0 bytes to the right of [ 14.662387] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.662788] [ 14.662858] The buggy address belongs to the physical page: [ 14.663029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.663480] flags: 0x200000000000000(node=0|zone=2) [ 14.663714] page_type: f5(slab) [ 14.663885] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.664358] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.664675] page dumped because: kasan: bad access detected [ 14.664848] [ 14.664916] Memory state around the buggy address: [ 14.665084] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.665766] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.666084] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.666489] ^ [ 14.666644] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.666858] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.667131] ================================================================== [ 14.495318] ================================================================== [ 14.495959] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 14.496489] Read of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.497010] [ 14.497126] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.497172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.497187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.497209] Call Trace: [ 14.497226] <TASK> [ 14.497243] dump_stack_lvl+0x73/0xb0 [ 14.497271] print_report+0xd1/0x650 [ 14.497296] ? __virt_addr_valid+0x1db/0x2d0 [ 14.497334] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.497357] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.497380] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.497404] kasan_report+0x141/0x180 [ 14.497429] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.497457] __asan_report_load4_noabort+0x18/0x20 [ 14.497479] kasan_atomics_helper+0x4a36/0x5450 [ 14.497503] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.497526] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.497548] ? kasan_atomics+0x152/0x310 [ 14.497573] kasan_atomics+0x1dc/0x310 [ 14.497595] ? __pfx_kasan_atomics+0x10/0x10 [ 14.497617] ? __pfx_read_tsc+0x10/0x10 [ 14.497637] ? ktime_get_ts64+0x86/0x230 [ 14.497663] kunit_try_run_case+0x1a5/0x480 [ 14.497688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.497711] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.497735] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.497760] ? __kthread_parkme+0x82/0x180 [ 14.497786] ? preempt_count_sub+0x50/0x80 [ 14.497812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.497836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.497860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.497884] kthread+0x337/0x6f0 [ 14.497906] ? trace_preempt_on+0x20/0xc0 [ 14.497929] ? __pfx_kthread+0x10/0x10 [ 14.497952] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.497975] ? calculate_sigpending+0x7b/0xa0 [ 14.497999] ? __pfx_kthread+0x10/0x10 [ 14.498022] ret_from_fork+0x41/0x80 [ 14.498043] ? __pfx_kthread+0x10/0x10 [ 14.498066] ret_from_fork_asm+0x1a/0x30 [ 14.498099] </TASK> [ 14.498111] [ 14.505294] Allocated by task 285: [ 14.505481] kasan_save_stack+0x45/0x70 [ 14.505663] kasan_save_track+0x18/0x40 [ 14.505849] kasan_save_alloc_info+0x3b/0x50 [ 14.506050] __kasan_kmalloc+0xb7/0xc0 [ 14.506228] __kmalloc_cache_noprof+0x189/0x420 [ 14.506391] kasan_atomics+0x95/0x310 [ 14.506575] kunit_try_run_case+0x1a5/0x480 [ 14.506784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.507042] kthread+0x337/0x6f0 [ 14.507221] ret_from_fork+0x41/0x80 [ 14.507391] ret_from_fork_asm+0x1a/0x30 [ 14.507571] [ 14.507643] The buggy address belongs to the object at ffff888102b4cd00 [ 14.507643] which belongs to the cache kmalloc-64 of size 64 [ 14.508115] The buggy address is located 0 bytes to the right of [ 14.508115] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.508604] [ 14.508678] The buggy address belongs to the physical page: [ 14.508851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.509089] flags: 0x200000000000000(node=0|zone=2) [ 14.509284] page_type: f5(slab) [ 14.509459] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.509986] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.510241] page dumped because: kasan: bad access detected [ 14.510419] [ 14.510488] Memory state around the buggy address: [ 14.510649] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.510862] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.511252] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.511583] ^ [ 14.511807] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.512127] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.512455] ================================================================== [ 14.789745] ================================================================== [ 14.790104] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.790697] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.791029] [ 14.791117] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.791170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.791183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.791224] Call Trace: [ 14.791239] <TASK> [ 14.791255] dump_stack_lvl+0x73/0xb0 [ 14.791280] print_report+0xd1/0x650 [ 14.791304] ? __virt_addr_valid+0x1db/0x2d0 [ 14.791340] ? kasan_atomics_helper+0x164f/0x5450 [ 14.791363] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.791406] ? kasan_atomics_helper+0x164f/0x5450 [ 14.791429] kasan_report+0x141/0x180 [ 14.791453] ? kasan_atomics_helper+0x164f/0x5450 [ 14.791481] kasan_check_range+0x10c/0x1c0 [ 14.791507] __kasan_check_write+0x18/0x20 [ 14.791528] kasan_atomics_helper+0x164f/0x5450 [ 14.791553] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.791576] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.791615] ? kasan_atomics+0x152/0x310 [ 14.791652] kasan_atomics+0x1dc/0x310 [ 14.791686] ? __pfx_kasan_atomics+0x10/0x10 [ 14.791720] ? __pfx_read_tsc+0x10/0x10 [ 14.791740] ? ktime_get_ts64+0x86/0x230 [ 14.791767] kunit_try_run_case+0x1a5/0x480 [ 14.791790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.791812] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.791837] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.791861] ? __kthread_parkme+0x82/0x180 [ 14.791883] ? preempt_count_sub+0x50/0x80 [ 14.791908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.791932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.791955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.791980] kthread+0x337/0x6f0 [ 14.792001] ? trace_preempt_on+0x20/0xc0 [ 14.792024] ? __pfx_kthread+0x10/0x10 [ 14.792047] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.792070] ? calculate_sigpending+0x7b/0xa0 [ 14.792110] ? __pfx_kthread+0x10/0x10 [ 14.792143] ret_from_fork+0x41/0x80 [ 14.792165] ? __pfx_kthread+0x10/0x10 [ 14.792188] ret_from_fork_asm+0x1a/0x30 [ 14.792221] </TASK> [ 14.792231] [ 14.799996] Allocated by task 285: [ 14.800210] kasan_save_stack+0x45/0x70 [ 14.800406] kasan_save_track+0x18/0x40 [ 14.800555] kasan_save_alloc_info+0x3b/0x50 [ 14.800701] __kasan_kmalloc+0xb7/0xc0 [ 14.800863] __kmalloc_cache_noprof+0x189/0x420 [ 14.801107] kasan_atomics+0x95/0x310 [ 14.801307] kunit_try_run_case+0x1a5/0x480 [ 14.801543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.801800] kthread+0x337/0x6f0 [ 14.801970] ret_from_fork+0x41/0x80 [ 14.802154] ret_from_fork_asm+0x1a/0x30 [ 14.802337] [ 14.802449] The buggy address belongs to the object at ffff888102b4cd00 [ 14.802449] which belongs to the cache kmalloc-64 of size 64 [ 14.802893] The buggy address is located 0 bytes to the right of [ 14.802893] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.803698] [ 14.803811] The buggy address belongs to the physical page: [ 14.803997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.804394] flags: 0x200000000000000(node=0|zone=2) [ 14.804651] page_type: f5(slab) [ 14.804833] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.805167] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.805573] page dumped because: kasan: bad access detected [ 14.805859] [ 14.805944] Memory state around the buggy address: [ 14.806102] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.806451] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.806771] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.807096] ^ [ 14.807394] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.807609] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.807819] ================================================================== [ 14.884944] ================================================================== [ 14.885298] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 14.885645] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.885954] [ 14.886131] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.886175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.886188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.886209] Call Trace: [ 14.886223] <TASK> [ 14.886236] dump_stack_lvl+0x73/0xb0 [ 14.886260] print_report+0xd1/0x650 [ 14.886284] ? __virt_addr_valid+0x1db/0x2d0 [ 14.886306] ? kasan_atomics_helper+0x194a/0x5450 [ 14.886339] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.886364] ? kasan_atomics_helper+0x194a/0x5450 [ 14.886387] kasan_report+0x141/0x180 [ 14.886411] ? kasan_atomics_helper+0x194a/0x5450 [ 14.886440] kasan_check_range+0x10c/0x1c0 [ 14.886465] __kasan_check_write+0x18/0x20 [ 14.886487] kasan_atomics_helper+0x194a/0x5450 [ 14.886511] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.886536] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.886560] ? kasan_atomics+0x152/0x310 [ 14.886585] kasan_atomics+0x1dc/0x310 [ 14.886605] ? __pfx_kasan_atomics+0x10/0x10 [ 14.886627] ? __pfx_read_tsc+0x10/0x10 [ 14.886648] ? ktime_get_ts64+0x86/0x230 [ 14.886673] kunit_try_run_case+0x1a5/0x480 [ 14.886697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.886720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.886744] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.886770] ? __kthread_parkme+0x82/0x180 [ 14.886792] ? preempt_count_sub+0x50/0x80 [ 14.886819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.886842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.886866] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.886889] kthread+0x337/0x6f0 [ 14.886910] ? trace_preempt_on+0x20/0xc0 [ 14.886935] ? __pfx_kthread+0x10/0x10 [ 14.886958] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.886980] ? calculate_sigpending+0x7b/0xa0 [ 14.887002] ? __pfx_kthread+0x10/0x10 [ 14.887025] ret_from_fork+0x41/0x80 [ 14.887048] ? __pfx_kthread+0x10/0x10 [ 14.887070] ret_from_fork_asm+0x1a/0x30 [ 14.887102] </TASK> [ 14.887133] [ 14.894178] Allocated by task 285: [ 14.894370] kasan_save_stack+0x45/0x70 [ 14.894564] kasan_save_track+0x18/0x40 [ 14.894760] kasan_save_alloc_info+0x3b/0x50 [ 14.894972] __kasan_kmalloc+0xb7/0xc0 [ 14.895185] __kmalloc_cache_noprof+0x189/0x420 [ 14.895368] kasan_atomics+0x95/0x310 [ 14.895550] kunit_try_run_case+0x1a5/0x480 [ 14.895733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.895958] kthread+0x337/0x6f0 [ 14.896107] ret_from_fork+0x41/0x80 [ 14.896285] ret_from_fork_asm+0x1a/0x30 [ 14.896455] [ 14.896550] The buggy address belongs to the object at ffff888102b4cd00 [ 14.896550] which belongs to the cache kmalloc-64 of size 64 [ 14.896995] The buggy address is located 0 bytes to the right of [ 14.896995] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.897501] [ 14.897600] The buggy address belongs to the physical page: [ 14.897806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.898045] flags: 0x200000000000000(node=0|zone=2) [ 14.898232] page_type: f5(slab) [ 14.898362] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.898671] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.899007] page dumped because: kasan: bad access detected [ 14.899282] [ 14.899385] Memory state around the buggy address: [ 14.899584] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.899801] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.900015] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.900253] ^ [ 14.900491] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.900823] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.901167] ================================================================== [ 14.398392] ================================================================== [ 14.398953] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 14.399526] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.399867] [ 14.399979] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.400023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.400036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.400056] Call Trace: [ 14.400073] <TASK> [ 14.400090] dump_stack_lvl+0x73/0xb0 [ 14.400115] print_report+0xd1/0x650 [ 14.400152] ? __virt_addr_valid+0x1db/0x2d0 [ 14.400175] ? kasan_atomics_helper+0xde0/0x5450 [ 14.400197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.400221] ? kasan_atomics_helper+0xde0/0x5450 [ 14.400244] kasan_report+0x141/0x180 [ 14.400267] ? kasan_atomics_helper+0xde0/0x5450 [ 14.400296] kasan_check_range+0x10c/0x1c0 [ 14.400332] __kasan_check_write+0x18/0x20 [ 14.400353] kasan_atomics_helper+0xde0/0x5450 [ 14.400377] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.400401] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.400424] ? kasan_atomics+0x152/0x310 [ 14.400449] kasan_atomics+0x1dc/0x310 [ 14.400469] ? __pfx_kasan_atomics+0x10/0x10 [ 14.400491] ? __pfx_read_tsc+0x10/0x10 [ 14.400511] ? ktime_get_ts64+0x86/0x230 [ 14.400537] kunit_try_run_case+0x1a5/0x480 [ 14.400563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.400585] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.400609] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.400635] ? __kthread_parkme+0x82/0x180 [ 14.400659] ? preempt_count_sub+0x50/0x80 [ 14.400685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.400709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.400733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.400757] kthread+0x337/0x6f0 [ 14.400779] ? trace_preempt_on+0x20/0xc0 [ 14.400804] ? __pfx_kthread+0x10/0x10 [ 14.400828] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.400851] ? calculate_sigpending+0x7b/0xa0 [ 14.400874] ? __pfx_kthread+0x10/0x10 [ 14.400898] ret_from_fork+0x41/0x80 [ 14.400919] ? __pfx_kthread+0x10/0x10 [ 14.400942] ret_from_fork_asm+0x1a/0x30 [ 14.400975] </TASK> [ 14.400986] [ 14.408329] Allocated by task 285: [ 14.408507] kasan_save_stack+0x45/0x70 [ 14.408709] kasan_save_track+0x18/0x40 [ 14.408898] kasan_save_alloc_info+0x3b/0x50 [ 14.409045] __kasan_kmalloc+0xb7/0xc0 [ 14.409204] __kmalloc_cache_noprof+0x189/0x420 [ 14.409380] kasan_atomics+0x95/0x310 [ 14.409566] kunit_try_run_case+0x1a5/0x480 [ 14.409782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.410061] kthread+0x337/0x6f0 [ 14.410288] ret_from_fork+0x41/0x80 [ 14.410438] ret_from_fork_asm+0x1a/0x30 [ 14.410578] [ 14.410648] The buggy address belongs to the object at ffff888102b4cd00 [ 14.410648] which belongs to the cache kmalloc-64 of size 64 [ 14.411031] The buggy address is located 0 bytes to the right of [ 14.411031] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.411599] [ 14.411693] The buggy address belongs to the physical page: [ 14.411942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.412314] flags: 0x200000000000000(node=0|zone=2) [ 14.412556] page_type: f5(slab) [ 14.412702] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.412932] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.413206] page dumped because: kasan: bad access detected [ 14.413467] [ 14.413565] Memory state around the buggy address: [ 14.413792] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.414159] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.414482] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.414766] ^ [ 14.414994] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.415236] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.415459] ================================================================== [ 14.472149] ================================================================== [ 14.472471] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 14.472763] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.473078] [ 14.473160] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.473218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.473231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.473251] Call Trace: [ 14.473265] <TASK> [ 14.473281] dump_stack_lvl+0x73/0xb0 [ 14.473305] print_report+0xd1/0x650 [ 14.473339] ? __virt_addr_valid+0x1db/0x2d0 [ 14.473361] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.473383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.473406] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.473429] kasan_report+0x141/0x180 [ 14.473452] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.473480] kasan_check_range+0x10c/0x1c0 [ 14.473506] __kasan_check_write+0x18/0x20 [ 14.473526] kasan_atomics_helper+0xfa9/0x5450 [ 14.473550] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.473573] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.473596] ? kasan_atomics+0x152/0x310 [ 14.473619] kasan_atomics+0x1dc/0x310 [ 14.473640] ? __pfx_kasan_atomics+0x10/0x10 [ 14.473661] ? __pfx_read_tsc+0x10/0x10 [ 14.473681] ? ktime_get_ts64+0x86/0x230 [ 14.473707] kunit_try_run_case+0x1a5/0x480 [ 14.473731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.473753] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.473781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.473806] ? __kthread_parkme+0x82/0x180 [ 14.473828] ? preempt_count_sub+0x50/0x80 [ 14.473853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.473878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.473902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.473926] kthread+0x337/0x6f0 [ 14.473947] ? trace_preempt_on+0x20/0xc0 [ 14.473971] ? __pfx_kthread+0x10/0x10 [ 14.473993] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.474016] ? calculate_sigpending+0x7b/0xa0 [ 14.474038] ? __pfx_kthread+0x10/0x10 [ 14.474061] ret_from_fork+0x41/0x80 [ 14.474083] ? __pfx_kthread+0x10/0x10 [ 14.474106] ret_from_fork_asm+0x1a/0x30 [ 14.474148] </TASK> [ 14.474160] [ 14.482788] Allocated by task 285: [ 14.482971] kasan_save_stack+0x45/0x70 [ 14.483464] kasan_save_track+0x18/0x40 [ 14.483788] kasan_save_alloc_info+0x3b/0x50 [ 14.484215] __kasan_kmalloc+0xb7/0xc0 [ 14.484531] __kmalloc_cache_noprof+0x189/0x420 [ 14.484874] kasan_atomics+0x95/0x310 [ 14.485051] kunit_try_run_case+0x1a5/0x480 [ 14.485519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.485944] kthread+0x337/0x6f0 [ 14.486245] ret_from_fork+0x41/0x80 [ 14.486544] ret_from_fork_asm+0x1a/0x30 [ 14.486750] [ 14.486843] The buggy address belongs to the object at ffff888102b4cd00 [ 14.486843] which belongs to the cache kmalloc-64 of size 64 [ 14.487685] The buggy address is located 0 bytes to the right of [ 14.487685] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.488582] [ 14.488805] The buggy address belongs to the physical page: [ 14.489268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.489636] flags: 0x200000000000000(node=0|zone=2) [ 14.489860] page_type: f5(slab) [ 14.490017] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.490603] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.491044] page dumped because: kasan: bad access detected [ 14.491511] [ 14.491603] Memory state around the buggy address: [ 14.491930] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.492535] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.492953] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.493410] ^ [ 14.493628] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.493923] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.494537] ================================================================== [ 15.028231] ================================================================== [ 15.028663] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 15.029131] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.029652] [ 15.029766] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.029814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.029827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.029848] Call Trace: [ 15.029865] <TASK> [ 15.029881] dump_stack_lvl+0x73/0xb0 [ 15.029907] print_report+0xd1/0x650 [ 15.029931] ? __virt_addr_valid+0x1db/0x2d0 [ 15.029953] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.029976] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.030000] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.030063] kasan_report+0x141/0x180 [ 15.030115] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.030153] kasan_check_range+0x10c/0x1c0 [ 15.030207] __kasan_check_write+0x18/0x20 [ 15.030228] kasan_atomics_helper+0x1d7a/0x5450 [ 15.030252] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.030276] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.030337] ? kasan_atomics+0x152/0x310 [ 15.030363] kasan_atomics+0x1dc/0x310 [ 15.030384] ? __pfx_kasan_atomics+0x10/0x10 [ 15.030406] ? __pfx_read_tsc+0x10/0x10 [ 15.030427] ? ktime_get_ts64+0x86/0x230 [ 15.030454] kunit_try_run_case+0x1a5/0x480 [ 15.030478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.030501] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.030526] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.030552] ? __kthread_parkme+0x82/0x180 [ 15.030575] ? preempt_count_sub+0x50/0x80 [ 15.030600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.030658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.030683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.030708] kthread+0x337/0x6f0 [ 15.030729] ? trace_preempt_on+0x20/0xc0 [ 15.030755] ? __pfx_kthread+0x10/0x10 [ 15.030805] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.030830] ? calculate_sigpending+0x7b/0xa0 [ 15.030853] ? __pfx_kthread+0x10/0x10 [ 15.030877] ret_from_fork+0x41/0x80 [ 15.030900] ? __pfx_kthread+0x10/0x10 [ 15.030922] ret_from_fork_asm+0x1a/0x30 [ 15.030982] </TASK> [ 15.030993] [ 15.039410] Allocated by task 285: [ 15.039593] kasan_save_stack+0x45/0x70 [ 15.039796] kasan_save_track+0x18/0x40 [ 15.039984] kasan_save_alloc_info+0x3b/0x50 [ 15.040154] __kasan_kmalloc+0xb7/0xc0 [ 15.040371] __kmalloc_cache_noprof+0x189/0x420 [ 15.040531] kasan_atomics+0x95/0x310 [ 15.040661] kunit_try_run_case+0x1a5/0x480 [ 15.040825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.041075] kthread+0x337/0x6f0 [ 15.041372] ret_from_fork+0x41/0x80 [ 15.041578] ret_from_fork_asm+0x1a/0x30 [ 15.041774] [ 15.041846] The buggy address belongs to the object at ffff888102b4cd00 [ 15.041846] which belongs to the cache kmalloc-64 of size 64 [ 15.042196] The buggy address is located 0 bytes to the right of [ 15.042196] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.043014] [ 15.043128] The buggy address belongs to the physical page: [ 15.043341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.043580] flags: 0x200000000000000(node=0|zone=2) [ 15.044044] page_type: f5(slab) [ 15.044213] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.044628] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.044855] page dumped because: kasan: bad access detected [ 15.045069] [ 15.045195] Memory state around the buggy address: [ 15.045453] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.045750] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.046068] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.046289] ^ [ 15.046627] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.046960] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.047299] ================================================================== [ 14.531259] ================================================================== [ 14.531875] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 14.532147] Read of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.532471] [ 14.532558] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.532604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.532617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.532639] Call Trace: [ 14.532654] <TASK> [ 14.532669] dump_stack_lvl+0x73/0xb0 [ 14.532694] print_report+0xd1/0x650 [ 14.532718] ? __virt_addr_valid+0x1db/0x2d0 [ 14.532794] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.532818] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.532842] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.532866] kasan_report+0x141/0x180 [ 14.532890] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.532919] __asan_report_load4_noabort+0x18/0x20 [ 14.532940] kasan_atomics_helper+0x4a1c/0x5450 [ 14.532965] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.532989] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.533011] ? kasan_atomics+0x152/0x310 [ 14.533036] kasan_atomics+0x1dc/0x310 [ 14.533056] ? __pfx_kasan_atomics+0x10/0x10 [ 14.533078] ? __pfx_read_tsc+0x10/0x10 [ 14.533098] ? ktime_get_ts64+0x86/0x230 [ 14.533134] kunit_try_run_case+0x1a5/0x480 [ 14.533158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.533180] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.533205] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.533230] ? __kthread_parkme+0x82/0x180 [ 14.533253] ? preempt_count_sub+0x50/0x80 [ 14.533279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.533302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.533338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.533363] kthread+0x337/0x6f0 [ 14.533384] ? trace_preempt_on+0x20/0xc0 [ 14.533408] ? __pfx_kthread+0x10/0x10 [ 14.533430] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.533453] ? calculate_sigpending+0x7b/0xa0 [ 14.533475] ? __pfx_kthread+0x10/0x10 [ 14.533499] ret_from_fork+0x41/0x80 [ 14.533521] ? __pfx_kthread+0x10/0x10 [ 14.533543] ret_from_fork_asm+0x1a/0x30 [ 14.533577] </TASK> [ 14.533588] [ 14.541045] Allocated by task 285: [ 14.541231] kasan_save_stack+0x45/0x70 [ 14.541409] kasan_save_track+0x18/0x40 [ 14.541580] kasan_save_alloc_info+0x3b/0x50 [ 14.541765] __kasan_kmalloc+0xb7/0xc0 [ 14.541957] __kmalloc_cache_noprof+0x189/0x420 [ 14.542168] kasan_atomics+0x95/0x310 [ 14.542311] kunit_try_run_case+0x1a5/0x480 [ 14.542465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.542674] kthread+0x337/0x6f0 [ 14.542842] ret_from_fork+0x41/0x80 [ 14.543025] ret_from_fork_asm+0x1a/0x30 [ 14.543219] [ 14.543392] The buggy address belongs to the object at ffff888102b4cd00 [ 14.543392] which belongs to the cache kmalloc-64 of size 64 [ 14.543815] The buggy address is located 0 bytes to the right of [ 14.543815] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.544372] [ 14.544454] The buggy address belongs to the physical page: [ 14.544665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.544951] flags: 0x200000000000000(node=0|zone=2) [ 14.545230] page_type: f5(slab) [ 14.545404] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.545701] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.545999] page dumped because: kasan: bad access detected [ 14.546253] [ 14.546357] Memory state around the buggy address: [ 14.546515] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.546730] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.546943] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.547168] ^ [ 14.547567] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.547880] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.548132] ================================================================== [ 14.129220] ================================================================== [ 14.129776] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 14.130125] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.130386] [ 14.130494] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.130538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.130551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.130595] Call Trace: [ 14.130609] <TASK> [ 14.130624] dump_stack_lvl+0x73/0xb0 [ 14.130648] print_report+0xd1/0x650 [ 14.130671] ? __virt_addr_valid+0x1db/0x2d0 [ 14.130693] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.130715] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.130739] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.130762] kasan_report+0x141/0x180 [ 14.130785] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.130814] kasan_check_range+0x10c/0x1c0 [ 14.130856] __kasan_check_write+0x18/0x20 [ 14.130877] kasan_atomics_helper+0x5fe/0x5450 [ 14.130901] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.130925] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.130949] ? kasan_atomics+0x152/0x310 [ 14.130973] kasan_atomics+0x1dc/0x310 [ 14.131011] ? __pfx_kasan_atomics+0x10/0x10 [ 14.131034] ? __pfx_read_tsc+0x10/0x10 [ 14.131055] ? ktime_get_ts64+0x86/0x230 [ 14.131081] kunit_try_run_case+0x1a5/0x480 [ 14.131105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.131138] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.131162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.131188] ? __kthread_parkme+0x82/0x180 [ 14.131210] ? preempt_count_sub+0x50/0x80 [ 14.131235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.131259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.131283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.131308] kthread+0x337/0x6f0 [ 14.131339] ? trace_preempt_on+0x20/0xc0 [ 14.131364] ? __pfx_kthread+0x10/0x10 [ 14.131387] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.131409] ? calculate_sigpending+0x7b/0xa0 [ 14.131430] ? __pfx_kthread+0x10/0x10 [ 14.131473] ret_from_fork+0x41/0x80 [ 14.131495] ? __pfx_kthread+0x10/0x10 [ 14.131518] ret_from_fork_asm+0x1a/0x30 [ 14.131550] </TASK> [ 14.131561] [ 14.141723] Allocated by task 285: [ 14.141915] kasan_save_stack+0x45/0x70 [ 14.142121] kasan_save_track+0x18/0x40 [ 14.142597] kasan_save_alloc_info+0x3b/0x50 [ 14.142867] __kasan_kmalloc+0xb7/0xc0 [ 14.143119] __kmalloc_cache_noprof+0x189/0x420 [ 14.143438] kasan_atomics+0x95/0x310 [ 14.143739] kunit_try_run_case+0x1a5/0x480 [ 14.144044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.144432] kthread+0x337/0x6f0 [ 14.144699] ret_from_fork+0x41/0x80 [ 14.144989] ret_from_fork_asm+0x1a/0x30 [ 14.145293] [ 14.145388] The buggy address belongs to the object at ffff888102b4cd00 [ 14.145388] which belongs to the cache kmalloc-64 of size 64 [ 14.146141] The buggy address is located 0 bytes to the right of [ 14.146141] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.146859] [ 14.147099] The buggy address belongs to the physical page: [ 14.147382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.147834] flags: 0x200000000000000(node=0|zone=2) [ 14.148182] page_type: f5(slab) [ 14.148371] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.148695] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.149026] page dumped because: kasan: bad access detected [ 14.149533] [ 14.149629] Memory state around the buggy address: [ 14.149995] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.150475] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.150907] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.151411] ^ [ 14.151724] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.152182] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.152600] ================================================================== [ 15.161292] ================================================================== [ 15.162060] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 15.163090] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.163925] [ 15.164269] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.164320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.164447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.164471] Call Trace: [ 15.164489] <TASK> [ 15.164517] dump_stack_lvl+0x73/0xb0 [ 15.164547] print_report+0xd1/0x650 [ 15.164601] ? __virt_addr_valid+0x1db/0x2d0 [ 15.164626] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.164649] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.164673] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.164696] kasan_report+0x141/0x180 [ 15.164720] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.164748] kasan_check_range+0x10c/0x1c0 [ 15.164773] __kasan_check_write+0x18/0x20 [ 15.164794] kasan_atomics_helper+0x20c8/0x5450 [ 15.164819] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.164843] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.164866] ? kasan_atomics+0x152/0x310 [ 15.164890] kasan_atomics+0x1dc/0x310 [ 15.164910] ? __pfx_kasan_atomics+0x10/0x10 [ 15.164932] ? __pfx_read_tsc+0x10/0x10 [ 15.164954] ? ktime_get_ts64+0x86/0x230 [ 15.164980] kunit_try_run_case+0x1a5/0x480 [ 15.165006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.165029] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.165054] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.165080] ? __kthread_parkme+0x82/0x180 [ 15.165103] ? preempt_count_sub+0x50/0x80 [ 15.165152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.165176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.165200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.165225] kthread+0x337/0x6f0 [ 15.165246] ? trace_preempt_on+0x20/0xc0 [ 15.165270] ? __pfx_kthread+0x10/0x10 [ 15.165293] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.165315] ? calculate_sigpending+0x7b/0xa0 [ 15.165346] ? __pfx_kthread+0x10/0x10 [ 15.165370] ret_from_fork+0x41/0x80 [ 15.165392] ? __pfx_kthread+0x10/0x10 [ 15.165414] ret_from_fork_asm+0x1a/0x30 [ 15.165447] </TASK> [ 15.165458] [ 15.181967] Allocated by task 285: [ 15.182525] kasan_save_stack+0x45/0x70 [ 15.182911] kasan_save_track+0x18/0x40 [ 15.183480] kasan_save_alloc_info+0x3b/0x50 [ 15.184011] __kasan_kmalloc+0xb7/0xc0 [ 15.184531] __kmalloc_cache_noprof+0x189/0x420 [ 15.185136] kasan_atomics+0x95/0x310 [ 15.185645] kunit_try_run_case+0x1a5/0x480 [ 15.186040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.186762] kthread+0x337/0x6f0 [ 15.187193] ret_from_fork+0x41/0x80 [ 15.187345] ret_from_fork_asm+0x1a/0x30 [ 15.187488] [ 15.187561] The buggy address belongs to the object at ffff888102b4cd00 [ 15.187561] which belongs to the cache kmalloc-64 of size 64 [ 15.187916] The buggy address is located 0 bytes to the right of [ 15.187916] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.189175] [ 15.189559] The buggy address belongs to the physical page: [ 15.190262] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.191208] flags: 0x200000000000000(node=0|zone=2) [ 15.191846] page_type: f5(slab) [ 15.192267] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.193196] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.193454] page dumped because: kasan: bad access detected [ 15.193626] [ 15.193697] Memory state around the buggy address: [ 15.193861] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.194079] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.195827] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.196698] ^ [ 15.198018] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.198705] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.199034] ================================================================== [ 14.918491] ================================================================== [ 14.918783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 14.919045] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.919431] [ 14.919539] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.919582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.919594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.919615] Call Trace: [ 14.919630] <TASK> [ 14.919645] dump_stack_lvl+0x73/0xb0 [ 14.919669] print_report+0xd1/0x650 [ 14.919693] ? __virt_addr_valid+0x1db/0x2d0 [ 14.919715] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.919737] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.919761] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.919784] kasan_report+0x141/0x180 [ 14.919808] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.919837] kasan_check_range+0x10c/0x1c0 [ 14.919862] __kasan_check_write+0x18/0x20 [ 14.919883] kasan_atomics_helper+0x1a7f/0x5450 [ 14.919908] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.919931] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.919955] ? kasan_atomics+0x152/0x310 [ 14.919980] kasan_atomics+0x1dc/0x310 [ 14.920001] ? __pfx_kasan_atomics+0x10/0x10 [ 14.920024] ? __pfx_read_tsc+0x10/0x10 [ 14.920044] ? ktime_get_ts64+0x86/0x230 [ 14.920071] kunit_try_run_case+0x1a5/0x480 [ 14.920095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.920138] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.920163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.920189] ? __kthread_parkme+0x82/0x180 [ 14.920211] ? preempt_count_sub+0x50/0x80 [ 14.920237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.920261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.920285] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.920308] kthread+0x337/0x6f0 [ 14.920339] ? trace_preempt_on+0x20/0xc0 [ 14.920362] ? __pfx_kthread+0x10/0x10 [ 14.920384] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.920408] ? calculate_sigpending+0x7b/0xa0 [ 14.920430] ? __pfx_kthread+0x10/0x10 [ 14.920453] ret_from_fork+0x41/0x80 [ 14.920475] ? __pfx_kthread+0x10/0x10 [ 14.920498] ret_from_fork_asm+0x1a/0x30 [ 14.920531] </TASK> [ 14.920542] [ 14.927675] Allocated by task 285: [ 14.927804] kasan_save_stack+0x45/0x70 [ 14.927948] kasan_save_track+0x18/0x40 [ 14.928082] kasan_save_alloc_info+0x3b/0x50 [ 14.928250] __kasan_kmalloc+0xb7/0xc0 [ 14.928393] __kmalloc_cache_noprof+0x189/0x420 [ 14.928570] kasan_atomics+0x95/0x310 [ 14.928753] kunit_try_run_case+0x1a5/0x480 [ 14.928959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.929227] kthread+0x337/0x6f0 [ 14.929405] ret_from_fork+0x41/0x80 [ 14.929591] ret_from_fork_asm+0x1a/0x30 [ 14.929787] [ 14.929880] The buggy address belongs to the object at ffff888102b4cd00 [ 14.929880] which belongs to the cache kmalloc-64 of size 64 [ 14.930433] The buggy address is located 0 bytes to the right of [ 14.930433] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.930971] [ 14.931064] The buggy address belongs to the physical page: [ 14.931308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.931556] flags: 0x200000000000000(node=0|zone=2) [ 14.931715] page_type: f5(slab) [ 14.931874] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.932242] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.932589] page dumped because: kasan: bad access detected [ 14.932812] [ 14.932895] Memory state around the buggy address: [ 14.933092] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.933385] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.933687] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.933985] ^ [ 14.934216] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.934500] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.934792] ================================================================== [ 14.935677] ================================================================== [ 14.937455] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 14.937781] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.938007] [ 14.939360] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.939419] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.939434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.939456] Call Trace: [ 14.939474] <TASK> [ 14.939492] dump_stack_lvl+0x73/0xb0 [ 14.939520] print_report+0xd1/0x650 [ 14.939546] ? __virt_addr_valid+0x1db/0x2d0 [ 14.939569] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.939592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.939616] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.939640] kasan_report+0x141/0x180 [ 14.939663] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.939692] kasan_check_range+0x10c/0x1c0 [ 14.939717] __kasan_check_write+0x18/0x20 [ 14.939738] kasan_atomics_helper+0x1b22/0x5450 [ 14.939763] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.939787] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.939810] ? kasan_atomics+0x152/0x310 [ 14.939835] kasan_atomics+0x1dc/0x310 [ 14.939856] ? __pfx_kasan_atomics+0x10/0x10 [ 14.939879] ? __pfx_read_tsc+0x10/0x10 [ 14.939899] ? ktime_get_ts64+0x86/0x230 [ 14.939926] kunit_try_run_case+0x1a5/0x480 [ 14.939951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.939973] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.939998] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.940023] ? __kthread_parkme+0x82/0x180 [ 14.940045] ? preempt_count_sub+0x50/0x80 [ 14.940070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.940095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.940118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.940144] kthread+0x337/0x6f0 [ 14.940165] ? trace_preempt_on+0x20/0xc0 [ 14.940190] ? __pfx_kthread+0x10/0x10 [ 14.940213] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.940235] ? calculate_sigpending+0x7b/0xa0 [ 14.940258] ? __pfx_kthread+0x10/0x10 [ 14.940282] ret_from_fork+0x41/0x80 [ 14.940303] ? __pfx_kthread+0x10/0x10 [ 14.940335] ret_from_fork_asm+0x1a/0x30 [ 14.940369] </TASK> [ 14.940380] [ 14.955095] Allocated by task 285: [ 14.955410] kasan_save_stack+0x45/0x70 [ 14.955615] kasan_save_track+0x18/0x40 [ 14.955860] kasan_save_alloc_info+0x3b/0x50 [ 14.956061] __kasan_kmalloc+0xb7/0xc0 [ 14.956197] __kmalloc_cache_noprof+0x189/0x420 [ 14.956361] kasan_atomics+0x95/0x310 [ 14.956495] kunit_try_run_case+0x1a5/0x480 [ 14.956907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.957416] kthread+0x337/0x6f0 [ 14.957644] ret_from_fork+0x41/0x80 [ 14.957827] ret_from_fork_asm+0x1a/0x30 [ 14.958078] [ 14.958317] The buggy address belongs to the object at ffff888102b4cd00 [ 14.958317] which belongs to the cache kmalloc-64 of size 64 [ 14.958787] The buggy address is located 0 bytes to the right of [ 14.958787] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.959485] [ 14.959808] The buggy address belongs to the physical page: [ 14.960528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.960847] flags: 0x200000000000000(node=0|zone=2) [ 14.961199] page_type: f5(slab) [ 14.961341] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.961574] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.961808] page dumped because: kasan: bad access detected [ 14.961979] [ 14.962050] Memory state around the buggy address: [ 14.962223] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.962705] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.963344] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.963690] ^ [ 14.963924] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.964479] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.964865] ================================================================== [ 13.952813] ================================================================== [ 13.953204] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 13.953479] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 13.954236] [ 13.954524] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.954572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.954596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.954616] Call Trace: [ 13.954627] <TASK> [ 13.954644] dump_stack_lvl+0x73/0xb0 [ 13.954668] print_report+0xd1/0x650 [ 13.954732] ? __virt_addr_valid+0x1db/0x2d0 [ 13.954753] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.954775] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.954819] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.954842] kasan_report+0x141/0x180 [ 13.954864] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.954902] __asan_report_store4_noabort+0x1b/0x30 [ 13.954924] kasan_atomics_helper+0x4ba2/0x5450 [ 13.954946] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.954969] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.954991] ? kasan_atomics+0x152/0x310 [ 13.955013] kasan_atomics+0x1dc/0x310 [ 13.955032] ? __pfx_kasan_atomics+0x10/0x10 [ 13.955053] ? __pfx_read_tsc+0x10/0x10 [ 13.955072] ? ktime_get_ts64+0x86/0x230 [ 13.955097] kunit_try_run_case+0x1a5/0x480 [ 13.955120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.955150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.955175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.955198] ? __kthread_parkme+0x82/0x180 [ 13.955219] ? preempt_count_sub+0x50/0x80 [ 13.955244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.955266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.955289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.955312] kthread+0x337/0x6f0 [ 13.955342] ? trace_preempt_on+0x20/0xc0 [ 13.955366] ? __pfx_kthread+0x10/0x10 [ 13.955387] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.955408] ? calculate_sigpending+0x7b/0xa0 [ 13.955430] ? __pfx_kthread+0x10/0x10 [ 13.955452] ret_from_fork+0x41/0x80 [ 13.955473] ? __pfx_kthread+0x10/0x10 [ 13.955494] ret_from_fork_asm+0x1a/0x30 [ 13.955526] </TASK> [ 13.955537] [ 13.964499] Allocated by task 285: [ 13.964861] kasan_save_stack+0x45/0x70 [ 13.965234] kasan_save_track+0x18/0x40 [ 13.965562] kasan_save_alloc_info+0x3b/0x50 [ 13.965899] __kasan_kmalloc+0xb7/0xc0 [ 13.966234] __kmalloc_cache_noprof+0x189/0x420 [ 13.966574] kasan_atomics+0x95/0x310 [ 13.966869] kunit_try_run_case+0x1a5/0x480 [ 13.967074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.967543] kthread+0x337/0x6f0 [ 13.967845] ret_from_fork+0x41/0x80 [ 13.968157] ret_from_fork_asm+0x1a/0x30 [ 13.968496] [ 13.968723] The buggy address belongs to the object at ffff888102b4cd00 [ 13.968723] which belongs to the cache kmalloc-64 of size 64 [ 13.969486] The buggy address is located 0 bytes to the right of [ 13.969486] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 13.970311] [ 13.970438] The buggy address belongs to the physical page: [ 13.970795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 13.971303] flags: 0x200000000000000(node=0|zone=2) [ 13.971695] page_type: f5(slab) [ 13.971843] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.972415] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.972885] page dumped because: kasan: bad access detected [ 13.973304] [ 13.973534] Memory state around the buggy address: [ 13.973734] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.974022] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.974581] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.975020] ^ [ 13.975415] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.975823] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.976280] ================================================================== [ 15.047921] ================================================================== [ 15.048271] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 15.048633] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.048910] [ 15.048992] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.049034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.049047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.049068] Call Trace: [ 15.049082] <TASK> [ 15.049095] dump_stack_lvl+0x73/0xb0 [ 15.049119] print_report+0xd1/0x650 [ 15.049177] ? __virt_addr_valid+0x1db/0x2d0 [ 15.049200] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.049223] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.049247] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.049271] kasan_report+0x141/0x180 [ 15.049294] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.049334] kasan_check_range+0x10c/0x1c0 [ 15.049360] __kasan_check_write+0x18/0x20 [ 15.049381] kasan_atomics_helper+0x1e12/0x5450 [ 15.049406] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.049430] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.049453] ? kasan_atomics+0x152/0x310 [ 15.049477] kasan_atomics+0x1dc/0x310 [ 15.049498] ? __pfx_kasan_atomics+0x10/0x10 [ 15.049519] ? __pfx_read_tsc+0x10/0x10 [ 15.049540] ? ktime_get_ts64+0x86/0x230 [ 15.049566] kunit_try_run_case+0x1a5/0x480 [ 15.049590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.049613] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.049637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.049662] ? __kthread_parkme+0x82/0x180 [ 15.049684] ? preempt_count_sub+0x50/0x80 [ 15.049710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.049736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.049759] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.049788] kthread+0x337/0x6f0 [ 15.049810] ? trace_preempt_on+0x20/0xc0 [ 15.049833] ? __pfx_kthread+0x10/0x10 [ 15.049856] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.049895] ? calculate_sigpending+0x7b/0xa0 [ 15.049918] ? __pfx_kthread+0x10/0x10 [ 15.049941] ret_from_fork+0x41/0x80 [ 15.049963] ? __pfx_kthread+0x10/0x10 [ 15.049986] ret_from_fork_asm+0x1a/0x30 [ 15.050019] </TASK> [ 15.050030] [ 15.057557] Allocated by task 285: [ 15.057849] kasan_save_stack+0x45/0x70 [ 15.058055] kasan_save_track+0x18/0x40 [ 15.058268] kasan_save_alloc_info+0x3b/0x50 [ 15.058547] __kasan_kmalloc+0xb7/0xc0 [ 15.058705] __kmalloc_cache_noprof+0x189/0x420 [ 15.058925] kasan_atomics+0x95/0x310 [ 15.059108] kunit_try_run_case+0x1a5/0x480 [ 15.059339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.059583] kthread+0x337/0x6f0 [ 15.059739] ret_from_fork+0x41/0x80 [ 15.059912] ret_from_fork_asm+0x1a/0x30 [ 15.060051] [ 15.060122] The buggy address belongs to the object at ffff888102b4cd00 [ 15.060122] which belongs to the cache kmalloc-64 of size 64 [ 15.060686] The buggy address is located 0 bytes to the right of [ 15.060686] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.061406] [ 15.061479] The buggy address belongs to the physical page: [ 15.061645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.062109] flags: 0x200000000000000(node=0|zone=2) [ 15.062365] page_type: f5(slab) [ 15.062532] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.062886] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.063224] page dumped because: kasan: bad access detected [ 15.063898] [ 15.064064] Memory state around the buggy address: [ 15.064634] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.064851] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.065060] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.065627] ^ [ 15.066057] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.066690] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.067341] ================================================================== [ 15.106305] ================================================================== [ 15.106690] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 15.107172] Read of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.107507] [ 15.107591] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.107633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.107645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.107666] Call Trace: [ 15.107681] <TASK> [ 15.107696] dump_stack_lvl+0x73/0xb0 [ 15.107719] print_report+0xd1/0x650 [ 15.107742] ? __virt_addr_valid+0x1db/0x2d0 [ 15.107764] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.107786] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.107809] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.107832] kasan_report+0x141/0x180 [ 15.107854] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.107880] __asan_report_load8_noabort+0x18/0x20 [ 15.107903] kasan_atomics_helper+0x4f71/0x5450 [ 15.107927] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.107951] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.107973] ? kasan_atomics+0x152/0x310 [ 15.107996] kasan_atomics+0x1dc/0x310 [ 15.108015] ? __pfx_kasan_atomics+0x10/0x10 [ 15.108036] ? __pfx_read_tsc+0x10/0x10 [ 15.108056] ? ktime_get_ts64+0x86/0x230 [ 15.108082] kunit_try_run_case+0x1a5/0x480 [ 15.108107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.108140] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.108166] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.108191] ? __kthread_parkme+0x82/0x180 [ 15.108238] ? preempt_count_sub+0x50/0x80 [ 15.108264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.108289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.108313] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.108348] kthread+0x337/0x6f0 [ 15.108370] ? trace_preempt_on+0x20/0xc0 [ 15.108395] ? __pfx_kthread+0x10/0x10 [ 15.108418] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.108441] ? calculate_sigpending+0x7b/0xa0 [ 15.108467] ? __pfx_kthread+0x10/0x10 [ 15.108492] ret_from_fork+0x41/0x80 [ 15.108514] ? __pfx_kthread+0x10/0x10 [ 15.108556] ret_from_fork_asm+0x1a/0x30 [ 15.108589] </TASK> [ 15.108601] [ 15.115817] Allocated by task 285: [ 15.116000] kasan_save_stack+0x45/0x70 [ 15.116203] kasan_save_track+0x18/0x40 [ 15.116374] kasan_save_alloc_info+0x3b/0x50 [ 15.116524] __kasan_kmalloc+0xb7/0xc0 [ 15.116741] __kmalloc_cache_noprof+0x189/0x420 [ 15.116965] kasan_atomics+0x95/0x310 [ 15.117147] kunit_try_run_case+0x1a5/0x480 [ 15.117309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.117499] kthread+0x337/0x6f0 [ 15.117671] ret_from_fork+0x41/0x80 [ 15.117882] ret_from_fork_asm+0x1a/0x30 [ 15.118117] [ 15.118217] The buggy address belongs to the object at ffff888102b4cd00 [ 15.118217] which belongs to the cache kmalloc-64 of size 64 [ 15.118610] The buggy address is located 0 bytes to the right of [ 15.118610] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.119036] [ 15.119129] The buggy address belongs to the physical page: [ 15.119390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.119914] flags: 0x200000000000000(node=0|zone=2) [ 15.120185] page_type: f5(slab) [ 15.120305] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.120542] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.120935] page dumped because: kasan: bad access detected [ 15.121247] [ 15.121371] Memory state around the buggy address: [ 15.121603] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.121934] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.122198] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.122486] ^ [ 15.122708] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122977] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.123317] ================================================================== [ 14.053734] ================================================================== [ 14.054087] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 14.054810] Read of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.055035] [ 14.055193] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.055239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.055252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.055273] Call Trace: [ 14.055287] <TASK> [ 14.055302] dump_stack_lvl+0x73/0xb0 [ 14.055340] print_report+0xd1/0x650 [ 14.055363] ? __virt_addr_valid+0x1db/0x2d0 [ 14.055385] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.055407] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.055431] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.055454] kasan_report+0x141/0x180 [ 14.055477] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.055527] __asan_report_load4_noabort+0x18/0x20 [ 14.055549] kasan_atomics_helper+0x4b54/0x5450 [ 14.055573] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.055596] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.055619] ? kasan_atomics+0x152/0x310 [ 14.055643] kasan_atomics+0x1dc/0x310 [ 14.055664] ? __pfx_kasan_atomics+0x10/0x10 [ 14.055704] ? __pfx_read_tsc+0x10/0x10 [ 14.055724] ? ktime_get_ts64+0x86/0x230 [ 14.055750] kunit_try_run_case+0x1a5/0x480 [ 14.055774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.055796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.055820] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.055864] ? __kthread_parkme+0x82/0x180 [ 14.055886] ? preempt_count_sub+0x50/0x80 [ 14.055911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.055935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.055958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.055982] kthread+0x337/0x6f0 [ 14.056003] ? trace_preempt_on+0x20/0xc0 [ 14.056028] ? __pfx_kthread+0x10/0x10 [ 14.056050] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.056073] ? calculate_sigpending+0x7b/0xa0 [ 14.056095] ? __pfx_kthread+0x10/0x10 [ 14.056119] ret_from_fork+0x41/0x80 [ 14.056141] ? __pfx_kthread+0x10/0x10 [ 14.056173] ret_from_fork_asm+0x1a/0x30 [ 14.056225] </TASK> [ 14.056237] [ 14.063720] Allocated by task 285: [ 14.063862] kasan_save_stack+0x45/0x70 [ 14.064073] kasan_save_track+0x18/0x40 [ 14.064434] kasan_save_alloc_info+0x3b/0x50 [ 14.064636] __kasan_kmalloc+0xb7/0xc0 [ 14.064785] __kmalloc_cache_noprof+0x189/0x420 [ 14.065022] kasan_atomics+0x95/0x310 [ 14.065252] kunit_try_run_case+0x1a5/0x480 [ 14.065444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.065683] kthread+0x337/0x6f0 [ 14.065863] ret_from_fork+0x41/0x80 [ 14.066005] ret_from_fork_asm+0x1a/0x30 [ 14.066145] [ 14.066242] The buggy address belongs to the object at ffff888102b4cd00 [ 14.066242] which belongs to the cache kmalloc-64 of size 64 [ 14.066789] The buggy address is located 0 bytes to the right of [ 14.066789] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.067231] [ 14.067348] The buggy address belongs to the physical page: [ 14.067600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.067950] flags: 0x200000000000000(node=0|zone=2) [ 14.068190] page_type: f5(slab) [ 14.068332] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.068645] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.068943] page dumped because: kasan: bad access detected [ 14.069185] [ 14.069259] Memory state around the buggy address: [ 14.069425] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.069692] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.070008] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.070467] ^ [ 14.070625] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.070841] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.071103] ================================================================== [ 14.260982] ================================================================== [ 14.261313] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 14.261685] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.261951] [ 14.262061] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.262104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.262116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.262487] Call Trace: [ 14.262512] <TASK> [ 14.262529] dump_stack_lvl+0x73/0xb0 [ 14.262557] print_report+0xd1/0x650 [ 14.262581] ? __virt_addr_valid+0x1db/0x2d0 [ 14.262605] ? kasan_atomics_helper+0x992/0x5450 [ 14.262628] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.262655] ? kasan_atomics_helper+0x992/0x5450 [ 14.262679] kasan_report+0x141/0x180 [ 14.262704] ? kasan_atomics_helper+0x992/0x5450 [ 14.262733] kasan_check_range+0x10c/0x1c0 [ 14.262758] __kasan_check_write+0x18/0x20 [ 14.262779] kasan_atomics_helper+0x992/0x5450 [ 14.262804] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.262827] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.262851] ? kasan_atomics+0x152/0x310 [ 14.262876] kasan_atomics+0x1dc/0x310 [ 14.262895] ? __pfx_kasan_atomics+0x10/0x10 [ 14.262917] ? __pfx_read_tsc+0x10/0x10 [ 14.262938] ? ktime_get_ts64+0x86/0x230 [ 14.262965] kunit_try_run_case+0x1a5/0x480 [ 14.262990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.263013] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.263041] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.263069] ? __kthread_parkme+0x82/0x180 [ 14.263091] ? preempt_count_sub+0x50/0x80 [ 14.263116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.263153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.263177] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.263201] kthread+0x337/0x6f0 [ 14.263222] ? trace_preempt_on+0x20/0xc0 [ 14.263248] ? __pfx_kthread+0x10/0x10 [ 14.263270] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.263293] ? calculate_sigpending+0x7b/0xa0 [ 14.263315] ? __pfx_kthread+0x10/0x10 [ 14.263351] ret_from_fork+0x41/0x80 [ 14.263373] ? __pfx_kthread+0x10/0x10 [ 14.263396] ret_from_fork_asm+0x1a/0x30 [ 14.263429] </TASK> [ 14.263441] [ 14.273092] Allocated by task 285: [ 14.273687] kasan_save_stack+0x45/0x70 [ 14.273994] kasan_save_track+0x18/0x40 [ 14.274220] kasan_save_alloc_info+0x3b/0x50 [ 14.274514] __kasan_kmalloc+0xb7/0xc0 [ 14.274834] __kmalloc_cache_noprof+0x189/0x420 [ 14.275056] kasan_atomics+0x95/0x310 [ 14.275362] kunit_try_run_case+0x1a5/0x480 [ 14.275711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.275977] kthread+0x337/0x6f0 [ 14.276266] ret_from_fork+0x41/0x80 [ 14.276480] ret_from_fork_asm+0x1a/0x30 [ 14.276800] [ 14.276901] The buggy address belongs to the object at ffff888102b4cd00 [ 14.276901] which belongs to the cache kmalloc-64 of size 64 [ 14.277644] The buggy address is located 0 bytes to the right of [ 14.277644] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.278148] [ 14.278404] The buggy address belongs to the physical page: [ 14.278701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.279089] flags: 0x200000000000000(node=0|zone=2) [ 14.279335] page_type: f5(slab) [ 14.279625] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.280018] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.280557] page dumped because: kasan: bad access detected [ 14.280874] [ 14.280972] Memory state around the buggy address: [ 14.281349] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.281691] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.281966] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.282476] ^ [ 14.282826] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.283125] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.283598] ================================================================== [ 14.179935] ================================================================== [ 14.180334] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 14.180677] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.180975] [ 14.181061] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.181106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.181502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.181527] Call Trace: [ 14.181541] <TASK> [ 14.181556] dump_stack_lvl+0x73/0xb0 [ 14.181584] print_report+0xd1/0x650 [ 14.181608] ? __virt_addr_valid+0x1db/0x2d0 [ 