Date
April 22, 2025, 11:09 a.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 18.128751] ================================================================== [ 18.130030] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 18.131224] Write of size 2 at addr ffff888103199977 by task kunit_try_catch/192 [ 18.133148] [ 18.133386] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.133786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.133816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.133879] Call Trace: [ 18.133925] <TASK> [ 18.133969] dump_stack_lvl+0x73/0xb0 [ 18.134055] print_report+0xd1/0x650 [ 18.134115] ? __virt_addr_valid+0x1db/0x2d0 [ 18.134171] ? kmalloc_oob_memset_2+0x166/0x330 [ 18.134311] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.134376] ? kmalloc_oob_memset_2+0x166/0x330 [ 18.134414] kasan_report+0x141/0x180 [ 18.134705] ? kmalloc_oob_memset_2+0x166/0x330 [ 18.134758] kasan_check_range+0x10c/0x1c0 [ 18.134795] __asan_memset+0x27/0x50 [ 18.134825] kmalloc_oob_memset_2+0x166/0x330 [ 18.134858] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 18.134891] ? __schedule+0x10cc/0x2b30 [ 18.134927] ? __pfx_read_tsc+0x10/0x10 [ 18.134956] ? ktime_get_ts64+0x86/0x230 [ 18.134994] kunit_try_run_case+0x1a5/0x480 [ 18.135029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.135060] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.135094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.135127] ? __kthread_parkme+0x82/0x180 [ 18.135157] ? preempt_count_sub+0x50/0x80 [ 18.135192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.135225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.135256] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.135287] kthread+0x337/0x6f0 [ 18.135317] ? trace_preempt_on+0x20/0xc0 [ 18.135351] ? __pfx_kthread+0x10/0x10 [ 18.135382] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.135413] ? calculate_sigpending+0x7b/0xa0 [ 18.135491] ? __pfx_kthread+0x10/0x10 [ 18.135583] ret_from_fork+0x41/0x80 [ 18.135615] ? __pfx_kthread+0x10/0x10 [ 18.135647] ret_from_fork_asm+0x1a/0x30 [ 18.135693] </TASK> [ 18.135707] [ 18.153850] Allocated by task 192: [ 18.154329] kasan_save_stack+0x45/0x70 [ 18.154979] kasan_save_track+0x18/0x40 [ 18.155400] kasan_save_alloc_info+0x3b/0x50 [ 18.156407] __kasan_kmalloc+0xb7/0xc0 [ 18.156853] __kmalloc_cache_noprof+0x189/0x420 [ 18.157643] kmalloc_oob_memset_2+0xac/0x330 [ 18.158162] kunit_try_run_case+0x1a5/0x480 [ 18.158635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.159079] kthread+0x337/0x6f0 [ 18.159476] ret_from_fork+0x41/0x80 [ 18.160075] ret_from_fork_asm+0x1a/0x30 [ 18.160584] [ 18.160860] The buggy address belongs to the object at ffff888103199900 [ 18.160860] which belongs to the cache kmalloc-128 of size 128 [ 18.162202] The buggy address is located 119 bytes inside of [ 18.162202] allocated 120-byte region [ffff888103199900, ffff888103199978) [ 18.163112] [ 18.163356] The buggy address belongs to the physical page: [ 18.164221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 18.164969] flags: 0x200000000000000(node=0|zone=2) [ 18.165641] page_type: f5(slab) [ 18.166060] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.166751] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.167413] page dumped because: kasan: bad access detected [ 18.168234] [ 18.168461] Memory state around the buggy address: [ 18.169258] ffff888103199800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.170102] ffff888103199880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.170938] >ffff888103199900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.171675] ^ [ 18.172232] ffff888103199980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.173327] ffff888103199a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.174288] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 18.075903] ================================================================== [ 18.077096] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 18.077793] Write of size 128 at addr ffff888103199800 by task kunit_try_catch/190 [ 18.078398] [ 18.079124] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.079250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.079288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.079346] Call Trace: [ 18.079385] <TASK> [ 18.079518] dump_stack_lvl+0x73/0xb0 [ 18.079608] print_report+0xd1/0x650 [ 18.079680] ? __virt_addr_valid+0x1db/0x2d0 [ 18.079754] ? kmalloc_oob_in_memset+0x15f/0x320 [ 18.079824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.079902] ? kmalloc_oob_in_memset+0x15f/0x320 [ 18.079979] kasan_report+0x141/0x180 [ 18.080017] ? kmalloc_oob_in_memset+0x15f/0x320 [ 18.080059] kasan_check_range+0x10c/0x1c0 [ 18.080094] __asan_memset+0x27/0x50 [ 18.080122] kmalloc_oob_in_memset+0x15f/0x320 [ 18.080155] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 18.080192] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 18.080229] kunit_try_run_case+0x1a5/0x480 [ 18.080266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.080297] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.080332] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.080366] ? __kthread_parkme+0x82/0x180 [ 18.080397] ? preempt_count_sub+0x50/0x80 [ 18.080459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.080561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.080606] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.080638] kthread+0x337/0x6f0 [ 18.080671] ? trace_preempt_on+0x20/0xc0 [ 18.080707] ? __pfx_kthread+0x10/0x10 [ 18.080739] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.080771] ? calculate_sigpending+0x7b/0xa0 [ 18.080802] ? __pfx_kthread+0x10/0x10 [ 18.080833] ret_from_fork+0x41/0x80 [ 18.080865] ? __pfx_kthread+0x10/0x10 [ 18.080895] ret_from_fork_asm+0x1a/0x30 [ 18.080939] </TASK> [ 18.080953] [ 18.103253] Allocated by task 190: [ 18.103765] kasan_save_stack+0x45/0x70 [ 18.104239] kasan_save_track+0x18/0x40 [ 18.104608] kasan_save_alloc_info+0x3b/0x50 [ 18.105026] __kasan_kmalloc+0xb7/0xc0 [ 18.105444] __kmalloc_cache_noprof+0x189/0x420 [ 18.106000] kmalloc_oob_in_memset+0xac/0x320 [ 18.106374] kunit_try_run_case+0x1a5/0x480 [ 18.107802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.108346] kthread+0x337/0x6f0 [ 18.108886] ret_from_fork+0x41/0x80 [ 18.109286] ret_from_fork_asm+0x1a/0x30 [ 18.109808] [ 18.110043] The buggy address belongs to the object at ffff888103199800 [ 18.110043] which belongs to the cache kmalloc-128 of size 128 [ 18.110990] The buggy address is located 0 bytes inside of [ 18.110990] allocated 120-byte region [ffff888103199800, ffff888103199878) [ 18.112538] [ 18.112760] The buggy address belongs to the physical page: [ 18.113398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 18.114157] flags: 0x200000000000000(node=0|zone=2) [ 18.114649] page_type: f5(slab) [ 18.115030] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.115929] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.116773] page dumped because: kasan: bad access detected [ 18.117244] [ 18.117601] Memory state around the buggy address: [ 18.118076] ffff888103199700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.119601] ffff888103199780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.120290] >ffff888103199800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.121004] ^ [ 18.121550] ffff888103199880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.122250] ffff888103199900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.122907] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 18.018002] ================================================================== [ 18.019193] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 18.020063] Read of size 16 at addr ffff8881021e3ec0 by task kunit_try_catch/188 [ 18.020868] [ 18.021142] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.021309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.021349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.021403] Call Trace: [ 18.021445] <TASK> [ 18.021522] dump_stack_lvl+0x73/0xb0 [ 18.022007] print_report+0xd1/0x650 [ 18.022045] ? __virt_addr_valid+0x1db/0x2d0 [ 18.022076] ? kmalloc_uaf_16+0x47b/0x4c0 [ 18.022105] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.022136] ? kmalloc_uaf_16+0x47b/0x4c0 [ 18.022165] kasan_report+0x141/0x180 [ 18.022195] ? kmalloc_uaf_16+0x47b/0x4c0 [ 18.022230] __asan_report_load16_noabort+0x18/0x20 [ 18.022257] kmalloc_uaf_16+0x47b/0x4c0 [ 18.022286] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 18.022315] ? __schedule+0x10cc/0x2b30 [ 18.022349] ? __pfx_read_tsc+0x10/0x10 [ 18.022376] ? ktime_get_ts64+0x86/0x230 [ 18.022412] kunit_try_run_case+0x1a5/0x480 [ 18.022444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.022473] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.022537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.022576] ? __kthread_parkme+0x82/0x180 [ 18.022607] ? preempt_count_sub+0x50/0x80 [ 18.022642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.022673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.022703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.022733] kthread+0x337/0x6f0 [ 18.022761] ? trace_preempt_on+0x20/0xc0 [ 18.022792] ? __pfx_kthread+0x10/0x10 [ 18.022835] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.022914] ? calculate_sigpending+0x7b/0xa0 [ 18.022982] ? __pfx_kthread+0x10/0x10 [ 18.023047] ret_from_fork+0x41/0x80 [ 18.023082] ? __pfx_kthread+0x10/0x10 [ 18.023112] ret_from_fork_asm+0x1a/0x30 [ 18.023156] </TASK> [ 18.023169] [ 18.041101] Allocated by task 188: [ 18.041705] kasan_save_stack+0x45/0x70 [ 18.042194] kasan_save_track+0x18/0x40 [ 18.043082] kasan_save_alloc_info+0x3b/0x50 [ 18.043589] __kasan_kmalloc+0xb7/0xc0 [ 18.043994] __kmalloc_cache_noprof+0x189/0x420 [ 18.044819] kmalloc_uaf_16+0x15b/0x4c0 [ 18.045220] kunit_try_run_case+0x1a5/0x480 [ 18.045821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.046782] kthread+0x337/0x6f0 [ 18.047213] ret_from_fork+0x41/0x80 [ 18.047758] ret_from_fork_asm+0x1a/0x30 [ 18.048167] [ 18.048413] Freed by task 188: [ 18.048989] kasan_save_stack+0x45/0x70 [ 18.049366] kasan_save_track+0x18/0x40 [ 18.049940] kasan_save_free_info+0x3f/0x60 [ 18.050407] __kasan_slab_free+0x56/0x70 [ 18.051242] kfree+0x222/0x3f0 [ 18.051484] kmalloc_uaf_16+0x1d6/0x4c0 [ 18.052127] kunit_try_run_case+0x1a5/0x480 [ 18.052833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.053381] kthread+0x337/0x6f0 [ 18.053989] ret_from_fork+0x41/0x80 [ 18.054356] ret_from_fork_asm+0x1a/0x30 [ 18.055284] [ 18.055538] The buggy address belongs to the object at ffff8881021e3ec0 [ 18.055538] which belongs to the cache kmalloc-16 of size 16 [ 18.056910] The buggy address is located 0 bytes inside of [ 18.056910] freed 16-byte region [ffff8881021e3ec0, ffff8881021e3ed0) [ 18.058020] [ 18.058309] The buggy address belongs to the physical page: [ 18.058877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1021e3 [ 18.060158] flags: 0x200000000000000(node=0|zone=2) [ 18.060696] page_type: f5(slab) [ 18.061212] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.062000] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.062747] page dumped because: kasan: bad access detected [ 18.063356] [ 18.063791] Memory state around the buggy address: [ 18.064438] ffff8881021e3d80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 18.065225] ffff8881021e3e00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 18.065998] >ffff8881021e3e80: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 18.066796] ^ [ 18.067267] ffff8881021e3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.068121] ffff8881021e3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.068583] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 17.969956] ================================================================== [ 17.970789] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 17.971435] Write of size 16 at addr ffff8881021e3e60 by task kunit_try_catch/186 [ 17.972125] [ 17.972308] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.972372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.972388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.972417] Call Trace: [ 17.972439] <TASK> [ 17.972890] dump_stack_lvl+0x73/0xb0 [ 17.973255] print_report+0xd1/0x650 [ 17.973301] ? __virt_addr_valid+0x1db/0x2d0 [ 17.973357] ? kmalloc_oob_16+0x452/0x4a0 [ 17.973389] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.973421] ? kmalloc_oob_16+0x452/0x4a0 [ 17.974032] kasan_report+0x141/0x180 [ 17.974076] ? kmalloc_oob_16+0x452/0x4a0 [ 17.974116] __asan_report_store16_noabort+0x1b/0x30 [ 17.974146] kmalloc_oob_16+0x452/0x4a0 [ 17.974176] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 17.974205] ? trace_hardirqs_on+0x37/0xe0 [ 17.974239] ? irqentry_exit+0x2a/0x60 [ 17.974265] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.974299] ? __pfx_read_tsc+0x10/0x10 [ 17.974327] ? ktime_get_ts64+0x86/0x230 [ 17.974363] kunit_try_run_case+0x1a5/0x480 [ 17.974396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.974426] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.974534] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.974602] ? __kthread_parkme+0x82/0x180 [ 17.974636] ? preempt_count_sub+0x50/0x80 [ 17.974671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.974703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.974734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.974764] kthread+0x337/0x6f0 [ 17.974793] ? trace_preempt_on+0x20/0xc0 [ 17.974823] ? __pfx_kthread+0x10/0x10 [ 17.974853] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.974885] ? calculate_sigpending+0x7b/0xa0 [ 17.974914] ? __pfx_kthread+0x10/0x10 [ 17.974944] ret_from_fork+0x41/0x80 [ 17.974972] ? __pfx_kthread+0x10/0x10 [ 17.975002] ret_from_fork_asm+0x1a/0x30 [ 17.975045] </TASK> [ 17.975059] [ 17.992069] Allocated by task 186: [ 17.992620] kasan_save_stack+0x45/0x70 [ 17.993047] kasan_save_track+0x18/0x40 [ 17.993890] kasan_save_alloc_info+0x3b/0x50 [ 17.994331] __kasan_kmalloc+0xb7/0xc0 [ 17.994994] __kmalloc_cache_noprof+0x189/0x420 [ 17.995474] kmalloc_oob_16+0xa8/0x4a0 [ 17.995880] kunit_try_run_case+0x1a5/0x480 [ 17.996702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.997234] kthread+0x337/0x6f0 [ 17.997886] ret_from_fork+0x41/0x80 [ 17.998371] ret_from_fork_asm+0x1a/0x30 [ 17.999041] [ 17.999242] The buggy address belongs to the object at ffff8881021e3e60 [ 17.999242] which belongs to the cache kmalloc-16 of size 16 [ 18.000368] The buggy address is located 0 bytes inside of [ 18.000368] allocated 13-byte region [ffff8881021e3e60, ffff8881021e3e6d) [ 18.001695] [ 18.001904] The buggy address belongs to the physical page: [ 18.002374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1021e3 [ 18.003627] flags: 0x200000000000000(node=0|zone=2) [ 18.004080] page_type: f5(slab) [ 18.004460] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.005287] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.006094] page dumped because: kasan: bad access detected [ 18.006540] [ 18.006758] Memory state around the buggy address: [ 18.007181] ffff8881021e3d00: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 18.007845] ffff8881021e3d80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 18.008410] >ffff8881021e3e00: fa fb fc fc 00 05 fc fc fa fb fc fc 00 05 fc fc [ 18.009261] ^ [ 18.009995] ffff8881021e3e80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.010721] ffff8881021e3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.011237] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 17.849087] ================================================================== [ 17.850560] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 17.851076] Read of size 1 at addr ffff888100341600 by task kunit_try_catch/184 [ 17.851340] [ 17.851489] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.851610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.851626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.851656] Call Trace: [ 17.851672] <TASK> [ 17.851693] dump_stack_lvl+0x73/0xb0 [ 17.851732] print_report+0xd1/0x650 [ 17.851763] ? __virt_addr_valid+0x1db/0x2d0 [ 17.851794] ? krealloc_uaf+0x1b8/0x5e0 [ 17.851825] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.851857] ? krealloc_uaf+0x1b8/0x5e0 [ 17.851889] kasan_report+0x141/0x180 [ 17.851920] ? krealloc_uaf+0x1b8/0x5e0 [ 17.851955] ? krealloc_uaf+0x1b8/0x5e0 [ 17.851987] __kasan_check_byte+0x3d/0x50 [ 17.852018] krealloc_noprof+0x3f/0x340 [ 17.852051] krealloc_uaf+0x1b8/0x5e0 [ 17.852082] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.852175] ? ktime_get_ts64+0xb8/0x230 [ 17.852216] ? __pfx_read_tsc+0x10/0x10 [ 17.852245] ? ktime_get_ts64+0x86/0x230 [ 17.852279] kunit_try_run_case+0x1a5/0x480 [ 17.852315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.852346] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.852381] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.852413] ? __kthread_parkme+0x82/0x180 [ 17.852444] ? preempt_count_sub+0x50/0x80 [ 17.852478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.852664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.853029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.853142] kthread+0x337/0x6f0 [ 17.853218] ? trace_preempt_on+0x20/0xc0 [ 17.853298] ? __pfx_kthread+0x10/0x10 [ 17.853358] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.853405] ? calculate_sigpending+0x7b/0xa0 [ 17.853676] ? __pfx_kthread+0x10/0x10 [ 17.853782] ret_from_fork+0x41/0x80 [ 17.853910] ? __pfx_kthread+0x10/0x10 [ 17.854014] ret_from_fork_asm+0x1a/0x30 [ 17.854105] </TASK> [ 17.854122] [ 17.875886] Allocated by task 184: [ 17.876206] kasan_save_stack+0x45/0x70 [ 17.877011] kasan_save_track+0x18/0x40 [ 17.877793] kasan_save_alloc_info+0x3b/0x50 [ 17.877973] __kasan_kmalloc+0xb7/0xc0 [ 17.878126] __kmalloc_cache_noprof+0x189/0x420 [ 17.878296] krealloc_uaf+0xbb/0x5e0 [ 17.878489] kunit_try_run_case+0x1a5/0x480 [ 17.879262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.880265] kthread+0x337/0x6f0 [ 17.880917] ret_from_fork+0x41/0x80 [ 17.881301] ret_from_fork_asm+0x1a/0x30 [ 17.881771] [ 17.882037] Freed by task 184: [ 17.882365] kasan_save_stack+0x45/0x70 [ 17.882963] kasan_save_track+0x18/0x40 [ 17.883292] kasan_save_free_info+0x3f/0x60 [ 17.883963] __kasan_slab_free+0x56/0x70 [ 17.884584] kfree+0x222/0x3f0 [ 17.884874] krealloc_uaf+0x13d/0x5e0 [ 17.885267] kunit_try_run_case+0x1a5/0x480 [ 17.885893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.886829] kthread+0x337/0x6f0 [ 17.887361] ret_from_fork+0x41/0x80 [ 17.887871] ret_from_fork_asm+0x1a/0x30 [ 17.888447] [ 17.888930] The buggy address belongs to the object at ffff888100341600 [ 17.888930] which belongs to the cache kmalloc-256 of size 256 [ 17.890890] The buggy address is located 0 bytes inside of [ 17.890890] freed 256-byte region [ffff888100341600, ffff888100341700) [ 17.892359] [ 17.892610] The buggy address belongs to the physical page: [ 17.893049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 17.893885] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.894414] flags: 0x200000000000040(head|node=0|zone=2) [ 17.895102] page_type: f5(slab) [ 17.895671] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.896347] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.897173] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.897939] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.898654] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 17.899386] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.900139] page dumped because: kasan: bad access detected [ 17.900765] [ 17.900972] Memory state around the buggy address: [ 17.901445] ffff888100341500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.902344] ffff888100341580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.903050] >ffff888100341600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.903807] ^ [ 17.904152] ffff888100341680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.904976] ffff888100341700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.905707] ================================================================== [ 17.907561] ================================================================== [ 17.908345] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 17.909218] Read of size 1 at addr ffff888100341600 by task kunit_try_catch/184 [ 17.910076] [ 17.910347] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.911225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.911246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.911275] Call Trace: [ 17.911292] <TASK> [ 17.911313] dump_stack_lvl+0x73/0xb0 [ 17.911352] print_report+0xd1/0x650 [ 17.911385] ? __virt_addr_valid+0x1db/0x2d0 [ 17.911417] ? krealloc_uaf+0x53c/0x5e0 [ 17.911544] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.911619] ? krealloc_uaf+0x53c/0x5e0 [ 17.911655] kasan_report+0x141/0x180 [ 17.911687] ? krealloc_uaf+0x53c/0x5e0 [ 17.911726] __asan_report_load1_noabort+0x18/0x20 [ 17.911754] krealloc_uaf+0x53c/0x5e0 [ 17.911788] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.911827] ? ktime_get_ts64+0xb8/0x230 [ 17.911862] ? __pfx_read_tsc+0x10/0x10 [ 17.911891] ? ktime_get_ts64+0x86/0x230 [ 17.911925] kunit_try_run_case+0x1a5/0x480 [ 17.911959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.911991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.912024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.912058] ? __kthread_parkme+0x82/0x180 [ 17.912088] ? preempt_count_sub+0x50/0x80 [ 17.912122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.912153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.912184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.912216] kthread+0x337/0x6f0 [ 17.912247] ? trace_preempt_on+0x20/0xc0 [ 17.912280] ? __pfx_kthread+0x10/0x10 [ 17.912311] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.912342] ? calculate_sigpending+0x7b/0xa0 [ 17.912371] ? __pfx_kthread+0x10/0x10 [ 17.912402] ret_from_fork+0x41/0x80 [ 17.912439] ? __pfx_kthread+0x10/0x10 [ 17.912547] ret_from_fork_asm+0x1a/0x30 [ 17.912637] </TASK> [ 17.912654] [ 17.929673] Allocated by task 184: [ 17.930522] kasan_save_stack+0x45/0x70 [ 17.931037] kasan_save_track+0x18/0x40 [ 17.931624] kasan_save_alloc_info+0x3b/0x50 [ 17.932051] __kasan_kmalloc+0xb7/0xc0 [ 17.932350] __kmalloc_cache_noprof+0x189/0x420 [ 17.932706] krealloc_uaf+0xbb/0x5e0 [ 17.933011] kunit_try_run_case+0x1a5/0x480 [ 17.933639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.934143] kthread+0x337/0x6f0 [ 17.934533] ret_from_fork+0x41/0x80 [ 17.934930] ret_from_fork_asm+0x1a/0x30 [ 17.935703] [ 17.935938] Freed by task 184: [ 17.936250] kasan_save_stack+0x45/0x70 [ 17.936708] kasan_save_track+0x18/0x40 [ 17.937139] kasan_save_free_info+0x3f/0x60 [ 17.937884] __kasan_slab_free+0x56/0x70 [ 17.939639] kfree+0x222/0x3f0 [ 17.939963] krealloc_uaf+0x13d/0x5e0 [ 17.940329] kunit_try_run_case+0x1a5/0x480 [ 17.941113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.941561] kthread+0x337/0x6f0 [ 17.942029] ret_from_fork+0x41/0x80 [ 17.942923] ret_from_fork_asm+0x1a/0x30 [ 17.943360] [ 17.943891] The buggy address belongs to the object at ffff888100341600 [ 17.943891] which belongs to the cache kmalloc-256 of size 256 [ 17.945752] The buggy address is located 0 bytes inside of [ 17.945752] freed 256-byte region [ffff888100341600, ffff888100341700) [ 17.946567] [ 17.947016] The buggy address belongs to the physical page: [ 17.947436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 17.948478] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.949144] flags: 0x200000000000040(head|node=0|zone=2) [ 17.949954] page_type: f5(slab) [ 17.950351] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.951431] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.952413] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.953338] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.954202] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 17.955361] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.956034] page dumped because: kasan: bad access detected [ 17.956880] [ 17.957035] Memory state around the buggy address: [ 17.957483] ffff888100341500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.958823] ffff888100341580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.959923] >ffff888100341600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.960495] ^ [ 17.961444] ffff888100341680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.962596] ffff888100341700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.963197] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 17.625423] ================================================================== [ 17.626429] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 17.626973] Write of size 1 at addr ffff888103b8e0c9 by task kunit_try_catch/182 [ 17.627467] [ 17.627940] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.628058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.628094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.628152] Call Trace: [ 17.628191] <TASK> [ 17.628238] dump_stack_lvl+0x73/0xb0 [ 17.628320] print_report+0xd1/0x650 [ 17.628394] ? __virt_addr_valid+0x1db/0x2d0 [ 17.628470] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.628599] ? kasan_addr_to_slab+0x11/0xa0 [ 17.628675] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.628887] kasan_report+0x141/0x180 [ 17.628970] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.629062] __asan_report_store1_noabort+0x1b/0x30 [ 17.629122] krealloc_less_oob_helper+0xd70/0x11d0 [ 17.629165] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.629202] ? finish_task_switch.isra.0+0x153/0x700 [ 17.629238] ? __switch_to+0x5d9/0xf60 [ 17.629268] ? dequeue_task_fair+0x166/0x4e0 [ 17.629304] ? __schedule+0x10cc/0x2b30 [ 17.629338] ? __pfx_read_tsc+0x10/0x10 [ 17.629372] krealloc_large_less_oob+0x1c/0x30 [ 17.629406] kunit_try_run_case+0x1a5/0x480 [ 17.629540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.629598] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.629636] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.629670] ? __kthread_parkme+0x82/0x180 [ 17.629701] ? preempt_count_sub+0x50/0x80 [ 17.629734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.629765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.629796] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.629826] kthread+0x337/0x6f0 [ 17.629855] ? trace_preempt_on+0x20/0xc0 [ 17.629888] ? __pfx_kthread+0x10/0x10 [ 17.629918] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.629947] ? calculate_sigpending+0x7b/0xa0 [ 17.629976] ? __pfx_kthread+0x10/0x10 [ 17.630007] ret_from_fork+0x41/0x80 [ 17.630036] ? __pfx_kthread+0x10/0x10 [ 17.630066] ret_from_fork_asm+0x1a/0x30 [ 17.630108] </TASK> [ 17.630124] [ 17.648078] The buggy address belongs to the physical page: [ 17.648793] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b8c [ 17.649394] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.650331] flags: 0x200000000000040(head|node=0|zone=2) [ 17.651016] page_type: f8(unknown) [ 17.651432] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.652106] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.652959] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.653766] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.654466] head: 0200000000000002 ffffea00040ee301 00000000ffffffff 00000000ffffffff [ 17.655234] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.656054] page dumped because: kasan: bad access detected [ 17.656672] [ 17.656908] Memory state around the buggy address: [ 17.657403] ffff888103b8df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.658193] ffff888103b8e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.658936] >ffff888103b8e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.659746] ^ [ 17.660218] ffff888103b8e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.660967] ffff888103b8e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.661609] ================================================================== [ 17.468866] ================================================================== [ 17.469416] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 17.470728] Write of size 1 at addr ffff888100aaeeeb by task kunit_try_catch/178 [ 17.471277] [ 17.471693] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.471819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.471857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.471911] Call Trace: [ 17.471963] <TASK> [ 17.472012] dump_stack_lvl+0x73/0xb0 [ 17.472088] print_report+0xd1/0x650 [ 17.472158] ? __virt_addr_valid+0x1db/0x2d0 [ 17.472227] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.472299] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.472369] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.472596] kasan_report+0x141/0x180 [ 17.472679] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.472767] __asan_report_store1_noabort+0x1b/0x30 [ 17.472841] krealloc_less_oob_helper+0xd47/0x11d0 [ 17.472928] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.473005] ? finish_task_switch.isra.0+0x153/0x700 [ 17.473073] ? __switch_to+0x5d9/0xf60 [ 17.473121] ? dequeue_task_fair+0x166/0x4e0 [ 17.473158] ? __schedule+0x10cc/0x2b30 [ 17.473192] ? __pfx_read_tsc+0x10/0x10 [ 17.473224] krealloc_less_oob+0x1c/0x30 [ 17.473255] kunit_try_run_case+0x1a5/0x480 [ 17.473287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.473316] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.473349] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.473381] ? __kthread_parkme+0x82/0x180 [ 17.473410] ? preempt_count_sub+0x50/0x80 [ 17.473441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.473473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.473547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.473954] kthread+0x337/0x6f0 [ 17.473988] ? trace_preempt_on+0x20/0xc0 [ 17.474021] ? __pfx_kthread+0x10/0x10 [ 17.474051] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.474082] ? calculate_sigpending+0x7b/0xa0 [ 17.474111] ? __pfx_kthread+0x10/0x10 [ 17.474141] ret_from_fork+0x41/0x80 [ 17.474169] ? __pfx_kthread+0x10/0x10 [ 17.474198] ret_from_fork_asm+0x1a/0x30 [ 17.474239] </TASK> [ 17.474252] [ 17.495958] Allocated by task 178: [ 17.496262] kasan_save_stack+0x45/0x70 [ 17.497031] kasan_save_track+0x18/0x40 [ 17.497414] kasan_save_alloc_info+0x3b/0x50 [ 17.498512] __kasan_krealloc+0x190/0x1f0 [ 17.499234] krealloc_noprof+0xf3/0x340 [ 17.499878] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.500252] krealloc_less_oob+0x1c/0x30 [ 17.501196] kunit_try_run_case+0x1a5/0x480 [ 17.501484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.501985] kthread+0x337/0x6f0 [ 17.502666] ret_from_fork+0x41/0x80 [ 17.503985] ret_from_fork_asm+0x1a/0x30 [ 17.504329] [ 17.504565] The buggy address belongs to the object at ffff888100aaee00 [ 17.504565] which belongs to the cache kmalloc-256 of size 256 [ 17.506557] The buggy address is located 34 bytes to the right of [ 17.506557] allocated 201-byte region [ffff888100aaee00, ffff888100aaeec9) [ 17.507404] [ 17.508084] The buggy address belongs to the physical page: [ 17.508865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 17.509662] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.510235] flags: 0x200000000000040(head|node=0|zone=2) [ 17.510723] page_type: f5(slab) [ 17.511113] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.512731] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.513593] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.514390] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.515032] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 17.515709] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.516415] page dumped because: kasan: bad access detected [ 17.517206] [ 17.517417] Memory state around the buggy address: [ 17.517925] ffff888100aaed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.518547] ffff888100aaee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.519334] >ffff888100aaee80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.520047] ^ [ 17.520570] ffff888100aaef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.521861] ffff888100aaef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.522333] ================================================================== [ 17.417954] ================================================================== [ 17.418743] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 17.419867] Write of size 1 at addr ffff888100aaeeea by task kunit_try_catch/178 [ 17.420441] [ 17.420752] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.420873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.420908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.420962] Call Trace: [ 17.421001] <TASK> [ 17.421049] dump_stack_lvl+0x73/0xb0 [ 17.421129] print_report+0xd1/0x650 [ 17.421206] ? __virt_addr_valid+0x1db/0x2d0 [ 17.421275] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.421346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.421417] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.421494] kasan_report+0x141/0x180 [ 17.421596] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.421920] __asan_report_store1_noabort+0x1b/0x30 [ 17.421963] krealloc_less_oob_helper+0xe90/0x11d0 [ 17.422002] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.422037] ? finish_task_switch.isra.0+0x153/0x700 [ 17.422068] ? __switch_to+0x5d9/0xf60 [ 17.422094] ? dequeue_task_fair+0x166/0x4e0 [ 17.422127] ? __schedule+0x10cc/0x2b30 [ 17.422158] ? __pfx_read_tsc+0x10/0x10 [ 17.422189] krealloc_less_oob+0x1c/0x30 [ 17.422219] kunit_try_run_case+0x1a5/0x480 [ 17.422250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.422279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.422311] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.422342] ? __kthread_parkme+0x82/0x180 [ 17.422371] ? preempt_count_sub+0x50/0x80 [ 17.422403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.422444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.422585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.422625] kthread+0x337/0x6f0 [ 17.422657] ? trace_preempt_on+0x20/0xc0 [ 17.422690] ? __pfx_kthread+0x10/0x10 [ 17.422720] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.422751] ? calculate_sigpending+0x7b/0xa0 [ 17.422780] ? __pfx_kthread+0x10/0x10 [ 17.422810] ret_from_fork+0x41/0x80 [ 17.422839] ? __pfx_kthread+0x10/0x10 [ 17.422869] ret_from_fork_asm+0x1a/0x30 [ 17.422912] </TASK> [ 17.422924] [ 17.443348] Allocated by task 178: [ 17.443920] kasan_save_stack+0x45/0x70 [ 17.444398] kasan_save_track+0x18/0x40 [ 17.444964] kasan_save_alloc_info+0x3b/0x50 [ 17.445376] __kasan_krealloc+0x190/0x1f0 [ 17.446340] krealloc_noprof+0xf3/0x340 [ 17.446741] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.447316] krealloc_less_oob+0x1c/0x30 [ 17.447845] kunit_try_run_case+0x1a5/0x480 [ 17.448331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.449092] kthread+0x337/0x6f0 [ 17.449902] ret_from_fork+0x41/0x80 [ 17.450353] ret_from_fork_asm+0x1a/0x30 [ 17.450727] [ 17.450968] The buggy address belongs to the object at ffff888100aaee00 [ 17.450968] which belongs to the cache kmalloc-256 of size 256 [ 17.452019] The buggy address is located 33 bytes to the right of [ 17.452019] allocated 201-byte region [ffff888100aaee00, ffff888100aaeec9) [ 17.453154] [ 17.454520] The buggy address belongs to the physical page: [ 17.455067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 17.455689] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.456283] flags: 0x200000000000040(head|node=0|zone=2) [ 17.456870] page_type: f5(slab) [ 17.457240] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.458396] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.459124] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.459860] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.460457] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 17.461218] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.462254] page dumped because: kasan: bad access detected [ 17.462708] [ 17.463085] Memory state around the buggy address: [ 17.463656] ffff888100aaed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.464217] ffff888100aaee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.464985] >ffff888100aaee80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.466098] ^ [ 17.466633] ffff888100aaef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.467175] ffff888100aaef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.467749] ================================================================== [ 17.706241] ================================================================== [ 17.707425] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 17.708813] Write of size 1 at addr ffff888103b8e0da by task kunit_try_catch/182 [ 17.709325] [ 17.710626] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.710711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.710734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.710764] Call Trace: [ 17.710790] <TASK> [ 17.710824] dump_stack_lvl+0x73/0xb0 [ 17.710863] print_report+0xd1/0x650 [ 17.710915] ? __virt_addr_valid+0x1db/0x2d0 [ 17.710947] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.711000] ? kasan_addr_to_slab+0x11/0xa0 [ 17.711034] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.711087] kasan_report+0x141/0x180 [ 17.711122] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.711178] __asan_report_store1_noabort+0x1b/0x30 [ 17.711211] krealloc_less_oob_helper+0xec6/0x11d0 [ 17.711265] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.711305] ? finish_task_switch.isra.0+0x153/0x700 [ 17.711357] ? __switch_to+0x5d9/0xf60 [ 17.711387] ? dequeue_task_fair+0x166/0x4e0 [ 17.711439] ? __schedule+0x10cc/0x2b30 [ 17.711556] ? __pfx_read_tsc+0x10/0x10 [ 17.711609] krealloc_large_less_oob+0x1c/0x30 [ 17.711646] kunit_try_run_case+0x1a5/0x480 [ 17.711681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.711712] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.711745] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.711777] ? __kthread_parkme+0x82/0x180 [ 17.711806] ? preempt_count_sub+0x50/0x80 [ 17.711838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.711869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.711899] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.711929] kthread+0x337/0x6f0 [ 17.711957] ? trace_preempt_on+0x20/0xc0 [ 17.711989] ? __pfx_kthread+0x10/0x10 [ 17.712019] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.712050] ? calculate_sigpending+0x7b/0xa0 [ 17.712080] ? __pfx_kthread+0x10/0x10 [ 17.712111] ret_from_fork+0x41/0x80 [ 17.712139] ? __pfx_kthread+0x10/0x10 [ 17.712169] ret_from_fork_asm+0x1a/0x30 [ 17.712213] </TASK> [ 17.712226] [ 17.734724] The buggy address belongs to the physical page: [ 17.735954] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b8c [ 17.737267] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.738015] flags: 0x200000000000040(head|node=0|zone=2) [ 17.738958] page_type: f8(unknown) [ 17.739301] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.740361] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.741354] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.742253] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.743735] head: 0200000000000002 ffffea00040ee301 00000000ffffffff 00000000ffffffff [ 17.744381] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.745270] page dumped because: kasan: bad access detected [ 17.745922] [ 17.746101] Memory state around the buggy address: [ 17.746752] ffff888103b8df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.747258] ffff888103b8e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.748206] >ffff888103b8e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.748910] ^ [ 17.750548] ffff888103b8e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.751109] ffff888103b8e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.751723] ================================================================== [ 17.662864] ================================================================== [ 17.663318] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 17.664414] Write of size 1 at addr ffff888103b8e0d0 by task kunit_try_catch/182 [ 17.665976] [ 17.666291] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.666586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.666631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.666687] Call Trace: [ 17.666726] <TASK> [ 17.666795] dump_stack_lvl+0x73/0xb0 [ 17.666907] print_report+0xd1/0x650 [ 17.666977] ? __virt_addr_valid+0x1db/0x2d0 [ 17.667010] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.667044] ? kasan_addr_to_slab+0x11/0xa0 [ 17.667073] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.667122] kasan_report+0x141/0x180 [ 17.667189] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.667234] __asan_report_store1_noabort+0x1b/0x30 [ 17.667263] krealloc_less_oob_helper+0xe23/0x11d0 [ 17.667301] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.667335] ? finish_task_switch.isra.0+0x153/0x700 [ 17.667367] ? __switch_to+0x5d9/0xf60 [ 17.667393] ? dequeue_task_fair+0x166/0x4e0 [ 17.667448] ? __schedule+0x10cc/0x2b30 [ 17.667574] ? __pfx_read_tsc+0x10/0x10 [ 17.667614] krealloc_large_less_oob+0x1c/0x30 [ 17.667650] kunit_try_run_case+0x1a5/0x480 [ 17.667686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.667716] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.667750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.667784] ? __kthread_parkme+0x82/0x180 [ 17.667815] ? preempt_count_sub+0x50/0x80 [ 17.667847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.667880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.667911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.667943] kthread+0x337/0x6f0 [ 17.667972] ? trace_preempt_on+0x20/0xc0 [ 17.668006] ? __pfx_kthread+0x10/0x10 [ 17.668037] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.668068] ? calculate_sigpending+0x7b/0xa0 [ 17.668098] ? __pfx_kthread+0x10/0x10 [ 17.668130] ret_from_fork+0x41/0x80 [ 17.668160] ? __pfx_kthread+0x10/0x10 [ 17.668190] ret_from_fork_asm+0x1a/0x30 [ 17.668231] </TASK> [ 17.668244] [ 17.688408] The buggy address belongs to the physical page: [ 17.689883] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b8c [ 17.690668] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.691268] flags: 0x200000000000040(head|node=0|zone=2) [ 17.692146] page_type: f8(unknown) [ 17.692831] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.693653] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.694397] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.695307] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.696407] head: 0200000000000002 ffffea00040ee301 00000000ffffffff 00000000ffffffff [ 17.697280] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.698112] page dumped because: kasan: bad access detected [ 17.698571] [ 17.699092] Memory state around the buggy address: [ 17.699440] ffff888103b8df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.700189] ffff888103b8e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.701766] >ffff888103b8e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.702285] ^ [ 17.703573] ffff888103b8e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.704156] ffff888103b8e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.704986] ================================================================== [ 17.752073] ================================================================== [ 17.752316] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 17.753544] Write of size 1 at addr ffff888103b8e0ea by task kunit_try_catch/182 [ 17.755200] [ 17.755764] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.755944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.755982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.756038] Call Trace: [ 17.756109] <TASK> [ 17.756189] dump_stack_lvl+0x73/0xb0 [ 17.756261] print_report+0xd1/0x650 [ 17.756297] ? __virt_addr_valid+0x1db/0x2d0 [ 17.756327] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.756362] ? kasan_addr_to_slab+0x11/0xa0 [ 17.756391] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.756427] kasan_report+0x141/0x180 [ 17.756529] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.756607] __asan_report_store1_noabort+0x1b/0x30 [ 17.756640] krealloc_less_oob_helper+0xe90/0x11d0 [ 17.756679] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.756714] ? finish_task_switch.isra.0+0x153/0x700 [ 17.756745] ? __switch_to+0x5d9/0xf60 [ 17.756771] ? dequeue_task_fair+0x166/0x4e0 [ 17.756807] ? __schedule+0x10cc/0x2b30 [ 17.756840] ? __pfx_read_tsc+0x10/0x10 [ 17.756872] krealloc_large_less_oob+0x1c/0x30 [ 17.756906] kunit_try_run_case+0x1a5/0x480 [ 17.756940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.756971] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.757004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.757039] ? __kthread_parkme+0x82/0x180 [ 17.757071] ? preempt_count_sub+0x50/0x80 [ 17.757105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.757138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.757170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.757202] kthread+0x337/0x6f0 [ 17.757232] ? trace_preempt_on+0x20/0xc0 [ 17.757264] ? __pfx_kthread+0x10/0x10 [ 17.757295] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.757326] ? calculate_sigpending+0x7b/0xa0 [ 17.757357] ? __pfx_kthread+0x10/0x10 [ 17.757390] ret_from_fork+0x41/0x80 [ 17.757419] ? __pfx_kthread+0x10/0x10 [ 17.757548] ret_from_fork_asm+0x1a/0x30 [ 17.757628] </TASK> [ 17.757643] [ 17.779221] The buggy address belongs to the physical page: [ 17.780021] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b8c [ 17.780878] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.782384] flags: 0x200000000000040(head|node=0|zone=2) [ 17.782898] page_type: f8(unknown) [ 17.783712] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.784250] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.785033] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.786058] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.787307] head: 0200000000000002 ffffea00040ee301 00000000ffffffff 00000000ffffffff [ 17.788282] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.789347] page dumped because: kasan: bad access detected [ 17.790085] [ 17.790313] Memory state around the buggy address: [ 17.791128] ffff888103b8df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.791368] ffff888103b8e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.792125] >ffff888103b8e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.793620] ^ [ 17.794369] ffff888103b8e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.795767] ffff888103b8e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.796038] ================================================================== [ 17.315827] ================================================================== [ 17.316366] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 17.317897] Write of size 1 at addr ffff888100aaeed0 by task kunit_try_catch/178 [ 17.318299] [ 17.318409] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.318541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.318578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.318630] Call Trace: [ 17.318667] <TASK> [ 17.318710] dump_stack_lvl+0x73/0xb0 [ 17.318788] print_report+0xd1/0x650 [ 17.318862] ? __virt_addr_valid+0x1db/0x2d0 [ 17.318927] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.319004] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.319078] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.319155] kasan_report+0x141/0x180 [ 17.319231] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.319332] __asan_report_store1_noabort+0x1b/0x30 [ 17.319406] krealloc_less_oob_helper+0xe23/0x11d0 [ 17.319514] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.319595] ? finish_task_switch.isra.0+0x153/0x700 [ 17.319665] ? __switch_to+0x5d9/0xf60 [ 17.319728] ? dequeue_task_fair+0x166/0x4e0 [ 17.319805] ? __schedule+0x10cc/0x2b30 [ 17.319878] ? __pfx_read_tsc+0x10/0x10 [ 17.319948] krealloc_less_oob+0x1c/0x30 [ 17.320020] kunit_try_run_case+0x1a5/0x480 [ 17.320097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.320168] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.320242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.320317] ? __kthread_parkme+0x82/0x180 [ 17.320389] ? preempt_count_sub+0x50/0x80 [ 17.320466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.320618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.320695] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.320768] kthread+0x337/0x6f0 [ 17.320840] ? trace_preempt_on+0x20/0xc0 [ 17.320963] ? __pfx_kthread+0x10/0x10 [ 17.321037] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.321105] ? calculate_sigpending+0x7b/0xa0 [ 17.321174] ? __pfx_kthread+0x10/0x10 [ 17.321242] ret_from_fork+0x41/0x80 [ 17.321308] ? __pfx_kthread+0x10/0x10 [ 17.321363] ret_from_fork_asm+0x1a/0x30 [ 17.321409] </TASK> [ 17.321422] [ 17.340298] Allocated by task 178: [ 17.340924] kasan_save_stack+0x45/0x70 [ 17.341400] kasan_save_track+0x18/0x40 [ 17.342271] kasan_save_alloc_info+0x3b/0x50 [ 17.342898] __kasan_krealloc+0x190/0x1f0 [ 17.343261] krealloc_noprof+0xf3/0x340 [ 17.343803] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.344340] krealloc_less_oob+0x1c/0x30 [ 17.344902] kunit_try_run_case+0x1a5/0x480 [ 17.345410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.346358] kthread+0x337/0x6f0 [ 17.346859] ret_from_fork+0x41/0x80 [ 17.347214] ret_from_fork_asm+0x1a/0x30 [ 17.347853] [ 17.348128] The buggy address belongs to the object at ffff888100aaee00 [ 17.348128] which belongs to the cache kmalloc-256 of size 256 [ 17.349192] The buggy address is located 7 bytes to the right of [ 17.349192] allocated 201-byte region [ffff888100aaee00, ffff888100aaeec9) [ 17.350697] [ 17.350936] The buggy address belongs to the physical page: [ 17.351595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 17.352207] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.352904] flags: 0x200000000000040(head|node=0|zone=2) [ 17.354006] page_type: f5(slab) [ 17.354374] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.355003] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.355718] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.356598] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.357220] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 17.358246] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.358945] page dumped because: kasan: bad access detected [ 17.359567] [ 17.359802] Memory state around the buggy address: [ 17.360307] ffff888100aaed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.361046] ffff888100aaee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.362073] >ffff888100aaee80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.362612] ^ [ 17.363295] ffff888100aaef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.364085] ffff888100aaef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.364736] ================================================================== [ 17.796401] ================================================================== [ 