14.181631] ? kasan_atomics_helper+0x72f/0x5450 [ 14.181653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.181677] ? kasan_atomics_helper+0x72f/0x5450 [ 14.181700] kasan_report+0x141/0x180 [ 14.181723] ? kasan_atomics_helper+0x72f/0x5450 [ 14.181752] kasan_check_range+0x10c/0x1c0 [ 14.181781] __kasan_check_write+0x18/0x20 [ 14.181803] kasan_atomics_helper+0x72f/0x5450 [ 14.181827] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.181851] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.181875] ? kasan_atomics+0x152/0x310 [ 14.181900] kasan_atomics+0x1dc/0x310 [ 14.181920] ? __pfx_kasan_atomics+0x10/0x10 [ 14.181942] ? __pfx_read_tsc+0x10/0x10 [ 14.181963] ? ktime_get_ts64+0x86/0x230 [ 14.181990] kunit_try_run_case+0x1a5/0x480 [ 14.182015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.182038] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.182062] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.182087] ? __kthread_parkme+0x82/0x180 [ 14.182131] ? preempt_count_sub+0x50/0x80 [ 14.182158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.182182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.182207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.182230] kthread+0x337/0x6f0 [ 14.182252] ? trace_preempt_on+0x20/0xc0 [ 14.182277] ? __pfx_kthread+0x10/0x10 [ 14.182299] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.182331] ? calculate_sigpending+0x7b/0xa0 [ 14.182353] ? __pfx_kthread+0x10/0x10 [ 14.182376] ret_from_fork+0x41/0x80 [ 14.182398] ? __pfx_kthread+0x10/0x10 [ 14.182421] ret_from_fork_asm+0x1a/0x30 [ 14.182454] </TASK> [ 14.182465] [ 14.189663] Allocated by task 285: [ 14.189851] kasan_save_stack+0x45/0x70 [ 14.190052] kasan_save_track+0x18/0x40 [ 14.190270] kasan_save_alloc_info+0x3b/0x50 [ 14.190485] __kasan_kmalloc+0xb7/0xc0 [ 14.190670] __kmalloc_cache_noprof+0x189/0x420 [ 14.190870] kasan_atomics+0x95/0x310 [ 14.191031] kunit_try_run_case+0x1a5/0x480 [ 14.191203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.191390] kthread+0x337/0x6f0 [ 14.191555] ret_from_fork+0x41/0x80 [ 14.191737] ret_from_fork_asm+0x1a/0x30 [ 14.191931] [ 14.192027] The buggy address belongs to the object at ffff888102b4cd00 [ 14.192027] which belongs to the cache kmalloc-64 of size 64 [ 14.192543] The buggy address is located 0 bytes to the right of [ 14.192543] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.192921] [ 14.192993] The buggy address belongs to the physical page: [ 14.193213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.193577] flags: 0x200000000000000(node=0|zone=2) [ 14.193818] page_type: f5(slab) [ 14.193984] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.194372] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.194703] page dumped because: kasan: bad access detected [ 14.194912] [ 14.194982] Memory state around the buggy address: [ 14.195190] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.195517] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.195814] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.196050] ^ [ 14.196304] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.196597] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.196876] ================================================================== [ 15.234644] ================================================================== [ 15.234986] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 15.235826] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.236646] [ 15.236933] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.236984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.236998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.237020] Call Trace: [ 15.237037] <TASK> [ 15.237055] dump_stack_lvl+0x73/0xb0 [ 15.237082] print_report+0xd1/0x650 [ 15.237105] ? __virt_addr_valid+0x1db/0x2d0 [ 15.237140] ? kasan_atomics_helper+0x218a/0x5450 [ 15.237162] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.237185] ? kasan_atomics_helper+0x218a/0x5450 [ 15.237241] kasan_report+0x141/0x180 [ 15.237264] ? kasan_atomics_helper+0x218a/0x5450 [ 15.237390] kasan_check_range+0x10c/0x1c0 [ 15.237423] __kasan_check_write+0x18/0x20 [ 15.237444] kasan_atomics_helper+0x218a/0x5450 [ 15.237469] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.237493] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.237517] ? kasan_atomics+0x152/0x310 [ 15.237541] kasan_atomics+0x1dc/0x310 [ 15.237562] ? __pfx_kasan_atomics+0x10/0x10 [ 15.237584] ? __pfx_read_tsc+0x10/0x10 [ 15.237605] ? ktime_get_ts64+0x86/0x230 [ 15.237631] kunit_try_run_case+0x1a5/0x480 [ 15.237656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.237678] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.237702] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.237727] ? __kthread_parkme+0x82/0x180 [ 15.237751] ? preempt_count_sub+0x50/0x80 [ 15.237784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.237808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.237832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.237856] kthread+0x337/0x6f0 [ 15.237877] ? trace_preempt_on+0x20/0xc0 [ 15.237901] ? __pfx_kthread+0x10/0x10 [ 15.237924] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.237948] ? calculate_sigpending+0x7b/0xa0 [ 15.237970] ? __pfx_kthread+0x10/0x10 [ 15.237994] ret_from_fork+0x41/0x80 [ 15.238014] ? __pfx_kthread+0x10/0x10 [ 15.238039] ret_from_fork_asm+0x1a/0x30 [ 15.238071] </TASK> [ 15.238083] [ 15.251237] Allocated by task 285: [ 15.251777] kasan_save_stack+0x45/0x70 [ 15.251959] kasan_save_track+0x18/0x40 [ 15.252450] kasan_save_alloc_info+0x3b/0x50 [ 15.252660] __kasan_kmalloc+0xb7/0xc0 [ 15.252968] __kmalloc_cache_noprof+0x189/0x420 [ 15.253349] kasan_atomics+0x95/0x310 [ 15.253550] kunit_try_run_case+0x1a5/0x480 [ 15.253894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.254249] kthread+0x337/0x6f0 [ 15.254471] ret_from_fork+0x41/0x80 [ 15.254763] ret_from_fork_asm+0x1a/0x30 [ 15.254991] [ 15.255246] The buggy address belongs to the object at ffff888102b4cd00 [ 15.255246] which belongs to the cache kmalloc-64 of size 64 [ 15.255981] The buggy address is located 0 bytes to the right of [ 15.255981] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.256496] [ 15.256595] The buggy address belongs to the physical page: [ 15.256856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.257203] flags: 0x200000000000000(node=0|zone=2) [ 15.257395] page_type: f5(slab) [ 15.257568] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.257948] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.258255] page dumped because: kasan: bad access detected [ 15.258478] [ 15.258817] Memory state around the buggy address: [ 15.259010] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.259536] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.259904] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.260166] ^ [ 15.260540] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.260954] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.261331] ================================================================== [ 14.901658] ================================================================== [ 14.902006] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 14.902426] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.902745] [ 14.902842] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.902887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.902900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.902920] Call Trace: [ 14.902937] <TASK> [ 14.902952] dump_stack_lvl+0x73/0xb0 [ 14.902977] print_report+0xd1/0x650 [ 14.903000] ? __virt_addr_valid+0x1db/0x2d0 [ 14.903023] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.903046] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.903069] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.903095] kasan_report+0x141/0x180 [ 14.903142] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.903171] kasan_check_range+0x10c/0x1c0 [ 14.903196] __kasan_check_write+0x18/0x20 [ 14.903217] kasan_atomics_helper+0x19e3/0x5450 [ 14.903241] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.903266] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.903289] ? kasan_atomics+0x152/0x310 [ 14.903314] kasan_atomics+0x1dc/0x310 [ 14.903345] ? __pfx_kasan_atomics+0x10/0x10 [ 14.903367] ? __pfx_read_tsc+0x10/0x10 [ 14.903387] ? ktime_get_ts64+0x86/0x230 [ 14.903414] kunit_try_run_case+0x1a5/0x480 [ 14.903439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.903461] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.903485] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.903510] ? __kthread_parkme+0x82/0x180 [ 14.903534] ? preempt_count_sub+0x50/0x80 [ 14.903560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.903584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.903607] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.903631] kthread+0x337/0x6f0 [ 14.903652] ? trace_preempt_on+0x20/0xc0 [ 14.903675] ? __pfx_kthread+0x10/0x10 [ 14.903699] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.903721] ? calculate_sigpending+0x7b/0xa0 [ 14.903743] ? __pfx_kthread+0x10/0x10 [ 14.903766] ret_from_fork+0x41/0x80 [ 14.903788] ? __pfx_kthread+0x10/0x10 [ 14.903811] ret_from_fork_asm+0x1a/0x30 [ 14.903844] </TASK> [ 14.903854] [ 14.910982] Allocated by task 285: [ 14.911127] kasan_save_stack+0x45/0x70 [ 14.911336] kasan_save_track+0x18/0x40 [ 14.911512] kasan_save_alloc_info+0x3b/0x50 [ 14.911657] __kasan_kmalloc+0xb7/0xc0 [ 14.911791] __kmalloc_cache_noprof+0x189/0x420 [ 14.911941] kasan_atomics+0x95/0x310 [ 14.912068] kunit_try_run_case+0x1a5/0x480 [ 14.912238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.912430] kthread+0x337/0x6f0 [ 14.912604] ret_from_fork+0x41/0x80 [ 14.912784] ret_from_fork_asm+0x1a/0x30 [ 14.912978] [ 14.913071] The buggy address belongs to the object at ffff888102b4cd00 [ 14.913071] which belongs to the cache kmalloc-64 of size 64 [ 14.913615] The buggy address is located 0 bytes to the right of [ 14.913615] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.914054] [ 14.914148] The buggy address belongs to the physical page: [ 14.914319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.914565] flags: 0x200000000000000(node=0|zone=2) [ 14.914792] page_type: f5(slab) [ 14.914964] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.915335] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.915678] page dumped because: kasan: bad access detected [ 14.915933] [ 14.916025] Memory state around the buggy address: [ 14.916274] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.916550] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.916832] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.917187] ^ [ 14.917391] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.917664] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.917941] ================================================================== [ 14.609200] ================================================================== [ 14.609710] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 14.610024] Read of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.610447] [ 14.610539] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.610607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.610795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.610819] Call Trace: [ 14.610836] <TASK> [ 14.610854] dump_stack_lvl+0x73/0xb0 [ 14.610880] print_report+0xd1/0x650 [ 14.610904] ? __virt_addr_valid+0x1db/0x2d0 [ 14.610927] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.610952] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.610976] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.610999] kasan_report+0x141/0x180 [ 14.611023] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.611052] __asan_report_load4_noabort+0x18/0x20 [ 14.611073] kasan_atomics_helper+0x49e8/0x5450 [ 14.611098] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.611183] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.611210] ? kasan_atomics+0x152/0x310 [ 14.611234] kasan_atomics+0x1dc/0x310 [ 14.611255] ? __pfx_kasan_atomics+0x10/0x10 [ 14.611277] ? __pfx_read_tsc+0x10/0x10 [ 14.611298] ? ktime_get_ts64+0x86/0x230 [ 14.611338] kunit_try_run_case+0x1a5/0x480 [ 14.611363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.611387] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.611412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.611437] ? __kthread_parkme+0x82/0x180 [ 14.611460] ? preempt_count_sub+0x50/0x80 [ 14.611485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.611509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.611533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.611556] kthread+0x337/0x6f0 [ 14.611577] ? trace_preempt_on+0x20/0xc0 [ 14.611602] ? __pfx_kthread+0x10/0x10 [ 14.611625] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.611647] ? calculate_sigpending+0x7b/0xa0 [ 14.611670] ? __pfx_kthread+0x10/0x10 [ 14.611693] ret_from_fork+0x41/0x80 [ 14.611715] ? __pfx_kthread+0x10/0x10 [ 14.611738] ret_from_fork_asm+0x1a/0x30 [ 14.611772] </TASK> [ 14.611784] [ 14.621484] Allocated by task 285: [ 14.621639] kasan_save_stack+0x45/0x70 [ 14.621968] kasan_save_track+0x18/0x40 [ 14.622282] kasan_save_alloc_info+0x3b/0x50 [ 14.622601] __kasan_kmalloc+0xb7/0xc0 [ 14.622877] __kmalloc_cache_noprof+0x189/0x420 [ 14.623055] kasan_atomics+0x95/0x310 [ 14.623464] kunit_try_run_case+0x1a5/0x480 [ 14.623632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.623993] kthread+0x337/0x6f0 [ 14.624314] ret_from_fork+0x41/0x80 [ 14.624609] ret_from_fork_asm+0x1a/0x30 [ 14.624878] [ 14.624966] The buggy address belongs to the object at ffff888102b4cd00 [ 14.624966] which belongs to the cache kmalloc-64 of size 64 [ 14.625771] The buggy address is located 0 bytes to the right of [ 14.625771] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.626571] [ 14.626665] The buggy address belongs to the physical page: [ 14.626900] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.627392] flags: 0x200000000000000(node=0|zone=2) [ 14.627674] page_type: f5(slab) [ 14.627808] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.628338] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.628766] page dumped because: kasan: bad access detected [ 14.629079] [ 14.629222] Memory state around the buggy address: [ 14.629460] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.629771] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.630093] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.630499] ^ [ 14.630730] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.631003] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.631303] ================================================================== [ 14.214646] ================================================================== [ 14.214991] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 14.215610] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.215908] [ 14.215993] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.216037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.216050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.216071] Call Trace: [ 14.216085] <TASK> [ 14.216099] dump_stack_lvl+0x73/0xb0 [ 14.216148] print_report+0xd1/0x650 [ 14.216171] ? __virt_addr_valid+0x1db/0x2d0 [ 14.216193] ? kasan_atomics_helper+0x860/0x5450 [ 14.216215] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.216239] ? kasan_atomics_helper+0x860/0x5450 [ 14.216262] kasan_report+0x141/0x180 [ 14.216287] ? kasan_atomics_helper+0x860/0x5450 [ 14.216316] kasan_check_range+0x10c/0x1c0 [ 14.216349] __kasan_check_write+0x18/0x20 [ 14.216371] kasan_atomics_helper+0x860/0x5450 [ 14.216394] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.216418] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.216441] ? kasan_atomics+0x152/0x310 [ 14.216466] kasan_atomics+0x1dc/0x310 [ 14.216486] ? __pfx_kasan_atomics+0x10/0x10 [ 14.216508] ? __pfx_read_tsc+0x10/0x10 [ 14.216528] ? ktime_get_ts64+0x86/0x230 [ 14.216554] kunit_try_run_case+0x1a5/0x480 [ 14.216579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.216602] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.216626] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.216651] ? __kthread_parkme+0x82/0x180 [ 14.216673] ? preempt_count_sub+0x50/0x80 [ 14.216699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.216723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.216747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.216770] kthread+0x337/0x6f0 [ 14.216792] ? trace_preempt_on+0x20/0xc0 [ 14.216817] ? __pfx_kthread+0x10/0x10 [ 14.216840] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.216863] ? calculate_sigpending+0x7b/0xa0 [ 14.216885] ? __pfx_kthread+0x10/0x10 [ 14.216909] ret_from_fork+0x41/0x80 [ 14.216931] ? __pfx_kthread+0x10/0x10 [ 14.216954] ret_from_fork_asm+0x1a/0x30 [ 14.216987] </TASK> [ 14.216998] [ 14.226536] Allocated by task 285: [ 14.226863] kasan_save_stack+0x45/0x70 [ 14.227019] kasan_save_track+0x18/0x40 [ 14.227236] kasan_save_alloc_info+0x3b/0x50 [ 14.227586] __kasan_kmalloc+0xb7/0xc0 [ 14.227841] __kmalloc_cache_noprof+0x189/0x420 [ 14.228018] kasan_atomics+0x95/0x310 [ 14.228238] kunit_try_run_case+0x1a5/0x480 [ 14.228451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.228680] kthread+0x337/0x6f0 [ 14.228860] ret_from_fork+0x41/0x80 [ 14.229036] ret_from_fork_asm+0x1a/0x30 [ 14.229607] [ 14.229688] The buggy address belongs to the object at ffff888102b4cd00 [ 14.229688] which belongs to the cache kmalloc-64 of size 64 [ 14.230358] The buggy address is located 0 bytes to the right of [ 14.230358] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.230984] [ 14.231200] The buggy address belongs to the physical page: [ 14.231478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.231898] flags: 0x200000000000000(node=0|zone=2) [ 14.232209] page_type: f5(slab) [ 14.232398] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.232834] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.233309] page dumped because: kasan: bad access detected [ 14.233565] [ 14.233646] Memory state around the buggy address: [ 14.233864] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.234408] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.234715] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.235068] ^ [ 14.235345] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.235743] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.236155] ================================================================== [ 14.284197] ================================================================== [ 14.285112] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 14.285551] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.285950] [ 14.286269] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.286318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.286344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.286366] Call Trace: [ 14.286470] <TASK> [ 14.286491] dump_stack_lvl+0x73/0xb0 [ 14.286519] print_report+0xd1/0x650 [ 14.286542] ? __virt_addr_valid+0x1db/0x2d0 [ 14.286564] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.286587] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.286611] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.286634] kasan_report+0x141/0x180 [ 14.286657] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.286685] kasan_check_range+0x10c/0x1c0 [ 14.286709] __kasan_check_write+0x18/0x20 [ 14.286731] kasan_atomics_helper+0xa2b/0x5450 [ 14.286757] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.286780] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.286802] ? kasan_atomics+0x152/0x310 [ 14.286827] kasan_atomics+0x1dc/0x310 [ 14.286846] ? __pfx_kasan_atomics+0x10/0x10 [ 14.286868] ? __pfx_read_tsc+0x10/0x10 [ 14.286888] ? ktime_get_ts64+0x86/0x230 [ 14.286914] kunit_try_run_case+0x1a5/0x480 [ 14.286939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.286961] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.286985] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.287010] ? __kthread_parkme+0x82/0x180 [ 14.287031] ? preempt_count_sub+0x50/0x80 [ 14.287057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.287081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.287104] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.287137] kthread+0x337/0x6f0 [ 14.287159] ? trace_preempt_on+0x20/0xc0 [ 14.287185] ? __pfx_kthread+0x10/0x10 [ 14.287207] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.287230] ? calculate_sigpending+0x7b/0xa0 [ 14.287253] ? __pfx_kthread+0x10/0x10 [ 14.287276] ret_from_fork+0x41/0x80 [ 14.287296] ? __pfx_kthread+0x10/0x10 [ 14.287319] ret_from_fork_asm+0x1a/0x30 [ 14.287365] </TASK> [ 14.287376] [ 14.297632] Allocated by task 285: [ 14.297782] kasan_save_stack+0x45/0x70 [ 14.298044] kasan_save_track+0x18/0x40 [ 14.298387] kasan_save_alloc_info+0x3b/0x50 [ 14.298559] __kasan_kmalloc+0xb7/0xc0 [ 14.298864] __kmalloc_cache_noprof+0x189/0x420 [ 14.299156] kasan_atomics+0x95/0x310 [ 14.299503] kunit_try_run_case+0x1a5/0x480 [ 14.299707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.300036] kthread+0x337/0x6f0 [ 14.300291] ret_from_fork+0x41/0x80 [ 14.300524] ret_from_fork_asm+0x1a/0x30 [ 14.300678] [ 14.300775] The buggy address belongs to the object at ffff888102b4cd00 [ 14.300775] which belongs to the cache kmalloc-64 of size 64 [ 14.301558] The buggy address is located 0 bytes to the right of [ 14.301558] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.302125] [ 14.302313] The buggy address belongs to the physical page: [ 14.302622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.303015] flags: 0x200000000000000(node=0|zone=2) [ 14.303306] page_type: f5(slab) [ 14.303558] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.303962] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.304372] page dumped because: kasan: bad access detected [ 14.304624] [ 14.304829] Memory state around the buggy address: [ 14.304996] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.305379] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.305832] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.306192] ^ [ 14.306402] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.306790] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.307099] ================================================================== [ 14.585838] ================================================================== [ 14.586197] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 14.586534] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.586858] [ 14.586972] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.587018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.587031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.587052] Call Trace: [ 14.587067] <TASK> [ 14.587083] dump_stack_lvl+0x73/0xb0 [ 14.587109] print_report+0xd1/0x650 [ 14.587132] ? __virt_addr_valid+0x1db/0x2d0 [ 14.587153] ? kasan_atomics_helper+0x1217/0x5450 [ 14.587175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.587199] ? kasan_atomics_helper+0x1217/0x5450 [ 14.587222] kasan_report+0x141/0x180 [ 14.587246] ? kasan_atomics_helper+0x1217/0x5450 [ 14.587274] kasan_check_range+0x10c/0x1c0 [ 14.587334] __kasan_check_write+0x18/0x20 [ 14.587356] kasan_atomics_helper+0x1217/0x5450 [ 14.587381] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.587405] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.587428] ? kasan_atomics+0x152/0x310 [ 14.587453] kasan_atomics+0x1dc/0x310 [ 14.587474] ? __pfx_kasan_atomics+0x10/0x10 [ 14.587496] ? __pfx_read_tsc+0x10/0x10 [ 14.587516] ? ktime_get_ts64+0x86/0x230 [ 14.587543] kunit_try_run_case+0x1a5/0x480 [ 14.587568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.587590] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.587615] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.587641] ? __kthread_parkme+0x82/0x180 [ 14.587663] ? preempt_count_sub+0x50/0x80 [ 14.587688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.587713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.587736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.587761] kthread+0x337/0x6f0 [ 14.587782] ? trace_preempt_on+0x20/0xc0 [ 14.587806] ? __pfx_kthread+0x10/0x10 [ 14.587829] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.587851] ? calculate_sigpending+0x7b/0xa0 [ 14.587873] ? __pfx_kthread+0x10/0x10 [ 14.587915] ret_from_fork+0x41/0x80 [ 14.587950] ? __pfx_kthread+0x10/0x10 [ 14.587974] ret_from_fork_asm+0x1a/0x30 [ 14.588033] </TASK> [ 14.588044] [ 14.597505] Allocated by task 285: [ 14.598004] kasan_save_stack+0x45/0x70 [ 14.598254] kasan_save_track+0x18/0x40 [ 14.598490] kasan_save_alloc_info+0x3b/0x50 [ 14.598721] __kasan_kmalloc+0xb7/0xc0 [ 14.598872] __kmalloc_cache_noprof+0x189/0x420 [ 14.599115] kasan_atomics+0x95/0x310 [ 14.599281] kunit_try_run_case+0x1a5/0x480 [ 14.599827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.600072] kthread+0x337/0x6f0 [ 14.600294] ret_from_fork+0x41/0x80 [ 14.600510] ret_from_fork_asm+0x1a/0x30 [ 14.600683] [ 14.600780] The buggy address belongs to the object at ffff888102b4cd00 [ 14.600780] which belongs to the cache kmalloc-64 of size 64 [ 14.601256] The buggy address is located 0 bytes to the right of [ 14.601256] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.601976] [ 14.602080] The buggy address belongs to the physical page: [ 14.602966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.603304] flags: 0x200000000000000(node=0|zone=2) [ 14.603638] page_type: f5(slab) [ 14.603923] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.604275] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.604686] page dumped because: kasan: bad access detected [ 14.605004] [ 14.605105] Memory state around the buggy address: [ 14.605475] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.605806] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.606115] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.606656] ^ [ 14.606966] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.607415] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.607784] ================================================================== [ 14.029432] ================================================================== [ 14.030188] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.030931] Read of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.031393] [ 14.031568] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.031635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.031649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.031671] Call Trace: [ 14.031689] <TASK> [ 14.031717] dump_stack_lvl+0x73/0xb0 [ 14.031744] print_report+0xd1/0x650 [ 14.031767] ? __virt_addr_valid+0x1db/0x2d0 [ 14.031789] ? kasan_atomics_helper+0x3df/0x5450 [ 14.031812] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.031835] ? kasan_atomics_helper+0x3df/0x5450 [ 14.031858] kasan_report+0x141/0x180 [ 14.031883] ? kasan_atomics_helper+0x3df/0x5450 [ 14.031911] kasan_check_range+0x10c/0x1c0 [ 14.031936] __kasan_check_read+0x15/0x20 [ 14.031957] kasan_atomics_helper+0x3df/0x5450 [ 14.031980] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.032003] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.032026] ? kasan_atomics+0x152/0x310 [ 14.032051] kasan_atomics+0x1dc/0x310 [ 14.032070] ? __pfx_kasan_atomics+0x10/0x10 [ 14.032092] ? __pfx_read_tsc+0x10/0x10 [ 14.032113] ? ktime_get_ts64+0x86/0x230 [ 14.032150] kunit_try_run_case+0x1a5/0x480 [ 14.032174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.032197] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.032221] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.032246] ? __kthread_parkme+0x82/0x180 [ 14.032269] ? preempt_count_sub+0x50/0x80 [ 14.032294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.032319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.032353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.032377] kthread+0x337/0x6f0 [ 14.032398] ? trace_preempt_on+0x20/0xc0 [ 14.032423] ? __pfx_kthread+0x10/0x10 [ 14.032446] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.032469] ? calculate_sigpending+0x7b/0xa0 [ 14.032492] ? __pfx_kthread+0x10/0x10 [ 14.032516] ret_from_fork+0x41/0x80 [ 14.032537] ? __pfx_kthread+0x10/0x10 [ 14.032560] ret_from_fork_asm+0x1a/0x30 [ 14.032592] </TASK> [ 14.032604] [ 14.044846] Allocated by task 285: [ 14.045230] kasan_save_stack+0x45/0x70 [ 14.045450] kasan_save_track+0x18/0x40 [ 14.045816] kasan_save_alloc_info+0x3b/0x50 [ 14.046140] __kasan_kmalloc+0xb7/0xc0 [ 14.046529] __kmalloc_cache_noprof+0x189/0x420 [ 14.046769] kasan_atomics+0x95/0x310 [ 14.047116] kunit_try_run_case+0x1a5/0x480 [ 14.047407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.047584] kthread+0x337/0x6f0 [ 14.047705] ret_from_fork+0x41/0x80 [ 14.047833] ret_from_fork_asm+0x1a/0x30 [ 14.047973] [ 14.048044] The buggy address belongs to the object at ffff888102b4cd00 [ 14.048044] which belongs to the cache kmalloc-64 of size 64 [ 14.048411] The buggy address is located 0 bytes to the right of [ 14.048411] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.048979] [ 14.049063] The buggy address belongs to the physical page: [ 14.049415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.049666] flags: 0x200000000000000(node=0|zone=2) [ 14.049921] page_type: f5(slab) [ 14.050091] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.050421] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.050767] page dumped because: kasan: bad access detected [ 14.050963] [ 14.051033] Memory state around the buggy address: [ 14.051220] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.051579] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.051858] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.052141] ^ [ 14.052398] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.052637] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.052908] ================================================================== [ 14.446083] ================================================================== [ 14.447075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 14.447509] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.447818] [ 14.447922] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.447968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.447982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.448004] Call Trace: [ 14.448022] <TASK> [ 14.448038] dump_stack_lvl+0x73/0xb0 [ 14.448064] print_report+0xd1/0x650 [ 14.448088] ? __virt_addr_valid+0x1db/0x2d0 [ 14.448112] ? kasan_atomics_helper+0xf10/0x5450 [ 14.448335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.448362] ? kasan_atomics_helper+0xf10/0x5450 [ 14.448387] kasan_report+0x141/0x180 [ 14.448412] ? kasan_atomics_helper+0xf10/0x5450 [ 14.448441] kasan_check_range+0x10c/0x1c0 [ 14.448624] __kasan_check_write+0x18/0x20 [ 14.448646] kasan_atomics_helper+0xf10/0x5450 [ 14.448671] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.448696] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.448719] ? kasan_atomics+0x152/0x310 [ 14.448744] kasan_atomics+0x1dc/0x310 [ 14.448764] ? __pfx_kasan_atomics+0x10/0x10 [ 14.448787] ? __pfx_read_tsc+0x10/0x10 [ 14.448808] ? ktime_get_ts64+0x86/0x230 [ 14.448835] kunit_try_run_case+0x1a5/0x480 [ 14.448859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.448881] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.448906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.448931] ? __kthread_parkme+0x82/0x180 [ 14.448953] ? preempt_count_sub+0x50/0x80 [ 14.448978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.449002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.449026] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.449049] kthread+0x337/0x6f0 [ 14.449071] ? trace_preempt_on+0x20/0xc0 [ 14.449096] ? __pfx_kthread+0x10/0x10 [ 14.449119] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.449159] ? calculate_sigpending+0x7b/0xa0 [ 14.449183] ? __pfx_kthread+0x10/0x10 [ 14.449205] ret_from_fork+0x41/0x80 [ 14.449228] ? __pfx_kthread+0x10/0x10 [ 14.449251] ret_from_fork_asm+0x1a/0x30 [ 14.449283] </TASK> [ 14.449295] [ 14.460296] Allocated by task 285: [ 14.460530] kasan_save_stack+0x45/0x70 [ 14.460735] kasan_save_track+0x18/0x40 [ 14.460913] kasan_save_alloc_info+0x3b/0x50 [ 14.461106] __kasan_kmalloc+0xb7/0xc0 [ 14.461550] __kmalloc_cache_noprof+0x189/0x420 [ 14.461883] kasan_atomics+0x95/0x310 [ 14.462292] kunit_try_run_case+0x1a5/0x480 [ 14.462532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.462768] kthread+0x337/0x6f0 [ 14.462925] ret_from_fork+0x41/0x80 [ 14.463096] ret_from_fork_asm+0x1a/0x30 [ 14.463490] [ 14.463694] The buggy address belongs to the object at ffff888102b4cd00 [ 14.463694] which belongs to the cache kmalloc-64 of size 64 [ 14.464569] The buggy address is located 0 bytes to the right of [ 14.464569] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.465087] [ 14.465401] The buggy address belongs to the physical page: [ 14.465870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.466383] flags: 0x200000000000000(node=0|zone=2) [ 14.466611] page_type: f5(slab) [ 14.466773] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.467086] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.467683] page dumped because: kasan: bad access detected [ 14.468032] [ 14.468258] Memory state around the buggy address: [ 14.468699] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.469015] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.469721] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.470151] ^ [ 14.470509] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.471144] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.471455] ================================================================== [ 14.827967] ================================================================== [ 14.828393] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.828732] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.829015] [ 14.829098] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.829141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.829154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.829175] Call Trace: [ 14.829190] <TASK> [ 14.829206] dump_stack_lvl+0x73/0xb0 [ 14.829229] print_report+0xd1/0x650 [ 14.829252] ? __virt_addr_valid+0x1db/0x2d0 [ 14.829274] ? kasan_atomics_helper+0x177f/0x5450 [ 14.829297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.829321] ? kasan_atomics_helper+0x177f/0x5450 [ 14.829353] kasan_report+0x141/0x180 [ 14.829376] ? kasan_atomics_helper+0x177f/0x5450 [ 14.829404] kasan_check_range+0x10c/0x1c0 [ 14.829428] __kasan_check_write+0x18/0x20 [ 14.829449] kasan_atomics_helper+0x177f/0x5450 [ 14.829488] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.829512] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.829535] ? kasan_atomics+0x152/0x310 [ 14.829582] kasan_atomics+0x1dc/0x310 [ 14.829603] ? __pfx_kasan_atomics+0x10/0x10 [ 14.829625] ? __pfx_read_tsc+0x10/0x10 [ 14.829662] ? ktime_get_ts64+0x86/0x230 [ 14.829689] kunit_try_run_case+0x1a5/0x480 [ 14.829730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.829752] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.829780] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.829805] ? __kthread_parkme+0x82/0x180 [ 14.829828] ? preempt_count_sub+0x50/0x80 [ 14.829854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.829894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.829918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.829942] kthread+0x337/0x6f0 [ 14.829963] ? trace_preempt_on+0x20/0xc0 [ 14.829987] ? __pfx_kthread+0x10/0x10 [ 14.830010] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.830048] ? calculate_sigpending+0x7b/0xa0 [ 14.830071] ? __pfx_kthread+0x10/0x10 [ 14.830094] ret_from_fork+0x41/0x80 [ 14.830116] ? __pfx_kthread+0x10/0x10 [ 14.830147] ret_from_fork_asm+0x1a/0x30 [ 14.830178] </TASK> [ 14.830190] [ 14.838191] Allocated by task 285: [ 14.838404] kasan_save_stack+0x45/0x70 [ 14.838584] kasan_save_track+0x18/0x40 [ 14.838810] kasan_save_alloc_info+0x3b/0x50 [ 14.839019] __kasan_kmalloc+0xb7/0xc0 [ 14.839188] __kmalloc_cache_noprof+0x189/0x420 [ 14.839390] kasan_atomics+0x95/0x310 [ 14.839521] kunit_try_run_case+0x1a5/0x480 [ 14.839667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.839841] kthread+0x337/0x6f0 [ 14.839970] ret_from_fork+0x41/0x80 [ 14.840155] ret_from_fork_asm+0x1a/0x30 [ 14.840385] [ 14.840481] The buggy address belongs to the object at ffff888102b4cd00 [ 14.840481] which belongs to the cache kmalloc-64 of size 64 [ 14.841063] The buggy address is located 0 bytes to the right of [ 14.841063] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.841727] [ 14.841853] The buggy address belongs to the physical page: [ 14.842099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.842484] flags: 0x200000000000000(node=0|zone=2) [ 14.842674] page_type: f5(slab) [ 14.842796] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.843028] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.843660] page dumped because: kasan: bad access detected [ 14.843933] [ 14.844038] Memory state around the buggy address: [ 14.844273] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.844652] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.844906] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.845148] ^ [ 14.845385] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.845741] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.846005] ================================================================== [ 14.769376] ================================================================== [ 14.769778] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.770051] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.770495] [ 14.770597] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.770660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.770687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.770721] Call Trace: [ 14.770737] <TASK> [ 14.770766] dump_stack_lvl+0x73/0xb0 [ 14.770805] print_report+0xd1/0x650 [ 14.770855] ? __virt_addr_valid+0x1db/0x2d0 [ 14.770891] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.770926] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.770949] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.770972] kasan_report+0x141/0x180 [ 14.770996] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.771024] kasan_check_range+0x10c/0x1c0 [ 14.771049] __kasan_check_write+0x18/0x20 [ 14.771070] kasan_atomics_helper+0x15b6/0x5450 [ 14.771094] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.771117] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.771140] ? kasan_atomics+0x152/0x310 [ 14.771164] kasan_atomics+0x1dc/0x310 [ 14.771195] ? __pfx_kasan_atomics+0x10/0x10 [ 14.771217] ? __pfx_read_tsc+0x10/0x10 [ 14.771238] ? ktime_get_ts64+0x86/0x230 [ 14.771264] kunit_try_run_case+0x1a5/0x480 [ 14.771290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.771311] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.771347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.771372] ? __kthread_parkme+0x82/0x180 [ 14.771396] ? preempt_count_sub+0x50/0x80 [ 14.771421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.771445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.771470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.771494] kthread+0x337/0x6f0 [ 14.771516] ? trace_preempt_on+0x20/0xc0 [ 14.771540] ? __pfx_kthread+0x10/0x10 [ 14.771564] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.771587] ? calculate_sigpending+0x7b/0xa0 [ 14.771629] ? __pfx_kthread+0x10/0x10 [ 14.771653] ret_from_fork+0x41/0x80 [ 14.771675] ? __pfx_kthread+0x10/0x10 [ 14.771698] ret_from_fork_asm+0x1a/0x30 [ 14.771731] </TASK> [ 14.771742] [ 14.779676] Allocated by task 285: [ 14.779864] kasan_save_stack+0x45/0x70 [ 14.780057] kasan_save_track+0x18/0x40 [ 14.780296] kasan_save_alloc_info+0x3b/0x50 [ 14.780500] __kasan_kmalloc+0xb7/0xc0 [ 14.780685] __kmalloc_cache_noprof+0x189/0x420 [ 14.780938] kasan_atomics+0x95/0x310 [ 14.781145] kunit_try_run_case+0x1a5/0x480 [ 14.781375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.781634] kthread+0x337/0x6f0 [ 14.781921] ret_from_fork+0x41/0x80 [ 14.782270] ret_from_fork_asm+0x1a/0x30 [ 14.782424] [ 14.782497] The buggy address belongs to the object at ffff888102b4cd00 [ 14.782497] which belongs to the cache kmalloc-64 of size 64 [ 14.782948] The buggy address is located 0 bytes to the right of [ 14.782948] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.783587] [ 14.783731] The buggy address belongs to the physical page: [ 14.784042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.784628] flags: 0x200000000000000(node=0|zone=2) [ 14.784863] page_type: f5(slab) [ 14.785030] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.785699] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.785932] page dumped because: kasan: bad access detected [ 14.786103] [ 14.786172] Memory state around the buggy address: [ 14.786336] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.786622] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.787163] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.787515] ^ [ 14.787742] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.788063] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.788284] ================================================================== [ 14.692319] ================================================================== [ 14.692712] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.692991] Read of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.693375] [ 14.693472] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.693515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.693529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.693551] Call Trace: [ 14.693568] <TASK> [ 14.693585] dump_stack_lvl+0x73/0xb0 [ 14.693609] print_report+0xd1/0x650 [ 14.693633] ? __virt_addr_valid+0x1db/0x2d0 [ 14.693656] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.693679] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.693702] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.693726] kasan_report+0x141/0x180 [ 14.693749] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.693783] __asan_report_load8_noabort+0x18/0x20 [ 14.693805] kasan_atomics_helper+0x4eae/0x5450 [ 14.693830] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.693854] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.693878] ? kasan_atomics+0x152/0x310 [ 14.693902] kasan_atomics+0x1dc/0x310 [ 14.693923] ? __pfx_kasan_atomics+0x10/0x10 [ 14.693944] ? __pfx_read_tsc+0x10/0x10 [ 14.693965] ? ktime_get_ts64+0x86/0x230 [ 14.693990] kunit_try_run_case+0x1a5/0x480 [ 14.694014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.694037] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.694062] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.694087] ? __kthread_parkme+0x82/0x180 [ 14.694109] ? preempt_count_sub+0x50/0x80 [ 14.694135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.694159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.694183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.694207] kthread+0x337/0x6f0 [ 14.694228] ? trace_preempt_on+0x20/0xc0 [ 14.694252] ? __pfx_kthread+0x10/0x10 [ 14.694275] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.694297] ? calculate_sigpending+0x7b/0xa0 [ 14.694320] ? __pfx_kthread+0x10/0x10 [ 14.694353] ret_from_fork+0x41/0x80 [ 14.694375] ? __pfx_kthread+0x10/0x10 [ 14.694397] ret_from_fork_asm+0x1a/0x30 [ 14.694429] </TASK> [ 14.694452] [ 14.701725] Allocated by task 285: [ 14.701927] kasan_save_stack+0x45/0x70 [ 14.702170] kasan_save_track+0x18/0x40 [ 14.702474] kasan_save_alloc_info+0x3b/0x50 [ 14.702891] __kasan_kmalloc+0xb7/0xc0 [ 14.703043] __kmalloc_cache_noprof+0x189/0x420 [ 14.703663] kasan_atomics+0x95/0x310 [ 14.703854] kunit_try_run_case+0x1a5/0x480 [ 14.704069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.704997] kthread+0x337/0x6f0 [ 14.705183] ret_from_fork+0x41/0x80 [ 14.705358] ret_from_fork_asm+0x1a/0x30 [ 14.705571] [ 14.705670] The buggy address belongs to the object at ffff888102b4cd00 [ 14.705670] which belongs to the cache kmalloc-64 of size 64 [ 14.706170] The buggy address is located 0 bytes to the right of [ 14.706170] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.706692] [ 14.706804] The buggy address belongs to the physical page: [ 14.707033] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.707381] flags: 0x200000000000000(node=0|zone=2) [ 14.707620] page_type: f5(slab) [ 14.707782] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.708147] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.708439] page dumped because: kasan: bad access detected [ 14.708689] [ 14.708791] Memory state around the buggy address: [ 14.708970] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.709312] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.709673] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.710016] ^ [ 14.710226] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.710512] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.711110] ================================================================== [ 14.415896] ================================================================== [ 14.417308] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 14.419644] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.419889] [ 14.419981] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.420028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.420041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.420064] Call Trace: [ 14.420081] <TASK> [ 14.420097] dump_stack_lvl+0x73/0xb0 [ 14.420124] print_report+0xd1/0x650 [ 14.420149] ? __virt_addr_valid+0x1db/0x2d0 [ 14.420171] ? kasan_atomics_helper+0xe78/0x5450 [ 14.420193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.420217] ? kasan_atomics_helper+0xe78/0x5450 [ 14.420240] kasan_report+0x141/0x180 [ 14.420263] ? kasan_atomics_helper+0xe78/0x5450 [ 14.420292] kasan_check_range+0x10c/0x1c0 [ 14.420318] __kasan_check_write+0x18/0x20 [ 14.420365] kasan_atomics_helper+0xe78/0x5450 [ 14.420390] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.420413] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.420436] ? kasan_atomics+0x152/0x310 [ 14.420460] kasan_atomics+0x1dc/0x310 [ 14.420481] ? __pfx_kasan_atomics+0x10/0x10 [ 14.420502] ? __pfx_read_tsc+0x10/0x10 [ 14.420522] ? ktime_get_ts64+0x86/0x230 [ 14.420549] kunit_try_run_case+0x1a5/0x480 [ 14.420574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.420595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.421349] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.422149] ? __kthread_parkme+0x82/0x180 [ 14.422189] ? preempt_count_sub+0x50/0x80 [ 14.422219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.422244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.422269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.422297] kthread+0x337/0x6f0 [ 14.422319] ? trace_preempt_on+0x20/0xc0 [ 14.422356] ? __pfx_kthread+0x10/0x10 [ 14.422385] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.422408] ? calculate_sigpending+0x7b/0xa0 [ 14.422431] ? __pfx_kthread+0x10/0x10 [ 14.422455] ret_from_fork+0x41/0x80 [ 14.422477] ? __pfx_kthread+0x10/0x10 [ 14.422499] ret_from_fork_asm+0x1a/0x30 [ 14.422532] </TASK> [ 14.422544] [ 14.435685] Allocated by task 285: [ 14.435881] kasan_save_stack+0x45/0x70 [ 14.436087] kasan_save_track+0x18/0x40 [ 14.436388] kasan_save_alloc_info+0x3b/0x50 [ 14.436576] __kasan_kmalloc+0xb7/0xc0 [ 14.436787] __kmalloc_cache_noprof+0x189/0x420 [ 14.437000] kasan_atomics+0x95/0x310 [ 14.437374] kunit_try_run_case+0x1a5/0x480 [ 14.437599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.437777] kthread+0x337/0x6f0 [ 14.437913] ret_from_fork+0x41/0x80 [ 14.438103] ret_from_fork_asm+0x1a/0x30 [ 14.438312] [ 14.438426] The buggy address belongs to the object at ffff888102b4cd00 [ 14.438426] which belongs to the cache kmalloc-64 of size 64 [ 14.438927] The buggy address is located 0 bytes to the right of [ 14.438927] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.439492] [ 14.439588] The buggy address belongs to the physical page: [ 14.440001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.440687] flags: 0x200000000000000(node=0|zone=2) [ 14.440882] page_type: f5(slab) [ 14.441033] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.441491] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.441835] page dumped because: kasan: bad access detected [ 14.442372] [ 14.442475] Memory state around the buggy address: [ 14.442686] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.442981] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.443643] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.444096] ^ [ 14.444476] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.445001] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.445507] ================================================================== [ 14.307841] ================================================================== [ 14.308179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 14.308837] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.309144] [ 14.309231] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.309275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.309287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.309309] Call Trace: [ 14.309335] <TASK> [ 14.309350] dump_stack_lvl+0x73/0xb0 [ 14.309376] print_report+0xd1/0x650 [ 14.309399] ? __virt_addr_valid+0x1db/0x2d0 [ 14.309421] ? kasan_atomics_helper+0xac7/0x5450 [ 14.309444] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.309526] ? kasan_atomics_helper+0xac7/0x5450 [ 14.309550] kasan_report+0x141/0x180 [ 14.309575] ? kasan_atomics_helper+0xac7/0x5450 [ 14.309603] kasan_check_range+0x10c/0x1c0 [ 14.309628] __kasan_check_write+0x18/0x20 [ 14.309649] kasan_atomics_helper+0xac7/0x5450 [ 14.309673] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.309696] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.309719] ? kasan_atomics+0x152/0x310 [ 14.309743] kasan_atomics+0x1dc/0x310 [ 14.309764] ? __pfx_kasan_atomics+0x10/0x10 [ 14.309790] ? __pfx_read_tsc+0x10/0x10 [ 14.309811] ? ktime_get_ts64+0x86/0x230 [ 14.309836] kunit_try_run_case+0x1a5/0x480 [ 14.309861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.309884] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.309909] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.309933] ? __kthread_parkme+0x82/0x180 [ 14.309955] ? preempt_count_sub+0x50/0x80 [ 14.309981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.310005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.310028] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.310051] kthread+0x337/0x6f0 [ 14.310073] ? trace_preempt_on+0x20/0xc0 [ 14.310097] ? __pfx_kthread+0x10/0x10 [ 14.310120] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.310153] ? calculate_sigpending+0x7b/0xa0 [ 14.310175] ? __pfx_kthread+0x10/0x10 [ 14.310198] ret_from_fork+0x41/0x80 [ 14.310220] ? __pfx_kthread+0x10/0x10 [ 14.310242] ret_from_fork_asm+0x1a/0x30 [ 14.310275] </TASK> [ 14.310286] [ 14.317507] Allocated by task 285: [ 14.317659] kasan_save_stack+0x45/0x70 [ 14.317865] kasan_save_track+0x18/0x40 [ 14.318046] kasan_save_alloc_info+0x3b/0x50 [ 14.318272] __kasan_kmalloc+0xb7/0xc0 [ 14.318434] __kmalloc_cache_noprof+0x189/0x420 [ 14.318589] kasan_atomics+0x95/0x310 [ 14.318762] kunit_try_run_case+0x1a5/0x480 [ 14.318966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.319262] kthread+0x337/0x6f0 [ 14.319421] ret_from_fork+0x41/0x80 [ 14.319553] ret_from_fork_asm+0x1a/0x30 [ 14.319740] [ 14.319835] The buggy address belongs to the object at ffff888102b4cd00 [ 14.319835] which belongs to the cache kmalloc-64 of size 64 [ 14.320395] The buggy address is located 0 bytes to the right of [ 14.320395] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.320854] [ 14.320942] The buggy address belongs to the physical page: [ 14.321238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.321545] flags: 0x200000000000000(node=0|zone=2) [ 14.321757] page_type: f5(slab) [ 14.321910] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.322139] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.322372] page dumped because: kasan: bad access detected [ 14.322543] [ 14.322615] Memory state around the buggy address: [ 14.322838] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.323166] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.323499] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.323762] ^ [ 14.323914] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.324135] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.324456] ================================================================== [ 15.008041] ================================================================== [ 15.008304] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 15.009163] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.009475] [ 15.009562] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.009606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.009620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.009641] Call Trace: [ 15.009656] <TASK> [ 15.009672] dump_stack_lvl+0x73/0xb0 [ 15.009698] print_report+0xd1/0x650 [ 15.009765] ? __virt_addr_valid+0x1db/0x2d0 [ 15.009794] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.009817] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.009841] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.009864] kasan_report+0x141/0x180 [ 15.009920] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.009950] kasan_check_range+0x10c/0x1c0 [ 15.009976] __kasan_check_write+0x18/0x20 [ 15.009996] kasan_atomics_helper+0x1ce1/0x5450 [ 15.010021] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.010074] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.010099] ? kasan_atomics+0x152/0x310 [ 15.010124] kasan_atomics+0x1dc/0x310 [ 15.010154] ? __pfx_kasan_atomics+0x10/0x10 [ 15.010177] ? __pfx_read_tsc+0x10/0x10 [ 15.010224] ? ktime_get_ts64+0x86/0x230 [ 15.010253] kunit_try_run_case+0x1a5/0x480 [ 15.010278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.010301] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.010336] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.010362] ? __kthread_parkme+0x82/0x180 [ 15.010384] ? preempt_count_sub+0x50/0x80 [ 15.010410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.010434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.010458] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.010509] kthread+0x337/0x6f0 [ 15.010530] ? trace_preempt_on+0x20/0xc0 [ 15.010555] ? __pfx_kthread+0x10/0x10 [ 15.010578] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.010602] ? calculate_sigpending+0x7b/0xa0 [ 15.010624] ? __pfx_kthread+0x10/0x10 [ 15.010648] ret_from_fork+0x41/0x80 [ 15.010670] ? __pfx_kthread+0x10/0x10 [ 15.010693] ret_from_fork_asm+0x1a/0x30 [ 15.010725] </TASK> [ 15.010736] [ 15.019236] Allocated by task 285: [ 15.019443] kasan_save_stack+0x45/0x70 [ 15.019661] kasan_save_track+0x18/0x40 [ 15.019859] kasan_save_alloc_info+0x3b/0x50 [ 15.020084] __kasan_kmalloc+0xb7/0xc0 [ 15.020359] __kmalloc_cache_noprof+0x189/0x420 [ 15.020565] kasan_atomics+0x95/0x310 [ 15.020709] kunit_try_run_case+0x1a5/0x480 [ 15.020999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.021178] kthread+0x337/0x6f0 [ 15.021357] ret_from_fork+0x41/0x80 [ 15.021539] ret_from_fork_asm+0x1a/0x30 [ 15.021735] [ 15.021883] The buggy address belongs to the object at ffff888102b4cd00 [ 15.021883] which belongs to the cache kmalloc-64 of size 64 [ 15.022600] The buggy address is located 0 bytes to the right of [ 15.022600] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.023069] [ 15.023257] The buggy address belongs to the physical page: [ 15.023525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.023893] flags: 0x200000000000000(node=0|zone=2) [ 15.024141] page_type: f5(slab) [ 15.024311] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.024663] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.024963] page dumped because: kasan: bad access detected [ 15.025177] [ 15.025276] Memory state around the buggy address: [ 15.025509] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.025863] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.026245] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.026569] ^ [ 15.026800] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.027057] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.027601] ================================================================== [ 14.002666] ================================================================== [ 14.003394] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.003719] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.004316] [ 14.004561] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.004612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.004625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.004749] Call Trace: [ 14.004764] <TASK> [ 14.004780] dump_stack_lvl+0x73/0xb0 [ 14.004808] print_report+0xd1/0x650 [ 14.004831] ? __virt_addr_valid+0x1db/0x2d0 [ 14.004854] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.004877] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.004900] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.004923] kasan_report+0x141/0x180 [ 14.004947] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.004975] __asan_report_store4_noabort+0x1b/0x30 [ 14.004997] kasan_atomics_helper+0x4b6e/0x5450 [ 14.005021] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.005044] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.005068] ? kasan_atomics+0x152/0x310 [ 14.005092] kasan_atomics+0x1dc/0x310 [ 14.005112] ? __pfx_kasan_atomics+0x10/0x10 [ 14.005143] ? __pfx_read_tsc+0x10/0x10 [ 14.005164] ? ktime_get_ts64+0x86/0x230 [ 14.005189] kunit_try_run_case+0x1a5/0x480 [ 14.005215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.005236] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.005261] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.005286] ? __kthread_parkme+0x82/0x180 [ 14.005308] ? preempt_count_sub+0x50/0x80 [ 14.005348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.005374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.005397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.005422] kthread+0x337/0x6f0 [ 14.005444] ? trace_preempt_on+0x20/0xc0 [ 14.005467] ? __pfx_kthread+0x10/0x10 [ 14.005490] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.005513] ? calculate_sigpending+0x7b/0xa0 [ 14.005536] ? __pfx_kthread+0x10/0x10 [ 14.005559] ret_from_fork+0x41/0x80 [ 14.005581] ? __pfx_kthread+0x10/0x10 [ 14.005604] ret_from_fork_asm+0x1a/0x30 [ 14.005636] </TASK> [ 14.005648] [ 14.016686] Allocated by task 285: [ 14.016874] kasan_save_stack+0x45/0x70 [ 14.017061] kasan_save_track+0x18/0x40 [ 14.017647] kasan_save_alloc_info+0x3b/0x50 [ 14.017857] __kasan_kmalloc+0xb7/0xc0 [ 14.018115] __kmalloc_cache_noprof+0x189/0x420 [ 14.018439] kasan_atomics+0x95/0x310 [ 14.018739] kunit_try_run_case+0x1a5/0x480 [ 14.019026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.019375] kthread+0x337/0x6f0 [ 14.019645] ret_from_fork+0x41/0x80 [ 14.019827] ret_from_fork_asm+0x1a/0x30 [ 14.020022] [ 14.020110] The buggy address belongs to the object at ffff888102b4cd00 [ 14.020110] which belongs to the cache kmalloc-64 of size 64 [ 14.020989] The buggy address is located 0 bytes to the right of [ 14.020989] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.021687] [ 14.021795] The buggy address belongs to the physical page: [ 14.022208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.022683] flags: 0x200000000000000(node=0|zone=2) [ 14.023042] page_type: f5(slab) [ 14.023502] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.023873] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.024105] page dumped because: kasan: bad access detected [ 14.024766] [ 14.025087] Memory state around the buggy address: [ 14.025614] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.026420] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.026737] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.026949] ^ [ 14.027106] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.027745] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.028484] ================================================================== [ 14.730591] ================================================================== [ 14.731571] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.731961] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.732296] [ 14.732402] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.732468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.732481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.732503] Call Trace: [ 14.732519] <TASK> [ 14.732535] dump_stack_lvl+0x73/0xb0 [ 14.732563] print_report+0xd1/0x650 [ 14.732586] ? __virt_addr_valid+0x1db/0x2d0 [ 14.732609] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.732632] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.732673] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.732697] kasan_report+0x141/0x180 [ 14.732722] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.732751] __asan_report_store8_noabort+0x1b/0x30 [ 14.732773] kasan_atomics_helper+0x50d4/0x5450 [ 14.732799] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.732824] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.732865] ? kasan_atomics+0x152/0x310 [ 14.732889] kasan_atomics+0x1dc/0x310 [ 14.732910] ? __pfx_kasan_atomics+0x10/0x10 [ 14.732932] ? __pfx_read_tsc+0x10/0x10 [ 14.732952] ? ktime_get_ts64+0x86/0x230 [ 14.732978] kunit_try_run_case+0x1a5/0x480 [ 14.733004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.733026] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.733050] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.733076] ? __kthread_parkme+0x82/0x180 [ 14.733098] ? preempt_count_sub+0x50/0x80 [ 14.733134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.733159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.733183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.733207] kthread+0x337/0x6f0 [ 14.733228] ? trace_preempt_on+0x20/0xc0 [ 14.733252] ? __pfx_kthread+0x10/0x10 [ 14.733294] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.733318] ? calculate_sigpending+0x7b/0xa0 [ 14.733352] ? __pfx_kthread+0x10/0x10 [ 14.733375] ret_from_fork+0x41/0x80 [ 14.733397] ? __pfx_kthread+0x10/0x10 [ 14.733420] ret_from_fork_asm+0x1a/0x30 [ 14.733470] </TASK> [ 14.733481] [ 14.740923] Allocated by task 285: [ 14.741054] kasan_save_stack+0x45/0x70 [ 