17.797953] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 17.799191] Write of size 1 at addr ffff888103b8e0eb by task kunit_try_catch/182 [ 17.800212] [ 17.800399] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.800684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.800724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.800781] Call Trace: [ 17.800870] <TASK> [ 17.800926] dump_stack_lvl+0x73/0xb0 [ 17.801005] print_report+0xd1/0x650 [ 17.801078] ? __virt_addr_valid+0x1db/0x2d0 [ 17.801149] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.801224] ? kasan_addr_to_slab+0x11/0xa0 [ 17.801333] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.801418] kasan_report+0x141/0x180 [ 17.801531] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.801638] __asan_report_store1_noabort+0x1b/0x30 [ 17.801705] krealloc_less_oob_helper+0xd47/0x11d0 [ 17.801792] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.801871] ? finish_task_switch.isra.0+0x153/0x700 [ 17.801941] ? __switch_to+0x5d9/0xf60 [ 17.802011] ? dequeue_task_fair+0x166/0x4e0 [ 17.802095] ? __schedule+0x10cc/0x2b30 [ 17.802169] ? __pfx_read_tsc+0x10/0x10 [ 17.802242] krealloc_large_less_oob+0x1c/0x30 [ 17.802315] kunit_try_run_case+0x1a5/0x480 [ 17.802456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.802545] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.802616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.802684] ? __kthread_parkme+0x82/0x180 [ 17.802747] ? preempt_count_sub+0x50/0x80 [ 17.802813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.802876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.802942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.803002] kthread+0x337/0x6f0 [ 17.803035] ? trace_preempt_on+0x20/0xc0 [ 17.803069] ? __pfx_kthread+0x10/0x10 [ 17.803100] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.803132] ? calculate_sigpending+0x7b/0xa0 [ 17.803161] ? __pfx_kthread+0x10/0x10 [ 17.803193] ret_from_fork+0x41/0x80 [ 17.803223] ? __pfx_kthread+0x10/0x10 [ 17.803254] ret_from_fork_asm+0x1a/0x30 [ 17.803297] </TASK> [ 17.803311] [ 17.823153] The buggy address belongs to the physical page: [ 17.826576] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b8c [ 17.828172] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.829221] flags: 0x200000000000040(head|node=0|zone=2) [ 17.830091] page_type: f8(unknown) [ 17.830356] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.831413] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.832404] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.834084] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.835017] head: 0200000000000002 ffffea00040ee301 00000000ffffffff 00000000ffffffff [ 17.836726] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.837266] page dumped because: kasan: bad access detected [ 17.837682] [ 17.837998] Memory state around the buggy address: [ 17.838445] ffff888103b8df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.839341] ffff888103b8e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.840276] >ffff888103b8e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.840946] ^ [ 17.842371] ffff888103b8e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.842990] ffff888103b8e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.843462] ================================================================== [ 17.253785] ================================================================== [ 17.254760] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 17.255790] Write of size 1 at addr ffff888100aaeec9 by task kunit_try_catch/178 [ 17.257212] [ 17.257403] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.258030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.258052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.258083] Call Trace: [ 17.258101] <TASK> [ 17.258124] dump_stack_lvl+0x73/0xb0 [ 17.258163] print_report+0xd1/0x650 [ 17.258196] ? __virt_addr_valid+0x1db/0x2d0 [ 17.258227] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.258260] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.258291] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.258324] kasan_report+0x141/0x180 [ 17.258353] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.258393] __asan_report_store1_noabort+0x1b/0x30 [ 17.258420] krealloc_less_oob_helper+0xd70/0x11d0 [ 17.258559] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.258620] ? finish_task_switch.isra.0+0x153/0x700 [ 17.258657] ? __switch_to+0x5d9/0xf60 [ 17.258685] ? dequeue_task_fair+0x166/0x4e0 [ 17.258719] ? __schedule+0x10cc/0x2b30 [ 17.258751] ? __pfx_read_tsc+0x10/0x10 [ 17.258782] krealloc_less_oob+0x1c/0x30 [ 17.258812] kunit_try_run_case+0x1a5/0x480 [ 17.258846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.258875] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.258907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.258938] ? __kthread_parkme+0x82/0x180 [ 17.258967] ? preempt_count_sub+0x50/0x80 [ 17.259002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.259033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.259062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.259092] kthread+0x337/0x6f0 [ 17.259120] ? trace_preempt_on+0x20/0xc0 [ 17.259152] ? __pfx_kthread+0x10/0x10 [ 17.259182] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.259210] ? calculate_sigpending+0x7b/0xa0 [ 17.259239] ? __pfx_kthread+0x10/0x10 [ 17.259269] ret_from_fork+0x41/0x80 [ 17.259296] ? __pfx_kthread+0x10/0x10 [ 17.259325] ret_from_fork_asm+0x1a/0x30 [ 17.259368] </TASK> [ 17.259381] [ 17.281292] Allocated by task 178: [ 17.281633] kasan_save_stack+0x45/0x70 [ 17.282478] kasan_save_track+0x18/0x40 [ 17.283646] kasan_save_alloc_info+0x3b/0x50 [ 17.284256] __kasan_krealloc+0x190/0x1f0 [ 17.285565] krealloc_noprof+0xf3/0x340 [ 17.286810] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.287731] krealloc_less_oob+0x1c/0x30 [ 17.288048] kunit_try_run_case+0x1a5/0x480 [ 17.288323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.290621] kthread+0x337/0x6f0 [ 17.291803] ret_from_fork+0x41/0x80 [ 17.293139] ret_from_fork_asm+0x1a/0x30 [ 17.294410] [ 17.294936] The buggy address belongs to the object at ffff888100aaee00 [ 17.294936] which belongs to the cache kmalloc-256 of size 256 [ 17.296292] The buggy address is located 0 bytes to the right of [ 17.296292] allocated 201-byte region [ffff888100aaee00, ffff888100aaeec9) [ 17.297952] [ 17.298176] The buggy address belongs to the physical page: [ 17.298748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 17.299635] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.300219] flags: 0x200000000000040(head|node=0|zone=2) [ 17.300827] page_type: f5(slab) [ 17.301138] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.302009] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.303120] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.304260] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.305361] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 17.307065] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.307683] page dumped because: kasan: bad access detected [ 17.308335] [ 17.308882] Memory state around the buggy address: [ 17.309467] ffff888100aaed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.310310] ffff888100aaee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.311280] >ffff888100aaee80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.312038] ^ [ 17.312933] ffff888100aaef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.313409] ffff888100aaef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.314221] ================================================================== [ 17.366416] ================================================================== [ 17.367028] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 17.368587] Write of size 1 at addr ffff888100aaeeda by task kunit_try_catch/178 [ 17.369810] [ 17.370273] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.370945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.370968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.370999] Call Trace: [ 17.371022] <TASK> [ 17.371043] dump_stack_lvl+0x73/0xb0 [ 17.371085] print_report+0xd1/0x650 [ 17.371117] ? __virt_addr_valid+0x1db/0x2d0 [ 17.371146] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.371179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.371209] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.371242] kasan_report+0x141/0x180 [ 17.371273] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.371314] __asan_report_store1_noabort+0x1b/0x30 [ 17.371341] krealloc_less_oob_helper+0xec6/0x11d0 [ 17.371377] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.371410] ? finish_task_switch.isra.0+0x153/0x700 [ 17.371450] ? __switch_to+0x5d9/0xf60 [ 17.371596] ? dequeue_task_fair+0x166/0x4e0 [ 17.371653] ? __schedule+0x10cc/0x2b30 [ 17.371687] ? __pfx_read_tsc+0x10/0x10 [ 17.371719] krealloc_less_oob+0x1c/0x30 [ 17.371750] kunit_try_run_case+0x1a5/0x480 [ 17.371784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.371814] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.371845] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.371877] ? __kthread_parkme+0x82/0x180 [ 17.371906] ? preempt_count_sub+0x50/0x80 [ 17.371938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.371969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.371998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.372027] kthread+0x337/0x6f0 [ 17.372054] ? trace_preempt_on+0x20/0xc0 [ 17.372085] ? __pfx_kthread+0x10/0x10 [ 17.372114] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.372144] ? calculate_sigpending+0x7b/0xa0 [ 17.372171] ? __pfx_kthread+0x10/0x10 [ 17.372201] ret_from_fork+0x41/0x80 [ 17.372229] ? __pfx_kthread+0x10/0x10 [ 17.372258] ret_from_fork_asm+0x1a/0x30 [ 17.372298] </TASK> [ 17.372311] [ 17.391196] Allocated by task 178: [ 17.391726] kasan_save_stack+0x45/0x70 [ 17.392240] kasan_save_track+0x18/0x40 [ 17.393027] kasan_save_alloc_info+0x3b/0x50 [ 17.393526] __kasan_krealloc+0x190/0x1f0 [ 17.394107] krealloc_noprof+0xf3/0x340 [ 17.394732] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.395288] krealloc_less_oob+0x1c/0x30 [ 17.395886] kunit_try_run_case+0x1a5/0x480 [ 17.396356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.397290] kthread+0x337/0x6f0 [ 17.397713] ret_from_fork+0x41/0x80 [ 17.398287] ret_from_fork_asm+0x1a/0x30 [ 17.398949] [ 17.399201] The buggy address belongs to the object at ffff888100aaee00 [ 17.399201] which belongs to the cache kmalloc-256 of size 256 [ 17.400288] The buggy address is located 17 bytes to the right of [ 17.400288] allocated 201-byte region [ffff888100aaee00, ffff888100aaeec9) [ 17.401194] [ 17.401426] The buggy address belongs to the physical page: [ 17.402329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 17.403590] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.404194] flags: 0x200000000000040(head|node=0|zone=2) [ 17.404811] page_type: f5(slab) [ 17.405179] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.406295] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.406967] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.407591] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.408163] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 17.408883] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.409807] page dumped because: kasan: bad access detected [ 17.410263] [ 17.410605] Memory state around the buggy address: [ 17.411065] ffff888100aaed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.411771] ffff888100aaee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.412333] >ffff888100aaee80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.412880] ^ [ 17.413401] ffff888100aaef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.414420] ffff888100aaef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.415176] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 17.575771] ================================================================== [ 17.577051] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 17.577768] Write of size 1 at addr ffff8881028a20f0 by task kunit_try_catch/180 [ 17.578372] [ 17.579766] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.579893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.579929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.579982] Call Trace: [ 17.580024] <TASK> [ 17.580070] dump_stack_lvl+0x73/0xb0 [ 17.580566] print_report+0xd1/0x650 [ 17.580626] ? __virt_addr_valid+0x1db/0x2d0 [ 17.580658] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.580692] ? kasan_addr_to_slab+0x11/0xa0 [ 17.580720] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.580754] kasan_report+0x141/0x180 [ 17.580784] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.580824] __asan_report_store1_noabort+0x1b/0x30 [ 17.580851] krealloc_more_oob_helper+0x7eb/0x930 [ 17.580882] ? __schedule+0x10cc/0x2b30 [ 17.580917] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.580953] ? finish_task_switch.isra.0+0x153/0x700 [ 17.580984] ? __switch_to+0x5d9/0xf60 [ 17.581011] ? dequeue_task_fair+0x166/0x4e0 [ 17.581043] ? __schedule+0x10cc/0x2b30 [ 17.581075] ? __pfx_read_tsc+0x10/0x10 [ 17.581106] krealloc_large_more_oob+0x1c/0x30 [ 17.581140] kunit_try_run_case+0x1a5/0x480 [ 17.581172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.581200] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.581233] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.581266] ? __kthread_parkme+0x82/0x180 [ 17.581295] ? preempt_count_sub+0x50/0x80 [ 17.581327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.581358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.581387] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.581417] kthread+0x337/0x6f0 [ 17.581553] ? trace_preempt_on+0x20/0xc0 [ 17.581635] ? __pfx_kthread+0x10/0x10 [ 17.581669] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.581700] ? calculate_sigpending+0x7b/0xa0 [ 17.581729] ? __pfx_kthread+0x10/0x10 [ 17.581759] ret_from_fork+0x41/0x80 [ 17.581788] ? __pfx_kthread+0x10/0x10 [ 17.581817] ret_from_fork_asm+0x1a/0x30 [ 17.581858] </TASK> [ 17.581871] [ 17.602911] The buggy address belongs to the physical page: [ 17.603475] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a0 [ 17.604444] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.605351] flags: 0x200000000000040(head|node=0|zone=2) [ 17.605926] page_type: f8(unknown) [ 17.606228] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.607079] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.607993] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.608848] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.609687] head: 0200000000000002 ffffea00040a2801 00000000ffffffff 00000000ffffffff [ 17.610427] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.610986] page dumped because: kasan: bad access detected [ 17.611675] [ 17.612137] Memory state around the buggy address: [ 17.612841] ffff8881028a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.613698] ffff8881028a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.614759] >ffff8881028a2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.615337] ^ [ 17.616339] ffff8881028a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.617099] ffff8881028a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.618283] ================================================================== [ 17.530186] ================================================================== [ 17.531081] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 17.532527] Write of size 1 at addr ffff8881028a20eb by task kunit_try_catch/180 [ 17.533297] [ 17.533788] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.533908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.533944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.534004] Call Trace: [ 17.534046] <TASK> [ 17.534099] dump_stack_lvl+0x73/0xb0 [ 17.534185] print_report+0xd1/0x650 [ 17.534265] ? __virt_addr_valid+0x1db/0x2d0 [ 17.534321] ? krealloc_more_oob_helper+0x821/0x930 [ 17.534365] ? kasan_addr_to_slab+0x11/0xa0 [ 17.534410] ? krealloc_more_oob_helper+0x821/0x930 [ 17.534490] kasan_report+0x141/0x180 [ 17.534589] ? krealloc_more_oob_helper+0x821/0x930 [ 17.534637] __asan_report_store1_noabort+0x1b/0x30 [ 17.534667] krealloc_more_oob_helper+0x821/0x930 [ 17.534700] ? __schedule+0x10cc/0x2b30 [ 17.534735] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.534769] ? finish_task_switch.isra.0+0x153/0x700 [ 17.534801] ? __switch_to+0x5d9/0xf60 [ 17.534830] ? dequeue_task_fair+0x166/0x4e0 [ 17.534864] ? __schedule+0x10cc/0x2b30 [ 17.534894] ? __pfx_read_tsc+0x10/0x10 [ 17.534925] krealloc_large_more_oob+0x1c/0x30 [ 17.534957] kunit_try_run_case+0x1a5/0x480 [ 17.534991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.535021] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.535052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.535084] ? __kthread_parkme+0x82/0x180 [ 17.535114] ? preempt_count_sub+0x50/0x80 [ 17.535146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.535176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.535206] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.535236] kthread+0x337/0x6f0 [ 17.535264] ? trace_preempt_on+0x20/0xc0 [ 17.535297] ? __pfx_kthread+0x10/0x10 [ 17.535327] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.535356] ? calculate_sigpending+0x7b/0xa0 [ 17.535385] ? __pfx_kthread+0x10/0x10 [ 17.535416] ret_from_fork+0x41/0x80 [ 17.535460] ? __pfx_kthread+0x10/0x10 [ 17.535555] ret_from_fork_asm+0x1a/0x30 [ 17.535642] </TASK> [ 17.535660] [ 17.558081] The buggy address belongs to the physical page: [ 17.560731] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a0 [ 17.561887] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.562775] flags: 0x200000000000040(head|node=0|zone=2) [ 17.563280] page_type: f8(unknown) [ 17.563870] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.564877] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.565474] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.566326] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.567246] head: 0200000000000002 ffffea00040a2801 00000000ffffffff 00000000ffffffff [ 17.567951] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.568733] page dumped because: kasan: bad access detected [ 17.569217] [ 17.569438] Memory state around the buggy address: [ 17.570025] ffff8881028a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.570695] ffff8881028a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.571421] >ffff8881028a2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.572158] ^ [ 17.572972] ffff8881028a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.573608] ffff8881028a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.574447] ================================================================== [ 17.130404] ================================================================== [ 17.131398] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 17.132160] Write of size 1 at addr ffff8881003414eb by task kunit_try_catch/176 [ 17.133259] [ 17.134052] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.134181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.134223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.134281] Call Trace: [ 17.134321] <TASK> [ 17.134370] dump_stack_lvl+0x73/0xb0 [ 17.134600] print_report+0xd1/0x650 [ 17.134685] ? __virt_addr_valid+0x1db/0x2d0 [ 17.134761] ? krealloc_more_oob_helper+0x821/0x930 [ 17.134834] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.134874] ? krealloc_more_oob_helper+0x821/0x930 [ 17.134909] kasan_report+0x141/0x180 [ 17.134941] ? krealloc_more_oob_helper+0x821/0x930 [ 17.134981] __asan_report_store1_noabort+0x1b/0x30 [ 17.135009] krealloc_more_oob_helper+0x821/0x930 [ 17.135041] ? __schedule+0x10cc/0x2b30 [ 17.135074] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.135108] ? finish_task_switch.isra.0+0x153/0x700 [ 17.135141] ? __switch_to+0x5d9/0xf60 [ 17.135170] ? dequeue_task_fair+0x166/0x4e0 [ 17.135204] ? __schedule+0x10cc/0x2b30 [ 17.135235] ? __pfx_read_tsc+0x10/0x10 [ 17.135266] krealloc_more_oob+0x1c/0x30 [ 17.135297] kunit_try_run_case+0x1a5/0x480 [ 17.135332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.135362] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.135394] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.135427] ? __kthread_parkme+0x82/0x180 [ 17.135596] ? preempt_count_sub+0x50/0x80 [ 17.135675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.135741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.135811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.135885] kthread+0x337/0x6f0 [ 17.135932] ? trace_preempt_on+0x20/0xc0 [ 17.135967] ? __pfx_kthread+0x10/0x10 [ 17.136000] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.136032] ? calculate_sigpending+0x7b/0xa0 [ 17.136061] ? __pfx_kthread+0x10/0x10 [ 17.136093] ret_from_fork+0x41/0x80 [ 17.136122] ? __pfx_kthread+0x10/0x10 [ 17.136153] ret_from_fork_asm+0x1a/0x30 [ 17.136197] </TASK> [ 17.136212] [ 17.161400] Allocated by task 176: [ 17.162748] kasan_save_stack+0x45/0x70 [ 17.163162] kasan_save_track+0x18/0x40 [ 17.163864] kasan_save_alloc_info+0x3b/0x50 [ 17.164212] __kasan_krealloc+0x190/0x1f0 [ 17.164841] krealloc_noprof+0xf3/0x340 [ 17.165337] krealloc_more_oob_helper+0x1a9/0x930 [ 17.166302] krealloc_more_oob+0x1c/0x30 [ 17.166777] kunit_try_run_case+0x1a5/0x480 [ 17.167252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.168561] kthread+0x337/0x6f0 [ 17.169430] ret_from_fork+0x41/0x80 [ 17.169918] ret_from_fork_asm+0x1a/0x30 [ 17.170311] [ 17.170989] The buggy address belongs to the object at ffff888100341400 [ 17.170989] which belongs to the cache kmalloc-256 of size 256 [ 17.172127] The buggy address is located 0 bytes to the right of [ 17.172127] allocated 235-byte region [ffff888100341400, ffff8881003414eb) [ 17.173488] [ 17.173982] The buggy address belongs to the physical page: [ 17.174450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 17.175657] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.176425] flags: 0x200000000000040(head|node=0|zone=2) [ 17.177242] page_type: f5(slab) [ 17.177942] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.179061] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.179787] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.180453] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.181389] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 17.182356] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.183194] page dumped because: kasan: bad access detected [ 17.183969] [ 17.184143] Memory state around the buggy address: [ 17.184864] ffff888100341380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.185451] ffff888100341400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.186616] >ffff888100341480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.187302] ^ [ 17.188126] ffff888100341500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.189079] ffff888100341580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.189882] ================================================================== [ 17.191198] ================================================================== [ 17.192286] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 17.193942] Write of size 1 at addr ffff8881003414f0 by task kunit_try_catch/176 [ 17.194704] [ 17.194869] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.194934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.194950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.194980] Call Trace: [ 17.194996] <TASK> [ 17.195019] dump_stack_lvl+0x73/0xb0 [ 17.195059] print_report+0xd1/0x650 [ 17.195092] ? __virt_addr_valid+0x1db/0x2d0 [ 17.195123] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.195158] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.195189] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.195224] kasan_report+0x141/0x180 [ 17.195255] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.195296] __asan_report_store1_noabort+0x1b/0x30 [ 17.195325] krealloc_more_oob_helper+0x7eb/0x930 [ 17.195358] ? __schedule+0x10cc/0x2b30 [ 17.195393] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.195429] ? finish_task_switch.isra.0+0x153/0x700 [ 17.195517] ? __switch_to+0x5d9/0xf60 [ 17.195590] ? dequeue_task_fair+0x166/0x4e0 [ 17.195676] ? __schedule+0x10cc/0x2b30 [ 17.195752] ? __pfx_read_tsc+0x10/0x10 [ 17.195906] krealloc_more_oob+0x1c/0x30 [ 17.195983] kunit_try_run_case+0x1a5/0x480 [ 17.196063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.196132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.196206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.196254] ? __kthread_parkme+0x82/0x180 [ 17.196287] ? preempt_count_sub+0x50/0x80 [ 17.196321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.196354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.196386] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.196418] kthread+0x337/0x6f0 [ 17.196528] ? trace_preempt_on+0x20/0xc0 [ 17.196596] ? __pfx_kthread+0x10/0x10 [ 17.196629] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.196661] ? calculate_sigpending+0x7b/0xa0 [ 17.196692] ? __pfx_kthread+0x10/0x10 [ 17.196724] ret_from_fork+0x41/0x80 [ 17.196755] ? __pfx_kthread+0x10/0x10 [ 17.196786] ret_from_fork_asm+0x1a/0x30 [ 17.196830] </TASK> [ 17.196843] [ 17.219437] Allocated by task 176: [ 17.220186] kasan_save_stack+0x45/0x70 [ 17.220980] kasan_save_track+0x18/0x40 [ 17.221284] kasan_save_alloc_info+0x3b/0x50 [ 17.221944] __kasan_krealloc+0x190/0x1f0 [ 17.222651] krealloc_noprof+0xf3/0x340 [ 17.223084] krealloc_more_oob_helper+0x1a9/0x930 [ 17.223553] krealloc_more_oob+0x1c/0x30 [ 17.224449] kunit_try_run_case+0x1a5/0x480 [ 17.224992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.225804] kthread+0x337/0x6f0 [ 17.226392] ret_from_fork+0x41/0x80 [ 17.227018] ret_from_fork_asm+0x1a/0x30 [ 17.227789] [ 17.227970] The buggy address belongs to the object at ffff888100341400 [ 17.227970] which belongs to the cache kmalloc-256 of size 256 [ 17.229780] The buggy address is located 5 bytes to the right of [ 17.229780] allocated 235-byte region [ffff888100341400, ffff8881003414eb) [ 17.231161] [ 17.231324] The buggy address belongs to the physical page: [ 17.232483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 17.233066] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.234053] flags: 0x200000000000040(head|node=0|zone=2) [ 17.235140] page_type: f5(slab) [ 17.235856] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.236397] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.237362] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.238374] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.239349] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 17.240094] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.240788] page dumped because: kasan: bad access detected [ 17.241821] [ 17.241994] Memory state around the buggy address: [ 17.242351] ffff888100341380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.243687] ffff888100341400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.244339] >ffff888100341480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.245016] ^ [ 17.246171] ffff888100341500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.246627] ffff888100341580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.247434] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 25.665284] ================================================================== [ 25.666133] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 25.666869] Write of size 1 at addr ffff888103c6f378 by task kunit_try_catch/305 [ 25.667813] [ 25.668120] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.668252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.668290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.668341] Call Trace: [ 25.668384] <TASK> [ 25.668495] dump_stack_lvl+0x73/0xb0 [ 25.668585] print_report+0xd1/0x650 [ 25.668669] ? __virt_addr_valid+0x1db/0x2d0 [ 25.668741] ? strncpy_from_user+0x1a5/0x1d0 [ 25.668817] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.668898] ? strncpy_from_user+0x1a5/0x1d0 [ 25.668980] kasan_report+0x141/0x180 [ 25.669065] ? strncpy_from_user+0x1a5/0x1d0 [ 25.669165] __asan_report_store1_noabort+0x1b/0x30 [ 25.669245] strncpy_from_user+0x1a5/0x1d0 [ 25.669331] copy_user_test_oob+0x760/0x10f0 [ 25.669455] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.669554] ? finish_task_switch.isra.0+0x153/0x700 [ 25.669647] ? __switch_to+0x5d9/0xf60 [ 25.669723] ? dequeue_task_fair+0x166/0x4e0 [ 25.669814] ? __schedule+0x10cc/0x2b30 [ 25.669902] ? __pfx_read_tsc+0x10/0x10 [ 25.669981] ? ktime_get_ts64+0x86/0x230 [ 25.670071] kunit_try_run_case+0x1a5/0x480 [ 25.670153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.670230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.670308] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.670389] ? __kthread_parkme+0x82/0x180 [ 25.670529] ? preempt_count_sub+0x50/0x80 [ 25.670612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.670692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.670768] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.670822] kthread+0x337/0x6f0 [ 25.670855] ? trace_preempt_on+0x20/0xc0 [ 25.670890] ? __pfx_kthread+0x10/0x10 [ 25.670927] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.670961] ? calculate_sigpending+0x7b/0xa0 [ 25.670993] ? __pfx_kthread+0x10/0x10 [ 25.671027] ret_from_fork+0x41/0x80 [ 25.671057] ? __pfx_kthread+0x10/0x10 [ 25.671089] ret_from_fork_asm+0x1a/0x30 [ 25.671134] </TASK> [ 25.671150] [ 25.685524] Allocated by task 305: [ 25.685882] kasan_save_stack+0x45/0x70 [ 25.686250] kasan_save_track+0x18/0x40 [ 25.686691] kasan_save_alloc_info+0x3b/0x50 [ 25.687028] __kasan_kmalloc+0xb7/0xc0 [ 25.687342] __kmalloc_noprof+0x1c9/0x500 [ 25.687854] kunit_kmalloc_array+0x25/0x60 [ 25.688313] copy_user_test_oob+0xab/0x10f0 [ 25.688860] kunit_try_run_case+0x1a5/0x480 [ 25.689327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.689859] kthread+0x337/0x6f0 [ 25.690211] ret_from_fork+0x41/0x80 [ 25.690676] ret_from_fork_asm+0x1a/0x30 [ 25.691111] [ 25.691338] The buggy address belongs to the object at ffff888103c6f300 [ 25.691338] which belongs to the cache kmalloc-128 of size 128 [ 25.692172] The buggy address is located 0 bytes to the right of [ 25.692172] allocated 120-byte region [ffff888103c6f300, ffff888103c6f378) [ 25.693210] [ 25.693492] The buggy address belongs to the physical page: [ 25.694049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6f [ 25.694639] flags: 0x200000000000000(node=0|zone=2) [ 25.695007] page_type: f5(slab) [ 25.695384] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.696079] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.696781] page dumped because: kasan: bad access detected [ 25.697300] [ 25.697595] Memory state around the buggy address: [ 25.698016] ffff888103c6f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.698666] ffff888103c6f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.699152] >ffff888103c6f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.699663] ^ [ 25.700104] ffff888103c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.700705] ffff888103c6f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.701369] ================================================================== [ 25.626181] ================================================================== [ 25.626740] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 25.627332] Write of size 121 at addr ffff888103c6f300 by task kunit_try_catch/305 [ 25.628060] [ 25.628255] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.628324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.628344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.628377] Call Trace: [ 25.628405] <TASK> [ 25.628527] dump_stack_lvl+0x73/0xb0 [ 25.628613] print_report+0xd1/0x650 [ 25.628699] ? __virt_addr_valid+0x1db/0x2d0 [ 25.628778] ? strncpy_from_user+0x2e/0x1d0 [ 25.628856] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.628936] ? strncpy_from_user+0x2e/0x1d0 [ 25.629016] kasan_report+0x141/0x180 [ 25.629147] ? strncpy_from_user+0x2e/0x1d0 [ 25.629331] kasan_check_range+0x10c/0x1c0 [ 25.629418] __kasan_check_write+0x18/0x20 [ 25.629513] strncpy_from_user+0x2e/0x1d0 [ 25.629602] ? __kasan_check_read+0x15/0x20 [ 25.629704] copy_user_test_oob+0x760/0x10f0 [ 25.629748] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.629780] ? finish_task_switch.isra.0+0x153/0x700 [ 25.629817] ? __switch_to+0x5d9/0xf60 [ 25.629850] ? dequeue_task_fair+0x166/0x4e0 [ 25.629891] ? __schedule+0x10cc/0x2b30 [ 25.629926] ? __pfx_read_tsc+0x10/0x10 [ 25.629958] ? ktime_get_ts64+0x86/0x230 [ 25.629997] kunit_try_run_case+0x1a5/0x480 [ 25.630033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.630067] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.630103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.630142] ? __kthread_parkme+0x82/0x180 [ 25.630176] ? preempt_count_sub+0x50/0x80 [ 25.630215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.630251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.630286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.630320] kthread+0x337/0x6f0 [ 25.630352] ? trace_preempt_on+0x20/0xc0 [ 25.630389] ? __pfx_kthread+0x10/0x10 [ 25.630465] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.630527] ? calculate_sigpending+0x7b/0xa0 [ 25.630562] ? __pfx_kthread+0x10/0x10 [ 25.630596] ret_from_fork+0x41/0x80 [ 25.630630] ? __pfx_kthread+0x10/0x10 [ 25.630663] ret_from_fork_asm+0x1a/0x30 [ 25.630709] </TASK> [ 25.630725] [ 25.647115] Allocated by task 305: [ 25.647546] kasan_save_stack+0x45/0x70 [ 25.647939] kasan_save_track+0x18/0x40 [ 25.648363] kasan_save_alloc_info+0x3b/0x50 [ 25.648833] __kasan_kmalloc+0xb7/0xc0 [ 25.649211] __kmalloc_noprof+0x1c9/0x500 [ 25.649688] kunit_kmalloc_array+0x25/0x60 [ 25.650094] copy_user_test_oob+0xab/0x10f0 [ 25.650593] kunit_try_run_case+0x1a5/0x480 [ 25.650966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.651354] kthread+0x337/0x6f0 [ 25.651774] ret_from_fork+0x41/0x80 [ 25.652184] ret_from_fork_asm+0x1a/0x30 [ 25.652673] [ 25.652915] The buggy address belongs to the object at ffff888103c6f300 [ 25.652915] which belongs to the cache kmalloc-128 of size 128 [ 25.653848] The buggy address is located 0 bytes inside of [ 25.653848] allocated 120-byte region [ffff888103c6f300, ffff888103c6f378) [ 25.654732] [ 25.654976] The buggy address belongs to the physical page: [ 25.655536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6f [ 25.656246] flags: 0x200000000000000(node=0|zone=2) [ 25.656802] page_type: f5(slab) [ 25.657149] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.657765] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.658312] page dumped because: kasan: bad access detected [ 25.658868] [ 25.659099] Memory state around the buggy address: [ 25.659614] ffff888103c6f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.660117] ffff888103c6f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.660789] >ffff888103c6f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.661449] ^ [ 25.661955] ffff888103c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.662449] ffff888103c6f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.662947] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 25.531076] ================================================================== [ 25.531671] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 25.533599] Write of size 121 at addr ffff888103c6f300 by task kunit_try_catch/305 [ 25.534293] [ 25.535659] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.535793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.535836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.535898] Call Trace: [ 25.535951] <TASK> [ 25.535995] dump_stack_lvl+0x73/0xb0 [ 25.536066] print_report+0xd1/0x650 [ 25.536127] ? __virt_addr_valid+0x1db/0x2d0 [ 25.536180] ? copy_user_test_oob+0x557/0x10f0 [ 25.536231] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.536287] ? copy_user_test_oob+0x557/0x10f0 [ 25.536340] kasan_report+0x141/0x180 [ 25.536395] ? copy_user_test_oob+0x557/0x10f0 [ 25.536564] kasan_check_range+0x10c/0x1c0 [ 25.536630] __kasan_check_write+0x18/0x20 [ 25.536681] copy_user_test_oob+0x557/0x10f0 [ 25.536737] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.536785] ? finish_task_switch.isra.0+0x153/0x700 [ 25.536841] ? __switch_to+0x5d9/0xf60 [ 25.536889] ? dequeue_task_fair+0x166/0x4e0 [ 25.536952] ? __schedule+0x10cc/0x2b30 [ 25.537009] ? __pfx_read_tsc+0x10/0x10 [ 25.537101] ? ktime_get_ts64+0x86/0x230 [ 25.537190] kunit_try_run_case+0x1a5/0x480 [ 25.537273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.537351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.537504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.537606] ? __kthread_parkme+0x82/0x180 [ 25.537685] ? preempt_count_sub+0x50/0x80 [ 25.537767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.537846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.537926] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.537991] kthread+0x337/0x6f0 [ 25.538061] ? trace_preempt_on+0x20/0xc0 [ 25.538132] ? __pfx_kthread+0x10/0x10 [ 25.538193] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.538258] ? calculate_sigpending+0x7b/0xa0 [ 25.538315] ? __pfx_kthread+0x10/0x10 [ 25.538372] ret_from_fork+0x41/0x80 [ 25.539566] ? __pfx_kthread+0x10/0x10 [ 25.539646] ret_from_fork_asm+0x1a/0x30 [ 25.539704] </TASK> [ 25.539720] [ 25.560748] Allocated by task 305: [ 25.561578] kasan_save_stack+0x45/0x70 [ 25.562276] kasan_save_track+0x18/0x40 [ 25.562955] kasan_save_alloc_info+0x3b/0x50 [ 25.563311] __kasan_kmalloc+0xb7/0xc0 [ 25.563768] __kmalloc_noprof+0x1c9/0x500 [ 25.564630] kunit_kmalloc_array+0x25/0x60 [ 25.564957] copy_user_test_oob+0xab/0x10f0 [ 25.565273] kunit_try_run_case+0x1a5/0x480 [ 25.566343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.566894] kthread+0x337/0x6f0 [ 25.567177] ret_from_fork+0x41/0x80 [ 25.567541] ret_from_fork_asm+0x1a/0x30 [ 25.568276] [ 25.568865] The buggy address belongs to the object at ffff888103c6f300 [ 25.568865] which belongs to the cache kmalloc-128 of size 128 [ 25.570124] The buggy address is located 0 bytes inside of [ 25.570124] allocated 120-byte region [ffff888103c6f300, ffff888103c6f378) [ 25.571431] [ 25.571978] The buggy address belongs to the physical page: [ 25.572298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6f [ 25.573225] flags: 0x200000000000000(node=0|zone=2) [ 25.573948] page_type: f5(slab) [ 25.574258] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.575649] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.576270] page dumped because: kasan: bad access detected [ 25.577167] [ 25.577359] Memory state around the buggy address: [ 25.577697] ffff888103c6f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.578774] ffff888103c6f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.579302] >ffff888103c6f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.579973] ^ [ 25.580851] ffff888103c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.581337] ffff888103c6f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.581912] ================================================================== [ 25.487922] ================================================================== [ 25.488396] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 25.488922] Read of size 121 at addr ffff888103c6f300 by task kunit_try_catch/305 [ 25.489946] [ 25.490340] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.490492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.490536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.490598] Call Trace: [ 25.490648] <TASK> [ 25.490700] dump_stack_lvl+0x73/0xb0 [ 25.490778] print_report+0xd1/0x650 [ 25.490852] ? __virt_addr_valid+0x1db/0x2d0 [ 25.490927] ? copy_user_test_oob+0x4aa/0x10f0 [ 25.491001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.491079] ? copy_user_test_oob+0x4aa/0x10f0 [ 25.491152] kasan_report+0x141/0x180 [ 25.491234] ? copy_user_test_oob+0x4aa/0x10f0 [ 25.491323] kasan_check_range+0x10c/0x1c0 [ 25.491405] __kasan_check_read+0x15/0x20 [ 25.491524] copy_user_test_oob+0x4aa/0x10f0 [ 25.491612] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.491685] ? finish_task_switch.isra.0+0x153/0x700 [ 25.491762] ? __switch_to+0x5d9/0xf60 [ 25.491834] ? dequeue_task_fair+0x166/0x4e0 [ 25.491941] ? __schedule+0x10cc/0x2b30 [ 25.492051] ? __pfx_read_tsc+0x10/0x10 [ 25.492108] ? ktime_get_ts64+0x86/0x230 [ 25.492178] kunit_try_run_case+0x1a5/0x480 [ 25.492261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.492340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.492423] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.492524] ? __kthread_parkme+0x82/0x180 [ 25.492601] ? preempt_count_sub+0x50/0x80 [ 25.492682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.492762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.492843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.492921] kthread+0x337/0x6f0 [ 25.492995] ? trace_preempt_on+0x20/0xc0 [ 25.493076] ? __pfx_kthread+0x10/0x10 [ 25.493153] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.493225] ? calculate_sigpending+0x7b/0xa0 [ 25.493297] ? __pfx_kthread+0x10/0x10 [ 25.493376] ret_from_fork+0x41/0x80 [ 25.493517] ? __pfx_kthread+0x10/0x10 [ 25.493611] ret_from_fork_asm+0x1a/0x30 [ 25.493712] </TASK> [ 25.493749] [ 25.510873] Allocated by task 305: [ 25.511215] kasan_save_stack+0x45/0x70 [ 25.511708] kasan_save_track+0x18/0x40 [ 25.512119] kasan_save_alloc_info+0x3b/0x50 [ 25.512536] __kasan_kmalloc+0xb7/0xc0 [ 25.512859] __kmalloc_noprof+0x1c9/0x500 [ 25.513253] kunit_kmalloc_array+0x25/0x60 [ 25.513771] copy_user_test_oob+0xab/0x10f0 [ 25.514219] kunit_try_run_case+0x1a5/0x480 [ 25.514736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.515283] kthread+0x337/0x6f0 [ 25.515731] ret_from_fork+0x41/0x80 [ 25.516041] ret_from_fork_asm+0x1a/0x30 [ 25.516491] [ 25.516721] The buggy address belongs to the object at ffff888103c6f300 [ 25.516721] which belongs to the cache kmalloc-128 of size 128 [ 25.517829] The buggy address is located 0 bytes inside of [ 25.517829] allocated 120-byte region [ffff888103c6f300, ffff888103c6f378) [ 25.518779] [ 25.518999] The buggy address belongs to the physical page: [ 25.519550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6f [ 25.520126] flags: 0x200000000000000(node=0|zone=2) [ 25.520561] page_type: f5(slab) [ 25.520953] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.521723] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.522170] page dumped because: kasan: bad access detected [ 25.522649] [ 25.522876] Memory state around the buggy address: [ 25.523333] ffff888103c6f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.526040] ffff888103c6f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.527204] >ffff888103c6f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.527645] ^ [ 25.528002] ffff888103c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.528556] ffff888103c6f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.529643] ================================================================== [ 25.449867] ================================================================== [ 25.450419] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 25.451033] Write of size 121 at addr ffff888103c6f300 by task kunit_try_catch/305 [ 25.451674] [ 25.451954] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.452087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.452126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.452191] Call Trace: [ 25.452236] <TASK> [ 25.452286] dump_stack_lvl+0x73/0xb0 [ 25.452368] print_report+0xd1/0x650 [ 25.452517] ? __virt_addr_valid+0x1db/0x2d0 [ 25.452605] ? copy_user_test_oob+0x3fd/0x10f0 [ 25.452674] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.452750] ? copy_user_test_oob+0x3fd/0x10f0 [ 25.452821] kasan_report+0x141/0x180 [ 25.452901] ? copy_user_test_oob+0x3fd/0x10f0 [ 25.452987] kasan_check_range+0x10c/0x1c0 [ 25.453049] __kasan_check_write+0x18/0x20 [ 25.453080] copy_user_test_oob+0x3fd/0x10f0 [ 25.453114] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.453141] ? finish_task_switch.isra.0+0x153/0x700 [ 25.453177] ? __switch_to+0x5d9/0xf60 [ 25.453206] ? dequeue_task_fair+0x166/0x4e0 [ 25.453241] ? __schedule+0x10cc/0x2b30 [ 25.453275] ? __pfx_read_tsc+0x10/0x10 [ 25.453304] ? ktime_get_ts64+0x86/0x230 [ 25.453340] kunit_try_run_case+0x1a5/0x480 [ 25.453374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.453413] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.453513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.453552] ? __kthread_parkme+0x82/0x180 [ 25.453601] ? preempt_count_sub+0x50/0x80 [ 25.453637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.453672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.453705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.453738] kthread+0x337/0x6f0 [ 25.453768] ? trace_preempt_on+0x20/0xc0 [ 25.453803] ? __pfx_kthread+0x10/0x10 [ 25.453836] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.453869] ? calculate_sigpending+0x7b/0xa0 [ 25.453899] ? __pfx_kthread+0x10/0x10 [ 25.453931] ret_from_fork+0x41/0x80 [ 25.453961] ? __pfx_kthread+0x10/0x10 [ 25.453993] ret_from_fork_asm+0x1a/0x30 [ 25.454036] </TASK> [ 25.454050] [ 25.469631] Allocated by task 305: [ 25.469936] kasan_save_stack+0x45/0x70 [ 25.470263] kasan_save_track+0x18/0x40 [ 25.470913] kasan_save_alloc_info+0x3b/0x50 [ 25.471407] __kasan_kmalloc+0xb7/0xc0 [ 25.471859] __kmalloc_noprof+0x1c9/0x500 [ 25.472312] kunit_kmalloc_array+0x25/0x60 [ 25.472821] copy_user_test_oob+0xab/0x10f0 [ 25.473274] kunit_try_run_case+0x1a5/0x480 [ 25.473764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.474209] kthread+0x337/0x6f0 [ 25.474704] ret_from_fork+0x41/0x80 [ 25.475111] ret_from_fork_asm+0x1a/0x30 [ 25.475579] [ 25.475733] The buggy address belongs to the object at ffff888103c6f300 [ 25.475733] which belongs to the cache kmalloc-128 of size 128 [ 25.476382] The buggy address is located 0 bytes inside of [ 25.476382] allocated 120-byte region [ffff888103c6f300, ffff888103c6f378) [ 25.477093] [ 25.477290] The buggy address belongs to the physical page: [ 25.477828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6f [ 25.478617] flags: 0x200000000000000(node=0|zone=2) [ 25.479134] page_type: f5(slab) [ 25.479545] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.480257] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.481032] page dumped because: kasan: bad access detected [ 25.481647] [ 25.481830] Memory state around the buggy address: [ 25.482167] ffff888103c6f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.482857] ffff888103c6f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.483469] >ffff888103c6f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.484517] ^ [ 25.485045] ffff888103c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.485546] ffff888103c6f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.486231] ================================================================== [ 25.584181] ================================================================== [ 25.584833] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 25.585531] Read of size 121 at addr ffff888103c6f300 by task kunit_try_catch/305 [ 25.586232] [ 25.587168] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.587560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.587605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.587666] Call Trace: [ 25.587714] <TASK> [ 25.587765] dump_stack_lvl+0x73/0xb0 [ 25.587844] print_report+0xd1/0x650 [ 25.587887] ? __virt_addr_valid+0x1db/0x2d0 [ 25.587918] ? copy_user_test_oob+0x604/0x10f0 [ 25.587946] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.587979] ? copy_user_test_oob+0x604/0x10f0 [ 25.588010] kasan_report+0x141/0x180 [ 25.588044] ? copy_user_test_oob+0x604/0x10f0 [ 25.588081] kasan_check_range+0x10c/0x1c0 [ 25.588117] __kasan_check_read+0x15/0x20 [ 25.588146] copy_user_test_oob+0x604/0x10f0 [ 25.588177] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.588204] ? finish_task_switch.isra.0+0x153/0x700 [ 25.588238] ? __switch_to+0x5d9/0xf60 [ 25.588268] ? dequeue_task_fair+0x166/0x4e0 [ 25.588305] ? __schedule+0x10cc/0x2b30 [ 25.588340] ? __pfx_read_tsc+0x10/0x10 [ 25.588369] ? ktime_get_ts64+0x86/0x230 [ 25.588431] kunit_try_run_case+0x1a5/0x480 [ 25.588507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.588544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.588580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.588615] ? __kthread_parkme+0x82/0x180 [ 25.588647] ? preempt_count_sub+0x50/0x80 [ 25.588682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.588716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.588749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.588782] kthread+0x337/0x6f0 [ 25.588812] ? trace_preempt_on+0x20/0xc0 [ 25.588846] ? __pfx_kthread+0x10/0x10 [ 25.588877] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.588908] ? calculate_sigpending+0x7b/0xa0 [ 25.588939] ? __pfx_kthread+0x10/0x10 [ 25.588972] ret_from_fork+0x41/0x80 [ 25.589003] ? __pfx_kthread+0x10/0x10 [ 25.589035] ret_from_fork_asm+0x1a/0x30 [ 25.589078] </TASK> [ 25.589092] [ 25.607178] Allocated by task 305: [ 25.607596] kasan_save_stack+0x45/0x70 [ 25.607942] kasan_save_track+0x18/0x40 [ 25.608343] kasan_save_alloc_info+0x3b/0x50 [ 25.608887] __kasan_kmalloc+0xb7/0xc0 [ 25.609323] __kmalloc_noprof+0x1c9/0x500 [ 25.609810] kunit_kmalloc_array+0x25/0x60 [ 25.610212] copy_user_test_oob+0xab/0x10f0 [ 25.610722] kunit_try_run_case+0x1a5/0x480 [ 25.611198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.611829] kthread+0x337/0x6f0 [ 25.612229] ret_from_fork+0x41/0x80 [ 25.612727] ret_from_fork_asm+0x1a/0x30 [ 25.613173] [ 25.613503] The buggy address belongs to the object at ffff888103c6f300 [ 25.613503] which belongs to the cache kmalloc-128 of size 128 [ 25.614279] The buggy address is located 0 bytes inside of [ 25.614279] allocated 120-byte region [ffff888103c6f300, ffff888103c6f378) [ 25.615434] [ 25.615696] The buggy address belongs to the physical page: [ 25.616161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6f [ 25.616896] flags: 0x200000000000000(node=0|zone=2) [ 25.617344] page_type: f5(slab) [ 25.617811] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.618586] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.619040] page dumped because: kasan: bad access detected [ 25.619670] [ 25.619944] Memory state around the buggy address: [ 25.620497] ffff888103c6f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.621095] ffff888103c6f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.621783] >ffff888103c6f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.622446] ^ [ 25.623092] ffff888103c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.623742] ffff888103c6f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.624340] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 25.405700] ================================================================== [ 25.406247] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 25.406857] Read of size 121 at addr ffff888103c6f300 by task kunit_try_catch/305 [ 25.407440] [ 