14.741393] kasan_save_track+0x18/0x40 [ 14.741591] kasan_save_alloc_info+0x3b/0x50 [ 14.741845] __kasan_kmalloc+0xb7/0xc0 [ 14.742035] __kmalloc_cache_noprof+0x189/0x420 [ 14.742480] kasan_atomics+0x95/0x310 [ 14.742660] kunit_try_run_case+0x1a5/0x480 [ 14.742867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.743062] kthread+0x337/0x6f0 [ 14.743360] ret_from_fork+0x41/0x80 [ 14.743552] ret_from_fork_asm+0x1a/0x30 [ 14.743742] [ 14.743836] The buggy address belongs to the object at ffff888102b4cd00 [ 14.743836] which belongs to the cache kmalloc-64 of size 64 [ 14.744365] The buggy address is located 0 bytes to the right of [ 14.744365] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.744871] [ 14.744964] The buggy address belongs to the physical page: [ 14.745184] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.745571] flags: 0x200000000000000(node=0|zone=2) [ 14.745791] page_type: f5(slab) [ 14.746011] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.746401] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.746733] page dumped because: kasan: bad access detected [ 14.746988] [ 14.747080] Memory state around the buggy address: [ 14.747299] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.747619] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.747930] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.748335] ^ [ 14.748489] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.748704] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.749008] ================================================================== [ 14.325006] ================================================================== [ 14.325531] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 14.325806] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.326029] [ 14.326137] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.326182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.326195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.326217] Call Trace: [ 14.326232] <TASK> [ 14.326249] dump_stack_lvl+0x73/0xb0 [ 14.326274] print_report+0xd1/0x650 [ 14.326297] ? __virt_addr_valid+0x1db/0x2d0 [ 14.326320] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.326353] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.326377] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.326400] kasan_report+0x141/0x180 [ 14.326424] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.326452] kasan_check_range+0x10c/0x1c0 [ 14.326478] __kasan_check_write+0x18/0x20 [ 14.326499] kasan_atomics_helper+0xb6a/0x5450 [ 14.326523] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.326546] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.326569] ? kasan_atomics+0x152/0x310 [ 14.326593] kasan_atomics+0x1dc/0x310 [ 14.326613] ? __pfx_kasan_atomics+0x10/0x10 [ 14.326635] ? __pfx_read_tsc+0x10/0x10 [ 14.326655] ? ktime_get_ts64+0x86/0x230 [ 14.326681] kunit_try_run_case+0x1a5/0x480 [ 14.326705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.326728] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.326753] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.326778] ? __kthread_parkme+0x82/0x180 [ 14.326800] ? preempt_count_sub+0x50/0x80 [ 14.326826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.326850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.326875] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.326898] kthread+0x337/0x6f0 [ 14.326919] ? trace_preempt_on+0x20/0xc0 [ 14.326943] ? __pfx_kthread+0x10/0x10 [ 14.326966] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.326989] ? calculate_sigpending+0x7b/0xa0 [ 14.327011] ? __pfx_kthread+0x10/0x10 [ 14.327034] ret_from_fork+0x41/0x80 [ 14.327056] ? __pfx_kthread+0x10/0x10 [ 14.327078] ret_from_fork_asm+0x1a/0x30 [ 14.327110] </TASK> [ 14.327138] [ 14.334992] Allocated by task 285: [ 14.335141] kasan_save_stack+0x45/0x70 [ 14.335357] kasan_save_track+0x18/0x40 [ 14.335550] kasan_save_alloc_info+0x3b/0x50 [ 14.335735] __kasan_kmalloc+0xb7/0xc0 [ 14.335911] __kmalloc_cache_noprof+0x189/0x420 [ 14.336133] kasan_atomics+0x95/0x310 [ 14.336275] kunit_try_run_case+0x1a5/0x480 [ 14.336468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.336729] kthread+0x337/0x6f0 [ 14.336893] ret_from_fork+0x41/0x80 [ 14.337058] ret_from_fork_asm+0x1a/0x30 [ 14.337198] [ 14.337269] The buggy address belongs to the object at ffff888102b4cd00 [ 14.337269] which belongs to the cache kmalloc-64 of size 64 [ 14.337815] The buggy address is located 0 bytes to the right of [ 14.337815] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.338422] [ 14.338492] The buggy address belongs to the physical page: [ 14.338801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.339172] flags: 0x200000000000000(node=0|zone=2) [ 14.339418] page_type: f5(slab) [ 14.339579] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.339880] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.340170] page dumped because: kasan: bad access detected [ 14.340395] [ 14.340488] Memory state around the buggy address: [ 14.340653] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.340902] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.341223] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.341528] ^ [ 14.341683] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.341900] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.342111] ================================================================== [ 14.236860] ================================================================== [ 14.237136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 14.237829] Write of size 4 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.238232] [ 14.238318] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.238376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.238389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.238704] Call Trace: [ 14.238723] <TASK> [ 14.238741] dump_stack_lvl+0x73/0xb0 [ 14.238768] print_report+0xd1/0x650 [ 14.238792] ? __virt_addr_valid+0x1db/0x2d0 [ 14.238815] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.238838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.238862] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.238885] kasan_report+0x141/0x180 [ 14.238909] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.238938] kasan_check_range+0x10c/0x1c0 [ 14.238963] __kasan_check_write+0x18/0x20 [ 14.238985] kasan_atomics_helper+0x8f9/0x5450 [ 14.239009] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.239033] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.239056] ? kasan_atomics+0x152/0x310 [ 14.239080] kasan_atomics+0x1dc/0x310 [ 14.239100] ? __pfx_kasan_atomics+0x10/0x10 [ 14.239132] ? __pfx_read_tsc+0x10/0x10 [ 14.239153] ? ktime_get_ts64+0x86/0x230 [ 14.239180] kunit_try_run_case+0x1a5/0x480 [ 14.239204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.239227] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.239251] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.239276] ? __kthread_parkme+0x82/0x180 [ 14.239299] ? preempt_count_sub+0x50/0x80 [ 14.239339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.239364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.239388] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.239413] kthread+0x337/0x6f0 [ 14.239434] ? trace_preempt_on+0x20/0xc0 [ 14.239460] ? __pfx_kthread+0x10/0x10 [ 14.239483] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.239506] ? calculate_sigpending+0x7b/0xa0 [ 14.239528] ? __pfx_kthread+0x10/0x10 [ 14.239552] ret_from_fork+0x41/0x80 [ 14.239575] ? __pfx_kthread+0x10/0x10 [ 14.239598] ret_from_fork_asm+0x1a/0x30 [ 14.239631] </TASK> [ 14.239643] [ 14.249815] Allocated by task 285: [ 14.250106] kasan_save_stack+0x45/0x70 [ 14.250339] kasan_save_track+0x18/0x40 [ 14.250487] kasan_save_alloc_info+0x3b/0x50 [ 14.250707] __kasan_kmalloc+0xb7/0xc0 [ 14.250894] __kmalloc_cache_noprof+0x189/0x420 [ 14.251104] kasan_atomics+0x95/0x310 [ 14.251611] kunit_try_run_case+0x1a5/0x480 [ 14.251795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.252198] kthread+0x337/0x6f0 [ 14.252546] ret_from_fork+0x41/0x80 [ 14.252721] ret_from_fork_asm+0x1a/0x30 [ 14.253025] [ 14.253104] The buggy address belongs to the object at ffff888102b4cd00 [ 14.253104] which belongs to the cache kmalloc-64 of size 64 [ 14.253828] The buggy address is located 0 bytes to the right of [ 14.253828] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.254496] [ 14.254600] The buggy address belongs to the physical page: [ 14.254959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.255392] flags: 0x200000000000000(node=0|zone=2) [ 14.255694] page_type: f5(slab) [ 14.255874] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.256371] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.256730] page dumped because: kasan: bad access detected [ 14.256972] [ 14.257055] Memory state around the buggy address: [ 14.257525] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.257901] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.258339] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.258717] ^ [ 14.259027] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.259416] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.259750] ================================================================== [ 15.068302] ================================================================== [ 15.068905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 15.069163] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 15.069782] [ 15.069951] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 15.069994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.070007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.070028] Call Trace: [ 15.070044] <TASK> [ 15.070061] dump_stack_lvl+0x73/0xb0 [ 15.070085] print_report+0xd1/0x650 [ 15.070109] ? __virt_addr_valid+0x1db/0x2d0 [ 15.070131] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.070154] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.070179] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.070202] kasan_report+0x141/0x180 [ 15.070226] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.070254] kasan_check_range+0x10c/0x1c0 [ 15.070279] __kasan_check_write+0x18/0x20 [ 15.070300] kasan_atomics_helper+0x1eaa/0x5450 [ 15.070349] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.070373] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.070397] ? kasan_atomics+0x152/0x310 [ 15.070421] kasan_atomics+0x1dc/0x310 [ 15.070441] ? __pfx_kasan_atomics+0x10/0x10 [ 15.070463] ? __pfx_read_tsc+0x10/0x10 [ 15.070484] ? ktime_get_ts64+0x86/0x230 [ 15.070511] kunit_try_run_case+0x1a5/0x480 [ 15.070536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.070558] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.070584] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.070611] ? __kthread_parkme+0x82/0x180 [ 15.070635] ? preempt_count_sub+0x50/0x80 [ 15.070662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.070688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.070713] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.070738] kthread+0x337/0x6f0 [ 15.070760] ? trace_preempt_on+0x20/0xc0 [ 15.070784] ? __pfx_kthread+0x10/0x10 [ 15.070807] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.070830] ? calculate_sigpending+0x7b/0xa0 [ 15.070853] ? __pfx_kthread+0x10/0x10 [ 15.070878] ret_from_fork+0x41/0x80 [ 15.070900] ? __pfx_kthread+0x10/0x10 [ 15.070923] ret_from_fork_asm+0x1a/0x30 [ 15.070956] </TASK> [ 15.070966] [ 15.080733] Allocated by task 285: [ 15.080885] kasan_save_stack+0x45/0x70 [ 15.081076] kasan_save_track+0x18/0x40 [ 15.081313] kasan_save_alloc_info+0x3b/0x50 [ 15.081488] __kasan_kmalloc+0xb7/0xc0 [ 15.081679] __kmalloc_cache_noprof+0x189/0x420 [ 15.081863] kasan_atomics+0x95/0x310 [ 15.082041] kunit_try_run_case+0x1a5/0x480 [ 15.082249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.082559] kthread+0x337/0x6f0 [ 15.082730] ret_from_fork+0x41/0x80 [ 15.082871] ret_from_fork_asm+0x1a/0x30 [ 15.083011] [ 15.083083] The buggy address belongs to the object at ffff888102b4cd00 [ 15.083083] which belongs to the cache kmalloc-64 of size 64 [ 15.083515] The buggy address is located 0 bytes to the right of [ 15.083515] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 15.084049] [ 15.084133] The buggy address belongs to the physical page: [ 15.084342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 15.084587] flags: 0x200000000000000(node=0|zone=2) [ 15.084803] page_type: f5(slab) [ 15.084970] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.085381] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.085739] page dumped because: kasan: bad access detected [ 15.085912] [ 15.085981] Memory state around the buggy address: [ 15.086133] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.086354] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.086905] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.087320] ^ [ 15.087556] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087875] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.088204] ================================================================== [ 14.667780] ================================================================== [ 14.668296] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.668842] Read of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.669089] [ 14.669230] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.669274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.669288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.669308] Call Trace: [ 14.669335] <TASK> [ 14.669350] dump_stack_lvl+0x73/0xb0 [ 14.669376] print_report+0xd1/0x650 [ 14.669401] ? __virt_addr_valid+0x1db/0x2d0 [ 14.669423] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.669457] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.669481] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.669504] kasan_report+0x141/0x180 [ 14.669529] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.669557] kasan_check_range+0x10c/0x1c0 [ 14.669583] __kasan_check_read+0x15/0x20 [ 14.669604] kasan_atomics_helper+0x13b5/0x5450 [ 14.669629] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.669652] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.669676] ? kasan_atomics+0x152/0x310 [ 14.669700] kasan_atomics+0x1dc/0x310 [ 14.669721] ? __pfx_kasan_atomics+0x10/0x10 [ 14.669743] ? __pfx_read_tsc+0x10/0x10 [ 14.669763] ? ktime_get_ts64+0x86/0x230 [ 14.669796] kunit_try_run_case+0x1a5/0x480 [ 14.669821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669845] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.669870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.669895] ? __kthread_parkme+0x82/0x180 [ 14.669917] ? preempt_count_sub+0x50/0x80 [ 14.669943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.669990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.670014] kthread+0x337/0x6f0 [ 14.670036] ? trace_preempt_on+0x20/0xc0 [ 14.670059] ? __pfx_kthread+0x10/0x10 [ 14.670082] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.670104] ? calculate_sigpending+0x7b/0xa0 [ 14.670127] ? __pfx_kthread+0x10/0x10 [ 14.670151] ret_from_fork+0x41/0x80 [ 14.670173] ? __pfx_kthread+0x10/0x10 [ 14.670195] ret_from_fork_asm+0x1a/0x30 [ 14.670229] </TASK> [ 14.670239] [ 14.681125] Allocated by task 285: [ 14.682256] kasan_save_stack+0x45/0x70 [ 14.682486] kasan_save_track+0x18/0x40 [ 14.683232] kasan_save_alloc_info+0x3b/0x50 [ 14.683408] __kasan_kmalloc+0xb7/0xc0 [ 14.683546] __kmalloc_cache_noprof+0x189/0x420 [ 14.683702] kasan_atomics+0x95/0x310 [ 14.683833] kunit_try_run_case+0x1a5/0x480 [ 14.683983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.684167] kthread+0x337/0x6f0 [ 14.684291] ret_from_fork+0x41/0x80 [ 14.685316] ret_from_fork_asm+0x1a/0x30 [ 14.685558] [ 14.685660] The buggy address belongs to the object at ffff888102b4cd00 [ 14.685660] which belongs to the cache kmalloc-64 of size 64 [ 14.686386] The buggy address is located 0 bytes to the right of [ 14.686386] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.686925] [ 14.687024] The buggy address belongs to the physical page: [ 14.687838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.688188] flags: 0x200000000000000(node=0|zone=2) [ 14.688403] page_type: f5(slab) [ 14.688678] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.688951] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.689313] page dumped because: kasan: bad access detected [ 14.689576] [ 14.689662] Memory state around the buggy address: [ 14.689856] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.690157] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.690410] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.690723] ^ [ 14.690874] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.691245] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.691548] ================================================================== [ 14.846742] ================================================================== [ 14.847105] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.847405] Write of size 8 at addr ffff888102b4cd30 by task kunit_try_catch/285 [ 14.847765] [ 14.847888] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 14.847930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.847943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.847965] Call Trace: [ 14.847981] <TASK> [ 14.847997] dump_stack_lvl+0x73/0xb0 [ 14.848022] print_report+0xd1/0x650 [ 14.848045] ? __virt_addr_valid+0x1db/0x2d0 [ 14.848068] ? kasan_atomics_helper+0x1818/0x5450 [ 14.848091] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.848115] ? kasan_atomics_helper+0x1818/0x5450 [ 14.848138] kasan_report+0x141/0x180 [ 14.848162] ? kasan_atomics_helper+0x1818/0x5450 [ 14.848191] kasan_check_range+0x10c/0x1c0 [ 14.848217] __kasan_check_write+0x18/0x20 [ 14.848239] kasan_atomics_helper+0x1818/0x5450 [ 14.848263] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.848305] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.848340] ? kasan_atomics+0x152/0x310 [ 14.848366] kasan_atomics+0x1dc/0x310 [ 14.848387] ? __pfx_kasan_atomics+0x10/0x10 [ 14.848409] ? __pfx_read_tsc+0x10/0x10 [ 14.848429] ? ktime_get_ts64+0x86/0x230 [ 14.848456] kunit_try_run_case+0x1a5/0x480 [ 14.848481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.848503] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.848545] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.848570] ? __kthread_parkme+0x82/0x180 [ 14.848605] ? preempt_count_sub+0x50/0x80 [ 14.848645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.848681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.848731] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.848768] kthread+0x337/0x6f0 [ 14.848803] ? trace_preempt_on+0x20/0xc0 [ 14.848853] ? __pfx_kthread+0x10/0x10 [ 14.848876] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.848899] ? calculate_sigpending+0x7b/0xa0 [ 14.848921] ? __pfx_kthread+0x10/0x10 [ 14.848945] ret_from_fork+0x41/0x80 [ 14.848966] ? __pfx_kthread+0x10/0x10 [ 14.848989] ret_from_fork_asm+0x1a/0x30 [ 14.849021] </TASK> [ 14.849033] [ 14.857076] Allocated by task 285: [ 14.857265] kasan_save_stack+0x45/0x70 [ 14.857537] kasan_save_track+0x18/0x40 [ 14.857796] kasan_save_alloc_info+0x3b/0x50 [ 14.858001] __kasan_kmalloc+0xb7/0xc0 [ 14.858186] __kmalloc_cache_noprof+0x189/0x420 [ 14.858412] kasan_atomics+0x95/0x310 [ 14.858595] kunit_try_run_case+0x1a5/0x480 [ 14.858869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.859041] kthread+0x337/0x6f0 [ 14.859163] ret_from_fork+0x41/0x80 [ 14.859291] ret_from_fork_asm+0x1a/0x30 [ 14.859719] [ 14.859817] The buggy address belongs to the object at ffff888102b4cd00 [ 14.859817] which belongs to the cache kmalloc-64 of size 64 [ 14.860568] The buggy address is located 0 bytes to the right of [ 14.860568] allocated 48-byte region [ffff888102b4cd00, ffff888102b4cd30) [ 14.860935] [ 14.861007] The buggy address belongs to the physical page: [ 14.861179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 14.861541] flags: 0x200000000000000(node=0|zone=2) [ 14.861950] page_type: f5(slab) [ 14.862117] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.862725] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.862978] page dumped because: kasan: bad access detected [ 14.863201] [ 14.863294] Memory state around the buggy address: [ 14.863551] ffff888102b4cc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.863893] ffff888102b4cc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.864285] >ffff888102b4cd00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.864554] ^ [ 14.864710] ffff888102b4cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.864929] ffff888102b4ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.865229] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 13.824559] ================================================================== [ 13.824881] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.825783] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.826153] [ 13.826248] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.826296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.826338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.826633] Call Trace: [ 13.826653] <TASK> [ 13.826672] dump_stack_lvl+0x73/0xb0 [ 13.826699] print_report+0xd1/0x650 [ 13.826722] ? __virt_addr_valid+0x1db/0x2d0 [ 13.826743] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.826767] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.826790] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.826814] kasan_report+0x141/0x180 [ 13.826836] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.826864] kasan_check_range+0x10c/0x1c0 [ 13.826887] __kasan_check_write+0x18/0x20 [ 13.826907] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.826931] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.826955] ? kasan_save_alloc_info+0x3b/0x50 [ 13.826975] ? kasan_save_stack+0x45/0x70 [ 13.827001] kasan_bitops_generic+0x121/0x1c0 [ 13.827020] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.827041] ? __pfx_read_tsc+0x10/0x10 [ 13.827059] ? ktime_get_ts64+0x86/0x230 [ 13.827085] kunit_try_run_case+0x1a5/0x480 [ 13.827108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.827144] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.827168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.827191] ? __kthread_parkme+0x82/0x180 [ 13.827212] ? preempt_count_sub+0x50/0x80 [ 13.827237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.827259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.827282] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.827304] kthread+0x337/0x6f0 [ 13.827337] ? trace_preempt_on+0x20/0xc0 [ 13.827359] ? __pfx_kthread+0x10/0x10 [ 13.827381] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.827403] ? calculate_sigpending+0x7b/0xa0 [ 13.827425] ? __pfx_kthread+0x10/0x10 [ 13.827446] ret_from_fork+0x41/0x80 [ 13.827466] ? __pfx_kthread+0x10/0x10 [ 13.827487] ret_from_fork_asm+0x1a/0x30 [ 13.827518] </TASK> [ 13.827528] [ 13.837427] Allocated by task 281: [ 13.837608] kasan_save_stack+0x45/0x70 [ 13.837793] kasan_save_track+0x18/0x40 [ 13.837968] kasan_save_alloc_info+0x3b/0x50 [ 13.838124] __kasan_kmalloc+0xb7/0xc0 [ 13.838843] __kmalloc_cache_noprof+0x189/0x420 [ 13.839059] kasan_bitops_generic+0x92/0x1c0 [ 13.839269] kunit_try_run_case+0x1a5/0x480 [ 13.839633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.839864] kthread+0x337/0x6f0 [ 13.840149] ret_from_fork+0x41/0x80 [ 13.840287] ret_from_fork_asm+0x1a/0x30 [ 13.840593] [ 13.840693] The buggy address belongs to the object at ffff8881023f8300 [ 13.840693] which belongs to the cache kmalloc-16 of size 16 [ 13.841376] The buggy address is located 8 bytes inside of [ 13.841376] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.841848] [ 13.841940] The buggy address belongs to the physical page: [ 13.842159] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.842712] flags: 0x200000000000000(node=0|zone=2) [ 13.842940] page_type: f5(slab) [ 13.843231] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.843650] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.844017] page dumped because: kasan: bad access detected [ 13.844364] [ 13.844514] Memory state around the buggy address: [ 13.844705] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.845139] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.845523] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.845814] ^ [ 13.846085] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.846456] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.846745] ================================================================== [ 13.870733] ================================================================== [ 13.871024] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.871977] Read of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.872513] [ 13.872837] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.872885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.872897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.872916] Call Trace: [ 13.872930] <TASK> [ 13.872942] dump_stack_lvl+0x73/0xb0 [ 13.872966] print_report+0xd1/0x650 [ 13.872988] ? __virt_addr_valid+0x1db/0x2d0 [ 13.873009] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.873032] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.873055] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.873078] kasan_report+0x141/0x180 [ 13.873101] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.873238] kasan_check_range+0x10c/0x1c0 [ 13.873266] __kasan_check_read+0x15/0x20 [ 13.873286] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.873311] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.873351] ? kasan_save_alloc_info+0x3b/0x50 [ 13.873371] ? kasan_save_stack+0x45/0x70 [ 13.873396] kasan_bitops_generic+0x121/0x1c0 [ 13.873416] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.873437] ? __pfx_read_tsc+0x10/0x10 [ 13.873456] ? ktime_get_ts64+0x86/0x230 [ 13.873480] kunit_try_run_case+0x1a5/0x480 [ 13.873504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.873525] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.873548] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.873571] ? __kthread_parkme+0x82/0x180 [ 13.873592] ? preempt_count_sub+0x50/0x80 [ 13.873616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.873639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.873661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.873683] kthread+0x337/0x6f0 [ 13.873703] ? trace_preempt_on+0x20/0xc0 [ 13.873726] ? __pfx_kthread+0x10/0x10 [ 13.873747] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.873772] ? calculate_sigpending+0x7b/0xa0 [ 13.873793] ? __pfx_kthread+0x10/0x10 [ 13.873815] ret_from_fork+0x41/0x80 [ 13.873834] ? __pfx_kthread+0x10/0x10 [ 13.873856] ret_from_fork_asm+0x1a/0x30 [ 13.873888] </TASK> [ 13.873897] [ 13.883906] Allocated by task 281: [ 13.884180] kasan_save_stack+0x45/0x70 [ 13.884379] kasan_save_track+0x18/0x40 [ 13.884561] kasan_save_alloc_info+0x3b/0x50 [ 13.884756] __kasan_kmalloc+0xb7/0xc0 [ 13.884931] __kmalloc_cache_noprof+0x189/0x420 [ 13.885128] kasan_bitops_generic+0x92/0x1c0 [ 13.885605] kunit_try_run_case+0x1a5/0x480 [ 13.885777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.886139] kthread+0x337/0x6f0 [ 13.886310] ret_from_fork+0x41/0x80 [ 13.886582] ret_from_fork_asm+0x1a/0x30 [ 13.886874] [ 13.886974] The buggy address belongs to the object at ffff8881023f8300 [ 13.886974] which belongs to the cache kmalloc-16 of size 16 [ 13.887564] The buggy address is located 8 bytes inside of [ 13.887564] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.888200] [ 13.888304] The buggy address belongs to the physical page: [ 13.888535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.888860] flags: 0x200000000000000(node=0|zone=2) [ 13.889072] page_type: f5(slab) [ 13.889479] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.889860] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.890268] page dumped because: kasan: bad access detected [ 13.890507] [ 13.890715] Memory state around the buggy address: [ 13.890897] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.891511] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.891861] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.892276] ^ [ 13.892451] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.892906] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.893656] ================================================================== [ 13.790647] ================================================================== [ 13.790911] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.791296] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.791933] [ 13.792028] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.792070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.792081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.792101] Call Trace: [ 13.792113] <TASK> [ 13.792125] dump_stack_lvl+0x73/0xb0 [ 13.792169] print_report+0xd1/0x650 [ 13.792191] ? __virt_addr_valid+0x1db/0x2d0 [ 13.793438] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.793831] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.793855] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.793881] kasan_report+0x141/0x180 [ 13.793904] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.793933] kasan_check_range+0x10c/0x1c0 [ 13.793957] __kasan_check_write+0x18/0x20 [ 13.793977] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.794001] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.794025] ? kasan_save_alloc_info+0x3b/0x50 [ 13.794044] ? kasan_save_stack+0x45/0x70 [ 13.794070] kasan_bitops_generic+0x121/0x1c0 [ 13.794090] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.794369] ? __pfx_read_tsc+0x10/0x10 [ 13.794400] ? ktime_get_ts64+0x86/0x230 [ 13.794439] kunit_try_run_case+0x1a5/0x480 [ 13.794465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.794488] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.794511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.794534] ? __kthread_parkme+0x82/0x180 [ 13.794557] ? preempt_count_sub+0x50/0x80 [ 13.794581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.794604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.794626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.794649] kthread+0x337/0x6f0 [ 13.794669] ? trace_preempt_on+0x20/0xc0 [ 13.794691] ? __pfx_kthread+0x10/0x10 [ 13.794712] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.794734] ? calculate_sigpending+0x7b/0xa0 [ 13.794754] ? __pfx_kthread+0x10/0x10 [ 13.794777] ret_from_fork+0x41/0x80 [ 13.794797] ? __pfx_kthread+0x10/0x10 [ 13.794818] ret_from_fork_asm+0x1a/0x30 [ 13.794848] </TASK> [ 13.794859] [ 13.811333] Allocated by task 281: [ 13.811876] kasan_save_stack+0x45/0x70 [ 13.812466] kasan_save_track+0x18/0x40 [ 13.812966] kasan_save_alloc_info+0x3b/0x50 [ 13.813277] __kasan_kmalloc+0xb7/0xc0 [ 13.813434] __kmalloc_cache_noprof+0x189/0x420 [ 13.813594] kasan_bitops_generic+0x92/0x1c0 [ 13.813737] kunit_try_run_case+0x1a5/0x480 [ 13.813890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.814066] kthread+0x337/0x6f0 [ 13.814196] ret_from_fork+0x41/0x80 [ 13.814335] ret_from_fork_asm+0x1a/0x30 [ 13.814473] [ 13.814543] The buggy address belongs to the object at ffff8881023f8300 [ 13.814543] which belongs to the cache kmalloc-16 of size 16 [ 13.814893] The buggy address is located 8 bytes inside of [ 13.814893] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.815241] [ 13.815313] The buggy address belongs to the physical page: [ 13.816549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.817643] flags: 0x200000000000000(node=0|zone=2) [ 13.818388] page_type: f5(slab) [ 13.818960] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.819770] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.820143] page dumped because: kasan: bad access detected [ 13.820453] [ 13.820531] Memory state around the buggy address: [ 13.820869] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.821278] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.821550] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.821950] ^ [ 13.822183] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.822589] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.822994] ================================================================== [ 13.895099] ================================================================== [ 13.895556] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.895831] Read of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.896050] [ 13.896131] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.896173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.896187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.896206] Call Trace: [ 13.896220] <TASK> [ 13.896235] dump_stack_lvl+0x73/0xb0 [ 13.896258] print_report+0xd1/0x650 [ 13.896280] ? __virt_addr_valid+0x1db/0x2d0 [ 13.896300] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.896338] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.896360] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.896383] kasan_report+0x141/0x180 [ 13.896404] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.896431] __asan_report_load8_noabort+0x18/0x20 [ 13.896452] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.896476] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.896499] ? kasan_save_alloc_info+0x3b/0x50 [ 13.896518] ? kasan_save_stack+0x45/0x70 [ 13.896541] kasan_bitops_generic+0x121/0x1c0 [ 13.896561] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.896580] ? __pfx_read_tsc+0x10/0x10 [ 13.896599] ? ktime_get_ts64+0x86/0x230 [ 13.896622] kunit_try_run_case+0x1a5/0x480 [ 13.897172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.897202] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.897227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.897250] ? __kthread_parkme+0x82/0x180 [ 13.897272] ? preempt_count_sub+0x50/0x80 [ 13.897297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.897332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.897356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.897380] kthread+0x337/0x6f0 [ 13.897401] ? trace_preempt_on+0x20/0xc0 [ 13.897423] ? __pfx_kthread+0x10/0x10 [ 13.897446] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.897468] ? calculate_sigpending+0x7b/0xa0 [ 13.897489] ? __pfx_kthread+0x10/0x10 [ 13.897512] ret_from_fork+0x41/0x80 [ 13.897533] ? __pfx_kthread+0x10/0x10 [ 13.897555] ret_from_fork_asm+0x1a/0x30 [ 13.897586] </TASK> [ 13.897597] [ 13.907511] Allocated by task 281: [ 13.907640] kasan_save_stack+0x45/0x70 [ 13.907784] kasan_save_track+0x18/0x40 [ 13.907918] kasan_save_alloc_info+0x3b/0x50 [ 13.908062] __kasan_kmalloc+0xb7/0xc0 [ 13.908381] __kmalloc_cache_noprof+0x189/0x420 [ 13.908768] kasan_bitops_generic+0x92/0x1c0 [ 13.909159] kunit_try_run_case+0x1a5/0x480 [ 13.909541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.910000] kthread+0x337/0x6f0 [ 13.910332] ret_from_fork+0x41/0x80 [ 13.910671] ret_from_fork_asm+0x1a/0x30 [ 13.911032] [ 13.911211] The buggy address belongs to the object at ffff8881023f8300 [ 13.911211] which belongs to the cache kmalloc-16 of size 16 [ 13.912260] The buggy address is located 8 bytes inside of [ 13.912260] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.913074] [ 13.913218] The buggy address belongs to the physical page: [ 13.913465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.913703] flags: 0x200000000000000(node=0|zone=2) [ 13.913868] page_type: f5(slab) [ 13.913987] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.914440] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.915067] page dumped because: kasan: bad access detected [ 13.915571] [ 13.915724] Memory state around the buggy address: [ 13.916162] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.916768] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.917383] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.917985] ^ [ 13.918343] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.918801] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.919013] ================================================================== [ 13.847996] ================================================================== [ 13.848336] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.848919] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.849286] [ 13.849688] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.849831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.849845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.849866] Call Trace: [ 13.849880] <TASK> [ 13.849895] dump_stack_lvl+0x73/0xb0 [ 13.849920] print_report+0xd1/0x650 [ 13.849943] ? __virt_addr_valid+0x1db/0x2d0 [ 13.849964] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.849987] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.850009] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.850034] kasan_report+0x141/0x180 [ 13.850056] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.850084] kasan_check_range+0x10c/0x1c0 [ 13.850109] __kasan_check_write+0x18/0x20 [ 13.850207] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.850232] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.850258] ? kasan_save_alloc_info+0x3b/0x50 [ 13.850278] ? kasan_save_stack+0x45/0x70 [ 13.850303] kasan_bitops_generic+0x121/0x1c0 [ 13.850338] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.850360] ? __pfx_read_tsc+0x10/0x10 [ 13.850379] ? ktime_get_ts64+0x86/0x230 [ 13.850404] kunit_try_run_case+0x1a5/0x480 [ 13.850428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.850449] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.850473] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.850497] ? __kthread_parkme+0x82/0x180 [ 13.850518] ? preempt_count_sub+0x50/0x80 [ 13.850543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.850566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.850590] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.850614] kthread+0x337/0x6f0 [ 13.850636] ? trace_preempt_on+0x20/0xc0 [ 13.850658] ? __pfx_kthread+0x10/0x10 [ 13.850680] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.850702] ? calculate_sigpending+0x7b/0xa0 [ 13.850723] ? __pfx_kthread+0x10/0x10 [ 13.850746] ret_from_fork+0x41/0x80 [ 13.850767] ? __pfx_kthread+0x10/0x10 [ 13.850788] ret_from_fork_asm+0x1a/0x30 [ 13.850819] </TASK> [ 13.850829] [ 13.860893] Allocated by task 281: [ 13.861071] kasan_save_stack+0x45/0x70 [ 13.861607] kasan_save_track+0x18/0x40 [ 13.861858] kasan_save_alloc_info+0x3b/0x50 [ 13.862100] __kasan_kmalloc+0xb7/0xc0 [ 13.862370] __kmalloc_cache_noprof+0x189/0x420 [ 13.862699] kasan_bitops_generic+0x92/0x1c0 [ 13.862900] kunit_try_run_case+0x1a5/0x480 [ 13.863214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.863467] kthread+0x337/0x6f0 [ 13.863623] ret_from_fork+0x41/0x80 [ 13.863783] ret_from_fork_asm+0x1a/0x30 [ 13.863961] [ 13.864038] The buggy address belongs to the object at ffff8881023f8300 [ 13.864038] which belongs to the cache kmalloc-16 of size 16 [ 13.864822] The buggy address is located 8 bytes inside of [ 13.864822] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.865451] [ 13.865691] The buggy address belongs to the physical page: [ 13.865934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.866408] flags: 0x200000000000000(node=0|zone=2) [ 13.866714] page_type: f5(slab) [ 13.866844] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.867306] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.867671] page dumped because: kasan: bad access detected [ 13.867849] [ 13.867942] Memory state around the buggy address: [ 13.868164] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.868644] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.869015] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.869367] ^ [ 13.869648] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.869907] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.870198] ================================================================== [ 13.772974] ================================================================== [ 13.773485] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.773926] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.774331] [ 13.774431] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.774473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.774495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.774516] Call Trace: [ 13.774528] <TASK> [ 13.774541] dump_stack_lvl+0x73/0xb0 [ 13.774563] print_report+0xd1/0x650 [ 13.774586] ? __virt_addr_valid+0x1db/0x2d0 [ 13.774607] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.774630] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.774652] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.774676] kasan_report+0x141/0x180 [ 13.774700] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.774731] kasan_check_range+0x10c/0x1c0 [ 13.774756] __kasan_check_write+0x18/0x20 [ 13.774777] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.774800] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.774824] ? kasan_save_alloc_info+0x3b/0x50 [ 13.774844] ? kasan_save_stack+0x45/0x70 [ 13.774869] kasan_bitops_generic+0x121/0x1c0 [ 13.774889] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.774910] ? __pfx_read_tsc+0x10/0x10 [ 13.774929] ? ktime_get_ts64+0x86/0x230 [ 13.774953] kunit_try_run_case+0x1a5/0x480 [ 13.774976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.774998] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.775021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.775045] ? __kthread_parkme+0x82/0x180 [ 13.775066] ? preempt_count_sub+0x50/0x80 [ 13.775089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.775112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.775145] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.775168] kthread+0x337/0x6f0 [ 13.775189] ? trace_preempt_on+0x20/0xc0 [ 13.775212] ? __pfx_kthread+0x10/0x10 [ 13.775234] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.775255] ? calculate_sigpending+0x7b/0xa0 [ 13.775276] ? __pfx_kthread+0x10/0x10 [ 13.775298] ret_from_fork+0x41/0x80 [ 13.775318] ? __pfx_kthread+0x10/0x10 [ 13.775351] ret_from_fork_asm+0x1a/0x30 [ 13.775383] </TASK> [ 13.775394] [ 13.782579] Allocated by task 281: [ 13.782919] kasan_save_stack+0x45/0x70 [ 13.783114] kasan_save_track+0x18/0x40 [ 13.783313] kasan_save_alloc_info+0x3b/0x50 [ 13.783525] __kasan_kmalloc+0xb7/0xc0 [ 13.783711] __kmalloc_cache_noprof+0x189/0x420 [ 13.783927] kasan_bitops_generic+0x92/0x1c0 [ 13.784139] kunit_try_run_case+0x1a5/0x480 [ 13.784354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.784601] kthread+0x337/0x6f0 [ 13.784769] ret_from_fork+0x41/0x80 [ 13.784958] ret_from_fork_asm+0x1a/0x30 [ 13.785130] [ 13.785226] The buggy address belongs to the object at ffff8881023f8300 [ 13.785226] which belongs to the cache kmalloc-16 of size 16 [ 13.785587] The buggy address is located 8 bytes inside of [ 13.785587] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.785937] [ 13.786009] The buggy address belongs to the physical page: [ 13.786211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.786570] flags: 0x200000000000000(node=0|zone=2) [ 13.786805] page_type: f5(slab) [ 13.786995] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.787546] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.787881] page dumped because: kasan: bad access detected [ 13.788087] [ 13.788155] Memory state around the buggy address: [ 13.788308] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.788530] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.788742] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.789299] ^ [ 13.789484] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.789800] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.790120] ================================================================== [ 13.755611] ================================================================== [ 13.755956] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.756421] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.756659] [ 13.756741] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.756781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.756794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.756813] Call Trace: [ 13.756826] <TASK> [ 13.756839] dump_stack_lvl+0x73/0xb0 [ 13.756863] print_report+0xd1/0x650 [ 13.756884] ? __virt_addr_valid+0x1db/0x2d0 [ 13.756907] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.756931] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.756953] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.756977] kasan_report+0x141/0x180 [ 13.757000] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.757028] kasan_check_range+0x10c/0x1c0 [ 13.757052] __kasan_check_write+0x18/0x20 [ 13.757072] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.757095] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.757120] ? kasan_save_alloc_info+0x3b/0x50 [ 13.757139] ? kasan_save_stack+0x45/0x70 [ 13.757165] kasan_bitops_generic+0x121/0x1c0 [ 13.757184] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.757205] ? __pfx_read_tsc+0x10/0x10 [ 13.757224] ? ktime_get_ts64+0x86/0x230 [ 13.757249] kunit_try_run_case+0x1a5/0x480 [ 13.757272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.757293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.757316] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.757352] ? __kthread_parkme+0x82/0x180 [ 13.757372] ? preempt_count_sub+0x50/0x80 [ 13.757397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.757419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.757441] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.757464] kthread+0x337/0x6f0 [ 13.757491] ? trace_preempt_on+0x20/0xc0 [ 13.757514] ? __pfx_kthread+0x10/0x10 [ 13.757536] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.757558] ? calculate_sigpending+0x7b/0xa0 [ 13.757579] ? __pfx_kthread+0x10/0x10 [ 13.757603] ret_from_fork+0x41/0x80 [ 13.757624] ? __pfx_kthread+0x10/0x10 [ 13.757645] ret_from_fork_asm+0x1a/0x30 [ 13.757677] </TASK> [ 13.757687] [ 13.765461] Allocated by task 281: [ 13.765620] kasan_save_stack+0x45/0x70 [ 13.765772] kasan_save_track+0x18/0x40 [ 13.765958] kasan_save_alloc_info+0x3b/0x50 [ 13.766155] __kasan_kmalloc+0xb7/0xc0 [ 13.766285] __kmalloc_cache_noprof+0x189/0x420 [ 13.766531] kasan_bitops_generic+0x92/0x1c0 [ 13.766741] kunit_try_run_case+0x1a5/0x480 [ 13.766953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.767175] kthread+0x337/0x6f0 [ 13.767296] ret_from_fork+0x41/0x80 [ 13.767433] ret_from_fork_asm+0x1a/0x30 [ 13.767571] [ 13.767639] The buggy address belongs to the object at ffff8881023f8300 [ 13.767639] which belongs to the cache kmalloc-16 of size 16 [ 13.767983] The buggy address is located 8 bytes inside of [ 13.767983] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.768352] [ 13.768449] The buggy address belongs to the physical page: [ 13.768695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.769037] flags: 0x200000000000000(node=0|zone=2) [ 13.769398] page_type: f5(slab) [ 13.769563] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.769899] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.770310] page dumped because: kasan: bad access detected [ 13.770567] [ 13.770633] Memory state around the buggy address: [ 13.770785] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.770994] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.771202] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.771632] ^ [ 13.771805] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.772119] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.772454] ================================================================== [ 13.710248] ================================================================== [ 13.710539] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.710869] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.711618] [ 13.711825] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.711872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.711885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.711912] Call Trace: [ 13.711924] <TASK> [ 13.711937] dump_stack_lvl+0x73/0xb0 [ 13.711962] print_report+0xd1/0x650 [ 13.711984] ? __virt_addr_valid+0x1db/0x2d0 [ 13.712005] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.712028] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.712050] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.712074] kasan_report+0x141/0x180 [ 13.712098] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.712217] kasan_check_range+0x10c/0x1c0 [ 13.712250] __kasan_check_write+0x18/0x20 [ 13.712271] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.712295] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.712318] ? kasan_save_alloc_info+0x3b/0x50 [ 13.712385] ? kasan_save_stack+0x45/0x70 [ 13.712410] kasan_bitops_generic+0x121/0x1c0 [ 13.712430] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.712451] ? __pfx_read_tsc+0x10/0x10 [ 13.712470] ? ktime_get_ts64+0x86/0x230 [ 13.712495] kunit_try_run_case+0x1a5/0x480 [ 13.712518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.712540] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.712563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.712587] ? __kthread_parkme+0x82/0x180 [ 13.712608] ? preempt_count_sub+0x50/0x80 [ 13.712633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.712656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.712678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.712701] kthread+0x337/0x6f0 [ 13.712721] ? trace_preempt_on+0x20/0xc0 [ 13.712744] ? __pfx_kthread+0x10/0x10 [ 13.712765] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.712787] ? calculate_sigpending+0x7b/0xa0 [ 13.712808] ? __pfx_kthread+0x10/0x10 [ 13.712830] ret_from_fork+0x41/0x80 [ 13.712849] ? __pfx_kthread+0x10/0x10 [ 13.712871] ret_from_fork_asm+0x1a/0x30 [ 13.712902] </TASK> [ 13.712911] [ 13.723977] Allocated by task 281: [ 13.724503] kasan_save_stack+0x45/0x70 [ 13.724769] kasan_save_track+0x18/0x40 [ 13.725097] kasan_save_alloc_info+0x3b/0x50 [ 13.725490] __kasan_kmalloc+0xb7/0xc0 [ 13.725900] __kmalloc_cache_noprof+0x189/0x420 [ 13.726385] kasan_bitops_generic+0x92/0x1c0 [ 13.726604] kunit_try_run_case+0x1a5/0x480 [ 13.726802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.727037] kthread+0x337/0x6f0 [ 13.727416] ret_from_fork+0x41/0x80 [ 13.727706] ret_from_fork_asm+0x1a/0x30 [ 13.728076] [ 13.728345] The buggy address belongs to the object at ffff8881023f8300 [ 13.728345] which belongs to the cache kmalloc-16 of size 16 [ 13.728838] The buggy address is located 8 bytes inside of [ 13.728838] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.729817] [ 13.729904] The buggy address belongs to the physical page: [ 13.730358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.730857] flags: 0x200000000000000(node=0|zone=2) [ 13.731275] page_type: f5(slab) [ 13.731567] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.732214] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.732543] page dumped because: kasan: bad access detected [ 13.732767] [ 13.732853] Memory state around the buggy address: [ 13.733053] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.733693] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.734308] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.734807] ^ [ 13.735101] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.735609] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.736029] ================================================================== [ 13.737426] ================================================================== [ 13.737743] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.738455] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.738774] [ 13.738875] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.738919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.738931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.738951] Call Trace: [ 13.738966] <TASK> [ 13.738982] dump_stack_lvl+0x73/0xb0 [ 13.739007] print_report+0xd1/0x650 [ 13.739029] ? __virt_addr_valid+0x1db/0x2d0 [ 13.739050] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.739073] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.739096] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.739120] kasan_report+0x141/0x180 [ 13.739146] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.739175] kasan_check_range+0x10c/0x1c0 [ 13.739199] __kasan_check_write+0x18/0x20 [ 13.739219] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.739242] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.739267] ? kasan_save_alloc_info+0x3b/0x50 [ 13.739286] ? kasan_save_stack+0x45/0x70 [ 13.739311] kasan_bitops_generic+0x121/0x1c0 [ 13.739341] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.739362] ? __pfx_read_tsc+0x10/0x10 [ 13.739394] ? ktime_get_ts64+0x86/0x230 [ 13.739419] kunit_try_run_case+0x1a5/0x480 [ 13.739443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.739465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.739488] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.739512] ? __kthread_parkme+0x82/0x180 [ 13.739534] ? preempt_count_sub+0x50/0x80 [ 13.739559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.739581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.739604] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.739626] kthread+0x337/0x6f0 [ 13.739647] ? trace_preempt_on+0x20/0xc0 [ 13.739669] ? __pfx_kthread+0x10/0x10 [ 13.739691] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.739713] ? calculate_sigpending+0x7b/0xa0 [ 13.739734] ? __pfx_kthread+0x10/0x10 [ 13.739756] ret_from_fork+0x41/0x80 [ 13.739775] ? __pfx_kthread+0x10/0x10 [ 13.739797] ret_from_fork_asm+0x1a/0x30 [ 13.739828] </TASK> [ 13.739838] [ 13.747929] Allocated by task 281: [ 13.748122] kasan_save_stack+0x45/0x70 [ 13.748348] kasan_save_track+0x18/0x40 [ 13.748541] kasan_save_alloc_info+0x3b/0x50 [ 13.748744] __kasan_kmalloc+0xb7/0xc0 [ 13.748913] __kmalloc_cache_noprof+0x189/0x420 [ 13.749063] kasan_bitops_generic+0x92/0x1c0 [ 13.749206] kunit_try_run_case+0x1a5/0x480 [ 13.749359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.749671] kthread+0x337/0x6f0 [ 13.749844] ret_from_fork+0x41/0x80 [ 13.750025] ret_from_fork_asm+0x1a/0x30 [ 13.750218] [ 13.750396] The buggy address belongs to the object at ffff8881023f8300 [ 13.750396] which belongs to the cache kmalloc-16 of size 16 [ 13.750900] The buggy address is located 8 bytes inside of [ 13.750900] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.751375] [ 13.751468] The buggy address belongs to the physical page: [ 13.751705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.751987] flags: 0x200000000000000(node=0|zone=2) [ 13.752192] page_type: f5(slab) [ 13.752370] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.752714] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.752998] page dumped because: kasan: bad access detected [ 13.753246] [ 13.753333] Memory state around the buggy address: [ 13.753497] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.753806] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.754083] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.754397] ^ [ 13.754535] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.754853] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.755085] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 13.556537] ================================================================== [ 13.557001] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.557823] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.558491] [ 13.558734] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.558916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.558932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.558952] Call Trace: [ 13.558966] <TASK> [ 13.558983] dump_stack_lvl+0x73/0xb0 [ 13.559010] print_report+0xd1/0x650 [ 13.559032] ? __virt_addr_valid+0x1db/0x2d0 [ 13.559053] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.559078] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.559100] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.559138] kasan_report+0x141/0x180 [ 13.559160] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.559191] kasan_check_range+0x10c/0x1c0 [ 13.559214] __kasan_check_write+0x18/0x20 [ 13.559234] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.559260] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.559286] ? kasan_save_alloc_info+0x3b/0x50 [ 13.559306] ? kasan_save_stack+0x45/0x70 [ 13.559341] kasan_bitops_generic+0x116/0x1c0 [ 13.559363] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.559384] ? __pfx_read_tsc+0x10/0x10 [ 13.559404] ? ktime_get_ts64+0x86/0x230 [ 13.559428] kunit_try_run_case+0x1a5/0x480 [ 13.559453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.559475] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.559499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.559523] ? __kthread_parkme+0x82/0x180 [ 13.559546] ? preempt_count_sub+0x50/0x80 [ 13.559570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.559594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.559615] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.559638] kthread+0x337/0x6f0 [ 13.559658] ? trace_preempt_on+0x20/0xc0 [ 13.559679] ? __pfx_kthread+0x10/0x10 [ 13.559701] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.559723] ? calculate_sigpending+0x7b/0xa0 [ 13.559744] ? __pfx_kthread+0x10/0x10 [ 13.559765] ret_from_fork+0x41/0x80 [ 13.559785] ? __pfx_kthread+0x10/0x10 [ 13.559806] ret_from_fork_asm+0x1a/0x30 [ 13.559837] </TASK> [ 13.559847] [ 13.571337] Allocated by task 281: [ 13.571644] kasan_save_stack+0x45/0x70 [ 13.571836] kasan_save_track+0x18/0x40 [ 13.572007] kasan_save_alloc_info+0x3b/0x50 [ 13.572539] __kasan_kmalloc+0xb7/0xc0 [ 13.572802] __kmalloc_cache_noprof+0x189/0x420 [ 13.573241] kasan_bitops_generic+0x92/0x1c0 [ 13.573469] kunit_try_run_case+0x1a5/0x480 [ 13.573652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.573875] kthread+0x337/0x6f0 [ 13.574025] ret_from_fork+0x41/0x80 [ 13.574541] ret_from_fork_asm+0x1a/0x30 [ 13.574787] [ 13.575015] The buggy address belongs to the object at ffff8881023f8300 [ 13.575015] which belongs to the cache kmalloc-16 of size 16 [ 13.575792] The buggy address is located 8 bytes inside of [ 13.575792] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.576562] [ 13.576675] The buggy address belongs to the physical page: [ 13.577059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.577517] flags: 0x200000000000000(node=0|zone=2) [ 13.577738] page_type: f5(slab) [ 13.577896] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.578438] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.579011] page dumped because: kasan: bad access detected [ 13.579424] [ 13.579521] Memory state around the buggy address: [ 13.579728] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.580021] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.580665] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.580985] ^ [ 13.581356] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.581791] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.582305] ================================================================== [ 13.511658] ================================================================== [ 13.512251] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.512699] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.513291] [ 13.513401] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.513560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.513575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.513603] Call Trace: [ 13.513616] <TASK> [ 13.513630] dump_stack_lvl+0x73/0xb0 [ 13.513657] print_report+0xd1/0x650 [ 13.513680] ? __virt_addr_valid+0x1db/0x2d0 [ 13.513702] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.513727] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.513749] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.513779] kasan_report+0x141/0x180 [ 13.513802] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.513833] kasan_check_range+0x10c/0x1c0 [ 13.513856] __kasan_check_write+0x18/0x20 [ 13.513875] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.513900] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.513926] ? kasan_save_alloc_info+0x3b/0x50 [ 13.513946] ? kasan_save_stack+0x45/0x70 [ 13.513971] kasan_bitops_generic+0x116/0x1c0 [ 13.513991] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.514011] ? __pfx_read_tsc+0x10/0x10 [ 13.514031] ? ktime_get_ts64+0x86/0x230 [ 13.514055] kunit_try_run_case+0x1a5/0x480 [ 13.514079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.514100] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.514146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.514170] ? __kthread_parkme+0x82/0x180 [ 13.514191] ? preempt_count_sub+0x50/0x80 [ 13.514228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.514250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.514273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.514305] kthread+0x337/0x6f0 [ 13.514333] ? trace_preempt_on+0x20/0xc0 [ 13.514356] ? __pfx_kthread+0x10/0x10 [ 13.514377] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.514398] ? calculate_sigpending+0x7b/0xa0 [ 13.514421] ? __pfx_kthread+0x10/0x10 [ 13.514442] ret_from_fork+0x41/0x80 [ 13.514463] ? __pfx_kthread+0x10/0x10 [ 13.514484] ret_from_fork_asm+0x1a/0x30 [ 13.514515] </TASK> [ 13.514525] [ 13.522634] Allocated by task 281: [ 13.522807] kasan_save_stack+0x45/0x70 [ 13.523002] kasan_save_track+0x18/0x40 [ 13.524157] kasan_save_alloc_info+0x3b/0x50 [ 13.524377] __kasan_kmalloc+0xb7/0xc0 [ 13.524593] __kmalloc_cache_noprof+0x189/0x420 [ 13.524795] kasan_bitops_generic+0x92/0x1c0 [ 13.525002] kunit_try_run_case+0x1a5/0x480 [ 13.525215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.525487] kthread+0x337/0x6f0 [ 13.525682] ret_from_fork+0x41/0x80 [ 13.525871] ret_from_fork_asm+0x1a/0x30 [ 13.526087] [ 13.526187] The buggy address belongs to the object at ffff8881023f8300 [ 13.526187] which belongs to the cache kmalloc-16 of size 16 [ 13.526739] The buggy address is located 8 bytes inside of [ 13.526739] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.527285] [ 13.527435] The buggy address belongs to the physical page: [ 13.527648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.528021] flags: 0x200000000000000(node=0|zone=2) [ 13.528288] page_type: f5(slab) [ 13.528510] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.528921] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.529267] page dumped because: kasan: bad access detected [ 13.529591] [ 13.529662] Memory state around the buggy address: [ 13.529892] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.530193] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.530669] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.530957] ^ [ 13.531095] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.531530] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.531806] ================================================================== [ 13.630679] ================================================================== [ 13.630992] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.631511] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.631836] [ 13.631952] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.631995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.632007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.632026] Call Trace: [ 13.632037] <TASK> [ 13.632050] dump_stack_lvl+0x73/0xb0 [ 13.632073] print_report+0xd1/0x650 [ 13.632095] ? __virt_addr_valid+0x1db/0x2d0 [ 13.632116] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.632151] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.632174] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.632200] kasan_report+0x141/0x180 [ 13.632223] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.632265] kasan_check_range+0x10c/0x1c0 [ 13.632289] __kasan_check_write+0x18/0x20 [ 13.632308] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.632355] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.632381] ? kasan_save_alloc_info+0x3b/0x50 [ 13.632401] ? kasan_save_stack+0x45/0x70 [ 13.632434] kasan_bitops_generic+0x116/0x1c0 [ 13.632455] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.632475] ? __pfx_read_tsc+0x10/0x10 [ 13.632495] ? ktime_get_ts64+0x86/0x230 [ 13.632528] kunit_try_run_case+0x1a5/0x480 [ 13.632551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.632572] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.632595] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.632618] ? __kthread_parkme+0x82/0x180 [ 13.632638] ? preempt_count_sub+0x50/0x80 [ 13.632662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.632685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.632716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.632738] kthread+0x337/0x6f0 [ 13.632759] ? trace_preempt_on+0x20/0xc0 [ 13.632791] ? __pfx_kthread+0x10/0x10 [ 13.632813] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.632834] ? calculate_sigpending+0x7b/0xa0 [ 13.632863] ? __pfx_kthread+0x10/0x10 [ 13.632884] ret_from_fork+0x41/0x80 [ 13.632904] ? __pfx_kthread+0x10/0x10 [ 13.632936] ret_from_fork_asm+0x1a/0x30 [ 13.632966] </TASK> [ 13.632976] [ 13.645657] Allocated by task 281: [ 13.645859] kasan_save_stack+0x45/0x70 [ 13.646053] kasan_save_track+0x18/0x40 [ 13.646666] kasan_save_alloc_info+0x3b/0x50 [ 13.647048] __kasan_kmalloc+0xb7/0xc0 [ 13.647282] __kmalloc_cache_noprof+0x189/0x420 [ 13.647625] kasan_bitops_generic+0x92/0x1c0 [ 13.647813] kunit_try_run_case+0x1a5/0x480 [ 13.648165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.648452] kthread+0x337/0x6f0 [ 13.648749] ret_from_fork+0x41/0x80 [ 13.648956] ret_from_fork_asm+0x1a/0x30 [ 13.649375] [ 13.649477] The buggy address belongs to the object at ffff8881023f8300 [ 13.649477] which belongs to the cache kmalloc-16 of size 16 [ 13.650171] The buggy address is located 8 bytes inside of [ 13.650171] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.650778] [ 13.651004] The buggy address belongs to the physical page: [ 13.651264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.651901] flags: 0x200000000000000(node=0|zone=2) [ 13.652130] page_type: f5(slab) [ 13.652279] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.652699] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.653117] page dumped because: kasan: bad access detected [ 13.653543] [ 13.653658] Memory state around the buggy address: [ 13.653993] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.654476] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.654785] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.655079] ^ [ 13.655486] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.655840] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.656213] ================================================================== [ 13.682871] ================================================================== [ 13.683716] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.684207] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.684729] [ 13.684830] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.684873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.684885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.684906] Call Trace: [ 13.684921] <TASK> [ 13.684936] dump_stack_lvl+0x73/0xb0 [ 13.684960] print_report+0xd1/0x650 [ 13.684982] ? __virt_addr_valid+0x1db/0x2d0 [ 13.685002] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.685027] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.685049] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.685075] kasan_report+0x141/0x180 [ 13.685097] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.685262] kasan_check_range+0x10c/0x1c0 [ 13.685296] __kasan_check_write+0x18/0x20 [ 13.685318] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.685357] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.685383] ? kasan_save_alloc_info+0x3b/0x50 [ 13.685437] ? kasan_save_stack+0x45/0x70 [ 13.685463] kasan_bitops_generic+0x116/0x1c0 [ 13.685483] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.685505] ? __pfx_read_tsc+0x10/0x10 [ 13.685523] ? ktime_get_ts64+0x86/0x230 [ 13.685549] kunit_try_run_case+0x1a5/0x480 [ 13.685574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.685596] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.685620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.685644] ? __kthread_parkme+0x82/0x180 [ 13.685665] ? preempt_count_sub+0x50/0x80 [ 13.685689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.685711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.685733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.685756] kthread+0x337/0x6f0 [ 13.685782] ? trace_preempt_on+0x20/0xc0 [ 13.685804] ? __pfx_kthread+0x10/0x10 [ 13.685826] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.685848] ? calculate_sigpending+0x7b/0xa0 [ 13.685868] ? __pfx_kthread+0x10/0x10 [ 13.685891] ret_from_fork+0x41/0x80 [ 13.685912] ? __pfx_kthread+0x10/0x10 [ 13.685933] ret_from_fork_asm+0x1a/0x30 [ 13.685964] </TASK> [ 13.685975] [ 13.697351] Allocated by task 281: [ 13.697626] kasan_save_stack+0x45/0x70 [ 13.698027] kasan_save_track+0x18/0x40 [ 13.698316] kasan_save_alloc_info+0x3b/0x50 [ 13.698686] __kasan_kmalloc+0xb7/0xc0 [ 13.698877] __kmalloc_cache_noprof+0x189/0x420 [ 13.699078] kasan_bitops_generic+0x92/0x1c0 [ 13.699704] kunit_try_run_case+0x1a5/0x480 [ 13.699961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.700414] kthread+0x337/0x6f0 [ 13.700703] ret_from_fork+0x41/0x80 [ 13.700996] ret_from_fork_asm+0x1a/0x30 [ 13.701344] [ 13.701438] The buggy address belongs to the object at ffff8881023f8300 [ 13.701438] which belongs to the cache kmalloc-16 of size 16 [ 13.701925] The buggy address is located 8 bytes inside of [ 13.701925] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.702715] [ 13.702934] The buggy address belongs to the physical page: [ 13.703426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.703880] flags: 0x200000000000000(node=0|zone=2) [ 13.704240] page_type: f5(slab) [ 13.704412] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.704726] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.705030] page dumped because: kasan: bad access detected [ 13.705632] [ 13.705865] Memory state around the buggy address: [ 13.706369] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.706807] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.707321] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.707826] ^ [ 13.708001] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.708678] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.709155] ================================================================== [ 13.657348] ================================================================== [ 13.657653] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.658261] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.658565] [ 13.658689] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.658749] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.658761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.658781] Call Trace: [ 13.658794] <TASK> [ 13.658811] dump_stack_lvl+0x73/0xb0 [ 13.658835] print_report+0xd1/0x650 [ 13.658857] ? __virt_addr_valid+0x1db/0x2d0 [ 13.658878] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.658903] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.658944] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.658970] kasan_report+0x141/0x180 [ 13.658993] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.659023] kasan_check_range+0x10c/0x1c0 [ 13.659048] __kasan_check_write+0x18/0x20 [ 13.659068] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.659094] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.659121] ? kasan_save_alloc_info+0x3b/0x50 [ 13.659152] ? kasan_save_stack+0x45/0x70 [ 13.659177] kasan_bitops_generic+0x116/0x1c0 [ 13.659215] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.659236] ? __pfx_read_tsc+0x10/0x10 [ 13.659255] ? ktime_get_ts64+0x86/0x230 [ 13.659279] kunit_try_run_case+0x1a5/0x480 [ 13.659303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.659335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.659357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.659381] ? __kthread_parkme+0x82/0x180 [ 13.659402] ? preempt_count_sub+0x50/0x80 [ 13.659426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.659450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.659472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.659494] kthread+0x337/0x6f0 [ 13.659514] ? trace_preempt_on+0x20/0xc0 [ 13.659537] ? __pfx_kthread+0x10/0x10 [ 13.659558] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.659579] ? calculate_sigpending+0x7b/0xa0 [ 13.659600] ? __pfx_kthread+0x10/0x10 [ 13.659622] ret_from_fork+0x41/0x80 [ 13.659641] ? __pfx_kthread+0x10/0x10 [ 13.659663] ret_from_fork_asm+0x1a/0x30 [ 13.659693] </TASK> [ 13.659705] [ 13.669964] Allocated by task 281: [ 13.670416] kasan_save_stack+0x45/0x70 [ 13.670706] kasan_save_track+0x18/0x40 [ 13.670945] kasan_save_alloc_info+0x3b/0x50 [ 13.671288] __kasan_kmalloc+0xb7/0xc0 [ 13.671489] __kmalloc_cache_noprof+0x189/0x420 [ 13.671700] kasan_bitops_generic+0x92/0x1c0 [ 13.671895] kunit_try_run_case+0x1a5/0x480 [ 13.672090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.672644] kthread+0x337/0x6f0 [ 13.672942] ret_from_fork+0x41/0x80 [ 13.673397] ret_from_fork_asm+0x1a/0x30 [ 13.673647] [ 13.673904] The buggy address belongs to the object at ffff8881023f8300 [ 13.673904] which belongs to the cache kmalloc-16 of size 16 [ 13.674872] The buggy address is located 8 bytes inside of [ 13.674872] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.675790] [ 13.675895] The buggy address belongs to the physical page: [ 13.676502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.676839] flags: 0x200000000000000(node=0|zone=2) [ 13.677049] page_type: f5(slab) [ 13.677529] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.677962] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.678492] page dumped because: kasan: bad access detected [ 13.678910] [ 13.679156] Memory state around the buggy address: [ 13.679404] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.679696] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.679978] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.680577] ^ [ 13.680882] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.681413] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.682029] ================================================================== [ 13.532399] ================================================================== [ 13.532754] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.533095] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.533752] [ 13.533934] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.533996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.534007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.534087] Call Trace: [ 13.534102] <TASK> [ 13.534115] dump_stack_lvl+0x73/0xb0 [ 13.534179] print_report+0xd1/0x650 [ 13.534201] ? __virt_addr_valid+0x1db/0x2d0 [ 13.534222] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.534247] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.534271] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.534297] kasan_report+0x141/0x180 [ 13.534321] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.534361] kasan_check_range+0x10c/0x1c0 [ 13.534385] __kasan_check_write+0x18/0x20 [ 13.534406] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.534431] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.534458] ? kasan_save_alloc_info+0x3b/0x50 [ 13.534478] ? kasan_save_stack+0x45/0x70 [ 13.534503] kasan_bitops_generic+0x116/0x1c0 [ 13.534552] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.534574] ? __pfx_read_tsc+0x10/0x10 [ 13.534592] ? ktime_get_ts64+0x86/0x230 [ 13.534626] kunit_try_run_case+0x1a5/0x480 [ 13.534649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.534696] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.534719] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.534744] ? __kthread_parkme+0x82/0x180 [ 13.534774] ? preempt_count_sub+0x50/0x80 [ 13.534799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.534821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.534843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.534865] kthread+0x337/0x6f0 [ 13.534886] ? trace_preempt_on+0x20/0xc0 [ 13.534909] ? __pfx_kthread+0x10/0x10 [ 13.534930] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.534951] ? calculate_sigpending+0x7b/0xa0 [ 13.534972] ? __pfx_kthread+0x10/0x10 [ 13.534993] ret_from_fork+0x41/0x80 [ 13.535014] ? __pfx_kthread+0x10/0x10 [ 13.535034] ret_from_fork_asm+0x1a/0x30 [ 13.535065] </TASK> [ 13.535075] [ 13.544500] Allocated by task 281: [ 13.544721] kasan_save_stack+0x45/0x70 [ 13.544974] kasan_save_track+0x18/0x40 [ 13.545186] kasan_save_alloc_info+0x3b/0x50 [ 13.545404] __kasan_kmalloc+0xb7/0xc0 [ 13.545613] __kmalloc_cache_noprof+0x189/0x420 [ 13.545853] kasan_bitops_generic+0x92/0x1c0 [ 13.546074] kunit_try_run_case+0x1a5/0x480 [ 13.547086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.547312] kthread+0x337/0x6f0 [ 13.547554] ret_from_fork+0x41/0x80 [ 13.547705] ret_from_fork_asm+0x1a/0x30 [ 13.547910] [ 13.547999] The buggy address belongs to the object at ffff8881023f8300 [ 13.547999] which belongs to the cache kmalloc-16 of size 16 [ 13.548976] The buggy address is located 8 bytes inside of [ 13.548976] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.549562] [ 13.549662] The buggy address belongs to the physical page: [ 13.549913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.550620] flags: 0x200000000000000(node=0|zone=2) [ 13.550832] page_type: f5(slab) [ 13.551174] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.551476] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.551922] page dumped because: kasan: bad access detected [ 13.552369] [ 13.552462] Memory state around the buggy address: [ 13.552826] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.553289] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.553740] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.554203] ^ [ 13.554498] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.554962] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.555465] ================================================================== [ 13.583804] ================================================================== [ 13.584123] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.584685] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.585500] [ 13.585725] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.585791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.585803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.585825] Call Trace: [ 13.585837] <TASK> [ 13.585857] dump_stack_lvl+0x73/0xb0 [ 13.585884] print_report+0xd1/0x650 [ 13.585907] ? __virt_addr_valid+0x1db/0x2d0 [ 13.585928] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.585954] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.585977] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.586002] kasan_report+0x141/0x180 [ 13.586025] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.586056] kasan_check_range+0x10c/0x1c0 [ 13.586080] __kasan_check_write+0x18/0x20 [ 13.586099] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.586157] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.586186] ? kasan_save_alloc_info+0x3b/0x50 [ 13.586205] ? kasan_save_stack+0x45/0x70 [ 13.586230] kasan_bitops_generic+0x116/0x1c0 [ 13.586250] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.586272] ? __pfx_read_tsc+0x10/0x10 [ 13.586291] ? ktime_get_ts64+0x86/0x230 [ 13.586316] kunit_try_run_case+0x1a5/0x480 [ 13.586349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.586370] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.586394] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.586417] ? __kthread_parkme+0x82/0x180 [ 13.586439] ? preempt_count_sub+0x50/0x80 [ 13.586464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.586487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.586509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.586531] kthread+0x337/0x6f0 [ 13.586551] ? trace_preempt_on+0x20/0xc0 [ 13.586574] ? __pfx_kthread+0x10/0x10 [ 13.586596] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.586617] ? calculate_sigpending+0x7b/0xa0 [ 13.586638] ? __pfx_kthread+0x10/0x10 [ 13.586659] ret_from_fork+0x41/0x80 [ 13.586679] ? __pfx_kthread+0x10/0x10 [ 13.586700] ret_from_fork_asm+0x1a/0x30 [ 13.586732] </TASK> [ 13.586742] [ 13.597621] Allocated by task 281: [ 13.598063] kasan_save_stack+0x45/0x70 [ 13.598332] kasan_save_track+0x18/0x40 [ 13.598508] kasan_save_alloc_info+0x3b/0x50 [ 13.598696] __kasan_kmalloc+0xb7/0xc0 [ 13.598868] __kmalloc_cache_noprof+0x189/0x420 [ 13.599077] kasan_bitops_generic+0x92/0x1c0 [ 13.599560] kunit_try_run_case+0x1a5/0x480 [ 13.599763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.599998] kthread+0x337/0x6f0 [ 13.600417] ret_from_fork+0x41/0x80 [ 13.600684] ret_from_fork_asm+0x1a/0x30 [ 13.601142] [ 13.601397] The buggy address belongs to the object at ffff8881023f8300 [ 13.601397] which belongs to the cache kmalloc-16 of size 16 [ 13.601969] The buggy address is located 8 bytes inside of [ 13.601969] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.602785] [ 13.603014] The buggy address belongs to the physical page: [ 13.603384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.603715] flags: 0x200000000000000(node=0|zone=2) [ 13.603930] page_type: f5(slab) [ 13.604085] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.604966] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.605660] page dumped because: kasan: bad access detected [ 13.606091] [ 13.606534] Memory state around the buggy address: [ 13.606833] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.607474] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.607924] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.608529] ^ [ 13.608847] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.609543] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.609998] ================================================================== [ 13.611228] ================================================================== [ 13.611489] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.612136] Write of size 8 at addr ffff8881023f8308 by task kunit_try_catch/281 [ 13.612681] [ 13.612792] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.612838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.612851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.612872] Call Trace: [ 13.612887] <TASK> [ 13.612901] dump_stack_lvl+0x73/0xb0 [ 13.612925] print_report+0xd1/0x650 [ 13.612948] ? __virt_addr_valid+0x1db/0x2d0 [ 13.612969] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.612994] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.613017] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.613043] kasan_report+0x141/0x180 [ 13.613065] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.613096] kasan_check_range+0x10c/0x1c0 [ 13.613120] __kasan_check_write+0x18/0x20 [ 13.613145] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.613171] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.613197] ? kasan_save_alloc_info+0x3b/0x50 [ 13.613218] ? kasan_save_stack+0x45/0x70 [ 13.613243] kasan_bitops_generic+0x116/0x1c0 [ 13.613272] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.613294] ? __pfx_read_tsc+0x10/0x10 [ 13.613313] ? ktime_get_ts64+0x86/0x230 [ 13.613353] kunit_try_run_case+0x1a5/0x480 [ 13.613376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.613397] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.613421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.613457] ? __kthread_parkme+0x82/0x180 [ 13.613487] ? preempt_count_sub+0x50/0x80 [ 13.613511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.613534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.613575] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.613599] kthread+0x337/0x6f0 [ 13.613618] ? trace_preempt_on+0x20/0xc0 [ 13.613642] ? __pfx_kthread+0x10/0x10 [ 13.613663] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.613685] ? calculate_sigpending+0x7b/0xa0 [ 13.613706] ? __pfx_kthread+0x10/0x10 [ 13.613728] ret_from_fork+0x41/0x80 [ 13.613748] ? __pfx_kthread+0x10/0x10 [ 13.613774] ret_from_fork_asm+0x1a/0x30 [ 13.613805] </TASK> [ 13.613815] [ 13.621808] Allocated by task 281: [ 13.622007] kasan_save_stack+0x45/0x70 [ 13.622204] kasan_save_track+0x18/0x40 [ 13.622458] kasan_save_alloc_info+0x3b/0x50 [ 13.622843] __kasan_kmalloc+0xb7/0xc0 [ 13.623026] __kmalloc_cache_noprof+0x189/0x420 [ 13.623178] kasan_bitops_generic+0x92/0x1c0 [ 13.623332] kunit_try_run_case+0x1a5/0x480 [ 13.623494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.623774] kthread+0x337/0x6f0 [ 13.623969] ret_from_fork+0x41/0x80 [ 13.624332] ret_from_fork_asm+0x1a/0x30 [ 13.624530] [ 13.624612] The buggy address belongs to the object at ffff8881023f8300 [ 13.624612] which belongs to the cache kmalloc-16 of size 16 [ 13.624960] The buggy address is located 8 bytes inside of [ 13.624960] allocated 9-byte region [ffff8881023f8300, ffff8881023f8309) [ 13.625441] [ 13.625533] The buggy address belongs to the physical page: [ 13.625814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 13.626057] flags: 0x200000000000000(node=0|zone=2) [ 13.626217] page_type: f5(slab) [ 13.626355] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.626697] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.627066] page dumped because: kasan: bad access detected [ 13.627526] [ 13.627610] Memory state around the buggy address: [ 13.627774] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.628079] ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.628552] >ffff8881023f8300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.628859] ^ [ 13.629026] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.629360] ffff8881023f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.629657] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 13.482953] ================================================================== [ 13.483249] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 13.483459] Read of size 1 at addr ffff888102757490 by task kunit_try_catch/279 [ 13.483973] [ 13.484099] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.484145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.484157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.484178] Call Trace: [ 13.484192] <TASK> [ 13.484208] dump_stack_lvl+0x73/0xb0 [ 13.484233] print_report+0xd1/0x650 [ 13.484270] ? __virt_addr_valid+0x1db/0x2d0 [ 13.484292] ? strnlen+0x73/0x80 [ 13.484310] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.484345] ? strnlen+0x73/0x80 [ 13.484365] kasan_report+0x141/0x180 [ 13.484387] ? strnlen+0x73/0x80 [ 13.484457] __asan_report_load1_noabort+0x18/0x20 [ 13.484482] strnlen+0x73/0x80 [ 13.484501] kasan_strings+0x615/0xe80 [ 13.484522] ? trace_hardirqs_on+0x37/0xe0 [ 13.484544] ? __pfx_kasan_strings+0x10/0x10 [ 13.484564] ? finish_task_switch.isra.0+0x153/0x700 [ 13.484586] ? __switch_to+0x5d9/0xf60 [ 13.484606] ? dequeue_task_fair+0x156/0x4e0 [ 13.484631] ? __schedule+0x10cc/0x2b30 [ 13.484654] ? __pfx_read_tsc+0x10/0x10 [ 13.484673] ? ktime_get_ts64+0x86/0x230 [ 13.484697] kunit_try_run_case+0x1a5/0x480 [ 13.484720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.484741] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.484764] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.484788] ? __kthread_parkme+0x82/0x180 [ 13.484809] ? preempt_count_sub+0x50/0x80 [ 13.484833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.484855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.484878] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.484900] kthread+0x337/0x6f0 [ 13.484920] ? trace_preempt_on+0x20/0xc0 [ 13.484942] ? __pfx_kthread+0x10/0x10 [ 13.484963] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.484985] ? calculate_sigpending+0x7b/0xa0 [ 13.485005] ? __pfx_kthread+0x10/0x10 [ 13.485027] ret_from_fork+0x41/0x80 [ 13.485047] ? __pfx_kthread+0x10/0x10 [ 13.485069] ret_from_fork_asm+0x1a/0x30 [ 13.485100] </TASK> [ 13.485111] [ 13.493526] Allocated by task 279: [ 13.493785] kasan_save_stack+0x45/0x70 [ 13.493968] kasan_save_track+0x18/0x40 [ 13.494101] kasan_save_alloc_info+0x3b/0x50 [ 13.494243] __kasan_kmalloc+0xb7/0xc0 [ 13.494634] __kmalloc_cache_noprof+0x189/0x420 [ 13.494861] kasan_strings+0xc0/0xe80 [ 13.495049] kunit_try_run_case+0x1a5/0x480 [ 13.495293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.495553] kthread+0x337/0x6f0 [ 13.495678] ret_from_fork+0x41/0x80 [ 13.495808] ret_from_fork_asm+0x1a/0x30 [ 13.495944] [ 13.496013] Freed by task 279: [ 13.496162] kasan_save_stack+0x45/0x70 [ 13.496361] kasan_save_track+0x18/0x40 [ 13.496604] kasan_save_free_info+0x3f/0x60 [ 13.496814] __kasan_slab_free+0x56/0x70 [ 13.496979] kfree+0x222/0x3f0 [ 13.497090] kasan_strings+0x2aa/0xe80 [ 13.497384] kunit_try_run_case+0x1a5/0x480 [ 13.497750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.498010] kthread+0x337/0x6f0 [ 13.498150] ret_from_fork+0x41/0x80 [ 13.498357] ret_from_fork_asm+0x1a/0x30 [ 13.498493] [ 13.498562] The buggy address belongs to the object at ffff888102757480 [ 13.498562] which belongs to the cache kmalloc-32 of size 32 [ 13.499309] The buggy address is located 16 bytes inside of [ 13.499309] freed 32-byte region [ffff888102757480, ffff8881027574a0) [ 13.500565] [ 13.500921] The buggy address belongs to the physical page: [ 13.501540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102757 [ 13.501855] flags: 0x200000000000000(node=0|zone=2) [ 13.502102] page_type: f5(slab) [ 13.502461] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.502918] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.503318] page dumped because: kasan: bad access detected [ 13.503929] [ 13.504028] Memory state around the buggy address: [ 13.504538] ffff888102757380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.504952] ffff888102757400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.505361] >ffff888102757480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.505904] ^ [ 13.506079] ffff888102757500: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.506726] ffff888102757580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.507006] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 13.460034] ================================================================== [ 13.460304] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 13.460794] Read of size 1 at addr ffff888102757490 by task kunit_try_catch/279 [ 13.461088] [ 13.461189] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.461232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.461244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.461264] Call Trace: [ 13.461275] <TASK> [ 13.461288] dump_stack_lvl+0x73/0xb0 [ 13.461310] print_report+0xd1/0x650 [ 13.461344] ? __virt_addr_valid+0x1db/0x2d0 [ 13.461364] ? strlen+0x8f/0xb0 [ 13.461382] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.461405] ? strlen+0x8f/0xb0 [ 13.461423] kasan_report+0x141/0x180 [ 13.461446] ? strlen+0x8f/0xb0 [ 13.461469] __asan_report_load1_noabort+0x18/0x20 [ 13.461490] strlen+0x8f/0xb0 [ 13.461509] kasan_strings+0x57b/0xe80 [ 13.461528] ? trace_hardirqs_on+0x37/0xe0 [ 13.461550] ? __pfx_kasan_strings+0x10/0x10 [ 13.461581] ? finish_task_switch.isra.0+0x153/0x700 [ 13.461602] ? __switch_to+0x5d9/0xf60 [ 13.461621] ? dequeue_task_fair+0x156/0x4e0 [ 13.461646] ? __schedule+0x10cc/0x2b30 [ 13.461668] ? __pfx_read_tsc+0x10/0x10 [ 13.461686] ? ktime_get_ts64+0x86/0x230 [ 13.461711] kunit_try_run_case+0x1a5/0x480 [ 13.461733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.461754] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.461782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.461806] ? __kthread_parkme+0x82/0x180 [ 13.461826] ? preempt_count_sub+0x50/0x80 [ 13.461850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.461873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.461894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.461917] kthread+0x337/0x6f0 [ 13.461937] ? trace_preempt_on+0x20/0xc0 [ 13.461959] ? __pfx_kthread+0x10/0x10 [ 13.461980] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.462002] ? calculate_sigpending+0x7b/0xa0 [ 13.462023] ? __pfx_kthread+0x10/0x10 [ 13.462045] ret_from_fork+0x41/0x80 [ 13.462066] ? __pfx_kthread+0x10/0x10 [ 13.462087] ret_from_fork_asm+0x1a/0x30 [ 13.462118] </TASK> [ 13.462127] [ 13.471594] Allocated by task 279: [ 13.471772] kasan_save_stack+0x45/0x70 [ 13.471917] kasan_save_track+0x18/0x40 [ 13.472089] kasan_save_alloc_info+0x3b/0x50 [ 13.472301] __kasan_kmalloc+0xb7/0xc0 [ 13.472557] __kmalloc_cache_noprof+0x189/0x420 [ 13.472712] kasan_strings+0xc0/0xe80 [ 13.472839] kunit_try_run_case+0x1a5/0x480 [ 13.473111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.473403] kthread+0x337/0x6f0 [ 13.473583] ret_from_fork+0x41/0x80 [ 13.473816] ret_from_fork_asm+0x1a/0x30 [ 13.474067] [ 13.474193] Freed by task 279: [ 13.474363] kasan_save_stack+0x45/0x70 [ 13.474575] kasan_save_track+0x18/0x40 [ 13.474714] kasan_save_free_info+0x3f/0x60 [ 13.474915] __kasan_slab_free+0x56/0x70 [ 13.475107] kfree+0x222/0x3f0 [ 13.475275] kasan_strings+0x2aa/0xe80 [ 13.475547] kunit_try_run_case+0x1a5/0x480 [ 13.475737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.475911] kthread+0x337/0x6f0 [ 13.476031] ret_from_fork+0x41/0x80 [ 13.476186] ret_from_fork_asm+0x1a/0x30 [ 13.476391] [ 13.476490] The buggy address belongs to the object at ffff888102757480 [ 13.476490] which belongs to the cache kmalloc-32 of size 32 [ 13.477354] The buggy address is located 16 bytes inside of [ 13.477354] freed 32-byte region [ffff888102757480, ffff8881027574a0) [ 13.477880] [ 13.477980] The buggy address belongs to the physical page: [ 13.478230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102757 [ 13.478487] flags: 0x200000000000000(node=0|zone=2) [ 13.478841] page_type: f5(slab) [ 13.479095] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.479494] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.479793] page dumped because: kasan: bad access detected [ 13.479973] [ 13.480042] Memory state around the buggy address: [ 13.480195] ffff888102757380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.480484] ffff888102757400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.480877] >ffff888102757480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.481192] ^ [ 13.481446] ffff888102757500: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.481658] ffff888102757580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.482158] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 13.438627] ================================================================== [ 13.438953] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 13.439404] Read of size 1 at addr ffff888102757490 by task kunit_try_catch/279 [ 13.439679] [ 13.439787] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.439833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.439846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.439866] Call Trace: [ 13.439881] <TASK> [ 13.439895] dump_stack_lvl+0x73/0xb0 [ 13.439918] print_report+0xd1/0x650 [ 13.439940] ? __virt_addr_valid+0x1db/0x2d0 [ 13.439961] ? kasan_strings+0xcbc/0xe80 [ 13.439982] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.440005] ? kasan_strings+0xcbc/0xe80 [ 13.440027] kasan_report+0x141/0x180 [ 13.440049] ? kasan_strings+0xcbc/0xe80 [ 13.440075] __asan_report_load1_noabort+0x18/0x20 [ 13.440096] kasan_strings+0xcbc/0xe80 [ 13.440115] ? trace_hardirqs_on+0x37/0xe0 [ 13.440289] ? __pfx_kasan_strings+0x10/0x10 [ 13.440317] ? finish_task_switch.isra.0+0x153/0x700 [ 13.440353] ? __switch_to+0x5d9/0xf60 [ 13.440373] ? dequeue_task_fair+0x156/0x4e0 [ 13.440397] ? __schedule+0x10cc/0x2b30 [ 13.440421] ? __pfx_read_tsc+0x10/0x10 [ 13.440439] ? ktime_get_ts64+0x86/0x230 [ 13.440464] kunit_try_run_case+0x1a5/0x480 [ 13.440488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.440509] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.440532] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.440555] ? __kthread_parkme+0x82/0x180 [ 13.440576] ? preempt_count_sub+0x50/0x80 [ 13.440600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.440623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.440645] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.440719] kthread+0x337/0x6f0 [ 13.440743] ? trace_preempt_on+0x20/0xc0 [ 13.440764] ? __pfx_kthread+0x10/0x10 [ 13.440786] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.440809] ? calculate_sigpending+0x7b/0xa0 [ 13.440831] ? __pfx_kthread+0x10/0x10 [ 13.440854] ret_from_fork+0x41/0x80 [ 13.440874] ? __pfx_kthread+0x10/0x10 [ 13.440896] ret_from_fork_asm+0x1a/0x30 [ 13.440927] </TASK> [ 13.440937] [ 13.449044] Allocated by task 279: [ 13.449209] kasan_save_stack+0x45/0x70 [ 13.449427] kasan_save_track+0x18/0x40 [ 13.449575] kasan_save_alloc_info+0x3b/0x50 [ 13.449719] __kasan_kmalloc+0xb7/0xc0 [ 13.449853] __kmalloc_cache_noprof+0x189/0x420 [ 13.450005] kasan_strings+0xc0/0xe80 [ 13.450191] kunit_try_run_case+0x1a5/0x480 [ 13.450545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.450944] kthread+0x337/0x6f0 [ 13.451115] ret_from_fork+0x41/0x80 [ 13.451286] ret_from_fork_asm+0x1a/0x30 [ 13.451433] [ 13.451502] Freed by task 279: [ 13.451610] kasan_save_stack+0x45/0x70 [ 13.451745] kasan_save_track+0x18/0x40 [ 13.452153] kasan_save_free_info+0x3f/0x60 [ 13.452381] __kasan_slab_free+0x56/0x70 [ 13.452647] kfree+0x222/0x3f0 [ 13.452819] kasan_strings+0x2aa/0xe80 [ 13.453009] kunit_try_run_case+0x1a5/0x480 [ 13.453213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.453465] kthread+0x337/0x6f0 [ 13.453651] ret_from_fork+0x41/0x80 [ 13.453787] ret_from_fork_asm+0x1a/0x30 [ 13.453928] [ 13.454022] The buggy address belongs to the object at ffff888102757480 [ 13.454022] which belongs to the cache kmalloc-32 of size 32 [ 13.454817] The buggy address is located 16 bytes inside of [ 13.454817] freed 32-byte region [ffff888102757480, ffff8881027574a0) [ 13.455183] [ 13.455253] The buggy address belongs to the physical page: [ 13.455437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102757 [ 13.455765] flags: 0x200000000000000(node=0|zone=2) [ 13.455997] page_type: f5(slab) [ 13.456276] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.456807] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.457038] page dumped because: kasan: bad access detected [ 13.457471] [ 13.457571] Memory state around the buggy address: [ 13.457799] ffff888102757380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.458120] ffff888102757400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.458493] >ffff888102757480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.458764] ^ [ 13.458938] ffff888102757500: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.459295] ffff888102757580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.459618] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 13.414230] ================================================================== [ 13.415298] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 13.415707] Read of size 1 at addr ffff888102757490 by task kunit_try_catch/279 [ 13.416014] [ 13.416126] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.416198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.416211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.416232] Call Trace: [ 13.416244] <TASK> [ 13.416259] dump_stack_lvl+0x73/0xb0 [ 13.416285] print_report+0xd1/0x650 [ 13.416309] ? __virt_addr_valid+0x1db/0x2d0 [ 13.416360] ? strcmp+0xb0/0xc0 [ 13.416379] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.416449] ? strcmp+0xb0/0xc0 [ 13.416467] kasan_report+0x141/0x180 [ 13.416490] ? strcmp+0xb0/0xc0 [ 13.416513] __asan_report_load1_noabort+0x18/0x20 [ 13.416533] strcmp+0xb0/0xc0 [ 13.416552] kasan_strings+0x431/0xe80 [ 13.416572] ? trace_hardirqs_on+0x37/0xe0 [ 13.416595] ? __pfx_kasan_strings+0x10/0x10 [ 13.416615] ? finish_task_switch.isra.0+0x153/0x700 [ 13.416661] ? __switch_to+0x5d9/0xf60 [ 13.416681] ? dequeue_task_fair+0x156/0x4e0 [ 13.416705] ? __schedule+0x10cc/0x2b30 [ 13.416742] ? __pfx_read_tsc+0x10/0x10 [ 13.416761] ? ktime_get_ts64+0x86/0x230 [ 13.416786] kunit_try_run_case+0x1a5/0x480 [ 13.416809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.416830] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.416853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.416876] ? __kthread_parkme+0x82/0x180 [ 13.416897] ? preempt_count_sub+0x50/0x80 [ 13.416920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.416943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.416965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.416987] kthread+0x337/0x6f0 [ 13.417007] ? trace_preempt_on+0x20/0xc0 [ 13.417029] ? __pfx_kthread+0x10/0x10 [ 13.417051] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.417072] ? calculate_sigpending+0x7b/0xa0 [ 13.417093] ? __pfx_kthread+0x10/0x10 [ 13.417115] ret_from_fork+0x41/0x80 [ 13.417145] ? __pfx_kthread+0x10/0x10 [ 13.417167] ret_from_fork_asm+0x1a/0x30 [ 13.417198] </TASK> [ 13.417208] [ 13.426236] Allocated by task 279: [ 13.426382] kasan_save_stack+0x45/0x70 [ 13.426524] kasan_save_track+0x18/0x40 [ 13.426655] kasan_save_alloc_info+0x3b/0x50 [ 13.427037] __kasan_kmalloc+0xb7/0xc0 [ 13.427189] __kmalloc_cache_noprof+0x189/0x420 [ 13.427429] kasan_strings+0xc0/0xe80 [ 13.427700] kunit_try_run_case+0x1a5/0x480 [ 13.427938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.428317] kthread+0x337/0x6f0 [ 13.428670] ret_from_fork+0x41/0x80 [ 13.428843] ret_from_fork_asm+0x1a/0x30 [ 13.429052] [ 13.429160] Freed by task 279: [ 13.429313] kasan_save_stack+0x45/0x70 [ 13.429626] kasan_save_track+0x18/0x40 [ 13.429772] kasan_save_free_info+0x3f/0x60 [ 13.429914] __kasan_slab_free+0x56/0x70 [ 13.430051] kfree+0x222/0x3f0 [ 13.430351] kasan_strings+0x2aa/0xe80 [ 13.430733] kunit_try_run_case+0x1a5/0x480 [ 13.430967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.431441] kthread+0x337/0x6f0 [ 13.431678] ret_from_fork+0x41/0x80 [ 13.431871] ret_from_fork_asm+0x1a/0x30 [ 13.432080] [ 13.432213] The buggy address belongs to the object at ffff888102757480 [ 13.432213] which belongs to the cache kmalloc-32 of size 32 [ 13.432744] The buggy address is located 16 bytes inside of [ 13.432744] freed 32-byte region [ffff888102757480, ffff8881027574a0) [ 13.433130] [ 13.433225] The buggy address belongs to the physical page: [ 13.433702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102757 [ 13.434108] flags: 0x200000000000000(node=0|zone=2) [ 13.434372] page_type: f5(slab) [ 13.434601] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.435053] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.435521] page dumped because: kasan: bad access detected [ 13.435770] [ 13.435858] Memory state around the buggy address: [ 13.436014] ffff888102757380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.436576] ffff888102757400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.436847] >ffff888102757480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.437168] ^ [ 13.437387] ffff888102757500: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.437720] ffff888102757580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.438038] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 13.380663] ================================================================== [ 13.381964] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 13.382196] Read of size 1 at addr ffff888102b4e2d8 by task kunit_try_catch/277 [ 13.382430] [ 13.382521] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.382570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.382583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.382605] Call Trace: [ 13.382618] <TASK> [ 13.382636] dump_stack_lvl+0x73/0xb0 [ 13.382660] print_report+0xd1/0x650 [ 13.382687] ? __virt_addr_valid+0x1db/0x2d0 [ 13.382712] ? memcmp+0x1b4/0x1d0 [ 13.382731] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.382755] ? memcmp+0x1b4/0x1d0 [ 13.382775] kasan_report+0x141/0x180 [ 13.382799] ? memcmp+0x1b4/0x1d0 [ 13.382823] __asan_report_load1_noabort+0x18/0x20 [ 13.382845] memcmp+0x1b4/0x1d0 [ 13.382868] kasan_memcmp+0x18f/0x390 [ 13.382889] ? trace_hardirqs_on+0x37/0xe0 [ 13.382915] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.382936] ? finish_task_switch.isra.0+0x153/0x700 [ 13.382960] ? __switch_to+0x5d9/0xf60 [ 13.382983] ? dequeue_task_fair+0x166/0x4e0 [ 13.383013] ? __pfx_read_tsc+0x10/0x10 [ 13.383034] ? ktime_get_ts64+0x86/0x230 [ 13.383062] kunit_try_run_case+0x1a5/0x480 [ 13.383090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.383113] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.383140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.383165] ? __kthread_parkme+0x82/0x180 [ 13.383187] ? preempt_count_sub+0x50/0x80 [ 13.383212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.383237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.383260] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.383283] kthread+0x337/0x6f0 [ 13.383305] ? trace_preempt_on+0x20/0xc0 [ 13.383621] ? __pfx_kthread+0x10/0x10 [ 13.383656] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.383680] ? calculate_sigpending+0x7b/0xa0 [ 13.383705] ? __pfx_kthread+0x10/0x10 [ 13.383925] ret_from_fork+0x41/0x80 [ 13.383960] ? __pfx_kthread+0x10/0x10 [ 13.383986] ret_from_fork_asm+0x1a/0x30 [ 13.384020] </TASK> [ 13.384032] [ 13.395333] Allocated by task 277: [ 13.395827] kasan_save_stack+0x45/0x70 [ 13.396034] kasan_save_track+0x18/0x40 [ 13.396303] kasan_save_alloc_info+0x3b/0x50 [ 13.396823] __kasan_kmalloc+0xb7/0xc0 [ 13.396993] __kmalloc_cache_noprof+0x189/0x420 [ 13.397240] kasan_memcmp+0xb7/0x390 [ 13.397556] kunit_try_run_case+0x1a5/0x480 [ 13.397714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.397981] kthread+0x337/0x6f0 [ 13.398171] ret_from_fork+0x41/0x80 [ 13.398454] ret_from_fork_asm+0x1a/0x30 [ 13.398695] [ 13.398784] The buggy address belongs to the object at ffff888102b4e2c0 [ 13.398784] which belongs to the cache kmalloc-32 of size 32 [ 13.399820] The buggy address is located 0 bytes to the right of [ 13.399820] allocated 24-byte region [ffff888102b4e2c0, ffff888102b4e2d8) [ 13.400729] [ 13.400867] The buggy address belongs to the physical page: [ 13.401095] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4e [ 13.401535] flags: 0x200000000000000(node=0|zone=2) [ 13.401842] page_type: f5(slab) [ 13.402025] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.402452] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.402801] page dumped because: kasan: bad access detected [ 13.403047] [ 13.403120] Memory state around the buggy address: [ 13.403493] ffff888102b4e180: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.403810] ffff888102b4e200: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 13.404111] >ffff888102b4e280: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.404440] ^ [ 13.404920] ffff888102b4e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.405268] ffff888102b4e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.405982] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 11.955240] ================================================================== [ 11.955823] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 11.956114] Read of size 1 at addr ffff888102b31e00 by task kunit_try_catch/216 [ 11.956387] [ 11.956491] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.956531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.956542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.956599] Call Trace: [ 11.956610] <TASK> [ 11.956624] dump_stack_lvl+0x73/0xb0 [ 11.956648] print_report+0xd1/0x650 [ 11.956669] ? __virt_addr_valid+0x1db/0x2d0 [ 11.956691] ? ksize_uaf+0x19d/0x6c0 [ 11.956711] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.956733] ? ksize_uaf+0x19d/0x6c0 [ 11.956753] kasan_report+0x141/0x180 [ 11.956775] ? ksize_uaf+0x19d/0x6c0 [ 11.956800] ? ksize_uaf+0x19d/0x6c0 [ 11.956820] __kasan_check_byte+0x3d/0x50 [ 11.956842] ksize+0x20/0x60 [ 11.956863] ksize_uaf+0x19d/0x6c0 [ 11.956883] ? __pfx_ksize_uaf+0x10/0x10 [ 11.956905] ? __schedule+0x10cc/0x2b30 [ 11.956927] ? __pfx_read_tsc+0x10/0x10 [ 11.956947] ? ktime_get_ts64+0x86/0x230 [ 11.956971] kunit_try_run_case+0x1a5/0x480 [ 11.956995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.957015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.957038] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.957061] ? __kthread_parkme+0x82/0x180 [ 11.957081] ? preempt_count_sub+0x50/0x80 [ 11.957105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.957148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.957171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.957193] kthread+0x337/0x6f0 [ 11.957213] ? trace_preempt_on+0x20/0xc0 [ 11.957235] ? __pfx_kthread+0x10/0x10 [ 11.957256] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.957278] ? calculate_sigpending+0x7b/0xa0 [ 11.957298] ? __pfx_kthread+0x10/0x10 [ 11.957320] ret_from_fork+0x41/0x80 [ 11.957352] ? __pfx_kthread+0x10/0x10 [ 11.957373] ret_from_fork_asm+0x1a/0x30 [ 11.957405] </TASK> [ 11.957414] [ 11.967485] Allocated by task 216: [ 11.967795] kasan_save_stack+0x45/0x70 [ 11.967993] kasan_save_track+0x18/0x40 [ 11.968411] kasan_save_alloc_info+0x3b/0x50 [ 11.968683] __kasan_kmalloc+0xb7/0xc0 [ 11.968970] __kmalloc_cache_noprof+0x189/0x420 [ 11.969406] ksize_uaf+0xaa/0x6c0 [ 11.969686] kunit_try_run_case+0x1a5/0x480 [ 11.969904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.970335] kthread+0x337/0x6f0 [ 11.970532] ret_from_fork+0x41/0x80 [ 11.970830] ret_from_fork_asm+0x1a/0x30 [ 11.971117] [ 11.971234] Freed by task 216: [ 11.971391] kasan_save_stack+0x45/0x70 [ 11.971571] kasan_save_track+0x18/0x40 [ 11.971747] kasan_save_free_info+0x3f/0x60 [ 11.971933] __kasan_slab_free+0x56/0x70 [ 11.972106] kfree+0x222/0x3f0 [ 11.972700] ksize_uaf+0x12c/0x6c0 [ 11.972951] kunit_try_run_case+0x1a5/0x480 [ 11.973302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.973731] kthread+0x337/0x6f0 [ 11.974012] ret_from_fork+0x41/0x80 [ 11.974341] ret_from_fork_asm+0x1a/0x30 [ 11.974531] [ 11.974620] The buggy address belongs to the object at ffff888102b31e00 [ 11.974620] which belongs to the cache kmalloc-128 of size 128 [ 11.975100] The buggy address is located 0 bytes inside of [ 11.975100] freed 128-byte region [ffff888102b31e00, ffff888102b31e80) [ 11.975989] [ 11.976231] The buggy address belongs to the physical page: [ 11.976651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 11.977101] flags: 0x200000000000000(node=0|zone=2) [ 11.977506] page_type: f5(slab) [ 11.977677] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.977987] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.978760] page dumped because: kasan: bad access detected [ 11.979054] [ 11.979270] Memory state around the buggy address: [ 11.979758] ffff888102b31d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.980392] ffff888102b31d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.980833] >ffff888102b31e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.981294] ^ [ 11.981556] ffff888102b31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.981978] ffff888102b31f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.982566] ================================================================== [ 11.983778] ================================================================== [ 11.984041] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 11.984291] Read of size 1 at addr ffff888102b31e00 by task kunit_try_catch/216 [ 11.984786] [ 11.984890] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.984932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.984943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.984963] Call Trace: [ 11.984974] <TASK> [ 11.984989] dump_stack_lvl+0x73/0xb0 [ 11.985014] print_report+0xd1/0x650 [ 11.985036] ? __virt_addr_valid+0x1db/0x2d0 [ 11.985057] ? ksize_uaf+0x5fe/0x6c0 [ 11.985076] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.985098] ? ksize_uaf+0x5fe/0x6c0 [ 11.985118] kasan_report+0x141/0x180 [ 11.985139] ? ksize_uaf+0x5fe/0x6c0 [ 11.985163] __asan_report_load1_noabort+0x18/0x20 [ 11.985182] ksize_uaf+0x5fe/0x6c0 [ 11.985202] ? __pfx_ksize_uaf+0x10/0x10 [ 11.985223] ? __schedule+0x10cc/0x2b30 [ 11.985245] ? __pfx_read_tsc+0x10/0x10 [ 11.985264] ? ktime_get_ts64+0x86/0x230 [ 11.985620] kunit_try_run_case+0x1a5/0x480 [ 11.985646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.985668] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.985690] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.985714] ? __kthread_parkme+0x82/0x180 [ 11.985735] ? preempt_count_sub+0x50/0x80 [ 11.985760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.985788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.985810] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.985832] kthread+0x337/0x6f0 [ 11.985852] ? trace_preempt_on+0x20/0xc0 [ 11.985875] ? __pfx_kthread+0x10/0x10 [ 11.985896] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.985917] ? calculate_sigpending+0x7b/0xa0 [ 11.985938] ? __pfx_kthread+0x10/0x10 [ 11.985960] ret_from_fork+0x41/0x80 [ 11.985980] ? __pfx_kthread+0x10/0x10 [ 11.986001] ret_from_fork_asm+0x1a/0x30 [ 11.986032] </TASK> [ 11.986042] [ 11.994034] Allocated by task 216: [ 11.994250] kasan_save_stack+0x45/0x70 [ 11.994448] kasan_save_track+0x18/0x40 [ 11.994627] kasan_save_alloc_info+0x3b/0x50 [ 11.994818] __kasan_kmalloc+0xb7/0xc0 [ 11.994991] __kmalloc_cache_noprof+0x189/0x420 [ 11.995563] ksize_uaf+0xaa/0x6c0 [ 11.995799] kunit_try_run_case+0x1a5/0x480 [ 11.996107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.996536] kthread+0x337/0x6f0 [ 11.996810] ret_from_fork+0x41/0x80 [ 11.997204] ret_from_fork_asm+0x1a/0x30 [ 11.997472] [ 11.997683] Freed by task 216: [ 11.997951] kasan_save_stack+0x45/0x70 [ 11.998314] kasan_save_track+0x18/0x40 [ 11.998508] kasan_save_free_info+0x3f/0x60 [ 11.998697] __kasan_slab_free+0x56/0x70 [ 11.998877] kfree+0x222/0x3f0 [ 11.999023] ksize_uaf+0x12c/0x6c0 [ 11.999508] kunit_try_run_case+0x1a5/0x480 [ 11.999764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.000205] kthread+0x337/0x6f0 [ 12.000434] ret_from_fork+0x41/0x80 [ 12.000723] ret_from_fork_asm+0x1a/0x30 [ 12.001015] [ 12.001117] The buggy address belongs to the object at ffff888102b31e00 [ 12.001117] which belongs to the cache kmalloc-128 of size 128 [ 12.001617] The buggy address is located 0 bytes inside of [ 12.001617] freed 128-byte region [ffff888102b31e00, ffff888102b31e80) [ 12.002092] [ 12.002482] The buggy address belongs to the physical page: [ 12.002943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 12.003605] flags: 0x200000000000000(node=0|zone=2) [ 12.003896] page_type: f5(slab) [ 12.004181] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.004695] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.005015] page dumped because: kasan: bad access detected [ 12.005578] [ 12.005674] Memory state around the buggy address: [ 12.006089] ffff888102b31d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.006783] ffff888102b31d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.007154] >ffff888102b31e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.007455] ^ [ 12.007607] ffff888102b31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.007888] ffff888102b31f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.008666] ================================================================== [ 12.010089] ================================================================== [ 12.010433] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 12.010703] Read of size 1 at addr ffff888102b31e78 by task kunit_try_catch/216 [ 12.010994] [ 12.011093] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 12.011526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.011541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.011562] Call Trace: [ 12.011577] <TASK> [ 12.011592] dump_stack_lvl+0x73/0xb0 [ 12.012029] print_report+0xd1/0x650 [ 12.012052] ? __virt_addr_valid+0x1db/0x2d0 [ 12.012074] ? ksize_uaf+0x5e4/0x6c0 [ 12.012094] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.012116] ? ksize_uaf+0x5e4/0x6c0 [ 12.012136] kasan_report+0x141/0x180 [ 12.012158] ? ksize_uaf+0x5e4/0x6c0 [ 12.012199] __asan_report_load1_noabort+0x18/0x20 [ 12.012220] ksize_uaf+0x5e4/0x6c0 [ 12.012240] ? __pfx_ksize_uaf+0x10/0x10 [ 12.012261] ? __schedule+0x10cc/0x2b30 [ 12.012284] ? __pfx_read_tsc+0x10/0x10 [ 12.012303] ? ktime_get_ts64+0x86/0x230 [ 12.012340] kunit_try_run_case+0x1a5/0x480 [ 12.012364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.012385] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.012408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.012432] ? __kthread_parkme+0x82/0x180 [ 12.012452] ? preempt_count_sub+0x50/0x80 [ 12.012476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.012498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.012520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.012543] kthread+0x337/0x6f0 [ 12.012563] ? trace_preempt_on+0x20/0xc0 [ 12.012587] ? __pfx_kthread+0x10/0x10 [ 12.012608] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.012629] ? calculate_sigpending+0x7b/0xa0 [ 12.012650] ? __pfx_kthread+0x10/0x10 [ 12.012673] ret_from_fork+0x41/0x80 [ 12.012695] ? __pfx_kthread+0x10/0x10 [ 12.012716] ret_from_fork_asm+0x1a/0x30 [ 12.012747] </TASK> [ 12.012758] [ 12.019315] Allocated by task 216: [ 12.019522] kasan_save_stack+0x45/0x70 [ 12.019720] kasan_save_track+0x18/0x40 [ 12.019920] kasan_save_alloc_info+0x3b/0x50 [ 12.020120] __kasan_kmalloc+0xb7/0xc0 [ 12.020303] __kmalloc_cache_noprof+0x189/0x420 [ 12.020529] ksize_uaf+0xaa/0x6c0 [ 12.020685] kunit_try_run_case+0x1a5/0x480 [ 12.020883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.021132] kthread+0x337/0x6f0 [ 12.021373] ret_from_fork+0x41/0x80 [ 12.021501] ret_from_fork_asm+0x1a/0x30 [ 12.021636] [ 12.021704] Freed by task 216: [ 12.021818] kasan_save_stack+0x45/0x70 [ 12.021950] kasan_save_track+0x18/0x40 [ 12.022080] kasan_save_free_info+0x3f/0x60 [ 12.022218] __kasan_slab_free+0x56/0x70 [ 12.022362] kfree+0x222/0x3f0 [ 12.022477] ksize_uaf+0x12c/0x6c0 [ 12.022629] kunit_try_run_case+0x1a5/0x480 [ 12.022795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.023022] kthread+0x337/0x6f0 [ 12.023156] ret_from_fork+0x41/0x80 [ 12.023284] ret_from_fork_asm+0x1a/0x30 [ 12.023433] [ 12.023502] The buggy address belongs to the object at ffff888102b31e00 [ 12.023502] which belongs to the cache kmalloc-128 of size 128 [ 12.023850] The buggy address is located 120 bytes inside of [ 12.023850] freed 128-byte region [ffff888102b31e00, ffff888102b31e80) [ 12.024196] [ 12.024265] The buggy address belongs to the physical page: [ 12.024444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 12.024679] flags: 0x200000000000000(node=0|zone=2) [ 12.024836] page_type: f5(slab) [ 12.024956] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.025346] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.025606] page dumped because: kasan: bad access detected [ 12.025804] [ 12.025875] Memory state around the buggy address: [ 12.026041] ffff888102b31d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.026525] ffff888102b31d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.027010] >ffff888102b31e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.027356] ^ [ 12.027887] ffff888102b31e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.028133] ffff888102b31f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.028574] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 11.929161] ================================================================== [ 11.929407] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.929863] Read of size 1 at addr ffff888102b31d7f by task kunit_try_catch/214 [ 11.930191] [ 11.930297] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.930348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.930359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.930378] Call Trace: [ 11.930393] <TASK> [ 11.930408] dump_stack_lvl+0x73/0xb0 [ 11.930430] print_report+0xd1/0x650 [ 11.930451] ? __virt_addr_valid+0x1db/0x2d0 [ 11.930471] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.930548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.930570] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.930593] kasan_report+0x141/0x180 [ 11.930615] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.930643] __asan_report_load1_noabort+0x18/0x20 [ 11.930664] ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.930687] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.930710] ? finish_task_switch.isra.0+0x153/0x700 [ 11.930731] ? __switch_to+0x5d9/0xf60 [ 11.930750] ? dequeue_task_fair+0x166/0x4e0 [ 11.930774] ? __schedule+0x10cc/0x2b30 [ 11.930796] ? __pfx_read_tsc+0x10/0x10 [ 11.930815] ? ktime_get_ts64+0x86/0x230 [ 11.930840] kunit_try_run_case+0x1a5/0x480 [ 11.930862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.930883] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.930906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.930929] ? __kthread_parkme+0x82/0x180 [ 11.930949] ? preempt_count_sub+0x50/0x80 [ 11.930973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.930995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.931016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.931038] kthread+0x337/0x6f0 [ 11.931058] ? trace_preempt_on+0x20/0xc0 [ 11.931080] ? __pfx_kthread+0x10/0x10 [ 11.931101] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.931122] ? calculate_sigpending+0x7b/0xa0 [ 11.931143] ? __pfx_kthread+0x10/0x10 [ 11.931164] ret_from_fork+0x41/0x80 [ 11.931184] ? __pfx_kthread+0x10/0x10 [ 11.931205] ret_from_fork_asm+0x1a/0x30 [ 11.931236] </TASK> [ 11.931245] [ 11.939268] Allocated by task 214: [ 11.939675] kasan_save_stack+0x45/0x70 [ 11.939890] kasan_save_track+0x18/0x40 [ 11.940091] kasan_save_alloc_info+0x3b/0x50 [ 11.940546] __kasan_kmalloc+0xb7/0xc0 [ 11.940690] __kmalloc_cache_noprof+0x189/0x420 [ 11.940907] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.941100] kunit_try_run_case+0x1a5/0x480 [ 11.941259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.941659] kthread+0x337/0x6f0 [ 11.941841] ret_from_fork+0x41/0x80 [ 11.942024] ret_from_fork_asm+0x1a/0x30 [ 11.942163] [ 11.942436] The buggy address belongs to the object at ffff888102b31d00 [ 11.942436] which belongs to the cache kmalloc-128 of size 128 [ 11.942875] The buggy address is located 12 bytes to the right of [ 11.942875] allocated 115-byte region [ffff888102b31d00, ffff888102b31d73) [ 11.943609] [ 11.943715] The buggy address belongs to the physical page: [ 11.943942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 11.944187] flags: 0x200000000000000(node=0|zone=2) [ 11.944362] page_type: f5(slab) [ 11.944482] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.944711] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.945036] page dumped because: kasan: bad access detected [ 11.945535] [ 11.945632] Memory state around the buggy address: [ 11.945853] ffff888102b31c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.946739] ffff888102b31c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.947052] >ffff888102b31d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.947920] ^ [ 11.948303] ffff888102b31d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.948761] ffff888102b31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.949056] ================================================================== [ 11.881833] ================================================================== [ 11.883665] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 11.884662] Read of size 1 at addr ffff888102b31d73 by task kunit_try_catch/214 [ 11.885453] [ 11.886005] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.886091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.886104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.886139] Call Trace: [ 11.886152] <TASK> [ 11.886169] dump_stack_lvl+0x73/0xb0 [ 11.886198] print_report+0xd1/0x650 [ 11.886220] ? __virt_addr_valid+0x1db/0x2d0 [ 11.886242] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.886265] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.886287] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.886310] kasan_report+0x141/0x180 [ 11.886343] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.886371] __asan_report_load1_noabort+0x18/0x20 [ 11.886400] ksize_unpoisons_memory+0x81c/0x9b0 [ 11.886424] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.886446] ? finish_task_switch.isra.0+0x153/0x700 [ 11.886469] ? __switch_to+0x5d9/0xf60 [ 11.886490] ? dequeue_task_fair+0x166/0x4e0 [ 11.886515] ? __schedule+0x10cc/0x2b30 [ 11.886539] ? __pfx_read_tsc+0x10/0x10 [ 