25.407848] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.407981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.408021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.408087] Call Trace: [ 25.408142] <TASK> [ 25.408195] dump_stack_lvl+0x73/0xb0 [ 25.408284] print_report+0xd1/0x650 [ 25.408367] ? __virt_addr_valid+0x1db/0x2d0 [ 25.408462] ? _copy_to_user+0x4a/0x70 [ 25.408561] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.408643] ? _copy_to_user+0x4a/0x70 [ 25.408721] kasan_report+0x141/0x180 [ 25.408805] ? _copy_to_user+0x4a/0x70 [ 25.408901] kasan_check_range+0x10c/0x1c0 [ 25.408989] __kasan_check_read+0x15/0x20 [ 25.409061] _copy_to_user+0x4a/0x70 [ 25.409141] copy_user_test_oob+0x364/0x10f0 [ 25.409206] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.409237] ? finish_task_switch.isra.0+0x153/0x700 [ 25.409272] ? __switch_to+0x5d9/0xf60 [ 25.409301] ? dequeue_task_fair+0x166/0x4e0 [ 25.409340] ? __schedule+0x10cc/0x2b30 [ 25.409375] ? __pfx_read_tsc+0x10/0x10 [ 25.409409] ? ktime_get_ts64+0x86/0x230 [ 25.409504] kunit_try_run_case+0x1a5/0x480 [ 25.409546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.409587] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.409623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.409659] ? __kthread_parkme+0x82/0x180 [ 25.409691] ? preempt_count_sub+0x50/0x80 [ 25.409726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.409759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.409792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.409825] kthread+0x337/0x6f0 [ 25.409855] ? trace_preempt_on+0x20/0xc0 [ 25.409889] ? __pfx_kthread+0x10/0x10 [ 25.409921] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.409953] ? calculate_sigpending+0x7b/0xa0 [ 25.409984] ? __pfx_kthread+0x10/0x10 [ 25.410017] ret_from_fork+0x41/0x80 [ 25.410047] ? __pfx_kthread+0x10/0x10 [ 25.410079] ret_from_fork_asm+0x1a/0x30 [ 25.410123] </TASK> [ 25.410137] [ 25.424647] Allocated by task 305: [ 25.424963] kasan_save_stack+0x45/0x70 [ 25.425394] kasan_save_track+0x18/0x40 [ 25.425784] kasan_save_alloc_info+0x3b/0x50 [ 25.426424] __kasan_kmalloc+0xb7/0xc0 [ 25.426765] __kmalloc_noprof+0x1c9/0x500 [ 25.427094] kunit_kmalloc_array+0x25/0x60 [ 25.427452] copy_user_test_oob+0xab/0x10f0 [ 25.427931] kunit_try_run_case+0x1a5/0x480 [ 25.428373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.428892] kthread+0x337/0x6f0 [ 25.429288] ret_from_fork+0x41/0x80 [ 25.429766] ret_from_fork_asm+0x1a/0x30 [ 25.430085] [ 25.430267] The buggy address belongs to the object at ffff888103c6f300 [ 25.430267] which belongs to the cache kmalloc-128 of size 128 [ 25.431185] The buggy address is located 0 bytes inside of [ 25.431185] allocated 120-byte region [ffff888103c6f300, ffff888103c6f378) [ 25.432714] [ 25.432919] The buggy address belongs to the physical page: [ 25.433288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6f [ 25.433987] flags: 0x200000000000000(node=0|zone=2) [ 25.434674] page_type: f5(slab) [ 25.435016] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.435513] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.435973] page dumped because: kasan: bad access detected [ 25.436463] [ 25.436707] Memory state around the buggy address: [ 25.437153] ffff888103c6f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.438090] ffff888103c6f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.438723] >ffff888103c6f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.439522] ^ [ 25.440011] ffff888103c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.440461] ffff888103c6f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.441047] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 25.357624] ================================================================== [ 25.358832] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 25.359337] Write of size 121 at addr ffff888103c6f300 by task kunit_try_catch/305 [ 25.360654] [ 25.360887] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.361059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.361338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.361378] Call Trace: [ 25.361398] <TASK> [ 25.361468] dump_stack_lvl+0x73/0xb0 [ 25.361538] print_report+0xd1/0x650 [ 25.361586] ? __virt_addr_valid+0x1db/0x2d0 [ 25.361623] ? _copy_from_user+0x32/0x90 [ 25.361658] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.361693] ? _copy_from_user+0x32/0x90 [ 25.361729] kasan_report+0x141/0x180 [ 25.361764] ? _copy_from_user+0x32/0x90 [ 25.361806] kasan_check_range+0x10c/0x1c0 [ 25.361844] __kasan_check_write+0x18/0x20 [ 25.361875] _copy_from_user+0x32/0x90 [ 25.361912] copy_user_test_oob+0x2be/0x10f0 [ 25.361947] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.361976] ? finish_task_switch.isra.0+0x153/0x700 [ 25.362013] ? __switch_to+0x5d9/0xf60 [ 25.362045] ? dequeue_task_fair+0x166/0x4e0 [ 25.362082] ? __schedule+0x10cc/0x2b30 [ 25.362120] ? __pfx_read_tsc+0x10/0x10 [ 25.362153] ? ktime_get_ts64+0x86/0x230 [ 25.362192] kunit_try_run_case+0x1a5/0x480 [ 25.362230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.362265] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.362302] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.362339] ? __kthread_parkme+0x82/0x180 [ 25.362374] ? preempt_count_sub+0x50/0x80 [ 25.362440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.362508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.362547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.362583] kthread+0x337/0x6f0 [ 25.362618] ? trace_preempt_on+0x20/0xc0 [ 25.362657] ? __pfx_kthread+0x10/0x10 [ 25.362691] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.362725] ? calculate_sigpending+0x7b/0xa0 [ 25.362759] ? __pfx_kthread+0x10/0x10 [ 25.362794] ret_from_fork+0x41/0x80 [ 25.362828] ? __pfx_kthread+0x10/0x10 [ 25.362864] ret_from_fork_asm+0x1a/0x30 [ 25.362910] </TASK> [ 25.362926] [ 25.382805] Allocated by task 305: [ 25.383185] kasan_save_stack+0x45/0x70 [ 25.383621] kasan_save_track+0x18/0x40 [ 25.384006] kasan_save_alloc_info+0x3b/0x50 [ 25.384503] __kasan_kmalloc+0xb7/0xc0 [ 25.384922] __kmalloc_noprof+0x1c9/0x500 [ 25.385306] kunit_kmalloc_array+0x25/0x60 [ 25.385705] copy_user_test_oob+0xab/0x10f0 [ 25.386103] kunit_try_run_case+0x1a5/0x480 [ 25.386614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.387172] kthread+0x337/0x6f0 [ 25.387632] ret_from_fork+0x41/0x80 [ 25.388009] ret_from_fork_asm+0x1a/0x30 [ 25.388518] [ 25.388715] The buggy address belongs to the object at ffff888103c6f300 [ 25.388715] which belongs to the cache kmalloc-128 of size 128 [ 25.389736] The buggy address is located 0 bytes inside of [ 25.389736] allocated 120-byte region [ffff888103c6f300, ffff888103c6f378) [ 25.390673] [ 25.390871] The buggy address belongs to the physical page: [ 25.391366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6f [ 25.392099] flags: 0x200000000000000(node=0|zone=2) [ 25.392560] page_type: f5(slab) [ 25.392858] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.393642] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.394307] page dumped because: kasan: bad access detected [ 25.394846] [ 25.395079] Memory state around the buggy address: [ 25.395600] ffff888103c6f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.396157] ffff888103c6f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.396733] >ffff888103c6f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.397197] ^ [ 25.397870] ffff888103c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.398518] ffff888103c6f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.399061] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 25.245038] ================================================================== [ 25.246066] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 25.246916] Read of size 8 at addr ffff888103c6f278 by task kunit_try_catch/301 [ 25.247790] [ 25.248028] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.248748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.248771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.248804] Call Trace: [ 25.248823] <TASK> [ 25.248847] dump_stack_lvl+0x73/0xb0 [ 25.248892] print_report+0xd1/0x650 [ 25.248932] ? __virt_addr_valid+0x1db/0x2d0 [ 25.248967] ? copy_to_kernel_nofault+0x225/0x260 [ 25.249005] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.249040] ? copy_to_kernel_nofault+0x225/0x260 [ 25.249079] kasan_report+0x141/0x180 [ 25.249113] ? copy_to_kernel_nofault+0x225/0x260 [ 25.249159] __asan_report_load8_noabort+0x18/0x20 [ 25.249192] copy_to_kernel_nofault+0x225/0x260 [ 25.249232] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 25.249272] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 25.249310] ? finish_task_switch.isra.0+0x153/0x700 [ 25.249349] ? __schedule+0x10cc/0x2b30 [ 25.249386] ? trace_hardirqs_on+0x37/0xe0 [ 25.249497] ? __pfx_read_tsc+0x10/0x10 [ 25.249539] ? ktime_get_ts64+0x86/0x230 [ 25.249593] kunit_try_run_case+0x1a5/0x480 [ 25.249632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.249666] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.249703] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.249740] ? __kthread_parkme+0x82/0x180 [ 25.249774] ? preempt_count_sub+0x50/0x80 [ 25.249811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.249846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.249880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.249915] kthread+0x337/0x6f0 [ 25.249948] ? trace_preempt_on+0x20/0xc0 [ 25.249983] ? __pfx_kthread+0x10/0x10 [ 25.250017] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.250051] ? calculate_sigpending+0x7b/0xa0 [ 25.250084] ? __pfx_kthread+0x10/0x10 [ 25.250118] ret_from_fork+0x41/0x80 [ 25.250151] ? __pfx_kthread+0x10/0x10 [ 25.250185] ret_from_fork_asm+0x1a/0x30 [ 25.250233] </TASK> [ 25.250249] [ 25.273345] Allocated by task 301: [ 25.273842] kasan_save_stack+0x45/0x70 [ 25.274261] kasan_save_track+0x18/0x40 [ 25.274738] kasan_save_alloc_info+0x3b/0x50 [ 25.275147] __kasan_kmalloc+0xb7/0xc0 [ 25.275558] __kmalloc_cache_noprof+0x189/0x420 [ 25.275910] copy_to_kernel_nofault_oob+0x12f/0x560 [ 25.276460] kunit_try_run_case+0x1a5/0x480 [ 25.276953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.277542] kthread+0x337/0x6f0 [ 25.277951] ret_from_fork+0x41/0x80 [ 25.278296] ret_from_fork_asm+0x1a/0x30 [ 25.278781] [ 25.278970] The buggy address belongs to the object at ffff888103c6f200 [ 25.278970] which belongs to the cache kmalloc-128 of size 128 [ 25.280029] The buggy address is located 0 bytes to the right of [ 25.280029] allocated 120-byte region [ffff888103c6f200, ffff888103c6f278) [ 25.281007] [ 25.281240] The buggy address belongs to the physical page: [ 25.281730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6f [ 25.282235] flags: 0x200000000000000(node=0|zone=2) [ 25.282783] page_type: f5(slab) [ 25.283175] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.283935] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.284582] page dumped because: kasan: bad access detected [ 25.285050] [ 25.285231] Memory state around the buggy address: [ 25.285696] ffff888103c6f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.286310] ffff888103c6f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.286992] >ffff888103c6f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.287619] ^ [ 25.288164] ffff888103c6f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.288754] ffff888103c6f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.289260] ================================================================== [ 25.291729] ================================================================== [ 25.292244] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 25.293583] Write of size 8 at addr ffff888103c6f278 by task kunit_try_catch/301 [ 25.294872] [ 25.295250] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.295374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.295434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.295508] Call Trace: [ 25.295546] <TASK> [ 25.295589] dump_stack_lvl+0x73/0xb0 [ 25.295674] print_report+0xd1/0x650 [ 25.295760] ? __virt_addr_valid+0x1db/0x2d0 [ 25.295833] ? copy_to_kernel_nofault+0x99/0x260 [ 25.295909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.295975] ? copy_to_kernel_nofault+0x99/0x260 [ 25.296058] kasan_report+0x141/0x180 [ 25.296143] ? copy_to_kernel_nofault+0x99/0x260 [ 25.296242] kasan_check_range+0x10c/0x1c0 [ 25.296326] __kasan_check_write+0x18/0x20 [ 25.296406] copy_to_kernel_nofault+0x99/0x260 [ 25.296540] copy_to_kernel_nofault_oob+0x288/0x560 [ 25.296631] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 25.296693] ? finish_task_switch.isra.0+0x153/0x700 [ 25.296730] ? __schedule+0x10cc/0x2b30 [ 25.296764] ? trace_hardirqs_on+0x37/0xe0 [ 25.296811] ? __pfx_read_tsc+0x10/0x10 [ 25.296839] ? ktime_get_ts64+0x86/0x230 [ 25.296875] kunit_try_run_case+0x1a5/0x480 [ 25.296908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.296940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.296976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.297011] ? __kthread_parkme+0x82/0x180 [ 25.297044] ? preempt_count_sub+0x50/0x80 [ 25.297080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.297115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.297147] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.297181] kthread+0x337/0x6f0 [ 25.297212] ? trace_preempt_on+0x20/0xc0 [ 25.297244] ? __pfx_kthread+0x10/0x10 [ 25.297276] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.297308] ? calculate_sigpending+0x7b/0xa0 [ 25.297339] ? __pfx_kthread+0x10/0x10 [ 25.297371] ret_from_fork+0x41/0x80 [ 25.297422] ? __pfx_kthread+0x10/0x10 [ 25.297502] ret_from_fork_asm+0x1a/0x30 [ 25.297553] </TASK> [ 25.297576] [ 25.318460] Allocated by task 301: [ 25.318896] kasan_save_stack+0x45/0x70 [ 25.319349] kasan_save_track+0x18/0x40 [ 25.320166] kasan_save_alloc_info+0x3b/0x50 [ 25.320393] __kasan_kmalloc+0xb7/0xc0 [ 25.320709] __kmalloc_cache_noprof+0x189/0x420 [ 25.321665] copy_to_kernel_nofault_oob+0x12f/0x560 [ 25.322151] kunit_try_run_case+0x1a5/0x480 [ 25.322726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.323379] kthread+0x337/0x6f0 [ 25.323855] ret_from_fork+0x41/0x80 [ 25.324157] ret_from_fork_asm+0x1a/0x30 [ 25.325303] [ 25.325508] The buggy address belongs to the object at ffff888103c6f200 [ 25.325508] which belongs to the cache kmalloc-128 of size 128 [ 25.326767] The buggy address is located 0 bytes to the right of [ 25.326767] allocated 120-byte region [ffff888103c6f200, ffff888103c6f278) [ 25.328218] [ 25.328456] The buggy address belongs to the physical page: [ 25.329008] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6f [ 25.329714] flags: 0x200000000000000(node=0|zone=2) [ 25.330122] page_type: f5(slab) [ 25.331085] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.331717] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.331972] page dumped because: kasan: bad access detected [ 25.332163] [ 25.332250] Memory state around the buggy address: [ 25.332503] ffff888103c6f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.333564] ffff888103c6f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.334431] >ffff888103c6f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.335574] ^ [ 25.336246] ffff888103c6f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.337662] ffff888103c6f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.338414] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 22.258937] ================================================================== [ 22.259618] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 22.260559] Read of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.261302] [ 22.261722] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.261852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.261888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.261943] Call Trace: [ 22.261999] <TASK> [ 22.262136] dump_stack_lvl+0x73/0xb0 [ 22.262271] print_report+0xd1/0x650 [ 22.262353] ? __virt_addr_valid+0x1db/0x2d0 [ 22.262436] ? kasan_atomics_helper+0x4b88/0x5450 [ 22.262527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.262612] ? kasan_atomics_helper+0x4b88/0x5450 [ 22.262687] kasan_report+0x141/0x180 [ 22.262766] ? kasan_atomics_helper+0x4b88/0x5450 [ 22.262853] __asan_report_load4_noabort+0x18/0x20 [ 22.262931] kasan_atomics_helper+0x4b88/0x5450 [ 22.263017] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.263100] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.263174] ? kasan_atomics+0x152/0x310 [ 22.263258] kasan_atomics+0x1dc/0x310 [ 22.263324] ? __pfx_kasan_atomics+0x10/0x10 [ 22.263396] ? __pfx_read_tsc+0x10/0x10 [ 22.263467] ? ktime_get_ts64+0x86/0x230 [ 22.263624] kunit_try_run_case+0x1a5/0x480 [ 22.263707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.263776] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.263844] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.263882] ? __kthread_parkme+0x82/0x180 [ 22.263917] ? preempt_count_sub+0x50/0x80 [ 22.263953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.263988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.264020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.264054] kthread+0x337/0x6f0 [ 22.264082] ? trace_preempt_on+0x20/0xc0 [ 22.264116] ? __pfx_kthread+0x10/0x10 [ 22.264146] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.264176] ? calculate_sigpending+0x7b/0xa0 [ 22.264206] ? __pfx_kthread+0x10/0x10 [ 22.264238] ret_from_fork+0x41/0x80 [ 22.264266] ? __pfx_kthread+0x10/0x10 [ 22.264297] ret_from_fork_asm+0x1a/0x30 [ 22.264339] </TASK> [ 22.264352] [ 22.281624] Allocated by task 285: [ 22.282279] kasan_save_stack+0x45/0x70 [ 22.282805] kasan_save_track+0x18/0x40 [ 22.283229] kasan_save_alloc_info+0x3b/0x50 [ 22.284175] __kasan_kmalloc+0xb7/0xc0 [ 22.286086] __kmalloc_cache_noprof+0x189/0x420 [ 22.286867] kasan_atomics+0x95/0x310 [ 22.287549] kunit_try_run_case+0x1a5/0x480 [ 22.287942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.288343] kthread+0x337/0x6f0 [ 22.288986] ret_from_fork+0x41/0x80 [ 22.289349] ret_from_fork_asm+0x1a/0x30 [ 22.290004] [ 22.290222] The buggy address belongs to the object at ffff888102983600 [ 22.290222] which belongs to the cache kmalloc-64 of size 64 [ 22.291601] The buggy address is located 0 bytes to the right of [ 22.291601] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.293108] [ 22.293615] The buggy address belongs to the physical page: [ 22.294192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.295321] flags: 0x200000000000000(node=0|zone=2) [ 22.296044] page_type: f5(slab) [ 22.296422] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.297552] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.298102] page dumped because: kasan: bad access detected [ 22.298941] [ 22.299168] Memory state around the buggy address: [ 22.299910] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.300606] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.301336] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.302122] ^ [ 22.302529] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.303238] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.304157] ================================================================== [ 22.405401] ================================================================== [ 22.405905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 22.407119] Read of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.407783] [ 22.408097] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.408225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.408267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.408325] Call Trace: [ 22.408378] <TASK> [ 22.408429] dump_stack_lvl+0x73/0xb0 [ 22.408595] print_report+0xd1/0x650 [ 22.408683] ? __virt_addr_valid+0x1db/0x2d0 [ 22.408828] ? kasan_atomics_helper+0x4b54/0x5450 [ 22.408909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.408985] ? kasan_atomics_helper+0x4b54/0x5450 [ 22.409058] kasan_report+0x141/0x180 [ 22.409137] ? kasan_atomics_helper+0x4b54/0x5450 [ 22.409228] __asan_report_load4_noabort+0x18/0x20 [ 22.409369] kasan_atomics_helper+0x4b54/0x5450 [ 22.409832] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.409923] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.410057] ? kasan_atomics+0x152/0x310 [ 22.410170] kasan_atomics+0x1dc/0x310 [ 22.410244] ? __pfx_kasan_atomics+0x10/0x10 [ 22.410293] ? __pfx_read_tsc+0x10/0x10 [ 22.410325] ? ktime_get_ts64+0x86/0x230 [ 22.410364] kunit_try_run_case+0x1a5/0x480 [ 22.410402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.410474] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.410539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.410576] ? __kthread_parkme+0x82/0x180 [ 22.410610] ? preempt_count_sub+0x50/0x80 [ 22.410646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.410682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.410715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.410751] kthread+0x337/0x6f0 [ 22.410783] ? trace_preempt_on+0x20/0xc0 [ 22.410884] ? __pfx_kthread+0x10/0x10 [ 22.410970] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.411050] ? calculate_sigpending+0x7b/0xa0 [ 22.411131] ? __pfx_kthread+0x10/0x10 [ 22.411203] ret_from_fork+0x41/0x80 [ 22.411246] ? __pfx_kthread+0x10/0x10 [ 22.411282] ret_from_fork_asm+0x1a/0x30 [ 22.411327] </TASK> [ 22.411342] [ 22.433521] Allocated by task 285: [ 22.434209] kasan_save_stack+0x45/0x70 [ 22.434748] kasan_save_track+0x18/0x40 [ 22.435333] kasan_save_alloc_info+0x3b/0x50 [ 22.435923] __kasan_kmalloc+0xb7/0xc0 [ 22.436348] __kmalloc_cache_noprof+0x189/0x420 [ 22.437110] kasan_atomics+0x95/0x310 [ 22.437818] kunit_try_run_case+0x1a5/0x480 [ 22.438275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.438895] kthread+0x337/0x6f0 [ 22.439315] ret_from_fork+0x41/0x80 [ 22.439819] ret_from_fork_asm+0x1a/0x30 [ 22.440328] [ 22.440612] The buggy address belongs to the object at ffff888102983600 [ 22.440612] which belongs to the cache kmalloc-64 of size 64 [ 22.441648] The buggy address is located 0 bytes to the right of [ 22.441648] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.442845] [ 22.443081] The buggy address belongs to the physical page: [ 22.443576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.444197] flags: 0x200000000000000(node=0|zone=2) [ 22.445136] page_type: f5(slab) [ 22.445462] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.446376] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.447252] page dumped because: kasan: bad access detected [ 22.447895] [ 22.448175] Memory state around the buggy address: [ 22.448853] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.450026] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.450800] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.451427] ^ [ 22.452002] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.452741] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.453449] ================================================================== [ 22.864961] ================================================================== [ 22.866866] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 22.868634] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.869133] [ 22.869352] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.870146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.870189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.870260] Call Trace: [ 22.870309] <TASK> [ 22.870353] dump_stack_lvl+0x73/0xb0 [ 22.870423] print_report+0xd1/0x650 [ 22.871064] ? __virt_addr_valid+0x1db/0x2d0 [ 22.871145] ? kasan_atomics_helper+0x8f9/0x5450 [ 22.871215] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.871283] ? kasan_atomics_helper+0x8f9/0x5450 [ 22.871352] kasan_report+0x141/0x180 [ 22.871420] ? kasan_atomics_helper+0x8f9/0x5450 [ 22.871523] kasan_check_range+0x10c/0x1c0 [ 22.871591] __kasan_check_write+0x18/0x20 [ 22.871643] kasan_atomics_helper+0x8f9/0x5450 [ 22.871702] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.871759] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.871817] ? kasan_atomics+0x152/0x310 [ 22.871875] kasan_atomics+0x1dc/0x310 [ 22.871928] ? __pfx_kasan_atomics+0x10/0x10 [ 22.871981] ? __pfx_read_tsc+0x10/0x10 [ 22.872030] ? ktime_get_ts64+0x86/0x230 [ 22.872092] kunit_try_run_case+0x1a5/0x480 [ 22.872151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.872203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.872260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.872319] ? __kthread_parkme+0x82/0x180 [ 22.872373] ? preempt_count_sub+0x50/0x80 [ 22.872433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.872504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.873516] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.873596] kthread+0x337/0x6f0 [ 22.873651] ? trace_preempt_on+0x20/0xc0 [ 22.873717] ? __pfx_kthread+0x10/0x10 [ 22.873777] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.873832] ? calculate_sigpending+0x7b/0xa0 [ 22.873888] ? __pfx_kthread+0x10/0x10 [ 22.873944] ret_from_fork+0x41/0x80 [ 22.873995] ? __pfx_kthread+0x10/0x10 [ 22.874049] ret_from_fork_asm+0x1a/0x30 [ 22.874127] </TASK> [ 22.874154] [ 22.898182] Allocated by task 285: [ 22.899347] kasan_save_stack+0x45/0x70 [ 22.899845] kasan_save_track+0x18/0x40 [ 22.900247] kasan_save_alloc_info+0x3b/0x50 [ 22.900926] __kasan_kmalloc+0xb7/0xc0 [ 22.901344] __kmalloc_cache_noprof+0x189/0x420 [ 22.902091] kasan_atomics+0x95/0x310 [ 22.902506] kunit_try_run_case+0x1a5/0x480 [ 22.903393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.903931] kthread+0x337/0x6f0 [ 22.904273] ret_from_fork+0x41/0x80 [ 22.904713] ret_from_fork_asm+0x1a/0x30 [ 22.905300] [ 22.905509] The buggy address belongs to the object at ffff888102983600 [ 22.905509] which belongs to the cache kmalloc-64 of size 64 [ 22.906653] The buggy address is located 0 bytes to the right of [ 22.906653] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.907683] [ 22.908020] The buggy address belongs to the physical page: [ 22.908403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.909230] flags: 0x200000000000000(node=0|zone=2) [ 22.909676] page_type: f5(slab) [ 22.910652] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.911253] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.911857] page dumped because: kasan: bad access detected [ 22.912303] [ 22.913248] Memory state around the buggy address: [ 22.913837] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.914315] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.914944] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.915711] ^ [ 22.916078] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.916799] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.917424] ================================================================== [ 22.500051] ================================================================== [ 22.500709] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 22.501410] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.502178] [ 22.502619] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.502789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.502836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.502896] Call Trace: [ 22.502951] <TASK> [ 22.503038] dump_stack_lvl+0x73/0xb0 [ 22.503123] print_report+0xd1/0x650 [ 22.503235] ? __virt_addr_valid+0x1db/0x2d0 [ 22.503321] ? kasan_atomics_helper+0x4b3a/0x5450 [ 22.503397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.503475] ? kasan_atomics_helper+0x4b3a/0x5450 [ 22.503674] kasan_report+0x141/0x180 [ 22.503712] ? kasan_atomics_helper+0x4b3a/0x5450 [ 22.503756] __asan_report_store4_noabort+0x1b/0x30 [ 22.503809] kasan_atomics_helper+0x4b3a/0x5450 [ 22.503894] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.504016] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.504105] ? kasan_atomics+0x152/0x310 [ 22.504232] kasan_atomics+0x1dc/0x310 [ 22.504308] ? __pfx_kasan_atomics+0x10/0x10 [ 22.504389] ? __pfx_read_tsc+0x10/0x10 [ 22.504459] ? ktime_get_ts64+0x86/0x230 [ 22.504633] kunit_try_run_case+0x1a5/0x480 [ 22.504679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.504714] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.504750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.504785] ? __kthread_parkme+0x82/0x180 [ 22.504818] ? preempt_count_sub+0x50/0x80 [ 22.504853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.504888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.504921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.504954] kthread+0x337/0x6f0 [ 22.504985] ? trace_preempt_on+0x20/0xc0 [ 22.505020] ? __pfx_kthread+0x10/0x10 [ 22.505052] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.505084] ? calculate_sigpending+0x7b/0xa0 [ 22.505115] ? __pfx_kthread+0x10/0x10 [ 22.505147] ret_from_fork+0x41/0x80 [ 22.505176] ? __pfx_kthread+0x10/0x10 [ 22.505208] ret_from_fork_asm+0x1a/0x30 [ 22.505253] </TASK> [ 22.505267] [ 22.525006] Allocated by task 285: [ 22.525733] kasan_save_stack+0x45/0x70 [ 22.526232] kasan_save_track+0x18/0x40 [ 22.526817] kasan_save_alloc_info+0x3b/0x50 [ 22.527259] __kasan_kmalloc+0xb7/0xc0 [ 22.527776] __kmalloc_cache_noprof+0x189/0x420 [ 22.528679] kasan_atomics+0x95/0x310 [ 22.528989] kunit_try_run_case+0x1a5/0x480 [ 22.529796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.530306] kthread+0x337/0x6f0 [ 22.530868] ret_from_fork+0x41/0x80 [ 22.531326] ret_from_fork_asm+0x1a/0x30 [ 22.531925] [ 22.532201] The buggy address belongs to the object at ffff888102983600 [ 22.532201] which belongs to the cache kmalloc-64 of size 64 [ 22.533302] The buggy address is located 0 bytes to the right of [ 22.533302] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.534988] [ 22.535252] The buggy address belongs to the physical page: [ 22.535943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.536814] flags: 0x200000000000000(node=0|zone=2) [ 22.537274] page_type: f5(slab) [ 22.537787] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.538954] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.539680] page dumped because: kasan: bad access detected [ 22.540103] [ 22.540354] Memory state around the buggy address: [ 22.541011] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.541801] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.542349] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.543144] ^ [ 22.543672] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.544370] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.545681] ================================================================== [ 22.598561] ================================================================== [ 22.598984] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 22.601182] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.601881] [ 22.602116] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.602252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.602293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.602352] Call Trace: [ 22.604691] <TASK> [ 22.604745] dump_stack_lvl+0x73/0xb0 [ 22.604831] print_report+0xd1/0x650 [ 22.604901] ? __virt_addr_valid+0x1db/0x2d0 [ 22.604964] ? kasan_atomics_helper+0x5fe/0x5450 [ 22.605026] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.605092] ? kasan_atomics_helper+0x5fe/0x5450 [ 22.605156] kasan_report+0x141/0x180 [ 22.605221] ? kasan_atomics_helper+0x5fe/0x5450 [ 22.605289] kasan_check_range+0x10c/0x1c0 [ 22.605364] __kasan_check_write+0x18/0x20 [ 22.605426] kasan_atomics_helper+0x5fe/0x5450 [ 22.605518] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.605609] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.605683] ? kasan_atomics+0x152/0x310 [ 22.605755] kasan_atomics+0x1dc/0x310 [ 22.605823] ? __pfx_kasan_atomics+0x10/0x10 [ 22.605891] ? __pfx_read_tsc+0x10/0x10 [ 22.605952] ? ktime_get_ts64+0x86/0x230 [ 22.606028] kunit_try_run_case+0x1a5/0x480 [ 22.606097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.606150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.606212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.606272] ? __kthread_parkme+0x82/0x180 [ 22.606325] ? preempt_count_sub+0x50/0x80 [ 22.606387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.606443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.606617] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.606683] kthread+0x337/0x6f0 [ 22.606737] ? trace_preempt_on+0x20/0xc0 [ 22.606794] ? __pfx_kthread+0x10/0x10 [ 22.606848] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.606902] ? calculate_sigpending+0x7b/0xa0 [ 22.606955] ? __pfx_kthread+0x10/0x10 [ 22.607011] ret_from_fork+0x41/0x80 [ 22.607060] ? __pfx_kthread+0x10/0x10 [ 22.607113] ret_from_fork_asm+0x1a/0x30 [ 22.607314] </TASK> [ 22.607347] [ 22.631692] Allocated by task 285: [ 22.633556] kasan_save_stack+0x45/0x70 [ 22.634058] kasan_save_track+0x18/0x40 [ 22.634444] kasan_save_alloc_info+0x3b/0x50 [ 22.634962] __kasan_kmalloc+0xb7/0xc0 [ 22.635313] __kmalloc_cache_noprof+0x189/0x420 [ 22.635804] kasan_atomics+0x95/0x310 [ 22.636232] kunit_try_run_case+0x1a5/0x480 [ 22.636753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.637321] kthread+0x337/0x6f0 [ 22.638138] ret_from_fork+0x41/0x80 [ 22.639075] ret_from_fork_asm+0x1a/0x30 [ 22.639526] [ 22.640149] The buggy address belongs to the object at ffff888102983600 [ 22.640149] which belongs to the cache kmalloc-64 of size 64 [ 22.641387] The buggy address is located 0 bytes to the right of [ 22.641387] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.642833] [ 22.643229] The buggy address belongs to the physical page: [ 22.643618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.644202] flags: 0x200000000000000(node=0|zone=2) [ 22.644754] page_type: f5(slab) [ 22.645243] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.646890] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.647442] page dumped because: kasan: bad access detected [ 22.647879] [ 22.648136] Memory state around the buggy address: [ 22.649210] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.649936] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.650574] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.651881] ^ [ 22.652465] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.653250] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.653912] ================================================================== [ 22.918630] ================================================================== [ 22.919122] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 22.920581] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.921234] [ 22.921701] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.921840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.921882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.921942] Call Trace: [ 22.922000] <TASK> [ 22.922055] dump_stack_lvl+0x73/0xb0 [ 22.922149] print_report+0xd1/0x650 [ 22.922229] ? __virt_addr_valid+0x1db/0x2d0 [ 22.922316] ? kasan_atomics_helper+0x992/0x5450 [ 22.922394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.922635] ? kasan_atomics_helper+0x992/0x5450 [ 22.922716] kasan_report+0x141/0x180 [ 22.922802] ? kasan_atomics_helper+0x992/0x5450 [ 22.922897] kasan_check_range+0x10c/0x1c0 [ 22.922983] __kasan_check_write+0x18/0x20 [ 22.923049] kasan_atomics_helper+0x992/0x5450 [ 22.923088] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.923124] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.923159] ? kasan_atomics+0x152/0x310 [ 22.923193] kasan_atomics+0x1dc/0x310 [ 22.923222] ? __pfx_kasan_atomics+0x10/0x10 [ 22.923255] ? __pfx_read_tsc+0x10/0x10 [ 22.923286] ? ktime_get_ts64+0x86/0x230 [ 22.923325] kunit_try_run_case+0x1a5/0x480 [ 22.923360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.923393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.923540] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.923603] ? __kthread_parkme+0x82/0x180 [ 22.923638] ? preempt_count_sub+0x50/0x80 [ 22.923675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.923710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.923743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.923777] kthread+0x337/0x6f0 [ 22.923807] ? trace_preempt_on+0x20/0xc0 [ 22.923842] ? __pfx_kthread+0x10/0x10 [ 22.923875] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.923907] ? calculate_sigpending+0x7b/0xa0 [ 22.923938] ? __pfx_kthread+0x10/0x10 [ 22.923971] ret_from_fork+0x41/0x80 [ 22.924001] ? __pfx_kthread+0x10/0x10 [ 22.924033] ret_from_fork_asm+0x1a/0x30 [ 22.924077] </TASK> [ 22.924092] [ 22.947240] Allocated by task 285: [ 22.947713] kasan_save_stack+0x45/0x70 [ 22.948123] kasan_save_track+0x18/0x40 [ 22.949039] kasan_save_alloc_info+0x3b/0x50 [ 22.949388] __kasan_kmalloc+0xb7/0xc0 [ 22.950078] __kmalloc_cache_noprof+0x189/0x420 [ 22.950884] kasan_atomics+0x95/0x310 [ 22.951179] kunit_try_run_case+0x1a5/0x480 [ 22.951748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.952150] kthread+0x337/0x6f0 [ 22.952522] ret_from_fork+0x41/0x80 [ 22.952985] ret_from_fork_asm+0x1a/0x30 [ 22.953370] [ 22.953591] The buggy address belongs to the object at ffff888102983600 [ 22.953591] which belongs to the cache kmalloc-64 of size 64 [ 22.955031] The buggy address is located 0 bytes to the right of [ 22.955031] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.956511] [ 22.956951] The buggy address belongs to the physical page: [ 22.957601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.958171] flags: 0x200000000000000(node=0|zone=2) [ 22.958929] page_type: f5(slab) [ 22.959330] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.959949] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.960805] page dumped because: kasan: bad access detected [ 22.961318] [ 22.961647] Memory state around the buggy address: [ 22.962044] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.963051] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.963619] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.964234] ^ [ 22.964786] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.965729] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.966177] ================================================================== [ 24.813597] ================================================================== [ 24.814123] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 24.815166] Read of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.815816] [ 24.816092] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.816224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.816264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.816323] Call Trace: [ 24.816378] <TASK> [ 24.816493] dump_stack_lvl+0x73/0xb0 [ 24.816578] print_report+0xd1/0x650 [ 24.816661] ? __virt_addr_valid+0x1db/0x2d0 [ 24.816743] ? kasan_atomics_helper+0x4f71/0x5450 [ 24.816824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.816907] ? kasan_atomics_helper+0x4f71/0x5450 [ 24.816987] kasan_report+0x141/0x180 [ 24.817069] ? kasan_atomics_helper+0x4f71/0x5450 [ 24.817164] __asan_report_load8_noabort+0x18/0x20 [ 24.817248] kasan_atomics_helper+0x4f71/0x5450 [ 24.817332] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.817454] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.817556] ? kasan_atomics+0x152/0x310 [ 24.817651] kasan_atomics+0x1dc/0x310 [ 24.817723] ? __pfx_kasan_atomics+0x10/0x10 [ 24.817803] ? __pfx_read_tsc+0x10/0x10 [ 24.817874] ? ktime_get_ts64+0x86/0x230 [ 24.817963] kunit_try_run_case+0x1a5/0x480 [ 24.818047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.818125] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.818207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.818287] ? __kthread_parkme+0x82/0x180 [ 24.818358] ? preempt_count_sub+0x50/0x80 [ 24.818421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.818525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.818567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.818602] kthread+0x337/0x6f0 [ 24.818633] ? trace_preempt_on+0x20/0xc0 [ 24.818668] ? __pfx_kthread+0x10/0x10 [ 24.818700] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.818732] ? calculate_sigpending+0x7b/0xa0 [ 24.818764] ? __pfx_kthread+0x10/0x10 [ 24.818796] ret_from_fork+0x41/0x80 [ 24.818827] ? __pfx_kthread+0x10/0x10 [ 24.818859] ret_from_fork_asm+0x1a/0x30 [ 24.818904] </TASK> [ 24.818920] [ 24.833735] Allocated by task 285: [ 24.834158] kasan_save_stack+0x45/0x70 [ 24.834780] kasan_save_track+0x18/0x40 [ 24.835192] kasan_save_alloc_info+0x3b/0x50 [ 24.835696] __kasan_kmalloc+0xb7/0xc0 [ 24.836008] __kmalloc_cache_noprof+0x189/0x420 [ 24.836352] kasan_atomics+0x95/0x310 [ 24.836769] kunit_try_run_case+0x1a5/0x480 [ 24.837218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.837953] kthread+0x337/0x6f0 [ 24.838290] ret_from_fork+0x41/0x80 [ 24.838885] ret_from_fork_asm+0x1a/0x30 [ 24.839371] [ 24.840747] The buggy address belongs to the object at ffff888102983600 [ 24.840747] which belongs to the cache kmalloc-64 of size 64 [ 24.841726] The buggy address is located 0 bytes to the right of [ 24.841726] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.842679] [ 24.842912] The buggy address belongs to the physical page: [ 24.843406] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.845935] flags: 0x200000000000000(node=0|zone=2) [ 24.846130] page_type: f5(slab) [ 24.846275] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.846790] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.847446] page dumped because: kasan: bad access detected [ 24.847898] [ 24.848087] Memory state around the buggy address: [ 24.848636] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.849236] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.849873] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.850537] ^ [ 24.850920] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.851613] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.852102] ================================================================== [ 23.144890] ================================================================== [ 23.145372] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 23.146512] Read of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.146995] [ 23.147273] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.147423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.147897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.147931] Call Trace: [ 23.147958] <TASK> [ 23.147985] dump_stack_lvl+0x73/0xb0 [ 23.148027] print_report+0xd1/0x650 [ 23.148063] ? __virt_addr_valid+0x1db/0x2d0 [ 23.148097] ? kasan_atomics_helper+0x4a84/0x5450 [ 23.148129] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.148163] ? kasan_atomics_helper+0x4a84/0x5450 [ 23.148196] kasan_report+0x141/0x180 [ 23.148234] ? kasan_atomics_helper+0x4a84/0x5450 [ 23.148273] __asan_report_load4_noabort+0x18/0x20 [ 23.148305] kasan_atomics_helper+0x4a84/0x5450 [ 23.148341] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.148375] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.148412] ? kasan_atomics+0x152/0x310 [ 23.148498] kasan_atomics+0x1dc/0x310 [ 23.148544] ? __pfx_kasan_atomics+0x10/0x10 [ 23.148577] ? __pfx_read_tsc+0x10/0x10 [ 23.148607] ? ktime_get_ts64+0x86/0x230 [ 23.148649] kunit_try_run_case+0x1a5/0x480 [ 23.148686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.148720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.148757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.148791] ? __kthread_parkme+0x82/0x180 [ 23.148825] ? preempt_count_sub+0x50/0x80 [ 23.148860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.148895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.148929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.148963] kthread+0x337/0x6f0 [ 23.148996] ? trace_preempt_on+0x20/0xc0 [ 23.149031] ? __pfx_kthread+0x10/0x10 [ 23.149065] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.149099] ? calculate_sigpending+0x7b/0xa0 [ 23.149132] ? __pfx_kthread+0x10/0x10 [ 23.149166] ret_from_fork+0x41/0x80 [ 23.149198] ? __pfx_kthread+0x10/0x10 [ 23.149230] ret_from_fork_asm+0x1a/0x30 [ 23.149276] </TASK> [ 23.149291] [ 23.168301] Allocated by task 285: [ 23.169147] kasan_save_stack+0x45/0x70 [ 23.169989] kasan_save_track+0x18/0x40 [ 23.170340] kasan_save_alloc_info+0x3b/0x50 [ 23.171356] __kasan_kmalloc+0xb7/0xc0 [ 23.172083] __kmalloc_cache_noprof+0x189/0x420 [ 23.172735] kasan_atomics+0x95/0x310 [ 23.173255] kunit_try_run_case+0x1a5/0x480 [ 23.174163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.174725] kthread+0x337/0x6f0 [ 23.175067] ret_from_fork+0x41/0x80 [ 23.175688] ret_from_fork_asm+0x1a/0x30 [ 23.176029] [ 23.176245] The buggy address belongs to the object at ffff888102983600 [ 23.176245] which belongs to the cache kmalloc-64 of size 64 [ 23.177213] The buggy address is located 0 bytes to the right of [ 23.177213] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.179213] [ 23.179390] The buggy address belongs to the physical page: [ 23.179837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.180857] flags: 0x200000000000000(node=0|zone=2) [ 23.181232] page_type: f5(slab) [ 23.181644] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.182135] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.182703] page dumped because: kasan: bad access detected [ 23.183205] [ 23.183409] Memory state around the buggy address: [ 23.183915] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.184621] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.185227] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.185844] ^ [ 23.186342] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.186873] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.187552] ================================================================== [ 23.636104] ================================================================== [ 23.636696] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 23.637326] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.637993] [ 23.638247] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.638451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.638511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.638572] Call Trace: [ 23.638631] <TASK> [ 23.638685] dump_stack_lvl+0x73/0xb0 [ 23.638767] print_report+0xd1/0x650 [ 23.638843] ? __virt_addr_valid+0x1db/0x2d0 [ 23.638918] ? kasan_atomics_helper+0x1217/0x5450 [ 23.638994] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.639072] ? kasan_atomics_helper+0x1217/0x5450 [ 23.639154] kasan_report+0x141/0x180 [ 23.639276] ? kasan_atomics_helper+0x1217/0x5450 [ 23.639373] kasan_check_range+0x10c/0x1c0 [ 23.639475] __kasan_check_write+0x18/0x20 [ 23.639568] kasan_atomics_helper+0x1217/0x5450 [ 23.639649] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.639687] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.639722] ? kasan_atomics+0x152/0x310 [ 23.639757] kasan_atomics+0x1dc/0x310 [ 23.639785] ? __pfx_kasan_atomics+0x10/0x10 [ 23.639817] ? __pfx_read_tsc+0x10/0x10 [ 23.639847] ? ktime_get_ts64+0x86/0x230 [ 23.639885] kunit_try_run_case+0x1a5/0x480 [ 23.639919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.639951] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.639987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.640022] ? __kthread_parkme+0x82/0x180 [ 23.640053] ? preempt_count_sub+0x50/0x80 [ 23.640088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.640123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.640157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.640190] kthread+0x337/0x6f0 [ 23.640223] ? trace_preempt_on+0x20/0xc0 [ 23.640258] ? __pfx_kthread+0x10/0x10 [ 23.640291] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.640323] ? calculate_sigpending+0x7b/0xa0 [ 23.640355] ? __pfx_kthread+0x10/0x10 [ 23.640389] ret_from_fork+0x41/0x80 [ 23.640437] ? __pfx_kthread+0x10/0x10 [ 23.640506] ret_from_fork_asm+0x1a/0x30 [ 23.640556] </TASK> [ 23.640572] [ 23.663164] Allocated by task 285: [ 23.664719] kasan_save_stack+0x45/0x70 [ 23.665559] kasan_save_track+0x18/0x40 [ 23.667546] kasan_save_alloc_info+0x3b/0x50 [ 23.667990] __kasan_kmalloc+0xb7/0xc0 [ 23.669967] __kmalloc_cache_noprof+0x189/0x420 [ 23.670284] kasan_atomics+0x95/0x310 [ 23.672741] kunit_try_run_case+0x1a5/0x480 [ 23.673202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.674215] kthread+0x337/0x6f0 [ 23.674539] ret_from_fork+0x41/0x80 [ 23.675323] ret_from_fork_asm+0x1a/0x30 [ 23.676513] [ 23.676677] The buggy address belongs to the object at ffff888102983600 [ 23.676677] which belongs to the cache kmalloc-64 of size 64 [ 23.677895] The buggy address is located 0 bytes to the right of [ 23.677895] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.679294] [ 23.679592] The buggy address belongs to the physical page: [ 23.680001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.680677] flags: 0x200000000000000(node=0|zone=2) [ 23.681562] page_type: f5(slab) [ 23.682358] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.682953] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.683792] page dumped because: kasan: bad access detected [ 23.684311] [ 23.684462] Memory state around the buggy address: [ 23.685405] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.686209] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.687289] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.688309] ^ [ 23.688741] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.689345] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.690109] ================================================================== [ 23.876020] ================================================================== [ 23.876635] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 23.877340] Read of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.878369] [ 23.878781] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.878892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.878926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.878974] Call Trace: [ 23.879017] <TASK> [ 23.879060] dump_stack_lvl+0x73/0xb0 [ 23.879190] print_report+0xd1/0x650 [ 23.879271] ? __virt_addr_valid+0x1db/0x2d0 [ 23.879355] ? kasan_atomics_helper+0x4eae/0x5450 [ 23.879461] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.879615] ? kasan_atomics_helper+0x4eae/0x5450 [ 23.879695] kasan_report+0x141/0x180 [ 23.879769] ? kasan_atomics_helper+0x4eae/0x5450 [ 23.879860] __asan_report_load8_noabort+0x18/0x20 [ 23.879934] kasan_atomics_helper+0x4eae/0x5450 [ 23.880015] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.880078] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.880151] ? kasan_atomics+0x152/0x310 [ 23.880230] kasan_atomics+0x1dc/0x310 [ 23.880292] ? __pfx_kasan_atomics+0x10/0x10 [ 23.880357] ? __pfx_read_tsc+0x10/0x10 [ 23.880474] ? ktime_get_ts64+0x86/0x230 [ 23.880603] kunit_try_run_case+0x1a5/0x480 [ 23.880717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.880795] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.880896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.881014] ? __kthread_parkme+0x82/0x180 [ 23.881094] ? preempt_count_sub+0x50/0x80 [ 23.881147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.881184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.881221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.881257] kthread+0x337/0x6f0 [ 23.881289] ? trace_preempt_on+0x20/0xc0 [ 23.881325] ? __pfx_kthread+0x10/0x10 [ 23.881359] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.881394] ? calculate_sigpending+0x7b/0xa0 [ 23.881472] ? __pfx_kthread+0x10/0x10 [ 23.881537] ret_from_fork+0x41/0x80 [ 23.881587] ? __pfx_kthread+0x10/0x10 [ 23.881625] ret_from_fork_asm+0x1a/0x30 [ 23.881674] </TASK> [ 23.881690] [ 23.898267] Allocated by task 285: [ 23.898757] kasan_save_stack+0x45/0x70 [ 23.899278] kasan_save_track+0x18/0x40 [ 23.899760] kasan_save_alloc_info+0x3b/0x50 [ 23.900097] __kasan_kmalloc+0xb7/0xc0 [ 23.900455] __kmalloc_cache_noprof+0x189/0x420 [ 23.900991] kasan_atomics+0x95/0x310 [ 23.901464] kunit_try_run_case+0x1a5/0x480 [ 23.901962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.902539] kthread+0x337/0x6f0 [ 23.902928] ret_from_fork+0x41/0x80 [ 23.903367] ret_from_fork_asm+0x1a/0x30 [ 23.903863] [ 23.904136] The buggy address belongs to the object at ffff888102983600 [ 23.904136] which belongs to the cache kmalloc-64 of size 64 [ 23.904919] The buggy address is located 0 bytes to the right of [ 23.904919] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.906089] [ 23.906328] The buggy address belongs to the physical page: [ 23.906865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.907387] flags: 0x200000000000000(node=0|zone=2) [ 23.907958] page_type: f5(slab) [ 23.908400] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.909105] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.909846] page dumped because: kasan: bad access detected [ 23.910357] [ 23.910648] Memory state around the buggy address: [ 23.911099] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.911774] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.912321] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.913040] ^ [ 23.913598] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.914186] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.914902] ================================================================== [ 23.231170] ================================================================== [ 23.231911] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 23.232657] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.233248] [ 23.233545] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.233685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.233725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.233784] Call Trace: [ 23.233840] <TASK> [ 23.233896] dump_stack_lvl+0x73/0xb0 [ 23.233983] print_report+0xd1/0x650 [ 23.234068] ? __virt_addr_valid+0x1db/0x2d0 [ 23.234149] ? kasan_atomics_helper+0xde0/0x5450 [ 23.234227] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.234311] ? kasan_atomics_helper+0xde0/0x5450 [ 23.234390] kasan_report+0x141/0x180 [ 23.234543] ? kasan_atomics_helper+0xde0/0x5450 [ 23.234637] kasan_check_range+0x10c/0x1c0 [ 23.234725] __kasan_check_write+0x18/0x20 [ 23.234804] kasan_atomics_helper+0xde0/0x5450 [ 23.234885] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.234962] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.235040] ? kasan_atomics+0x152/0x310 [ 23.235120] kasan_atomics+0x1dc/0x310 [ 23.235192] ? __pfx_kasan_atomics+0x10/0x10 [ 23.235267] ? __pfx_read_tsc+0x10/0x10 [ 23.235336] ? ktime_get_ts64+0x86/0x230 [ 23.235466] kunit_try_run_case+0x1a5/0x480 [ 23.235548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.235584] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.235619] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.235654] ? __kthread_parkme+0x82/0x180 [ 23.235688] ? preempt_count_sub+0x50/0x80 [ 23.235724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.235757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.235789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.235822] kthread+0x337/0x6f0 [ 23.235852] ? trace_preempt_on+0x20/0xc0 [ 23.235886] ? __pfx_kthread+0x10/0x10 [ 23.235917] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.235951] ? calculate_sigpending+0x7b/0xa0 [ 23.235983] ? __pfx_kthread+0x10/0x10 [ 23.236016] ret_from_fork+0x41/0x80 [ 23.236047] ? __pfx_kthread+0x10/0x10 [ 23.236079] ret_from_fork_asm+0x1a/0x30 [ 23.236125] </TASK> [ 23.236140] [ 23.251752] Allocated by task 285: [ 23.252276] kasan_save_stack+0x45/0x70 [ 23.252865] kasan_save_track+0x18/0x40 [ 23.253335] kasan_save_alloc_info+0x3b/0x50 [ 23.253846] __kasan_kmalloc+0xb7/0xc0 [ 23.254256] __kmalloc_cache_noprof+0x189/0x420 [ 23.254671] kasan_atomics+0x95/0x310 [ 23.255085] kunit_try_run_case+0x1a5/0x480 [ 23.255627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.256213] kthread+0x337/0x6f0 [ 23.256674] ret_from_fork+0x41/0x80 [ 23.257121] ret_from_fork_asm+0x1a/0x30 [ 23.257677] [ 23.257937] The buggy address belongs to the object at ffff888102983600 [ 23.257937] which belongs to the cache kmalloc-64 of size 64 [ 23.258989] The buggy address is located 0 bytes to the right of [ 23.258989] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.259845] [ 23.260034] The buggy address belongs to the physical page: [ 23.260618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.261358] flags: 0x200000000000000(node=0|zone=2) [ 23.261940] page_type: f5(slab) [ 23.262379] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.263068] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.263735] page dumped because: kasan: bad access detected [ 23.264284] [ 23.264614] Memory state around the buggy address: [ 23.265075] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.265718] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.266397] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.267059] ^ [ 23.267639] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.268339] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.269052] ================================================================== [ 23.592036] ================================================================== [ 23.592558] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 23.593641] Read of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.594395] [ 23.594664] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.594793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.594834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.594896] Call Trace: [ 23.594953] <TASK> [ 23.595008] dump_stack_lvl+0x73/0xb0 [ 23.595094] print_report+0xd1/0x650 [ 23.595181] ? __virt_addr_valid+0x1db/0x2d0 [ 23.595263] ? kasan_atomics_helper+0x4a02/0x5450 [ 23.595338] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.595423] ? kasan_atomics_helper+0x4a02/0x5450 [ 23.595517] kasan_report+0x141/0x180 [ 23.595620] ? kasan_atomics_helper+0x4a02/0x5450 [ 23.595667] __asan_report_load4_noabort+0x18/0x20 [ 23.595701] kasan_atomics_helper+0x4a02/0x5450 [ 23.595740] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.595776] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.595809] ? kasan_atomics+0x152/0x310 [ 23.595840] kasan_atomics+0x1dc/0x310 [ 23.595867] ? __pfx_kasan_atomics+0x10/0x10 [ 23.595896] ? __pfx_read_tsc+0x10/0x10 [ 23.595924] ? ktime_get_ts64+0x86/0x230 [ 23.595963] kunit_try_run_case+0x1a5/0x480 [ 23.596002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.596034] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.596071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.596107] ? __kthread_parkme+0x82/0x180 [ 23.596139] ? preempt_count_sub+0x50/0x80 [ 23.596176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.596210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.596243] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.596277] kthread+0x337/0x6f0 [ 23.596309] ? trace_preempt_on+0x20/0xc0 [ 23.596344] ? __pfx_kthread+0x10/0x10 [ 23.596378] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.596419] ? calculate_sigpending+0x7b/0xa0 [ 23.596505] ? __pfx_kthread+0x10/0x10 [ 23.596545] ret_from_fork+0x41/0x80 [ 23.596579] ? __pfx_kthread+0x10/0x10 [ 23.596613] ret_from_fork_asm+0x1a/0x30 [ 23.596659] </TASK> [ 23.596676] [ 23.616157] Allocated by task 285: [ 23.616799] kasan_save_stack+0x45/0x70 [ 23.617134] kasan_save_track+0x18/0x40 [ 23.617557] kasan_save_alloc_info+0x3b/0x50 [ 23.618236] __kasan_kmalloc+0xb7/0xc0 [ 23.618665] __kmalloc_cache_noprof+0x189/0x420 [ 23.619575] kasan_atomics+0x95/0x310 [ 23.620304] kunit_try_run_case+0x1a5/0x480 [ 23.620964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.621374] kthread+0x337/0x6f0 [ 23.621933] ret_from_fork+0x41/0x80 [ 23.622502] ret_from_fork_asm+0x1a/0x30 [ 23.623075] [ 23.623558] The buggy address belongs to the object at ffff888102983600 [ 23.623558] which belongs to the cache kmalloc-64 of size 64 [ 23.624509] The buggy address is located 0 bytes to the right of [ 23.624509] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.625351] [ 23.625697] The buggy address belongs to the physical page: [ 23.626165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.626856] flags: 0x200000000000000(node=0|zone=2) [ 23.627358] page_type: f5(slab) [ 23.627785] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.628401] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.629288] page dumped because: kasan: bad access detected [ 23.629838] [ 23.630071] Memory state around the buggy address: [ 23.630589] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.631141] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.631831] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.632364] ^ [ 23.632876] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.633635] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.634211] ================================================================== [ 24.771861] ================================================================== [ 24.772445] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 24.773153] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.774192] [ 24.774521] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.774650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.774691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.774751] Call Trace: [ 24.774802] <TASK> [ 24.774852] dump_stack_lvl+0x73/0xb0 [ 24.774933] print_report+0xd1/0x650 [ 24.775014] ? __virt_addr_valid+0x1db/0x2d0 [ 24.775092] ? kasan_atomics_helper+0x1f43/0x5450 [ 24.775169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.775255] ? kasan_atomics_helper+0x1f43/0x5450 [ 24.775336] kasan_report+0x141/0x180 [ 24.775463] ? kasan_atomics_helper+0x1f43/0x5450 [ 24.775618] kasan_check_range+0x10c/0x1c0 [ 24.775700] __kasan_check_write+0x18/0x20 [ 24.775773] kasan_atomics_helper+0x1f43/0x5450 [ 24.775878] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.775957] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.776033] ? kasan_atomics+0x152/0x310 [ 24.776115] kasan_atomics+0x1dc/0x310 [ 24.776187] ? __pfx_kasan_atomics+0x10/0x10 [ 24.776265] ? __pfx_read_tsc+0x10/0x10 [ 24.776338] ? ktime_get_ts64+0x86/0x230 [ 24.776433] kunit_try_run_case+0x1a5/0x480 [ 24.776541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.776619] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.776701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.776792] ? __kthread_parkme+0x82/0x180 [ 24.776881] ? preempt_count_sub+0x50/0x80 [ 24.776970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.777049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.777129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.777210] kthread+0x337/0x6f0 [ 24.777287] ? trace_preempt_on+0x20/0xc0 [ 24.777372] ? __pfx_kthread+0x10/0x10 [ 24.777463] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.777531] ? calculate_sigpending+0x7b/0xa0 [ 24.777565] ? __pfx_kthread+0x10/0x10 [ 24.777611] ret_from_fork+0x41/0x80 [ 24.777643] ? __pfx_kthread+0x10/0x10 [ 24.777678] ret_from_fork_asm+0x1a/0x30 [ 24.777723] </TASK> [ 24.777738] [ 24.792228] Allocated by task 285: [ 24.792616] kasan_save_stack+0x45/0x70 [ 24.792974] kasan_save_track+0x18/0x40 [ 24.793443] kasan_save_alloc_info+0x3b/0x50 [ 24.793947] __kasan_kmalloc+0xb7/0xc0 [ 24.794376] __kmalloc_cache_noprof+0x189/0x420 [ 24.795008] kasan_atomics+0x95/0x310 [ 24.795647] kunit_try_run_case+0x1a5/0x480 [ 24.796777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.797208] kthread+0x337/0x6f0 [ 24.798204] ret_from_fork+0x41/0x80 [ 24.799597] ret_from_fork_asm+0x1a/0x30 [ 24.800089] [ 24.800326] The buggy address belongs to the object at ffff888102983600 [ 24.800326] which belongs to the cache kmalloc-64 of size 64 [ 24.802987] The buggy address is located 0 bytes to the right of [ 24.802987] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.803431] [ 24.803649] The buggy address belongs to the physical page: [ 24.804818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.805558] flags: 0x200000000000000(node=0|zone=2) [ 24.805964] page_type: f5(slab) [ 24.806292] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.806909] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.807522] page dumped because: kasan: bad access detected [ 24.808311] [ 24.808554] Memory state around the buggy address: [ 24.808910] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.809376] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.810004] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.810666] ^ [ 24.811150] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.811813] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.812361] ================================================================== [ 24.939558] ================================================================== [ 24.939958] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 24.940225] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.940463] [ 24.942237] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.942324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.942343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.942375] Call Trace: [ 24.942401] <TASK> [ 24.942495] dump_stack_lvl+0x73/0xb0 [ 24.942779] print_report+0xd1/0x650 [ 24.942953] ? __virt_addr_valid+0x1db/0x2d0 [ 24.943047] ? kasan_atomics_helper+0x20c8/0x5450 [ 24.943096] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.943132] ? kasan_atomics_helper+0x20c8/0x5450 [ 24.943166] kasan_report+0x141/0x180 [ 24.943200] ? kasan_atomics_helper+0x20c8/0x5450 [ 24.943239] kasan_check_range+0x10c/0x1c0 [ 24.943275] __kasan_check_write+0x18/0x20 [ 24.943305] kasan_atomics_helper+0x20c8/0x5450 [ 24.943338] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.943371] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.943408] ? kasan_atomics+0x152/0x310 [ 24.943500] kasan_atomics+0x1dc/0x310 [ 24.943536] ? __pfx_kasan_atomics+0x10/0x10 [ 24.943569] ? __pfx_read_tsc+0x10/0x10 [ 24.943598] ? ktime_get_ts64+0x86/0x230 [ 24.943637] kunit_try_run_case+0x1a5/0x480 [ 24.943671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.943703] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.943738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.943772] ? __kthread_parkme+0x82/0x180 [ 24.943804] ? preempt_count_sub+0x50/0x80 [ 24.943840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.943873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.943905] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.943938] kthread+0x337/0x6f0 [ 24.943967] ? trace_preempt_on+0x20/0xc0 [ 24.944001] ? __pfx_kthread+0x10/0x10 [ 24.944032] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.944064] ? calculate_sigpending+0x7b/0xa0 [ 24.944095] ? __pfx_kthread+0x10/0x10 [ 24.944127] ret_from_fork+0x41/0x80 [ 24.944157] ? __pfx_kthread+0x10/0x10 [ 24.944191] ret_from_fork_asm+0x1a/0x30 [ 24.944235] </TASK> [ 24.944249] [ 24.966729] Allocated by task 285: [ 24.967105] kasan_save_stack+0x45/0x70 [ 24.968031] kasan_save_track+0x18/0x40 [ 24.968379] kasan_save_alloc_info+0x3b/0x50 [ 24.969128] __kasan_kmalloc+0xb7/0xc0 [ 24.969517] __kmalloc_cache_noprof+0x189/0x420 [ 24.970165] kasan_atomics+0x95/0x310 [ 24.970904] kunit_try_run_case+0x1a5/0x480 [ 24.972013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.972687] kthread+0x337/0x6f0 [ 24.972978] ret_from_fork+0x41/0x80 [ 24.973283] ret_from_fork_asm+0x1a/0x30 [ 24.974196] [ 24.974727] The buggy address belongs to the object at ffff888102983600 [ 24.974727] which belongs to the cache kmalloc-64 of size 64 [ 24.976008] The buggy address is located 0 bytes to the right of [ 24.976008] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.977278] [ 24.977490] The buggy address belongs to the physical page: [ 24.978136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.979034] flags: 0x200000000000000(node=0|zone=2) [ 24.980035] page_type: f5(slab) [ 24.980370] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.981259] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.981791] page dumped because: kasan: bad access detected [ 24.982548] [ 24.983031] Memory state around the buggy address: [ 24.983809] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.984345] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.985296] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.986086] ^ [ 24.986425] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.987051] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.988275] ================================================================== [ 24.147351] ================================================================== [ 24.148922] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 24.149188] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.149458] [ 24.149764] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.150247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.150294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.150354] Call Trace: [ 24.150411] <TASK> [ 24.150465] dump_stack_lvl+0x73/0xb0 [ 24.150565] print_report+0xd1/0x650 [ 24.150649] ? __virt_addr_valid+0x1db/0x2d0 [ 24.150725] ? kasan_atomics_helper+0x16e7/0x5450 [ 24.150845] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.150928] ? kasan_atomics_helper+0x16e7/0x5450 [ 24.151048] kasan_report+0x141/0x180 [ 24.151138] ? kasan_atomics_helper+0x16e7/0x5450 [ 24.151230] kasan_check_range+0x10c/0x1c0 [ 24.151306] __kasan_check_write+0x18/0x20 [ 24.151343] kasan_atomics_helper+0x16e7/0x5450 [ 24.151379] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.151426] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.151512] ? kasan_atomics+0x152/0x310 [ 24.151581] kasan_atomics+0x1dc/0x310 [ 24.151613] ? __pfx_kasan_atomics+0x10/0x10 [ 24.151645] ? __pfx_read_tsc+0x10/0x10 [ 24.151675] ? ktime_get_ts64+0x86/0x230 [ 24.151714] kunit_try_run_case+0x1a5/0x480 [ 24.151750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.151784] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.151819] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.151857] ? __kthread_parkme+0x82/0x180 [ 24.151891] ? preempt_count_sub+0x50/0x80 [ 24.151928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.151964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.151998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.152033] kthread+0x337/0x6f0 [ 24.152064] ? trace_preempt_on+0x20/0xc0 [ 24.152099] ? __pfx_kthread+0x10/0x10 [ 24.152132] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.152165] ? calculate_sigpending+0x7b/0xa0 [ 24.152197] ? __pfx_kthread+0x10/0x10 [ 24.152231] ret_from_fork+0x41/0x80 [ 24.152263] ? __pfx_kthread+0x10/0x10 [ 24.152296] ret_from_fork_asm+0x1a/0x30 [ 24.152341] </TASK> [ 24.152356] [ 24.174004] Allocated by task 285: [ 24.174672] kasan_save_stack+0x45/0x70 [ 24.175007] kasan_save_track+0x18/0x40 [ 24.175398] kasan_save_alloc_info+0x3b/0x50 [ 24.175930] __kasan_kmalloc+0xb7/0xc0 [ 24.176286] __kmalloc_cache_noprof+0x189/0x420 [ 24.177327] kasan_atomics+0x95/0x310 [ 24.177833] kunit_try_run_case+0x1a5/0x480 [ 24.178396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.179453] kthread+0x337/0x6f0 [ 24.180055] ret_from_fork+0x41/0x80 [ 24.180328] ret_from_fork_asm+0x1a/0x30 [ 24.180882] [ 24.181223] The buggy address belongs to the object at ffff888102983600 [ 24.181223] which belongs to the cache kmalloc-64 of size 64 [ 24.182321] The buggy address is located 0 bytes to the right of [ 24.182321] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.184772] [ 24.185097] The buggy address belongs to the physical page: [ 24.185614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.186206] flags: 0x200000000000000(node=0|zone=2) [ 24.187005] page_type: f5(slab) [ 24.187806] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.188552] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.189060] page dumped because: kasan: bad access detected [ 24.189604] [ 24.190058] Memory state around the buggy address: [ 24.191292] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.192270] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.193230] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.193945] ^ [ 24.194902] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.196092] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.197268] ================================================================== [ 23.916182] ================================================================== [ 23.917197] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 23.918023] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.918676] [ 23.918991] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.919125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.919169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.919250] Call Trace: [ 23.919333] <TASK> [ 23.919388] dump_stack_lvl+0x73/0xb0 [ 23.919514] print_report+0xd1/0x650 [ 23.919577] ? __virt_addr_valid+0x1db/0x2d0 [ 23.919642] ? kasan_atomics_helper+0x1467/0x5450 [ 23.919714] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.919818] ? kasan_atomics_helper+0x1467/0x5450 [ 23.919928] kasan_report+0x141/0x180 [ 23.920009] ? kasan_atomics_helper+0x1467/0x5450 [ 23.920120] kasan_check_range+0x10c/0x1c0 [ 23.920240] __kasan_check_write+0x18/0x20 [ 23.920318] kasan_atomics_helper+0x1467/0x5450 [ 23.920417] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.920663] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.920749] ? kasan_atomics+0x152/0x310 [ 23.920833] kasan_atomics+0x1dc/0x310 [ 23.920907] ? __pfx_kasan_atomics+0x10/0x10 [ 23.920979] ? __pfx_read_tsc+0x10/0x10 [ 23.921015] ? ktime_get_ts64+0x86/0x230 [ 23.921059] kunit_try_run_case+0x1a5/0x480 [ 23.921096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.921130] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.921168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.921204] ? __kthread_parkme+0x82/0x180 [ 23.921237] ? preempt_count_sub+0x50/0x80 [ 23.921277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.921347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.921428] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.921521] kthread+0x337/0x6f0 [ 23.921601] ? trace_preempt_on+0x20/0xc0 [ 23.921677] ? __pfx_kthread+0x10/0x10 [ 23.921745] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.921811] ? calculate_sigpending+0x7b/0xa0 [ 23.921871] ? __pfx_kthread+0x10/0x10 [ 23.921934] ret_from_fork+0x41/0x80 [ 23.921995] ? __pfx_kthread+0x10/0x10 [ 23.922062] ret_from_fork_asm+0x1a/0x30 [ 23.922151] </TASK> [ 23.922181] [ 23.946166] Allocated by task 285: [ 23.946733] kasan_save_stack+0x45/0x70 [ 23.947320] kasan_save_track+0x18/0x40 [ 23.947805] kasan_save_alloc_info+0x3b/0x50 [ 23.948357] __kasan_kmalloc+0xb7/0xc0 [ 23.948872] __kmalloc_cache_noprof+0x189/0x420 [ 23.949471] kasan_atomics+0x95/0x310 [ 23.949964] kunit_try_run_case+0x1a5/0x480 [ 23.950541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.951078] kthread+0x337/0x6f0 [ 23.951553] ret_from_fork+0x41/0x80 [ 23.952024] ret_from_fork_asm+0x1a/0x30 [ 23.952553] [ 23.952872] The buggy address belongs to the object at ffff888102983600 [ 23.952872] which belongs to the cache kmalloc-64 of size 64 [ 23.954067] The buggy address is located 0 bytes to the right of [ 23.954067] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.955214] [ 23.955543] The buggy address belongs to the physical page: [ 23.956045] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.956915] flags: 0x200000000000000(node=0|zone=2) [ 23.957458] page_type: f5(slab) [ 23.957891] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.958411] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.959138] page dumped because: kasan: bad access detected [ 23.959713] [ 23.960004] Memory state around the buggy address: [ 23.960510] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.961126] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.961731] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.962385] ^ [ 23.962944] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.963516] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.964195] ================================================================== [ 24.380867] ================================================================== [ 24.381552] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 24.382090] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.383187] [ 24.383408] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.383565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.383589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.383620] Call Trace: [ 24.383646] <TASK> [ 24.383673] dump_stack_lvl+0x73/0xb0 [ 24.383716] print_report+0xd1/0x650 [ 24.383751] ? __virt_addr_valid+0x1db/0x2d0 [ 24.383782] ? kasan_atomics_helper+0x19e3/0x5450 [ 24.383813] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.383844] ? kasan_atomics_helper+0x19e3/0x5450 [ 24.383876] kasan_report+0x141/0x180 [ 24.383908] ? kasan_atomics_helper+0x19e3/0x5450 [ 24.383946] kasan_check_range+0x10c/0x1c0 [ 24.383980] __kasan_check_write+0x18/0x20 [ 24.384009] kasan_atomics_helper+0x19e3/0x5450 [ 24.384043] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.384078] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.384112] ? kasan_atomics+0x152/0x310 [ 24.384144] kasan_atomics+0x1dc/0x310 [ 24.384171] ? __pfx_kasan_atomics+0x10/0x10 [ 24.384201] ? __pfx_read_tsc+0x10/0x10 [ 24.384234] ? ktime_get_ts64+0x86/0x230 [ 24.384275] kunit_try_run_case+0x1a5/0x480 [ 24.384311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.384345] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.384380] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.384432] ? __kthread_parkme+0x82/0x180 [ 24.384520] ? preempt_count_sub+0x50/0x80 [ 24.384606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.384689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.384773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.384851] kthread+0x337/0x6f0 [ 24.384924] ? trace_preempt_on+0x20/0xc0 [ 24.385006] ? __pfx_kthread+0x10/0x10 [ 24.385083] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.385218] ? calculate_sigpending+0x7b/0xa0 [ 24.385299] ? __pfx_kthread+0x10/0x10 [ 24.385379] ret_from_fork+0x41/0x80 [ 24.385453] ? __pfx_kthread+0x10/0x10 [ 24.385558] ret_from_fork_asm+0x1a/0x30 [ 24.385671] </TASK> [ 24.385709] [ 24.406987] Allocated by task 285: [ 24.407664] kasan_save_stack+0x45/0x70 [ 24.408099] kasan_save_track+0x18/0x40 [ 24.408313] kasan_save_alloc_info+0x3b/0x50 [ 24.408783] __kasan_kmalloc+0xb7/0xc0 [ 24.409444] __kmalloc_cache_noprof+0x189/0x420 [ 24.410258] kasan_atomics+0x95/0x310 [ 24.411027] kunit_try_run_case+0x1a5/0x480 [ 24.411371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.411845] kthread+0x337/0x6f0 [ 24.412166] ret_from_fork+0x41/0x80 [ 24.412522] ret_from_fork_asm+0x1a/0x30 [ 24.412948] [ 24.413187] The buggy address belongs to the object at ffff888102983600 [ 24.413187] which belongs to the cache kmalloc-64 of size 64 [ 24.414789] The buggy address is located 0 bytes to the right of [ 24.414789] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.416015] [ 24.416229] The buggy address belongs to the physical page: [ 24.417158] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.417896] flags: 0x200000000000000(node=0|zone=2) [ 24.418594] page_type: f5(slab) [ 24.419119] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.420032] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.420742] page dumped because: kasan: bad access detected [ 24.421233] [ 24.421498] Memory state around the buggy address: [ 24.422289] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.423068] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.423926] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.424405] ^ [ 24.425130] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.426001] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.426360] ================================================================== [ 24.516188] ================================================================== [ 24.517077] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 24.517837] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.518497] [ 24.518784] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.518914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.518991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.519057] Call Trace: [ 24.519114] <TASK> [ 24.519170] dump_stack_lvl+0x73/0xb0 [ 24.519251] print_report+0xd1/0x650 [ 24.519325] ? __virt_addr_valid+0x1db/0x2d0 [ 24.519444] ? kasan_atomics_helper+0x1c18/0x5450 [ 24.519553] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.519633] ? kasan_atomics_helper+0x1c18/0x5450 [ 24.519711] kasan_report+0x141/0x180 [ 24.519790] ? kasan_atomics_helper+0x1c18/0x5450 [ 24.519884] kasan_check_range+0x10c/0x1c0 [ 24.519965] __kasan_check_write+0x18/0x20 [ 24.520035] kasan_atomics_helper+0x1c18/0x5450 [ 24.520113] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.520192] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.520258] ? kasan_atomics+0x152/0x310 [ 24.520317] kasan_atomics+0x1dc/0x310 [ 24.520390] ? __pfx_kasan_atomics+0x10/0x10 [ 24.520531] ? __pfx_read_tsc+0x10/0x10 [ 24.520604] ? ktime_get_ts64+0x86/0x230 [ 24.520692] kunit_try_run_case+0x1a5/0x480 [ 24.520784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.520861] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.520935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.521016] ? __kthread_parkme+0x82/0x180 [ 24.521091] ? preempt_count_sub+0x50/0x80 [ 24.521174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.521263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.521345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.521468] kthread+0x337/0x6f0 [ 24.521563] ? trace_preempt_on+0x20/0xc0 [ 24.521657] ? __pfx_kthread+0x10/0x10 [ 24.521734] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.521812] ? calculate_sigpending+0x7b/0xa0 [ 24.521886] ? __pfx_kthread+0x10/0x10 [ 24.521952] ret_from_fork+0x41/0x80 [ 24.521986] ? __pfx_kthread+0x10/0x10 [ 24.522020] ret_from_fork_asm+0x1a/0x30 [ 24.522065] </TASK> [ 24.522081] [ 24.536400] Allocated by task 285: [ 24.536816] kasan_save_stack+0x45/0x70 [ 24.537308] kasan_save_track+0x18/0x40 [ 24.537814] kasan_save_alloc_info+0x3b/0x50 [ 24.538228] __kasan_kmalloc+0xb7/0xc0 [ 24.538684] __kmalloc_cache_noprof+0x189/0x420 [ 24.539040] kasan_atomics+0x95/0x310 [ 24.539353] kunit_try_run_case+0x1a5/0x480 [ 24.539887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.540468] kthread+0x337/0x6f0 [ 24.540870] ret_from_fork+0x41/0x80 [ 24.541196] ret_from_fork_asm+0x1a/0x30 [ 24.541607] [ 24.541845] The buggy address belongs to the object at ffff888102983600 [ 24.541845] which belongs to the cache kmalloc-64 of size 64 [ 24.542856] The buggy address is located 0 bytes to the right of [ 24.542856] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.543749] [ 24.543987] The buggy address belongs to the physical page: [ 24.544546] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.545194] flags: 0x200000000000000(node=0|zone=2) [ 24.545631] page_type: f5(slab) [ 24.546002] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.546717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.547336] page dumped because: kasan: bad access detected [ 24.547763] [ 24.547995] Memory state around the buggy address: [ 24.550544] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.551204] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.551749] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.552189] ^ [ 24.553063] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.554135] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.554738] ================================================================== [ 24.199572] ================================================================== [ 24.200912] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 24.201473] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.203366] [ 24.203929] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.204350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.204389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.204448] Call Trace: [ 24.204515] <TASK> [ 24.204641] dump_stack_lvl+0x73/0xb0 [ 24.204731] print_report+0xd1/0x650 [ 24.204799] ? __virt_addr_valid+0x1db/0x2d0 [ 24.204866] ? kasan_atomics_helper+0x177f/0x5450 [ 24.204922] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.204981] ? kasan_atomics_helper+0x177f/0x5450 [ 24.205042] kasan_report+0x141/0x180 [ 24.205751] ? kasan_atomics_helper+0x177f/0x5450 [ 24.205846] kasan_check_range+0x10c/0x1c0 [ 24.205933] __kasan_check_write+0x18/0x20 [ 24.206002] kasan_atomics_helper+0x177f/0x5450 [ 24.206079] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.206141] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.206200] ? kasan_atomics+0x152/0x310 [ 24.206261] kasan_atomics+0x1dc/0x310 [ 24.206310] ? __pfx_kasan_atomics+0x10/0x10 [ 24.206371] ? __pfx_read_tsc+0x10/0x10 [ 24.206506] ? ktime_get_ts64+0x86/0x230 [ 24.206590] kunit_try_run_case+0x1a5/0x480 [ 24.206654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.206706] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.206762] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.206820] ? __kthread_parkme+0x82/0x180 [ 24.206874] ? preempt_count_sub+0x50/0x80 [ 24.206934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.206991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.207046] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.207104] kthread+0x337/0x6f0 [ 24.207156] ? trace_preempt_on+0x20/0xc0 [ 24.207210] ? __pfx_kthread+0x10/0x10 [ 24.207263] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.207316] ? calculate_sigpending+0x7b/0xa0 [ 24.207368] ? __pfx_kthread+0x10/0x10 [ 24.207551] ret_from_fork+0x41/0x80 [ 24.207613] ? __pfx_kthread+0x10/0x10 [ 24.207650] ret_from_fork_asm+0x1a/0x30 [ 24.207696] </TASK> [ 24.207712] [ 24.226500] Allocated by task 285: [ 24.227252] kasan_save_stack+0x45/0x70 [ 24.228103] kasan_save_track+0x18/0x40 [ 24.228686] kasan_save_alloc_info+0x3b/0x50 [ 24.229098] __kasan_kmalloc+0xb7/0xc0 [ 24.229499] __kmalloc_cache_noprof+0x189/0x420 [ 24.230059] kasan_atomics+0x95/0x310 [ 24.230430] kunit_try_run_case+0x1a5/0x480 [ 24.230859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.231293] kthread+0x337/0x6f0 [ 24.231669] ret_from_fork+0x41/0x80 [ 24.231977] ret_from_fork_asm+0x1a/0x30 [ 24.232384] [ 24.232863] The buggy address belongs to the object at ffff888102983600 [ 24.232863] which belongs to the cache kmalloc-64 of size 64 [ 24.234180] The buggy address is located 0 bytes to the right of [ 24.234180] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.236254] [ 24.236520] The buggy address belongs to the physical page: [ 24.237111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.238303] flags: 0x200000000000000(node=0|zone=2) [ 24.238906] page_type: f5(slab) [ 24.239299] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.240247] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.240995] page dumped because: kasan: bad access detected [ 24.241446] [ 24.242057] Memory state around the buggy address: [ 24.242389] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.243151] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.244001] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.244882] ^ [ 24.245260] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.245798] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.246247] ================================================================== [ 23.014052] ================================================================== [ 23.014585] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 23.015058] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.015333] [ 23.015439] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.015588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.015629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.015678] Call Trace: [ 23.015710] <TASK> [ 23.015747] dump_stack_lvl+0x73/0xb0 [ 23.015817] print_report+0xd1/0x650 [ 23.015884] ? __virt_addr_valid+0x1db/0x2d0 [ 23.015956] ? kasan_atomics_helper+0xac7/0x5450 [ 23.016028] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.016109] ? kasan_atomics_helper+0xac7/0x5450 [ 23.016188] kasan_report+0x141/0x180 [ 23.016267] ? kasan_atomics_helper+0xac7/0x5450 [ 23.016360] kasan_check_range+0x10c/0x1c0 [ 23.016406] __kasan_check_write+0x18/0x20 [ 23.016555] kasan_atomics_helper+0xac7/0x5450 [ 23.016650] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.016834] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.016927] ? kasan_atomics+0x152/0x310 [ 23.017011] kasan_atomics+0x1dc/0x310 [ 23.017083] ? __pfx_kasan_atomics+0x10/0x10 [ 23.017156] ? __pfx_read_tsc+0x10/0x10 [ 23.017224] ? ktime_get_ts64+0x86/0x230 [ 23.017308] kunit_try_run_case+0x1a5/0x480 [ 23.017390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.017464] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.017566] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.017650] ? __kthread_parkme+0x82/0x180 [ 23.017705] ? preempt_count_sub+0x50/0x80 [ 23.017747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.017787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.017821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.017855] kthread+0x337/0x6f0 [ 23.017886] ? trace_preempt_on+0x20/0xc0 [ 23.017919] ? __pfx_kthread+0x10/0x10 [ 23.017951] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.017986] ? calculate_sigpending+0x7b/0xa0 [ 23.018018] ? __pfx_kthread+0x10/0x10 [ 23.018051] ret_from_fork+0x41/0x80 [ 23.018083] ? __pfx_kthread+0x10/0x10 [ 23.018116] ret_from_fork_asm+0x1a/0x30 [ 23.018163] </TASK> [ 23.018177] [ 23.036581] Allocated by task 285: [ 23.037052] kasan_save_stack+0x45/0x70 [ 23.037582] kasan_save_track+0x18/0x40 [ 23.038101] kasan_save_alloc_info+0x3b/0x50 [ 23.038565] __kasan_kmalloc+0xb7/0xc0 [ 23.038884] __kmalloc_cache_noprof+0x189/0x420 [ 23.039606] kasan_atomics+0x95/0x310 [ 23.040057] kunit_try_run_case+0x1a5/0x480 [ 23.040674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.041324] kthread+0x337/0x6f0 [ 23.041806] ret_from_fork+0x41/0x80 [ 23.042330] ret_from_fork_asm+0x1a/0x30 [ 23.042831] [ 23.043076] The buggy address belongs to the object at ffff888102983600 [ 23.043076] which belongs to the cache kmalloc-64 of size 64 [ 23.044120] The buggy address is located 0 bytes to the right of [ 23.044120] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.045356] [ 23.045657] The buggy address belongs to the physical page: [ 23.046203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.047088] flags: 0x200000000000000(node=0|zone=2) [ 23.047778] page_type: f5(slab) [ 23.048224] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.048987] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.049782] page dumped because: kasan: bad access detected [ 23.050322] [ 23.050597] Memory state around the buggy address: [ 23.051214] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.051998] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.052825] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.053326] ^ [ 23.054272] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.054976] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.055827] ================================================================== [ 22.456788] ================================================================== [ 22.458132] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 22.458938] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.459671] [ 22.459982] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.460158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.460203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.460262] Call Trace: [ 22.460317] <TASK> [ 22.460375] dump_stack_lvl+0x73/0xb0 [ 22.460662] print_report+0xd1/0x650 [ 22.460749] ? __virt_addr_valid+0x1db/0x2d0 [ 22.460795] ? kasan_atomics_helper+0x4a0/0x5450 [ 22.460828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.460864] ? kasan_atomics_helper+0x4a0/0x5450 [ 22.460897] kasan_report+0x141/0x180 [ 22.460931] ? kasan_atomics_helper+0x4a0/0x5450 [ 22.460971] kasan_check_range+0x10c/0x1c0 [ 22.461008] __kasan_check_write+0x18/0x20 [ 22.461036] kasan_atomics_helper+0x4a0/0x5450 [ 22.461071] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.461106] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.461140] ? kasan_atomics+0x152/0x310 [ 22.461171] kasan_atomics+0x1dc/0x310 [ 22.461198] ? __pfx_kasan_atomics+0x10/0x10 [ 22.461228] ? __pfx_read_tsc+0x10/0x10 [ 22.461257] ? ktime_get_ts64+0x86/0x230 [ 22.461309] kunit_try_run_case+0x1a5/0x480 [ 22.461375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.461412] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.461593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.461671] ? __kthread_parkme+0x82/0x180 [ 22.461742] ? preempt_count_sub+0x50/0x80 [ 22.461814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.461879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.461959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.462006] kthread+0x337/0x6f0 [ 22.462038] ? trace_preempt_on+0x20/0xc0 [ 22.462073] ? __pfx_kthread+0x10/0x10 [ 22.462105] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.462136] ? calculate_sigpending+0x7b/0xa0 [ 22.462167] ? __pfx_kthread+0x10/0x10 [ 22.462199] ret_from_fork+0x41/0x80 [ 22.462230] ? __pfx_kthread+0x10/0x10 [ 22.462262] ret_from_fork_asm+0x1a/0x30 [ 22.462305] </TASK> [ 22.462319] [ 22.479936] Allocated by task 285: [ 22.480381] kasan_save_stack+0x45/0x70 [ 22.480870] kasan_save_track+0x18/0x40 [ 22.481279] kasan_save_alloc_info+0x3b/0x50 [ 22.482272] __kasan_kmalloc+0xb7/0xc0 [ 22.482863] __kmalloc_cache_noprof+0x189/0x420 [ 22.483363] kasan_atomics+0x95/0x310 [ 22.483889] kunit_try_run_case+0x1a5/0x480 [ 22.484323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.485011] kthread+0x337/0x6f0 [ 22.485305] ret_from_fork+0x41/0x80 [ 22.486169] ret_from_fork_asm+0x1a/0x30 [ 22.486812] [ 22.487055] The buggy address belongs to the object at ffff888102983600 [ 22.487055] which belongs to the cache kmalloc-64 of size 64 [ 22.488185] The buggy address is located 0 bytes to the right of [ 22.488185] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.489313] [ 22.489641] The buggy address belongs to the physical page: [ 22.490243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.491236] flags: 0x200000000000000(node=0|zone=2) [ 22.491965] page_type: f5(slab) [ 22.492385] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.493197] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.493861] page dumped because: kasan: bad access detected [ 22.494287] [ 22.494519] Memory state around the buggy address: [ 22.494927] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.495457] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.496149] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.496847] ^ [ 22.497348] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.498306] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.499000] ================================================================== [ 23.412213] ================================================================== [ 23.413142] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 23.413891] Read of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.414548] [ 23.414860] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.414993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.415034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.415113] Call Trace: [ 23.415196] <TASK> [ 23.415249] dump_stack_lvl+0x73/0xb0 [ 23.415315] print_report+0xd1/0x650 [ 23.415352] ? __virt_addr_valid+0x1db/0x2d0 [ 23.415387] ? kasan_atomics_helper+0x4a36/0x5450 [ 23.415515] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.415619] ? kasan_atomics_helper+0x4a36/0x5450 [ 23.415730] kasan_report+0x141/0x180 [ 23.415814] ? kasan_atomics_helper+0x4a36/0x5450 [ 23.415908] __asan_report_load4_noabort+0x18/0x20 [ 23.416011] kasan_atomics_helper+0x4a36/0x5450 [ 23.416124] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.416171] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.416208] ? kasan_atomics+0x152/0x310 [ 23.416243] kasan_atomics+0x1dc/0x310 [ 23.416272] ? __pfx_kasan_atomics+0x10/0x10 [ 23.416305] ? __pfx_read_tsc+0x10/0x10 [ 23.416336] ? ktime_get_ts64+0x86/0x230 [ 23.416377] kunit_try_run_case+0x1a5/0x480 [ 23.416466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.416533] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.416573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.416610] ? __kthread_parkme+0x82/0x180 [ 23.416644] ? preempt_count_sub+0x50/0x80 [ 23.416680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.416715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.416749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.416786] kthread+0x337/0x6f0 [ 23.416818] ? trace_preempt_on+0x20/0xc0 [ 23.416854] ? __pfx_kthread+0x10/0x10 [ 23.416889] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.416923] ? calculate_sigpending+0x7b/0xa0 [ 23.416956] ? __pfx_kthread+0x10/0x10 [ 23.416988] ret_from_fork+0x41/0x80 [ 23.417019] ? __pfx_kthread+0x10/0x10 [ 23.417051] ret_from_fork_asm+0x1a/0x30 [ 23.417096] </TASK> [ 23.417111] [ 23.432006] Allocated by task 285: [ 23.432505] kasan_save_stack+0x45/0x70 [ 23.433055] kasan_save_track+0x18/0x40 [ 23.433676] kasan_save_alloc_info+0x3b/0x50 [ 23.434227] __kasan_kmalloc+0xb7/0xc0 [ 23.434706] __kmalloc_cache_noprof+0x189/0x420 [ 23.435070] kasan_atomics+0x95/0x310 [ 23.435375] kunit_try_run_case+0x1a5/0x480 [ 23.435974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.436605] kthread+0x337/0x6f0 [ 23.437004] ret_from_fork+0x41/0x80 [ 23.437539] ret_from_fork_asm+0x1a/0x30 [ 23.438023] [ 23.438313] The buggy address belongs to the object at ffff888102983600 [ 23.438313] which belongs to the cache kmalloc-64 of size 64 [ 23.439289] The buggy address is located 0 bytes to the right of [ 23.439289] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.440128] [ 23.440445] The buggy address belongs to the physical page: [ 23.441036] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.441758] flags: 0x200000000000000(node=0|zone=2) [ 23.442258] page_type: f5(slab) [ 23.443776] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.444364] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.445459] page dumped because: kasan: bad access detected [ 23.445858] [ 23.446097] Memory state around the buggy address: [ 23.446756] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.447297] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.448362] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.449217] ^ [ 23.449741] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.450663] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.451169] ================================================================== [ 23.452685] ================================================================== [ 23.453882] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 23.455020] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.456351] [ 23.456889] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.457084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.457124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.457182] Call Trace: [ 23.457234] <TASK> [ 23.457282] dump_stack_lvl+0x73/0xb0 [ 23.457326] print_report+0xd1/0x650 [ 23.457360] ? __virt_addr_valid+0x1db/0x2d0 [ 23.457393] ? kasan_atomics_helper+0x1079/0x5450 [ 23.457495] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.457543] ? kasan_atomics_helper+0x1079/0x5450 [ 23.457590] kasan_report+0x141/0x180 [ 23.457624] ? kasan_atomics_helper+0x1079/0x5450 [ 23.457663] kasan_check_range+0x10c/0x1c0 [ 23.457698] __kasan_check_write+0x18/0x20 [ 23.457727] kasan_atomics_helper+0x1079/0x5450 [ 23.457760] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.457794] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.457828] ? kasan_atomics+0x152/0x310 [ 23.457861] kasan_atomics+0x1dc/0x310 [ 23.457890] ? __pfx_kasan_atomics+0x10/0x10 [ 23.457920] ? __pfx_read_tsc+0x10/0x10 [ 23.457949] ? ktime_get_ts64+0x86/0x230 [ 23.457986] kunit_try_run_case+0x1a5/0x480 [ 23.458019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.458052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.458087] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.458121] ? __kthread_parkme+0x82/0x180 [ 23.458152] ? preempt_count_sub+0x50/0x80 [ 23.458187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.458221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.458253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.458285] kthread+0x337/0x6f0 [ 23.458316] ? trace_preempt_on+0x20/0xc0 [ 23.458349] ? __pfx_kthread+0x10/0x10 [ 23.458380] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.458421] ? calculate_sigpending+0x7b/0xa0 [ 23.458508] ? __pfx_kthread+0x10/0x10 [ 23.458548] ret_from_fork+0x41/0x80 [ 23.458580] ? __pfx_kthread+0x10/0x10 [ 23.458612] ret_from_fork_asm+0x1a/0x30 [ 23.458657] </TASK> [ 23.458672] [ 23.475135] Allocated by task 285: [ 23.475722] kasan_save_stack+0x45/0x70 [ 23.476137] kasan_save_track+0x18/0x40 [ 23.476625] kasan_save_alloc_info+0x3b/0x50 [ 23.477137] __kasan_kmalloc+0xb7/0xc0 [ 23.477727] __kmalloc_cache_noprof+0x189/0x420 [ 23.478072] kasan_atomics+0x95/0x310 [ 23.478406] kunit_try_run_case+0x1a5/0x480 [ 23.479092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.479472] kthread+0x337/0x6f0 [ 23.479774] ret_from_fork+0x41/0x80 [ 23.480297] ret_from_fork_asm+0x1a/0x30 [ 23.481041] [ 23.481338] The buggy address belongs to the object at ffff888102983600 [ 23.481338] which belongs to the cache kmalloc-64 of size 64 [ 23.482339] The buggy address is located 0 bytes to the right of [ 23.482339] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.485568] [ 23.485822] The buggy address belongs to the physical page: [ 23.486397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.487063] flags: 0x200000000000000(node=0|zone=2) [ 23.487648] page_type: f5(slab) [ 23.488008] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.488682] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.489280] page dumped because: kasan: bad access detected [ 23.489947] [ 23.490161] Memory state around the buggy address: [ 23.490726] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.491353] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.492155] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.492806] ^ [ 23.493234] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.493924] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.494386] ================================================================== [ 