11.886558] ? ktime_get_ts64+0x86/0x230 [ 11.886583] kunit_try_run_case+0x1a5/0x480 [ 11.886607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.886627] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.886649] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.886673] ? __kthread_parkme+0x82/0x180 [ 11.886694] ? preempt_count_sub+0x50/0x80 [ 11.886717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.886739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.886761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.886783] kthread+0x337/0x6f0 [ 11.886803] ? trace_preempt_on+0x20/0xc0 [ 11.886826] ? __pfx_kthread+0x10/0x10 [ 11.886847] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.886868] ? calculate_sigpending+0x7b/0xa0 [ 11.886888] ? __pfx_kthread+0x10/0x10 [ 11.886910] ret_from_fork+0x41/0x80 [ 11.886930] ? __pfx_kthread+0x10/0x10 [ 11.886951] ret_from_fork_asm+0x1a/0x30 [ 11.886982] </TASK> [ 11.886993] [ 11.899052] Allocated by task 214: [ 11.899629] kasan_save_stack+0x45/0x70 [ 11.899838] kasan_save_track+0x18/0x40 [ 11.899986] kasan_save_alloc_info+0x3b/0x50 [ 11.900362] __kasan_kmalloc+0xb7/0xc0 [ 11.900728] __kmalloc_cache_noprof+0x189/0x420 [ 11.900940] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.901216] kunit_try_run_case+0x1a5/0x480 [ 11.901675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.901989] kthread+0x337/0x6f0 [ 11.902176] ret_from_fork+0x41/0x80 [ 11.902559] ret_from_fork_asm+0x1a/0x30 [ 11.902768] [ 11.902855] The buggy address belongs to the object at ffff888102b31d00 [ 11.902855] which belongs to the cache kmalloc-128 of size 128 [ 11.903619] The buggy address is located 0 bytes to the right of [ 11.903619] allocated 115-byte region [ffff888102b31d00, ffff888102b31d73) [ 11.904112] [ 11.904508] The buggy address belongs to the physical page: [ 11.904704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 11.905188] flags: 0x200000000000000(node=0|zone=2) [ 11.905594] page_type: f5(slab) [ 11.905763] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.906226] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.906675] page dumped because: kasan: bad access detected [ 11.906910] [ 11.907080] Memory state around the buggy address: [ 11.907294] ffff888102b31c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.907955] ffff888102b31c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.908380] >ffff888102b31d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.908799] ^ [ 11.909096] ffff888102b31d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.909410] ffff888102b31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.909842] ================================================================== [ 11.910304] ================================================================== [ 11.910747] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.911044] Read of size 1 at addr ffff888102b31d78 by task kunit_try_catch/214 [ 11.911362] [ 11.911470] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.911511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.911523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.911542] Call Trace: [ 11.911556] <TASK> [ 11.911570] dump_stack_lvl+0x73/0xb0 [ 11.911594] print_report+0xd1/0x650 [ 11.911628] ? __virt_addr_valid+0x1db/0x2d0 [ 11.911649] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.911671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.911693] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.911716] kasan_report+0x141/0x180 [ 11.911738] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.911766] __asan_report_load1_noabort+0x18/0x20 [ 11.911786] ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.911810] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.911832] ? finish_task_switch.isra.0+0x153/0x700 [ 11.911853] ? __switch_to+0x5d9/0xf60 [ 11.911872] ? dequeue_task_fair+0x166/0x4e0 [ 11.911897] ? __schedule+0x10cc/0x2b30 [ 11.911919] ? __pfx_read_tsc+0x10/0x10 [ 11.911938] ? ktime_get_ts64+0x86/0x230 [ 11.911962] kunit_try_run_case+0x1a5/0x480 [ 11.911985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.912005] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.912027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.912050] ? __kthread_parkme+0x82/0x180 [ 11.912070] ? preempt_count_sub+0x50/0x80 [ 11.912094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.912116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.912137] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.912159] kthread+0x337/0x6f0 [ 11.912179] ? trace_preempt_on+0x20/0xc0 [ 11.912201] ? __pfx_kthread+0x10/0x10 [ 11.912364] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.912390] ? calculate_sigpending+0x7b/0xa0 [ 11.912413] ? __pfx_kthread+0x10/0x10 [ 11.912435] ret_from_fork+0x41/0x80 [ 11.912456] ? __pfx_kthread+0x10/0x10 [ 11.912477] ret_from_fork_asm+0x1a/0x30 [ 11.912509] </TASK> [ 11.912518] [ 11.920708] Allocated by task 214: [ 11.920892] kasan_save_stack+0x45/0x70 [ 11.921035] kasan_save_track+0x18/0x40 [ 11.921365] kasan_save_alloc_info+0x3b/0x50 [ 11.921641] __kasan_kmalloc+0xb7/0xc0 [ 11.921835] __kmalloc_cache_noprof+0x189/0x420 [ 11.922016] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.922239] kunit_try_run_case+0x1a5/0x480 [ 11.922554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.922776] kthread+0x337/0x6f0 [ 11.922929] ret_from_fork+0x41/0x80 [ 11.923111] ret_from_fork_asm+0x1a/0x30 [ 11.923261] [ 11.923369] The buggy address belongs to the object at ffff888102b31d00 [ 11.923369] which belongs to the cache kmalloc-128 of size 128 [ 11.923853] The buggy address is located 5 bytes to the right of [ 11.923853] allocated 115-byte region [ffff888102b31d00, ffff888102b31d73) [ 11.924385] [ 11.924482] The buggy address belongs to the physical page: [ 11.924719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 11.925000] flags: 0x200000000000000(node=0|zone=2) [ 11.925273] page_type: f5(slab) [ 11.925463] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.925698] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.925924] page dumped because: kasan: bad access detected [ 11.926093] [ 11.926161] Memory state around the buggy address: [ 11.926375] ffff888102b31c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.926736] ffff888102b31c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.927046] >ffff888102b31d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.927570] ^ [ 11.927864] ffff888102b31d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.928101] ffff888102b31e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.928758] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 11.857232] ================================================================== [ 11.857682] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 11.857975] Free of addr ffff8881023f82e0 by task kunit_try_catch/212 [ 11.858270] [ 11.858429] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.858474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.858485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.858504] Call Trace: [ 11.858515] <TASK> [ 11.858528] dump_stack_lvl+0x73/0xb0 [ 11.858552] print_report+0xd1/0x650 [ 11.858574] ? __virt_addr_valid+0x1db/0x2d0 [ 11.858595] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.858616] ? kfree_sensitive+0x2e/0x90 [ 11.858637] kasan_report_invalid_free+0x10a/0x130 [ 11.858662] ? kfree_sensitive+0x2e/0x90 [ 11.858684] ? kfree_sensitive+0x2e/0x90 [ 11.858704] check_slab_allocation+0x101/0x130 [ 11.858726] __kasan_slab_pre_free+0x28/0x40 [ 11.858746] kfree+0xf0/0x3f0 [ 11.858765] ? kfree_sensitive+0x2e/0x90 [ 11.858788] kfree_sensitive+0x2e/0x90 [ 11.858808] kmalloc_double_kzfree+0x19c/0x350 [ 11.858831] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.858856] ? __schedule+0x10cc/0x2b30 [ 11.858879] ? __pfx_read_tsc+0x10/0x10 [ 11.858897] ? ktime_get_ts64+0x86/0x230 [ 11.858922] kunit_try_run_case+0x1a5/0x480 [ 11.858945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.858966] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.858989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.859012] ? __kthread_parkme+0x82/0x180 [ 11.859032] ? preempt_count_sub+0x50/0x80 [ 11.859056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.859078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.859099] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.859121] kthread+0x337/0x6f0 [ 11.859151] ? trace_preempt_on+0x20/0xc0 [ 11.859174] ? __pfx_kthread+0x10/0x10 [ 11.859195] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.859216] ? calculate_sigpending+0x7b/0xa0 [ 11.859236] ? __pfx_kthread+0x10/0x10 [ 11.859259] ret_from_fork+0x41/0x80 [ 11.859278] ? __pfx_kthread+0x10/0x10 [ 11.859300] ret_from_fork_asm+0x1a/0x30 [ 11.859342] </TASK> [ 11.859352] [ 11.867857] Allocated by task 212: [ 11.868014] kasan_save_stack+0x45/0x70 [ 11.868199] kasan_save_track+0x18/0x40 [ 11.868445] kasan_save_alloc_info+0x3b/0x50 [ 11.868626] __kasan_kmalloc+0xb7/0xc0 [ 11.868758] __kmalloc_cache_noprof+0x189/0x420 [ 11.868909] kmalloc_double_kzfree+0xa9/0x350 [ 11.869123] kunit_try_run_case+0x1a5/0x480 [ 11.869376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.869604] kthread+0x337/0x6f0 [ 11.869725] ret_from_fork+0x41/0x80 [ 11.869858] ret_from_fork_asm+0x1a/0x30 [ 11.869995] [ 11.870140] Freed by task 212: [ 11.870299] kasan_save_stack+0x45/0x70 [ 11.870504] kasan_save_track+0x18/0x40 [ 11.870692] kasan_save_free_info+0x3f/0x60 [ 11.870890] __kasan_slab_free+0x56/0x70 [ 11.871087] kfree+0x222/0x3f0 [ 11.871245] kfree_sensitive+0x67/0x90 [ 11.871442] kmalloc_double_kzfree+0x12b/0x350 [ 11.871704] kunit_try_run_case+0x1a5/0x480 [ 11.871917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.872165] kthread+0x337/0x6f0 [ 11.872287] ret_from_fork+0x41/0x80 [ 11.872426] ret_from_fork_asm+0x1a/0x30 [ 11.872611] [ 11.872784] The buggy address belongs to the object at ffff8881023f82e0 [ 11.872784] which belongs to the cache kmalloc-16 of size 16 [ 11.873295] The buggy address is located 0 bytes inside of [ 11.873295] 16-byte region [ffff8881023f82e0, ffff8881023f82f0) [ 11.873634] [ 11.873703] The buggy address belongs to the physical page: [ 11.873877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 11.874404] flags: 0x200000000000000(node=0|zone=2) [ 11.874637] page_type: f5(slab) [ 11.874801] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.875130] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.875431] page dumped because: kasan: bad access detected [ 11.875599] [ 11.875667] Memory state around the buggy address: [ 11.875821] ffff8881023f8180: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 11.876029] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.876666] >ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.876990] ^ [ 11.877389] ffff8881023f8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.877753] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.878078] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 11.832913] ================================================================== [ 11.833829] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 11.834309] Read of size 1 at addr ffff8881023f82e0 by task kunit_try_catch/212 [ 11.834814] [ 11.835108] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.835158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.835171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.835198] Call Trace: [ 11.835210] <TASK> [ 11.835226] dump_stack_lvl+0x73/0xb0 [ 11.835254] print_report+0xd1/0x650 [ 11.835278] ? __virt_addr_valid+0x1db/0x2d0 [ 11.835300] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.835336] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.835359] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.835383] kasan_report+0x141/0x180 [ 11.835579] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.835613] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.835636] __kasan_check_byte+0x3d/0x50 [ 11.835660] kfree_sensitive+0x22/0x90 [ 11.835684] kmalloc_double_kzfree+0x19c/0x350 [ 11.835707] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.835731] ? __schedule+0x10cc/0x2b30 [ 11.835755] ? __pfx_read_tsc+0x10/0x10 [ 11.835775] ? ktime_get_ts64+0x86/0x230 [ 11.835802] kunit_try_run_case+0x1a5/0x480 [ 11.835825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.835846] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.835869] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.835893] ? __kthread_parkme+0x82/0x180 [ 11.835913] ? preempt_count_sub+0x50/0x80 [ 11.835937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.835961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.835983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.836005] kthread+0x337/0x6f0 [ 11.836025] ? trace_preempt_on+0x20/0xc0 [ 11.836049] ? __pfx_kthread+0x10/0x10 [ 11.836070] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.836091] ? calculate_sigpending+0x7b/0xa0 [ 11.836113] ? __pfx_kthread+0x10/0x10 [ 11.836143] ret_from_fork+0x41/0x80 [ 11.836163] ? __pfx_kthread+0x10/0x10 [ 11.836185] ret_from_fork_asm+0x1a/0x30 [ 11.836215] </TASK> [ 11.836226] [ 11.846169] Allocated by task 212: [ 11.846391] kasan_save_stack+0x45/0x70 [ 11.846543] kasan_save_track+0x18/0x40 [ 11.846737] kasan_save_alloc_info+0x3b/0x50 [ 11.846940] __kasan_kmalloc+0xb7/0xc0 [ 11.847103] __kmalloc_cache_noprof+0x189/0x420 [ 11.847352] kmalloc_double_kzfree+0xa9/0x350 [ 11.847503] kunit_try_run_case+0x1a5/0x480 [ 11.847671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.847924] kthread+0x337/0x6f0 [ 11.848094] ret_from_fork+0x41/0x80 [ 11.848273] ret_from_fork_asm+0x1a/0x30 [ 11.848433] [ 11.848503] Freed by task 212: [ 11.848721] kasan_save_stack+0x45/0x70 [ 11.848923] kasan_save_track+0x18/0x40 [ 11.849117] kasan_save_free_info+0x3f/0x60 [ 11.849342] __kasan_slab_free+0x56/0x70 [ 11.849592] kfree+0x222/0x3f0 [ 11.849780] kfree_sensitive+0x67/0x90 [ 11.849979] kmalloc_double_kzfree+0x12b/0x350 [ 11.850177] kunit_try_run_case+0x1a5/0x480 [ 11.850577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.850810] kthread+0x337/0x6f0 [ 11.850933] ret_from_fork+0x41/0x80 [ 11.851063] ret_from_fork_asm+0x1a/0x30 [ 11.851202] [ 11.851299] The buggy address belongs to the object at ffff8881023f82e0 [ 11.851299] which belongs to the cache kmalloc-16 of size 16 [ 11.851908] The buggy address is located 0 bytes inside of [ 11.851908] freed 16-byte region [ffff8881023f82e0, ffff8881023f82f0) [ 11.852502] [ 11.852604] The buggy address belongs to the physical page: [ 11.852836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 11.853168] flags: 0x200000000000000(node=0|zone=2) [ 11.853377] page_type: f5(slab) [ 11.853554] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.853845] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.854207] page dumped because: kasan: bad access detected [ 11.854566] [ 11.854652] Memory state around the buggy address: [ 11.854848] ffff8881023f8180: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 11.855142] ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.855613] >ffff8881023f8280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.855887] ^ [ 11.856164] ffff8881023f8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.856389] ffff8881023f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.856600] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 11.795711] ================================================================== [ 11.796197] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 11.796636] Read of size 1 at addr ffff888102743628 by task kunit_try_catch/208 [ 11.797200] [ 11.797392] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.797453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.797465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.797662] Call Trace: [ 11.797679] <TASK> [ 11.797698] dump_stack_lvl+0x73/0xb0 [ 11.797727] print_report+0xd1/0x650 [ 11.797750] ? __virt_addr_valid+0x1db/0x2d0 [ 11.797779] ? kmalloc_uaf2+0x4a8/0x520 [ 11.797799] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.797821] ? kmalloc_uaf2+0x4a8/0x520 [ 11.797841] kasan_report+0x141/0x180 [ 11.797863] ? kmalloc_uaf2+0x4a8/0x520 [ 11.797889] __asan_report_load1_noabort+0x18/0x20 [ 11.797909] kmalloc_uaf2+0x4a8/0x520 [ 11.797930] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.797950] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.797982] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.798007] kunit_try_run_case+0x1a5/0x480 [ 11.798032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.798054] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.798078] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.798101] ? __kthread_parkme+0x82/0x180 [ 11.798133] ? preempt_count_sub+0x50/0x80 [ 11.798158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.798180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.798202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.798224] kthread+0x337/0x6f0 [ 11.798244] ? trace_preempt_on+0x20/0xc0 [ 11.798268] ? __pfx_kthread+0x10/0x10 [ 11.798289] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.798310] ? calculate_sigpending+0x7b/0xa0 [ 11.798343] ? __pfx_kthread+0x10/0x10 [ 11.798364] ret_from_fork+0x41/0x80 [ 11.798395] ? __pfx_kthread+0x10/0x10 [ 11.798416] ret_from_fork_asm+0x1a/0x30 [ 11.798448] </TASK> [ 11.798459] [ 11.808018] Allocated by task 208: [ 11.808389] kasan_save_stack+0x45/0x70 [ 11.808685] kasan_save_track+0x18/0x40 [ 11.808881] kasan_save_alloc_info+0x3b/0x50 [ 11.809041] __kasan_kmalloc+0xb7/0xc0 [ 11.809225] __kmalloc_cache_noprof+0x189/0x420 [ 11.809717] kmalloc_uaf2+0xc6/0x520 [ 11.809863] kunit_try_run_case+0x1a5/0x480 [ 11.810332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.810719] kthread+0x337/0x6f0 [ 11.810854] ret_from_fork+0x41/0x80 [ 11.811029] ret_from_fork_asm+0x1a/0x30 [ 11.811437] [ 11.811578] Freed by task 208: [ 11.811696] kasan_save_stack+0x45/0x70 [ 11.811971] kasan_save_track+0x18/0x40 [ 11.812397] kasan_save_free_info+0x3f/0x60 [ 11.812655] __kasan_slab_free+0x56/0x70 [ 11.813100] kfree+0x222/0x3f0 [ 11.813235] kmalloc_uaf2+0x14c/0x520 [ 11.813750] kunit_try_run_case+0x1a5/0x480 [ 11.813917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.814457] kthread+0x337/0x6f0 [ 11.814674] ret_from_fork+0x41/0x80 [ 11.814984] ret_from_fork_asm+0x1a/0x30 [ 11.815380] [ 11.815499] The buggy address belongs to the object at ffff888102743600 [ 11.815499] which belongs to the cache kmalloc-64 of size 64 [ 11.816223] The buggy address is located 40 bytes inside of [ 11.816223] freed 64-byte region [ffff888102743600, ffff888102743640) [ 11.816988] [ 11.817068] The buggy address belongs to the physical page: [ 11.817628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102743 [ 11.818084] flags: 0x200000000000000(node=0|zone=2) [ 11.818470] page_type: f5(slab) [ 11.818669] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.819188] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.819574] page dumped because: kasan: bad access detected [ 11.820146] [ 11.820237] Memory state around the buggy address: [ 11.820481] ffff888102743500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.820821] ffff888102743580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.821120] >ffff888102743600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.821427] ^ [ 11.822066] ffff888102743680: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 11.822350] ffff888102743700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.822721] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 11.763859] ================================================================== [ 11.764285] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 11.764750] Write of size 33 at addr ffff888102b3f480 by task kunit_try_catch/206 [ 11.765212] [ 11.765355] CPU: 1 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.765401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.765412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.765433] Call Trace: [ 11.765445] <TASK> [ 11.765461] dump_stack_lvl+0x73/0xb0 [ 11.765487] print_report+0xd1/0x650 [ 11.765510] ? __virt_addr_valid+0x1db/0x2d0 [ 11.765531] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.765552] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.765574] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.765596] kasan_report+0x141/0x180 [ 11.765618] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.765645] kasan_check_range+0x10c/0x1c0 [ 11.765669] __asan_memset+0x27/0x50 [ 11.765689] kmalloc_uaf_memset+0x1a3/0x360 [ 11.765710] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 11.765732] ? __schedule+0x10cc/0x2b30 [ 11.765756] ? __pfx_read_tsc+0x10/0x10 [ 11.765781] ? ktime_get_ts64+0x86/0x230 [ 11.765806] kunit_try_run_case+0x1a5/0x480 [ 11.765829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.765850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.765873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.765896] ? __kthread_parkme+0x82/0x180 [ 11.765918] ? preempt_count_sub+0x50/0x80 [ 11.765942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.765964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.765986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.766008] kthread+0x337/0x6f0 [ 11.766028] ? trace_preempt_on+0x20/0xc0 [ 11.766052] ? __pfx_kthread+0x10/0x10 [ 11.766074] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.766095] ? calculate_sigpending+0x7b/0xa0 [ 11.766116] ? __pfx_kthread+0x10/0x10 [ 11.766138] ret_from_fork+0x41/0x80 [ 11.766158] ? __pfx_kthread+0x10/0x10 [ 11.766180] ret_from_fork_asm+0x1a/0x30 [ 11.766229] </TASK> [ 11.766240] [ 11.772850] Allocated by task 206: [ 11.772974] kasan_save_stack+0x45/0x70 [ 11.773236] kasan_save_track+0x18/0x40 [ 11.773438] kasan_save_alloc_info+0x3b/0x50 [ 11.773641] __kasan_kmalloc+0xb7/0xc0 [ 11.773831] __kmalloc_cache_noprof+0x189/0x420 [ 11.774049] kmalloc_uaf_memset+0xa9/0x360 [ 11.774255] kunit_try_run_case+0x1a5/0x480 [ 11.774453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.774664] kthread+0x337/0x6f0 [ 11.774834] ret_from_fork+0x41/0x80 [ 11.774974] ret_from_fork_asm+0x1a/0x30 [ 11.775119] [ 11.775227] Freed by task 206: [ 11.775394] kasan_save_stack+0x45/0x70 [ 11.775584] kasan_save_track+0x18/0x40 [ 11.775737] kasan_save_free_info+0x3f/0x60 [ 11.775893] __kasan_slab_free+0x56/0x70 [ 11.776085] kfree+0x222/0x3f0 [ 11.776370] kmalloc_uaf_memset+0x12b/0x360 [ 11.776555] kunit_try_run_case+0x1a5/0x480 [ 11.776732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.776952] kthread+0x337/0x6f0 [ 11.777109] ret_from_fork+0x41/0x80 [ 11.777297] ret_from_fork_asm+0x1a/0x30 [ 11.777447] [ 11.777515] The buggy address belongs to the object at ffff888102b3f480 [ 11.777515] which belongs to the cache kmalloc-64 of size 64 [ 11.777870] The buggy address is located 0 bytes inside of [ 11.777870] freed 64-byte region [ffff888102b3f480, ffff888102b3f4c0) [ 11.778260] [ 11.778360] The buggy address belongs to the physical page: [ 11.778611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3f [ 11.780793] flags: 0x200000000000000(node=0|zone=2) [ 11.781035] page_type: f5(slab) [ 11.781202] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.782607] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.785404] page dumped because: kasan: bad access detected [ 11.785627] [ 11.785721] Memory state around the buggy address: [ 11.785928] ffff888102b3f380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.786482] ffff888102b3f400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.787571] >ffff888102b3f480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.788581] ^ [ 11.789091] ffff888102b3f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.790157] ffff888102b3f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.792396] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 11.725458] ================================================================== [ 11.725932] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 11.726448] Read of size 1 at addr ffff8881023b8fa8 by task kunit_try_catch/204 [ 11.727550] [ 11.727802] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.727850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.727863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.727884] Call Trace: [ 11.727896] <TASK> [ 11.727912] dump_stack_lvl+0x73/0xb0 [ 11.728107] print_report+0xd1/0x650 [ 11.728143] ? __virt_addr_valid+0x1db/0x2d0 [ 11.728167] ? kmalloc_uaf+0x320/0x380 [ 11.728187] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.728209] ? kmalloc_uaf+0x320/0x380 [ 11.728230] kasan_report+0x141/0x180 [ 11.728286] ? kmalloc_uaf+0x320/0x380 [ 11.728314] __asan_report_load1_noabort+0x18/0x20 [ 11.728345] kmalloc_uaf+0x320/0x380 [ 11.728366] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.728439] ? __schedule+0x10cc/0x2b30 [ 11.728466] ? __pfx_read_tsc+0x10/0x10 [ 11.728485] ? ktime_get_ts64+0x86/0x230 [ 11.728510] kunit_try_run_case+0x1a5/0x480 [ 11.728533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.728556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.728578] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.728602] ? __kthread_parkme+0x82/0x180 [ 11.728623] ? preempt_count_sub+0x50/0x80 [ 11.728649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.728672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.728694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.728716] kthread+0x337/0x6f0 [ 11.728736] ? trace_preempt_on+0x20/0xc0 [ 11.728759] ? __pfx_kthread+0x10/0x10 [ 11.728781] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.728802] ? calculate_sigpending+0x7b/0xa0 [ 11.728823] ? __pfx_kthread+0x10/0x10 [ 11.728845] ret_from_fork+0x41/0x80 [ 11.728864] ? __pfx_kthread+0x10/0x10 [ 11.728885] ret_from_fork_asm+0x1a/0x30 [ 11.728917] </TASK> [ 11.728927] [ 11.740662] Allocated by task 204: [ 11.740838] kasan_save_stack+0x45/0x70 [ 11.741027] kasan_save_track+0x18/0x40 [ 11.741798] kasan_save_alloc_info+0x3b/0x50 [ 11.742062] __kasan_kmalloc+0xb7/0xc0 [ 11.742379] __kmalloc_cache_noprof+0x189/0x420 [ 11.742613] kmalloc_uaf+0xaa/0x380 [ 11.742779] kunit_try_run_case+0x1a5/0x480 [ 11.742972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.743447] kthread+0x337/0x6f0 [ 11.743755] ret_from_fork+0x41/0x80 [ 11.744110] ret_from_fork_asm+0x1a/0x30 [ 11.744373] [ 11.744509] Freed by task 204: [ 11.744656] kasan_save_stack+0x45/0x70 [ 11.744837] kasan_save_track+0x18/0x40 [ 11.745014] kasan_save_free_info+0x3f/0x60 [ 11.745780] __kasan_slab_free+0x56/0x70 [ 11.745986] kfree+0x222/0x3f0 [ 11.746319] kmalloc_uaf+0x12c/0x380 [ 11.746640] kunit_try_run_case+0x1a5/0x480 [ 11.746836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.747067] kthread+0x337/0x6f0 [ 11.747626] ret_from_fork+0x41/0x80 [ 11.747875] ret_from_fork_asm+0x1a/0x30 [ 11.748209] [ 11.748425] The buggy address belongs to the object at ffff8881023b8fa0 [ 11.748425] which belongs to the cache kmalloc-16 of size 16 [ 11.748972] The buggy address is located 8 bytes inside of [ 11.748972] freed 16-byte region [ffff8881023b8fa0, ffff8881023b8fb0) [ 11.750057] [ 11.750310] The buggy address belongs to the physical page: [ 11.750789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023b8 [ 11.751116] flags: 0x200000000000000(node=0|zone=2) [ 11.751794] page_type: f5(slab) [ 11.751961] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.752585] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.753187] page dumped because: kasan: bad access detected [ 11.753746] [ 11.753860] Memory state around the buggy address: [ 11.754071] ffff8881023b8e80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 11.754859] ffff8881023b8f00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 11.755370] >ffff8881023b8f80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.755856] ^ [ 11.756064] ffff8881023b9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.756886] ffff8881023b9080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 11.757364] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 11.700369] ================================================================== [ 11.700859] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.701177] Read of size 64 at addr ffff888102b3f384 by task kunit_try_catch/202 [ 11.701486] [ 11.701671] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.701715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.701726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.701745] Call Trace: [ 11.701756] <TASK> [ 11.701775] dump_stack_lvl+0x73/0xb0 [ 11.701799] print_report+0xd1/0x650 [ 11.701821] ? __virt_addr_valid+0x1db/0x2d0 [ 11.701842] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.701865] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.701888] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.701913] kasan_report+0x141/0x180 [ 11.701935] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.701965] kasan_check_range+0x10c/0x1c0 [ 11.701989] __asan_memmove+0x27/0x70 [ 11.702009] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.702033] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.702058] ? __schedule+0x10cc/0x2b30 [ 11.702081] ? __pfx_read_tsc+0x10/0x10 [ 11.702100] ? ktime_get_ts64+0x86/0x230 [ 11.702135] kunit_try_run_case+0x1a5/0x480 [ 11.702158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.702178] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.702201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.702224] ? __kthread_parkme+0x82/0x180 [ 11.702245] ? preempt_count_sub+0x50/0x80 [ 11.702269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.702295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.702319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.702355] kthread+0x337/0x6f0 [ 11.702375] ? trace_preempt_on+0x20/0xc0 [ 11.702570] ? __pfx_kthread+0x10/0x10 [ 11.702599] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.702621] ? calculate_sigpending+0x7b/0xa0 [ 11.702642] ? __pfx_kthread+0x10/0x10 [ 11.702664] ret_from_fork+0x41/0x80 [ 11.702685] ? __pfx_kthread+0x10/0x10 [ 11.702706] ret_from_fork_asm+0x1a/0x30 [ 11.702737] </TASK> [ 11.702748] [ 11.712763] Allocated by task 202: [ 11.712959] kasan_save_stack+0x45/0x70 [ 11.713489] kasan_save_track+0x18/0x40 [ 11.713682] kasan_save_alloc_info+0x3b/0x50 [ 11.713839] __kasan_kmalloc+0xb7/0xc0 [ 11.714104] __kmalloc_cache_noprof+0x189/0x420 [ 11.714592] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.714824] kunit_try_run_case+0x1a5/0x480 [ 11.715014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.715450] kthread+0x337/0x6f0 [ 11.715859] ret_from_fork+0x41/0x80 [ 11.716134] ret_from_fork_asm+0x1a/0x30 [ 11.716439] [ 11.716607] The buggy address belongs to the object at ffff888102b3f380 [ 11.716607] which belongs to the cache kmalloc-64 of size 64 [ 11.717088] The buggy address is located 4 bytes inside of [ 11.717088] allocated 64-byte region [ffff888102b3f380, ffff888102b3f3c0) [ 11.717755] [ 11.718035] The buggy address belongs to the physical page: [ 11.718265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3f [ 11.718680] flags: 0x200000000000000(node=0|zone=2) [ 11.718861] page_type: f5(slab) [ 11.719028] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.719348] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.719907] page dumped because: kasan: bad access detected [ 11.720092] [ 11.720237] Memory state around the buggy address: [ 11.720537] ffff888102b3f280: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 11.720884] ffff888102b3f300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.721151] >ffff888102b3f380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.721413] ^ [ 11.721656] ffff888102b3f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.722030] ffff888102b3f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.722390] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 11.673877] ================================================================== [ 11.675046] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.675502] Read of size 18446744073709551614 at addr ffff888102b3f204 by task kunit_try_catch/200 [ 11.675878] [ 11.676458] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.676505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.676517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.676537] Call Trace: [ 11.676548] <TASK> [ 11.676563] dump_stack_lvl+0x73/0xb0 [ 11.676589] print_report+0xd1/0x650 [ 11.676611] ? __virt_addr_valid+0x1db/0x2d0 [ 11.676633] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.676657] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.676679] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.676724] kasan_report+0x141/0x180 [ 11.676747] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.676777] kasan_check_range+0x10c/0x1c0 [ 11.676801] __asan_memmove+0x27/0x70 [ 11.676821] kmalloc_memmove_negative_size+0x171/0x330 [ 11.676845] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.676871] ? __schedule+0x10cc/0x2b30 [ 11.676894] ? __pfx_read_tsc+0x10/0x10 [ 11.676914] ? ktime_get_ts64+0x86/0x230 [ 11.676938] kunit_try_run_case+0x1a5/0x480 [ 11.676961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.676982] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.677004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.677028] ? __kthread_parkme+0x82/0x180 [ 11.677049] ? preempt_count_sub+0x50/0x80 [ 11.677073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.677096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.677117] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.677200] kthread+0x337/0x6f0 [ 11.677221] ? trace_preempt_on+0x20/0xc0 [ 11.677245] ? __pfx_kthread+0x10/0x10 [ 11.677267] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.677289] ? calculate_sigpending+0x7b/0xa0 [ 11.677310] ? __pfx_kthread+0x10/0x10 [ 11.677344] ret_from_fork+0x41/0x80 [ 11.677365] ? __pfx_kthread+0x10/0x10 [ 11.677420] ret_from_fork_asm+0x1a/0x30 [ 11.677454] </TASK> [ 11.677465] [ 11.687344] Allocated by task 200: [ 11.687808] kasan_save_stack+0x45/0x70 [ 11.688007] kasan_save_track+0x18/0x40 [ 11.688247] kasan_save_alloc_info+0x3b/0x50 [ 11.688627] __kasan_kmalloc+0xb7/0xc0 [ 11.688788] __kmalloc_cache_noprof+0x189/0x420 [ 11.689001] kmalloc_memmove_negative_size+0xac/0x330 [ 11.689447] kunit_try_run_case+0x1a5/0x480 [ 11.689646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.689881] kthread+0x337/0x6f0 [ 11.690158] ret_from_fork+0x41/0x80 [ 11.690333] ret_from_fork_asm+0x1a/0x30 [ 11.690610] [ 11.690699] The buggy address belongs to the object at ffff888102b3f200 [ 11.690699] which belongs to the cache kmalloc-64 of size 64 [ 11.691230] The buggy address is located 4 bytes inside of [ 11.691230] 64-byte region [ffff888102b3f200, ffff888102b3f240) [ 11.691863] [ 11.691979] The buggy address belongs to the physical page: [ 11.692352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3f [ 11.692760] flags: 0x200000000000000(node=0|zone=2) [ 11.692977] page_type: f5(slab) [ 11.693438] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.693737] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.694145] page dumped because: kasan: bad access detected [ 11.694378] [ 11.694508] Memory state around the buggy address: [ 11.695098] ffff888102b3f100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.695492] ffff888102b3f180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.695761] >ffff888102b3f200: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.696035] ^ [ 11.696214] ffff888102b3f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.696475] ffff888102b3f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.696807] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 11.246899] ================================================================== [ 11.247254] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.247503] Write of size 1 at addr ffff888100a234da by task kunit_try_catch/178 [ 11.247998] [ 11.248109] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.248151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.248163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.248183] Call Trace: [ 11.248197] <TASK> [ 11.248212] dump_stack_lvl+0x73/0xb0 [ 11.248235] print_report+0xd1/0x650 [ 11.248258] ? __virt_addr_valid+0x1db/0x2d0 [ 11.248279] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.248303] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.248335] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.248359] kasan_report+0x141/0x180 [ 11.248382] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.248411] __asan_report_store1_noabort+0x1b/0x30 [ 11.248432] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.248458] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.248483] ? finish_task_switch.isra.0+0x153/0x700 [ 11.248505] ? __switch_to+0x5d9/0xf60 [ 11.248524] ? dequeue_task_fair+0x156/0x4e0 [ 11.248549] ? __schedule+0x10cc/0x2b30 [ 11.248572] ? __pfx_read_tsc+0x10/0x10 [ 11.248595] krealloc_less_oob+0x1c/0x30 [ 11.248617] kunit_try_run_case+0x1a5/0x480 [ 11.248640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.248661] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.248684] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.248708] ? __kthread_parkme+0x82/0x180 [ 11.248729] ? preempt_count_sub+0x50/0x80 [ 11.248753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.248776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.248798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.248820] kthread+0x337/0x6f0 [ 11.248841] ? trace_preempt_on+0x20/0xc0 [ 11.248864] ? __pfx_kthread+0x10/0x10 [ 11.248885] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.248907] ? calculate_sigpending+0x7b/0xa0 [ 11.248928] ? __pfx_kthread+0x10/0x10 [ 11.248950] ret_from_fork+0x41/0x80 [ 11.248971] ? __pfx_kthread+0x10/0x10 [ 11.248993] ret_from_fork_asm+0x1a/0x30 [ 11.249024] </TASK> [ 11.249034] [ 11.257866] Allocated by task 178: [ 11.258087] kasan_save_stack+0x45/0x70 [ 11.258314] kasan_save_track+0x18/0x40 [ 11.258583] kasan_save_alloc_info+0x3b/0x50 [ 11.258823] __kasan_krealloc+0x190/0x1f0 [ 11.258969] krealloc_noprof+0xf3/0x340 [ 11.259208] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.259667] krealloc_less_oob+0x1c/0x30 [ 11.259837] kunit_try_run_case+0x1a5/0x480 [ 11.260025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.260315] kthread+0x337/0x6f0 [ 11.260493] ret_from_fork+0x41/0x80 [ 11.260681] ret_from_fork_asm+0x1a/0x30 [ 11.260879] [ 11.260974] The buggy address belongs to the object at ffff888100a23400 [ 11.260974] which belongs to the cache kmalloc-256 of size 256 [ 11.261614] The buggy address is located 17 bytes to the right of [ 11.261614] allocated 201-byte region [ffff888100a23400, ffff888100a234c9) [ 11.262068] [ 11.262213] The buggy address belongs to the physical page: [ 11.262575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22 [ 11.262950] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.263210] flags: 0x200000000000040(head|node=0|zone=2) [ 11.263706] page_type: f5(slab) [ 11.263884] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.264220] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.264633] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.264999] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.265376] head: 0200000000000001 ffffea0004028881 00000000ffffffff 00000000ffffffff [ 11.265791] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.266081] page dumped because: kasan: bad access detected [ 11.266368] [ 11.266465] Memory state around the buggy address: [ 11.266782] ffff888100a23380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.267066] ffff888100a23400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.267631] >ffff888100a23480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.267908] ^ [ 11.268218] ffff888100a23500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.268630] ffff888100a23580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.268938] ================================================================== [ 11.203049] ================================================================== [ 11.203567] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.204012] Write of size 1 at addr ffff888100a234c9 by task kunit_try_catch/178 [ 11.204367] [ 11.204472] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.204515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.204538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.204557] Call Trace: [ 11.204569] <TASK> [ 11.204584] dump_stack_lvl+0x73/0xb0 [ 11.204610] print_report+0xd1/0x650 [ 11.204633] ? __virt_addr_valid+0x1db/0x2d0 [ 11.204655] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.204679] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.204701] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.204725] kasan_report+0x141/0x180 [ 11.204747] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.204776] __asan_report_store1_noabort+0x1b/0x30 [ 11.204798] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.204824] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.204848] ? finish_task_switch.isra.0+0x153/0x700 [ 11.204871] ? __switch_to+0x5d9/0xf60 [ 11.204891] ? dequeue_task_fair+0x156/0x4e0 [ 11.204916] ? __schedule+0x10cc/0x2b30 [ 11.204940] ? __pfx_read_tsc+0x10/0x10 [ 11.204963] krealloc_less_oob+0x1c/0x30 [ 11.204985] kunit_try_run_case+0x1a5/0x480 [ 11.205009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.205030] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.205053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.205077] ? __kthread_parkme+0x82/0x180 [ 11.205098] ? preempt_count_sub+0x50/0x80 [ 11.205122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.205157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.205179] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.205201] kthread+0x337/0x6f0 [ 11.205223] ? trace_preempt_on+0x20/0xc0 [ 11.205246] ? __pfx_kthread+0x10/0x10 [ 11.205268] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.205289] ? calculate_sigpending+0x7b/0xa0 [ 11.205311] ? __pfx_kthread+0x10/0x10 [ 11.205344] ret_from_fork+0x41/0x80 [ 11.205364] ? __pfx_kthread+0x10/0x10 [ 11.205386] ret_from_fork_asm+0x1a/0x30 [ 11.205418] </TASK> [ 11.205429] [ 11.213102] Allocated by task 178: [ 11.213257] kasan_save_stack+0x45/0x70 [ 11.213605] kasan_save_track+0x18/0x40 [ 11.213812] kasan_save_alloc_info+0x3b/0x50 [ 11.214018] __kasan_krealloc+0x190/0x1f0 [ 11.214235] krealloc_noprof+0xf3/0x340 [ 11.214415] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.214756] krealloc_less_oob+0x1c/0x30 [ 11.214903] kunit_try_run_case+0x1a5/0x480 [ 11.215093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.215371] kthread+0x337/0x6f0 [ 11.215555] ret_from_fork+0x41/0x80 [ 11.215741] ret_from_fork_asm+0x1a/0x30 [ 11.215918] [ 11.215988] The buggy address belongs to the object at ffff888100a23400 [ 11.215988] which belongs to the cache kmalloc-256 of size 256 [ 11.216618] The buggy address is located 0 bytes to the right of [ 11.216618] allocated 201-byte region [ffff888100a23400, ffff888100a234c9) [ 11.217085] [ 11.217199] The buggy address belongs to the physical page: [ 11.217419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22 [ 11.217749] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.217976] flags: 0x200000000000040(head|node=0|zone=2) [ 11.218171] page_type: f5(slab) [ 11.218372] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.218710] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.219056] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.219553] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.219782] head: 0200000000000001 ffffea0004028881 00000000ffffffff 00000000ffffffff [ 11.220049] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.220725] page dumped because: kasan: bad access detected [ 11.220982] [ 11.221074] Memory state around the buggy address: [ 11.221343] ffff888100a23380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.221820] ffff888100a23400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.222063] >ffff888100a23480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.222497] ^ [ 11.222670] ffff888100a23500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.222906] ffff888100a23580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.223884] ================================================================== [ 11.401927] ================================================================== [ 11.402199] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.402557] Write of size 1 at addr ffff888102c5a0da by task kunit_try_catch/182 [ 11.402873] [ 11.402973] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.403011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.403022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.403040] Call Trace: [ 11.403053] <TASK> [ 11.403065] dump_stack_lvl+0x73/0xb0 [ 11.403087] print_report+0xd1/0x650 [ 11.403108] ? __virt_addr_valid+0x1db/0x2d0 [ 11.403127] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.403150] ? kasan_addr_to_slab+0x11/0xa0 [ 11.403169] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.403193] kasan_report+0x141/0x180 [ 11.403214] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.403241] __asan_report_store1_noabort+0x1b/0x30 [ 11.403278] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.403305] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.403339] ? finish_task_switch.isra.0+0x153/0x700 [ 11.403360] ? __switch_to+0x5d9/0xf60 [ 11.403379] ? dequeue_task_fair+0x156/0x4e0 [ 11.403403] ? __schedule+0x10cc/0x2b30 [ 11.403425] ? __pfx_read_tsc+0x10/0x10 [ 11.403447] krealloc_large_less_oob+0x1c/0x30 [ 11.403469] kunit_try_run_case+0x1a5/0x480 [ 11.403492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.403513] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.403535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.403558] ? __kthread_parkme+0x82/0x180 [ 11.403578] ? preempt_count_sub+0x50/0x80 [ 11.403602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.403624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.403646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.403668] kthread+0x337/0x6f0 [ 11.403688] ? trace_preempt_on+0x20/0xc0 [ 11.403710] ? __pfx_kthread+0x10/0x10 [ 11.403731] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.403753] ? calculate_sigpending+0x7b/0xa0 [ 11.403774] ? __pfx_kthread+0x10/0x10 [ 11.403795] ret_from_fork+0x41/0x80 [ 11.403815] ? __pfx_kthread+0x10/0x10 [ 11.403837] ret_from_fork_asm+0x1a/0x30 [ 11.403868] </TASK> [ 11.403878] [ 11.411373] The buggy address belongs to the physical page: [ 11.411609] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58 [ 11.411943] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.412613] flags: 0x200000000000040(head|node=0|zone=2) [ 11.412817] page_type: f8(unknown) [ 11.412966] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.413533] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.413842] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.414109] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.414535] head: 0200000000000002 ffffea00040b1601 00000000ffffffff 00000000ffffffff [ 11.414767] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.414991] page dumped because: kasan: bad access detected [ 11.415158] [ 11.415226] Memory state around the buggy address: [ 11.415511] ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.415829] ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.416136] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.416406] ^ [ 11.416591] ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.416799] ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.417256] ================================================================== [ 11.435063] ================================================================== [ 11.435546] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.435830] Write of size 1 at addr ffff888102c5a0eb by task kunit_try_catch/182 [ 11.436149] [ 11.436242] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.436282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.436293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.436311] Call Trace: [ 11.436336] <TASK> [ 11.436348] dump_stack_lvl+0x73/0xb0 [ 11.436371] print_report+0xd1/0x650 [ 11.436439] ? __virt_addr_valid+0x1db/0x2d0 [ 11.436462] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.436485] ? kasan_addr_to_slab+0x11/0xa0 [ 11.436505] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.436529] kasan_report+0x141/0x180 [ 11.436551] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.436580] __asan_report_store1_noabort+0x1b/0x30 [ 11.436601] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.436627] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.436651] ? finish_task_switch.isra.0+0x153/0x700 [ 11.436672] ? __switch_to+0x5d9/0xf60 [ 11.436691] ? dequeue_task_fair+0x156/0x4e0 [ 11.436715] ? __schedule+0x10cc/0x2b30 [ 11.436738] ? __pfx_read_tsc+0x10/0x10 [ 11.436760] krealloc_large_less_oob+0x1c/0x30 [ 11.436783] kunit_try_run_case+0x1a5/0x480 [ 11.436805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.436826] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.436850] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.436873] ? __kthread_parkme+0x82/0x180 [ 11.436894] ? preempt_count_sub+0x50/0x80 [ 11.436917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.436940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.436962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.436985] kthread+0x337/0x6f0 [ 11.437005] ? trace_preempt_on+0x20/0xc0 [ 11.437028] ? __pfx_kthread+0x10/0x10 [ 11.437049] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.437070] ? calculate_sigpending+0x7b/0xa0 [ 11.437091] ? __pfx_kthread+0x10/0x10 [ 11.437113] ret_from_fork+0x41/0x80 [ 11.437133] ? __pfx_kthread+0x10/0x10 [ 11.437154] ret_from_fork_asm+0x1a/0x30 [ 11.437185] </TASK> [ 11.437195] [ 11.444733] The buggy address belongs to the physical page: [ 11.444910] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58 [ 11.445146] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.445380] flags: 0x200000000000040(head|node=0|zone=2) [ 11.445628] page_type: f8(unknown) [ 11.445807] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.446312] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.446608] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.446836] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.447063] head: 0200000000000002 ffffea00040b1601 00000000ffffffff 00000000ffffffff [ 11.447934] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.448559] page dumped because: kasan: bad access detected [ 11.448872] [ 11.448945] Memory state around the buggy address: [ 11.449099] ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.449345] ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.449832] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.450149] ^ [ 11.450439] ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.450693] ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.451019] ================================================================== [ 11.417977] ================================================================== [ 11.418575] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.418914] Write of size 1 at addr ffff888102c5a0ea by task kunit_try_catch/182 [ 11.419226] [ 11.419338] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.419379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.419390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.419409] Call Trace: [ 11.419423] <TASK> [ 11.419437] dump_stack_lvl+0x73/0xb0 [ 11.419459] print_report+0xd1/0x650 [ 11.419481] ? __virt_addr_valid+0x1db/0x2d0 [ 11.419501] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.419524] ? kasan_addr_to_slab+0x11/0xa0 [ 11.419545] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.419569] kasan_report+0x141/0x180 [ 11.419591] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.419620] __asan_report_store1_noabort+0x1b/0x30 [ 11.419640] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.419666] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.419690] ? finish_task_switch.isra.0+0x153/0x700 [ 11.419712] ? __switch_to+0x5d9/0xf60 [ 11.419731] ? dequeue_task_fair+0x156/0x4e0 [ 11.419755] ? __schedule+0x10cc/0x2b30 [ 11.419780] ? __pfx_read_tsc+0x10/0x10 [ 11.419803] krealloc_large_less_oob+0x1c/0x30 [ 11.419826] kunit_try_run_case+0x1a5/0x480 [ 11.419849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.419869] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.419892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.419915] ? __kthread_parkme+0x82/0x180 [ 11.419935] ? preempt_count_sub+0x50/0x80 [ 11.419959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.419981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.420003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.420025] kthread+0x337/0x6f0 [ 11.420045] ? trace_preempt_on+0x20/0xc0 [ 11.420067] ? __pfx_kthread+0x10/0x10 [ 11.420089] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.420110] ? calculate_sigpending+0x7b/0xa0 [ 11.420186] ? __pfx_kthread+0x10/0x10 [ 11.420210] ret_from_fork+0x41/0x80 [ 11.420230] ? __pfx_kthread+0x10/0x10 [ 11.420252] ret_from_fork_asm+0x1a/0x30 [ 11.420283] </TASK> [ 11.420293] [ 11.428236] The buggy address belongs to the physical page: [ 11.428510] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58 [ 11.428816] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.429037] flags: 0x200000000000040(head|node=0|zone=2) [ 11.429206] page_type: f8(unknown) [ 11.429340] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.429777] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.430123] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.430738] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.431097] head: 0200000000000002 ffffea00040b1601 00000000ffffffff 00000000ffffffff [ 11.431578] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.431806] page dumped because: kasan: bad access detected [ 11.431975] [ 11.432043] Memory state around the buggy address: [ 11.432378] ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.432694] ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.433010] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.433584] ^ [ 11.433871] ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.434457] ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.434742] ================================================================== [ 11.269795] ================================================================== [ 11.270131] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.270487] Write of size 1 at addr ffff888100a234ea by task kunit_try_catch/178 [ 11.270812] [ 11.270901] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.270969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.270981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.271000] Call Trace: [ 11.271024] <TASK> [ 11.271038] dump_stack_lvl+0x73/0xb0 [ 11.271061] print_report+0xd1/0x650 [ 11.271083] ? __virt_addr_valid+0x1db/0x2d0 [ 11.271104] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.271143] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.271165] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.271189] kasan_report+0x141/0x180 [ 11.271212] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.271241] __asan_report_store1_noabort+0x1b/0x30 [ 11.271262] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.271289] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.271312] ? finish_task_switch.isra.0+0x153/0x700 [ 11.271345] ? __switch_to+0x5d9/0xf60 [ 11.271364] ? dequeue_task_fair+0x156/0x4e0 [ 11.271409] ? __schedule+0x10cc/0x2b30 [ 11.271431] ? __pfx_read_tsc+0x10/0x10 [ 11.271454] krealloc_less_oob+0x1c/0x30 [ 11.271475] kunit_try_run_case+0x1a5/0x480 [ 11.271498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.271519] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.271542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.271567] ? __kthread_parkme+0x82/0x180 [ 11.271588] ? preempt_count_sub+0x50/0x80 [ 11.271612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.271635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.271657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.271679] kthread+0x337/0x6f0 [ 11.271700] ? trace_preempt_on+0x20/0xc0 [ 11.271722] ? __pfx_kthread+0x10/0x10 [ 11.271744] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.271766] ? calculate_sigpending+0x7b/0xa0 [ 11.271787] ? __pfx_kthread+0x10/0x10 [ 11.271808] ret_from_fork+0x41/0x80 [ 11.271829] ? __pfx_kthread+0x10/0x10 [ 11.271850] ret_from_fork_asm+0x1a/0x30 [ 11.271881] </TASK> [ 11.271891] [ 11.279833] Allocated by task 178: [ 11.279960] kasan_save_stack+0x45/0x70 [ 11.280119] kasan_save_track+0x18/0x40 [ 11.280341] kasan_save_alloc_info+0x3b/0x50 [ 11.280618] __kasan_krealloc+0x190/0x1f0 [ 11.280820] krealloc_noprof+0xf3/0x340 [ 11.280997] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.281186] krealloc_less_oob+0x1c/0x30 [ 11.281457] kunit_try_run_case+0x1a5/0x480 [ 11.281670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.281896] kthread+0x337/0x6f0 [ 11.282018] ret_from_fork+0x41/0x80 [ 11.282225] ret_from_fork_asm+0x1a/0x30 [ 11.282650] [ 11.282753] The buggy address belongs to the object at ffff888100a23400 [ 11.282753] which belongs to the cache kmalloc-256 of size 256 [ 11.283241] The buggy address is located 33 bytes to the right of [ 11.283241] allocated 201-byte region [ffff888100a23400, ffff888100a234c9) [ 11.283752] [ 11.283828] The buggy address belongs to the physical page: [ 11.284072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22 [ 11.284529] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.284761] flags: 0x200000000000040(head|node=0|zone=2) [ 11.284931] page_type: f5(slab) [ 11.285065] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.285516] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.285865] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.286233] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.286767] head: 0200000000000001 ffffea0004028881 00000000ffffffff 00000000ffffffff [ 11.287007] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.287454] page dumped because: kasan: bad access detected [ 11.287713] [ 11.287806] Memory state around the buggy address: [ 11.288026] ffff888100a23380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.288315] ffff888100a23400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.288571] >ffff888100a23480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.288891] ^ [ 11.289143] ffff888100a23500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.289506] ffff888100a23580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.289792] ================================================================== [ 11.385476] ================================================================== [ 11.385714] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.386037] Write of size 1 at addr ffff888102c5a0d0 by task kunit_try_catch/182 [ 11.386377] [ 11.386539] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.386582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.386594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.386613] Call Trace: [ 11.386624] <TASK> [ 11.386639] dump_stack_lvl+0x73/0xb0 [ 11.386662] print_report+0xd1/0x650 [ 11.386683] ? __virt_addr_valid+0x1db/0x2d0 [ 11.386704] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.386727] ? kasan_addr_to_slab+0x11/0xa0 [ 11.386747] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.386772] kasan_report+0x141/0x180 [ 11.386794] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.386824] __asan_report_store1_noabort+0x1b/0x30 [ 11.386844] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.386870] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.386894] ? finish_task_switch.isra.0+0x153/0x700 [ 11.386916] ? __switch_to+0x5d9/0xf60 [ 11.386934] ? dequeue_task_fair+0x156/0x4e0 [ 11.386959] ? __schedule+0x10cc/0x2b30 [ 11.386981] ? __pfx_read_tsc+0x10/0x10 [ 11.387003] krealloc_large_less_oob+0x1c/0x30 [ 11.387026] kunit_try_run_case+0x1a5/0x480 [ 11.387049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.387070] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.387092] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.387115] ? __kthread_parkme+0x82/0x180 [ 11.387137] ? preempt_count_sub+0x50/0x80 [ 11.387176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.387199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.387221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.387243] kthread+0x337/0x6f0 [ 11.387263] ? trace_preempt_on+0x20/0xc0 [ 11.387286] ? __pfx_kthread+0x10/0x10 [ 11.387307] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.387340] ? calculate_sigpending+0x7b/0xa0 [ 11.387361] ? __pfx_kthread+0x10/0x10 [ 11.387382] ret_from_fork+0x41/0x80 [ 11.387402] ? __pfx_kthread+0x10/0x10 [ 11.387423] ret_from_fork_asm+0x1a/0x30 [ 11.387644] </TASK> [ 11.387657] [ 11.395425] The buggy address belongs to the physical page: [ 11.395664] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58 [ 11.396218] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.396583] flags: 0x200000000000040(head|node=0|zone=2) [ 11.396761] page_type: f8(unknown) [ 11.396889] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.397155] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.397501] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.397911] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.398451] head: 0200000000000002 ffffea00040b1601 00000000ffffffff 00000000ffffffff [ 11.398689] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.398915] page dumped because: kasan: bad access detected [ 11.399115] [ 11.399222] Memory state around the buggy address: [ 11.399603] ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.399936] ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.400314] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.400717] ^ [ 11.400968] ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.401343] ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.401664] ================================================================== [ 11.290247] ================================================================== [ 11.290734] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.290988] Write of size 1 at addr ffff888100a234eb by task kunit_try_catch/178 [ 11.291335] [ 11.291533] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.291578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.291589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.291608] Call Trace: [ 11.291620] <TASK> [ 11.291634] dump_stack_lvl+0x73/0xb0 [ 11.291659] print_report+0xd1/0x650 [ 11.291681] ? __virt_addr_valid+0x1db/0x2d0 [ 11.291702] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.291726] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.291748] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.291772] kasan_report+0x141/0x180 [ 11.291795] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.291825] __asan_report_store1_noabort+0x1b/0x30 [ 11.291847] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.291874] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.291899] ? finish_task_switch.isra.0+0x153/0x700 [ 11.291921] ? __switch_to+0x5d9/0xf60 [ 11.291940] ? dequeue_task_fair+0x156/0x4e0 [ 11.291965] ? __schedule+0x10cc/0x2b30 [ 11.291987] ? __pfx_read_tsc+0x10/0x10 [ 11.292010] krealloc_less_oob+0x1c/0x30 [ 11.292032] kunit_try_run_case+0x1a5/0x480 [ 11.292056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.292077] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.292100] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.292146] ? __kthread_parkme+0x82/0x180 [ 11.292168] ? preempt_count_sub+0x50/0x80 [ 11.292192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.292215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.292238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.292263] kthread+0x337/0x6f0 [ 11.292286] ? trace_preempt_on+0x20/0xc0 [ 11.292309] ? __pfx_kthread+0x10/0x10 [ 11.292341] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.292364] ? calculate_sigpending+0x7b/0xa0 [ 11.292460] ? __pfx_kthread+0x10/0x10 [ 11.292484] ret_from_fork+0x41/0x80 [ 11.292506] ? __pfx_kthread+0x10/0x10 [ 11.292528] ret_from_fork_asm+0x1a/0x30 [ 11.292562] </TASK> [ 11.292572] [ 11.300567] Allocated by task 178: [ 11.300701] kasan_save_stack+0x45/0x70 [ 11.300888] kasan_save_track+0x18/0x40 [ 11.301074] kasan_save_alloc_info+0x3b/0x50 [ 11.301304] __kasan_krealloc+0x190/0x1f0 [ 11.301604] krealloc_noprof+0xf3/0x340 [ 11.301753] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.301918] krealloc_less_oob+0x1c/0x30 [ 11.302113] kunit_try_run_case+0x1a5/0x480 [ 11.303982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.304697] kthread+0x337/0x6f0 [ 11.304838] ret_from_fork+0x41/0x80 [ 11.304966] ret_from_fork_asm+0x1a/0x30 [ 11.305099] [ 11.305169] The buggy address belongs to the object at ffff888100a23400 [ 11.305169] which belongs to the cache kmalloc-256 of size 256 [ 11.305516] The buggy address is located 34 bytes to the right of [ 11.305516] allocated 201-byte region [ffff888100a23400, ffff888100a234c9) [ 11.305872] [ 11.306497] The buggy address belongs to the physical page: [ 11.307277] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22 [ 11.309119] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.310622] flags: 0x200000000000040(head|node=0|zone=2) [ 11.311129] page_type: f5(slab) [ 11.311738] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.313049] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.313522] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.313834] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.314154] head: 0200000000000001 ffffea0004028881 00000000ffffffff 00000000ffffffff [ 11.314643] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.314967] page dumped because: kasan: bad access detected [ 11.315204] [ 11.315302] Memory state around the buggy address: [ 11.315627] ffff888100a23380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.315900] ffff888100a23400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.316195] >ffff888100a23480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.316595] ^ [ 11.316838] ffff888100a23500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.317163] ffff888100a23580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.317519] ================================================================== [ 11.369229] ================================================================== [ 11.370054] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.370447] Write of size 1 at addr ffff888102c5a0c9 by task kunit_try_catch/182 [ 11.370741] [ 11.370848] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.370889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.370900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.370918] Call Trace: [ 11.370929] <TASK> [ 11.370942] dump_stack_lvl+0x73/0xb0 [ 11.370967] print_report+0xd1/0x650 [ 11.370988] ? __virt_addr_valid+0x1db/0x2d0 [ 11.371009] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.371032] ? kasan_addr_to_slab+0x11/0xa0 [ 11.371052] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.371076] kasan_report+0x141/0x180 [ 11.371098] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.371128] __asan_report_store1_noabort+0x1b/0x30 [ 11.371158] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.371184] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.371208] ? finish_task_switch.isra.0+0x153/0x700 [ 11.371230] ? __switch_to+0x5d9/0xf60 [ 11.371248] ? dequeue_task_fair+0x156/0x4e0 [ 11.371272] ? __schedule+0x10cc/0x2b30 [ 11.371294] ? __pfx_read_tsc+0x10/0x10 [ 11.371316] krealloc_large_less_oob+0x1c/0x30 [ 11.371353] kunit_try_run_case+0x1a5/0x480 [ 11.371376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.371413] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.371436] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.371459] ? __kthread_parkme+0x82/0x180 [ 11.371480] ? preempt_count_sub+0x50/0x80 [ 11.371504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.371526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.371548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.371570] kthread+0x337/0x6f0 [ 11.371590] ? trace_preempt_on+0x20/0xc0 [ 11.371613] ? __pfx_kthread+0x10/0x10 [ 11.371634] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.371655] ? calculate_sigpending+0x7b/0xa0 [ 11.371675] ? __pfx_kthread+0x10/0x10 [ 11.371697] ret_from_fork+0x41/0x80 [ 11.371717] ? __pfx_kthread+0x10/0x10 [ 11.371738] ret_from_fork_asm+0x1a/0x30 [ 11.371769] </TASK> [ 11.371779] [ 11.378831] The buggy address belongs to the physical page: [ 11.379095] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58 [ 11.379569] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.379844] flags: 0x200000000000040(head|node=0|zone=2) [ 11.380094] page_type: f8(unknown) [ 11.380269] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.380611] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.380907] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.381159] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.381399] head: 0200000000000002 ffffea00040b1601 00000000ffffffff 00000000ffffffff [ 11.381852] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.382185] page dumped because: kasan: bad access detected [ 11.382449] [ 11.382543] Memory state around the buggy address: [ 11.382750] ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.383027] ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.383665] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.383885] ^ [ 11.384136] ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.384723] ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.385006] ================================================================== [ 11.224749] ================================================================== [ 11.225065] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.225717] Write of size 1 at addr ffff888100a234d0 by task kunit_try_catch/178 [ 11.226480] [ 11.226703] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.226748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.226759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.226778] Call Trace: [ 11.226793] <TASK> [ 11.226808] dump_stack_lvl+0x73/0xb0 [ 11.226833] print_report+0xd1/0x650 [ 11.226855] ? __virt_addr_valid+0x1db/0x2d0 [ 11.226876] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.226899] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.226922] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.226946] kasan_report+0x141/0x180 [ 11.226968] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.226997] __asan_report_store1_noabort+0x1b/0x30 [ 11.227018] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.227044] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.227069] ? finish_task_switch.isra.0+0x153/0x700 [ 11.227091] ? __switch_to+0x5d9/0xf60 [ 11.227110] ? dequeue_task_fair+0x156/0x4e0 [ 11.227136] ? __schedule+0x10cc/0x2b30 [ 11.227159] ? __pfx_read_tsc+0x10/0x10 [ 11.227182] krealloc_less_oob+0x1c/0x30 [ 11.227203] kunit_try_run_case+0x1a5/0x480 [ 11.227226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.227248] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.227270] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.227294] ? __kthread_parkme+0x82/0x180 [ 11.227315] ? preempt_count_sub+0x50/0x80 [ 11.227352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.227374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.227397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.227464] kthread+0x337/0x6f0 [ 11.227486] ? trace_preempt_on+0x20/0xc0 [ 11.227509] ? __pfx_kthread+0x10/0x10 [ 11.227530] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.227552] ? calculate_sigpending+0x7b/0xa0 [ 11.227573] ? __pfx_kthread+0x10/0x10 [ 11.227596] ret_from_fork+0x41/0x80 [ 11.227615] ? __pfx_kthread+0x10/0x10 [ 11.227637] ret_from_fork_asm+0x1a/0x30 [ 11.227668] </TASK> [ 11.227679] [ 11.235806] Allocated by task 178: [ 11.235967] kasan_save_stack+0x45/0x70 [ 11.236178] kasan_save_track+0x18/0x40 [ 11.236316] kasan_save_alloc_info+0x3b/0x50 [ 11.236530] __kasan_krealloc+0x190/0x1f0 [ 11.236908] krealloc_noprof+0xf3/0x340 [ 11.237110] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.237312] krealloc_less_oob+0x1c/0x30 [ 11.237520] kunit_try_run_case+0x1a5/0x480 [ 11.237666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.237842] kthread+0x337/0x6f0 [ 11.238084] ret_from_fork+0x41/0x80 [ 11.238281] ret_from_fork_asm+0x1a/0x30 [ 11.238504] [ 11.238600] The buggy address belongs to the object at ffff888100a23400 [ 11.238600] which belongs to the cache kmalloc-256 of size 256 [ 11.239143] The buggy address is located 7 bytes to the right of [ 11.239143] allocated 201-byte region [ffff888100a23400, ffff888100a234c9) [ 11.239820] [ 11.239923] The buggy address belongs to the physical page: [ 11.240149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22 [ 11.240659] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.240957] flags: 0x200000000000040(head|node=0|zone=2) [ 11.241228] page_type: f5(slab) [ 11.241442] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.241695] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.242043] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.242407] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.242817] head: 0200000000000001 ffffea0004028881 00000000ffffffff 00000000ffffffff [ 11.243097] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.243335] page dumped because: kasan: bad access detected [ 11.243508] [ 11.243653] Memory state around the buggy address: [ 11.243877] ffff888100a23380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.244253] ffff888100a23400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.244765] >ffff888100a23480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.245304] ^ [ 11.245712] ffff888100a23500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.245966] ffff888100a23580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.246221] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 13.349463] ================================================================== [ 13.350387] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 13.351298] Read of size 1 at addr ffff888103acfc4a by task kunit_try_catch/273 [ 13.351757] [ 13.351939] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.351998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.352010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.352033] Call Trace: [ 13.352056] <TASK> [ 13.352082] dump_stack_lvl+0x73/0xb0 [ 13.352112] print_report+0xd1/0x650 [ 13.352137] ? __virt_addr_valid+0x1db/0x2d0 [ 13.352172] ? kasan_alloca_oob_right+0x329/0x390 [ 13.352195] ? kasan_addr_to_slab+0x11/0xa0 [ 13.352217] ? kasan_alloca_oob_right+0x329/0x390 [ 13.352240] kasan_report+0x141/0x180 [ 13.352263] ? kasan_alloca_oob_right+0x329/0x390 [ 13.352291] __asan_report_load1_noabort+0x18/0x20 [ 13.352313] kasan_alloca_oob_right+0x329/0x390 [ 13.352347] ? finish_task_switch.isra.0+0x153/0x700 [ 13.352373] ? rwsem_down_read_slowpath+0x64e/0xb90 [ 13.352453] ? trace_hardirqs_on+0x37/0xe0 [ 13.352482] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.352508] ? __schedule+0x10cc/0x2b30 [ 13.352532] ? __pfx_read_tsc+0x10/0x10 [ 13.352553] ? ktime_get_ts64+0x86/0x230 [ 13.352581] kunit_try_run_case+0x1a5/0x480 [ 13.352608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.352630] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.352654] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.352678] ? __kthread_parkme+0x82/0x180 [ 13.352700] ? preempt_count_sub+0x50/0x80 [ 13.352724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.352748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.352771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.352794] kthread+0x337/0x6f0 [ 13.352814] ? trace_preempt_on+0x20/0xc0 [ 13.352836] ? __pfx_kthread+0x10/0x10 [ 13.352858] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.352880] ? calculate_sigpending+0x7b/0xa0 [ 13.352902] ? __pfx_kthread+0x10/0x10 [ 13.352925] ret_from_fork+0x41/0x80 [ 13.352945] ? __pfx_kthread+0x10/0x10 [ 13.352967] ret_from_fork_asm+0x1a/0x30 [ 13.353000] </TASK> [ 13.353010] [ 13.364385] The buggy address belongs to stack of task kunit_try_catch/273 [ 13.364740] [ 13.364827] The buggy address belongs to the physical page: [ 13.365003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103acf [ 13.365362] flags: 0x200000000000000(node=0|zone=2) [ 13.365688] raw: 0200000000000000 ffffea00040eb3c8 ffffea00040eb3c8 0000000000000000 [ 13.365991] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.366344] page dumped because: kasan: bad access detected [ 13.366539] [ 13.366634] Memory state around the buggy address: [ 13.366859] ffff888103acfb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.367360] ffff888103acfb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.367664] >ffff888103acfc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.368115] ^ [ 13.368580] ffff888103acfc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.368885] ffff888103acfd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.369192] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 13.316530] ================================================================== [ 13.317050] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 13.317302] Read of size 1 at addr ffff888103aefc3f by task kunit_try_catch/271 [ 13.317537] [ 13.317625] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.317670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.317682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.317704] Call Trace: [ 13.317716] <TASK> [ 13.317732] dump_stack_lvl+0x73/0xb0 [ 13.317757] print_report+0xd1/0x650 [ 13.317783] ? __virt_addr_valid+0x1db/0x2d0 [ 13.317804] ? kasan_alloca_oob_left+0x320/0x380 [ 13.317826] ? kasan_addr_to_slab+0x11/0xa0 [ 13.317847] ? kasan_alloca_oob_left+0x320/0x380 [ 13.317869] kasan_report+0x141/0x180 [ 13.317890] ? kasan_alloca_oob_left+0x320/0x380 [ 13.317916] __asan_report_load1_noabort+0x18/0x20 [ 13.317935] kasan_alloca_oob_left+0x320/0x380 [ 13.317959] ? finish_task_switch.isra.0+0x153/0x700 [ 13.317982] ? rwsem_down_read_slowpath+0x64e/0xb90 [ 13.318003] ? trace_hardirqs_on+0x37/0xe0 [ 13.318027] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.318052] ? __schedule+0x10cc/0x2b30 [ 13.318074] ? __pfx_read_tsc+0x10/0x10 [ 13.318093] ? ktime_get_ts64+0x86/0x230 [ 13.318117] kunit_try_run_case+0x1a5/0x480 [ 13.318141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.318161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.318184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.318206] ? __kthread_parkme+0x82/0x180 [ 13.318228] ? preempt_count_sub+0x50/0x80 [ 13.318251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.318273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.318295] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.318316] kthread+0x337/0x6f0 [ 13.318701] ? trace_preempt_on+0x20/0xc0 [ 13.318726] ? __pfx_kthread+0x10/0x10 [ 13.318748] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.318771] ? calculate_sigpending+0x7b/0xa0 [ 13.318792] ? __pfx_kthread+0x10/0x10 [ 13.319056] ret_from_fork+0x41/0x80 [ 13.319088] ? __pfx_kthread+0x10/0x10 [ 13.319111] ret_from_fork_asm+0x1a/0x30 [ 13.319159] </TASK> [ 13.319171] [ 13.335819] The buggy address belongs to stack of task kunit_try_catch/271 [ 13.336528] [ 13.336690] The buggy address belongs to the physical page: [ 13.336960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103aef [ 13.337377] flags: 0x200000000000000(node=0|zone=2) [ 13.337883] raw: 0200000000000000 ffffea00040ebbc8 ffffea00040ebbc8 0000000000000000 [ 13.338605] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.339111] page dumped because: kasan: bad access detected [ 13.339283] [ 13.339366] Memory state around the buggy address: [ 13.339881] ffff888103aefb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.340627] ffff888103aefb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.341270] >ffff888103aefc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.341864] ^ [ 13.342033] ffff888103aefc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.342292] ffff888103aefd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.343111] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 13.293611] ================================================================== [ 13.294301] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 13.294886] Read of size 1 at addr ffff888103ab7d02 by task kunit_try_catch/269 [ 13.295113] [ 13.295195] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.295238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.295249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.295269] Call Trace: [ 13.295279] <TASK> [ 13.295293] dump_stack_lvl+0x73/0xb0 [ 13.295318] print_report+0xd1/0x650 [ 13.295356] ? __virt_addr_valid+0x1db/0x2d0 [ 13.295378] ? kasan_stack_oob+0x2b5/0x300 [ 13.295397] ? kasan_addr_to_slab+0x11/0xa0 [ 13.295418] ? kasan_stack_oob+0x2b5/0x300 [ 13.295439] kasan_report+0x141/0x180 [ 13.295462] ? kasan_stack_oob+0x2b5/0x300 [ 13.295487] __asan_report_load1_noabort+0x18/0x20 [ 13.295508] kasan_stack_oob+0x2b5/0x300 [ 13.295541] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.295560] ? finish_task_switch.isra.0+0x153/0x700 [ 13.295583] ? __switch_to+0x5d9/0xf60 [ 13.295604] ? dequeue_task_fair+0x166/0x4e0 [ 13.295628] ? __schedule+0x10cc/0x2b30 [ 13.295651] ? __pfx_read_tsc+0x10/0x10 [ 13.295670] ? ktime_get_ts64+0x86/0x230 [ 13.295695] kunit_try_run_case+0x1a5/0x480 [ 13.295719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.295740] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.295763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.295786] ? __kthread_parkme+0x82/0x180 [ 13.295807] ? preempt_count_sub+0x50/0x80 [ 13.295831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.295854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.295877] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.295899] kthread+0x337/0x6f0 [ 13.295919] ? trace_preempt_on+0x20/0xc0 [ 13.295941] ? __pfx_kthread+0x10/0x10 [ 13.295963] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.295985] ? calculate_sigpending+0x7b/0xa0 [ 13.296005] ? __pfx_kthread+0x10/0x10 [ 13.296028] ret_from_fork+0x41/0x80 [ 13.296049] ? __pfx_kthread+0x10/0x10 [ 13.296070] ret_from_fork_asm+0x1a/0x30 [ 13.296101] </TASK> [ 13.296111] [ 13.305861] The buggy address belongs to stack of task kunit_try_catch/269 [ 13.306254] and is located at offset 138 in frame: [ 13.306604] kasan_stack_oob+0x0/0x300 [ 13.306926] [ 13.307033] This frame has 4 objects: [ 13.307307] [48, 49) '__assertion' [ 13.307340] [64, 72) 'array' [ 13.307517] [96, 112) '__assertion' [ 13.307721] [128, 138) 'stack_array' [ 13.307976] [ 13.308720] The buggy address belongs to the physical page: [ 13.308907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ab7 [ 13.309353] flags: 0x200000000000000(node=0|zone=2) [ 13.309600] raw: 0200000000000000 ffffea00040eadc8 ffffea00040eadc8 0000000000000000 [ 13.310038] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.310377] page dumped because: kasan: bad access detected [ 13.310903] [ 13.310997] Memory state around the buggy address: [ 13.311201] ffff888103ab7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.311619] ffff888103ab7c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 13.312040] >ffff888103ab7d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.312401] ^ [ 13.312676] ffff888103ab7d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 13.313075] ffff888103ab7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.313538] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 13.269821] ================================================================== [ 13.270292] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 13.270934] Read of size 1 at addr ffffffff8d09a28d by task kunit_try_catch/265 [ 13.271290] [ 13.271736] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.271887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.271902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.271923] Call Trace: [ 13.271936] <TASK> [ 13.271951] dump_stack_lvl+0x73/0xb0 [ 13.271976] print_report+0xd1/0x650 [ 13.271999] ? __virt_addr_valid+0x1db/0x2d0 [ 13.272022] ? kasan_global_oob_right+0x286/0x2d0 [ 13.272044] ? kasan_addr_to_slab+0x11/0xa0 [ 13.272067] ? kasan_global_oob_right+0x286/0x2d0 [ 13.272091] kasan_report+0x141/0x180 [ 13.272115] ? kasan_global_oob_right+0x286/0x2d0 [ 13.272154] __asan_report_load1_noabort+0x18/0x20 [ 13.272176] kasan_global_oob_right+0x286/0x2d0 [ 13.272198] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.272223] ? __schedule+0x10cc/0x2b30 [ 13.272247] ? __pfx_read_tsc+0x10/0x10 [ 13.272267] ? ktime_get_ts64+0x86/0x230 [ 13.272292] kunit_try_run_case+0x1a5/0x480 [ 13.272315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.272350] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.272374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.272408] ? __kthread_parkme+0x82/0x180 [ 13.272429] ? preempt_count_sub+0x50/0x80 [ 13.272454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.272477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.272499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.272521] kthread+0x337/0x6f0 [ 13.272541] ? trace_preempt_on+0x20/0xc0 [ 13.272564] ? __pfx_kthread+0x10/0x10 [ 13.272586] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.272607] ? calculate_sigpending+0x7b/0xa0 [ 13.272628] ? __pfx_kthread+0x10/0x10 [ 13.272650] ret_from_fork+0x41/0x80 [ 13.272670] ? __pfx_kthread+0x10/0x10 [ 13.272691] ret_from_fork_asm+0x1a/0x30 [ 13.272723] </TASK> [ 13.272733] [ 13.283837] The buggy address belongs to the variable: [ 13.284101] global_array+0xd/0x40 [ 13.284570] [ 13.284667] The buggy address belongs to the physical page: [ 13.285088] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x14009a [ 13.285559] flags: 0x200000000002000(reserved|node=0|zone=2) [ 13.285794] raw: 0200000000002000 ffffea0005002688 ffffea0005002688 0000000000000000 [ 13.286066] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.286484] page dumped because: kasan: bad access detected [ 13.286926] [ 13.287007] Memory state around the buggy address: [ 13.287297] ffffffff8d09a180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.287794] ffffffff8d09a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.288048] >ffffffff8d09a280: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 13.288592] ^ [ 13.288773] ffffffff8d09a300: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 13.289065] ffffffff8d09a380: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 13.289622] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 13.212952] ================================================================== [ 13.213705] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.214070] Free of addr ffff888102756401 by task kunit_try_catch/261 [ 13.214382] [ 13.214489] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.214532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.214566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.214586] Call Trace: [ 13.214597] <TASK> [ 13.214610] dump_stack_lvl+0x73/0xb0 [ 13.214634] print_report+0xd1/0x650 [ 13.214656] ? __virt_addr_valid+0x1db/0x2d0 [ 13.214678] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.214701] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.214727] kasan_report_invalid_free+0x10a/0x130 [ 13.214752] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.214778] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.214802] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.214827] check_slab_allocation+0x11f/0x130 [ 13.214849] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.214873] mempool_free+0x2ec/0x380 [ 13.214895] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.214920] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.214945] ? update_load_avg+0x1be/0x21b0 [ 13.214971] ? finish_task_switch.isra.0+0x153/0x700 [ 13.214997] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.215020] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.215043] ? dequeue_task_fair+0x166/0x4e0 [ 13.215066] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.215084] ? __pfx_mempool_kfree+0x10/0x10 [ 13.215105] ? __pfx_read_tsc+0x10/0x10 [ 13.215141] ? ktime_get_ts64+0x86/0x230 [ 13.215166] kunit_try_run_case+0x1a5/0x480 [ 13.215188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.215210] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.215233] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.215256] ? __kthread_parkme+0x82/0x180 [ 13.215278] ? preempt_count_sub+0x50/0x80 [ 13.215302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.215334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.215356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.215396] kthread+0x337/0x6f0 [ 13.215418] ? trace_preempt_on+0x20/0xc0 [ 13.215440] ? __pfx_kthread+0x10/0x10 [ 13.215461] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.215483] ? calculate_sigpending+0x7b/0xa0 [ 13.215504] ? __pfx_kthread+0x10/0x10 [ 13.215526] ret_from_fork+0x41/0x80 [ 13.215546] ? __pfx_kthread+0x10/0x10 [ 13.215568] ret_from_fork_asm+0x1a/0x30 [ 13.215599] </TASK> [ 13.215610] [ 13.225284] Allocated by task 261: [ 13.225584] kasan_save_stack+0x45/0x70 [ 13.225736] kasan_save_track+0x18/0x40 [ 13.225878] kasan_save_alloc_info+0x3b/0x50 [ 13.226022] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.226307] remove_element+0x11e/0x190 [ 13.226720] mempool_alloc_preallocated+0x4d/0x90 [ 13.227128] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 13.227823] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.228264] kunit_try_run_case+0x1a5/0x480 [ 13.228745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.229245] kthread+0x337/0x6f0 [ 13.229625] ret_from_fork+0x41/0x80 [ 13.229872] ret_from_fork_asm+0x1a/0x30 [ 13.230011] [ 13.230083] The buggy address belongs to the object at ffff888102756400 [ 13.230083] which belongs to the cache kmalloc-128 of size 128 [ 13.231255] The buggy address is located 1 bytes inside of [ 13.231255] 128-byte region [ffff888102756400, ffff888102756480) [ 13.231884] [ 13.231959] The buggy address belongs to the physical page: [ 13.232189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102756 [ 13.233056] flags: 0x200000000000000(node=0|zone=2) [ 13.233609] page_type: f5(slab) [ 13.233932] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.234668] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.234942] page dumped because: kasan: bad access detected [ 13.235133] [ 13.235293] Memory state around the buggy address: [ 13.235807] ffff888102756300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.236470] ffff888102756380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.237000] >ffff888102756400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.237684] ^ [ 13.238007] ffff888102756480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.238346] ffff888102756500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.238586] ================================================================== [ 13.242498] ================================================================== [ 13.243234] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.244191] Free of addr ffff888103af0001 by task kunit_try_catch/263 [ 13.244626] [ 13.244805] CPU: 0 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.244854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.244866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.244888] Call Trace: [ 13.244901] <TASK> [ 13.244915] dump_stack_lvl+0x73/0xb0 [ 13.244942] print_report+0xd1/0x650 [ 13.244964] ? __virt_addr_valid+0x1db/0x2d0 [ 13.244986] ? kasan_addr_to_slab+0x11/0xa0 [ 13.245006] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.245032] kasan_report_invalid_free+0x10a/0x130 [ 13.245057] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.245086] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.245110] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.245152] mempool_free+0x2ec/0x380 [ 13.245176] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.245202] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.245226] ? update_load_avg+0x1be/0x21b0 [ 13.245251] ? finish_task_switch.isra.0+0x153/0x700 [ 13.245278] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 13.245303] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.245340] ? dequeue_task_fair+0x166/0x4e0 [ 13.245363] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.245382] ? __pfx_mempool_kfree+0x10/0x10 [ 13.245450] ? __pfx_read_tsc+0x10/0x10 [ 13.245468] ? ktime_get_ts64+0x86/0x230 [ 13.245494] kunit_try_run_case+0x1a5/0x480 [ 13.245517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.245539] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.245562] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.245586] ? __kthread_parkme+0x82/0x180 [ 13.245608] ? preempt_count_sub+0x50/0x80 [ 13.245632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.245655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.245677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.245700] kthread+0x337/0x6f0 [ 13.245720] ? trace_preempt_on+0x20/0xc0 [ 13.245743] ? __pfx_kthread+0x10/0x10 [ 13.245765] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.245792] ? calculate_sigpending+0x7b/0xa0 [ 13.245812] ? __pfx_kthread+0x10/0x10 [ 13.245835] ret_from_fork+0x41/0x80 [ 13.245855] ? __pfx_kthread+0x10/0x10 [ 13.245876] ret_from_fork_asm+0x1a/0x30 [ 13.245907] </TASK> [ 13.245917] [ 13.260731] The buggy address belongs to the physical page: [ 13.261250] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103af0 [ 13.261846] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.262075] flags: 0x200000000000040(head|node=0|zone=2) [ 13.262310] page_type: f8(unknown) [ 13.262449] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.262932] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.263255] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.263800] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.264122] head: 0200000000000002 ffffea00040ebc01 00000000ffffffff 00000000ffffffff [ 13.264573] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.264890] page dumped because: kasan: bad access detected [ 13.265100] [ 13.265238] Memory state around the buggy address: [ 13.265537] ffff888103aeff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.265842] ffff888103aeff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.266115] >ffff888103af0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.266371] ^ [ 13.266581] ffff888103af0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.266855] ffff888103af0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.267126] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.164064] ================================================================== [ 13.165118] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.165415] Free of addr ffff888102a1c000 by task kunit_try_catch/257 [ 13.166169] [ 13.166410] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.166466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.166479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.166501] Call Trace: [ 13.166513] <TASK> [ 13.166558] dump_stack_lvl+0x73/0xb0 [ 13.166586] print_report+0xd1/0x650 [ 13.166610] ? __virt_addr_valid+0x1db/0x2d0 [ 13.166633] ? kasan_addr_to_slab+0x11/0xa0 [ 13.166654] ? mempool_double_free_helper+0x184/0x370 [ 13.166679] kasan_report_invalid_free+0x10a/0x130 [ 13.166704] ? mempool_double_free_helper+0x184/0x370 [ 13.166731] ? mempool_double_free_helper+0x184/0x370 [ 13.166754] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.166779] mempool_free+0x2ec/0x380 [ 13.166802] mempool_double_free_helper+0x184/0x370 [ 13.166826] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.166850] ? dequeue_entities+0xa24/0x1790 [ 13.166875] ? finish_task_switch.isra.0+0x153/0x700 [ 13.166902] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.166928] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.166952] ? dequeue_task_fair+0x166/0x4e0 [ 13.166974] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.166993] ? __pfx_mempool_kfree+0x10/0x10 [ 13.167015] ? __pfx_read_tsc+0x10/0x10 [ 13.167034] ? ktime_get_ts64+0x86/0x230 [ 13.167059] kunit_try_run_case+0x1a5/0x480 [ 13.167083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.167104] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.167148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.167173] ? __kthread_parkme+0x82/0x180 [ 13.167195] ? preempt_count_sub+0x50/0x80 [ 13.167219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.167243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.167266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.167288] kthread+0x337/0x6f0 [ 13.167309] ? trace_preempt_on+0x20/0xc0 [ 13.167341] ? __pfx_kthread+0x10/0x10 [ 13.167363] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.167385] ? calculate_sigpending+0x7b/0xa0 [ 13.167410] ? __pfx_kthread+0x10/0x10 [ 13.167433] ret_from_fork+0x41/0x80 [ 13.167454] ? __pfx_kthread+0x10/0x10 [ 13.167475] ret_from_fork_asm+0x1a/0x30 [ 13.167506] </TASK> [ 13.167517] [ 13.177128] The buggy address belongs to the physical page: [ 13.177403] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1c [ 13.177815] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.178192] flags: 0x200000000000040(head|node=0|zone=2) [ 13.179278] page_type: f8(unknown) [ 13.179527] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.179893] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.180390] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.180831] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.181482] head: 0200000000000002 ffffea00040a8701 00000000ffffffff 00000000ffffffff [ 13.181991] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.182479] page dumped because: kasan: bad access detected [ 13.182732] [ 13.182975] Memory state around the buggy address: [ 13.183185] ffff888102a1bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.183744] ffff888102a1bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.184143] >ffff888102a1c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.184782] ^ [ 13.185026] ffff888102a1c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.185636] ffff888102a1c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.185943] ================================================================== [ 13.188827] ================================================================== [ 13.189499] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.189743] Free of addr ffff888102a1c000 by task kunit_try_catch/259 [ 13.190036] [ 13.190184] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.190229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.190241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.190262] Call Trace: [ 13.190273] <TASK> [ 13.190289] dump_stack_lvl+0x73/0xb0 [ 13.190314] print_report+0xd1/0x650 [ 13.190350] ? __virt_addr_valid+0x1db/0x2d0 [ 13.190374] ? kasan_addr_to_slab+0x11/0xa0 [ 13.190453] ? mempool_double_free_helper+0x184/0x370 [ 13.190480] kasan_report_invalid_free+0x10a/0x130 [ 13.190505] ? mempool_double_free_helper+0x184/0x370 [ 13.190532] ? mempool_double_free_helper+0x184/0x370 [ 13.190576] __kasan_mempool_poison_pages+0x115/0x130 [ 13.190602] mempool_free+0x290/0x380 [ 13.190627] mempool_double_free_helper+0x184/0x370 [ 13.190651] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.190675] ? dequeue_entities+0xa24/0x1790 [ 13.190700] ? finish_task_switch.isra.0+0x153/0x700 [ 13.190745] mempool_page_alloc_double_free+0xe8/0x140 [ 13.190767] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.190788] ? dequeue_task_fair+0x166/0x4e0 [ 13.190811] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.190831] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.190854] ? __pfx_read_tsc+0x10/0x10 [ 13.190874] ? ktime_get_ts64+0x86/0x230 [ 13.190899] kunit_try_run_case+0x1a5/0x480 [ 13.190924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.190946] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.190970] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.190994] ? __kthread_parkme+0x82/0x180 [ 13.191016] ? preempt_count_sub+0x50/0x80 [ 13.191040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.191063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.191085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.191107] kthread+0x337/0x6f0 [ 13.191142] ? trace_preempt_on+0x20/0xc0 [ 13.191167] ? __pfx_kthread+0x10/0x10 [ 13.191189] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.191210] ? calculate_sigpending+0x7b/0xa0 [ 13.191232] ? __pfx_kthread+0x10/0x10 [ 13.191254] ret_from_fork+0x41/0x80 [ 13.191275] ? __pfx_kthread+0x10/0x10 [ 13.191297] ret_from_fork_asm+0x1a/0x30 [ 13.191341] </TASK> [ 13.191352] [ 13.203761] The buggy address belongs to the physical page: [ 13.204005] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1c [ 13.204561] flags: 0x200000000000000(node=0|zone=2) [ 13.204935] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.205564] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.206262] page dumped because: kasan: bad access detected [ 13.206520] [ 13.206834] Memory state around the buggy address: [ 13.207500] ffff888102a1bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.208051] ffff888102a1bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.208802] >ffff888102a1c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.209238] ^ [ 13.209372] ffff888102a1c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.210055] ffff888102a1c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.210779] ================================================================== [ 13.125208] ================================================================== [ 13.125674] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.125911] Free of addr ffff888102756000 by task kunit_try_catch/255 [ 13.126107] [ 13.126189] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.126234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.126246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.126266] Call Trace: [ 13.126277] <TASK> [ 13.126290] dump_stack_lvl+0x73/0xb0 [ 13.126313] print_report+0xd1/0x650 [ 13.126349] ? __virt_addr_valid+0x1db/0x2d0 [ 13.126370] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.126392] ? mempool_double_free_helper+0x184/0x370 [ 13.126416] kasan_report_invalid_free+0x10a/0x130 [ 13.126440] ? mempool_double_free_helper+0x184/0x370 [ 13.126999] ? mempool_double_free_helper+0x184/0x370 [ 13.127026] ? mempool_double_free_helper+0x184/0x370 [ 13.127049] check_slab_allocation+0x101/0x130 [ 13.127073] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.127098] mempool_free+0x2ec/0x380 [ 13.127121] mempool_double_free_helper+0x184/0x370 [ 13.127146] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.127170] ? dequeue_entities+0xa24/0x1790 [ 13.127195] ? finish_task_switch.isra.0+0x153/0x700 [ 13.127224] mempool_kmalloc_double_free+0xed/0x140 [ 13.127249] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.127273] ? dequeue_task_fair+0x166/0x4e0 [ 13.127295] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.127314] ? __pfx_mempool_kfree+0x10/0x10 [ 13.127351] ? __pfx_read_tsc+0x10/0x10 [ 13.127370] ? ktime_get_ts64+0x86/0x230 [ 13.127442] kunit_try_run_case+0x1a5/0x480 [ 13.127467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.127490] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.127513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.127537] ? __kthread_parkme+0x82/0x180 [ 13.127558] ? preempt_count_sub+0x50/0x80 [ 13.127582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.127605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.127627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.127650] kthread+0x337/0x6f0 [ 13.127670] ? trace_preempt_on+0x20/0xc0 [ 13.127693] ? __pfx_kthread+0x10/0x10 [ 13.127715] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.127737] ? calculate_sigpending+0x7b/0xa0 [ 13.127757] ? __pfx_kthread+0x10/0x10 [ 13.127779] ret_from_fork+0x41/0x80 [ 13.127799] ? __pfx_kthread+0x10/0x10 [ 13.127820] ret_from_fork_asm+0x1a/0x30 [ 13.127851] </TASK> [ 13.127862] [ 13.142387] Allocated by task 255: [ 13.142753] kasan_save_stack+0x45/0x70 [ 13.142906] kasan_save_track+0x18/0x40 [ 13.143038] kasan_save_alloc_info+0x3b/0x50 [ 13.143309] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.143873] remove_element+0x11e/0x190 [ 13.144262] mempool_alloc_preallocated+0x4d/0x90 [ 13.144819] mempool_double_free_helper+0x8a/0x370 [ 13.145280] mempool_kmalloc_double_free+0xed/0x140 [ 13.145874] kunit_try_run_case+0x1a5/0x480 [ 13.146028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.146418] kthread+0x337/0x6f0 [ 13.146834] ret_from_fork+0x41/0x80 [ 13.147194] ret_from_fork_asm+0x1a/0x30 [ 13.147616] [ 13.147711] Freed by task 255: [ 13.148067] kasan_save_stack+0x45/0x70 [ 13.148242] kasan_save_track+0x18/0x40 [ 13.148679] kasan_save_free_info+0x3f/0x60 [ 13.149072] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.149559] mempool_free+0x2ec/0x380 [ 13.149772] mempool_double_free_helper+0x109/0x370 [ 13.149931] mempool_kmalloc_double_free+0xed/0x140 [ 13.150088] kunit_try_run_case+0x1a5/0x480 [ 13.150468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.151033] kthread+0x337/0x6f0 [ 13.151423] ret_from_fork+0x41/0x80 [ 13.151766] ret_from_fork_asm+0x1a/0x30 [ 13.152112] [ 13.152288] The buggy address belongs to the object at ffff888102756000 [ 13.152288] which belongs to the cache kmalloc-128 of size 128 [ 13.153009] The buggy address is located 0 bytes inside of [ 13.153009] 128-byte region [ffff888102756000, ffff888102756080) [ 13.153866] [ 13.154028] The buggy address belongs to the physical page: [ 13.154634] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102756 [ 13.155185] flags: 0x200000000000000(node=0|zone=2) [ 13.155361] page_type: f5(slab) [ 13.155550] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.156205] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.156945] page dumped because: kasan: bad access detected [ 13.157530] [ 13.157693] Memory state around the buggy address: [ 13.157874] ffff888102755f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.158081] ffff888102755f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.158702] >ffff888102756000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.159357] ^ [ 13.159721] ffff888102756080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.160369] ffff888102756100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.160770] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.100670] ================================================================== [ 13.101101] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.101416] Read of size 1 at addr ffff888102a1c000 by task kunit_try_catch/253 [ 13.101764] [ 13.101887] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.101931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.101944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.101965] Call Trace: [ 13.101977] <TASK> [ 13.101993] dump_stack_lvl+0x73/0xb0 [ 13.102019] print_report+0xd1/0x650 [ 13.102041] ? __virt_addr_valid+0x1db/0x2d0 [ 13.102064] ? mempool_uaf_helper+0x392/0x400 [ 13.102086] ? kasan_addr_to_slab+0x11/0xa0 [ 13.102107] ? mempool_uaf_helper+0x392/0x400 [ 13.102130] kasan_report+0x141/0x180 [ 13.102167] ? mempool_uaf_helper+0x392/0x400 [ 13.102195] __asan_report_load1_noabort+0x18/0x20 [ 13.102216] mempool_uaf_helper+0x392/0x400 [ 13.102240] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.102262] ? dequeue_entities+0xa24/0x1790 [ 13.102289] ? finish_task_switch.isra.0+0x153/0x700 [ 13.102316] mempool_page_alloc_uaf+0xed/0x140 [ 13.102347] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.102367] ? dequeue_task_fair+0x166/0x4e0 [ 13.102448] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.102473] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.102497] ? __pfx_read_tsc+0x10/0x10 [ 13.102518] ? ktime_get_ts64+0x86/0x230 [ 13.102545] kunit_try_run_case+0x1a5/0x480 [ 13.102569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.102590] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.102615] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.102639] ? __kthread_parkme+0x82/0x180 [ 13.102660] ? preempt_count_sub+0x50/0x80 [ 13.102685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.102708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.102730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.102752] kthread+0x337/0x6f0 [ 13.102771] ? trace_preempt_on+0x20/0xc0 [ 13.102795] ? __pfx_kthread+0x10/0x10 [ 13.102817] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.102839] ? calculate_sigpending+0x7b/0xa0 [ 13.102860] ? __pfx_kthread+0x10/0x10 [ 13.102883] ret_from_fork+0x41/0x80 [ 13.102903] ? __pfx_kthread+0x10/0x10 [ 13.102925] ret_from_fork_asm+0x1a/0x30 [ 13.102957] </TASK> [ 13.102967] [ 13.113424] The buggy address belongs to the physical page: [ 13.113611] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1c [ 13.113862] flags: 0x200000000000000(node=0|zone=2) [ 13.114036] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.114264] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.115172] page dumped because: kasan: bad access detected [ 13.115929] [ 13.116176] Memory state around the buggy address: [ 13.116700] ffff888102a1bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.117129] ffff888102a1bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.117361] >ffff888102a1c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.117573] ^ [ 13.117887] ffff888102a1c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.118220] ffff888102a1c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.118650] ================================================================== [ 13.029035] ================================================================== [ 13.029599] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.029840] Read of size 1 at addr ffff888102c74000 by task kunit_try_catch/249 [ 13.030064] [ 13.030630] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.030683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.030695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.030717] Call Trace: [ 13.030729] <TASK> [ 13.030745] dump_stack_lvl+0x73/0xb0 [ 13.030936] print_report+0xd1/0x650 [ 13.030967] ? __virt_addr_valid+0x1db/0x2d0 [ 13.030990] ? mempool_uaf_helper+0x392/0x400 [ 13.031013] ? kasan_addr_to_slab+0x11/0xa0 [ 13.031033] ? mempool_uaf_helper+0x392/0x400 [ 13.031056] kasan_report+0x141/0x180 [ 13.031078] ? mempool_uaf_helper+0x392/0x400 [ 13.031106] __asan_report_load1_noabort+0x18/0x20 [ 13.031146] mempool_uaf_helper+0x392/0x400 [ 13.031170] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.031192] ? update_load_avg+0x1be/0x21b0 [ 13.031212] ? update_load_avg+0x1be/0x21b0 [ 13.031231] ? update_curr+0x80/0x810 [ 13.031251] ? finish_task_switch.isra.0+0x153/0x700 [ 13.031278] mempool_kmalloc_large_uaf+0xef/0x140 [ 13.031303] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.031337] ? dequeue_task_fair+0x156/0x4e0 [ 13.031361] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.031381] ? __pfx_mempool_kfree+0x10/0x10 [ 13.031423] ? __pfx_read_tsc+0x10/0x10 [ 13.031443] ? ktime_get_ts64+0x86/0x230 [ 13.031468] kunit_try_run_case+0x1a5/0x480 [ 13.031492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.031513] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.031539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.031563] ? __kthread_parkme+0x82/0x180 [ 13.031585] ? preempt_count_sub+0x50/0x80 [ 13.031609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.031632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.031654] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.031678] kthread+0x337/0x6f0 [ 13.031698] ? trace_preempt_on+0x20/0xc0 [ 13.031721] ? __pfx_kthread+0x10/0x10 [ 13.031743] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.031765] ? calculate_sigpending+0x7b/0xa0 [ 13.031787] ? __pfx_kthread+0x10/0x10 [ 13.031810] ret_from_fork+0x41/0x80 [ 13.031831] ? __pfx_kthread+0x10/0x10 [ 13.031853] ret_from_fork_asm+0x1a/0x30 [ 13.031883] </TASK> [ 13.031895] [ 13.050611] The buggy address belongs to the physical page: [ 13.051220] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c74 [ 13.051833] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.052208] flags: 0x200000000000040(head|node=0|zone=2) [ 13.052412] page_type: f8(unknown) [ 13.052614] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.053152] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.053386] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.053675] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.053966] head: 0200000000000002 ffffea00040b1d01 00000000ffffffff 00000000ffffffff [ 13.054221] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.054952] page dumped because: kasan: bad access detected [ 13.055520] [ 13.055682] Memory state around the buggy address: [ 13.056089] ffff888102c73f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.056903] ffff888102c73f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.057271] >ffff888102c74000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.057556] ^ [ 13.057734] ffff888102c74080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.058425] ffff888102c74100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.058633] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 12.990910] ================================================================== [ 12.991366] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.992506] Read of size 1 at addr ffff888102b49500 by task kunit_try_catch/247 [ 12.993351] [ 12.993689] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 12.993741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.993754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.993780] Call Trace: [ 12.993794] <TASK> [ 12.993845] dump_stack_lvl+0x73/0xb0 [ 12.993876] print_report+0xd1/0x650 [ 12.993900] ? __virt_addr_valid+0x1db/0x2d0 [ 12.993923] ? mempool_uaf_helper+0x392/0x400 [ 12.993945] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.993969] ? mempool_uaf_helper+0x392/0x400 [ 12.993992] kasan_report+0x141/0x180 [ 12.994015] ? mempool_uaf_helper+0x392/0x400 [ 12.994044] __asan_report_load1_noabort+0x18/0x20 [ 12.994065] mempool_uaf_helper+0x392/0x400 [ 12.994089] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.994112] ? dequeue_entities+0xa24/0x1790 [ 12.994263] ? finish_task_switch.isra.0+0x153/0x700 [ 12.994295] mempool_kmalloc_uaf+0xef/0x140 [ 12.994319] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 12.994351] ? dequeue_task_fair+0x166/0x4e0 [ 12.994374] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.994398] ? __pfx_mempool_kfree+0x10/0x10 [ 12.994421] ? __pfx_read_tsc+0x10/0x10 [ 12.994442] ? ktime_get_ts64+0x86/0x230 [ 12.994468] kunit_try_run_case+0x1a5/0x480 [ 12.994494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.994516] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.994540] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.994565] ? __kthread_parkme+0x82/0x180 [ 12.994586] ? preempt_count_sub+0x50/0x80 [ 12.994612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.994635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.994658] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.994682] kthread+0x337/0x6f0 [ 12.994703] ? trace_preempt_on+0x20/0xc0 [ 12.994727] ? __pfx_kthread+0x10/0x10 [ 12.994749] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.994771] ? calculate_sigpending+0x7b/0xa0 [ 12.994794] ? __pfx_kthread+0x10/0x10 [ 12.994817] ret_from_fork+0x41/0x80 [ 12.994838] ? __pfx_kthread+0x10/0x10 [ 12.994860] ret_from_fork_asm+0x1a/0x30 [ 12.994893] </TASK> [ 12.994904] [ 13.010149] Allocated by task 247: [ 13.010598] kasan_save_stack+0x45/0x70 [ 13.011009] kasan_save_track+0x18/0x40 [ 13.011622] kasan_save_alloc_info+0x3b/0x50 [ 13.012092] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.012487] remove_element+0x11e/0x190 [ 13.012818] mempool_alloc_preallocated+0x4d/0x90 [ 13.012978] mempool_uaf_helper+0x96/0x400 [ 13.013120] mempool_kmalloc_uaf+0xef/0x140 [ 13.013537] kunit_try_run_case+0x1a5/0x480 [ 13.013987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.014546] kthread+0x337/0x6f0 [ 13.014957] ret_from_fork+0x41/0x80 [ 13.015175] ret_from_fork_asm+0x1a/0x30 [ 13.015632] [ 13.015795] Freed by task 247: [ 13.016046] kasan_save_stack+0x45/0x70 [ 13.016623] kasan_save_track+0x18/0x40 [ 13.016852] kasan_save_free_info+0x3f/0x60 [ 13.016997] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.017220] mempool_free+0x2ec/0x380 [ 13.017626] mempool_uaf_helper+0x11a/0x400 [ 13.018036] mempool_kmalloc_uaf+0xef/0x140 [ 13.018540] kunit_try_run_case+0x1a5/0x480 [ 13.018937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.019468] kthread+0x337/0x6f0 [ 13.019597] ret_from_fork+0x41/0x80 [ 13.019727] ret_from_fork_asm+0x1a/0x30 [ 13.019870] [ 13.019941] The buggy address belongs to the object at ffff888102b49500 [ 13.019941] which belongs to the cache kmalloc-128 of size 128 [ 13.020339] The buggy address is located 0 bytes inside of [ 13.020339] freed 128-byte region [ffff888102b49500, ffff888102b49580) [ 13.021092] [ 13.021220] The buggy address belongs to the physical page: [ 13.021632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 13.021882] flags: 0x200000000000000(node=0|zone=2) [ 13.022435] page_type: f5(slab) [ 13.022613] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.022912] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.023345] page dumped because: kasan: bad access detected [ 13.023728] [ 13.023847] Memory state around the buggy address: [ 13.024026] ffff888102b49400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.024409] ffff888102b49480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.024764] >ffff888102b49500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.025071] ^ [ 13.025231] ffff888102b49580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.025539] ffff888102b49600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.025898] ================================================================== [ 13.062254] ================================================================== [ 13.062854] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.063095] Read of size 1 at addr ffff888102756240 by task kunit_try_catch/251 [ 13.063799] [ 13.063979] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 13.064026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.064037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.064059] Call Trace: [ 13.064071] <TASK> [ 13.064087] dump_stack_lvl+0x73/0xb0 [ 13.064116] print_report+0xd1/0x650 [ 13.064139] ? __virt_addr_valid+0x1db/0x2d0 [ 13.064162] ? mempool_uaf_helper+0x392/0x400 [ 13.064184] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.064207] ? mempool_uaf_helper+0x392/0x400 [ 13.064230] kasan_report+0x141/0x180 [ 13.064252] ? mempool_uaf_helper+0x392/0x400 [ 13.064280] __asan_report_load1_noabort+0x18/0x20 [ 13.064300] mempool_uaf_helper+0x392/0x400 [ 13.064339] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.064365] ? irqentry_exit+0x2a/0x60 [ 13.064385] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.064413] mempool_slab_uaf+0xea/0x140 [ 13.064433] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.064467] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.064489] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.064510] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.064532] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.064553] kunit_try_run_case+0x1a5/0x480 [ 13.064580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.064603] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.064626] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.064650] ? __kthread_parkme+0x82/0x180 [ 13.064672] ? preempt_count_sub+0x50/0x80 [ 13.064697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.064720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.064743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.064766] kthread+0x337/0x6f0 [ 13.064786] ? trace_preempt_on+0x20/0xc0 [ 13.064810] ? __pfx_kthread+0x10/0x10 [ 13.064831] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.064853] ? calculate_sigpending+0x7b/0xa0 [ 13.064875] ? __pfx_kthread+0x10/0x10 [ 13.064897] ret_from_fork+0x41/0x80 [ 13.064919] ? __pfx_kthread+0x10/0x10 [ 13.064940] ret_from_fork_asm+0x1a/0x30 [ 13.064972] </TASK> [ 13.064983] [ 13.078106] Allocated by task 251: [ 13.078449] kasan_save_stack+0x45/0x70 [ 13.078897] kasan_save_track+0x18/0x40 [ 13.079281] kasan_save_alloc_info+0x3b/0x50 [ 13.079759] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.079951] remove_element+0x11e/0x190 [ 13.080087] mempool_alloc_preallocated+0x4d/0x90 [ 13.080407] mempool_uaf_helper+0x96/0x400 [ 13.080826] mempool_slab_uaf+0xea/0x140 [ 13.081220] kunit_try_run_case+0x1a5/0x480 [ 13.081665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.082142] kthread+0x337/0x6f0 [ 13.082490] ret_from_fork+0x41/0x80 [ 13.082661] ret_from_fork_asm+0x1a/0x30 [ 13.082801] [ 13.082871] Freed by task 251: [ 13.082980] kasan_save_stack+0x45/0x70 [ 13.083114] kasan_save_track+0x18/0x40 [ 13.083545] kasan_save_free_info+0x3f/0x60 [ 13.083913] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.084507] mempool_free+0x2ec/0x380 [ 13.084839] mempool_uaf_helper+0x11a/0x400 [ 13.085222] mempool_slab_uaf+0xea/0x140 [ 13.085632] kunit_try_run_case+0x1a5/0x480 [ 13.086019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.086546] kthread+0x337/0x6f0 [ 13.086674] ret_from_fork+0x41/0x80 [ 13.086803] ret_from_fork_asm+0x1a/0x30 [ 13.086941] [ 13.087011] The buggy address belongs to the object at ffff888102756240 [ 13.087011] which belongs to the cache test_cache of size 123 [ 13.087393] The buggy address is located 0 bytes inside of [ 13.087393] freed 123-byte region [ffff888102756240, ffff8881027562bb) [ 13.087942] [ 13.088040] The buggy address belongs to the physical page: [ 13.088282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102756 [ 13.088734] flags: 0x200000000000000(node=0|zone=2) [ 13.088949] page_type: f5(slab) [ 13.089071] raw: 0200000000000000 ffff888101a70780 dead000000000122 0000000000000000 [ 13.089848] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.090130] page dumped because: kasan: bad access detected [ 13.090413] [ 13.090495] Memory state around the buggy address: [ 13.090648] ffff888102756100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.090963] ffff888102756180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.091629] >ffff888102756200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.091923] ^ [ 13.092154] ffff888102756280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.092428] ffff888102756300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.092727] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 12.928975] ================================================================== [ 12.929690] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.930089] Read of size 1 at addr ffff888102a1e001 by task kunit_try_catch/243 [ 12.930711] [ 12.930906] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 12.930956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.930969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.930991] Call Trace: [ 12.931002] <TASK> [ 12.931018] dump_stack_lvl+0x73/0xb0 [ 12.931045] print_report+0xd1/0x650 [ 12.931068] ? __virt_addr_valid+0x1db/0x2d0 [ 12.931091] ? mempool_oob_right_helper+0x318/0x380 [ 12.931114] ? kasan_addr_to_slab+0x11/0xa0 [ 12.931135] ? mempool_oob_right_helper+0x318/0x380 [ 12.931158] kasan_report+0x141/0x180 [ 12.931267] ? mempool_oob_right_helper+0x318/0x380 [ 12.931301] __asan_report_load1_noabort+0x18/0x20 [ 12.931335] mempool_oob_right_helper+0x318/0x380 [ 12.931362] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.931385] ? dequeue_entities+0xa24/0x1790 [ 12.931427] ? finish_task_switch.isra.0+0x153/0x700 [ 12.931454] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 12.931479] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.931503] ? dequeue_task_fair+0x166/0x4e0 [ 12.931525] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.931544] ? __pfx_mempool_kfree+0x10/0x10 [ 12.931566] ? __pfx_read_tsc+0x10/0x10 [ 12.931586] ? ktime_get_ts64+0x86/0x230 [ 12.931612] kunit_try_run_case+0x1a5/0x480 [ 12.931637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.931659] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.931684] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.931707] ? __kthread_parkme+0x82/0x180 [ 12.931728] ? preempt_count_sub+0x50/0x80 [ 12.931752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.931775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.931797] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.931819] kthread+0x337/0x6f0 [ 12.931840] ? trace_preempt_on+0x20/0xc0 [ 12.931864] ? __pfx_kthread+0x10/0x10 [ 12.931886] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.931907] ? calculate_sigpending+0x7b/0xa0 [ 12.931928] ? __pfx_kthread+0x10/0x10 [ 12.931950] ret_from_fork+0x41/0x80 [ 