23.544350] ================================================================== [ 23.544990] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 23.545865] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.546887] [ 23.547335] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.547728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.547753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.547784] Call Trace: [ 23.547808] <TASK> [ 23.547834] dump_stack_lvl+0x73/0xb0 [ 23.547875] print_report+0xd1/0x650 [ 23.547910] ? __virt_addr_valid+0x1db/0x2d0 [ 23.547942] ? kasan_atomics_helper+0x1148/0x5450 [ 23.547975] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.548009] ? kasan_atomics_helper+0x1148/0x5450 [ 23.548041] kasan_report+0x141/0x180 [ 23.548076] ? kasan_atomics_helper+0x1148/0x5450 [ 23.548115] kasan_check_range+0x10c/0x1c0 [ 23.548151] __kasan_check_write+0x18/0x20 [ 23.548181] kasan_atomics_helper+0x1148/0x5450 [ 23.548216] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.548250] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.548283] ? kasan_atomics+0x152/0x310 [ 23.548315] kasan_atomics+0x1dc/0x310 [ 23.548342] ? __pfx_kasan_atomics+0x10/0x10 [ 23.548372] ? __pfx_read_tsc+0x10/0x10 [ 23.548400] ? ktime_get_ts64+0x86/0x230 [ 23.548472] kunit_try_run_case+0x1a5/0x480 [ 23.548534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.548570] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.548606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.548642] ? __kthread_parkme+0x82/0x180 [ 23.548675] ? preempt_count_sub+0x50/0x80 [ 23.548711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.548746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.548779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.548812] kthread+0x337/0x6f0 [ 23.548844] ? trace_preempt_on+0x20/0xc0 [ 23.548878] ? __pfx_kthread+0x10/0x10 [ 23.548912] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.548946] ? calculate_sigpending+0x7b/0xa0 [ 23.548979] ? __pfx_kthread+0x10/0x10 [ 23.549013] ret_from_fork+0x41/0x80 [ 23.549045] ? __pfx_kthread+0x10/0x10 [ 23.549078] ret_from_fork_asm+0x1a/0x30 [ 23.549123] </TASK> [ 23.549138] [ 23.570058] Allocated by task 285: [ 23.570499] kasan_save_stack+0x45/0x70 [ 23.570909] kasan_save_track+0x18/0x40 [ 23.571290] kasan_save_alloc_info+0x3b/0x50 [ 23.572230] __kasan_kmalloc+0xb7/0xc0 [ 23.572735] __kmalloc_cache_noprof+0x189/0x420 [ 23.573416] kasan_atomics+0x95/0x310 [ 23.573915] kunit_try_run_case+0x1a5/0x480 [ 23.574306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.575116] kthread+0x337/0x6f0 [ 23.575788] ret_from_fork+0x41/0x80 [ 23.576151] ret_from_fork_asm+0x1a/0x30 [ 23.576810] [ 23.577066] The buggy address belongs to the object at ffff888102983600 [ 23.577066] which belongs to the cache kmalloc-64 of size 64 [ 23.578536] The buggy address is located 0 bytes to the right of [ 23.578536] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.579868] [ 23.580318] The buggy address belongs to the physical page: [ 23.580986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.581873] flags: 0x200000000000000(node=0|zone=2) [ 23.582311] page_type: f5(slab) [ 23.582965] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.583787] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.584376] page dumped because: kasan: bad access detected [ 23.585117] [ 23.585359] Memory state around the buggy address: [ 23.586096] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.586855] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.587105] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.587336] ^ [ 23.587674] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.588471] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.589643] ================================================================== [ 24.338908] ================================================================== [ 24.339750] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 24.340446] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.341297] [ 24.341529] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.341675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.341723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.341787] Call Trace: [ 24.341843] <TASK> [ 24.341898] dump_stack_lvl+0x73/0xb0 [ 24.341985] print_report+0xd1/0x650 [ 24.342064] ? __virt_addr_valid+0x1db/0x2d0 [ 24.342142] ? kasan_atomics_helper+0x194a/0x5450 [ 24.342222] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.342303] ? kasan_atomics_helper+0x194a/0x5450 [ 24.342383] kasan_report+0x141/0x180 [ 24.342532] ? kasan_atomics_helper+0x194a/0x5450 [ 24.342635] kasan_check_range+0x10c/0x1c0 [ 24.342725] __kasan_check_write+0x18/0x20 [ 24.342796] kasan_atomics_helper+0x194a/0x5450 [ 24.342878] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.342957] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.343035] ? kasan_atomics+0x152/0x310 [ 24.343116] kasan_atomics+0x1dc/0x310 [ 24.343187] ? __pfx_kasan_atomics+0x10/0x10 [ 24.343259] ? __pfx_read_tsc+0x10/0x10 [ 24.343315] ? ktime_get_ts64+0x86/0x230 [ 24.343357] kunit_try_run_case+0x1a5/0x480 [ 24.343395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.343492] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.343542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.343581] ? __kthread_parkme+0x82/0x180 [ 24.343617] ? preempt_count_sub+0x50/0x80 [ 24.343654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.343690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.343725] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.343759] kthread+0x337/0x6f0 [ 24.343789] ? trace_preempt_on+0x20/0xc0 [ 24.343824] ? __pfx_kthread+0x10/0x10 [ 24.343858] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.343892] ? calculate_sigpending+0x7b/0xa0 [ 24.343924] ? __pfx_kthread+0x10/0x10 [ 24.343957] ret_from_fork+0x41/0x80 [ 24.343988] ? __pfx_kthread+0x10/0x10 [ 24.344021] ret_from_fork_asm+0x1a/0x30 [ 24.344067] </TASK> [ 24.344081] [ 24.359498] Allocated by task 285: [ 24.359926] kasan_save_stack+0x45/0x70 [ 24.360374] kasan_save_track+0x18/0x40 [ 24.360789] kasan_save_alloc_info+0x3b/0x50 [ 24.361122] __kasan_kmalloc+0xb7/0xc0 [ 24.361430] __kmalloc_cache_noprof+0x189/0x420 [ 24.361901] kasan_atomics+0x95/0x310 [ 24.362594] kunit_try_run_case+0x1a5/0x480 [ 24.363074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.363715] kthread+0x337/0x6f0 [ 24.364014] ret_from_fork+0x41/0x80 [ 24.364415] ret_from_fork_asm+0x1a/0x30 [ 24.364842] [ 24.365032] The buggy address belongs to the object at ffff888102983600 [ 24.365032] which belongs to the cache kmalloc-64 of size 64 [ 24.365913] The buggy address is located 0 bytes to the right of [ 24.365913] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.366785] [ 24.367047] The buggy address belongs to the physical page: [ 24.367623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.368121] flags: 0x200000000000000(node=0|zone=2) [ 24.369562] page_type: f5(slab) [ 24.370860] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.371613] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.372279] page dumped because: kasan: bad access detected [ 24.373693] [ 24.374304] Memory state around the buggy address: [ 24.375032] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.376054] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.376798] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.377415] ^ [ 24.377888] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.378712] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.379328] ================================================================== [ 22.758684] ================================================================== [ 22.760235] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 22.761080] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.762056] [ 22.762248] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.762323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.762343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.762376] Call Trace: [ 22.762408] <TASK> [ 22.762447] dump_stack_lvl+0x73/0xb0 [ 22.762556] print_report+0xd1/0x650 [ 22.762637] ? __virt_addr_valid+0x1db/0x2d0 [ 22.762719] ? kasan_atomics_helper+0x7c7/0x5450 [ 22.762795] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.762877] ? kasan_atomics_helper+0x7c7/0x5450 [ 22.762956] kasan_report+0x141/0x180 [ 22.763039] ? kasan_atomics_helper+0x7c7/0x5450 [ 22.763110] kasan_check_range+0x10c/0x1c0 [ 22.763153] __kasan_check_write+0x18/0x20 [ 22.763184] kasan_atomics_helper+0x7c7/0x5450 [ 22.763247] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.763303] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.763341] ? kasan_atomics+0x152/0x310 [ 22.763374] kasan_atomics+0x1dc/0x310 [ 22.763403] ? __pfx_kasan_atomics+0x10/0x10 [ 22.763642] ? __pfx_read_tsc+0x10/0x10 [ 22.763731] ? ktime_get_ts64+0x86/0x230 [ 22.763817] kunit_try_run_case+0x1a5/0x480 [ 22.763894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.763964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.764032] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.764112] ? __kthread_parkme+0x82/0x180 [ 22.764186] ? preempt_count_sub+0x50/0x80 [ 22.764244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.764282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.764314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.764347] kthread+0x337/0x6f0 [ 22.764378] ? trace_preempt_on+0x20/0xc0 [ 22.764435] ? __pfx_kthread+0x10/0x10 [ 22.764555] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.764620] ? calculate_sigpending+0x7b/0xa0 [ 22.764655] ? __pfx_kthread+0x10/0x10 [ 22.764688] ret_from_fork+0x41/0x80 [ 22.764721] ? __pfx_kthread+0x10/0x10 [ 22.764754] ret_from_fork_asm+0x1a/0x30 [ 22.764798] </TASK> [ 22.764814] [ 22.788196] Allocated by task 285: [ 22.788595] kasan_save_stack+0x45/0x70 [ 22.788978] kasan_save_track+0x18/0x40 [ 22.789282] kasan_save_alloc_info+0x3b/0x50 [ 22.790747] __kasan_kmalloc+0xb7/0xc0 [ 22.791077] __kmalloc_cache_noprof+0x189/0x420 [ 22.791519] kasan_atomics+0x95/0x310 [ 22.792309] kunit_try_run_case+0x1a5/0x480 [ 22.792749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.794240] kthread+0x337/0x6f0 [ 22.794514] ret_from_fork+0x41/0x80 [ 22.795291] ret_from_fork_asm+0x1a/0x30 [ 22.796128] [ 22.796372] The buggy address belongs to the object at ffff888102983600 [ 22.796372] which belongs to the cache kmalloc-64 of size 64 [ 22.797679] The buggy address is located 0 bytes to the right of [ 22.797679] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.799337] [ 22.799527] The buggy address belongs to the physical page: [ 22.800417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.800958] flags: 0x200000000000000(node=0|zone=2) [ 22.801680] page_type: f5(slab) [ 22.801959] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.803296] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.804086] page dumped because: kasan: bad access detected [ 22.804593] [ 22.804801] Memory state around the buggy address: [ 22.805243] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.806281] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.807159] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.808252] ^ [ 22.809047] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.809891] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.810687] ================================================================== [ 22.207281] ================================================================== [ 22.208278] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 22.209237] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.210396] [ 22.210854] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.210921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.210940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.210967] Call Trace: [ 22.210986] <TASK> [ 22.211006] dump_stack_lvl+0x73/0xb0 [ 22.211045] print_report+0xd1/0x650 [ 22.211076] ? __virt_addr_valid+0x1db/0x2d0 [ 22.211106] ? kasan_atomics_helper+0x4ba2/0x5450 [ 22.211273] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.211400] ? kasan_atomics_helper+0x4ba2/0x5450 [ 22.211507] kasan_report+0x141/0x180 [ 22.211586] ? kasan_atomics_helper+0x4ba2/0x5450 [ 22.211731] __asan_report_store4_noabort+0x1b/0x30 [ 22.211807] kasan_atomics_helper+0x4ba2/0x5450 [ 22.211885] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.211963] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.212042] ? kasan_atomics+0x152/0x310 [ 22.212081] kasan_atomics+0x1dc/0x310 [ 22.212109] ? __pfx_kasan_atomics+0x10/0x10 [ 22.212137] ? __pfx_read_tsc+0x10/0x10 [ 22.212165] ? ktime_get_ts64+0x86/0x230 [ 22.212202] kunit_try_run_case+0x1a5/0x480 [ 22.212236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.212266] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.212301] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.212334] ? __kthread_parkme+0x82/0x180 [ 22.212364] ? preempt_count_sub+0x50/0x80 [ 22.212398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.212578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.212646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.212716] kthread+0x337/0x6f0 [ 22.212779] ? trace_preempt_on+0x20/0xc0 [ 22.212848] ? __pfx_kthread+0x10/0x10 [ 22.212905] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.212938] ? calculate_sigpending+0x7b/0xa0 [ 22.212968] ? __pfx_kthread+0x10/0x10 [ 22.213000] ret_from_fork+0x41/0x80 [ 22.213029] ? __pfx_kthread+0x10/0x10 [ 22.213060] ret_from_fork_asm+0x1a/0x30 [ 22.213103] </TASK> [ 22.213116] [ 22.237254] Allocated by task 285: [ 22.237621] kasan_save_stack+0x45/0x70 [ 22.238046] kasan_save_track+0x18/0x40 [ 22.238956] kasan_save_alloc_info+0x3b/0x50 [ 22.239306] __kasan_kmalloc+0xb7/0xc0 [ 22.239794] __kmalloc_cache_noprof+0x189/0x420 [ 22.240156] kasan_atomics+0x95/0x310 [ 22.240473] kunit_try_run_case+0x1a5/0x480 [ 22.240846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.241234] kthread+0x337/0x6f0 [ 22.242975] ret_from_fork+0x41/0x80 [ 22.243276] ret_from_fork_asm+0x1a/0x30 [ 22.244251] [ 22.245089] The buggy address belongs to the object at ffff888102983600 [ 22.245089] which belongs to the cache kmalloc-64 of size 64 [ 22.246032] The buggy address is located 0 bytes to the right of [ 22.246032] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.247993] [ 22.248172] The buggy address belongs to the physical page: [ 22.249148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.249762] flags: 0x200000000000000(node=0|zone=2) [ 22.250403] page_type: f5(slab) [ 22.250826] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.251368] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.251954] page dumped because: kasan: bad access detected [ 22.252320] [ 22.252671] Memory state around the buggy address: [ 22.253302] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.254753] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.255003] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.255230] ^ [ 22.255398] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.256975] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.257558] ================================================================== [ 23.189299] ================================================================== [ 23.191347] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 23.192349] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.193161] [ 23.193444] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.193587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.193609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.193641] Call Trace: [ 23.193668] <TASK> [ 23.193701] dump_stack_lvl+0x73/0xb0 [ 23.193775] print_report+0xd1/0x650 [ 23.193812] ? __virt_addr_valid+0x1db/0x2d0 [ 23.193846] ? kasan_atomics_helper+0xd47/0x5450 [ 23.193878] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.193913] ? kasan_atomics_helper+0xd47/0x5450 [ 23.193946] kasan_report+0x141/0x180 [ 23.193979] ? kasan_atomics_helper+0xd47/0x5450 [ 23.194018] kasan_check_range+0x10c/0x1c0 [ 23.194055] __kasan_check_write+0x18/0x20 [ 23.194086] kasan_atomics_helper+0xd47/0x5450 [ 23.194122] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.194158] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.194191] ? kasan_atomics+0x152/0x310 [ 23.194224] kasan_atomics+0x1dc/0x310 [ 23.194253] ? __pfx_kasan_atomics+0x10/0x10 [ 23.194283] ? __pfx_read_tsc+0x10/0x10 [ 23.194312] ? ktime_get_ts64+0x86/0x230 [ 23.194350] kunit_try_run_case+0x1a5/0x480 [ 23.194386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.194436] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.194644] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.194728] ? __kthread_parkme+0x82/0x180 [ 23.194803] ? preempt_count_sub+0x50/0x80 [ 23.194884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.194963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.195002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.195039] kthread+0x337/0x6f0 [ 23.195072] ? trace_preempt_on+0x20/0xc0 [ 23.195106] ? __pfx_kthread+0x10/0x10 [ 23.195139] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.195171] ? calculate_sigpending+0x7b/0xa0 [ 23.195202] ? __pfx_kthread+0x10/0x10 [ 23.195233] ret_from_fork+0x41/0x80 [ 23.195263] ? __pfx_kthread+0x10/0x10 [ 23.195294] ret_from_fork_asm+0x1a/0x30 [ 23.195340] </TASK> [ 23.195355] [ 23.214035] Allocated by task 285: [ 23.214555] kasan_save_stack+0x45/0x70 [ 23.214925] kasan_save_track+0x18/0x40 [ 23.215240] kasan_save_alloc_info+0x3b/0x50 [ 23.215624] __kasan_kmalloc+0xb7/0xc0 [ 23.215977] __kmalloc_cache_noprof+0x189/0x420 [ 23.216469] kasan_atomics+0x95/0x310 [ 23.216894] kunit_try_run_case+0x1a5/0x480 [ 23.217340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.217929] kthread+0x337/0x6f0 [ 23.218309] ret_from_fork+0x41/0x80 [ 23.218783] ret_from_fork_asm+0x1a/0x30 [ 23.219201] [ 23.219471] The buggy address belongs to the object at ffff888102983600 [ 23.219471] which belongs to the cache kmalloc-64 of size 64 [ 23.220278] The buggy address is located 0 bytes to the right of [ 23.220278] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.221241] [ 23.221551] The buggy address belongs to the physical page: [ 23.222073] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.222849] flags: 0x200000000000000(node=0|zone=2) [ 23.223293] page_type: f5(slab) [ 23.223725] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.224344] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.225014] page dumped because: kasan: bad access detected [ 23.225504] [ 23.225747] Memory state around the buggy address: [ 23.226135] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.226696] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.227322] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.228003] ^ [ 23.228543] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.229108] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.229667] ================================================================== [ 25.043079] ================================================================== [ 25.043819] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 25.045097] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 25.045869] [ 25.045991] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.046055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.046074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.046105] Call Trace: [ 25.046129] <TASK> [ 25.046154] dump_stack_lvl+0x73/0xb0 [ 25.046193] print_report+0xd1/0x650 [ 25.046228] ? __virt_addr_valid+0x1db/0x2d0 [ 25.046262] ? kasan_atomics_helper+0x218a/0x5450 [ 25.046293] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.046327] ? kasan_atomics_helper+0x218a/0x5450 [ 25.046361] kasan_report+0x141/0x180 [ 25.046394] ? kasan_atomics_helper+0x218a/0x5450 [ 25.046517] kasan_check_range+0x10c/0x1c0 [ 25.046692] __kasan_check_write+0x18/0x20 [ 25.046826] kasan_atomics_helper+0x218a/0x5450 [ 25.046929] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.047016] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.047099] ? kasan_atomics+0x152/0x310 [ 25.047179] kasan_atomics+0x1dc/0x310 [ 25.047216] ? __pfx_kasan_atomics+0x10/0x10 [ 25.047249] ? __pfx_read_tsc+0x10/0x10 [ 25.047280] ? ktime_get_ts64+0x86/0x230 [ 25.047320] kunit_try_run_case+0x1a5/0x480 [ 25.047357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.047392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.047463] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.047531] ? __kthread_parkme+0x82/0x180 [ 25.047566] ? preempt_count_sub+0x50/0x80 [ 25.047603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.047639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.047674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.047708] kthread+0x337/0x6f0 [ 25.047741] ? trace_preempt_on+0x20/0xc0 [ 25.047776] ? __pfx_kthread+0x10/0x10 [ 25.047809] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.047842] ? calculate_sigpending+0x7b/0xa0 [ 25.047875] ? __pfx_kthread+0x10/0x10 [ 25.047909] ret_from_fork+0x41/0x80 [ 25.047940] ? __pfx_kthread+0x10/0x10 [ 25.047974] ret_from_fork_asm+0x1a/0x30 [ 25.048019] </TASK> [ 25.048035] [ 25.063897] Allocated by task 285: [ 25.064399] kasan_save_stack+0x45/0x70 [ 25.064917] kasan_save_track+0x18/0x40 [ 25.065272] kasan_save_alloc_info+0x3b/0x50 [ 25.066105] __kasan_kmalloc+0xb7/0xc0 [ 25.066584] __kmalloc_cache_noprof+0x189/0x420 [ 25.067045] kasan_atomics+0x95/0x310 [ 25.067447] kunit_try_run_case+0x1a5/0x480 [ 25.067971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.068449] kthread+0x337/0x6f0 [ 25.068927] ret_from_fork+0x41/0x80 [ 25.069383] ret_from_fork_asm+0x1a/0x30 [ 25.069796] [ 25.070069] The buggy address belongs to the object at ffff888102983600 [ 25.070069] which belongs to the cache kmalloc-64 of size 64 [ 25.071223] The buggy address is located 0 bytes to the right of [ 25.071223] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 25.072411] [ 25.072679] The buggy address belongs to the physical page: [ 25.073217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 25.073842] flags: 0x200000000000000(node=0|zone=2) [ 25.074203] page_type: f5(slab) [ 25.074671] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.075388] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.076116] page dumped because: kasan: bad access detected [ 25.076655] [ 25.076891] Memory state around the buggy address: [ 25.077311] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.078201] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.078839] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.079471] ^ [ 25.079981] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.080661] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.081322] ================================================================== [ 23.782458] ================================================================== [ 23.784146] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 23.784786] Read of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.786061] [ 23.786292] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.786729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.786772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.786806] Call Trace: [ 23.786832] <TASK> [ 23.786856] dump_stack_lvl+0x73/0xb0 [ 23.786896] print_report+0xd1/0x650 [ 23.786932] ? __virt_addr_valid+0x1db/0x2d0 [ 23.786963] ? kasan_atomics_helper+0x49ce/0x5450 [ 23.786996] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.787031] ? kasan_atomics_helper+0x49ce/0x5450 [ 23.787065] kasan_report+0x141/0x180 [ 23.787100] ? kasan_atomics_helper+0x49ce/0x5450 [ 23.787140] __asan_report_load4_noabort+0x18/0x20 [ 23.787170] kasan_atomics_helper+0x49ce/0x5450 [ 23.787204] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.787238] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.787271] ? kasan_atomics+0x152/0x310 [ 23.787304] kasan_atomics+0x1dc/0x310 [ 23.787333] ? __pfx_kasan_atomics+0x10/0x10 [ 23.787364] ? __pfx_read_tsc+0x10/0x10 [ 23.787394] ? ktime_get_ts64+0x86/0x230 [ 23.787476] kunit_try_run_case+0x1a5/0x480 [ 23.787541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.787577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.787614] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.787651] ? __kthread_parkme+0x82/0x180 [ 23.787684] ? preempt_count_sub+0x50/0x80 [ 23.787722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.787757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.787789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.787824] kthread+0x337/0x6f0 [ 23.787855] ? trace_preempt_on+0x20/0xc0 [ 23.787890] ? __pfx_kthread+0x10/0x10 [ 23.787924] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.787958] ? calculate_sigpending+0x7b/0xa0 [ 23.787989] ? __pfx_kthread+0x10/0x10 [ 23.788023] ret_from_fork+0x41/0x80 [ 23.788054] ? __pfx_kthread+0x10/0x10 [ 23.788086] ret_from_fork_asm+0x1a/0x30 [ 23.788132] </TASK> [ 23.788146] [ 23.808652] Allocated by task 285: [ 23.809203] kasan_save_stack+0x45/0x70 [ 23.809944] kasan_save_track+0x18/0x40 [ 23.810382] kasan_save_alloc_info+0x3b/0x50 [ 23.811263] __kasan_kmalloc+0xb7/0xc0 [ 23.811548] __kmalloc_cache_noprof+0x189/0x420 [ 23.812039] kasan_atomics+0x95/0x310 [ 23.812424] kunit_try_run_case+0x1a5/0x480 [ 23.812866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.813351] kthread+0x337/0x6f0 [ 23.814237] ret_from_fork+0x41/0x80 [ 23.814716] ret_from_fork_asm+0x1a/0x30 [ 23.815313] [ 23.815724] The buggy address belongs to the object at ffff888102983600 [ 23.815724] which belongs to the cache kmalloc-64 of size 64 [ 23.817007] The buggy address is located 0 bytes to the right of [ 23.817007] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.818078] [ 23.818633] The buggy address belongs to the physical page: [ 23.819120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.820018] flags: 0x200000000000000(node=0|zone=2) [ 23.820447] page_type: f5(slab) [ 23.820822] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.821915] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.822422] page dumped because: kasan: bad access detected [ 23.823130] [ 23.823368] Memory state around the buggy address: [ 23.824228] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.825062] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.825608] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.826381] ^ [ 23.826869] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.827677] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.828391] ================================================================== [ 22.704156] ================================================================== [ 22.705813] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 22.706787] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.707311] [ 22.708325] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.708398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.708428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.708530] Call Trace: [ 22.708588] <TASK> [ 22.708616] dump_stack_lvl+0x73/0xb0 [ 22.708657] print_report+0xd1/0x650 [ 22.708693] ? __virt_addr_valid+0x1db/0x2d0 [ 22.708727] ? kasan_atomics_helper+0x72f/0x5450 [ 22.708760] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.708796] ? kasan_atomics_helper+0x72f/0x5450 [ 22.708830] kasan_report+0x141/0x180 [ 22.708863] ? kasan_atomics_helper+0x72f/0x5450 [ 22.708903] kasan_check_range+0x10c/0x1c0 [ 22.708941] __kasan_check_write+0x18/0x20 [ 22.708970] kasan_atomics_helper+0x72f/0x5450 [ 22.709004] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.709040] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.709073] ? kasan_atomics+0x152/0x310 [ 22.709105] kasan_atomics+0x1dc/0x310 [ 22.709132] ? __pfx_kasan_atomics+0x10/0x10 [ 22.709163] ? __pfx_read_tsc+0x10/0x10 [ 22.709193] ? ktime_get_ts64+0x86/0x230 [ 22.709232] kunit_try_run_case+0x1a5/0x480 [ 22.709267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.709301] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.709338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.709375] ? __kthread_parkme+0x82/0x180 [ 22.709408] ? preempt_count_sub+0x50/0x80 [ 22.709522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.709596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.709633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.709667] kthread+0x337/0x6f0 [ 22.709699] ? trace_preempt_on+0x20/0xc0 [ 22.709733] ? __pfx_kthread+0x10/0x10 [ 22.709766] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.709799] ? calculate_sigpending+0x7b/0xa0 [ 22.709830] ? __pfx_kthread+0x10/0x10 [ 22.709863] ret_from_fork+0x41/0x80 [ 22.709896] ? __pfx_kthread+0x10/0x10 [ 22.709928] ret_from_fork_asm+0x1a/0x30 [ 22.709974] </TASK> [ 22.709990] [ 22.732794] Allocated by task 285: [ 22.733212] kasan_save_stack+0x45/0x70 [ 22.734237] kasan_save_track+0x18/0x40 [ 22.734614] kasan_save_alloc_info+0x3b/0x50 [ 22.735756] __kasan_kmalloc+0xb7/0xc0 [ 22.736344] __kmalloc_cache_noprof+0x189/0x420 [ 22.736774] kasan_atomics+0x95/0x310 [ 22.737536] kunit_try_run_case+0x1a5/0x480 [ 22.738107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.738607] kthread+0x337/0x6f0 [ 22.739138] ret_from_fork+0x41/0x80 [ 22.739757] ret_from_fork_asm+0x1a/0x30 [ 22.740180] [ 22.740405] The buggy address belongs to the object at ffff888102983600 [ 22.740405] which belongs to the cache kmalloc-64 of size 64 [ 22.742328] The buggy address is located 0 bytes to the right of [ 22.742328] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.743970] [ 22.744136] The buggy address belongs to the physical page: [ 22.745700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.746284] flags: 0x200000000000000(node=0|zone=2) [ 22.746864] page_type: f5(slab) [ 22.747147] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.748211] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.749339] page dumped because: kasan: bad access detected [ 22.750885] [ 22.751233] Memory state around the buggy address: [ 22.752089] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.752970] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.754014] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.754744] ^ [ 22.755059] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.756496] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.756999] ================================================================== [ 24.638047] ================================================================== [ 24.638690] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 24.639223] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.640331] [ 24.640683] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.640859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.640901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.640960] Call Trace: [ 24.641034] <TASK> [ 24.641116] dump_stack_lvl+0x73/0xb0 [ 24.641204] print_report+0xd1/0x650 [ 24.641284] ? __virt_addr_valid+0x1db/0x2d0 [ 24.641365] ? kasan_atomics_helper+0x1d7a/0x5450 [ 24.641587] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.641703] ? kasan_atomics_helper+0x1d7a/0x5450 [ 24.641782] kasan_report+0x141/0x180 [ 24.641863] ? kasan_atomics_helper+0x1d7a/0x5450 [ 24.642038] kasan_check_range+0x10c/0x1c0 [ 24.642131] __kasan_check_write+0x18/0x20 [ 24.642241] kasan_atomics_helper+0x1d7a/0x5450 [ 24.642375] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.642565] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.642706] ? kasan_atomics+0x152/0x310 [ 24.642799] kasan_atomics+0x1dc/0x310 [ 24.642838] ? __pfx_kasan_atomics+0x10/0x10 [ 24.642871] ? __pfx_read_tsc+0x10/0x10 [ 24.642900] ? ktime_get_ts64+0x86/0x230 [ 24.642939] kunit_try_run_case+0x1a5/0x480 [ 24.642974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.643007] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.643040] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.643074] ? __kthread_parkme+0x82/0x180 [ 24.643105] ? preempt_count_sub+0x50/0x80 [ 24.643139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.643173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.643205] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.643237] kthread+0x337/0x6f0 [ 24.643267] ? trace_preempt_on+0x20/0xc0 [ 24.643301] ? __pfx_kthread+0x10/0x10 [ 24.643333] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.643363] ? calculate_sigpending+0x7b/0xa0 [ 24.643393] ? __pfx_kthread+0x10/0x10 [ 24.643465] ret_from_fork+0x41/0x80 [ 24.643528] ? __pfx_kthread+0x10/0x10 [ 24.643562] ret_from_fork_asm+0x1a/0x30 [ 24.643607] </TASK> [ 24.643622] [ 24.659705] Allocated by task 285: [ 24.660140] kasan_save_stack+0x45/0x70 [ 24.660683] kasan_save_track+0x18/0x40 [ 24.661113] kasan_save_alloc_info+0x3b/0x50 [ 24.661676] __kasan_kmalloc+0xb7/0xc0 [ 24.661986] __kmalloc_cache_noprof+0x189/0x420 [ 24.662507] kasan_atomics+0x95/0x310 [ 24.662983] kunit_try_run_case+0x1a5/0x480 [ 24.663493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.664245] kthread+0x337/0x6f0 [ 24.664682] ret_from_fork+0x41/0x80 [ 24.664992] ret_from_fork_asm+0x1a/0x30 [ 24.665493] [ 24.665775] The buggy address belongs to the object at ffff888102983600 [ 24.665775] which belongs to the cache kmalloc-64 of size 64 [ 24.666684] The buggy address is located 0 bytes to the right of [ 24.666684] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.667984] [ 24.668337] The buggy address belongs to the physical page: [ 24.668917] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.669542] flags: 0x200000000000000(node=0|zone=2) [ 24.670124] page_type: f5(slab) [ 24.670566] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.671135] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.672043] page dumped because: kasan: bad access detected [ 24.672429] [ 24.672731] Memory state around the buggy address: [ 24.673222] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.673933] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.674525] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.675129] ^ [ 24.675681] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.676241] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.676917] ================================================================== [ 23.317896] ================================================================== [ 23.318514] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 23.318988] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.319980] [ 23.320384] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.320935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.320981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.321163] Call Trace: [ 23.321222] <TASK> [ 23.321278] dump_stack_lvl+0x73/0xb0 [ 23.321360] print_report+0xd1/0x650 [ 23.321531] ? __virt_addr_valid+0x1db/0x2d0 [ 23.321670] ? kasan_atomics_helper+0xf10/0x5450 [ 23.321787] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.321891] ? kasan_atomics_helper+0xf10/0x5450 [ 23.321969] kasan_report+0x141/0x180 [ 23.322050] ? kasan_atomics_helper+0xf10/0x5450 [ 23.322144] kasan_check_range+0x10c/0x1c0 [ 23.322225] __kasan_check_write+0x18/0x20 [ 23.322296] kasan_atomics_helper+0xf10/0x5450 [ 23.322374] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.322450] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.322569] ? kasan_atomics+0x152/0x310 [ 23.322662] kasan_atomics+0x1dc/0x310 [ 23.322741] ? __pfx_kasan_atomics+0x10/0x10 [ 23.322815] ? __pfx_read_tsc+0x10/0x10 [ 23.322878] ? ktime_get_ts64+0x86/0x230 [ 23.322923] kunit_try_run_case+0x1a5/0x480 [ 23.322961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.322994] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.323031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.323067] ? __kthread_parkme+0x82/0x180 [ 23.323101] ? preempt_count_sub+0x50/0x80 [ 23.323137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.323171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.323203] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.323236] kthread+0x337/0x6f0 [ 23.323266] ? trace_preempt_on+0x20/0xc0 [ 23.323299] ? __pfx_kthread+0x10/0x10 [ 23.323330] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.323364] ? calculate_sigpending+0x7b/0xa0 [ 23.323398] ? __pfx_kthread+0x10/0x10 [ 23.323476] ret_from_fork+0x41/0x80 [ 23.323538] ? __pfx_kthread+0x10/0x10 [ 23.323576] ret_from_fork_asm+0x1a/0x30 [ 23.323625] </TASK> [ 23.323640] [ 23.342227] Allocated by task 285: [ 23.342887] kasan_save_stack+0x45/0x70 [ 23.343834] kasan_save_track+0x18/0x40 [ 23.344312] kasan_save_alloc_info+0x3b/0x50 [ 23.344667] __kasan_kmalloc+0xb7/0xc0 [ 23.344917] __kmalloc_cache_noprof+0x189/0x420 [ 23.345615] kasan_atomics+0x95/0x310 [ 23.346247] kunit_try_run_case+0x1a5/0x480 [ 23.347072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.347466] kthread+0x337/0x6f0 [ 23.348045] ret_from_fork+0x41/0x80 [ 23.348351] ret_from_fork_asm+0x1a/0x30 [ 23.349018] [ 23.349230] The buggy address belongs to the object at ffff888102983600 [ 23.349230] which belongs to the cache kmalloc-64 of size 64 [ 23.350920] The buggy address is located 0 bytes to the right of [ 23.350920] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.351839] [ 23.352260] The buggy address belongs to the physical page: [ 23.353210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.354008] flags: 0x200000000000000(node=0|zone=2) [ 23.354697] page_type: f5(slab) [ 23.354863] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.355117] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.355359] page dumped because: kasan: bad access detected [ 23.355780] [ 23.356071] Memory state around the buggy address: [ 23.356881] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.357560] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.358036] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.358810] ^ [ 23.359238] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.359989] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.360617] ================================================================== [ 22.357119] ================================================================== [ 22.357818] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 22.358649] Read of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.359264] [ 22.359756] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.359891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.359931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.359992] Call Trace: [ 22.360065] <TASK> [ 22.360144] dump_stack_lvl+0x73/0xb0 [ 22.360230] print_report+0xd1/0x650 [ 22.360309] ? __virt_addr_valid+0x1db/0x2d0 [ 22.360383] ? kasan_atomics_helper+0x3df/0x5450 [ 22.360648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.360762] ? kasan_atomics_helper+0x3df/0x5450 [ 22.360844] kasan_report+0x141/0x180 [ 22.360927] ? kasan_atomics_helper+0x3df/0x5450 [ 22.361043] kasan_check_range+0x10c/0x1c0 [ 22.361159] __kasan_check_read+0x15/0x20 [ 22.361201] kasan_atomics_helper+0x3df/0x5450 [ 22.361238] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.361275] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.361308] ? kasan_atomics+0x152/0x310 [ 22.361341] kasan_atomics+0x1dc/0x310 [ 22.361370] ? __pfx_kasan_atomics+0x10/0x10 [ 22.361400] ? __pfx_read_tsc+0x10/0x10 [ 22.361429] ? ktime_get_ts64+0x86/0x230 [ 22.361468] kunit_try_run_case+0x1a5/0x480 [ 22.361615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.361667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.361708] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.361744] ? __kthread_parkme+0x82/0x180 [ 22.361776] ? preempt_count_sub+0x50/0x80 [ 22.361812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.361845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.361878] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.361911] kthread+0x337/0x6f0 [ 22.361942] ? trace_preempt_on+0x20/0xc0 [ 22.361976] ? __pfx_kthread+0x10/0x10 [ 22.362007] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.362039] ? calculate_sigpending+0x7b/0xa0 [ 22.362069] ? __pfx_kthread+0x10/0x10 [ 22.362103] ret_from_fork+0x41/0x80 [ 22.362133] ? __pfx_kthread+0x10/0x10 [ 22.362165] ret_from_fork_asm+0x1a/0x30 [ 22.362208] </TASK> [ 22.362224] [ 22.381321] Allocated by task 285: [ 22.382224] kasan_save_stack+0x45/0x70 [ 22.382701] kasan_save_track+0x18/0x40 [ 22.383313] kasan_save_alloc_info+0x3b/0x50 [ 22.383926] __kasan_kmalloc+0xb7/0xc0 [ 22.384784] __kmalloc_cache_noprof+0x189/0x420 [ 22.386109] kasan_atomics+0x95/0x310 [ 22.386657] kunit_try_run_case+0x1a5/0x480 [ 22.387720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.388298] kthread+0x337/0x6f0 [ 22.388548] ret_from_fork+0x41/0x80 [ 22.389340] ret_from_fork_asm+0x1a/0x30 [ 22.389912] [ 22.390083] The buggy address belongs to the object at ffff888102983600 [ 22.390083] which belongs to the cache kmalloc-64 of size 64 [ 22.392008] The buggy address is located 0 bytes to the right of [ 22.392008] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.393421] [ 22.394138] The buggy address belongs to the physical page: [ 22.395191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.396062] flags: 0x200000000000000(node=0|zone=2) [ 22.397070] page_type: f5(slab) [ 22.397418] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.398387] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.399027] page dumped because: kasan: bad access detected [ 22.399443] [ 22.400367] Memory state around the buggy address: [ 22.400999] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.401324] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.402557] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.403238] ^ [ 22.403948] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.404714] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.404999] ================================================================== [ 24.295994] ================================================================== [ 24.296864] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 24.298017] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.298639] [ 24.298887] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.299014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.299035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.299065] Call Trace: [ 24.299093] <TASK> [ 24.299118] dump_stack_lvl+0x73/0xb0 [ 24.299158] print_report+0xd1/0x650 [ 24.299190] ? __virt_addr_valid+0x1db/0x2d0 [ 24.299222] ? kasan_atomics_helper+0x18b1/0x5450 [ 24.299253] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.299287] ? kasan_atomics_helper+0x18b1/0x5450 [ 24.299319] kasan_report+0x141/0x180 [ 24.299351] ? kasan_atomics_helper+0x18b1/0x5450 [ 24.299389] kasan_check_range+0x10c/0x1c0 [ 24.299536] __kasan_check_write+0x18/0x20 [ 24.299617] kasan_atomics_helper+0x18b1/0x5450 [ 24.299703] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.299782] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.299863] ? kasan_atomics+0x152/0x310 [ 24.299988] kasan_atomics+0x1dc/0x310 [ 24.300068] ? __pfx_kasan_atomics+0x10/0x10 [ 24.300148] ? __pfx_read_tsc+0x10/0x10 [ 24.300258] ? ktime_get_ts64+0x86/0x230 [ 24.300351] kunit_try_run_case+0x1a5/0x480 [ 24.300454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.300550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.300618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.300658] ? __kthread_parkme+0x82/0x180 [ 24.300690] ? preempt_count_sub+0x50/0x80 [ 24.300726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.300760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.300792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.300824] kthread+0x337/0x6f0 [ 24.300856] ? trace_preempt_on+0x20/0xc0 [ 24.300890] ? __pfx_kthread+0x10/0x10 [ 24.300922] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.300953] ? calculate_sigpending+0x7b/0xa0 [ 24.300984] ? __pfx_kthread+0x10/0x10 [ 24.301016] ret_from_fork+0x41/0x80 [ 24.301045] ? __pfx_kthread+0x10/0x10 [ 24.301077] ret_from_fork_asm+0x1a/0x30 [ 24.301122] </TASK> [ 24.301136] [ 24.316846] Allocated by task 285: [ 24.317196] kasan_save_stack+0x45/0x70 [ 24.317564] kasan_save_track+0x18/0x40 [ 24.318057] kasan_save_alloc_info+0x3b/0x50 [ 24.318549] __kasan_kmalloc+0xb7/0xc0 [ 24.319042] __kmalloc_cache_noprof+0x189/0x420 [ 24.319560] kasan_atomics+0x95/0x310 [ 24.320095] kunit_try_run_case+0x1a5/0x480 [ 24.320654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.321188] kthread+0x337/0x6f0 [ 24.321670] ret_from_fork+0x41/0x80 [ 24.322056] ret_from_fork_asm+0x1a/0x30 [ 24.322547] [ 24.322804] The buggy address belongs to the object at ffff888102983600 [ 24.322804] which belongs to the cache kmalloc-64 of size 64 [ 24.323931] The buggy address is located 0 bytes to the right of [ 24.323931] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.325068] [ 24.325362] The buggy address belongs to the physical page: [ 24.326008] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.326625] flags: 0x200000000000000(node=0|zone=2) [ 24.327151] page_type: f5(slab) [ 24.327460] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.327959] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.328775] page dumped because: kasan: bad access detected [ 24.329339] [ 24.329625] Memory state around the buggy address: [ 24.330127] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.331198] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.333511] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.334995] ^ [ 24.335362] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.336121] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.337064] ================================================================== [ 24.060441] ================================================================== [ 24.061275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 24.061935] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.063110] [ 24.063392] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.063601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.063645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.063738] Call Trace: [ 24.063801] <TASK> [ 24.063858] dump_stack_lvl+0x73/0xb0 [ 24.064032] print_report+0xd1/0x650 [ 24.064130] ? __virt_addr_valid+0x1db/0x2d0 [ 24.064207] ? kasan_atomics_helper+0x15b6/0x5450 [ 24.064268] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.064302] ? kasan_atomics_helper+0x15b6/0x5450 [ 24.064334] kasan_report+0x141/0x180 [ 24.064367] ? kasan_atomics_helper+0x15b6/0x5450 [ 24.064407] kasan_check_range+0x10c/0x1c0 [ 24.064505] __kasan_check_write+0x18/0x20 [ 24.064542] kasan_atomics_helper+0x15b6/0x5450 [ 24.064578] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.064612] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.064645] ? kasan_atomics+0x152/0x310 [ 24.064679] kasan_atomics+0x1dc/0x310 [ 24.064706] ? __pfx_kasan_atomics+0x10/0x10 [ 24.064735] ? __pfx_read_tsc+0x10/0x10 [ 24.064763] ? ktime_get_ts64+0x86/0x230 [ 24.064800] kunit_try_run_case+0x1a5/0x480 [ 24.064834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.064866] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.064901] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.064935] ? __kthread_parkme+0x82/0x180 [ 24.064966] ? preempt_count_sub+0x50/0x80 [ 24.065002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.065035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.065067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.065099] kthread+0x337/0x6f0 [ 24.065129] ? trace_preempt_on+0x20/0xc0 [ 24.065165] ? __pfx_kthread+0x10/0x10 [ 24.065199] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.065232] ? calculate_sigpending+0x7b/0xa0 [ 24.065263] ? __pfx_kthread+0x10/0x10 [ 24.065295] ret_from_fork+0x41/0x80 [ 24.065325] ? __pfx_kthread+0x10/0x10 [ 24.065357] ret_from_fork_asm+0x1a/0x30 [ 24.065400] </TASK> [ 24.065431] [ 24.083392] Allocated by task 285: [ 24.084058] kasan_save_stack+0x45/0x70 [ 24.084854] kasan_save_track+0x18/0x40 [ 24.085184] kasan_save_alloc_info+0x3b/0x50 [ 24.086054] __kasan_kmalloc+0xb7/0xc0 [ 24.086508] __kmalloc_cache_noprof+0x189/0x420 [ 24.087188] kasan_atomics+0x95/0x310 [ 24.087687] kunit_try_run_case+0x1a5/0x480 [ 24.088099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.088629] kthread+0x337/0x6f0 [ 24.088988] ret_from_fork+0x41/0x80 [ 24.089350] ret_from_fork_asm+0x1a/0x30 [ 24.090275] [ 24.090575] The buggy address belongs to the object at ffff888102983600 [ 24.090575] which belongs to the cache kmalloc-64 of size 64 [ 24.091870] The buggy address is located 0 bytes to the right of [ 24.091870] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.093132] [ 24.093317] The buggy address belongs to the physical page: [ 24.094508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.095310] flags: 0x200000000000000(node=0|zone=2) [ 24.096006] page_type: f5(slab) [ 24.096286] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.097335] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.098293] page dumped because: kasan: bad access detected [ 24.098946] [ 24.099111] Memory state around the buggy address: [ 24.099584] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.100087] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.101188] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.101875] ^ [ 24.102615] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.103257] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.103887] ================================================================== [ 23.057383] ================================================================== [ 23.058761] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 23.059650] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.060057] [ 23.060291] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.060513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.060559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.060649] Call Trace: [ 23.060712] <TASK> [ 23.060796] dump_stack_lvl+0x73/0xb0 [ 23.060913] print_report+0xd1/0x650 [ 23.060992] ? __virt_addr_valid+0x1db/0x2d0 [ 23.061069] ? kasan_atomics_helper+0xb6a/0x5450 [ 23.061139] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.061215] ? kasan_atomics_helper+0xb6a/0x5450 [ 23.061291] kasan_report+0x141/0x180 [ 23.061367] ? kasan_atomics_helper+0xb6a/0x5450 [ 23.061555] kasan_check_range+0x10c/0x1c0 [ 23.061667] __kasan_check_write+0x18/0x20 [ 23.061779] kasan_atomics_helper+0xb6a/0x5450 [ 23.061899] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.061980] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.062066] ? kasan_atomics+0x152/0x310 [ 23.062151] kasan_atomics+0x1dc/0x310 [ 23.062225] ? __pfx_kasan_atomics+0x10/0x10 [ 23.062299] ? __pfx_read_tsc+0x10/0x10 [ 23.062366] ? ktime_get_ts64+0x86/0x230 [ 23.062507] kunit_try_run_case+0x1a5/0x480 [ 23.062595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.062665] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.062730] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.062768] ? __kthread_parkme+0x82/0x180 [ 23.062800] ? preempt_count_sub+0x50/0x80 [ 23.062837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.062874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.062907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.062940] kthread+0x337/0x6f0 [ 23.062970] ? trace_preempt_on+0x20/0xc0 [ 23.063004] ? __pfx_kthread+0x10/0x10 [ 23.063035] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.063068] ? calculate_sigpending+0x7b/0xa0 [ 23.063099] ? __pfx_kthread+0x10/0x10 [ 23.063131] ret_from_fork+0x41/0x80 [ 23.063161] ? __pfx_kthread+0x10/0x10 [ 23.063193] ret_from_fork_asm+0x1a/0x30 [ 23.063236] </TASK> [ 23.063251] [ 23.077321] Allocated by task 285: [ 23.077764] kasan_save_stack+0x45/0x70 [ 23.078191] kasan_save_track+0x18/0x40 [ 23.078670] kasan_save_alloc_info+0x3b/0x50 [ 23.079024] __kasan_kmalloc+0xb7/0xc0 [ 23.079388] __kmalloc_cache_noprof+0x189/0x420 [ 23.079942] kasan_atomics+0x95/0x310 [ 23.080338] kunit_try_run_case+0x1a5/0x480 [ 23.080786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.081222] kthread+0x337/0x6f0 [ 23.081684] ret_from_fork+0x41/0x80 [ 23.082098] ret_from_fork_asm+0x1a/0x30 [ 23.082612] [ 23.082805] The buggy address belongs to the object at ffff888102983600 [ 23.082805] which belongs to the cache kmalloc-64 of size 64 [ 23.083770] The buggy address is located 0 bytes to the right of [ 23.083770] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.084547] [ 23.084792] The buggy address belongs to the physical page: [ 23.085325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.086123] flags: 0x200000000000000(node=0|zone=2) [ 23.086669] page_type: f5(slab) [ 23.086999] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.087725] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.088294] page dumped because: kasan: bad access detected [ 23.088726] [ 23.088911] Memory state around the buggy address: [ 23.089333] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.090026] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.090699] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.091324] ^ [ 23.091846] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.092406] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.093001] ================================================================== [ 23.270811] ================================================================== [ 23.271539] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 23.272156] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.272905] [ 23.273217] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.273351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.273393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.273539] Call Trace: [ 23.273610] <TASK> [ 23.273662] dump_stack_lvl+0x73/0xb0 [ 23.273743] print_report+0xd1/0x650 [ 23.273820] ? __virt_addr_valid+0x1db/0x2d0 [ 23.273890] ? kasan_atomics_helper+0xe78/0x5450 [ 23.273944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.274013] ? kasan_atomics_helper+0xe78/0x5450 [ 23.274127] kasan_report+0x141/0x180 [ 23.274218] ? kasan_atomics_helper+0xe78/0x5450 [ 23.274375] kasan_check_range+0x10c/0x1c0 [ 23.274550] __kasan_check_write+0x18/0x20 [ 23.274656] kasan_atomics_helper+0xe78/0x5450 [ 23.274771] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.274859] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.275003] ? kasan_atomics+0x152/0x310 [ 23.275091] kasan_atomics+0x1dc/0x310 [ 23.275168] ? __pfx_kasan_atomics+0x10/0x10 [ 23.275244] ? __pfx_read_tsc+0x10/0x10 [ 23.275312] ? ktime_get_ts64+0x86/0x230 [ 23.275395] kunit_try_run_case+0x1a5/0x480 [ 23.275541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.275617] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.275692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.275770] ? __kthread_parkme+0x82/0x180 [ 23.275846] ? preempt_count_sub+0x50/0x80 [ 23.275927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.276005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.276067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.276104] kthread+0x337/0x6f0 [ 23.276136] ? trace_preempt_on+0x20/0xc0 [ 23.276171] ? __pfx_kthread+0x10/0x10 [ 23.276204] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.276236] ? calculate_sigpending+0x7b/0xa0 [ 23.276268] ? __pfx_kthread+0x10/0x10 [ 23.276300] ret_from_fork+0x41/0x80 [ 23.276333] ? __pfx_kthread+0x10/0x10 [ 23.276365] ret_from_fork_asm+0x1a/0x30 [ 23.276430] </TASK> [ 23.276498] [ 23.298380] Allocated by task 285: [ 23.299016] kasan_save_stack+0x45/0x70 [ 23.299365] kasan_save_track+0x18/0x40 [ 23.299907] kasan_save_alloc_info+0x3b/0x50 [ 23.301052] __kasan_kmalloc+0xb7/0xc0 [ 23.301627] __kmalloc_cache_noprof+0x189/0x420 [ 23.302293] kasan_atomics+0x95/0x310 [ 23.302690] kunit_try_run_case+0x1a5/0x480 [ 23.303280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.304042] kthread+0x337/0x6f0 [ 23.304368] ret_from_fork+0x41/0x80 [ 23.304775] ret_from_fork_asm+0x1a/0x30 [ 23.305197] [ 23.305436] The buggy address belongs to the object at ffff888102983600 [ 23.305436] which belongs to the cache kmalloc-64 of size 64 [ 23.306355] The buggy address is located 0 bytes to the right of [ 23.306355] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.307398] [ 23.307694] The buggy address belongs to the physical page: [ 23.308171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.309027] flags: 0x200000000000000(node=0|zone=2) [ 23.309541] page_type: f5(slab) [ 23.310021] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.310622] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.311318] page dumped because: kasan: bad access detected [ 23.311751] [ 23.312014] Memory state around the buggy address: [ 23.312563] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.313142] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.313963] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.314522] ^ [ 23.315120] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.315793] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.316325] ================================================================== [ 23.362477] ================================================================== [ 23.363567] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 23.364156] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.365019] [ 23.365599] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.365734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.365778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.365840] Call Trace: [ 23.365896] <TASK> [ 23.365946] dump_stack_lvl+0x73/0xb0 [ 23.366024] print_report+0xd1/0x650 [ 23.366063] ? __virt_addr_valid+0x1db/0x2d0 [ 23.366097] ? kasan_atomics_helper+0xfa9/0x5450 [ 23.366130] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.366164] ? kasan_atomics_helper+0xfa9/0x5450 [ 23.366197] kasan_report+0x141/0x180 [ 23.366233] ? kasan_atomics_helper+0xfa9/0x5450 [ 23.366273] kasan_check_range+0x10c/0x1c0 [ 23.366309] __kasan_check_write+0x18/0x20 [ 23.366339] kasan_atomics_helper+0xfa9/0x5450 [ 23.366373] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.366411] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.366511] ? kasan_atomics+0x152/0x310 [ 23.366551] kasan_atomics+0x1dc/0x310 [ 23.366580] ? __pfx_kasan_atomics+0x10/0x10 [ 23.366612] ? __pfx_read_tsc+0x10/0x10 [ 23.366641] ? ktime_get_ts64+0x86/0x230 [ 23.366680] kunit_try_run_case+0x1a5/0x480 [ 23.366715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.366747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.366784] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.366820] ? __kthread_parkme+0x82/0x180 [ 23.366853] ? preempt_count_sub+0x50/0x80 [ 23.366889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.366924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.366956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.366990] kthread+0x337/0x6f0 [ 23.367021] ? trace_preempt_on+0x20/0xc0 [ 23.367057] ? __pfx_kthread+0x10/0x10 [ 23.367090] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.367124] ? calculate_sigpending+0x7b/0xa0 [ 23.367158] ? __pfx_kthread+0x10/0x10 [ 23.367193] ret_from_fork+0x41/0x80 [ 23.367225] ? __pfx_kthread+0x10/0x10 [ 23.367258] ret_from_fork_asm+0x1a/0x30 [ 23.367304] </TASK> [ 23.367319] [ 23.383436] Allocated by task 285: [ 23.384097] kasan_save_stack+0x45/0x70 [ 23.384959] kasan_save_track+0x18/0x40 [ 23.385641] kasan_save_alloc_info+0x3b/0x50 [ 23.386389] __kasan_kmalloc+0xb7/0xc0 [ 23.387100] __kmalloc_cache_noprof+0x189/0x420 [ 23.388017] kasan_atomics+0x95/0x310 [ 23.388783] kunit_try_run_case+0x1a5/0x480 [ 23.389512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.390510] kthread+0x337/0x6f0 [ 23.391055] ret_from_fork+0x41/0x80 [ 23.392736] ret_from_fork_asm+0x1a/0x30 [ 23.394879] [ 23.395225] The buggy address belongs to the object at ffff888102983600 [ 23.395225] which belongs to the cache kmalloc-64 of size 64 [ 23.398176] The buggy address is located 0 bytes to the right of [ 23.398176] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.400033] [ 23.400366] The buggy address belongs to the physical page: [ 23.401178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.401702] flags: 0x200000000000000(node=0|zone=2) [ 23.402576] page_type: f5(slab) [ 23.403098] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.404164] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.405057] page dumped because: kasan: bad access detected [ 23.405353] [ 23.405729] Memory state around the buggy address: [ 23.406559] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.407646] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.408445] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.409187] ^ [ 23.409646] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.410256] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.411011] ================================================================== [ 23.496315] ================================================================== [ 23.497202] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 23.497948] Read of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.498724] [ 23.499007] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.499141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.499187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.499243] Call Trace: [ 23.499347] <TASK> [ 23.499403] dump_stack_lvl+0x73/0xb0 [ 23.499547] print_report+0xd1/0x650 [ 23.499624] ? __virt_addr_valid+0x1db/0x2d0 [ 23.499704] ? kasan_atomics_helper+0x4a1c/0x5450 [ 23.499786] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.499867] ? kasan_atomics_helper+0x4a1c/0x5450 [ 23.499944] kasan_report+0x141/0x180 [ 23.500030] ? kasan_atomics_helper+0x4a1c/0x5450 [ 23.500125] __asan_report_load4_noabort+0x18/0x20 [ 23.500200] kasan_atomics_helper+0x4a1c/0x5450 [ 23.500273] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.500312] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.500347] ? kasan_atomics+0x152/0x310 [ 23.500379] kasan_atomics+0x1dc/0x310 [ 23.500430] ? __pfx_kasan_atomics+0x10/0x10 [ 23.500523] ? __pfx_read_tsc+0x10/0x10 [ 23.500557] ? ktime_get_ts64+0x86/0x230 [ 23.500595] kunit_try_run_case+0x1a5/0x480 [ 23.500631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.500663] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.500697] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.500732] ? __kthread_parkme+0x82/0x180 [ 23.500766] ? preempt_count_sub+0x50/0x80 [ 23.500803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.500837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.500870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.500903] kthread+0x337/0x6f0 [ 23.500934] ? trace_preempt_on+0x20/0xc0 [ 23.500969] ? __pfx_kthread+0x10/0x10 [ 23.501002] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.501034] ? calculate_sigpending+0x7b/0xa0 [ 23.501064] ? __pfx_kthread+0x10/0x10 [ 23.501096] ret_from_fork+0x41/0x80 [ 23.501126] ? __pfx_kthread+0x10/0x10 [ 23.501158] ret_from_fork_asm+0x1a/0x30 [ 23.501201] </TASK> [ 23.501216] [ 23.521831] Allocated by task 285: [ 23.522220] kasan_save_stack+0x45/0x70 [ 23.522976] kasan_save_track+0x18/0x40 [ 23.523412] kasan_save_alloc_info+0x3b/0x50 [ 23.524149] __kasan_kmalloc+0xb7/0xc0 [ 23.524609] __kmalloc_cache_noprof+0x189/0x420 [ 23.525031] kasan_atomics+0x95/0x310 [ 23.525755] kunit_try_run_case+0x1a5/0x480 [ 23.526211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.526968] kthread+0x337/0x6f0 [ 23.527374] ret_from_fork+0x41/0x80 [ 23.528059] ret_from_fork_asm+0x1a/0x30 [ 23.528738] [ 23.528984] The buggy address belongs to the object at ffff888102983600 [ 23.528984] which belongs to the cache kmalloc-64 of size 64 [ 23.530022] The buggy address is located 0 bytes to the right of [ 23.530022] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.531571] [ 23.531968] The buggy address belongs to the physical page: [ 23.532681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.533511] flags: 0x200000000000000(node=0|zone=2) [ 23.533970] page_type: f5(slab) [ 23.534617] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.535494] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.536080] page dumped because: kasan: bad access detected [ 23.536911] [ 23.537423] Memory state around the buggy address: [ 23.537919] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.538469] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.539258] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.540041] ^ [ 23.540676] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.541430] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.542076] ================================================================== [ 22.305110] ================================================================== [ 22.305916] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 22.307381] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.308711] [ 22.308923] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.308991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.309010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.309039] Call Trace: [ 22.309063] <TASK> [ 22.309086] dump_stack_lvl+0x73/0xb0 [ 22.309124] print_report+0xd1/0x650 [ 22.309288] ? __virt_addr_valid+0x1db/0x2d0 [ 22.309325] ? kasan_atomics_helper+0x4b6e/0x5450 [ 22.309385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.309422] ? kasan_atomics_helper+0x4b6e/0x5450 [ 22.309459] kasan_report+0x141/0x180 [ 22.309532] ? kasan_atomics_helper+0x4b6e/0x5450 [ 22.309645] __asan_report_store4_noabort+0x1b/0x30 [ 22.309725] kasan_atomics_helper+0x4b6e/0x5450 [ 22.309767] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.309805] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.309841] ? kasan_atomics+0x152/0x310 [ 22.309900] kasan_atomics+0x1dc/0x310 [ 22.309956] ? __pfx_kasan_atomics+0x10/0x10 [ 22.309990] ? __pfx_read_tsc+0x10/0x10 [ 22.310019] ? ktime_get_ts64+0x86/0x230 [ 22.310060] kunit_try_run_case+0x1a5/0x480 [ 22.310097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.310130] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.310166] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.310202] ? __kthread_parkme+0x82/0x180 [ 22.310237] ? preempt_count_sub+0x50/0x80 [ 22.310272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.310307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.310341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.310385] kthread+0x337/0x6f0 [ 22.310623] ? trace_preempt_on+0x20/0xc0 [ 22.310703] ? __pfx_kthread+0x10/0x10 [ 22.310781] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.311017] ? calculate_sigpending+0x7b/0xa0 [ 22.311062] ? __pfx_kthread+0x10/0x10 [ 22.311100] ret_from_fork+0x41/0x80 [ 22.311134] ? __pfx_kthread+0x10/0x10 [ 22.311169] ret_from_fork_asm+0x1a/0x30 [ 22.311217] </TASK> [ 22.311232] [ 22.329663] Allocated by task 285: [ 22.330818] kasan_save_stack+0x45/0x70 [ 22.333627] kasan_save_track+0x18/0x40 [ 22.333911] kasan_save_alloc_info+0x3b/0x50 [ 22.334173] __kasan_kmalloc+0xb7/0xc0 [ 22.334447] __kmalloc_cache_noprof+0x189/0x420 [ 22.335883] kasan_atomics+0x95/0x310 [ 22.336291] kunit_try_run_case+0x1a5/0x480 [ 22.336959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.337701] kthread+0x337/0x6f0 [ 22.338137] ret_from_fork+0x41/0x80 [ 22.338806] ret_from_fork_asm+0x1a/0x30 [ 22.339138] [ 22.339323] The buggy address belongs to the object at ffff888102983600 [ 22.339323] which belongs to the cache kmalloc-64 of size 64 [ 22.342210] The buggy address is located 0 bytes to the right of [ 22.342210] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.344314] [ 22.344747] The buggy address belongs to the physical page: [ 22.345287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.346061] flags: 0x200000000000000(node=0|zone=2) [ 22.346885] page_type: f5(slab) [ 22.347919] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.348675] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.349400] page dumped because: kasan: bad access detected [ 22.350119] [ 22.350349] Memory state around the buggy address: [ 22.351404] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.352161] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.352914] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.353651] ^ [ 22.353985] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.354822] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.355444] ================================================================== [ 24.247757] ================================================================== [ 24.248950] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 24.250272] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.251072] [ 24.251355] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.251959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.251988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.252022] Call Trace: [ 24.252047] <TASK> [ 24.252070] dump_stack_lvl+0x73/0xb0 [ 24.252111] print_report+0xd1/0x650 [ 24.252145] ? __virt_addr_valid+0x1db/0x2d0 [ 24.252180] ? kasan_atomics_helper+0x1818/0x5450 [ 24.252211] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.252245] ? kasan_atomics_helper+0x1818/0x5450 [ 24.252278] kasan_report+0x141/0x180 [ 24.252311] ? kasan_atomics_helper+0x1818/0x5450 [ 24.252350] kasan_check_range+0x10c/0x1c0 [ 24.252387] __kasan_check_write+0x18/0x20 [ 24.252457] kasan_atomics_helper+0x1818/0x5450 [ 24.252524] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.252561] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.252597] ? kasan_atomics+0x152/0x310 [ 24.252631] kasan_atomics+0x1dc/0x310 [ 24.252660] ? __pfx_kasan_atomics+0x10/0x10 [ 24.252690] ? __pfx_read_tsc+0x10/0x10 [ 24.252720] ? ktime_get_ts64+0x86/0x230 [ 24.252758] kunit_try_run_case+0x1a5/0x480 [ 24.252794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.252827] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.252863] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.252898] ? __kthread_parkme+0x82/0x180 [ 24.252931] ? preempt_count_sub+0x50/0x80 [ 24.252967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.253002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.253036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.253070] kthread+0x337/0x6f0 [ 24.253102] ? trace_preempt_on+0x20/0xc0 [ 24.253138] ? __pfx_kthread+0x10/0x10 [ 24.253171] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.253204] ? calculate_sigpending+0x7b/0xa0 [ 24.253240] ? __pfx_kthread+0x10/0x10 [ 24.253274] ret_from_fork+0x41/0x80 [ 24.253308] ? __pfx_kthread+0x10/0x10 [ 24.253347] ret_from_fork_asm+0x1a/0x30 [ 24.253395] </TASK> [ 24.253422] [ 24.274075] Allocated by task 285: [ 24.274266] kasan_save_stack+0x45/0x70 [ 24.274589] kasan_save_track+0x18/0x40 [ 24.275288] kasan_save_alloc_info+0x3b/0x50 [ 24.275863] __kasan_kmalloc+0xb7/0xc0 [ 24.276287] __kmalloc_cache_noprof+0x189/0x420 [ 24.277501] kasan_atomics+0x95/0x310 [ 24.277949] kunit_try_run_case+0x1a5/0x480 [ 24.278324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.279216] kthread+0x337/0x6f0 [ 24.279794] ret_from_fork+0x41/0x80 [ 24.280313] ret_from_fork_asm+0x1a/0x30 [ 24.280715] [ 24.281043] The buggy address belongs to the object at ffff888102983600 [ 24.281043] which belongs to the cache kmalloc-64 of size 64 [ 24.282819] The buggy address is located 0 bytes to the right of [ 24.282819] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.283724] [ 24.284041] The buggy address belongs to the physical page: [ 24.284895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.285794] flags: 0x200000000000000(node=0|zone=2) [ 24.286205] page_type: f5(slab) [ 24.286618] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.287280] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.288082] page dumped because: kasan: bad access detected [ 24.288526] [ 24.288678] Memory state around the buggy address: [ 24.289040] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.289793] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.291000] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.292331] ^ [ 24.292642] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.294044] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.294985] ================================================================== [ 24.104520] ================================================================== [ 24.105517] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 24.106507] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.107683] [ 24.107910] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.108042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.108082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.108144] Call Trace: [ 24.108198] <TASK> [ 24.108252] dump_stack_lvl+0x73/0xb0 [ 24.108336] print_report+0xd1/0x650 [ 24.108397] ? __virt_addr_valid+0x1db/0x2d0 [ 24.108532] ? kasan_atomics_helper+0x164f/0x5450 [ 24.108616] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.108697] ? kasan_atomics_helper+0x164f/0x5450 [ 24.108773] kasan_report+0x141/0x180 [ 24.108854] ? kasan_atomics_helper+0x164f/0x5450 [ 24.108943] kasan_check_range+0x10c/0x1c0 [ 24.109028] __kasan_check_write+0x18/0x20 [ 24.109076] kasan_atomics_helper+0x164f/0x5450 [ 24.109112] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.109148] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.109181] ? kasan_atomics+0x152/0x310 [ 24.109212] kasan_atomics+0x1dc/0x310 [ 24.109238] ? __pfx_kasan_atomics+0x10/0x10 [ 24.109267] ? __pfx_read_tsc+0x10/0x10 [ 24.109296] ? ktime_get_ts64+0x86/0x230 [ 24.109337] kunit_try_run_case+0x1a5/0x480 [ 24.109374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.109407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.109510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.109552] ? __kthread_parkme+0x82/0x180 [ 24.109597] ? preempt_count_sub+0x50/0x80 [ 24.109635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.109669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.109703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.109736] kthread+0x337/0x6f0 [ 24.109768] ? trace_preempt_on+0x20/0xc0 [ 24.109803] ? __pfx_kthread+0x10/0x10 [ 24.109836] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.109871] ? calculate_sigpending+0x7b/0xa0 [ 24.109904] ? __pfx_kthread+0x10/0x10 [ 24.109938] ret_from_fork+0x41/0x80 [ 24.109970] ? __pfx_kthread+0x10/0x10 [ 24.110004] ret_from_fork_asm+0x1a/0x30 [ 24.110049] </TASK> [ 24.110063] [ 24.127400] Allocated by task 285: [ 24.127900] kasan_save_stack+0x45/0x70 [ 24.128577] kasan_save_track+0x18/0x40 [ 24.129129] kasan_save_alloc_info+0x3b/0x50 [ 24.129709] __kasan_kmalloc+0xb7/0xc0 [ 24.130058] __kmalloc_cache_noprof+0x189/0x420 [ 24.130732] kasan_atomics+0x95/0x310 [ 24.131127] kunit_try_run_case+0x1a5/0x480 [ 24.131694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.132306] kthread+0x337/0x6f0 [ 24.132841] ret_from_fork+0x41/0x80 [ 24.133259] ret_from_fork_asm+0x1a/0x30 [ 24.133790] [ 24.134070] The buggy address belongs to the object at ffff888102983600 [ 24.134070] which belongs to the cache kmalloc-64 of size 64 [ 24.134872] The buggy address is located 0 bytes to the right of [ 24.134872] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.136020] [ 24.136266] The buggy address belongs to the physical page: [ 24.136869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.137364] flags: 0x200000000000000(node=0|zone=2) [ 24.137954] page_type: f5(slab) [ 24.138456] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.139298] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.139999] page dumped because: kasan: bad access detected [ 24.140640] [ 24.140878] Memory state around the buggy address: [ 24.141316] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.141858] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.142743] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.143352] ^ [ 24.143863] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.144741] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.145366] ================================================================== [ 23.732113] ================================================================== [ 23.733976] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 23.734602] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.735260] [ 23.735791] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.736020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.736064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.736122] Call Trace: [ 23.736176] <TASK> [ 23.736227] dump_stack_lvl+0x73/0xb0 [ 23.736306] print_report+0xd1/0x650 [ 23.736382] ? __virt_addr_valid+0x1db/0x2d0 [ 23.736462] ? kasan_atomics_helper+0x12e6/0x5450 [ 23.736561] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.736637] ? kasan_atomics_helper+0x12e6/0x5450 [ 23.736719] kasan_report+0x141/0x180 [ 23.736805] ? kasan_atomics_helper+0x12e6/0x5450 [ 23.736901] kasan_check_range+0x10c/0x1c0 [ 23.736994] __kasan_check_write+0x18/0x20 [ 23.737070] kasan_atomics_helper+0x12e6/0x5450 [ 23.737153] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.737233] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.737315] ? kasan_atomics+0x152/0x310 [ 23.737395] kasan_atomics+0x1dc/0x310 [ 23.737499] ? __pfx_kasan_atomics+0x10/0x10 [ 23.737594] ? __pfx_read_tsc+0x10/0x10 [ 23.737663] ? ktime_get_ts64+0x86/0x230 [ 23.737750] kunit_try_run_case+0x1a5/0x480 [ 23.737829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.737904] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.737982] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.738059] ? __kthread_parkme+0x82/0x180 [ 23.738096] ? preempt_count_sub+0x50/0x80 [ 23.738133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.738168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.738202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.738236] kthread+0x337/0x6f0 [ 23.738267] ? trace_preempt_on+0x20/0xc0 [ 23.738303] ? __pfx_kthread+0x10/0x10 [ 23.738336] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.738368] ? calculate_sigpending+0x7b/0xa0 [ 23.738398] ? __pfx_kthread+0x10/0x10 [ 23.738470] ret_from_fork+0x41/0x80 [ 23.738533] ? __pfx_kthread+0x10/0x10 [ 23.738567] ret_from_fork_asm+0x1a/0x30 [ 23.738615] </TASK> [ 23.738630] [ 23.759947] Allocated by task 285: [ 23.760854] kasan_save_stack+0x45/0x70 [ 23.761265] kasan_save_track+0x18/0x40 [ 23.761936] kasan_save_alloc_info+0x3b/0x50 [ 23.762355] __kasan_kmalloc+0xb7/0xc0 [ 23.763107] __kmalloc_cache_noprof+0x189/0x420 [ 23.763699] kasan_atomics+0x95/0x310 [ 23.764069] kunit_try_run_case+0x1a5/0x480 [ 23.764718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.765187] kthread+0x337/0x6f0 [ 23.765991] ret_from_fork+0x41/0x80 [ 23.766344] ret_from_fork_asm+0x1a/0x30 [ 23.766775] [ 23.767248] The buggy address belongs to the object at ffff888102983600 [ 23.767248] which belongs to the cache kmalloc-64 of size 64 [ 23.768268] The buggy address is located 0 bytes to the right of [ 23.768268] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.769805] [ 23.770032] The buggy address belongs to the physical page: [ 23.771012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.771660] flags: 0x200000000000000(node=0|zone=2) [ 23.772063] page_type: f5(slab) [ 23.772346] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.773805] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.774639] page dumped because: kasan: bad access detected [ 23.775362] [ 23.775644] Memory state around the buggy address: [ 23.775967] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.777397] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.777938] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.778693] ^ [ 23.779273] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.780070] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.781214] ================================================================== [ 22.655559] ================================================================== [ 22.656627] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 22.658307] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.659226] [ 22.659759] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.659995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.660030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.660063] Call Trace: [ 22.660091] <TASK> [ 22.660117] dump_stack_lvl+0x73/0xb0 [ 22.660163] print_report+0xd1/0x650 [ 22.660197] ? __virt_addr_valid+0x1db/0x2d0 [ 22.660230] ? kasan_atomics_helper+0x697/0x5450 [ 22.660261] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.660294] ? kasan_atomics_helper+0x697/0x5450 [ 22.660329] kasan_report+0x141/0x180 [ 22.660361] ? kasan_atomics_helper+0x697/0x5450 [ 22.660398] kasan_check_range+0x10c/0x1c0 [ 22.660533] __kasan_check_write+0x18/0x20 [ 22.660612] kasan_atomics_helper+0x697/0x5450 [ 22.660688] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.660802] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.660880] ? kasan_atomics+0x152/0x310 [ 22.660952] kasan_atomics+0x1dc/0x310 [ 22.661017] ? __pfx_kasan_atomics+0x10/0x10 [ 22.661085] ? __pfx_read_tsc+0x10/0x10 [ 22.661147] ? ktime_get_ts64+0x86/0x230 [ 22.661227] kunit_try_run_case+0x1a5/0x480 [ 22.661306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.661340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.661376] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.661411] ? __kthread_parkme+0x82/0x180 [ 22.661519] ? preempt_count_sub+0x50/0x80 [ 22.661616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.661658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.661692] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.661725] kthread+0x337/0x6f0 [ 22.661756] ? trace_preempt_on+0x20/0xc0 [ 22.661789] ? __pfx_kthread+0x10/0x10 [ 22.661821] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.661854] ? calculate_sigpending+0x7b/0xa0 [ 22.661885] ? __pfx_kthread+0x10/0x10 [ 22.661918] ret_from_fork+0x41/0x80 [ 22.661947] ? __pfx_kthread+0x10/0x10 [ 22.661980] ret_from_fork_asm+0x1a/0x30 [ 22.662025] </TASK> [ 22.662039] [ 22.683200] Allocated by task 285: [ 22.683846] kasan_save_stack+0x45/0x70 [ 22.684134] kasan_save_track+0x18/0x40 [ 22.684297] kasan_save_alloc_info+0x3b/0x50 [ 22.684702] __kasan_kmalloc+0xb7/0xc0 [ 22.685289] __kmalloc_cache_noprof+0x189/0x420 [ 22.685718] kasan_atomics+0x95/0x310 [ 22.686876] kunit_try_run_case+0x1a5/0x480 [ 22.687290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.687760] kthread+0x337/0x6f0 [ 22.688166] ret_from_fork+0x41/0x80 [ 22.688541] ret_from_fork_asm+0x1a/0x30 [ 22.688915] [ 22.689163] The buggy address belongs to the object at ffff888102983600 [ 22.689163] which belongs to the cache kmalloc-64 of size 64 [ 22.691159] The buggy address is located 0 bytes to the right of [ 22.691159] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.692273] [ 22.692879] The buggy address belongs to the physical page: [ 22.693801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.694595] flags: 0x200000000000000(node=0|zone=2) [ 22.695082] page_type: f5(slab) [ 22.695420] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.696063] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.696739] page dumped because: kasan: bad access detected [ 22.697204] [ 22.697545] Memory state around the buggy address: [ 22.698107] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.698868] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.699774] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.700362] ^ [ 22.701347] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.702150] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.703007] ================================================================== [ 24.013881] ================================================================== [ 24.014701] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 24.015368] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.016563] [ 24.016813] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.017162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.017206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.017267] Call Trace: [ 24.017304] <TASK> [ 24.017332] dump_stack_lvl+0x73/0xb0 [ 24.017379] print_report+0xd1/0x650 [ 24.017427] ? __virt_addr_valid+0x1db/0x2d0 [ 24.017506] ? kasan_atomics_helper+0x151d/0x5450 [ 24.017544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.017591] ? kasan_atomics_helper+0x151d/0x5450 [ 24.017625] kasan_report+0x141/0x180 [ 24.017661] ? kasan_atomics_helper+0x151d/0x5450 [ 24.017701] kasan_check_range+0x10c/0x1c0 [ 24.017738] __kasan_check_write+0x18/0x20 [ 24.017767] kasan_atomics_helper+0x151d/0x5450 [ 24.017801] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.017836] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.017870] ? kasan_atomics+0x152/0x310 [ 24.017903] kasan_atomics+0x1dc/0x310 [ 24.017931] ? __pfx_kasan_atomics+0x10/0x10 [ 24.017961] ? __pfx_read_tsc+0x10/0x10 [ 24.017990] ? ktime_get_ts64+0x86/0x230 [ 24.018031] kunit_try_run_case+0x1a5/0x480 [ 24.018068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.018102] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.018139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.018175] ? __kthread_parkme+0x82/0x180 [ 24.018207] ? preempt_count_sub+0x50/0x80 [ 24.018244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.018277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.018312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.018345] kthread+0x337/0x6f0 [ 24.018377] ? trace_preempt_on+0x20/0xc0 [ 24.018422] ? __pfx_kthread+0x10/0x10 [ 24.018491] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.018534] ? calculate_sigpending+0x7b/0xa0 [ 24.018567] ? __pfx_kthread+0x10/0x10 [ 24.018600] ret_from_fork+0x41/0x80 [ 24.018633] ? __pfx_kthread+0x10/0x10 [ 24.018666] ret_from_fork_asm+0x1a/0x30 [ 24.018712] </TASK> [ 24.018727] [ 24.039644] Allocated by task 285: [ 24.040171] kasan_save_stack+0x45/0x70 [ 24.040712] kasan_save_track+0x18/0x40 [ 24.041290] kasan_save_alloc_info+0x3b/0x50 [ 24.041760] __kasan_kmalloc+0xb7/0xc0 [ 24.042336] __kmalloc_cache_noprof+0x189/0x420 [ 24.042937] kasan_atomics+0x95/0x310 [ 24.043543] kunit_try_run_case+0x1a5/0x480 [ 24.044201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.044652] kthread+0x337/0x6f0 [ 24.044808] ret_from_fork+0x41/0x80 [ 24.044964] ret_from_fork_asm+0x1a/0x30 [ 24.045133] [ 24.045223] The buggy address belongs to the object at ffff888102983600 [ 24.045223] which belongs to the cache kmalloc-64 of size 64 [ 24.046596] The buggy address is located 0 bytes to the right of [ 24.046596] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.047910] [ 24.048166] The buggy address belongs to the physical page: [ 24.048813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.049904] flags: 0x200000000000000(node=0|zone=2) [ 24.050461] page_type: f5(slab) [ 24.051028] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.051987] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.052747] page dumped because: kasan: bad access detected [ 24.053327] [ 24.053662] Memory state around the buggy address: [ 24.054495] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.055173] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.056049] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.056702] ^ [ 24.057142] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.057836] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.058780] ================================================================== [ 25.082855] ================================================================== [ 25.083514] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 25.084168] Read of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 25.084961] [ 25.085188] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.085317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.085359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.085420] Call Trace: [ 25.085516] <TASK> [ 25.085615] dump_stack_lvl+0x73/0xb0 [ 25.085732] print_report+0xd1/0x650 [ 25.085851] ? __virt_addr_valid+0x1db/0x2d0 [ 25.085963] ? kasan_atomics_helper+0x4fa5/0x5450 [ 25.086073] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.086189] ? kasan_atomics_helper+0x4fa5/0x5450 [ 25.086301] kasan_report+0x141/0x180 [ 25.086445] ? kasan_atomics_helper+0x4fa5/0x5450 [ 25.086560] __asan_report_load8_noabort+0x18/0x20 [ 25.086639] kasan_atomics_helper+0x4fa5/0x5450 [ 25.086722] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.086801] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.086878] ? kasan_atomics+0x152/0x310 [ 25.086958] kasan_atomics+0x1dc/0x310 [ 25.087028] ? __pfx_kasan_atomics+0x10/0x10 [ 25.087103] ? __pfx_read_tsc+0x10/0x10 [ 25.087165] ? ktime_get_ts64+0x86/0x230 [ 25.087249] kunit_try_run_case+0x1a5/0x480 [ 25.087327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.087399] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.087497] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.087583] ? __kthread_parkme+0x82/0x180 [ 25.087657] ? preempt_count_sub+0x50/0x80 [ 25.087757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.087819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.087855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.087891] kthread+0x337/0x6f0 [ 25.087929] ? trace_preempt_on+0x20/0xc0 [ 25.088000] ? __pfx_kthread+0x10/0x10 [ 25.088054] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.088127] ? calculate_sigpending+0x7b/0xa0 [ 25.088240] ? __pfx_kthread+0x10/0x10 [ 25.088330] ret_from_fork+0x41/0x80 [ 25.088461] ? __pfx_kthread+0x10/0x10 [ 25.088598] ret_from_fork_asm+0x1a/0x30 [ 25.088742] </TASK> [ 25.088786] [ 25.103871] Allocated by task 285: [ 25.104335] kasan_save_stack+0x45/0x70 [ 25.104847] kasan_save_track+0x18/0x40 [ 25.105292] kasan_save_alloc_info+0x3b/0x50 [ 25.105841] __kasan_kmalloc+0xb7/0xc0 [ 25.106258] __kmalloc_cache_noprof+0x189/0x420 [ 25.106828] kasan_atomics+0x95/0x310 [ 25.107279] kunit_try_run_case+0x1a5/0x480 [ 25.107635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.108065] kthread+0x337/0x6f0 [ 25.108540] ret_from_fork+0x41/0x80 [ 25.108989] ret_from_fork_asm+0x1a/0x30 [ 25.109492] [ 25.109747] The buggy address belongs to the object at ffff888102983600 [ 25.109747] which belongs to the cache kmalloc-64 of size 64 [ 25.110582] The buggy address is located 0 bytes to the right of [ 25.110582] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 25.112121] [ 25.112542] The buggy address belongs to the physical page: [ 25.113098] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 25.113809] flags: 0x200000000000000(node=0|zone=2) [ 25.114171] page_type: f5(slab) [ 25.114635] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.115788] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.116424] page dumped because: kasan: bad access detected [ 25.116800] [ 25.117053] Memory state around the buggy address: [ 25.117558] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.118229] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.118695] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.119139] ^ [ 25.119553] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.120216] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.120870] ================================================================== [ 24.428192] ================================================================== [ 24.428734] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 24.429408] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.430558] [ 24.431177] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.431297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.431330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.431363] Call Trace: [ 24.431389] <TASK> [ 24.431425] dump_stack_lvl+0x73/0xb0 [ 24.431504] print_report+0xd1/0x650 [ 24.431550] ? __virt_addr_valid+0x1db/0x2d0 [ 24.431587] ? kasan_atomics_helper+0x1a7f/0x5450 [ 24.431622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.431656] ? kasan_atomics_helper+0x1a7f/0x5450 [ 24.431690] kasan_report+0x141/0x180 [ 24.431726] ? kasan_atomics_helper+0x1a7f/0x5450 [ 24.431765] kasan_check_range+0x10c/0x1c0 [ 24.431803] __kasan_check_write+0x18/0x20 [ 24.431832] kasan_atomics_helper+0x1a7f/0x5450 [ 24.431866] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.431900] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.431933] ? kasan_atomics+0x152/0x310 [ 24.431966] kasan_atomics+0x1dc/0x310 [ 24.431993] ? __pfx_kasan_atomics+0x10/0x10 [ 24.432023] ? __pfx_read_tsc+0x10/0x10 [ 24.432051] ? ktime_get_ts64+0x86/0x230 [ 24.432089] kunit_try_run_case+0x1a5/0x480 [ 24.432124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.432158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.432194] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.432229] ? __kthread_parkme+0x82/0x180 [ 24.432262] ? preempt_count_sub+0x50/0x80 [ 24.432298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.432332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.432366] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.432400] kthread+0x337/0x6f0 [ 24.432487] ? trace_preempt_on+0x20/0xc0 [ 24.432569] ? __pfx_kthread+0x10/0x10 [ 24.432651] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.432728] ? calculate_sigpending+0x7b/0xa0 [ 24.432807] ? __pfx_kthread+0x10/0x10 [ 24.432886] ret_from_fork+0x41/0x80 [ 24.432963] ? __pfx_kthread+0x10/0x10 [ 24.433043] ret_from_fork_asm+0x1a/0x30 [ 24.433150] </TASK> [ 24.433191] [ 24.451716] Allocated by task 285: [ 24.452190] kasan_save_stack+0x45/0x70 [ 24.452805] kasan_save_track+0x18/0x40 [ 24.453255] kasan_save_alloc_info+0x3b/0x50 [ 24.453871] __kasan_kmalloc+0xb7/0xc0 [ 24.454186] __kmalloc_cache_noprof+0x189/0x420 [ 24.454628] kasan_atomics+0x95/0x310 [ 24.455105] kunit_try_run_case+0x1a5/0x480 [ 24.455725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.456320] kthread+0x337/0x6f0 [ 24.456835] ret_from_fork+0x41/0x80 [ 24.457341] ret_from_fork_asm+0x1a/0x30 [ 24.457829] [ 24.458058] The buggy address belongs to the object at ffff888102983600 [ 24.458058] which belongs to the cache kmalloc-64 of size 64 [ 24.458793] The buggy address is located 0 bytes to the right of [ 24.458793] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.459693] [ 24.459936] The buggy address belongs to the physical page: [ 24.460444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.462879] flags: 0x200000000000000(node=0|zone=2) [ 24.463205] page_type: f5(slab) [ 24.464460] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.466869] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.468788] page dumped because: kasan: bad access detected [ 24.470553] [ 24.471578] Memory state around the buggy address: [ 24.472570] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.473085] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.473832] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.474647] ^ [ 24.475153] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.475700] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.476206] ================================================================== [ 24.478900] ================================================================== [ 24.479682] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 24.480384] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.481011] [ 24.481279] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.481416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.481461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.481543] Call Trace: [ 24.481609] <TASK> [ 24.481639] dump_stack_lvl+0x73/0xb0 [ 24.481682] print_report+0xd1/0x650 [ 24.481724] ? __virt_addr_valid+0x1db/0x2d0 [ 24.481795] ? kasan_atomics_helper+0x1b22/0x5450 [ 24.481830] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.481867] ? kasan_atomics_helper+0x1b22/0x5450 [ 24.481902] kasan_report+0x141/0x180 [ 24.481936] ? kasan_atomics_helper+0x1b22/0x5450 [ 24.481976] kasan_check_range+0x10c/0x1c0 [ 24.482013] __kasan_check_write+0x18/0x20 [ 24.482043] kasan_atomics_helper+0x1b22/0x5450 [ 24.482078] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.482112] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.482144] ? kasan_atomics+0x152/0x310 [ 24.482177] kasan_atomics+0x1dc/0x310 [ 24.482204] ? __pfx_kasan_atomics+0x10/0x10 [ 24.482233] ? __pfx_read_tsc+0x10/0x10 [ 24.482263] ? ktime_get_ts64+0x86/0x230 [ 24.482301] kunit_try_run_case+0x1a5/0x480 [ 24.482336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.482368] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.482412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.482550] ? __kthread_parkme+0x82/0x180 [ 24.482632] ? preempt_count_sub+0x50/0x80 [ 24.482715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.482793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.482868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.482946] kthread+0x337/0x6f0 [ 24.483023] ? trace_preempt_on+0x20/0xc0 [ 24.483066] ? __pfx_kthread+0x10/0x10 [ 24.483101] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.483136] ? calculate_sigpending+0x7b/0xa0 [ 24.483169] ? __pfx_kthread+0x10/0x10 [ 24.483205] ret_from_fork+0x41/0x80 [ 24.483236] ? __pfx_kthread+0x10/0x10 [ 24.483271] ret_from_fork_asm+0x1a/0x30 [ 24.483316] </TASK> [ 24.483332] [ 24.499045] Allocated by task 285: [ 24.499386] kasan_save_stack+0x45/0x70 [ 24.499897] kasan_save_track+0x18/0x40 [ 24.500310] kasan_save_alloc_info+0x3b/0x50 [ 24.500819] __kasan_kmalloc+0xb7/0xc0 [ 24.501241] __kmalloc_cache_noprof+0x189/0x420 [ 24.501692] kasan_atomics+0x95/0x310 [ 24.502005] kunit_try_run_case+0x1a5/0x480 [ 24.502372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.502950] kthread+0x337/0x6f0 [ 24.503328] ret_from_fork+0x41/0x80 [ 24.503789] ret_from_fork_asm+0x1a/0x30 [ 24.504237] [ 24.504551] The buggy address belongs to the object at ffff888102983600 [ 24.504551] which belongs to the cache kmalloc-64 of size 64 [ 24.505595] The buggy address is located 0 bytes to the right of [ 24.505595] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.506398] [ 24.506659] The buggy address belongs to the physical page: [ 24.507075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.507872] flags: 0x200000000000000(node=0|zone=2) [ 24.508382] page_type: f5(slab) [ 24.508804] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.509505] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.509987] page dumped because: kasan: bad access detected [ 24.510546] [ 24.510785] Memory state around the buggy address: [ 24.511242] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.511939] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.512643] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.513168] ^ [ 24.513608] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.514221] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.514888] ================================================================== [ 24.556153] ================================================================== [ 24.556833] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 24.557416] Read of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.559086] [ 24.559382] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.559709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.559754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.559818] Call Trace: [ 24.559875] <TASK> [ 24.559929] dump_stack_lvl+0x73/0xb0 [ 24.560031] print_report+0xd1/0x650 [ 24.560111] ? __virt_addr_valid+0x1db/0x2d0 [ 24.560190] ? kasan_atomics_helper+0x4f30/0x5450 [ 24.560263] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.560311] ? kasan_atomics_helper+0x4f30/0x5450 [ 24.560344] kasan_report+0x141/0x180 [ 24.560378] ? kasan_atomics_helper+0x4f30/0x5450 [ 24.560449] __asan_report_load8_noabort+0x18/0x20 [ 24.560521] kasan_atomics_helper+0x4f30/0x5450 [ 24.560560] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.560593] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.560627] ? kasan_atomics+0x152/0x310 [ 24.560658] kasan_atomics+0x1dc/0x310 [ 24.560684] ? __pfx_kasan_atomics+0x10/0x10 [ 24.560714] ? __pfx_read_tsc+0x10/0x10 [ 24.560743] ? ktime_get_ts64+0x86/0x230 [ 24.560780] kunit_try_run_case+0x1a5/0x480 [ 24.560816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.560847] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.560881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.560916] ? __kthread_parkme+0x82/0x180 [ 24.560947] ? preempt_count_sub+0x50/0x80 [ 24.560982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.561015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.561047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.561080] kthread+0x337/0x6f0 [ 24.561111] ? trace_preempt_on+0x20/0xc0 [ 24.561144] ? __pfx_kthread+0x10/0x10 [ 24.561175] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.561207] ? calculate_sigpending+0x7b/0xa0 [ 24.561237] ? __pfx_kthread+0x10/0x10 [ 24.561269] ret_from_fork+0x41/0x80 [ 24.561300] ? __pfx_kthread+0x10/0x10 [ 24.561332] ret_from_fork_asm+0x1a/0x30 [ 24.561377] </TASK> [ 24.561392] [ 24.575062] Allocated by task 285: [ 24.575527] kasan_save_stack+0x45/0x70 [ 24.575987] kasan_save_track+0x18/0x40 [ 24.576412] kasan_save_alloc_info+0x3b/0x50 [ 24.576879] __kasan_kmalloc+0xb7/0xc0 [ 24.577309] __kmalloc_cache_noprof+0x189/0x420 [ 24.578136] kasan_atomics+0x95/0x310 [ 24.578596] kunit_try_run_case+0x1a5/0x480 [ 24.579038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.579622] kthread+0x337/0x6f0 [ 24.579999] ret_from_fork+0x41/0x80 [ 24.580378] ret_from_fork_asm+0x1a/0x30 [ 24.580729] [ 24.580921] The buggy address belongs to the object at ffff888102983600 [ 24.580921] which belongs to the cache kmalloc-64 of size 64 [ 24.583141] The buggy address is located 0 bytes to the right of [ 24.583141] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.585029] [ 24.585132] The buggy address belongs to the physical page: [ 24.585325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.586697] flags: 0x200000000000000(node=0|zone=2) [ 24.587751] page_type: f5(slab) [ 24.588327] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.588981] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.589674] page dumped because: kasan: bad access detected [ 24.590061] [ 24.590359] Memory state around the buggy address: [ 24.590873] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.591592] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.592323] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.592991] ^ [ 24.593450] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.594083] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.594866] ================================================================== [ 24.596160] ================================================================== [ 24.596772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 24.597370] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.597963] [ 