12.931971] ? __pfx_kthread+0x10/0x10 [ 12.931992] ret_from_fork_asm+0x1a/0x30 [ 12.932024] </TASK> [ 12.932034] [ 12.943942] The buggy address belongs to the physical page: [ 12.944300] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1c [ 12.944932] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.945563] flags: 0x200000000000040(head|node=0|zone=2) [ 12.945854] page_type: f8(unknown) [ 12.946369] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.946705] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.947024] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.947451] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.947819] head: 0200000000000002 ffffea00040a8701 00000000ffffffff 00000000ffffffff [ 12.948387] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.948703] page dumped because: kasan: bad access detected [ 12.948966] [ 12.949115] Memory state around the buggy address: [ 12.949313] ffff888102a1df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.949792] ffff888102a1df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.950084] >ffff888102a1e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.950462] ^ [ 12.950625] ffff888102a1e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.950909] ffff888102a1e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.951195] ================================================================== [ 12.902649] ================================================================== [ 12.903112] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.903517] Read of size 1 at addr ffff888102b49173 by task kunit_try_catch/241 [ 12.904012] [ 12.904136] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 12.904188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.904200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.904223] Call Trace: [ 12.904235] <TASK> [ 12.904255] dump_stack_lvl+0x73/0xb0 [ 12.904285] print_report+0xd1/0x650 [ 12.904310] ? __virt_addr_valid+0x1db/0x2d0 [ 12.904347] ? mempool_oob_right_helper+0x318/0x380 [ 12.904371] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.904394] ? mempool_oob_right_helper+0x318/0x380 [ 12.904577] kasan_report+0x141/0x180 [ 12.904601] ? mempool_oob_right_helper+0x318/0x380 [ 12.904643] __asan_report_load1_noabort+0x18/0x20 [ 12.904664] mempool_oob_right_helper+0x318/0x380 [ 12.904702] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.904726] ? dequeue_entities+0xa24/0x1790 [ 12.904753] ? finish_task_switch.isra.0+0x153/0x700 [ 12.904782] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.904807] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.904831] ? dequeue_task_fair+0x166/0x4e0 [ 12.904855] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.904876] ? __pfx_mempool_kfree+0x10/0x10 [ 12.904898] ? __pfx_read_tsc+0x10/0x10 [ 12.904919] ? ktime_get_ts64+0x86/0x230 [ 12.904946] kunit_try_run_case+0x1a5/0x480 [ 12.904972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.904994] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.905020] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.905044] ? __kthread_parkme+0x82/0x180 [ 12.905066] ? preempt_count_sub+0x50/0x80 [ 12.905091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.905114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.905153] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.905176] kthread+0x337/0x6f0 [ 12.905197] ? trace_preempt_on+0x20/0xc0 [ 12.905221] ? __pfx_kthread+0x10/0x10 [ 12.905243] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.905265] ? calculate_sigpending+0x7b/0xa0 [ 12.905288] ? __pfx_kthread+0x10/0x10 [ 12.905311] ret_from_fork+0x41/0x80 [ 12.905341] ? __pfx_kthread+0x10/0x10 [ 12.905364] ret_from_fork_asm+0x1a/0x30 [ 12.905442] </TASK> [ 12.905467] [ 12.915357] Allocated by task 241: [ 12.915543] kasan_save_stack+0x45/0x70 [ 12.915766] kasan_save_track+0x18/0x40 [ 12.915916] kasan_save_alloc_info+0x3b/0x50 [ 12.916365] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.916671] remove_element+0x11e/0x190 [ 12.916837] mempool_alloc_preallocated+0x4d/0x90 [ 12.917047] mempool_oob_right_helper+0x8a/0x380 [ 12.917348] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.917608] kunit_try_run_case+0x1a5/0x480 [ 12.917758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.918013] kthread+0x337/0x6f0 [ 12.918199] ret_from_fork+0x41/0x80 [ 12.918401] ret_from_fork_asm+0x1a/0x30 [ 12.918541] [ 12.918852] The buggy address belongs to the object at ffff888102b49100 [ 12.918852] which belongs to the cache kmalloc-128 of size 128 [ 12.919752] The buggy address is located 0 bytes to the right of [ 12.919752] allocated 115-byte region [ffff888102b49100, ffff888102b49173) [ 12.920675] [ 12.920768] The buggy address belongs to the physical page: [ 12.921042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 12.921416] flags: 0x200000000000000(node=0|zone=2) [ 12.921706] page_type: f5(slab) [ 12.921905] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.922344] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.922749] page dumped because: kasan: bad access detected [ 12.923007] [ 12.923121] Memory state around the buggy address: [ 12.923360] ffff888102b49000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.923717] ffff888102b49080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.924033] >ffff888102b49100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.924345] ^ [ 12.924624] ffff888102b49180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.925035] ffff888102b49200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.925521] ================================================================== [ 12.955301] ================================================================== [ 12.955964] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.956256] Read of size 1 at addr ffff8881027542bb by task kunit_try_catch/245 [ 12.956842] [ 12.957117] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 12.957165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.957384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.957419] Call Trace: [ 12.957432] <TASK> [ 12.957446] dump_stack_lvl+0x73/0xb0 [ 12.957471] print_report+0xd1/0x650 [ 12.957494] ? __virt_addr_valid+0x1db/0x2d0 [ 12.957516] ? mempool_oob_right_helper+0x318/0x380 [ 12.957539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.957562] ? mempool_oob_right_helper+0x318/0x380 [ 12.957586] kasan_report+0x141/0x180 [ 12.957608] ? mempool_oob_right_helper+0x318/0x380 [ 12.957637] __asan_report_load1_noabort+0x18/0x20 [ 12.957657] mempool_oob_right_helper+0x318/0x380 [ 12.957682] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.957710] ? finish_task_switch.isra.0+0x153/0x700 [ 12.957737] mempool_slab_oob_right+0xed/0x140 [ 12.957757] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 12.957782] ? dequeue_task_fair+0x166/0x4e0 [ 12.957804] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.957824] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.957846] ? __pfx_read_tsc+0x10/0x10 [ 12.957865] ? ktime_get_ts64+0x86/0x230 [ 12.957889] kunit_try_run_case+0x1a5/0x480 [ 12.957912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.957933] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.957955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.957979] ? __kthread_parkme+0x82/0x180 [ 12.957999] ? preempt_count_sub+0x50/0x80 [ 12.958023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.958045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.958068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.958090] kthread+0x337/0x6f0 [ 12.958110] ? trace_preempt_on+0x20/0xc0 [ 12.958223] ? __pfx_kthread+0x10/0x10 [ 12.958250] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.958273] ? calculate_sigpending+0x7b/0xa0 [ 12.958294] ? __pfx_kthread+0x10/0x10 [ 12.958316] ret_from_fork+0x41/0x80 [ 12.958360] ? __pfx_kthread+0x10/0x10 [ 12.958382] ret_from_fork_asm+0x1a/0x30 [ 12.958428] </TASK> [ 12.958439] [ 12.974150] Allocated by task 245: [ 12.974574] kasan_save_stack+0x45/0x70 [ 12.975016] kasan_save_track+0x18/0x40 [ 12.975162] kasan_save_alloc_info+0x3b/0x50 [ 12.975303] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.975577] remove_element+0x11e/0x190 [ 12.975928] mempool_alloc_preallocated+0x4d/0x90 [ 12.976539] mempool_oob_right_helper+0x8a/0x380 [ 12.976969] mempool_slab_oob_right+0xed/0x140 [ 12.977542] kunit_try_run_case+0x1a5/0x480 [ 12.977943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.978440] kthread+0x337/0x6f0 [ 12.978629] ret_from_fork+0x41/0x80 [ 12.978755] ret_from_fork_asm+0x1a/0x30 [ 12.978888] [ 12.978958] The buggy address belongs to the object at ffff888102754240 [ 12.978958] which belongs to the cache test_cache of size 123 [ 12.979306] The buggy address is located 0 bytes to the right of [ 12.979306] allocated 123-byte region [ffff888102754240, ffff8881027542bb) [ 12.980057] [ 12.980167] The buggy address belongs to the physical page: [ 12.980594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102754 [ 12.980882] flags: 0x200000000000000(node=0|zone=2) [ 12.981109] page_type: f5(slab) [ 12.981243] raw: 0200000000000000 ffff888101a70640 dead000000000122 0000000000000000 [ 12.981560] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.981994] page dumped because: kasan: bad access detected [ 12.982219] [ 12.982310] Memory state around the buggy address: [ 12.982639] ffff888102754180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.982921] ffff888102754200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 12.983178] >ffff888102754280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 12.983498] ^ [ 12.983653] ffff888102754300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.984097] ffff888102754380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.984303] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 12.324800] ================================================================== [ 12.325589] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 12.326146] Read of size 1 at addr ffff888101a703c0 by task kunit_try_catch/235 [ 12.326522] [ 12.326617] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 12.326664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.326676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.326698] Call Trace: [ 12.326876] <TASK> [ 12.326895] dump_stack_lvl+0x73/0xb0 [ 12.326927] print_report+0xd1/0x650 [ 12.326949] ? __virt_addr_valid+0x1db/0x2d0 [ 12.326973] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.326993] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.327015] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.327037] kasan_report+0x141/0x180 [ 12.327061] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.327085] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.327106] __kasan_check_byte+0x3d/0x50 [ 12.327139] kmem_cache_destroy+0x25/0x1d0 [ 12.327164] kmem_cache_double_destroy+0x1bf/0x380 [ 12.327185] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.327205] ? finish_task_switch.isra.0+0x153/0x700 [ 12.327229] ? __switch_to+0x5d9/0xf60 [ 12.327250] ? dequeue_task_fair+0x166/0x4e0 [ 12.327278] ? __pfx_read_tsc+0x10/0x10 [ 12.327298] ? ktime_get_ts64+0x86/0x230 [ 12.327339] kunit_try_run_case+0x1a5/0x480 [ 12.327365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.327386] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.327411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.327490] ? __kthread_parkme+0x82/0x180 [ 12.327513] ? preempt_count_sub+0x50/0x80 [ 12.327536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.327560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.327582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.327606] kthread+0x337/0x6f0 [ 12.327626] ? trace_preempt_on+0x20/0xc0 [ 12.327650] ? __pfx_kthread+0x10/0x10 [ 12.327672] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.327694] ? calculate_sigpending+0x7b/0xa0 [ 12.327715] ? __pfx_kthread+0x10/0x10 [ 12.327736] ret_from_fork+0x41/0x80 [ 12.327757] ? __pfx_kthread+0x10/0x10 [ 12.327778] ret_from_fork_asm+0x1a/0x30 [ 12.327810] </TASK> [ 12.327821] [ 12.341703] Allocated by task 235: [ 12.341892] kasan_save_stack+0x45/0x70 [ 12.342039] kasan_save_track+0x18/0x40 [ 12.342180] kasan_save_alloc_info+0x3b/0x50 [ 12.342331] __kasan_slab_alloc+0x91/0xa0 [ 12.342467] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.342617] __kmem_cache_create_args+0x169/0x240 [ 12.342768] kmem_cache_double_destroy+0xd5/0x380 [ 12.343534] kunit_try_run_case+0x1a5/0x480 [ 12.343702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.345161] kthread+0x337/0x6f0 [ 12.345625] ret_from_fork+0x41/0x80 [ 12.346529] ret_from_fork_asm+0x1a/0x30 [ 12.347269] [ 12.347940] Freed by task 235: [ 12.348701] kasan_save_stack+0x45/0x70 [ 12.349293] kasan_save_track+0x18/0x40 [ 12.349988] kasan_save_free_info+0x3f/0x60 [ 12.350313] __kasan_slab_free+0x56/0x70 [ 12.350579] kmem_cache_free+0x249/0x420 [ 12.350714] slab_kmem_cache_release+0x2e/0x40 [ 12.350860] kmem_cache_release+0x16/0x20 [ 12.350999] kobject_put+0x181/0x450 [ 12.351470] sysfs_slab_release+0x16/0x20 [ 12.352058] kmem_cache_destroy+0xf0/0x1d0 [ 12.352711] kmem_cache_double_destroy+0x14e/0x380 [ 12.353409] kunit_try_run_case+0x1a5/0x480 [ 12.353961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.354984] kthread+0x337/0x6f0 [ 12.355482] ret_from_fork+0x41/0x80 [ 12.355999] ret_from_fork_asm+0x1a/0x30 [ 12.356554] [ 12.356910] The buggy address belongs to the object at ffff888101a703c0 [ 12.356910] which belongs to the cache kmem_cache of size 208 [ 12.358254] The buggy address is located 0 bytes inside of [ 12.358254] freed 208-byte region [ffff888101a703c0, ffff888101a70490) [ 12.359563] [ 12.359947] The buggy address belongs to the physical page: [ 12.360640] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a70 [ 12.361542] flags: 0x200000000000000(node=0|zone=2) [ 12.361981] page_type: f5(slab) [ 12.362116] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.362386] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 12.363247] page dumped because: kasan: bad access detected [ 12.364001] [ 12.364162] Memory state around the buggy address: [ 12.364694] ffff888101a70280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.365360] ffff888101a70300: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.365828] >ffff888101a70380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.366044] ^ [ 12.366245] ffff888101a70400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.367187] ffff888101a70480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.367968] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 12.264654] ================================================================== [ 12.265168] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.265565] Read of size 1 at addr ffff888102b47000 by task kunit_try_catch/233 [ 12.265862] [ 12.265953] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 12.265998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.266009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.266030] Call Trace: [ 12.266043] <TASK> [ 12.266079] dump_stack_lvl+0x73/0xb0 [ 12.266107] print_report+0xd1/0x650 [ 12.266143] ? __virt_addr_valid+0x1db/0x2d0 [ 12.266166] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.266184] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.266219] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.266582] kasan_report+0x141/0x180 [ 12.266609] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.266634] __asan_report_load1_noabort+0x18/0x20 [ 12.266656] kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.266676] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.266695] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.266728] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.266753] kunit_try_run_case+0x1a5/0x480 [ 12.266777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.266799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.266824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.266847] ? __kthread_parkme+0x82/0x180 [ 12.266869] ? preempt_count_sub+0x50/0x80 [ 12.266895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.266918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.266940] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.266963] kthread+0x337/0x6f0 [ 12.266983] ? trace_preempt_on+0x20/0xc0 [ 12.267008] ? __pfx_kthread+0x10/0x10 [ 12.267030] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.267051] ? calculate_sigpending+0x7b/0xa0 [ 12.267074] ? __pfx_kthread+0x10/0x10 [ 12.267096] ret_from_fork+0x41/0x80 [ 12.267117] ? __pfx_kthread+0x10/0x10 [ 12.267139] ret_from_fork_asm+0x1a/0x30 [ 12.267172] </TASK> [ 12.267183] [ 12.275057] Allocated by task 233: [ 12.275271] kasan_save_stack+0x45/0x70 [ 12.275559] kasan_save_track+0x18/0x40 [ 12.275835] kasan_save_alloc_info+0x3b/0x50 [ 12.276074] __kasan_slab_alloc+0x91/0xa0 [ 12.276382] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.276758] kmem_cache_rcu_uaf+0x155/0x510 [ 12.276984] kunit_try_run_case+0x1a5/0x480 [ 12.277205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.277609] kthread+0x337/0x6f0 [ 12.277803] ret_from_fork+0x41/0x80 [ 12.277955] ret_from_fork_asm+0x1a/0x30 [ 12.278133] [ 12.278226] Freed by task 0: [ 12.278493] kasan_save_stack+0x45/0x70 [ 12.278729] kasan_save_track+0x18/0x40 [ 12.278887] kasan_save_free_info+0x3f/0x60 [ 12.279079] __kasan_slab_free+0x56/0x70 [ 12.279443] slab_free_after_rcu_debug+0xe4/0x310 [ 12.279741] rcu_core+0x66c/0x1c30 [ 12.279877] rcu_core_si+0x12/0x20 [ 12.280135] handle_softirqs+0x209/0x730 [ 12.280422] __irq_exit_rcu+0xc9/0x110 [ 12.280559] irq_exit_rcu+0x12/0x20 [ 12.280914] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.281337] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.281730] [ 12.281812] Last potentially related work creation: [ 12.281965] kasan_save_stack+0x45/0x70 [ 12.282590] kasan_record_aux_stack+0xb2/0xc0 [ 12.282892] kmem_cache_free+0x131/0x420 [ 12.283097] kmem_cache_rcu_uaf+0x194/0x510 [ 12.283317] kunit_try_run_case+0x1a5/0x480 [ 12.283578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.283809] kthread+0x337/0x6f0 [ 12.284049] ret_from_fork+0x41/0x80 [ 12.284215] ret_from_fork_asm+0x1a/0x30 [ 12.284627] [ 12.284718] The buggy address belongs to the object at ffff888102b47000 [ 12.284718] which belongs to the cache test_cache of size 200 [ 12.285641] The buggy address is located 0 bytes inside of [ 12.285641] freed 200-byte region [ffff888102b47000, ffff888102b470c8) [ 12.286096] [ 12.286191] The buggy address belongs to the physical page: [ 12.286516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b47 [ 12.287228] flags: 0x200000000000000(node=0|zone=2) [ 12.287449] page_type: f5(slab) [ 12.287749] raw: 0200000000000000 ffff88810103c500 dead000000000122 0000000000000000 [ 12.288101] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.288749] page dumped because: kasan: bad access detected [ 12.288989] [ 12.289110] Memory state around the buggy address: [ 12.289630] ffff888102b46f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.290063] ffff888102b46f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.290728] >ffff888102b47000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.291051] ^ [ 12.291403] ffff888102b47080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.291881] ffff888102b47100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.292352] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.209493] ================================================================== [ 12.209955] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.210367] Free of addr ffff88810274d001 by task kunit_try_catch/231 [ 12.210709] [ 12.210871] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 12.210916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.210927] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.210947] Call Trace: [ 12.210959] <TASK> [ 12.210974] dump_stack_lvl+0x73/0xb0 [ 12.211009] print_report+0xd1/0x650 [ 12.211033] ? __virt_addr_valid+0x1db/0x2d0 [ 12.211056] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.211078] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.211099] kasan_report_invalid_free+0x10a/0x130 [ 12.211123] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.211204] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.211225] check_slab_allocation+0x11f/0x130 [ 12.211247] __kasan_slab_pre_free+0x28/0x40 [ 12.211317] kmem_cache_free+0xed/0x420 [ 12.211354] ? kasan_save_track+0x18/0x40 [ 12.211373] ? kasan_save_stack+0x45/0x70 [ 12.211392] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.211412] ? kmem_cache_invalid_free+0x157/0x460 [ 12.211450] kmem_cache_invalid_free+0x1d8/0x460 [ 12.211470] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.211489] ? finish_task_switch.isra.0+0x153/0x700 [ 12.211511] ? __switch_to+0x5d9/0xf60 [ 12.211531] ? dequeue_task_fair+0x166/0x4e0 [ 12.211558] ? __pfx_read_tsc+0x10/0x10 [ 12.211577] ? ktime_get_ts64+0x86/0x230 [ 12.211603] kunit_try_run_case+0x1a5/0x480 [ 12.211626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.211647] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.211670] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.211693] ? __kthread_parkme+0x82/0x180 [ 12.211713] ? preempt_count_sub+0x50/0x80 [ 12.211737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.211759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.211781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.211802] kthread+0x337/0x6f0 [ 12.211823] ? trace_preempt_on+0x20/0xc0 [ 12.211845] ? __pfx_kthread+0x10/0x10 [ 12.211867] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.211888] ? calculate_sigpending+0x7b/0xa0 [ 12.211908] ? __pfx_kthread+0x10/0x10 [ 12.211930] ret_from_fork+0x41/0x80 [ 12.211950] ? __pfx_kthread+0x10/0x10 [ 12.211971] ret_from_fork_asm+0x1a/0x30 [ 12.212002] </TASK> [ 12.212012] [ 12.224644] Allocated by task 231: [ 12.224988] kasan_save_stack+0x45/0x70 [ 12.225192] kasan_save_track+0x18/0x40 [ 12.225650] kasan_save_alloc_info+0x3b/0x50 [ 12.225879] __kasan_slab_alloc+0x91/0xa0 [ 12.226131] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.226378] kmem_cache_invalid_free+0x157/0x460 [ 12.226659] kunit_try_run_case+0x1a5/0x480 [ 12.227396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.227641] kthread+0x337/0x6f0 [ 12.227811] ret_from_fork+0x41/0x80 [ 12.227975] ret_from_fork_asm+0x1a/0x30 [ 12.228163] [ 12.228260] The buggy address belongs to the object at ffff88810274d000 [ 12.228260] which belongs to the cache test_cache of size 200 [ 12.228740] The buggy address is located 1 bytes inside of [ 12.228740] 200-byte region [ffff88810274d000, ffff88810274d0c8) [ 12.229175] [ 12.229273] The buggy address belongs to the physical page: [ 12.229762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10274d [ 12.230125] flags: 0x200000000000000(node=0|zone=2) [ 12.231095] page_type: f5(slab) [ 12.231250] raw: 0200000000000000 ffff888101a70280 dead000000000122 0000000000000000 [ 12.231648] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.232231] page dumped because: kasan: bad access detected [ 12.232744] [ 12.232836] Memory state around the buggy address: [ 12.233045] ffff88810274cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.233490] ffff88810274cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.233854] >ffff88810274d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.234563] ^ [ 12.234729] ffff88810274d080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.235052] ffff88810274d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.235666] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.169050] ================================================================== [ 12.170223] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.170530] Free of addr ffff888102b45000 by task kunit_try_catch/229 [ 12.170729] [ 12.170820] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 12.170866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.170877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.170898] Call Trace: [ 12.170911] <TASK> [ 12.170930] dump_stack_lvl+0x73/0xb0 [ 12.170987] print_report+0xd1/0x650 [ 12.171012] ? __virt_addr_valid+0x1db/0x2d0 [ 12.171036] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.171059] ? kmem_cache_double_free+0x1e5/0x480 [ 12.171080] kasan_report_invalid_free+0x10a/0x130 [ 12.171105] ? kmem_cache_double_free+0x1e5/0x480 [ 12.171170] ? kmem_cache_double_free+0x1e5/0x480 [ 12.171213] check_slab_allocation+0x101/0x130 [ 12.171236] __kasan_slab_pre_free+0x28/0x40 [ 12.171257] kmem_cache_free+0xed/0x420 [ 12.171278] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.171300] ? kmem_cache_double_free+0x1e5/0x480 [ 12.171333] kmem_cache_double_free+0x1e5/0x480 [ 12.171355] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.171380] ? finish_task_switch.isra.0+0x153/0x700 [ 12.171405] ? __switch_to+0x5d9/0xf60 [ 12.171426] ? dequeue_task_fair+0x166/0x4e0 [ 12.171455] ? __pfx_read_tsc+0x10/0x10 [ 12.171475] ? ktime_get_ts64+0x86/0x230 [ 12.171501] kunit_try_run_case+0x1a5/0x480 [ 12.171526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.171547] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.171572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.171595] ? __kthread_parkme+0x82/0x180 [ 12.171617] ? preempt_count_sub+0x50/0x80 [ 12.171641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.171663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.171686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.171708] kthread+0x337/0x6f0 [ 12.171728] ? trace_preempt_on+0x20/0xc0 [ 12.171753] ? __pfx_kthread+0x10/0x10 [ 12.171775] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.171796] ? calculate_sigpending+0x7b/0xa0 [ 12.171819] ? __pfx_kthread+0x10/0x10 [ 12.171841] ret_from_fork+0x41/0x80 [ 12.171861] ? __pfx_kthread+0x10/0x10 [ 12.171883] ret_from_fork_asm+0x1a/0x30 [ 12.171915] </TASK> [ 12.171926] [ 12.185901] Allocated by task 229: [ 12.186036] kasan_save_stack+0x45/0x70 [ 12.186229] kasan_save_track+0x18/0x40 [ 12.186711] kasan_save_alloc_info+0x3b/0x50 [ 12.187103] __kasan_slab_alloc+0x91/0xa0 [ 12.187595] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.188020] kmem_cache_double_free+0x14f/0x480 [ 12.188538] kunit_try_run_case+0x1a5/0x480 [ 12.188889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.189066] kthread+0x337/0x6f0 [ 12.189199] ret_from_fork+0x41/0x80 [ 12.189663] ret_from_fork_asm+0x1a/0x30 [ 12.190038] [ 12.190266] Freed by task 229: [ 12.190663] kasan_save_stack+0x45/0x70 [ 12.191025] kasan_save_track+0x18/0x40 [ 12.191182] kasan_save_free_info+0x3f/0x60 [ 12.191335] __kasan_slab_free+0x56/0x70 [ 12.191518] kmem_cache_free+0x249/0x420 [ 12.191889] kmem_cache_double_free+0x16a/0x480 [ 12.192352] kunit_try_run_case+0x1a5/0x480 [ 12.192811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.193204] kthread+0x337/0x6f0 [ 12.193341] ret_from_fork+0x41/0x80 [ 12.193703] ret_from_fork_asm+0x1a/0x30 [ 12.194075] [ 12.194246] The buggy address belongs to the object at ffff888102b45000 [ 12.194246] which belongs to the cache test_cache of size 200 [ 12.194937] The buggy address is located 0 bytes inside of [ 12.194937] 200-byte region [ffff888102b45000, ffff888102b450c8) [ 12.195684] [ 12.195880] The buggy address belongs to the physical page: [ 12.196402] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b45 [ 12.197121] flags: 0x200000000000000(node=0|zone=2) [ 12.197306] page_type: f5(slab) [ 12.197728] raw: 0200000000000000 ffff88810103c3c0 dead000000000122 0000000000000000 [ 12.198211] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.198621] page dumped because: kasan: bad access detected [ 12.199101] [ 12.199295] Memory state around the buggy address: [ 12.199796] ffff888102b44f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.200014] ffff888102b44f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.200262] >ffff888102b45000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.200941] ^ [ 12.201355] ffff888102b45080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.202036] ffff888102b45100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.202857] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.124853] ================================================================== [ 12.125506] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.126094] Read of size 1 at addr ffff88810274b0c8 by task kunit_try_catch/227 [ 12.126658] [ 12.126951] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 12.127019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.127031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.127052] Call Trace: [ 12.127064] <TASK> [ 12.127080] dump_stack_lvl+0x73/0xb0 [ 12.127184] print_report+0xd1/0x650 [ 12.127209] ? __virt_addr_valid+0x1db/0x2d0 [ 12.127231] ? kmem_cache_oob+0x402/0x530 [ 12.127250] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.127271] ? kmem_cache_oob+0x402/0x530 [ 12.127290] kasan_report+0x141/0x180 [ 12.127312] ? kmem_cache_oob+0x402/0x530 [ 12.127360] __asan_report_load1_noabort+0x18/0x20 [ 12.127380] kmem_cache_oob+0x402/0x530 [ 12.127410] ? trace_hardirqs_on+0x37/0xe0 [ 12.127433] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.127451] ? finish_task_switch.isra.0+0x153/0x700 [ 12.127473] ? __switch_to+0x5d9/0xf60 [ 12.127494] ? dequeue_task_fair+0x166/0x4e0 [ 12.127522] ? __pfx_read_tsc+0x10/0x10 [ 12.127542] ? ktime_get_ts64+0x86/0x230 [ 12.127567] kunit_try_run_case+0x1a5/0x480 [ 12.127591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.127611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.127635] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.127658] ? __kthread_parkme+0x82/0x180 [ 12.127678] ? preempt_count_sub+0x50/0x80 [ 12.127702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.127724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.127745] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.127767] kthread+0x337/0x6f0 [ 12.127787] ? trace_preempt_on+0x20/0xc0 [ 12.127808] ? __pfx_kthread+0x10/0x10 [ 12.127829] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.127850] ? calculate_sigpending+0x7b/0xa0 [ 12.127872] ? __pfx_kthread+0x10/0x10 [ 12.127893] ret_from_fork+0x41/0x80 [ 12.127913] ? __pfx_kthread+0x10/0x10 [ 12.127934] ret_from_fork_asm+0x1a/0x30 [ 12.127965] </TASK> [ 12.127976] [ 12.139661] Allocated by task 227: [ 12.139844] kasan_save_stack+0x45/0x70 [ 12.140033] kasan_save_track+0x18/0x40 [ 12.140624] kasan_save_alloc_info+0x3b/0x50 [ 12.140961] __kasan_slab_alloc+0x91/0xa0 [ 12.141275] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.141612] kmem_cache_oob+0x157/0x530 [ 12.142005] kunit_try_run_case+0x1a5/0x480 [ 12.142471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.142923] kthread+0x337/0x6f0 [ 12.143193] ret_from_fork+0x41/0x80 [ 12.143576] ret_from_fork_asm+0x1a/0x30 [ 12.143767] [ 12.143858] The buggy address belongs to the object at ffff88810274b000 [ 12.143858] which belongs to the cache test_cache of size 200 [ 12.144864] The buggy address is located 0 bytes to the right of [ 12.144864] allocated 200-byte region [ffff88810274b000, ffff88810274b0c8) [ 12.145800] [ 12.146035] The buggy address belongs to the physical page: [ 12.146550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10274b [ 12.146872] flags: 0x200000000000000(node=0|zone=2) [ 12.147089] page_type: f5(slab) [ 12.147510] raw: 0200000000000000 ffff888101a70140 dead000000000122 0000000000000000 [ 12.148189] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.148700] page dumped because: kasan: bad access detected [ 12.149107] [ 12.149362] Memory state around the buggy address: [ 12.149795] ffff88810274af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.150101] ffff88810274b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.150712] >ffff88810274b080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.151021] ^ [ 12.151510] ffff88810274b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.151988] ffff88810274b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.152529] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.081831] ================================================================== [ 12.082344] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.082582] Read of size 8 at addr ffff888102741f00 by task kunit_try_catch/220 [ 12.082830] [ 12.082946] CPU: 0 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 12.082989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.083000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.083020] Call Trace: [ 12.083033] <TASK> [ 12.083049] dump_stack_lvl+0x73/0xb0 [ 12.083074] print_report+0xd1/0x650 [ 12.083096] ? __virt_addr_valid+0x1db/0x2d0 [ 12.083118] ? workqueue_uaf+0x4d6/0x560 [ 12.083347] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.083375] ? workqueue_uaf+0x4d6/0x560 [ 12.083397] kasan_report+0x141/0x180 [ 12.083420] ? workqueue_uaf+0x4d6/0x560 [ 12.083446] __asan_report_load8_noabort+0x18/0x20 [ 12.083466] workqueue_uaf+0x4d6/0x560 [ 12.083535] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.083560] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.083585] kunit_try_run_case+0x1a5/0x480 [ 12.083608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.083629] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.083653] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.083676] ? __kthread_parkme+0x82/0x180 [ 12.083696] ? preempt_count_sub+0x50/0x80 [ 12.083721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.083743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.083765] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.083787] kthread+0x337/0x6f0 [ 12.083807] ? trace_preempt_on+0x20/0xc0 [ 12.083830] ? __pfx_kthread+0x10/0x10 [ 12.083851] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.083872] ? calculate_sigpending+0x7b/0xa0 [ 12.083893] ? __pfx_kthread+0x10/0x10 [ 12.083915] ret_from_fork+0x41/0x80 [ 12.083935] ? __pfx_kthread+0x10/0x10 [ 12.083957] ret_from_fork_asm+0x1a/0x30 [ 12.083987] </TASK> [ 12.083997] [ 12.093944] Allocated by task 220: [ 12.094139] kasan_save_stack+0x45/0x70 [ 12.094355] kasan_save_track+0x18/0x40 [ 12.094781] kasan_save_alloc_info+0x3b/0x50 [ 12.094995] __kasan_kmalloc+0xb7/0xc0 [ 12.095244] __kmalloc_cache_noprof+0x189/0x420 [ 12.095633] workqueue_uaf+0x152/0x560 [ 12.095828] kunit_try_run_case+0x1a5/0x480 [ 12.096036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.096260] kthread+0x337/0x6f0 [ 12.096541] ret_from_fork+0x41/0x80 [ 12.096757] ret_from_fork_asm+0x1a/0x30 [ 12.096953] [ 12.097045] Freed by task 9: [ 12.097200] kasan_save_stack+0x45/0x70 [ 12.097471] kasan_save_track+0x18/0x40 [ 12.097674] kasan_save_free_info+0x3f/0x60 [ 12.097829] __kasan_slab_free+0x56/0x70 [ 12.097965] kfree+0x222/0x3f0 [ 12.098077] workqueue_uaf_work+0x12/0x20 [ 12.098267] process_one_work+0x5ee/0xf60 [ 12.098479] worker_thread+0x725/0x1320 [ 12.098849] kthread+0x337/0x6f0 [ 12.099043] ret_from_fork+0x41/0x80 [ 12.099535] ret_from_fork_asm+0x1a/0x30 [ 12.099953] [ 12.100288] Last potentially related work creation: [ 12.100542] kasan_save_stack+0x45/0x70 [ 12.101424] kasan_record_aux_stack+0xb2/0xc0 [ 12.101932] __queue_work+0x626/0xeb0 [ 12.102067] queue_work_on+0xb6/0xc0 [ 12.102745] workqueue_uaf+0x26d/0x560 [ 12.103320] kunit_try_run_case+0x1a5/0x480 [ 12.103913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.104092] kthread+0x337/0x6f0 [ 12.104750] ret_from_fork+0x41/0x80 [ 12.105315] ret_from_fork_asm+0x1a/0x30 [ 12.105915] [ 12.106015] The buggy address belongs to the object at ffff888102741f00 [ 12.106015] which belongs to the cache kmalloc-32 of size 32 [ 12.107342] The buggy address is located 0 bytes inside of [ 12.107342] freed 32-byte region [ffff888102741f00, ffff888102741f20) [ 12.108585] [ 12.108703] The buggy address belongs to the physical page: [ 12.108987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102741 [ 12.109403] flags: 0x200000000000000(node=0|zone=2) [ 12.109882] page_type: f5(slab) [ 12.110181] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.110575] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.111100] page dumped because: kasan: bad access detected [ 12.111665] [ 12.111765] Memory state around the buggy address: [ 12.112087] ffff888102741e00: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 12.112625] ffff888102741e80: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 12.112926] >ffff888102741f00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.113363] ^ [ 12.113664] ffff888102741f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.113944] ffff888102742000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.114549] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.040672] ================================================================== [ 12.041122] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.041818] Read of size 4 at addr ffff888102741d40 by task swapper/0/0 [ 12.042185] [ 12.042582] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 12.042633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.042644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.042665] Call Trace: [ 12.042692] <IRQ> [ 12.042707] dump_stack_lvl+0x73/0xb0 [ 12.042735] print_report+0xd1/0x650 [ 12.042758] ? __virt_addr_valid+0x1db/0x2d0 [ 12.042779] ? rcu_uaf_reclaim+0x50/0x60 [ 12.042799] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.042821] ? rcu_uaf_reclaim+0x50/0x60 [ 12.042841] kasan_report+0x141/0x180 [ 12.042863] ? rcu_uaf_reclaim+0x50/0x60 [ 12.042888] __asan_report_load4_noabort+0x18/0x20 [ 12.042909] rcu_uaf_reclaim+0x50/0x60 [ 12.042929] rcu_core+0x66c/0x1c30 [ 12.042955] ? enqueue_hrtimer+0xfe/0x210 [ 12.042979] ? __pfx_rcu_core+0x10/0x10 [ 12.043000] ? ktime_get+0x6b/0x150 [ 12.043021] ? handle_softirqs+0x18e/0x730 [ 12.043047] rcu_core_si+0x12/0x20 [ 12.043067] handle_softirqs+0x209/0x730 [ 12.043088] ? hrtimer_interrupt+0x2fe/0x780 [ 12.043110] ? __pfx_handle_softirqs+0x10/0x10 [ 12.043136] __irq_exit_rcu+0xc9/0x110 [ 12.043158] irq_exit_rcu+0x12/0x20 [ 12.043178] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.043204] </IRQ> [ 12.043228] <TASK> [ 12.043239] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.043340] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.043545] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 43 c8 1b 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.043622] RSP: 0000:ffffffff8bc07dd8 EFLAGS: 00010202 [ 12.043718] RAX: ffff8881ce03b000 RBX: ffffffff8bc1ca80 RCX: ffffffff8aacd0b5 [ 12.043765] RDX: ffffed102b606103 RSI: 0000000000000004 RDI: 0000000000005f84 [ 12.043808] RBP: ffffffff8bc07de0 R08: 0000000000000001 R09: ffffed102b606102 [ 12.043853] R10: ffff88815b030813 R11: 00000000000be800 R12: 0000000000000000 [ 12.043897] R13: fffffbfff1783950 R14: ffffffff8c7e7010 R15: 0000000000000000 [ 12.043955] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.044004] ? default_idle+0xd/0x20 [ 12.044023] arch_cpu_idle+0xd/0x20 [ 12.044041] default_idle_call+0x48/0x80 [ 12.044060] do_idle+0x379/0x4f0 [ 12.044083] ? __pfx_do_idle+0x10/0x10 [ 12.044105] ? rest_init+0x10b/0x140 [ 12.044141] cpu_startup_entry+0x5c/0x70 [ 12.044162] rest_init+0x11a/0x140 [ 12.044179] ? acpi_subsystem_init+0x5d/0x150 [ 12.044203] start_kernel+0x32b/0x410 [ 12.044227] x86_64_start_reservations+0x1c/0x30 [ 12.044250] x86_64_start_kernel+0xcf/0xe0 [ 12.044273] common_startup_64+0x13e/0x148 [ 12.044305] </TASK> [ 12.044316] [ 12.058934] Allocated by task 218: [ 12.059119] kasan_save_stack+0x45/0x70 [ 12.059307] kasan_save_track+0x18/0x40 [ 12.059450] kasan_save_alloc_info+0x3b/0x50 [ 12.059730] __kasan_kmalloc+0xb7/0xc0 [ 12.059885] __kmalloc_cache_noprof+0x189/0x420 [ 12.060032] rcu_uaf+0xb0/0x330 [ 12.060145] kunit_try_run_case+0x1a5/0x480 [ 12.060288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.060469] kthread+0x337/0x6f0 [ 12.060589] ret_from_fork+0x41/0x80 [ 12.060717] ret_from_fork_asm+0x1a/0x30 [ 12.060850] [ 12.060918] Freed by task 0: [ 12.061020] kasan_save_stack+0x45/0x70 [ 12.061149] kasan_save_track+0x18/0x40 [ 12.061278] kasan_save_free_info+0x3f/0x60 [ 12.061510] __kasan_slab_free+0x56/0x70 [ 12.061785] kfree+0x222/0x3f0 [ 12.061924] rcu_uaf_reclaim+0x1f/0x60 [ 12.062089] rcu_core+0x66c/0x1c30 [ 12.062516] rcu_core_si+0x12/0x20 [ 12.062692] handle_softirqs+0x209/0x730 [ 12.063271] __irq_exit_rcu+0xc9/0x110 [ 12.063497] irq_exit_rcu+0x12/0x20 [ 12.063700] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.063907] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.064069] [ 12.064262] Last potentially related work creation: [ 12.064607] kasan_save_stack+0x45/0x70 [ 12.064986] kasan_record_aux_stack+0xb2/0xc0 [ 12.065285] __call_rcu_common.constprop.0+0x72/0x9c0 [ 12.065520] call_rcu+0x12/0x20 [ 12.065636] rcu_uaf+0x168/0x330 [ 12.065751] kunit_try_run_case+0x1a5/0x480 [ 12.066071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.066393] kthread+0x337/0x6f0 [ 12.066566] ret_from_fork+0x41/0x80 [ 12.066746] ret_from_fork_asm+0x1a/0x30 [ 12.066952] [ 12.067055] The buggy address belongs to the object at ffff888102741d40 [ 12.067055] which belongs to the cache kmalloc-32 of size 32 [ 12.067496] The buggy address is located 0 bytes inside of [ 12.067496] freed 32-byte region [ffff888102741d40, ffff888102741d60) [ 12.069176] [ 12.069405] The buggy address belongs to the physical page: [ 12.070280] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102741 [ 12.070672] flags: 0x200000000000000(node=0|zone=2) [ 12.070917] page_type: f5(slab) [ 12.071191] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.071796] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.072314] page dumped because: kasan: bad access detected [ 12.072542] [ 12.072626] Memory state around the buggy address: [ 12.073062] ffff888102741c00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.073626] ffff888102741c80: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 12.074107] >ffff888102741d00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.074638] ^ [ 12.074972] ffff888102741d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.075730] ffff888102741e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.076026] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 11.152181] ================================================================== [ 11.152744] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.153090] Write of size 1 at addr ffff8881003510eb by task kunit_try_catch/176 [ 11.153448] [ 11.153612] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.153658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.153669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.153688] Call Trace: [ 11.153710] <TASK> [ 11.153724] dump_stack_lvl+0x73/0xb0 [ 11.153751] print_report+0xd1/0x650 [ 11.153791] ? __virt_addr_valid+0x1db/0x2d0 [ 11.153813] ? krealloc_more_oob_helper+0x821/0x930 [ 11.153836] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.153858] ? krealloc_more_oob_helper+0x821/0x930 [ 11.153882] kasan_report+0x141/0x180 [ 11.153904] ? krealloc_more_oob_helper+0x821/0x930 [ 11.153932] __asan_report_store1_noabort+0x1b/0x30 [ 11.153961] krealloc_more_oob_helper+0x821/0x930 [ 11.153983] ? __schedule+0x10cc/0x2b30 [ 11.154006] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.154040] ? finish_task_switch.isra.0+0x153/0x700 [ 11.154063] ? __switch_to+0x5d9/0xf60 [ 11.154084] ? dequeue_task_fair+0x166/0x4e0 [ 11.154121] ? __schedule+0x10cc/0x2b30 [ 11.154162] ? __pfx_read_tsc+0x10/0x10 [ 11.154185] krealloc_more_oob+0x1c/0x30 [ 11.154216] kunit_try_run_case+0x1a5/0x480 [ 11.154239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.154260] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.154282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.154306] ? __kthread_parkme+0x82/0x180 [ 11.154336] ? preempt_count_sub+0x50/0x80 [ 11.154359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.154382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.154443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.154466] kthread+0x337/0x6f0 [ 11.154485] ? trace_preempt_on+0x20/0xc0 [ 11.154507] ? __pfx_kthread+0x10/0x10 [ 11.154529] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.154550] ? calculate_sigpending+0x7b/0xa0 [ 11.154571] ? __pfx_kthread+0x10/0x10 [ 11.154592] ret_from_fork+0x41/0x80 [ 11.154612] ? __pfx_kthread+0x10/0x10 [ 11.154633] ret_from_fork_asm+0x1a/0x30 [ 11.154664] </TASK> [ 11.154674] [ 11.166697] Allocated by task 176: [ 11.166865] kasan_save_stack+0x45/0x70 [ 11.167100] kasan_save_track+0x18/0x40 [ 11.167339] kasan_save_alloc_info+0x3b/0x50 [ 11.167669] __kasan_krealloc+0x190/0x1f0 [ 11.167906] krealloc_noprof+0xf3/0x340 [ 11.168097] krealloc_more_oob_helper+0x1a9/0x930 [ 11.168312] krealloc_more_oob+0x1c/0x30 [ 11.168604] kunit_try_run_case+0x1a5/0x480 [ 11.168807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.169059] kthread+0x337/0x6f0 [ 11.169250] ret_from_fork+0x41/0x80 [ 11.169416] ret_from_fork_asm+0x1a/0x30 [ 11.169638] [ 11.169710] The buggy address belongs to the object at ffff888100351000 [ 11.169710] which belongs to the cache kmalloc-256 of size 256 [ 11.170316] The buggy address is located 0 bytes to the right of [ 11.170316] allocated 235-byte region [ffff888100351000, ffff8881003510eb) [ 11.170896] [ 11.170995] The buggy address belongs to the physical page: [ 11.171240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.171604] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.171828] flags: 0x200000000000040(head|node=0|zone=2) [ 11.172111] page_type: f5(slab) [ 11.172277] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.172902] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.173430] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.173780] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.174066] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.174487] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.174813] page dumped because: kasan: bad access detected [ 11.174990] [ 11.175083] Memory state around the buggy address: [ 11.175570] ffff888100350f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.175916] ffff888100351000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.176181] >ffff888100351080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.176597] ^ [ 11.176799] ffff888100351100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.177112] ffff888100351180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.177672] ================================================================== [ 11.178516] ================================================================== [ 11.178812] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.179125] Write of size 1 at addr ffff8881003510f0 by task kunit_try_catch/176 [ 11.179651] [ 11.179771] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.179816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.179826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.179846] Call Trace: [ 11.179857] <TASK> [ 11.179872] dump_stack_lvl+0x73/0xb0 [ 11.179897] print_report+0xd1/0x650 [ 11.179919] ? __virt_addr_valid+0x1db/0x2d0 [ 11.179940] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.179963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.179985] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.180008] kasan_report+0x141/0x180 [ 11.180030] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.180059] __asan_report_store1_noabort+0x1b/0x30 [ 11.180079] krealloc_more_oob_helper+0x7eb/0x930 [ 11.180101] ? __schedule+0x10cc/0x2b30 [ 11.180123] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.180147] ? finish_task_switch.isra.0+0x153/0x700 [ 11.180169] ? __switch_to+0x5d9/0xf60 [ 11.180189] ? dequeue_task_fair+0x166/0x4e0 [ 11.180213] ? __schedule+0x10cc/0x2b30 [ 11.180247] ? __pfx_read_tsc+0x10/0x10 [ 11.180270] krealloc_more_oob+0x1c/0x30 [ 11.180291] kunit_try_run_case+0x1a5/0x480 [ 11.180334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.180355] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.180379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.180402] ? __kthread_parkme+0x82/0x180 [ 11.180422] ? preempt_count_sub+0x50/0x80 [ 11.180446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.180468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.180489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.180511] kthread+0x337/0x6f0 [ 11.180531] ? trace_preempt_on+0x20/0xc0 [ 11.180554] ? __pfx_kthread+0x10/0x10 [ 11.180575] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.180596] ? calculate_sigpending+0x7b/0xa0 [ 11.180815] ? __pfx_kthread+0x10/0x10 [ 11.180837] ret_from_fork+0x41/0x80 [ 11.180858] ? __pfx_kthread+0x10/0x10 [ 11.180879] ret_from_fork_asm+0x1a/0x30 [ 11.180910] </TASK> [ 11.180921] [ 11.189194] Allocated by task 176: [ 11.189620] kasan_save_stack+0x45/0x70 [ 11.189852] kasan_save_track+0x18/0x40 [ 11.190099] kasan_save_alloc_info+0x3b/0x50 [ 11.190294] __kasan_krealloc+0x190/0x1f0 [ 11.190481] krealloc_noprof+0xf3/0x340 [ 11.190690] krealloc_more_oob_helper+0x1a9/0x930 [ 11.190964] krealloc_more_oob+0x1c/0x30 [ 11.191161] kunit_try_run_case+0x1a5/0x480 [ 11.191396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.191569] kthread+0x337/0x6f0 [ 11.191687] ret_from_fork+0x41/0x80 [ 11.191813] ret_from_fork_asm+0x1a/0x30 [ 11.192087] [ 11.192238] The buggy address belongs to the object at ffff888100351000 [ 11.192238] which belongs to the cache kmalloc-256 of size 256 [ 11.192962] The buggy address is located 5 bytes to the right of [ 11.192962] allocated 235-byte region [ffff888100351000, ffff8881003510eb) [ 11.193388] [ 11.193496] The buggy address belongs to the physical page: [ 11.193811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.194293] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.194789] flags: 0x200000000000040(head|node=0|zone=2) [ 11.195166] page_type: f5(slab) [ 11.195366] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.195788] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.196121] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.196552] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.196903] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.197254] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.197645] page dumped because: kasan: bad access detected [ 11.197888] [ 11.197957] Memory state around the buggy address: [ 11.198111] ffff888100350f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.198453] ffff888100351000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.198697] >ffff888100351080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.199272] ^ [ 11.199795] ffff888100351100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.200119] ffff888100351180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.200555] ================================================================== [ 11.349076] ================================================================== [ 11.349451] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.350040] Write of size 1 at addr ffff888102c5a0f0 by task kunit_try_catch/180 [ 11.350446] [ 11.350563] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.350606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.350617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.350638] Call Trace: [ 11.350653] <TASK> [ 11.350667] dump_stack_lvl+0x73/0xb0 [ 11.350690] print_report+0xd1/0x650 [ 11.350712] ? __virt_addr_valid+0x1db/0x2d0 [ 11.350734] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.350757] ? kasan_addr_to_slab+0x11/0xa0 [ 11.350778] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.350802] kasan_report+0x141/0x180 [ 11.350824] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.350853] __asan_report_store1_noabort+0x1b/0x30 [ 11.350873] krealloc_more_oob_helper+0x7eb/0x930 [ 11.350895] ? __schedule+0x10cc/0x2b30 [ 11.350918] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.350942] ? finish_task_switch.isra.0+0x153/0x700 [ 11.350963] ? __switch_to+0x5d9/0xf60 [ 11.350983] ? dequeue_task_fair+0x166/0x4e0 [ 11.351007] ? __schedule+0x10cc/0x2b30 [ 11.351029] ? __pfx_read_tsc+0x10/0x10 [ 11.351052] krealloc_large_more_oob+0x1c/0x30 [ 11.351075] kunit_try_run_case+0x1a5/0x480 [ 11.351098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.351118] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.351152] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.351175] ? __kthread_parkme+0x82/0x180 [ 11.351196] ? preempt_count_sub+0x50/0x80 [ 11.351220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.351242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.351264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.351287] kthread+0x337/0x6f0 [ 11.351307] ? trace_preempt_on+0x20/0xc0 [ 11.351342] ? __pfx_kthread+0x10/0x10 [ 11.351364] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.351385] ? calculate_sigpending+0x7b/0xa0 [ 11.351407] ? __pfx_kthread+0x10/0x10 [ 11.351429] ret_from_fork+0x41/0x80 [ 11.351449] ? __pfx_kthread+0x10/0x10 [ 11.351470] ret_from_fork_asm+0x1a/0x30 [ 11.351501] </TASK> [ 11.351511] [ 11.359846] The buggy address belongs to the physical page: [ 11.360236] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58 [ 11.360710] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.360986] flags: 0x200000000000040(head|node=0|zone=2) [ 11.361174] page_type: f8(unknown) [ 11.361379] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.361883] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.362237] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.362593] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.362934] head: 0200000000000002 ffffea00040b1601 00000000ffffffff 00000000ffffffff [ 11.363226] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.363592] page dumped because: kasan: bad access detected [ 11.363765] [ 11.363833] Memory state around the buggy address: [ 11.364031] ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.364350] ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.364711] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.364925] ^ [ 11.365127] ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.365757] ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.366100] ================================================================== [ 11.320860] ================================================================== [ 11.321911] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.322168] Write of size 1 at addr ffff888102c5a0eb by task kunit_try_catch/180 [ 11.323085] [ 11.323354] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.323687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.323699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.323720] Call Trace: [ 11.323733] <TASK> [ 11.323749] dump_stack_lvl+0x73/0xb0 [ 11.323776] print_report+0xd1/0x650 [ 11.323810] ? __virt_addr_valid+0x1db/0x2d0 [ 11.323832] ? krealloc_more_oob_helper+0x821/0x930 [ 11.323855] ? kasan_addr_to_slab+0x11/0xa0 [ 11.323887] ? krealloc_more_oob_helper+0x821/0x930 [ 11.323911] kasan_report+0x141/0x180 [ 11.323934] ? krealloc_more_oob_helper+0x821/0x930 [ 11.323963] __asan_report_store1_noabort+0x1b/0x30 [ 11.323984] krealloc_more_oob_helper+0x821/0x930 [ 11.324006] ? __schedule+0x10cc/0x2b30 [ 11.324030] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.324054] ? finish_task_switch.isra.0+0x153/0x700 [ 11.324077] ? __switch_to+0x5d9/0xf60 [ 11.324096] ? dequeue_task_fair+0x166/0x4e0 [ 11.324122] ? __schedule+0x10cc/0x2b30 [ 11.324152] ? __pfx_read_tsc+0x10/0x10 [ 11.324175] krealloc_large_more_oob+0x1c/0x30 [ 11.324198] kunit_try_run_case+0x1a5/0x480 [ 11.324221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.324242] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.324266] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.324289] ? __kthread_parkme+0x82/0x180 [ 11.324310] ? preempt_count_sub+0x50/0x80 [ 11.324343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.324367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.324410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.324432] kthread+0x337/0x6f0 [ 11.324453] ? trace_preempt_on+0x20/0xc0 [ 11.324475] ? __pfx_kthread+0x10/0x10 [ 11.324497] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.324518] ? calculate_sigpending+0x7b/0xa0 [ 11.324539] ? __pfx_kthread+0x10/0x10 [ 11.324562] ret_from_fork+0x41/0x80 [ 11.324582] ? __pfx_kthread+0x10/0x10 [ 11.324603] ret_from_fork_asm+0x1a/0x30 [ 11.324635] </TASK> [ 11.324645] [ 11.338045] The buggy address belongs to the physical page: [ 11.338583] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58 [ 11.339189] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.339660] flags: 0x200000000000040(head|node=0|zone=2) [ 11.340136] page_type: f8(unknown) [ 11.340320] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.341011] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.341737] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.342071] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.342974] head: 0200000000000002 ffffea00040b1601 00000000ffffffff 00000000ffffffff [ 11.343845] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.344400] page dumped because: kasan: bad access detected [ 11.344773] [ 11.344867] Memory state around the buggy address: [ 11.345070] ffff888102c59f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.346078] ffff888102c5a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.346668] >ffff888102c5a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.347046] ^ [ 11.347757] ffff888102c5a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.348168] ffff888102c5a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.348696] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.133461] ================================================================== [ 11.134548] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.134796] Read of size 1 at addr ffff888103a50000 by task kunit_try_catch/174 [ 11.135114] [ 11.135257] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.135320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.135341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.135361] Call Trace: [ 11.135372] <TASK> [ 11.135388] dump_stack_lvl+0x73/0xb0 [ 11.135423] print_report+0xd1/0x650 [ 11.135445] ? __virt_addr_valid+0x1db/0x2d0 [ 11.135477] ? page_alloc_uaf+0x356/0x3d0 [ 11.135498] ? kasan_addr_to_slab+0x11/0xa0 [ 11.135519] ? page_alloc_uaf+0x356/0x3d0 [ 11.135541] kasan_report+0x141/0x180 [ 11.135563] ? page_alloc_uaf+0x356/0x3d0 [ 11.135590] __asan_report_load1_noabort+0x18/0x20 [ 11.135610] page_alloc_uaf+0x356/0x3d0 [ 11.135647] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.135670] ? __schedule+0x10cc/0x2b30 [ 11.135692] ? __pfx_read_tsc+0x10/0x10 [ 11.135711] ? ktime_get_ts64+0x86/0x230 [ 11.135735] kunit_try_run_case+0x1a5/0x480 [ 11.135759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.135780] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.135803] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.135826] ? __kthread_parkme+0x82/0x180 [ 11.135847] ? preempt_count_sub+0x50/0x80 [ 11.135872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.135894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.135916] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.135938] kthread+0x337/0x6f0 [ 11.135958] ? trace_preempt_on+0x20/0xc0 [ 11.135981] ? __pfx_kthread+0x10/0x10 [ 11.136002] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.136023] ? calculate_sigpending+0x7b/0xa0 [ 11.136044] ? __pfx_kthread+0x10/0x10 [ 11.136066] ret_from_fork+0x41/0x80 [ 11.136085] ? __pfx_kthread+0x10/0x10 [ 11.136107] ret_from_fork_asm+0x1a/0x30 [ 11.136197] </TASK> [ 11.136222] [ 11.144038] The buggy address belongs to the physical page: [ 11.144222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a50 [ 11.144655] flags: 0x200000000000000(node=0|zone=2) [ 11.144884] page_type: f0(buddy) [ 11.145103] raw: 0200000000000000 ffff88817fffc3e0 ffff88817fffc3e0 0000000000000000 [ 11.145336] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 11.145863] page dumped because: kasan: bad access detected [ 11.146147] [ 11.146256] Memory state around the buggy address: [ 11.146616] ffff888103a4ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.146923] ffff888103a4ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.147308] >ffff888103a50000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.147756] ^ [ 11.147920] ffff888103a50080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.148269] ffff888103a50100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.148669] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.110598] ================================================================== [ 11.111381] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.111719] Free of addr ffff888102c58001 by task kunit_try_catch/170 [ 11.112004] [ 11.112114] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.112154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.112165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.112184] Call Trace: [ 11.112195] <TASK> [ 11.112210] dump_stack_lvl+0x73/0xb0 [ 11.112245] print_report+0xd1/0x650 [ 11.112267] ? __virt_addr_valid+0x1db/0x2d0 [ 11.112288] ? kasan_addr_to_slab+0x11/0xa0 [ 11.112319] ? kfree+0x274/0x3f0 [ 11.112348] kasan_report_invalid_free+0x10a/0x130 [ 11.112372] ? kfree+0x274/0x3f0 [ 11.112392] ? kfree+0x274/0x3f0 [ 11.112409] __kasan_kfree_large+0x86/0xd0 [ 11.112430] free_large_kmalloc+0x4b/0x110 [ 11.112454] kfree+0x274/0x3f0 [ 11.112485] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.112508] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.112530] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.112681] ? trace_hardirqs_on+0x37/0xe0 [ 11.112710] ? __pfx_read_tsc+0x10/0x10 [ 11.112729] ? ktime_get_ts64+0x86/0x230 [ 11.112766] kunit_try_run_case+0x1a5/0x480 [ 11.112789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.112812] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.112836] ? __kthread_parkme+0x82/0x180 [ 11.112856] ? preempt_count_sub+0x50/0x80 [ 11.112880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.112902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.112924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.112945] kthread+0x337/0x6f0 [ 11.112965] ? trace_preempt_on+0x20/0xc0 [ 11.112987] ? __pfx_kthread+0x10/0x10 [ 11.113008] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.113029] ? calculate_sigpending+0x7b/0xa0 [ 11.113049] ? __pfx_kthread+0x10/0x10 [ 11.113071] ret_from_fork+0x41/0x80 [ 11.113091] ? __pfx_kthread+0x10/0x10 [ 11.113112] ret_from_fork_asm+0x1a/0x30 [ 11.113230] </TASK> [ 11.113242] [ 11.121141] The buggy address belongs to the physical page: [ 11.121333] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58 [ 11.122168] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.122669] flags: 