24.598187] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.598315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.598359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.598459] Call Trace: [ 24.598581] <TASK> [ 24.598647] dump_stack_lvl+0x73/0xb0 [ 24.598785] print_report+0xd1/0x650 [ 24.598914] ? __virt_addr_valid+0x1db/0x2d0 [ 24.599028] ? kasan_atomics_helper+0x1ce1/0x5450 [ 24.599105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.599186] ? kasan_atomics_helper+0x1ce1/0x5450 [ 24.599321] kasan_report+0x141/0x180 [ 24.599461] ? kasan_atomics_helper+0x1ce1/0x5450 [ 24.599577] kasan_check_range+0x10c/0x1c0 [ 24.599661] __kasan_check_write+0x18/0x20 [ 24.599734] kasan_atomics_helper+0x1ce1/0x5450 [ 24.599818] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.599895] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.599976] ? kasan_atomics+0x152/0x310 [ 24.600104] kasan_atomics+0x1dc/0x310 [ 24.600186] ? __pfx_kasan_atomics+0x10/0x10 [ 24.600265] ? __pfx_read_tsc+0x10/0x10 [ 24.600314] ? ktime_get_ts64+0x86/0x230 [ 24.600359] kunit_try_run_case+0x1a5/0x480 [ 24.600397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.600504] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.600549] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.600588] ? __kthread_parkme+0x82/0x180 [ 24.600622] ? preempt_count_sub+0x50/0x80 [ 24.600659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.600694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.600728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.600762] kthread+0x337/0x6f0 [ 24.600793] ? trace_preempt_on+0x20/0xc0 [ 24.600827] ? __pfx_kthread+0x10/0x10 [ 24.600861] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.600896] ? calculate_sigpending+0x7b/0xa0 [ 24.600927] ? __pfx_kthread+0x10/0x10 [ 24.600961] ret_from_fork+0x41/0x80 [ 24.600991] ? __pfx_kthread+0x10/0x10 [ 24.601025] ret_from_fork_asm+0x1a/0x30 [ 24.601070] </TASK> [ 24.601085] [ 24.619755] Allocated by task 285: [ 24.620105] kasan_save_stack+0x45/0x70 [ 24.620649] kasan_save_track+0x18/0x40 [ 24.621134] kasan_save_alloc_info+0x3b/0x50 [ 24.621658] __kasan_kmalloc+0xb7/0xc0 [ 24.622066] __kmalloc_cache_noprof+0x189/0x420 [ 24.622571] kasan_atomics+0x95/0x310 [ 24.622976] kunit_try_run_case+0x1a5/0x480 [ 24.623532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.624059] kthread+0x337/0x6f0 [ 24.624554] ret_from_fork+0x41/0x80 [ 24.625012] ret_from_fork_asm+0x1a/0x30 [ 24.625586] [ 24.625805] The buggy address belongs to the object at ffff888102983600 [ 24.625805] which belongs to the cache kmalloc-64 of size 64 [ 24.626864] The buggy address is located 0 bytes to the right of [ 24.626864] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.627848] [ 24.628139] The buggy address belongs to the physical page: [ 24.628709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.629378] flags: 0x200000000000000(node=0|zone=2) [ 24.629809] page_type: f5(slab) [ 24.630108] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.630906] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.631638] page dumped because: kasan: bad access detected [ 24.632176] [ 24.632468] Memory state around the buggy address: [ 24.632914] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.633686] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.634340] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.634997] ^ [ 24.635519] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.636127] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.636802] ================================================================== [ 22.156529] ================================================================== [ 22.157603] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 22.158205] Read of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.159644] [ 22.160228] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.160333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.160350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.160384] Call Trace: [ 22.160401] <TASK> [ 22.160456] dump_stack_lvl+0x73/0xb0 [ 22.160582] print_report+0xd1/0x650 [ 22.160667] ? __virt_addr_valid+0x1db/0x2d0 [ 22.160704] ? kasan_atomics_helper+0x4bbc/0x5450 [ 22.160736] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.160772] ? kasan_atomics_helper+0x4bbc/0x5450 [ 22.160803] kasan_report+0x141/0x180 [ 22.160835] ? kasan_atomics_helper+0x4bbc/0x5450 [ 22.160872] __asan_report_load4_noabort+0x18/0x20 [ 22.160900] kasan_atomics_helper+0x4bbc/0x5450 [ 22.160932] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.160963] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.160995] ? kasan_atomics+0x152/0x310 [ 22.161028] kasan_atomics+0x1dc/0x310 [ 22.161053] ? __pfx_kasan_atomics+0x10/0x10 [ 22.161081] ? __pfx_read_tsc+0x10/0x10 [ 22.161109] ? ktime_get_ts64+0x86/0x230 [ 22.161146] kunit_try_run_case+0x1a5/0x480 [ 22.161180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.161211] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.161244] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.161278] ? __kthread_parkme+0x82/0x180 [ 22.161308] ? preempt_count_sub+0x50/0x80 [ 22.161343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.161375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.161406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.161465] kthread+0x337/0x6f0 [ 22.161560] ? trace_preempt_on+0x20/0xc0 [ 22.161624] ? __pfx_kthread+0x10/0x10 [ 22.161657] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.161688] ? calculate_sigpending+0x7b/0xa0 [ 22.161718] ? __pfx_kthread+0x10/0x10 [ 22.161750] ret_from_fork+0x41/0x80 [ 22.161778] ? __pfx_kthread+0x10/0x10 [ 22.161809] ret_from_fork_asm+0x1a/0x30 [ 22.161853] </TASK> [ 22.161867] [ 22.181480] Allocated by task 285: [ 22.182306] kasan_save_stack+0x45/0x70 [ 22.182941] kasan_save_track+0x18/0x40 [ 22.183430] kasan_save_alloc_info+0x3b/0x50 [ 22.183965] __kasan_kmalloc+0xb7/0xc0 [ 22.184272] __kmalloc_cache_noprof+0x189/0x420 [ 22.184876] kasan_atomics+0x95/0x310 [ 22.185816] kunit_try_run_case+0x1a5/0x480 [ 22.186249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.187036] kthread+0x337/0x6f0 [ 22.187841] ret_from_fork+0x41/0x80 [ 22.188172] ret_from_fork_asm+0x1a/0x30 [ 22.188854] [ 22.189332] The buggy address belongs to the object at ffff888102983600 [ 22.189332] which belongs to the cache kmalloc-64 of size 64 [ 22.191101] The buggy address is located 0 bytes to the right of [ 22.191101] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.192903] [ 22.193146] The buggy address belongs to the physical page: [ 22.194133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.195218] flags: 0x200000000000000(node=0|zone=2) [ 22.195600] page_type: f5(slab) [ 22.196262] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.197066] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.197931] page dumped because: kasan: bad access detected [ 22.198956] [ 22.199342] Memory state around the buggy address: [ 22.199918] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.201042] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.201945] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.202766] ^ [ 22.203850] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.204373] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.205366] ================================================================== [ 23.691496] ================================================================== [ 23.692860] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 23.693708] Read of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.694234] [ 23.694431] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.694640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.694683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.694743] Call Trace: [ 23.694797] <TASK> [ 23.694853] dump_stack_lvl+0x73/0xb0 [ 23.694940] print_report+0xd1/0x650 [ 23.695019] ? __virt_addr_valid+0x1db/0x2d0 [ 23.695100] ? kasan_atomics_helper+0x49e8/0x5450 [ 23.695172] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.695248] ? kasan_atomics_helper+0x49e8/0x5450 [ 23.695325] kasan_report+0x141/0x180 [ 23.695404] ? kasan_atomics_helper+0x49e8/0x5450 [ 23.695535] __asan_report_load4_noabort+0x18/0x20 [ 23.695612] kasan_atomics_helper+0x49e8/0x5450 [ 23.695700] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.695779] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.695856] ? kasan_atomics+0x152/0x310 [ 23.695967] kasan_atomics+0x1dc/0x310 [ 23.696026] ? __pfx_kasan_atomics+0x10/0x10 [ 23.696061] ? __pfx_read_tsc+0x10/0x10 [ 23.696092] ? ktime_get_ts64+0x86/0x230 [ 23.696131] kunit_try_run_case+0x1a5/0x480 [ 23.696167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.696198] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.696234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.696268] ? __kthread_parkme+0x82/0x180 [ 23.696300] ? preempt_count_sub+0x50/0x80 [ 23.696336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.696369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.696402] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.696464] kthread+0x337/0x6f0 [ 23.696528] ? trace_preempt_on+0x20/0xc0 [ 23.696565] ? __pfx_kthread+0x10/0x10 [ 23.696597] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.696629] ? calculate_sigpending+0x7b/0xa0 [ 23.696660] ? __pfx_kthread+0x10/0x10 [ 23.696692] ret_from_fork+0x41/0x80 [ 23.696723] ? __pfx_kthread+0x10/0x10 [ 23.696756] ret_from_fork_asm+0x1a/0x30 [ 23.696803] </TASK> [ 23.696818] [ 23.711134] Allocated by task 285: [ 23.711554] kasan_save_stack+0x45/0x70 [ 23.712040] kasan_save_track+0x18/0x40 [ 23.712452] kasan_save_alloc_info+0x3b/0x50 [ 23.712812] __kasan_kmalloc+0xb7/0xc0 [ 23.713125] __kmalloc_cache_noprof+0x189/0x420 [ 23.713702] kasan_atomics+0x95/0x310 [ 23.714296] kunit_try_run_case+0x1a5/0x480 [ 23.714847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.715246] kthread+0x337/0x6f0 [ 23.715667] ret_from_fork+0x41/0x80 [ 23.716046] ret_from_fork_asm+0x1a/0x30 [ 23.716514] [ 23.716742] The buggy address belongs to the object at ffff888102983600 [ 23.716742] which belongs to the cache kmalloc-64 of size 64 [ 23.720351] The buggy address is located 0 bytes to the right of [ 23.720351] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.721332] [ 23.721659] The buggy address belongs to the physical page: [ 23.722153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.722854] flags: 0x200000000000000(node=0|zone=2) [ 23.723311] page_type: f5(slab) [ 23.723865] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.724386] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.725116] page dumped because: kasan: bad access detected [ 23.725634] [ 23.725845] Memory state around the buggy address: [ 23.726287] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.727910] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.728431] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.729107] ^ [ 23.729584] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.730142] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.730795] ================================================================== [ 23.966797] ================================================================== [ 23.967385] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 23.968199] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.969335] [ 23.969683] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.969907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.969965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.970004] Call Trace: [ 23.970037] <TASK> [ 23.970066] dump_stack_lvl+0x73/0xb0 [ 23.970140] print_report+0xd1/0x650 [ 23.970193] ? __virt_addr_valid+0x1db/0x2d0 [ 23.970228] ? kasan_atomics_helper+0x50d4/0x5450 [ 23.970262] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.970296] ? kasan_atomics_helper+0x50d4/0x5450 [ 23.970328] kasan_report+0x141/0x180 [ 23.970363] ? kasan_atomics_helper+0x50d4/0x5450 [ 23.970403] __asan_report_store8_noabort+0x1b/0x30 [ 23.970767] kasan_atomics_helper+0x50d4/0x5450 [ 23.970810] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.970846] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.970882] ? kasan_atomics+0x152/0x310 [ 23.970915] kasan_atomics+0x1dc/0x310 [ 23.970942] ? __pfx_kasan_atomics+0x10/0x10 [ 23.970971] ? __pfx_read_tsc+0x10/0x10 [ 23.970998] ? ktime_get_ts64+0x86/0x230 [ 23.971035] kunit_try_run_case+0x1a5/0x480 [ 23.971069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.971100] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.971136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.971171] ? __kthread_parkme+0x82/0x180 [ 23.971202] ? preempt_count_sub+0x50/0x80 [ 23.971239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.971273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.971307] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.971341] kthread+0x337/0x6f0 [ 23.971370] ? trace_preempt_on+0x20/0xc0 [ 23.971420] ? __pfx_kthread+0x10/0x10 [ 23.971517] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.971555] ? calculate_sigpending+0x7b/0xa0 [ 23.971588] ? __pfx_kthread+0x10/0x10 [ 23.971621] ret_from_fork+0x41/0x80 [ 23.971652] ? __pfx_kthread+0x10/0x10 [ 23.971685] ret_from_fork_asm+0x1a/0x30 [ 23.971732] </TASK> [ 23.971748] [ 23.992597] Allocated by task 285: [ 23.992977] kasan_save_stack+0x45/0x70 [ 23.994021] kasan_save_track+0x18/0x40 [ 23.994576] kasan_save_alloc_info+0x3b/0x50 [ 23.994761] __kasan_kmalloc+0xb7/0xc0 [ 23.994917] __kmalloc_cache_noprof+0x189/0x420 [ 23.995091] kasan_atomics+0x95/0x310 [ 23.995240] kunit_try_run_case+0x1a5/0x480 [ 23.995407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.996287] kthread+0x337/0x6f0 [ 23.996935] ret_from_fork+0x41/0x80 [ 23.997648] ret_from_fork_asm+0x1a/0x30 [ 23.998151] [ 23.998375] The buggy address belongs to the object at ffff888102983600 [ 23.998375] which belongs to the cache kmalloc-64 of size 64 [ 23.999713] The buggy address is located 0 bytes to the right of [ 23.999713] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.001067] [ 24.001237] The buggy address belongs to the physical page: [ 24.001843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.003084] flags: 0x200000000000000(node=0|zone=2) [ 24.003422] page_type: f5(slab) [ 24.003832] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.004443] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.005402] page dumped because: kasan: bad access detected [ 24.006086] [ 24.006316] Memory state around the buggy address: [ 24.007097] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.007857] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.009087] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.009927] ^ [ 24.010355] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.011119] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.011842] ================================================================== [ 23.094292] ================================================================== [ 23.095059] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 23.095734] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.096365] [ 23.097711] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.097843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.097883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.097943] Call Trace: [ 23.097996] <TASK> [ 23.098045] dump_stack_lvl+0x73/0xb0 [ 23.098124] print_report+0xd1/0x650 [ 23.098202] ? __virt_addr_valid+0x1db/0x2d0 [ 23.098276] ? kasan_atomics_helper+0xc70/0x5450 [ 23.098349] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.098424] ? kasan_atomics_helper+0xc70/0x5450 [ 23.099010] kasan_report+0x141/0x180 [ 23.099101] ? kasan_atomics_helper+0xc70/0x5450 [ 23.099210] kasan_check_range+0x10c/0x1c0 [ 23.099294] __kasan_check_write+0x18/0x20 [ 23.099365] kasan_atomics_helper+0xc70/0x5450 [ 23.099423] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.099558] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.099596] ? kasan_atomics+0x152/0x310 [ 23.099630] kasan_atomics+0x1dc/0x310 [ 23.099658] ? __pfx_kasan_atomics+0x10/0x10 [ 23.099687] ? __pfx_read_tsc+0x10/0x10 [ 23.099715] ? ktime_get_ts64+0x86/0x230 [ 23.099751] kunit_try_run_case+0x1a5/0x480 [ 23.099787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.099820] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.099855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.099889] ? __kthread_parkme+0x82/0x180 [ 23.099920] ? preempt_count_sub+0x50/0x80 [ 23.099954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.099987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.100019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.100051] kthread+0x337/0x6f0 [ 23.100080] ? trace_preempt_on+0x20/0xc0 [ 23.100114] ? __pfx_kthread+0x10/0x10 [ 23.100145] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.100176] ? calculate_sigpending+0x7b/0xa0 [ 23.100207] ? __pfx_kthread+0x10/0x10 [ 23.100239] ret_from_fork+0x41/0x80 [ 23.100268] ? __pfx_kthread+0x10/0x10 [ 23.100300] ret_from_fork_asm+0x1a/0x30 [ 23.100343] </TASK> [ 23.100358] [ 23.118817] Allocated by task 285: [ 23.119239] kasan_save_stack+0x45/0x70 [ 23.119801] kasan_save_track+0x18/0x40 [ 23.120210] kasan_save_alloc_info+0x3b/0x50 [ 23.120717] __kasan_kmalloc+0xb7/0xc0 [ 23.121178] __kmalloc_cache_noprof+0x189/0x420 [ 23.121639] kasan_atomics+0x95/0x310 [ 23.122095] kunit_try_run_case+0x1a5/0x480 [ 23.122599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.122983] kthread+0x337/0x6f0 [ 23.123276] ret_from_fork+0x41/0x80 [ 23.123772] ret_from_fork_asm+0x1a/0x30 [ 23.124199] [ 23.124510] The buggy address belongs to the object at ffff888102983600 [ 23.124510] which belongs to the cache kmalloc-64 of size 64 [ 23.125594] The buggy address is located 0 bytes to the right of [ 23.125594] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.126289] [ 23.127173] The buggy address belongs to the physical page: [ 23.127737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.129831] flags: 0x200000000000000(node=0|zone=2) [ 23.130935] page_type: f5(slab) [ 23.132366] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.133973] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.134923] page dumped because: kasan: bad access detected [ 23.135263] [ 23.136504] Memory state around the buggy address: [ 23.137583] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.139256] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.140691] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.141270] ^ [ 23.142036] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.142723] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.143532] ================================================================== [ 22.546984] ================================================================== [ 22.547772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 22.548287] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.549073] [ 22.549397] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.549561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.549622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.549823] Call Trace: [ 22.549880] <TASK> [ 22.549930] dump_stack_lvl+0x73/0xb0 [ 22.550012] print_report+0xd1/0x650 [ 22.550090] ? __virt_addr_valid+0x1db/0x2d0 [ 22.550165] ? kasan_atomics_helper+0x565/0x5450 [ 22.550240] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.550361] ? kasan_atomics_helper+0x565/0x5450 [ 22.550449] kasan_report+0x141/0x180 [ 22.550551] ? kasan_atomics_helper+0x565/0x5450 [ 22.550732] kasan_check_range+0x10c/0x1c0 [ 22.550819] __kasan_check_write+0x18/0x20 [ 22.550890] kasan_atomics_helper+0x565/0x5450 [ 22.550980] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.551040] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.551076] ? kasan_atomics+0x152/0x310 [ 22.551108] kasan_atomics+0x1dc/0x310 [ 22.551136] ? __pfx_kasan_atomics+0x10/0x10 [ 22.551165] ? __pfx_read_tsc+0x10/0x10 [ 22.551194] ? ktime_get_ts64+0x86/0x230 [ 22.551229] kunit_try_run_case+0x1a5/0x480 [ 22.551264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.551294] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.551328] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.551367] ? __kthread_parkme+0x82/0x180 [ 22.551399] ? preempt_count_sub+0x50/0x80 [ 22.551477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.551583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.551624] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.551658] kthread+0x337/0x6f0 [ 22.551689] ? trace_preempt_on+0x20/0xc0 [ 22.551723] ? __pfx_kthread+0x10/0x10 [ 22.551755] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.551787] ? calculate_sigpending+0x7b/0xa0 [ 22.551818] ? __pfx_kthread+0x10/0x10 [ 22.551849] ret_from_fork+0x41/0x80 [ 22.551880] ? __pfx_kthread+0x10/0x10 [ 22.551912] ret_from_fork_asm+0x1a/0x30 [ 22.551954] </TASK> [ 22.551968] [ 22.574154] Allocated by task 285: [ 22.574520] kasan_save_stack+0x45/0x70 [ 22.575622] kasan_save_track+0x18/0x40 [ 22.576005] kasan_save_alloc_info+0x3b/0x50 [ 22.576753] __kasan_kmalloc+0xb7/0xc0 [ 22.577130] __kmalloc_cache_noprof+0x189/0x420 [ 22.577923] kasan_atomics+0x95/0x310 [ 22.578601] kunit_try_run_case+0x1a5/0x480 [ 22.579003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.580088] kthread+0x337/0x6f0 [ 22.580735] ret_from_fork+0x41/0x80 [ 22.581386] ret_from_fork_asm+0x1a/0x30 [ 22.582053] [ 22.582302] The buggy address belongs to the object at ffff888102983600 [ 22.582302] which belongs to the cache kmalloc-64 of size 64 [ 22.583922] The buggy address is located 0 bytes to the right of [ 22.583922] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.585594] [ 22.586247] The buggy address belongs to the physical page: [ 22.586909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.587472] flags: 0x200000000000000(node=0|zone=2) [ 22.588403] page_type: f5(slab) [ 22.588913] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.589477] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.591017] page dumped because: kasan: bad access detected [ 22.591674] [ 22.591840] Memory state around the buggy address: [ 22.592284] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.592946] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.593551] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.595365] ^ [ 22.595763] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.596297] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.597797] ================================================================== [ 22.812113] ================================================================== [ 22.813876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 22.814418] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.815230] [ 22.815821] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.816222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.816243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.816277] Call Trace: [ 22.816301] <TASK> [ 22.816327] dump_stack_lvl+0x73/0xb0 [ 22.816367] print_report+0xd1/0x650 [ 22.816401] ? __virt_addr_valid+0x1db/0x2d0 [ 22.816544] ? kasan_atomics_helper+0x860/0x5450 [ 22.816612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.816649] ? kasan_atomics_helper+0x860/0x5450 [ 22.816681] kasan_report+0x141/0x180 [ 22.816715] ? kasan_atomics_helper+0x860/0x5450 [ 22.816753] kasan_check_range+0x10c/0x1c0 [ 22.816789] __kasan_check_write+0x18/0x20 [ 22.816818] kasan_atomics_helper+0x860/0x5450 [ 22.816851] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.816883] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.816917] ? kasan_atomics+0x152/0x310 [ 22.816948] kasan_atomics+0x1dc/0x310 [ 22.816975] ? __pfx_kasan_atomics+0x10/0x10 [ 22.817003] ? __pfx_read_tsc+0x10/0x10 [ 22.817032] ? ktime_get_ts64+0x86/0x230 [ 22.817068] kunit_try_run_case+0x1a5/0x480 [ 22.817103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.817133] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.817167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.817201] ? __kthread_parkme+0x82/0x180 [ 22.817231] ? preempt_count_sub+0x50/0x80 [ 22.817266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.817299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.817332] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.817366] kthread+0x337/0x6f0 [ 22.817396] ? trace_preempt_on+0x20/0xc0 [ 22.817777] ? __pfx_kthread+0x10/0x10 [ 22.817827] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.817862] ? calculate_sigpending+0x7b/0xa0 [ 22.817894] ? __pfx_kthread+0x10/0x10 [ 22.817927] ret_from_fork+0x41/0x80 [ 22.817957] ? __pfx_kthread+0x10/0x10 [ 22.817991] ret_from_fork_asm+0x1a/0x30 [ 22.818037] </TASK> [ 22.818052] [ 22.841534] Allocated by task 285: [ 22.842253] kasan_save_stack+0x45/0x70 [ 22.842914] kasan_save_track+0x18/0x40 [ 22.843464] kasan_save_alloc_info+0x3b/0x50 [ 22.844358] __kasan_kmalloc+0xb7/0xc0 [ 22.845184] __kmalloc_cache_noprof+0x189/0x420 [ 22.845993] kasan_atomics+0x95/0x310 [ 22.846310] kunit_try_run_case+0x1a5/0x480 [ 22.846802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.847765] kthread+0x337/0x6f0 [ 22.848054] ret_from_fork+0x41/0x80 [ 22.848353] ret_from_fork_asm+0x1a/0x30 [ 22.848768] [ 22.849018] The buggy address belongs to the object at ffff888102983600 [ 22.849018] which belongs to the cache kmalloc-64 of size 64 [ 22.851266] The buggy address is located 0 bytes to the right of [ 22.851266] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 22.852329] [ 22.853411] The buggy address belongs to the physical page: [ 22.853961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 22.854937] flags: 0x200000000000000(node=0|zone=2) [ 22.855336] page_type: f5(slab) [ 22.855801] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.857208] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.858128] page dumped because: kasan: bad access detected [ 22.858871] [ 22.859052] Memory state around the buggy address: [ 22.859407] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.860038] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.861088] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.862244] ^ [ 22.863405] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.863809] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.864188] ================================================================== [ 25.170849] ================================================================== [ 25.171493] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 25.172083] Read of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 25.172612] [ 25.172847] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.172960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.172994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.173042] Call Trace: [ 25.173093] <TASK> [ 25.173139] dump_stack_lvl+0x73/0xb0 [ 25.173204] print_report+0xd1/0x650 [ 25.173264] ? __virt_addr_valid+0x1db/0x2d0 [ 25.173325] ? kasan_atomics_helper+0x5115/0x5450 [ 25.173407] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.173500] ? kasan_atomics_helper+0x5115/0x5450 [ 25.173600] kasan_report+0x141/0x180 [ 25.173681] ? kasan_atomics_helper+0x5115/0x5450 [ 25.173773] __asan_report_load8_noabort+0x18/0x20 [ 25.173848] kasan_atomics_helper+0x5115/0x5450 [ 25.173927] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.174004] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.174085] ? kasan_atomics+0x152/0x310 [ 25.174172] kasan_atomics+0x1dc/0x310 [ 25.174247] ? __pfx_kasan_atomics+0x10/0x10 [ 25.174326] ? __pfx_read_tsc+0x10/0x10 [ 25.174396] ? ktime_get_ts64+0x86/0x230 [ 25.174531] kunit_try_run_case+0x1a5/0x480 [ 25.174616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.174693] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.174775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.174862] ? __kthread_parkme+0x82/0x180 [ 25.174943] ? preempt_count_sub+0x50/0x80 [ 25.175011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.175049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.175083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.175117] kthread+0x337/0x6f0 [ 25.175184] ? trace_preempt_on+0x20/0xc0 [ 25.175266] ? __pfx_kthread+0x10/0x10 [ 25.175347] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.175441] ? calculate_sigpending+0x7b/0xa0 [ 25.175543] ? __pfx_kthread+0x10/0x10 [ 25.175626] ret_from_fork+0x41/0x80 [ 25.175699] ? __pfx_kthread+0x10/0x10 [ 25.175774] ret_from_fork_asm+0x1a/0x30 [ 25.175878] </TASK> [ 25.175919] [ 25.190381] Allocated by task 285: [ 25.190852] kasan_save_stack+0x45/0x70 [ 25.191316] kasan_save_track+0x18/0x40 [ 25.191995] kasan_save_alloc_info+0x3b/0x50 [ 25.192386] __kasan_kmalloc+0xb7/0xc0 [ 25.192802] __kmalloc_cache_noprof+0x189/0x420 [ 25.193240] kasan_atomics+0x95/0x310 [ 25.193631] kunit_try_run_case+0x1a5/0x480 [ 25.194256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.194726] kthread+0x337/0x6f0 [ 25.195125] ret_from_fork+0x41/0x80 [ 25.195432] ret_from_fork_asm+0x1a/0x30 [ 25.195885] [ 25.196125] The buggy address belongs to the object at ffff888102983600 [ 25.196125] which belongs to the cache kmalloc-64 of size 64 [ 25.196845] The buggy address is located 0 bytes to the right of [ 25.196845] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 25.197938] [ 25.198139] The buggy address belongs to the physical page: [ 25.198559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 25.199272] flags: 0x200000000000000(node=0|zone=2) [ 25.199866] page_type: f5(slab) [ 25.200287] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.201327] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.201966] page dumped because: kasan: bad access detected [ 25.202471] [ 25.202722] Memory state around the buggy address: [ 25.203091] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.203714] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.204162] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.204711] ^ [ 25.205309] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.205997] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.206438] ================================================================== [ 24.989747] ================================================================== [ 24.990868] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 24.991308] Read of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.991748] [ 24.991952] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.992075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.992112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.992167] Call Trace: [ 24.992218] <TASK> [ 24.992270] dump_stack_lvl+0x73/0xb0 [ 24.992348] print_report+0xd1/0x650 [ 24.992422] ? __virt_addr_valid+0x1db/0x2d0 [ 24.993035] ? kasan_atomics_helper+0x4fb2/0x5450 [ 24.993541] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.993632] ? kasan_atomics_helper+0x4fb2/0x5450 [ 24.993704] kasan_report+0x141/0x180 [ 24.993777] ? kasan_atomics_helper+0x4fb2/0x5450 [ 24.993853] __asan_report_load8_noabort+0x18/0x20 [ 24.993920] kasan_atomics_helper+0x4fb2/0x5450 [ 24.994000] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.994072] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.994139] ? kasan_atomics+0x152/0x310 [ 24.994207] kasan_atomics+0x1dc/0x310 [ 24.994260] ? __pfx_kasan_atomics+0x10/0x10 [ 24.994311] ? __pfx_read_tsc+0x10/0x10 [ 24.994360] ? ktime_get_ts64+0x86/0x230 [ 24.994466] kunit_try_run_case+0x1a5/0x480 [ 24.994549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.994602] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.994660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.994718] ? __kthread_parkme+0x82/0x180 [ 24.994771] ? preempt_count_sub+0x50/0x80 [ 24.994832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.994887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.994943] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.994999] kthread+0x337/0x6f0 [ 24.995051] ? trace_preempt_on+0x20/0xc0 [ 24.995108] ? __pfx_kthread+0x10/0x10 [ 24.995160] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.995213] ? calculate_sigpending+0x7b/0xa0 [ 24.995272] ? __pfx_kthread+0x10/0x10 [ 24.995341] ret_from_fork+0x41/0x80 [ 24.995448] ? __pfx_kthread+0x10/0x10 [ 24.995551] ret_from_fork_asm+0x1a/0x30 [ 24.995654] </TASK> [ 24.995693] [ 25.020508] Allocated by task 285: [ 25.021288] kasan_save_stack+0x45/0x70 [ 25.021785] kasan_save_track+0x18/0x40 [ 25.022129] kasan_save_alloc_info+0x3b/0x50 [ 25.022556] __kasan_kmalloc+0xb7/0xc0 [ 25.022942] __kmalloc_cache_noprof+0x189/0x420 [ 25.023337] kasan_atomics+0x95/0x310 [ 25.024180] kunit_try_run_case+0x1a5/0x480 [ 25.025370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.025978] kthread+0x337/0x6f0 [ 25.026268] ret_from_fork+0x41/0x80 [ 25.026643] ret_from_fork_asm+0x1a/0x30 [ 25.027679] [ 25.027970] The buggy address belongs to the object at ffff888102983600 [ 25.027970] which belongs to the cache kmalloc-64 of size 64 [ 25.029223] The buggy address is located 0 bytes to the right of [ 25.029223] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 25.030218] [ 25.030788] The buggy address belongs to the physical page: [ 25.031252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 25.032035] flags: 0x200000000000000(node=0|zone=2) [ 25.033017] page_type: f5(slab) [ 25.033329] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.034085] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.034337] page dumped because: kasan: bad access detected [ 25.035144] [ 25.035307] Memory state around the buggy address: [ 25.036145] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.037120] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.037668] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.038249] ^ [ 25.038749] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.039748] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.040298] ================================================================== [ 22.967994] ================================================================== [ 22.969465] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 22.969811] Write of size 4 at addr ffff888102983630 by task kunit_try_catch/285 [ 22.970057] [ 22.970166] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.970232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.970252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.970283] Call Trace: [ 22.970308] <TASK> [ 22.970332] dump_stack_lvl+0x73/0xb0 [ 22.970371] print_report+0xd1/0x650 [ 22.970404] ? __virt_addr_valid+0x1db/0x2d0 [ 22.970474] ? kasan_atomics_helper+0xa2b/0x5450 [ 22.970664] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.970749] ? kasan_atomics_helper+0xa2b/0x5450 [ 22.970830] kasan_report+0x141/0x180 [ 22.970913] ? kasan_atomics_helper+0xa2b/0x5450 [ 22.971028] kasan_check_range+0x10c/0x1c0 [ 22.971133] __kasan_check_write+0x18/0x20 [ 22.971209] kasan_atomics_helper+0xa2b/0x5450 [ 22.971288] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.971364] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.971444] ? kasan_atomics+0x152/0x310 [ 22.971550] kasan_atomics+0x1dc/0x310 [ 22.971738] ? __pfx_kasan_atomics+0x10/0x10 [ 22.971823] ? __pfx_read_tsc+0x10/0x10 [ 22.971898] ? ktime_get_ts64+0x86/0x230 [ 22.972013] kunit_try_run_case+0x1a5/0x480 [ 22.972125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.972198] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.972255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.972292] ? __kthread_parkme+0x82/0x180 [ 22.972325] ? preempt_count_sub+0x50/0x80 [ 22.972361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.972395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.972467] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.972579] kthread+0x337/0x6f0 [ 22.972658] ? trace_preempt_on+0x20/0xc0 [ 22.972741] ? __pfx_kthread+0x10/0x10 [ 22.972817] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.972901] ? calculate_sigpending+0x7b/0xa0 [ 22.972936] ? __pfx_kthread+0x10/0x10 [ 22.972970] ret_from_fork+0x41/0x80 [ 22.973002] ? __pfx_kthread+0x10/0x10 [ 22.973034] ret_from_fork_asm+0x1a/0x30 [ 22.973078] </TASK> [ 22.973093] [ 22.992782] Allocated by task 285: [ 22.993215] kasan_save_stack+0x45/0x70 [ 22.993808] kasan_save_track+0x18/0x40 [ 22.994181] kasan_save_alloc_info+0x3b/0x50 [ 22.994757] __kasan_kmalloc+0xb7/0xc0 [ 22.995168] __kmalloc_cache_noprof+0x189/0x420 [ 22.995784] kasan_atomics+0x95/0x310 [ 22.996101] kunit_try_run_case+0x1a5/0x480 [ 22.996435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.996964] kthread+0x337/0x6f0 [ 22.997506] ret_from_fork+0x41/0x80 [ 22.997929] ret_from_fork_asm+0x1a/0x30 [ 22.998364] [ 22.999083] The buggy address belongs to the object at ffff888102983600 [ 22.999083] which belongs to the cache kmalloc-64 of size 64 [ 22.999802] The buggy address is located 0 bytes to the right of [ 22.999802] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.001118] [ 23.001322] The buggy address belongs to the physical page: [ 23.001724] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.002466] flags: 0x200000000000000(node=0|zone=2) [ 23.003132] page_type: f5(slab) [ 23.003530] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.004329] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.005354] page dumped because: kasan: bad access detected [ 23.005755] [ 23.005944] Memory state around the buggy address: [ 23.006404] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.007122] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.007903] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.008336] ^ [ 23.008855] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.009566] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.010188] ================================================================== [ 24.680150] ================================================================== [ 24.680830] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 24.681323] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.682032] [ 24.682319] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.682452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.682722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.682793] Call Trace: [ 24.682886] <TASK> [ 24.682945] dump_stack_lvl+0x73/0xb0 [ 24.683034] print_report+0xd1/0x650 [ 24.683116] ? __virt_addr_valid+0x1db/0x2d0 [ 24.683194] ? kasan_atomics_helper+0x1e12/0x5450 [ 24.683265] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.683344] ? kasan_atomics_helper+0x1e12/0x5450 [ 24.683419] kasan_report+0x141/0x180 [ 24.683517] ? kasan_atomics_helper+0x1e12/0x5450 [ 24.683611] kasan_check_range+0x10c/0x1c0 [ 24.683692] __kasan_check_write+0x18/0x20 [ 24.683765] kasan_atomics_helper+0x1e12/0x5450 [ 24.683845] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.683924] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.684045] ? kasan_atomics+0x152/0x310 [ 24.684137] kasan_atomics+0x1dc/0x310 [ 24.684251] ? __pfx_kasan_atomics+0x10/0x10 [ 24.684331] ? __pfx_read_tsc+0x10/0x10 [ 24.684400] ? ktime_get_ts64+0x86/0x230 [ 24.684467] kunit_try_run_case+0x1a5/0x480 [ 24.684561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.684672] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.684761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.684846] ? __kthread_parkme+0x82/0x180 [ 24.684922] ? preempt_count_sub+0x50/0x80 [ 24.685025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.685112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.685338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.685489] kthread+0x337/0x6f0 [ 24.685581] ? trace_preempt_on+0x20/0xc0 [ 24.685670] ? __pfx_kthread+0x10/0x10 [ 24.685748] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.685824] ? calculate_sigpending+0x7b/0xa0 [ 24.685944] ? __pfx_kthread+0x10/0x10 [ 24.686024] ret_from_fork+0x41/0x80 [ 24.686099] ? __pfx_kthread+0x10/0x10 [ 24.686177] ret_from_fork_asm+0x1a/0x30 [ 24.686317] </TASK> [ 24.686361] [ 24.702335] Allocated by task 285: [ 24.702850] kasan_save_stack+0x45/0x70 [ 24.703347] kasan_save_track+0x18/0x40 [ 24.703827] kasan_save_alloc_info+0x3b/0x50 [ 24.704230] __kasan_kmalloc+0xb7/0xc0 [ 24.704640] __kmalloc_cache_noprof+0x189/0x420 [ 24.704991] kasan_atomics+0x95/0x310 [ 24.705304] kunit_try_run_case+0x1a5/0x480 [ 24.707079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.708880] kthread+0x337/0x6f0 [ 24.710164] ret_from_fork+0x41/0x80 [ 24.710819] ret_from_fork_asm+0x1a/0x30 [ 24.711848] [ 24.712329] The buggy address belongs to the object at ffff888102983600 [ 24.712329] which belongs to the cache kmalloc-64 of size 64 [ 24.713832] The buggy address is located 0 bytes to the right of [ 24.713832] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.714862] [ 24.715069] The buggy address belongs to the physical page: [ 24.715812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.716981] flags: 0x200000000000000(node=0|zone=2) [ 24.717371] page_type: f5(slab) [ 24.717747] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.718383] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.719126] page dumped because: kasan: bad access detected [ 24.719676] [ 24.719883] Memory state around the buggy address: [ 24.720345] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.720988] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.722003] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.722669] ^ [ 24.723014] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.724132] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.725786] ================================================================== [ 24.897214] ================================================================== [ 24.899153] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 24.900035] Read of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.900895] [ 24.901437] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.901662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.901705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.901763] Call Trace: [ 24.901815] <TASK> [ 24.901868] dump_stack_lvl+0x73/0xb0 [ 24.901951] print_report+0xd1/0x650 [ 24.902055] ? __virt_addr_valid+0x1db/0x2d0 [ 24.902166] ? kasan_atomics_helper+0x4f98/0x5450 [ 24.902243] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.902319] ? kasan_atomics_helper+0x4f98/0x5450 [ 24.902393] kasan_report+0x141/0x180 [ 24.902507] ? kasan_atomics_helper+0x4f98/0x5450 [ 24.902603] __asan_report_load8_noabort+0x18/0x20 [ 24.902680] kasan_atomics_helper+0x4f98/0x5450 [ 24.902774] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.902814] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.902849] ? kasan_atomics+0x152/0x310 [ 24.902882] kasan_atomics+0x1dc/0x310 [ 24.902910] ? __pfx_kasan_atomics+0x10/0x10 [ 24.902939] ? __pfx_read_tsc+0x10/0x10 [ 24.902967] ? ktime_get_ts64+0x86/0x230 [ 24.903004] kunit_try_run_case+0x1a5/0x480 [ 24.903038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.903069] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.903104] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.903138] ? __kthread_parkme+0x82/0x180 [ 24.903169] ? preempt_count_sub+0x50/0x80 [ 24.903205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.903237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.903269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.903302] kthread+0x337/0x6f0 [ 24.903331] ? trace_preempt_on+0x20/0xc0 [ 24.903365] ? __pfx_kthread+0x10/0x10 [ 24.903397] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.903468] ? calculate_sigpending+0x7b/0xa0 [ 24.903531] ? __pfx_kthread+0x10/0x10 [ 24.903566] ret_from_fork+0x41/0x80 [ 24.903598] ? __pfx_kthread+0x10/0x10 [ 24.903630] ret_from_fork_asm+0x1a/0x30 [ 24.903674] </TASK> [ 24.903689] [ 24.919174] Allocated by task 285: [ 24.919692] kasan_save_stack+0x45/0x70 [ 24.920105] kasan_save_track+0x18/0x40 [ 24.920427] kasan_save_alloc_info+0x3b/0x50 [ 24.920963] __kasan_kmalloc+0xb7/0xc0 [ 24.921389] __kmalloc_cache_noprof+0x189/0x420 [ 24.921913] kasan_atomics+0x95/0x310 [ 24.922303] kunit_try_run_case+0x1a5/0x480 [ 24.922661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.923066] kthread+0x337/0x6f0 [ 24.923443] ret_from_fork+0x41/0x80 [ 24.923948] ret_from_fork_asm+0x1a/0x30 [ 24.924699] [ 24.924962] The buggy address belongs to the object at ffff888102983600 [ 24.924962] which belongs to the cache kmalloc-64 of size 64 [ 24.926090] The buggy address is located 0 bytes to the right of [ 24.926090] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.927149] [ 24.927342] The buggy address belongs to the physical page: [ 24.927728] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.928523] flags: 0x200000000000000(node=0|zone=2) [ 24.929098] page_type: f5(slab) [ 24.929579] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.930452] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.931244] page dumped because: kasan: bad access detected [ 24.931752] [ 24.932022] Memory state around the buggy address: [ 24.932369] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.933938] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.936019] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.936674] ^ [ 24.937058] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.937687] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.938190] ================================================================== [ 24.727620] ================================================================== [ 24.728279] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 24.728704] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.729193] [ 24.729415] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.729555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.729604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.729654] Call Trace: [ 24.729695] <TASK> [ 24.729733] dump_stack_lvl+0x73/0xb0 [ 24.729791] print_report+0xd1/0x650 [ 24.729847] ? __virt_addr_valid+0x1db/0x2d0 [ 24.729901] ? kasan_atomics_helper+0x1eaa/0x5450 [ 24.729971] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.730035] ? kasan_atomics_helper+0x1eaa/0x5450 [ 24.730091] kasan_report+0x141/0x180 [ 24.730147] ? kasan_atomics_helper+0x1eaa/0x5450 [ 24.730214] kasan_check_range+0x10c/0x1c0 [ 24.730273] __kasan_check_write+0x18/0x20 [ 24.730325] kasan_atomics_helper+0x1eaa/0x5450 [ 24.730383] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.730444] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.731258] ? kasan_atomics+0x152/0x310 [ 24.731787] kasan_atomics+0x1dc/0x310 [ 24.731855] ? __pfx_kasan_atomics+0x10/0x10 [ 24.731915] ? __pfx_read_tsc+0x10/0x10 [ 24.731977] ? ktime_get_ts64+0x86/0x230 [ 24.732058] kunit_try_run_case+0x1a5/0x480 [ 24.732137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.732208] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.732285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.732363] ? __kthread_parkme+0x82/0x180 [ 24.732437] ? preempt_count_sub+0x50/0x80 [ 24.732572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.732655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.732734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.732812] kthread+0x337/0x6f0 [ 24.732885] ? trace_preempt_on+0x20/0xc0 [ 24.732962] ? __pfx_kthread+0x10/0x10 [ 24.733040] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.733115] ? calculate_sigpending+0x7b/0xa0 [ 24.733186] ? __pfx_kthread+0x10/0x10 [ 24.733263] ret_from_fork+0x41/0x80 [ 24.733331] ? __pfx_kthread+0x10/0x10 [ 24.733408] ret_from_fork_asm+0x1a/0x30 [ 24.733533] </TASK> [ 24.733588] [ 24.752461] Allocated by task 285: [ 24.752945] kasan_save_stack+0x45/0x70 [ 24.753464] kasan_save_track+0x18/0x40 [ 24.753930] kasan_save_alloc_info+0x3b/0x50 [ 24.754394] __kasan_kmalloc+0xb7/0xc0 [ 24.754857] __kmalloc_cache_noprof+0x189/0x420 [ 24.755347] kasan_atomics+0x95/0x310 [ 24.755803] kunit_try_run_case+0x1a5/0x480 [ 24.756166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.756669] kthread+0x337/0x6f0 [ 24.757062] ret_from_fork+0x41/0x80 [ 24.757533] ret_from_fork_asm+0x1a/0x30 [ 24.757976] [ 24.758205] The buggy address belongs to the object at ffff888102983600 [ 24.758205] which belongs to the cache kmalloc-64 of size 64 [ 24.759176] The buggy address is located 0 bytes to the right of [ 24.759176] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.759962] [ 24.760162] The buggy address belongs to the physical page: [ 24.760619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.761338] flags: 0x200000000000000(node=0|zone=2) [ 24.761902] page_type: f5(slab) [ 24.762288] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.763038] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.763730] page dumped because: kasan: bad access detected [ 24.764244] [ 24.764492] Memory state around the buggy address: [ 24.764838] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.765279] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.765952] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.766621] ^ [ 24.767082] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.769741] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.770338] ================================================================== [ 23.829503] ================================================================== [ 23.830948] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 23.831639] Read of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 23.832270] [ 23.832911] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 23.833028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.833066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.833099] Call Trace: [ 23.833126] <TASK> [ 23.833163] dump_stack_lvl+0x73/0xb0 [ 23.833227] print_report+0xd1/0x650 [ 23.833265] ? __virt_addr_valid+0x1db/0x2d0 [ 23.833299] ? kasan_atomics_helper+0x13b5/0x5450 [ 23.833333] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.833367] ? kasan_atomics_helper+0x13b5/0x5450 [ 23.833400] kasan_report+0x141/0x180 [ 23.833556] ? kasan_atomics_helper+0x13b5/0x5450 [ 23.833650] kasan_check_range+0x10c/0x1c0 [ 23.833691] __kasan_check_read+0x15/0x20 [ 23.833720] kasan_atomics_helper+0x13b5/0x5450 [ 23.833754] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.833786] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.833820] ? kasan_atomics+0x152/0x310 [ 23.833853] kasan_atomics+0x1dc/0x310 [ 23.833881] ? __pfx_kasan_atomics+0x10/0x10 [ 23.833909] ? __pfx_read_tsc+0x10/0x10 [ 23.833939] ? ktime_get_ts64+0x86/0x230 [ 23.833977] kunit_try_run_case+0x1a5/0x480 [ 23.834012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.834044] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.834081] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.834115] ? __kthread_parkme+0x82/0x180 [ 23.834146] ? preempt_count_sub+0x50/0x80 [ 23.834181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.834213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.834246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.834280] kthread+0x337/0x6f0 [ 23.834311] ? trace_preempt_on+0x20/0xc0 [ 23.834345] ? __pfx_kthread+0x10/0x10 [ 23.834377] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.834408] ? calculate_sigpending+0x7b/0xa0 [ 23.834510] ? __pfx_kthread+0x10/0x10 [ 23.834547] ret_from_fork+0x41/0x80 [ 23.834580] ? __pfx_kthread+0x10/0x10 [ 23.834612] ret_from_fork_asm+0x1a/0x30 [ 23.834656] </TASK> [ 23.834670] [ 23.854977] Allocated by task 285: [ 