0x200000000000040(head|node=0|zone=2) [ 11.122889] page_type: f8(unknown) [ 11.123077] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.123474] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.123831] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.124101] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.124549] head: 0200000000000002 ffffea00040b1601 00000000ffffffff 00000000ffffffff [ 11.124877] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.125103] page dumped because: kasan: bad access detected [ 11.125610] [ 11.125879] Memory state around the buggy address: [ 11.126094] ffff888102c57f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.126387] ffff888102c57f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.126949] >ffff888102c58000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.127276] ^ [ 11.127403] ffff888102c58080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.127895] ffff888102c58100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.128144] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.091585] ================================================================== [ 11.092886] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.093385] Read of size 1 at addr ffff888102c54000 by task kunit_try_catch/168 [ 11.093659] [ 11.093986] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.094033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.094118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.094154] Call Trace: [ 11.094167] <TASK> [ 11.094181] dump_stack_lvl+0x73/0xb0 [ 11.094206] print_report+0xd1/0x650 [ 11.094228] ? __virt_addr_valid+0x1db/0x2d0 [ 11.094250] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.094270] ? kasan_addr_to_slab+0x11/0xa0 [ 11.094291] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.094312] kasan_report+0x141/0x180 [ 11.094345] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.094371] __asan_report_load1_noabort+0x18/0x20 [ 11.094568] kmalloc_large_uaf+0x2f1/0x340 [ 11.094595] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.094617] ? __schedule+0x10cc/0x2b30 [ 11.094641] ? __pfx_read_tsc+0x10/0x10 [ 11.094660] ? ktime_get_ts64+0x86/0x230 [ 11.094685] kunit_try_run_case+0x1a5/0x480 [ 11.094708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.094728] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.094751] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.094774] ? __kthread_parkme+0x82/0x180 [ 11.094795] ? preempt_count_sub+0x50/0x80 [ 11.094819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.094841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.094863] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.094885] kthread+0x337/0x6f0 [ 11.094905] ? trace_preempt_on+0x20/0xc0 [ 11.094929] ? __pfx_kthread+0x10/0x10 [ 11.094951] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.094973] ? calculate_sigpending+0x7b/0xa0 [ 11.094994] ? __pfx_kthread+0x10/0x10 [ 11.095016] ret_from_fork+0x41/0x80 [ 11.095036] ? __pfx_kthread+0x10/0x10 [ 11.095057] ret_from_fork_asm+0x1a/0x30 [ 11.095088] </TASK> [ 11.095099] [ 11.103119] The buggy address belongs to the physical page: [ 11.103391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c54 [ 11.103871] flags: 0x200000000000000(node=0|zone=2) [ 11.104141] raw: 0200000000000000 ffffea00040b1608 ffff88815b139a80 0000000000000000 [ 11.104510] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.104736] page dumped because: kasan: bad access detected [ 11.104983] [ 11.105075] Memory state around the buggy address: [ 11.105514] ffff888102c53f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.105802] ffff888102c53f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.106142] >ffff888102c54000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.106554] ^ [ 11.106720] ffff888102c54080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.107023] ffff888102c54100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.107386] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.069914] ================================================================== [ 11.070704] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.071632] Write of size 1 at addr ffff888102a0200a by task kunit_try_catch/166 [ 11.072026] [ 11.072121] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.072166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.072178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.072205] Call Trace: [ 11.072219] <TASK> [ 11.072236] dump_stack_lvl+0x73/0xb0 [ 11.072264] print_report+0xd1/0x650 [ 11.072286] ? __virt_addr_valid+0x1db/0x2d0 [ 11.072308] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.072340] ? kasan_addr_to_slab+0x11/0xa0 [ 11.072360] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.072382] kasan_report+0x141/0x180 [ 11.072404] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.072431] __asan_report_store1_noabort+0x1b/0x30 [ 11.072451] kmalloc_large_oob_right+0x2e9/0x330 [ 11.072473] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.072495] ? __schedule+0x10cc/0x2b30 [ 11.072518] ? __pfx_read_tsc+0x10/0x10 [ 11.072537] ? ktime_get_ts64+0x86/0x230 [ 11.072563] kunit_try_run_case+0x1a5/0x480 [ 11.072586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.072607] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.072630] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.072652] ? __kthread_parkme+0x82/0x180 [ 11.072674] ? preempt_count_sub+0x50/0x80 [ 11.072698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.072720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.072742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.072763] kthread+0x337/0x6f0 [ 11.072783] ? trace_preempt_on+0x20/0xc0 [ 11.072806] ? __pfx_kthread+0x10/0x10 [ 11.072828] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.072848] ? calculate_sigpending+0x7b/0xa0 [ 11.072869] ? __pfx_kthread+0x10/0x10 [ 11.072890] ret_from_fork+0x41/0x80 [ 11.072910] ? __pfx_kthread+0x10/0x10 [ 11.072932] ret_from_fork_asm+0x1a/0x30 [ 11.072963] </TASK> [ 11.073022] [ 11.081689] The buggy address belongs to the physical page: [ 11.081979] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a00 [ 11.082506] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.082864] flags: 0x200000000000040(head|node=0|zone=2) [ 11.083065] page_type: f8(unknown) [ 11.083194] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.083565] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.084079] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.084870] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.085196] head: 0200000000000002 ffffea00040a8001 00000000ffffffff 00000000ffffffff [ 11.085783] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.086126] page dumped because: kasan: bad access detected [ 11.086394] [ 11.086559] Memory state around the buggy address: [ 11.086892] ffff888102a01f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.087189] ffff888102a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.087703] >ffff888102a02000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.087986] ^ [ 11.088216] ffff888102a02080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.088711] ffff888102a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.089216] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.031260] ================================================================== [ 11.031841] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 11.032078] Write of size 1 at addr ffff888102c1df00 by task kunit_try_catch/164 [ 11.032934] [ 11.033210] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 11.033256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.033268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.033287] Call Trace: [ 11.033299] <TASK> [ 11.033315] dump_stack_lvl+0x73/0xb0 [ 11.033353] print_report+0xd1/0x650 [ 11.033376] ? __virt_addr_valid+0x1db/0x2d0 [ 11.033398] ? kmalloc_big_oob_right+0x316/0x370 [ 11.033420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.033442] ? kmalloc_big_oob_right+0x316/0x370 [ 11.033465] kasan_report+0x141/0x180 [ 11.033487] ? kmalloc_big_oob_right+0x316/0x370 [ 11.033514] __asan_report_store1_noabort+0x1b/0x30 [ 11.033534] kmalloc_big_oob_right+0x316/0x370 [ 11.033557] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.033605] ? __schedule+0x10cc/0x2b30 [ 11.033631] ? __pfx_read_tsc+0x10/0x10 [ 11.033652] ? ktime_get_ts64+0x86/0x230 [ 11.033689] kunit_try_run_case+0x1a5/0x480 [ 11.033713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.033745] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.033772] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.033795] ? __kthread_parkme+0x82/0x180 [ 11.033816] ? preempt_count_sub+0x50/0x80 [ 11.033841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.033863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.033885] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.033907] kthread+0x337/0x6f0 [ 11.033927] ? trace_preempt_on+0x20/0xc0 [ 11.033951] ? __pfx_kthread+0x10/0x10 [ 11.033972] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.033994] ? calculate_sigpending+0x7b/0xa0 [ 11.034015] ? __pfx_kthread+0x10/0x10 [ 11.034037] ret_from_fork+0x41/0x80 [ 11.034057] ? __pfx_kthread+0x10/0x10 [ 11.034078] ret_from_fork_asm+0x1a/0x30 [ 11.034125] </TASK> [ 11.034136] [ 11.049288] Allocated by task 164: [ 11.050237] kasan_save_stack+0x45/0x70 [ 11.050788] kasan_save_track+0x18/0x40 [ 11.051300] kasan_save_alloc_info+0x3b/0x50 [ 11.052030] __kasan_kmalloc+0xb7/0xc0 [ 11.052624] __kmalloc_cache_noprof+0x189/0x420 [ 11.053025] kmalloc_big_oob_right+0xa9/0x370 [ 11.053387] kunit_try_run_case+0x1a5/0x480 [ 11.053946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.054692] kthread+0x337/0x6f0 [ 11.055286] ret_from_fork+0x41/0x80 [ 11.055664] ret_from_fork_asm+0x1a/0x30 [ 11.055816] [ 11.055889] The buggy address belongs to the object at ffff888102c1c000 [ 11.055889] which belongs to the cache kmalloc-8k of size 8192 [ 11.056636] The buggy address is located 0 bytes to the right of [ 11.056636] allocated 7936-byte region [ffff888102c1c000, ffff888102c1df00) [ 11.057892] [ 11.058065] The buggy address belongs to the physical page: [ 11.058637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c18 [ 11.058905] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.059138] flags: 0x200000000000040(head|node=0|zone=2) [ 11.059687] page_type: f5(slab) [ 11.059992] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.060919] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.061541] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.061792] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.062021] head: 0200000000000003 ffffea00040b0601 00000000ffffffff 00000000ffffffff [ 11.062268] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.062604] page dumped because: kasan: bad access detected [ 11.063084] [ 11.063238] Memory state around the buggy address: [ 11.063779] ffff888102c1de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.064497] ffff888102c1de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.064746] >ffff888102c1df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.064954] ^ [ 11.065069] ffff888102c1df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.065676] ffff888102c1e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.066309] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 10.982178] ================================================================== [ 10.983356] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.984145] Write of size 1 at addr ffff888102b31878 by task kunit_try_catch/162 [ 10.984471] [ 10.984561] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 10.984604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.984615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.984635] Call Trace: [ 10.984647] <TASK> [ 10.984662] dump_stack_lvl+0x73/0xb0 [ 10.984689] print_report+0xd1/0x650 [ 10.984711] ? __virt_addr_valid+0x1db/0x2d0 [ 10.984733] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.984757] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.984778] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.984803] kasan_report+0x141/0x180 [ 10.984825] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.984855] __asan_report_store1_noabort+0x1b/0x30 [ 10.984876] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.984901] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.984926] ? __schedule+0x10cc/0x2b30 [ 10.984950] ? __pfx_read_tsc+0x10/0x10 [ 10.984968] ? ktime_get_ts64+0x86/0x230 [ 10.984993] kunit_try_run_case+0x1a5/0x480 [ 10.985016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.985037] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.985060] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.985083] ? __kthread_parkme+0x82/0x180 [ 10.985104] ? preempt_count_sub+0x50/0x80 [ 10.985128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.985150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.985172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.985194] kthread+0x337/0x6f0 [ 10.985213] ? trace_preempt_on+0x20/0xc0 [ 10.985237] ? __pfx_kthread+0x10/0x10 [ 10.985258] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.985279] ? calculate_sigpending+0x7b/0xa0 [ 10.985301] ? __pfx_kthread+0x10/0x10 [ 10.985334] ret_from_fork+0x41/0x80 [ 10.985354] ? __pfx_kthread+0x10/0x10 [ 10.985375] ret_from_fork_asm+0x1a/0x30 [ 10.985406] </TASK> [ 10.985416] [ 10.998023] Allocated by task 162: [ 10.998173] kasan_save_stack+0x45/0x70 [ 10.998317] kasan_save_track+0x18/0x40 [ 10.998573] kasan_save_alloc_info+0x3b/0x50 [ 10.998789] __kasan_kmalloc+0xb7/0xc0 [ 10.998975] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.999346] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.999634] kunit_try_run_case+0x1a5/0x480 [ 10.999788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.000028] kthread+0x337/0x6f0 [ 11.000312] ret_from_fork+0x41/0x80 [ 11.000512] ret_from_fork_asm+0x1a/0x30 [ 11.000709] [ 11.001050] The buggy address belongs to the object at ffff888102b31800 [ 11.001050] which belongs to the cache kmalloc-128 of size 128 [ 11.001479] The buggy address is located 0 bytes to the right of [ 11.001479] allocated 120-byte region [ffff888102b31800, ffff888102b31878) [ 11.002250] [ 11.002977] The buggy address belongs to the physical page: [ 11.003241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 11.003819] flags: 0x200000000000000(node=0|zone=2) [ 11.004344] page_type: f5(slab) [ 11.004721] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.005486] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.006090] page dumped because: kasan: bad access detected [ 11.006733] [ 11.006930] Memory state around the buggy address: [ 11.007219] ffff888102b31700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.007467] ffff888102b31780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.008170] >ffff888102b31800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.009074] ^ [ 11.009359] ffff888102b31880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.010066] ffff888102b31900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.010357] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 10.940878] ================================================================== [ 10.942416] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.943733] Read of size 1 at addr ffff888102ba3000 by task kunit_try_catch/160 [ 10.944754] [ 10.945184] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 10.945459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.945479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.945509] Call Trace: [ 10.945522] <TASK> [ 10.945561] dump_stack_lvl+0x73/0xb0 [ 10.945593] print_report+0xd1/0x650 [ 10.945616] ? __virt_addr_valid+0x1db/0x2d0 [ 10.945639] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.945663] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.945686] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.945710] kasan_report+0x141/0x180 [ 10.945732] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.945761] __asan_report_load1_noabort+0x18/0x20 [ 10.945787] kmalloc_node_oob_right+0x369/0x3c0 [ 10.945811] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.945836] ? __schedule+0x10cc/0x2b30 [ 10.945860] ? __pfx_read_tsc+0x10/0x10 [ 10.945880] ? ktime_get_ts64+0x86/0x230 [ 10.945906] kunit_try_run_case+0x1a5/0x480 [ 10.945931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.945953] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.945976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.945999] ? __kthread_parkme+0x82/0x180 [ 10.946021] ? preempt_count_sub+0x50/0x80 [ 10.946046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.946069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.946091] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.946120] kthread+0x337/0x6f0 [ 10.946141] ? trace_preempt_on+0x20/0xc0 [ 10.946164] ? __pfx_kthread+0x10/0x10 [ 10.946186] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.946208] ? calculate_sigpending+0x7b/0xa0 [ 10.946229] ? __pfx_kthread+0x10/0x10 [ 10.946251] ret_from_fork+0x41/0x80 [ 10.946271] ? __pfx_kthread+0x10/0x10 [ 10.946293] ret_from_fork_asm+0x1a/0x30 [ 10.946365] </TASK> [ 10.946377] [ 10.961724] Allocated by task 160: [ 10.962032] kasan_save_stack+0x45/0x70 [ 10.962524] kasan_save_track+0x18/0x40 [ 10.962667] kasan_save_alloc_info+0x3b/0x50 [ 10.962812] __kasan_kmalloc+0xb7/0xc0 [ 10.962943] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.963108] kmalloc_node_oob_right+0xab/0x3c0 [ 10.963549] kunit_try_run_case+0x1a5/0x480 [ 10.964092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.964758] kthread+0x337/0x6f0 [ 10.965089] ret_from_fork+0x41/0x80 [ 10.965538] ret_from_fork_asm+0x1a/0x30 [ 10.965927] [ 10.966087] The buggy address belongs to the object at ffff888102ba2000 [ 10.966087] which belongs to the cache kmalloc-4k of size 4096 [ 10.967148] The buggy address is located 0 bytes to the right of [ 10.967148] allocated 4096-byte region [ffff888102ba2000, ffff888102ba3000) [ 10.967804] [ 10.967881] The buggy address belongs to the physical page: [ 10.968120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba0 [ 10.969170] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.969935] flags: 0x200000000000040(head|node=0|zone=2) [ 10.970630] page_type: f5(slab) [ 10.970970] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.971698] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.972258] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.973019] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.973361] head: 0200000000000003 ffffea00040ae801 00000000ffffffff 00000000ffffffff [ 10.974089] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.974824] page dumped because: kasan: bad access detected [ 10.974999] [ 10.975068] Memory state around the buggy address: [ 10.975260] ffff888102ba2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.975994] ffff888102ba2f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.976785] >ffff888102ba3000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.977551] ^ [ 10.978010] ffff888102ba3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.978677] ffff888102ba3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.978978] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 10.911348] ================================================================== [ 10.911792] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.912070] Read of size 1 at addr ffff8881023f827f by task kunit_try_catch/158 [ 10.912391] [ 10.912501] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 10.912542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.912554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.912573] Call Trace: [ 10.912584] <TASK> [ 10.912598] dump_stack_lvl+0x73/0xb0 [ 10.912624] print_report+0xd1/0x650 [ 10.912646] ? __virt_addr_valid+0x1db/0x2d0 [ 10.912667] ? kmalloc_oob_left+0x361/0x3c0 [ 10.912688] ? kasan_complete_mode_report_info+0x64/0x200 [ 10.912709] ? kmalloc_oob_left+0x361/0x3c0 [ 10.912730] kasan_report+0x141/0x180 [ 10.912753] ? kmalloc_oob_left+0x361/0x3c0 [ 10.912779] __asan_report_load1_noabort+0x18/0x20 [ 10.912799] kmalloc_oob_left+0x361/0x3c0 [ 10.912821] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.912843] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 10.912868] ? __pfx_read_tsc+0x10/0x10 [ 10.912887] ? ktime_get_ts64+0x86/0x230 [ 10.912912] kunit_try_run_case+0x1a5/0x480 [ 10.912934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.912955] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 10.912977] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.913000] ? __kthread_parkme+0x82/0x180 [ 10.913020] ? preempt_count_sub+0x50/0x80 [ 10.913044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.913066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.913087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.913109] kthread+0x337/0x6f0 [ 10.913129] ? trace_preempt_on+0x20/0xc0 [ 10.913152] ? __pfx_kthread+0x10/0x10 [ 10.913172] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.913193] ? calculate_sigpending+0x7b/0xa0 [ 10.913214] ? __pfx_kthread+0x10/0x10 [ 10.913246] ret_from_fork+0x41/0x80 [ 10.913266] ? __pfx_kthread+0x10/0x10 [ 10.913287] ret_from_fork_asm+0x1a/0x30 [ 10.913317] </TASK> [ 10.913338] [ 10.920097] Allocated by task 9: [ 10.920263] kasan_save_stack+0x45/0x70 [ 10.920425] kasan_save_track+0x18/0x40 [ 10.920617] kasan_save_alloc_info+0x3b/0x50 [ 10.920766] __kasan_kmalloc+0xb7/0xc0 [ 10.920896] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.921073] kvasprintf+0xc5/0x150 [ 10.921197] kasprintf+0xb6/0xf0 [ 10.921368] input_devnode+0x46/0x80 [ 10.921671] device_get_devnode+0x145/0x2a0 [ 10.921875] dev_uevent+0x391/0x690 [ 10.922047] kobject_uevent_env+0x50d/0xff0 [ 10.922249] kobject_uevent+0xf/0x20 [ 10.922476] device_add+0xe4c/0x1820 [ 10.922661] cdev_device_add+0xab/0x1c0 [ 10.922800] evdev_connect+0x356/0x480 [ 10.922935] input_attach_handler.isra.0+0x117/0x1f0 [ 10.923147] input_register_device+0x722/0xe10 [ 10.924131] psmouse_connect+0x6ed/0xe30 [ 10.924319] serio_driver_probe+0x7a/0xb0 [ 10.924474] really_probe+0x1d4/0x920 [ 10.924604] __driver_probe_device+0x18f/0x3e0 [ 10.924762] driver_probe_device+0x4f/0x130 [ 10.924905] __driver_attach+0x1eb/0x4b0 [ 10.925062] bus_for_each_dev+0x10f/0x1a0 [ 10.925291] driver_attach+0x41/0x60 [ 10.925477] serio_handle_event+0x254/0x940 [ 10.925685] process_one_work+0x5ee/0xf60 [ 10.925892] worker_thread+0x725/0x1320 [ 10.926049] kthread+0x337/0x6f0 [ 10.926229] ret_from_fork+0x41/0x80 [ 10.926403] ret_from_fork_asm+0x1a/0x30 [ 10.926541] [ 10.926636] Freed by task 9: [ 10.926803] kasan_save_stack+0x45/0x70 [ 10.926999] kasan_save_track+0x18/0x40 [ 10.927217] kasan_save_free_info+0x3f/0x60 [ 10.927431] __kasan_slab_free+0x56/0x70 [ 10.927584] kfree+0x222/0x3f0 [ 10.927740] dev_uevent+0x3df/0x690 [ 10.927879] kobject_uevent_env+0x50d/0xff0 [ 10.928040] kobject_uevent+0xf/0x20 [ 10.928250] device_add+0xe4c/0x1820 [ 10.928436] cdev_device_add+0xab/0x1c0 [ 10.928616] evdev_connect+0x356/0x480 [ 10.928793] input_attach_handler.isra.0+0x117/0x1f0 [ 10.929013] input_register_device+0x722/0xe10 [ 10.929207] psmouse_connect+0x6ed/0xe30 [ 10.929351] serio_driver_probe+0x7a/0xb0 [ 10.929489] really_probe+0x1d4/0x920 [ 10.929651] __driver_probe_device+0x18f/0x3e0 [ 10.929868] driver_probe_device+0x4f/0x130 [ 10.930067] __driver_attach+0x1eb/0x4b0 [ 10.930286] bus_for_each_dev+0x10f/0x1a0 [ 10.930472] driver_attach+0x41/0x60 [ 10.930599] serio_handle_event+0x254/0x940 [ 10.930758] process_one_work+0x5ee/0xf60 [ 10.930952] worker_thread+0x725/0x1320 [ 10.931169] kthread+0x337/0x6f0 [ 10.931344] ret_from_fork+0x41/0x80 [ 10.931525] ret_from_fork_asm+0x1a/0x30 [ 10.931706] [ 10.931800] The buggy address belongs to the object at ffff8881023f8260 [ 10.931800] which belongs to the cache kmalloc-16 of size 16 [ 10.932298] The buggy address is located 15 bytes to the right of [ 10.932298] allocated 16-byte region [ffff8881023f8260, ffff8881023f8270) [ 10.932768] [ 10.932866] The buggy address belongs to the physical page: [ 10.933092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023f8 [ 10.933446] flags: 0x200000000000000(node=0|zone=2) [ 10.933638] page_type: f5(slab) [ 10.933759] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.934074] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.934436] page dumped because: kasan: bad access detected [ 10.934687] [ 10.934773] Memory state around the buggy address: [ 10.934958] ffff8881023f8100: 00 06 fc fc 00 06 fc fc 00 00 fc fc 00 00 fc fc [ 10.935266] ffff8881023f8180: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 10.935505] >ffff8881023f8200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 10.935714] ^ [ 10.935930] ffff8881023f8280: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.936271] ffff8881023f8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.936587] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 10.841889] ================================================================== [ 10.842558] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.843240] Write of size 1 at addr ffff888102734b73 by task kunit_try_catch/156 [ 10.843691] [ 10.844629] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 10.844973] Tainted: [N]=TEST [ 10.845004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.845235] Call Trace: [ 10.845301] <TASK> [ 10.845465] dump_stack_lvl+0x73/0xb0 [ 10.845551] print_report+0xd1/0x650 [ 10.845579] ? __virt_addr_valid+0x1db/0x2d0 [ 10.845603] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.845624] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.845646] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.845668] kasan_report+0x141/0x180 [ 10.845690] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.845716] __asan_report_store1_noabort+0x1b/0x30 [ 10.845737] kmalloc_oob_right+0x6f0/0x7f0 [ 10.845759] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.845787] ? __schedule+0x10cc/0x2b30 [ 10.845811] ? __pfx_read_tsc+0x10/0x10 [ 10.845831] ? ktime_get_ts64+0x86/0x230 [ 10.845858] kunit_try_run_case+0x1a5/0x480 [ 10.845884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.845905] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.845928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.845951] ? __kthread_parkme+0x82/0x180 [ 10.845973] ? preempt_count_sub+0x50/0x80 [ 10.845999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.846021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.846043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.846065] kthread+0x337/0x6f0 [ 10.846085] ? trace_preempt_on+0x20/0xc0 [ 10.846110] ? __pfx_kthread+0x10/0x10 [ 10.846131] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.846152] ? calculate_sigpending+0x7b/0xa0 [ 10.846174] ? __pfx_kthread+0x10/0x10 [ 10.846195] ret_from_fork+0x41/0x80 [ 10.846215] ? __pfx_kthread+0x10/0x10 [ 10.846236] ret_from_fork_asm+0x1a/0x30 [ 10.846291] </TASK> [ 10.846366] [ 10.856087] Allocated by task 156: [ 10.856658] kasan_save_stack+0x45/0x70 [ 10.856892] kasan_save_track+0x18/0x40 [ 10.857075] kasan_save_alloc_info+0x3b/0x50 [ 10.857542] __kasan_kmalloc+0xb7/0xc0 [ 10.857800] __kmalloc_cache_noprof+0x189/0x420 [ 10.858112] kmalloc_oob_right+0xa9/0x7f0 [ 10.858303] kunit_try_run_case+0x1a5/0x480 [ 10.858654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.858949] kthread+0x337/0x6f0 [ 10.859105] ret_from_fork+0x41/0x80 [ 10.859442] ret_from_fork_asm+0x1a/0x30 [ 10.859813] [ 10.859969] The buggy address belongs to the object at ffff888102734b00 [ 10.859969] which belongs to the cache kmalloc-128 of size 128 [ 10.860871] The buggy address is located 0 bytes to the right of [ 10.860871] allocated 115-byte region [ffff888102734b00, ffff888102734b73) [ 10.861434] [ 10.861614] The buggy address belongs to the physical page: [ 10.862237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102734 [ 10.862975] flags: 0x200000000000000(node=0|zone=2) [ 10.863724] page_type: f5(slab) [ 10.864264] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.864786] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.865183] page dumped because: kasan: bad access detected [ 10.865547] [ 10.865638] Memory state around the buggy address: [ 10.866089] ffff888102734a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.866724] ffff888102734a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.867036] >ffff888102734b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.867310] ^ [ 10.867761] ffff888102734b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.868046] ffff888102734c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.868396] ================================================================== [ 10.888083] ================================================================== [ 10.888354] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.888665] Read of size 1 at addr ffff888102734b80 by task kunit_try_catch/156 [ 10.888997] [ 10.889104] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 10.889197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.889210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.889244] Call Trace: [ 10.889259] <TASK> [ 10.889273] dump_stack_lvl+0x73/0xb0 [ 10.889297] print_report+0xd1/0x650 [ 10.889318] ? __virt_addr_valid+0x1db/0x2d0 [ 10.889349] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.889369] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.889426] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.889449] kasan_report+0x141/0x180 [ 10.889471] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.889498] __asan_report_load1_noabort+0x18/0x20 [ 10.889518] kmalloc_oob_right+0x68a/0x7f0 [ 10.889540] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.889562] ? __schedule+0x10cc/0x2b30 [ 10.889585] ? __pfx_read_tsc+0x10/0x10 [ 10.889603] ? ktime_get_ts64+0x86/0x230 [ 10.889627] kunit_try_run_case+0x1a5/0x480 [ 10.889649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.889670] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.889692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.889715] ? __kthread_parkme+0x82/0x180 [ 10.889736] ? preempt_count_sub+0x50/0x80 [ 10.889760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.889791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.889812] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.889834] kthread+0x337/0x6f0 [ 10.889854] ? trace_preempt_on+0x20/0xc0 [ 10.889876] ? __pfx_kthread+0x10/0x10 [ 10.889898] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.889919] ? calculate_sigpending+0x7b/0xa0 [ 10.889940] ? __pfx_kthread+0x10/0x10 [ 10.889961] ret_from_fork+0x41/0x80 [ 10.889981] ? __pfx_kthread+0x10/0x10 [ 10.890002] ret_from_fork_asm+0x1a/0x30 [ 10.890032] </TASK> [ 10.890042] [ 10.897414] Allocated by task 156: [ 10.897588] kasan_save_stack+0x45/0x70 [ 10.897799] kasan_save_track+0x18/0x40 [ 10.897992] kasan_save_alloc_info+0x3b/0x50 [ 10.898196] __kasan_kmalloc+0xb7/0xc0 [ 10.898555] __kmalloc_cache_noprof+0x189/0x420 [ 10.898798] kmalloc_oob_right+0xa9/0x7f0 [ 10.898997] kunit_try_run_case+0x1a5/0x480 [ 10.899207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.899410] kthread+0x337/0x6f0 [ 10.899532] ret_from_fork+0x41/0x80 [ 10.899731] ret_from_fork_asm+0x1a/0x30 [ 10.899935] [ 10.900030] The buggy address belongs to the object at ffff888102734b00 [ 10.900030] which belongs to the cache kmalloc-128 of size 128 [ 10.900583] The buggy address is located 13 bytes to the right of [ 10.900583] allocated 115-byte region [ffff888102734b00, ffff888102734b73) [ 10.901069] [ 10.901209] The buggy address belongs to the physical page: [ 10.901571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102734 [ 10.901902] flags: 0x200000000000000(node=0|zone=2) [ 10.902086] page_type: f5(slab) [ 10.902295] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.902531] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.902751] page dumped because: kasan: bad access detected [ 10.902979] [ 10.903242] Memory state around the buggy address: [ 10.903601] ffff888102734a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.903919] ffff888102734b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.904362] >ffff888102734b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.904681] ^ [ 10.904852] ffff888102734c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.905142] ffff888102734c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.905373] ================================================================== [ 10.869393] ================================================================== [ 10.869670] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.870242] Write of size 1 at addr ffff888102734b78 by task kunit_try_catch/156 [ 10.870794] [ 10.870897] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 10.870939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.870950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.870968] Call Trace: [ 10.870978] <TASK> [ 10.870991] dump_stack_lvl+0x73/0xb0 [ 10.871015] print_report+0xd1/0x650 [ 10.871036] ? __virt_addr_valid+0x1db/0x2d0 [ 10.871057] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.871078] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.871099] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.871120] kasan_report+0x141/0x180 [ 10.871158] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.871184] __asan_report_store1_noabort+0x1b/0x30 [ 10.871204] kmalloc_oob_right+0x6bd/0x7f0 [ 10.871226] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.871248] ? __schedule+0x10cc/0x2b30 [ 10.871270] ? __pfx_read_tsc+0x10/0x10 [ 10.871289] ? ktime_get_ts64+0x86/0x230 [ 10.871313] kunit_try_run_case+0x1a5/0x480 [ 10.871348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.871369] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.871458] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.871486] ? __kthread_parkme+0x82/0x180 [ 10.871507] ? preempt_count_sub+0x50/0x80 [ 10.871531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.871554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.871576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.871598] kthread+0x337/0x6f0 [ 10.871617] ? trace_preempt_on+0x20/0xc0 [ 10.871640] ? __pfx_kthread+0x10/0x10 [ 10.871661] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.871682] ? calculate_sigpending+0x7b/0xa0 [ 10.871703] ? __pfx_kthread+0x10/0x10 [ 10.871724] ret_from_fork+0x41/0x80 [ 10.871744] ? __pfx_kthread+0x10/0x10 [ 10.871766] ret_from_fork_asm+0x1a/0x30 [ 10.871796] </TASK> [ 10.871806] [ 10.879165] Allocated by task 156: [ 10.879347] kasan_save_stack+0x45/0x70 [ 10.879633] kasan_save_track+0x18/0x40 [ 10.879818] kasan_save_alloc_info+0x3b/0x50 [ 10.879961] __kasan_kmalloc+0xb7/0xc0 [ 10.880092] __kmalloc_cache_noprof+0x189/0x420 [ 10.880245] kmalloc_oob_right+0xa9/0x7f0 [ 10.880452] kunit_try_run_case+0x1a5/0x480 [ 10.880658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.880904] kthread+0x337/0x6f0 [ 10.881074] ret_from_fork+0x41/0x80 [ 10.881369] ret_from_fork_asm+0x1a/0x30 [ 10.881506] [ 10.881574] The buggy address belongs to the object at ffff888102734b00 [ 10.881574] which belongs to the cache kmalloc-128 of size 128 [ 10.882641] The buggy address is located 5 bytes to the right of [ 10.882641] allocated 115-byte region [ffff888102734b00, ffff888102734b73) [ 10.883029] [ 10.883101] The buggy address belongs to the physical page: [ 10.883542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102734 [ 10.883898] flags: 0x200000000000000(node=0|zone=2) [ 10.884128] page_type: f5(slab) [ 10.884280] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.884634] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.884931] page dumped because: kasan: bad access detected [ 10.885100] [ 10.885168] Memory state around the buggy address: [ 10.885319] ffff888102734a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.885647] ffff888102734a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.885965] >ffff888102734b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.886221] ^ [ 10.886439] ffff888102734b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.887069] ffff888102734c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.887634] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 136.508021] WARNING: CPU: 0 PID: 2743 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 136.509096] Modules linked in: [ 136.509622] CPU: 0 UID: 0 PID: 2743 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 136.510685] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 136.510934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 136.511592] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 136.512109] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 136.513938] RSP: 0000:ffff888107317c78 EFLAGS: 00010286 [ 136.514474] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 136.515052] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8b0232b4 [ 136.515349] RBP: ffff888107317ca0 R08: 0000000000000000 R09: ffffed1020d29cc0 [ 136.516227] R10: ffff88810694e607 R11: 0000000000000000 R12: ffffffff8b0232a0 [ 136.516840] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107317d38 [ 136.517058] FS: 0000000000000000(0000) GS:ffff8881ce03b000(0000) knlGS:0000000000000000 [ 136.517905] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.518339] CR2: 00007ffff7ffe000 CR3: 000000013ecba000 CR4: 00000000000006f0 [ 136.518885] DR0: ffffffff8d088880 DR1: ffffffff8d088881 DR2: ffffffff8d088882 [ 136.519116] DR3: ffffffff8d088883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 136.519958] Call Trace: [ 136.520252] <TASK> [ 136.520384] drm_test_rect_calc_vscale+0x108/0x270 [ 136.520710] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 136.521198] ? __schedule+0x10cc/0x2b30 [ 136.521674] ? __pfx_read_tsc+0x10/0x10 [ 136.521897] ? ktime_get_ts64+0x86/0x230 [ 136.522044] kunit_try_run_case+0x1a5/0x480 [ 136.522416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.522926] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 136.523456] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 136.523866] ? __kthread_parkme+0x82/0x180 [ 136.524024] ? preempt_count_sub+0x50/0x80 [ 136.524346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.524835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 136.525359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 136.525944] kthread+0x337/0x6f0 [ 136.526083] ? trace_preempt_on+0x20/0xc0 [ 136.526232] ? __pfx_kthread+0x10/0x10 [ 136.526385] ? _raw_spin_unlock_irq+0x47/0x80 [ 136.526900] ? calculate_sigpending+0x7b/0xa0 [ 136.527371] ? __pfx_kthread+0x10/0x10 [ 136.527878] ret_from_fork+0x41/0x80 [ 136.528247] ? __pfx_kthread+0x10/0x10 [ 136.528704] ret_from_fork_asm+0x1a/0x30 [ 136.529102] </TASK> [ 136.529197] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 136.483228] WARNING: CPU: 1 PID: 2741 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 136.484564] Modules linked in: [ 136.484966] CPU: 1 UID: 0 PID: 2741 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 136.485670] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 136.486216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 136.487107] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 136.487304] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 136.488937] RSP: 0000:ffff88810351fc78 EFLAGS: 00010286 [ 136.489605] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 136.490510] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8b02327c [ 136.491237] RBP: ffff88810351fca0 R08: 0000000000000000 R09: ffffed1020e7f880 [ 136.491644] R10: ffff8881073fc407 R11: 0000000000000000 R12: ffffffff8b023268 [ 136.492484] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810351fd38 [ 136.492953] FS: 0000000000000000(0000) GS:ffff8881ce13b000(0000) knlGS:0000000000000000 [ 136.493268] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.493864] CR2: 00007ffff7ffe000 CR3: 000000013ecba000 CR4: 00000000000006f0 [ 136.494467] DR0: ffffffff8d088880 DR1: ffffffff8d088881 DR2: ffffffff8d088883 [ 136.495151] DR3: ffffffff8d088885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 136.495391] Call Trace: [ 136.495673] <TASK> [ 136.495896] drm_test_rect_calc_vscale+0x108/0x270 [ 136.496464] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 136.496876] ? __schedule+0x10cc/0x2b30 [ 136.497021] ? __pfx_read_tsc+0x10/0x10 [ 136.497276] ? ktime_get_ts64+0x86/0x230 [ 136.497677] kunit_try_run_case+0x1a5/0x480 [ 136.498366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.498734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 136.498900] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 136.499069] ? __kthread_parkme+0x82/0x180 [ 136.499476] ? preempt_count_sub+0x50/0x80 [ 136.499904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.500427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 136.500938] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 136.501534] kthread+0x337/0x6f0 [ 136.501797] ? trace_preempt_on+0x20/0xc0 [ 136.501948] ? __pfx_kthread+0x10/0x10 [ 136.502085] ? _raw_spin_unlock_irq+0x47/0x80 [ 136.502279] ? calculate_sigpending+0x7b/0xa0 [ 136.502708] ? __pfx_kthread+0x10/0x10 [ 136.503092] ret_from_fork+0x41/0x80 [ 136.503484] ? __pfx_kthread+0x10/0x10 [ 136.503866] ret_from_fork_asm+0x1a/0x30 [ 136.504246] </TASK> [ 136.504576] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 136.452865] WARNING: CPU: 1 PID: 2731 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 136.453306] Modules linked in: [ 136.453491] CPU: 1 UID: 0 PID: 2731 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 136.454140] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 136.454809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 136.455222] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 136.455721] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 136.456493] RSP: 0000:ffff88810351fc78 EFLAGS: 00010286 [ 136.456728] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 136.457005] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8b0232b8 [ 136.457367] RBP: ffff88810351fca0 R08: 0000000000000000 R09: ffffed1020d29c00 [ 136.457663] R10: ffff88810694e007 R11: 0000000000000000 R12: ffffffff8b0232a0 [ 136.458072] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810351fd38 [ 136.458340] FS: 0000000000000000(0000) GS:ffff8881ce13b000(0000) knlGS:0000000000000000 [ 136.458710] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.459082] CR2: 00007ffff7ffe000 CR3: 000000013ecba000 CR4: 00000000000006f0 [ 136.459498] DR0: ffffffff8d088880 DR1: ffffffff8d088881 DR2: ffffffff8d088883 [ 136.459783] DR3: ffffffff8d088885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 136.460043] Call Trace: [ 136.460179] <TASK> [ 136.460300] drm_test_rect_calc_hscale+0x108/0x270 [ 136.460575] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 136.460822] ? __schedule+0x10cc/0x2b30 [ 136.461017] ? __pfx_read_tsc+0x10/0x10 [ 136.461597] ? ktime_get_ts64+0x86/0x230 [ 136.461810] kunit_try_run_case+0x1a5/0x480 [ 136.462007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.462597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 136.463009] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 136.463554] ? __kthread_parkme+0x82/0x180 [ 136.463775] ? preempt_count_sub+0x50/0x80 [ 136.463971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.464382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 136.464876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 136.465337] kthread+0x337/0x6f0 [ 136.465760] ? trace_preempt_on+0x20/0xc0 [ 136.465962] ? __pfx_kthread+0x10/0x10 [ 136.466191] ? _raw_spin_unlock_irq+0x47/0x80 [ 136.466715] ? calculate_sigpending+0x7b/0xa0 [ 136.467114] ? __pfx_kthread+0x10/0x10 [ 136.467370] ret_from_fork+0x41/0x80 [ 136.467925] ? __pfx_kthread+0x10/0x10 [ 136.468241] ret_from_fork_asm+0x1a/0x30 [ 136.468760] </TASK> [ 136.468909] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 136.431213] WARNING: CPU: 1 PID: 2729 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 136.432205] Modules linked in: [ 136.432463] CPU: 1 UID: 0 PID: 2729 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 136.433331] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 136.433943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 136.434595] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 136.435003] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 136.436521] RSP: 0000:ffff888106f8fc78 EFLAGS: 00010286 [ 136.436799] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 136.437093] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8b023280 [ 136.437421] RBP: ffff888106f8fca0 R08: 0000000000000000 R09: ffffed1020eaadc0 [ 136.437714] R10: ffff888107556e07 R11: 0000000000000000 R12: ffffffff8b023268 [ 136.438009] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888106f8fd38 [ 136.438765] FS: 0000000000000000(0000) GS:ffff8881ce13b000(0000) knlGS:0000000000000000 [ 136.439257] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.439791] CR2: 00007ffff7ffe000 CR3: 000000013ecba000 CR4: 00000000000006f0 [ 136.440182] DR0: ffffffff8d088880 DR1: ffffffff8d088881 DR2: ffffffff8d088883 [ 136.440654] DR3: ffffffff8d088885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 136.441097] Call Trace: [ 136.441345] <TASK> [ 136.441783] drm_test_rect_calc_hscale+0x108/0x270 [ 136.442071] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 136.442631] ? __schedule+0x10cc/0x2b30 [ 136.443033] ? __pfx_read_tsc+0x10/0x10 [ 136.443363] ? ktime_get_ts64+0x86/0x230 [ 136.443782] kunit_try_run_case+0x1a5/0x480 [ 136.444116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.444343] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 136.444862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 136.445157] ? __kthread_parkme+0x82/0x180 [ 136.445573] ? preempt_count_sub+0x50/0x80 [ 136.445785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.445998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 136.446608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 136.447060] kthread+0x337/0x6f0 [ 136.447366] ? trace_preempt_on+0x20/0xc0 [ 136.447991] ? __pfx_kthread+0x10/0x10 [ 136.448267] ? _raw_spin_unlock_irq+0x47/0x80 [ 136.448685] ? calculate_sigpending+0x7b/0xa0 [ 136.448903] ? __pfx_kthread+0x10/0x10 [ 136.449085] ret_from_fork+0x41/0x80 [ 136.449259] ? __pfx_kthread+0x10/0x10 [ 136.449780] ret_from_fork_asm+0x1a/0x30 [ 136.450102] </TASK> [ 136.450523] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 135.732275] WARNING: CPU: 0 PID: 2527 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 135.732786] Modules linked in: [ 135.733052] CPU: 0 UID: 0 PID: 2527 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 135.734023] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 135.734414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 135.734976] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 135.735298] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 135.736498] RSP: 0000:ffff888104497b30 EFLAGS: 00010246 [ 135.736873] RAX: dffffc0000000000 RBX: ffff888104497c28 RCX: 0000000000000000 [ 135.737323] RDX: 1ffff11020892f8e RSI: ffff888104497c28 RDI: ffff888104497c70 [ 135.737890] RBP: ffff888104497b70 R08: ffff8881041f2000 R09: ffffffff8afc9f20 [ 135.738441] R10: 0000000000000003 R11: 00000000c626e43a R12: ffff8881041f2000 [ 135.738733] R13: ffff88810031fae8 R14: ffff888104497ba8 R15: 0000000000000000 [ 135.739043] FS: 0000000000000000(0000) GS:ffff8881ce03b000(0000) knlGS:0000000000000000 [ 135.739780] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.740135] CR2: 00007ffff7ffe000 CR3: 000000013ecba000 CR4: 00000000000006f0 [ 135.740639] DR0: ffffffff8d088880 DR1: ffffffff8d088881 DR2: ffffffff8d088882 [ 135.741017] DR3: ffffffff8d088883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 135.741568] Call Trace: [ 135.741752] <TASK> [ 135.742054] ? add_dr+0xc1/0x1d0 [ 135.742225] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 135.742429] ? add_dr+0x148/0x1d0 [ 135.742549] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 135.742780] ? __drmm_add_action+0x1a4/0x280 [ 135.743341] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 135.743952] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 135.744252] ? __drmm_add_action_or_reset+0x22/0x50 [ 135.744666] ? __schedule+0x10cc/0x2b30 [ 135.744892] ? __pfx_read_tsc+0x10/0x10 [ 135.745263] ? ktime_get_ts64+0x86/0x230 [ 135.745710] kunit_try_run_case+0x1a5/0x480 [ 135.745961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 135.746138] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 135.746679] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 135.746926] ? __kthread_parkme+0x82/0x180 [ 135.747199] ? preempt_count_sub+0x50/0x80 [ 135.747666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 135.747970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 135.748272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 135.748768] kthread+0x337/0x6f0 [ 135.749034] ? trace_preempt_on+0x20/0xc0 [ 135.749324] ? __pfx_kthread+0x10/0x10 [ 135.749751] ? _raw_spin_unlock_irq+0x47/0x80 [ 135.750019] ? calculate_sigpending+0x7b/0xa0 [ 135.750226] ? __pfx_kthread+0x10/0x10 [ 135.750501] ret_from_fork+0x41/0x80 [ 135.750845] ? __pfx_kthread+0x10/0x10 [ 135.751104] ret_from_fork_asm+0x1a/0x30 [ 135.751314] </TASK> [ 135.751434] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 135.694856] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 135.694984] WARNING: CPU: 0 PID: 2523 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 135.697250] Modules linked in: [ 135.697548] CPU: 0 UID: 0 PID: 2523 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 135.698382] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 135.698845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 135.699118] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 135.699315] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 1b 87 84 00 48 c7 c1 20 4f fc 8a 4c 89 fa 48 c7 c7 80 4f fc 8a 48 89 c6 e8 62 0f 82 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 135.700454] RSP: 0000:ffff888106d37b68 EFLAGS: 00010282 [ 135.700777] RAX: 0000000000000000 RBX: ffff888106d37c40 RCX: 1ffffffff17a4ab4 [ 135.701253] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 135.701826] RBP: ffff888106d37b90 R08: 0000000000000000 R09: fffffbfff17a4ab4 [ 135.702209] R10: 0000000000000003 R11: 00000000000372b0 R12: ffff888106d37c18 [ 135.702790] R13: ffff8881067c1800 R14: ffff8881041f0000 R15: ffff888106783400 [ 135.703091] FS: 0000000000000000(0000) GS:ffff8881ce03b000(0000) knlGS:0000000000000000 [ 135.703636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.704030] CR2: 00007ffff7ffe000 CR3: 000000013ecba000 CR4: 00000000000006f0 [ 135.704688] DR0: ffffffff8d088880 DR1: ffffffff8d088881 DR2: ffffffff8d088882 [ 135.705056] DR3: ffffffff8d088883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 135.705617] Call Trace: [ 135.705781] <TASK> [ 135.706112] drm_test_framebuffer_free+0x1ab/0x610 [ 135.706562] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 135.706812] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 135.707053] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 135.707677] ? __drmm_add_action_or_reset+0x22/0x50 [ 135.708111] ? __schedule+0x10cc/0x2b30 [ 135.708635] ? __pfx_read_tsc+0x10/0x10 [ 135.708857] ? ktime_get_ts64+0x86/0x230 [ 135.709051] kunit_try_run_case+0x1a5/0x480 [ 135.709688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 135.709973] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 135.710742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 135.711161] ? __kthread_parkme+0x82/0x180 [ 135.711667] ? preempt_count_sub+0x50/0x80 [ 135.711945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 135.712283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 135.712910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 135.713329] kthread+0x337/0x6f0 [ 135.713886] ? trace_preempt_on+0x20/0xc0 [ 135.714318] ? __pfx_kthread+0x10/0x10 [ 135.714810] ? _raw_spin_unlock_irq+0x47/0x80 [ 135.715023] ? calculate_sigpending+0x7b/0xa0 [ 135.715388] ? __pfx_kthread+0x10/0x10 [ 135.716099] ret_from_fork+0x41/0x80 [ 135.716360] ? __pfx_kthread+0x10/0x10 [ 135.716817] ret_from_fork_asm+0x1a/0x30 [ 135.717146] </TASK> [ 135.717293] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 134.501844] WARNING: CPU: 1 PID: 1961 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 134.502405] Modules linked in: [ 134.502927] CPU: 1 UID: 0 PID: 1961 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 134.503769] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 134.503952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 134.504612] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 134.505307] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 d8 [ 134.506886] RSP: 0000:ffff888104187c90 EFLAGS: 00010246 [ 134.507076] RAX: dffffc0000000000 RBX: ffff888106060000 RCX: 0000000000000000 [ 134.507299] RDX: 1ffff11020c0c032 RSI: ffffffff881eed08 RDI: ffff888106060190 [ 134.507664] RBP: ffff888104187ca0 R08: 1ffff11020063f69 R09: ffffed1020830f65 [ 134.507952] R10: 0000000000000003 R11: ffffffff8777ec38 R12: 0000000000000000 [ 134.508364] R13: ffff888104187d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 134.508773] FS: 0000000000000000(0000) GS:ffff8881ce13b000(0000) knlGS:0000000000000000 [ 134.509116] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.509380] CR2: 00007ffff7ffe000 CR3: 000000013ecba000 CR4: 00000000000006f0 [ 134.509777] DR0: ffffffff8d088880 DR1: ffffffff8d088881 DR2: ffffffff8d088883 [ 134.510100] DR3: ffffffff8d088885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 134.510470] Call Trace: [ 134.510637] <TASK> [ 134.510785] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 134.511145] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 134.511462] ? __schedule+0x10cc/0x2b30 [ 134.511872] ? __pfx_read_tsc+0x10/0x10 [ 134.512087] ? ktime_get_ts64+0x86/0x230 [ 134.512342] kunit_try_run_case+0x1a5/0x480 [ 134.512768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 134.512959] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 134.513216] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 134.513668] ? __kthread_parkme+0x82/0x180 [ 134.513952] ? preempt_count_sub+0x50/0x80 [ 134.514190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 134.514599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 134.514908] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 134.515249] kthread+0x337/0x6f0 [ 134.515437] ? trace_preempt_on+0x20/0xc0 [ 134.515690] ? __pfx_kthread+0x10/0x10 [ 134.515932] ? _raw_spin_unlock_irq+0x47/0x80 [ 134.516130] ? calculate_sigpending+0x7b/0xa0 [ 134.516369] ? __pfx_kthread+0x10/0x10 [ 134.516634] ret_from_fork+0x41/0x80 [ 134.516819] ? __pfx_kthread+0x10/0x10 [ 134.516986] ret_from_fork_asm+0x1a/0x30 [ 134.517240] </TASK> [ 134.517432] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 134.421450] WARNING: CPU: 1 PID: 1953 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 134.422760] Modules linked in: [ 134.422927] CPU: 1 UID: 0 PID: 1953 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 134.424137] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 134.425274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 134.426312] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 134.426712] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 d8 [ 134.427810] RSP: 0000:ffff888105a77c90 EFLAGS: 00010246 [ 134.428738] RAX: dffffc0000000000 RBX: ffff8881058d2000 RCX: 0000000000000000 [ 134.429557] RDX: 1ffff11020b1a432 RSI: ffffffff881eed08 RDI: ffff8881058d2190 [ 134.430256] RBP: ffff888105a77ca0 R08: 1ffff11020063f69 R09: ffffed1020b4ef65 [ 134.430966] R10: 0000000000000003 R11: ffffffff8777ec38 R12: 0000000000000000 [ 134.431657] R13: ffff888105a77d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 134.431920] FS: 0000000000000000(0000) GS:ffff8881ce13b000(0000) knlGS:0000000000000000 [ 134.432168] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.432465] CR2: 00007ffff7ffe000 CR3: 000000013ecba000 CR4: 00000000000006f0 [ 134.433153] DR0: ffffffff8d088880 DR1: ffffffff8d088881 DR2: ffffffff8d088883 [ 134.434026] DR3: ffffffff8d088885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 134.434955] Call Trace: [ 134.435364] <TASK> [ 134.435767] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 134.436508] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 134.436761] ? __schedule+0x10cc/0x2b30 [ 134.436912] ? __pfx_read_tsc+0x10/0x10 [ 134.437054] ? ktime_get_ts64+0x86/0x230 [ 134.437784] kunit_try_run_case+0x1a5/0x480 [ 134.438345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 134.438943] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 134.439604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 134.440215] ? __kthread_parkme+0x82/0x180 [ 134.440768] ? preempt_count_sub+0x50/0x80 [ 134.441301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 134.441646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 134.441852] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 134.442048] kthread+0x337/0x6f0 [ 134.442196] ? trace_preempt_on+0x20/0xc0 [ 134.442657] ? __pfx_kthread+0x10/0x10 [ 134.442807] ? _raw_spin_unlock_irq+0x47/0x80 [ 134.442959] ? calculate_sigpending+0x7b/0xa0 [ 134.443133] ? __pfx_kthread+0x10/0x10 [ 134.443336] ret_from_fork+0x41/0x80 [ 134.443582] ? __pfx_kthread+0x10/0x10 [ 134.443802] ret_from_fork_asm+0x1a/0x30 [ 134.443997] </TASK> [ 134.444145] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 105.060541] WARNING: CPU: 0 PID: 677 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 105.061227] Modules linked in: [ 105.061535] CPU: 0 UID: 0 PID: 677 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 105.062003] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 105.062284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 105.062767] RIP: 0010:intlog10+0x2a/0x40 [ 105.063016] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 105.063915] RSP: 0000:ffff888101e4fcb0 EFLAGS: 00010246 [ 105.064183] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff110203c9fb4 [ 105.064904] RDX: 1ffffffff15d2458 RSI: 1ffff110203c9fb3 RDI: 0000000000000000 [ 105.065212] RBP: ffff888101e4fd60 R08: 0000000000000000 R09: ffffed102086e880 [ 105.065539] R10: ffff888104374407 R11: 0000000000000000 R12: 1ffff110203c9f97 [ 105.065836] R13: ffffffff8ae922c0 R14: 0000000000000000 R15: ffff888101e4fd38 [ 105.066120] FS: 0000000000000000(0000) GS:ffff8881ce03b000(0000) knlGS:0000000000000000 [ 105.066496] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.066944] CR2: ffff88815a8f6fe0 CR3: 000000013ecba000 CR4: 00000000000006f0 [ 105.067288] DR0: ffffffff8d088880 DR1: ffffffff8d088881 DR2: ffffffff8d088882 [ 105.067596] DR3: ffffffff8d088883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 105.068089] Call Trace: [ 105.068214] <TASK> [ 105.068316] ? intlog10_test+0xf2/0x220 [ 105.068841] ? __pfx_intlog10_test+0x10/0x10 [ 105.069051] ? __schedule+0x10cc/0x2b30 [ 105.069321] ? __pfx_read_tsc+0x10/0x10 [ 105.069464] ? ktime_get_ts64+0x86/0x230 [ 105.069608] kunit_try_run_case+0x1a5/0x480 [ 105.070060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 105.070596] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 105.070786] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 105.071024] ? __kthread_parkme+0x82/0x180 [ 105.071357] ? preempt_count_sub+0x50/0x80 [ 105.071642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 105.071932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 105.072203] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 105.072757] kthread+0x337/0x6f0 [ 105.072948] ? trace_preempt_on+0x20/0xc0 [ 105.073109] ? __pfx_kthread+0x10/0x10 [ 105.073314] ? _raw_spin_unlock_irq+0x47/0x80 [ 105.073729] ? calculate_sigpending+0x7b/0xa0 [ 105.073977] ? __pfx_kthread+0x10/0x10 [ 105.074202] ret_from_fork+0x41/0x80 [ 105.074352] ? __pfx_kthread+0x10/0x10 [ 105.074655] ret_from_fork_asm+0x1a/0x30 [ 105.074877] </TASK> [ 105.074974] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 105.025110] WARNING: CPU: 0 PID: 659 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 105.025455] Modules linked in: [ 105.025754] CPU: 0 UID: 0 PID: 659 Comm: kunit_try_catch Tainted: G B D N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 105.026344] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 105.026742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 105.027132] RIP: 0010:intlog2+0xdf/0x110 [ 105.027654] Code: e9 8a c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 1f e5 56 ff 8b 45 e4 eb [ 105.028551] RSP: 0000:ffff88810400fcb0 EFLAGS: 00010246 [ 105.028824] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020801fb4 [ 105.029099] RDX: 1ffffffff15d24ac RSI: 1ffff11020801fb3 RDI: 0000000000000000 [ 105.029548] RBP: ffff88810400fd60 R08: 0000000000000000 R09: ffffed102086e160 [ 105.029833] R10: ffff888104370b07 R11: 0000000000000000 R12: 1ffff11020801f97 [ 105.030114] R13: ffffffff8ae92560 R14: 0000000000000000 R15: ffff88810400fd38 [ 105.030498] FS: 0000000000000000(0000) GS:ffff8881ce03b000(0000) knlGS:0000000000000000 [ 105.030845] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.031081] CR2: ffff88815a8f6fe0 CR3: 000000013ecba000 CR4: 00000000000006f0 [ 105.031459] DR0: ffffffff8d088880 DR1: ffffffff8d088881 DR2: ffffffff8d088882 [ 105.031929] DR3: ffffffff8d088883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 105.032239] Call Trace: [ 105.032397] <TASK> [ 105.032677] ? intlog2_test+0xf2/0x220 [ 105.032907] ? __pfx_intlog2_test+0x10/0x10 [ 105.033077] ? __schedule+0x10cc/0x2b30 [ 105.033279] ? __pfx_read_tsc+0x10/0x10 [ 105.033509] ? ktime_get_ts64+0x86/0x230 [ 105.033784] kunit_try_run_case+0x1a5/0x480 [ 105.034038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 105.034266] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 105.034628] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 105.034835] ? __kthread_parkme+0x82/0x180 [ 105.035054] ? preempt_count_sub+0x50/0x80 [ 105.035280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 105.035606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 105.035834] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 105.036080] kthread+0x337/0x6f0 [ 105.036214] ? trace_preempt_on+0x20/0xc0 [ 105.036678] ? __pfx_kthread+0x10/0x10 [ 105.036891] ? _raw_spin_unlock_irq+0x47/0x80 [ 105.037118] ? calculate_sigpending+0x7b/0xa0 [ 105.037324] ? __pfx_kthread+0x10/0x10 [ 105.037593] ret_from_fork+0x41/0x80 [ 105.037850] ? __pfx_kthread+0x10/0x10 [ 105.037997] ret_from_fork_asm+0x1a/0x30 [ 105.038154] </TASK> [ 105.038322] ---[ end trace 0000000000000000 ]---