23.855374] kasan_save_stack+0x45/0x70 [ 23.856160] kasan_save_track+0x18/0x40 [ 23.856625] kasan_save_alloc_info+0x3b/0x50 [ 23.857041] __kasan_kmalloc+0xb7/0xc0 [ 23.857390] __kmalloc_cache_noprof+0x189/0x420 [ 23.858263] kasan_atomics+0x95/0x310 [ 23.858765] kunit_try_run_case+0x1a5/0x480 [ 23.859350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.860005] kthread+0x337/0x6f0 [ 23.860554] ret_from_fork+0x41/0x80 [ 23.860988] ret_from_fork_asm+0x1a/0x30 [ 23.861314] [ 23.861845] The buggy address belongs to the object at ffff888102983600 [ 23.861845] which belongs to the cache kmalloc-64 of size 64 [ 23.863202] The buggy address is located 0 bytes to the right of [ 23.863202] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 23.865036] [ 23.865228] The buggy address belongs to the physical page: [ 23.865746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 23.867032] flags: 0x200000000000000(node=0|zone=2) [ 23.867523] page_type: f5(slab) [ 23.867835] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.868463] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.869224] page dumped because: kasan: bad access detected [ 23.870162] [ 23.870333] Memory state around the buggy address: [ 23.870884] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.871927] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.872400] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.872991] ^ [ 23.873178] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.873424] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.874532] ================================================================== [ 24.853837] ================================================================== [ 24.854556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 24.855165] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 24.855740] [ 24.856013] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 24.856148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.856192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.856251] Call Trace: [ 24.856306] <TASK> [ 24.856357] dump_stack_lvl+0x73/0xb0 [ 24.856509] print_report+0xd1/0x650 [ 24.856593] ? __virt_addr_valid+0x1db/0x2d0 [ 24.856678] ? kasan_atomics_helper+0x2006/0x5450 [ 24.856755] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.856837] ? kasan_atomics_helper+0x2006/0x5450 [ 24.856921] kasan_report+0x141/0x180 [ 24.857009] ? kasan_atomics_helper+0x2006/0x5450 [ 24.857099] kasan_check_range+0x10c/0x1c0 [ 24.857180] __kasan_check_write+0x18/0x20 [ 24.857251] kasan_atomics_helper+0x2006/0x5450 [ 24.857335] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.857456] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.857562] ? kasan_atomics+0x152/0x310 [ 24.857656] kasan_atomics+0x1dc/0x310 [ 24.857729] ? __pfx_kasan_atomics+0x10/0x10 [ 24.857804] ? __pfx_read_tsc+0x10/0x10 [ 24.857874] ? ktime_get_ts64+0x86/0x230 [ 24.857953] kunit_try_run_case+0x1a5/0x480 [ 24.858001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.858035] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.858071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.858106] ? __kthread_parkme+0x82/0x180 [ 24.858138] ? preempt_count_sub+0x50/0x80 [ 24.858174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.858208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.858240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.858273] kthread+0x337/0x6f0 [ 24.858304] ? trace_preempt_on+0x20/0xc0 [ 24.858338] ? __pfx_kthread+0x10/0x10 [ 24.858370] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.858424] ? calculate_sigpending+0x7b/0xa0 [ 24.858505] ? __pfx_kthread+0x10/0x10 [ 24.858544] ret_from_fork+0x41/0x80 [ 24.858576] ? __pfx_kthread+0x10/0x10 [ 24.858610] ret_from_fork_asm+0x1a/0x30 [ 24.858654] </TASK> [ 24.858669] [ 24.877381] Allocated by task 285: [ 24.877758] kasan_save_stack+0x45/0x70 [ 24.878190] kasan_save_track+0x18/0x40 [ 24.878673] kasan_save_alloc_info+0x3b/0x50 [ 24.879331] __kasan_kmalloc+0xb7/0xc0 [ 24.879856] __kmalloc_cache_noprof+0x189/0x420 [ 24.880489] kasan_atomics+0x95/0x310 [ 24.881066] kunit_try_run_case+0x1a5/0x480 [ 24.881770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.882495] kthread+0x337/0x6f0 [ 24.883048] ret_from_fork+0x41/0x80 [ 24.883679] ret_from_fork_asm+0x1a/0x30 [ 24.884269] [ 24.884617] The buggy address belongs to the object at ffff888102983600 [ 24.884617] which belongs to the cache kmalloc-64 of size 64 [ 24.884992] The buggy address is located 0 bytes to the right of [ 24.884992] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 24.885367] [ 24.885455] The buggy address belongs to the physical page: [ 24.886677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 24.887371] flags: 0x200000000000000(node=0|zone=2) [ 24.888126] page_type: f5(slab) [ 24.888817] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.889461] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.890112] page dumped because: kasan: bad access detected [ 24.890308] [ 24.890397] Memory state around the buggy address: [ 24.891335] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.891947] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.892857] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.893890] ^ [ 24.894281] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.895205] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.896125] ================================================================== [ 25.122458] ================================================================== [ 25.123489] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 25.124201] Write of size 8 at addr ffff888102983630 by task kunit_try_catch/285 [ 25.125089] [ 25.125431] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.125594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.125634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.125692] Call Trace: [ 25.125747] <TASK> [ 25.125791] dump_stack_lvl+0x73/0xb0 [ 25.125865] print_report+0xd1/0x650 [ 25.125945] ? __virt_addr_valid+0x1db/0x2d0 [ 25.126090] ? kasan_atomics_helper+0x224c/0x5450 [ 25.126199] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.126313] ? kasan_atomics_helper+0x224c/0x5450 [ 25.126425] kasan_report+0x141/0x180 [ 25.126561] ? kasan_atomics_helper+0x224c/0x5450 [ 25.126690] kasan_check_range+0x10c/0x1c0 [ 25.126869] __kasan_check_write+0x18/0x20 [ 25.126966] kasan_atomics_helper+0x224c/0x5450 [ 25.127059] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.127140] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.127218] ? kasan_atomics+0x152/0x310 [ 25.127300] kasan_atomics+0x1dc/0x310 [ 25.127374] ? __pfx_kasan_atomics+0x10/0x10 [ 25.127456] ? __pfx_read_tsc+0x10/0x10 [ 25.127553] ? ktime_get_ts64+0x86/0x230 [ 25.127639] kunit_try_run_case+0x1a5/0x480 [ 25.127738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.127817] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.127896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.127978] ? __kthread_parkme+0x82/0x180 [ 25.128053] ? preempt_count_sub+0x50/0x80 [ 25.128135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.128213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.128292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.128370] kthread+0x337/0x6f0 [ 25.128444] ? trace_preempt_on+0x20/0xc0 [ 25.128548] ? __pfx_kthread+0x10/0x10 [ 25.128621] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.128696] ? calculate_sigpending+0x7b/0xa0 [ 25.128772] ? __pfx_kthread+0x10/0x10 [ 25.128854] ret_from_fork+0x41/0x80 [ 25.128905] ? __pfx_kthread+0x10/0x10 [ 25.128980] ret_from_fork_asm+0x1a/0x30 [ 25.129120] </TASK> [ 25.129163] [ 25.150469] Allocated by task 285: [ 25.150976] kasan_save_stack+0x45/0x70 [ 25.151490] kasan_save_track+0x18/0x40 [ 25.152147] kasan_save_alloc_info+0x3b/0x50 [ 25.152600] __kasan_kmalloc+0xb7/0xc0 [ 25.153019] __kmalloc_cache_noprof+0x189/0x420 [ 25.153646] kasan_atomics+0x95/0x310 [ 25.153953] kunit_try_run_case+0x1a5/0x480 [ 25.154905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.155749] kthread+0x337/0x6f0 [ 25.156306] ret_from_fork+0x41/0x80 [ 25.156966] ret_from_fork_asm+0x1a/0x30 [ 25.157297] [ 25.157824] The buggy address belongs to the object at ffff888102983600 [ 25.157824] which belongs to the cache kmalloc-64 of size 64 [ 25.159088] The buggy address is located 0 bytes to the right of [ 25.159088] allocated 48-byte region [ffff888102983600, ffff888102983630) [ 25.160361] [ 25.160587] The buggy address belongs to the physical page: [ 25.160983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102983 [ 25.161636] flags: 0x200000000000000(node=0|zone=2) [ 25.162017] page_type: f5(slab) [ 25.162320] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.162961] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.163498] page dumped because: kasan: bad access detected [ 25.164329] [ 25.164662] Memory state around the buggy address: [ 25.165066] ffff888102983500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.165655] ffff888102983580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.166316] >ffff888102983600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.167520] ^ [ 25.168255] ffff888102983680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.169033] ffff888102983700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.169625] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 21.835776] ================================================================== [ 21.836402] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 21.837020] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.838772] [ 21.839156] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.839297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.839338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.839398] Call Trace: [ 21.839437] <TASK> [ 21.839659] dump_stack_lvl+0x73/0xb0 [ 21.839747] print_report+0xd1/0x650 [ 21.839828] ? __virt_addr_valid+0x1db/0x2d0 [ 21.839902] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 21.839976] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.840055] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 21.840132] kasan_report+0x141/0x180 [ 21.840207] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 21.840282] kasan_check_range+0x10c/0x1c0 [ 21.840322] __kasan_check_write+0x18/0x20 [ 21.840352] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 21.840387] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.840422] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.840507] ? trace_hardirqs_on+0x37/0xe0 [ 21.840550] ? kasan_bitops_generic+0x92/0x1c0 [ 21.840585] kasan_bitops_generic+0x121/0x1c0 [ 21.840616] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.840647] ? __pfx_read_tsc+0x10/0x10 [ 21.840675] ? ktime_get_ts64+0x86/0x230 [ 21.840712] kunit_try_run_case+0x1a5/0x480 [ 21.840746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.840777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.840813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.840849] ? __kthread_parkme+0x82/0x180 [ 21.840881] ? preempt_count_sub+0x50/0x80 [ 21.840916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.840950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.840981] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.841015] kthread+0x337/0x6f0 [ 21.841045] ? trace_preempt_on+0x20/0xc0 [ 21.841077] ? __pfx_kthread+0x10/0x10 [ 21.841109] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.841140] ? calculate_sigpending+0x7b/0xa0 [ 21.841171] ? __pfx_kthread+0x10/0x10 [ 21.841204] ret_from_fork+0x41/0x80 [ 21.841234] ? __pfx_kthread+0x10/0x10 [ 21.841266] ret_from_fork_asm+0x1a/0x30 [ 21.841310] </TASK> [ 21.841323] [ 21.859761] Allocated by task 281: [ 21.860274] kasan_save_stack+0x45/0x70 [ 21.860781] kasan_save_track+0x18/0x40 [ 21.861211] kasan_save_alloc_info+0x3b/0x50 [ 21.861716] __kasan_kmalloc+0xb7/0xc0 [ 21.862219] __kmalloc_cache_noprof+0x189/0x420 [ 21.862728] kasan_bitops_generic+0x92/0x1c0 [ 21.863234] kunit_try_run_case+0x1a5/0x480 [ 21.863700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.864212] kthread+0x337/0x6f0 [ 21.864586] ret_from_fork+0x41/0x80 [ 21.865019] ret_from_fork_asm+0x1a/0x30 [ 21.866228] [ 21.866560] The buggy address belongs to the object at ffff8881017113c0 [ 21.866560] which belongs to the cache kmalloc-16 of size 16 [ 21.867566] The buggy address is located 8 bytes inside of [ 21.867566] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.868574] [ 21.868833] The buggy address belongs to the physical page: [ 21.869269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 21.870060] flags: 0x200000000000000(node=0|zone=2) [ 21.870644] page_type: f5(slab) [ 21.870991] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.871743] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.872369] page dumped because: kasan: bad access detected [ 21.872792] [ 21.873047] Memory state around the buggy address: [ 21.873564] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.875003] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.875791] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.876349] ^ [ 21.877099] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.877799] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.878404] ================================================================== [ 22.054300] ================================================================== [ 22.055004] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 22.055576] Read of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 22.056194] [ 22.056376] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.056564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.056596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.056648] Call Trace: [ 22.056698] <TASK> [ 22.056819] dump_stack_lvl+0x73/0xb0 [ 22.058238] print_report+0xd1/0x650 [ 22.058316] ? __virt_addr_valid+0x1db/0x2d0 [ 22.058389] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 22.059358] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.059477] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 22.059750] kasan_report+0x141/0x180 [ 22.059835] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 22.059923] kasan_check_range+0x10c/0x1c0 [ 22.060003] __kasan_check_read+0x15/0x20 [ 22.060071] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 22.060147] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.060222] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.060288] ? trace_hardirqs_on+0x37/0xe0 [ 22.060350] ? kasan_bitops_generic+0x92/0x1c0 [ 22.060465] kasan_bitops_generic+0x121/0x1c0 [ 22.060569] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.060631] ? __pfx_read_tsc+0x10/0x10 [ 22.060688] ? ktime_get_ts64+0x86/0x230 [ 22.060748] kunit_try_run_case+0x1a5/0x480 [ 22.060815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.060876] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.060941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.061011] ? __kthread_parkme+0x82/0x180 [ 22.061079] ? preempt_count_sub+0x50/0x80 [ 22.061153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.061222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.061292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.061358] kthread+0x337/0x6f0 [ 22.061456] ? trace_preempt_on+0x20/0xc0 [ 22.061562] ? __pfx_kthread+0x10/0x10 [ 22.061655] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.061711] ? calculate_sigpending+0x7b/0xa0 [ 22.061763] ? __pfx_kthread+0x10/0x10 [ 22.061817] ret_from_fork+0x41/0x80 [ 22.061867] ? __pfx_kthread+0x10/0x10 [ 22.061920] ret_from_fork_asm+0x1a/0x30 [ 22.061995] </TASK> [ 22.062018] [ 22.078159] Allocated by task 281: [ 22.078706] kasan_save_stack+0x45/0x70 [ 22.079160] kasan_save_track+0x18/0x40 [ 22.079765] kasan_save_alloc_info+0x3b/0x50 [ 22.080117] __kasan_kmalloc+0xb7/0xc0 [ 22.080653] __kmalloc_cache_noprof+0x189/0x420 [ 22.081177] kasan_bitops_generic+0x92/0x1c0 [ 22.081594] kunit_try_run_case+0x1a5/0x480 [ 22.081931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.082463] kthread+0x337/0x6f0 [ 22.082972] ret_from_fork+0x41/0x80 [ 22.083391] ret_from_fork_asm+0x1a/0x30 [ 22.083883] [ 22.084114] The buggy address belongs to the object at ffff8881017113c0 [ 22.084114] which belongs to the cache kmalloc-16 of size 16 [ 22.085014] The buggy address is located 8 bytes inside of [ 22.085014] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 22.086224] [ 22.086568] The buggy address belongs to the physical page: [ 22.087135] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 22.087845] flags: 0x200000000000000(node=0|zone=2) [ 22.088468] page_type: f5(slab) [ 22.089013] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.089715] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.090467] page dumped because: kasan: bad access detected [ 22.090981] [ 22.091213] Memory state around the buggy address: [ 22.091743] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.092196] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.093032] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.093737] ^ [ 22.094302] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.095132] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.095817] ================================================================== [ 22.098098] ================================================================== [ 22.098906] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 22.100013] Read of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 22.101160] [ 22.101813] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.101937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.101975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.102032] Call Trace: [ 22.102080] <TASK> [ 22.102123] dump_stack_lvl+0x73/0xb0 [ 22.102197] print_report+0xd1/0x650 [ 22.102267] ? __virt_addr_valid+0x1db/0x2d0 [ 22.102331] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 22.102392] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.102970] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 22.103448] kasan_report+0x141/0x180 [ 22.103563] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 22.103662] __asan_report_load8_noabort+0x18/0x20 [ 22.103729] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 22.103768] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.103805] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.103838] ? trace_hardirqs_on+0x37/0xe0 [ 22.103905] ? kasan_bitops_generic+0x92/0x1c0 [ 22.103964] kasan_bitops_generic+0x121/0x1c0 [ 22.104029] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.104101] ? __pfx_read_tsc+0x10/0x10 [ 22.104170] ? ktime_get_ts64+0x86/0x230 [ 22.104254] kunit_try_run_case+0x1a5/0x480 [ 22.104334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.104403] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.104480] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.104578] ? __kthread_parkme+0x82/0x180 [ 22.104657] ? preempt_count_sub+0x50/0x80 [ 22.104737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.104857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.104933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.105007] kthread+0x337/0x6f0 [ 22.105076] ? trace_preempt_on+0x20/0xc0 [ 22.105151] ? __pfx_kthread+0x10/0x10 [ 22.105223] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.105291] ? calculate_sigpending+0x7b/0xa0 [ 22.105364] ? __pfx_kthread+0x10/0x10 [ 22.105443] ret_from_fork+0x41/0x80 [ 22.105555] ? __pfx_kthread+0x10/0x10 [ 22.105649] ret_from_fork_asm+0x1a/0x30 [ 22.105750] </TASK> [ 22.105784] [ 22.127573] Allocated by task 281: [ 22.127938] kasan_save_stack+0x45/0x70 [ 22.128548] kasan_save_track+0x18/0x40 [ 22.128962] kasan_save_alloc_info+0x3b/0x50 [ 22.129405] __kasan_kmalloc+0xb7/0xc0 [ 22.129805] __kmalloc_cache_noprof+0x189/0x420 [ 22.130219] kasan_bitops_generic+0x92/0x1c0 [ 22.130815] kunit_try_run_case+0x1a5/0x480 [ 22.131248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.131849] kthread+0x337/0x6f0 [ 22.132256] ret_from_fork+0x41/0x80 [ 22.132795] ret_from_fork_asm+0x1a/0x30 [ 22.133200] [ 22.133562] The buggy address belongs to the object at ffff8881017113c0 [ 22.133562] which belongs to the cache kmalloc-16 of size 16 [ 22.134688] The buggy address is located 8 bytes inside of [ 22.134688] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 22.135774] [ 22.136046] The buggy address belongs to the physical page: [ 22.136653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 22.137638] flags: 0x200000000000000(node=0|zone=2) [ 22.138169] page_type: f5(slab) [ 22.138595] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.139345] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.140072] page dumped because: kasan: bad access detected [ 22.140640] [ 22.140856] Memory state around the buggy address: [ 22.141380] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.142093] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.142730] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.143318] ^ [ 22.143944] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.144597] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.145675] ================================================================== [ 21.925304] ================================================================== [ 21.926630] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 21.927358] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.928329] [ 21.928860] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.929036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.929077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.929136] Call Trace: [ 21.929177] <TASK> [ 21.929205] dump_stack_lvl+0x73/0xb0 [ 21.929245] print_report+0xd1/0x650 [ 21.929280] ? __virt_addr_valid+0x1db/0x2d0 [ 21.929310] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 21.929343] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.929375] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 21.929409] kasan_report+0x141/0x180 [ 21.929512] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 21.929558] kasan_check_range+0x10c/0x1c0 [ 21.929606] __kasan_check_write+0x18/0x20 [ 21.929634] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 21.929668] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.929703] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.929733] ? trace_hardirqs_on+0x37/0xe0 [ 21.929765] ? kasan_bitops_generic+0x92/0x1c0 [ 21.929797] kasan_bitops_generic+0x121/0x1c0 [ 21.929825] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.929854] ? __pfx_read_tsc+0x10/0x10 [ 21.929881] ? ktime_get_ts64+0x86/0x230 [ 21.929915] kunit_try_run_case+0x1a5/0x480 [ 21.929949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.929980] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.930016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.930050] ? __kthread_parkme+0x82/0x180 [ 21.930080] ? preempt_count_sub+0x50/0x80 [ 21.930115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.930147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.930180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.930213] kthread+0x337/0x6f0 [ 21.930242] ? trace_preempt_on+0x20/0xc0 [ 21.930274] ? __pfx_kthread+0x10/0x10 [ 21.930305] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.930335] ? calculate_sigpending+0x7b/0xa0 [ 21.930365] ? __pfx_kthread+0x10/0x10 [ 21.930396] ret_from_fork+0x41/0x80 [ 21.930457] ? __pfx_kthread+0x10/0x10 [ 21.930518] ret_from_fork_asm+0x1a/0x30 [ 21.930568] </TASK> [ 21.930582] [ 21.949805] Allocated by task 281: [ 21.950273] kasan_save_stack+0x45/0x70 [ 21.950797] kasan_save_track+0x18/0x40 [ 21.951274] kasan_save_alloc_info+0x3b/0x50 [ 21.951804] __kasan_kmalloc+0xb7/0xc0 [ 21.952127] __kmalloc_cache_noprof+0x189/0x420 [ 21.952556] kasan_bitops_generic+0x92/0x1c0 [ 21.953058] kunit_try_run_case+0x1a5/0x480 [ 21.953544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.954170] kthread+0x337/0x6f0 [ 21.954613] ret_from_fork+0x41/0x80 [ 21.955018] ret_from_fork_asm+0x1a/0x30 [ 21.955343] [ 21.955680] The buggy address belongs to the object at ffff8881017113c0 [ 21.955680] which belongs to the cache kmalloc-16 of size 16 [ 21.956820] The buggy address is located 8 bytes inside of [ 21.956820] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.957702] [ 21.957913] The buggy address belongs to the physical page: [ 21.958544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 21.959297] flags: 0x200000000000000(node=0|zone=2) [ 21.959748] page_type: f5(slab) [ 21.960080] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.960792] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.961410] page dumped because: kasan: bad access detected [ 21.961873] [ 21.962103] Memory state around the buggy address: [ 21.962597] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.963252] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.963898] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.964594] ^ [ 21.965139] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.965754] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.966393] ================================================================== [ 21.784840] ================================================================== [ 21.787699] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.790104] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.791656] [ 21.791860] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.791964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.791992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.792037] Call Trace: [ 21.792743] <TASK> [ 21.792800] dump_stack_lvl+0x73/0xb0 [ 21.792875] print_report+0xd1/0x650 [ 21.792959] ? __virt_addr_valid+0x1db/0x2d0 [ 21.793037] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.793122] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.793204] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.793289] kasan_report+0x141/0x180 [ 21.793367] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.793546] kasan_check_range+0x10c/0x1c0 [ 21.793647] __kasan_check_write+0x18/0x20 [ 21.793711] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.793784] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.793861] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.793930] ? trace_hardirqs_on+0x37/0xe0 [ 21.793998] ? kasan_bitops_generic+0x92/0x1c0 [ 21.794077] kasan_bitops_generic+0x121/0x1c0 [ 21.794149] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.794227] ? __pfx_read_tsc+0x10/0x10 [ 21.794292] ? ktime_get_ts64+0x86/0x230 [ 21.794370] kunit_try_run_case+0x1a5/0x480 [ 21.794466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.794562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.794650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.794727] ? __kthread_parkme+0x82/0x180 [ 21.794788] ? preempt_count_sub+0x50/0x80 [ 21.794853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.794915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.794980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.795048] kthread+0x337/0x6f0 [ 21.795099] ? trace_preempt_on+0x20/0xc0 [ 21.795159] ? __pfx_kthread+0x10/0x10 [ 21.795216] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.795273] ? calculate_sigpending+0x7b/0xa0 [ 21.795330] ? __pfx_kthread+0x10/0x10 [ 21.795388] ret_from_fork+0x41/0x80 [ 21.795445] ? __pfx_kthread+0x10/0x10 [ 21.795536] ret_from_fork_asm+0x1a/0x30 [ 21.795623] </TASK> [ 21.795648] [ 21.815829] Allocated by task 281: [ 21.816270] kasan_save_stack+0x45/0x70 [ 21.816857] kasan_save_track+0x18/0x40 [ 21.817339] kasan_save_alloc_info+0x3b/0x50 [ 21.817738] __kasan_kmalloc+0xb7/0xc0 [ 21.818052] __kmalloc_cache_noprof+0x189/0x420 [ 21.818648] kasan_bitops_generic+0x92/0x1c0 [ 21.819249] kunit_try_run_case+0x1a5/0x480 [ 21.819840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.820514] kthread+0x337/0x6f0 [ 21.821031] ret_from_fork+0x41/0x80 [ 21.821458] ret_from_fork_asm+0x1a/0x30 [ 21.822138] [ 21.822378] The buggy address belongs to the object at ffff8881017113c0 [ 21.822378] which belongs to the cache kmalloc-16 of size 16 [ 21.823577] The buggy address is located 8 bytes inside of [ 21.823577] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.824761] [ 21.824993] The buggy address belongs to the physical page: [ 21.825859] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 21.826596] flags: 0x200000000000000(node=0|zone=2) [ 21.827070] page_type: f5(slab) [ 21.827691] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.828560] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.829149] page dumped because: kasan: bad access detected [ 21.829860] [ 21.830093] Memory state around the buggy address: [ 21.830568] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.831093] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.831722] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.832405] ^ [ 21.833024] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.833556] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.834105] ================================================================== [ 22.011523] ================================================================== [ 22.012246] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 22.013039] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 22.013642] [ 22.013987] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 22.014112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.014148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.014205] Call Trace: [ 22.014253] <TASK> [ 22.014305] dump_stack_lvl+0x73/0xb0 [ 22.014388] print_report+0xd1/0x650 [ 22.014504] ? __virt_addr_valid+0x1db/0x2d0 [ 22.014621] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 22.014706] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.014782] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 22.014860] kasan_report+0x141/0x180 [ 22.014985] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 22.015080] kasan_check_range+0x10c/0x1c0 [ 22.015166] __kasan_check_write+0x18/0x20 [ 22.015276] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 22.015364] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.015465] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.015540] ? trace_hardirqs_on+0x37/0xe0 [ 22.015577] ? kasan_bitops_generic+0x92/0x1c0 [ 22.015612] kasan_bitops_generic+0x121/0x1c0 [ 22.015670] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.015747] ? __pfx_read_tsc+0x10/0x10 [ 22.015850] ? ktime_get_ts64+0x86/0x230 [ 22.015937] kunit_try_run_case+0x1a5/0x480 [ 22.016019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.016091] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.016209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.016292] ? __kthread_parkme+0x82/0x180 [ 22.016365] ? preempt_count_sub+0x50/0x80 [ 22.016431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.016507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.016547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.016581] kthread+0x337/0x6f0 [ 22.016611] ? trace_preempt_on+0x20/0xc0 [ 22.016645] ? __pfx_kthread+0x10/0x10 [ 22.016678] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.016711] ? calculate_sigpending+0x7b/0xa0 [ 22.016743] ? __pfx_kthread+0x10/0x10 [ 22.016777] ret_from_fork+0x41/0x80 [ 22.016808] ? __pfx_kthread+0x10/0x10 [ 22.016841] ret_from_fork_asm+0x1a/0x30 [ 22.016887] </TASK> [ 22.016900] [ 22.033305] Allocated by task 281: [ 22.033827] kasan_save_stack+0x45/0x70 [ 22.034293] kasan_save_track+0x18/0x40 [ 22.034971] kasan_save_alloc_info+0x3b/0x50 [ 22.035430] __kasan_kmalloc+0xb7/0xc0 [ 22.035911] __kmalloc_cache_noprof+0x189/0x420 [ 22.036397] kasan_bitops_generic+0x92/0x1c0 [ 22.036904] kunit_try_run_case+0x1a5/0x480 [ 22.037247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.037656] kthread+0x337/0x6f0 [ 22.037948] ret_from_fork+0x41/0x80 [ 22.038255] ret_from_fork_asm+0x1a/0x30 [ 22.038831] [ 22.039067] The buggy address belongs to the object at ffff8881017113c0 [ 22.039067] which belongs to the cache kmalloc-16 of size 16 [ 22.040123] The buggy address is located 8 bytes inside of [ 22.040123] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 22.041201] [ 22.041472] The buggy address belongs to the physical page: [ 22.042078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 22.042791] flags: 0x200000000000000(node=0|zone=2) [ 22.043154] page_type: f5(slab) [ 22.043472] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.044181] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.044980] page dumped because: kasan: bad access detected [ 22.045587] [ 22.045823] Memory state around the buggy address: [ 22.046307] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.047069] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.047799] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.048347] ^ [ 22.048764] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.049227] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.051581] ================================================================== [ 21.968204] ================================================================== [ 21.969706] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 21.970467] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.971620] [ 21.972060] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.972197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.972233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.972293] Call Trace: [ 21.972342] <TASK> [ 21.972391] dump_stack_lvl+0x73/0xb0 [ 21.972551] print_report+0xd1/0x650 [ 21.972629] ? __virt_addr_valid+0x1db/0x2d0 [ 21.972703] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 21.972775] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.972834] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 21.972871] kasan_report+0x141/0x180 [ 21.972905] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 21.972946] kasan_check_range+0x10c/0x1c0 [ 21.972979] __kasan_check_write+0x18/0x20 [ 21.973007] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 21.973041] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.973077] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.973108] ? trace_hardirqs_on+0x37/0xe0 [ 21.973140] ? kasan_bitops_generic+0x92/0x1c0 [ 21.973173] kasan_bitops_generic+0x121/0x1c0 [ 21.973200] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.973228] ? __pfx_read_tsc+0x10/0x10 [ 21.973256] ? ktime_get_ts64+0x86/0x230 [ 21.973294] kunit_try_run_case+0x1a5/0x480 [ 21.973327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.973357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.973391] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.973471] ? __kthread_parkme+0x82/0x180 [ 21.973536] ? preempt_count_sub+0x50/0x80 [ 21.973571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.973616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.973648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.973678] kthread+0x337/0x6f0 [ 21.973708] ? trace_preempt_on+0x20/0xc0 [ 21.973740] ? __pfx_kthread+0x10/0x10 [ 21.973771] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.973802] ? calculate_sigpending+0x7b/0xa0 [ 21.973831] ? __pfx_kthread+0x10/0x10 [ 21.973862] ret_from_fork+0x41/0x80 [ 21.973890] ? __pfx_kthread+0x10/0x10 [ 21.973922] ret_from_fork_asm+0x1a/0x30 [ 21.973966] </TASK> [ 21.973981] [ 21.990616] Allocated by task 281: [ 21.991093] kasan_save_stack+0x45/0x70 [ 21.991754] kasan_save_track+0x18/0x40 [ 21.992066] kasan_save_alloc_info+0x3b/0x50 [ 21.992626] __kasan_kmalloc+0xb7/0xc0 [ 21.993003] __kmalloc_cache_noprof+0x189/0x420 [ 21.993510] kasan_bitops_generic+0x92/0x1c0 [ 21.993955] kunit_try_run_case+0x1a5/0x480 [ 21.994422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.995004] kthread+0x337/0x6f0 [ 21.995306] ret_from_fork+0x41/0x80 [ 21.995826] ret_from_fork_asm+0x1a/0x30 [ 21.996435] [ 21.996722] The buggy address belongs to the object at ffff8881017113c0 [ 21.996722] which belongs to the cache kmalloc-16 of size 16 [ 21.997770] The buggy address is located 8 bytes inside of [ 21.997770] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.998762] [ 21.999014] The buggy address belongs to the physical page: [ 21.999565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 22.000259] flags: 0x200000000000000(node=0|zone=2) [ 22.000794] page_type: f5(slab) [ 22.001199] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.001915] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.002441] page dumped because: kasan: bad access detected [ 22.003919] [ 22.004136] Memory state around the buggy address: [ 22.004625] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.005182] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.007247] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.008498] ^ [ 22.008851] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.009464] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.010095] ================================================================== [ 21.742925] ================================================================== [ 21.743475] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.744678] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.745709] [ 21.746174] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.746305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.746381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.746440] Call Trace: [ 21.746479] <TASK> [ 21.746546] dump_stack_lvl+0x73/0xb0 [ 21.746621] print_report+0xd1/0x650 [ 21.746699] ? __virt_addr_valid+0x1db/0x2d0 [ 21.746768] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.746863] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.746925] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.746962] kasan_report+0x141/0x180 [ 21.746998] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.747042] kasan_check_range+0x10c/0x1c0 [ 21.747079] __kasan_check_write+0x18/0x20 [ 21.747109] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.747144] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.747179] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.747210] ? trace_hardirqs_on+0x37/0xe0 [ 21.747246] ? kasan_bitops_generic+0x92/0x1c0 [ 21.747279] kasan_bitops_generic+0x121/0x1c0 [ 21.747310] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.747340] ? __pfx_read_tsc+0x10/0x10 [ 21.747369] ? ktime_get_ts64+0x86/0x230 [ 21.747404] kunit_try_run_case+0x1a5/0x480 [ 21.747477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.747539] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.747582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.747620] ? __kthread_parkme+0x82/0x180 [ 21.747654] ? preempt_count_sub+0x50/0x80 [ 21.747691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.747726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.747759] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.747793] kthread+0x337/0x6f0 [ 21.747824] ? trace_preempt_on+0x20/0xc0 [ 21.747858] ? __pfx_kthread+0x10/0x10 [ 21.747891] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.747923] ? calculate_sigpending+0x7b/0xa0 [ 21.747955] ? __pfx_kthread+0x10/0x10 [ 21.747988] ret_from_fork+0x41/0x80 [ 21.748019] ? __pfx_kthread+0x10/0x10 [ 21.748053] ret_from_fork_asm+0x1a/0x30 [ 21.748099] </TASK> [ 21.748112] [ 21.766481] Allocated by task 281: [ 21.766905] kasan_save_stack+0x45/0x70 [ 21.767406] kasan_save_track+0x18/0x40 [ 21.767905] kasan_save_alloc_info+0x3b/0x50 [ 21.768348] __kasan_kmalloc+0xb7/0xc0 [ 21.768818] __kmalloc_cache_noprof+0x189/0x420 [ 21.769307] kasan_bitops_generic+0x92/0x1c0 [ 21.769802] kunit_try_run_case+0x1a5/0x480 [ 21.770265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.770817] kthread+0x337/0x6f0 [ 21.771110] ret_from_fork+0x41/0x80 [ 21.771462] ret_from_fork_asm+0x1a/0x30 [ 21.771972] [ 21.772210] The buggy address belongs to the object at ffff8881017113c0 [ 21.772210] which belongs to the cache kmalloc-16 of size 16 [ 21.773332] The buggy address is located 8 bytes inside of [ 21.773332] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.774179] [ 21.774515] The buggy address belongs to the physical page: [ 21.775035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 21.775746] flags: 0x200000000000000(node=0|zone=2) [ 21.776247] page_type: f5(slab) [ 21.776695] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.777185] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.777956] page dumped because: kasan: bad access detected [ 21.778514] [ 21.778725] Memory state around the buggy address: [ 21.779192] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.779879] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.780394] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.781042] ^ [ 21.781459] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.782173] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.783058] ================================================================== [ 21.879473] ================================================================== [ 21.880612] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 21.881396] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.882214] [ 21.882453] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.882543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.882561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.882594] Call Trace: [ 21.882617] <TASK> [ 21.882640] dump_stack_lvl+0x73/0xb0 [ 21.882679] print_report+0xd1/0x650 [ 21.882714] ? __virt_addr_valid+0x1db/0x2d0 [ 21.882746] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 21.882780] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.882813] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 21.882848] kasan_report+0x141/0x180 [ 21.882881] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 21.882925] kasan_check_range+0x10c/0x1c0 [ 21.883002] __kasan_check_write+0x18/0x20 [ 21.883073] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 21.883156] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.883242] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.883315] ? trace_hardirqs_on+0x37/0xe0 [ 21.883395] ? kasan_bitops_generic+0x92/0x1c0 [ 21.883500] kasan_bitops_generic+0x121/0x1c0 [ 21.883578] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.883660] ? __pfx_read_tsc+0x10/0x10 [ 21.883726] ? ktime_get_ts64+0x86/0x230 [ 21.883809] kunit_try_run_case+0x1a5/0x480 [ 21.883883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.883952] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.884027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.884104] ? __kthread_parkme+0x82/0x180 [ 21.884232] ? preempt_count_sub+0x50/0x80 [ 21.884274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.884310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.884343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.884376] kthread+0x337/0x6f0 [ 21.884406] ? trace_preempt_on+0x20/0xc0 [ 21.884470] ? __pfx_kthread+0x10/0x10 [ 21.884535] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.884570] ? calculate_sigpending+0x7b/0xa0 [ 21.884604] ? __pfx_kthread+0x10/0x10 [ 21.884638] ret_from_fork+0x41/0x80 [ 21.884670] ? __pfx_kthread+0x10/0x10 [ 21.884703] ret_from_fork_asm+0x1a/0x30 [ 21.884748] </TASK> [ 21.884762] [ 21.905217] Allocated by task 281: [ 21.905900] kasan_save_stack+0x45/0x70 [ 21.906506] kasan_save_track+0x18/0x40 [ 21.907021] kasan_save_alloc_info+0x3b/0x50 [ 21.907613] __kasan_kmalloc+0xb7/0xc0 [ 21.908135] __kmalloc_cache_noprof+0x189/0x420 [ 21.908781] kasan_bitops_generic+0x92/0x1c0 [ 21.909152] kunit_try_run_case+0x1a5/0x480 [ 21.909898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.910353] kthread+0x337/0x6f0 [ 21.911074] ret_from_fork+0x41/0x80 [ 21.911352] ret_from_fork_asm+0x1a/0x30 [ 21.911847] [ 21.912646] The buggy address belongs to the object at ffff8881017113c0 [ 21.912646] which belongs to the cache kmalloc-16 of size 16 [ 21.913729] The buggy address is located 8 bytes inside of [ 21.913729] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.914940] [ 21.915178] The buggy address belongs to the physical page: [ 21.915953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 21.916801] flags: 0x200000000000000(node=0|zone=2) [ 21.917378] page_type: f5(slab) [ 21.917994] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.919127] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.919670] page dumped because: kasan: bad access detected [ 21.920183] [ 21.920384] Memory state around the buggy address: [ 21.921294] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.921762] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.922008] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.922243] ^ [ 21.922468] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.922933] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.923837] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 21.537034] ================================================================== [ 21.537667] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.538398] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.539563] [ 21.539835] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.539966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.540004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.540062] Call Trace: [ 21.540114] <TASK> [ 21.540162] dump_stack_lvl+0x73/0xb0 [ 21.540241] print_report+0xd1/0x650 [ 21.540322] ? __virt_addr_valid+0x1db/0x2d0 [ 21.540398] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.540482] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.540583] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.540670] kasan_report+0x141/0x180 [ 21.540748] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.540847] kasan_check_range+0x10c/0x1c0 [ 21.540931] __kasan_check_write+0x18/0x20 [ 21.541006] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.541090] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.541175] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.541259] ? trace_hardirqs_on+0x37/0xe0 [ 21.541330] ? kasan_bitops_generic+0x92/0x1c0 [ 21.541370] kasan_bitops_generic+0x116/0x1c0 [ 21.541401] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.541475] ? __pfx_read_tsc+0x10/0x10 [ 21.541587] ? ktime_get_ts64+0x86/0x230 [ 21.541632] kunit_try_run_case+0x1a5/0x480 [ 21.541670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.541702] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.541738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.541772] ? __kthread_parkme+0x82/0x180 [ 21.541804] ? preempt_count_sub+0x50/0x80 [ 21.541840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.541876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.541910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.541943] kthread+0x337/0x6f0 [ 21.541973] ? trace_preempt_on+0x20/0xc0 [ 21.542006] ? __pfx_kthread+0x10/0x10 [ 21.542038] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.542069] ? calculate_sigpending+0x7b/0xa0 [ 21.542101] ? __pfx_kthread+0x10/0x10 [ 21.542132] ret_from_fork+0x41/0x80 [ 21.542163] ? __pfx_kthread+0x10/0x10 [ 21.542194] ret_from_fork_asm+0x1a/0x30 [ 21.542239] </TASK> [ 21.542252] [ 21.562060] Allocated by task 281: [ 21.562587] kasan_save_stack+0x45/0x70 [ 21.563016] kasan_save_track+0x18/0x40 [ 21.563443] kasan_save_alloc_info+0x3b/0x50 [ 21.563936] __kasan_kmalloc+0xb7/0xc0 [ 21.564352] __kmalloc_cache_noprof+0x189/0x420 [ 21.564918] kasan_bitops_generic+0x92/0x1c0 [ 21.565242] kunit_try_run_case+0x1a5/0x480 [ 21.565786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.566326] kthread+0x337/0x6f0 [ 21.567551] ret_from_fork+0x41/0x80 [ 21.567996] ret_from_fork_asm+0x1a/0x30 [ 21.568542] [ 21.568789] The buggy address belongs to the object at ffff8881017113c0 [ 21.568789] which belongs to the cache kmalloc-16 of size 16 [ 21.569987] The buggy address is located 8 bytes inside of [ 21.569987] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.571096] [ 21.571334] The buggy address belongs to the physical page: [ 21.571946] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 21.573199] flags: 0x200000000000000(node=0|zone=2) [ 21.573738] page_type: f5(slab) [ 21.574142] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.574723] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.575829] page dumped because: kasan: bad access detected [ 21.576315] [ 21.576740] Memory state around the buggy address: [ 21.577184] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.577975] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.578788] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.579405] ^ [ 21.580696] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.581284] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.581870] ================================================================== [ 21.583290] ================================================================== [ 21.583940] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.584884] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.585508] [ 21.585827] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.586077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.586114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.586172] Call Trace: [ 21.586222] <TASK> [ 21.586275] dump_stack_lvl+0x73/0xb0 [ 21.586393] print_report+0xd1/0x650 [ 21.586629] ? __virt_addr_valid+0x1db/0x2d0 [ 21.586745] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.586832] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.586908] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.586992] kasan_report+0x141/0x180 [ 21.587107] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.587211] kasan_check_range+0x10c/0x1c0 [ 21.587293] __kasan_check_write+0x18/0x20 [ 21.587356] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.587400] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.587567] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.587609] ? trace_hardirqs_on+0x37/0xe0 [ 21.587643] ? kasan_bitops_generic+0x92/0x1c0 [ 21.587676] kasan_bitops_generic+0x116/0x1c0 [ 21.587706] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.587740] ? __pfx_read_tsc+0x10/0x10 [ 21.587769] ? ktime_get_ts64+0x86/0x230 [ 21.587803] kunit_try_run_case+0x1a5/0x480 [ 21.587838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.587867] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.587902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.587934] ? __kthread_parkme+0x82/0x180 [ 21.587966] ? preempt_count_sub+0x50/0x80 [ 21.588001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.588035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.588066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.588099] kthread+0x337/0x6f0 [ 21.588128] ? trace_preempt_on+0x20/0xc0 [ 21.588160] ? __pfx_kthread+0x10/0x10 [ 21.588190] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.588221] ? calculate_sigpending+0x7b/0xa0 [ 21.588250] ? __pfx_kthread+0x10/0x10 [ 21.588281] ret_from_fork+0x41/0x80 [ 21.588310] ? __pfx_kthread+0x10/0x10 [ 21.588340] ret_from_fork_asm+0x1a/0x30 [ 21.588384] </TASK> [ 21.588398] [ 21.612702] Allocated by task 281: [ 21.613097] kasan_save_stack+0x45/0x70 [ 21.614097] kasan_save_track+0x18/0x40 [ 21.615122] kasan_save_alloc_info+0x3b/0x50 [ 21.615679] __kasan_kmalloc+0xb7/0xc0 [ 21.616016] __kmalloc_cache_noprof+0x189/0x420 [ 21.616369] kasan_bitops_generic+0x92/0x1c0 [ 21.617453] kunit_try_run_case+0x1a5/0x480 [ 21.618179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.618886] kthread+0x337/0x6f0 [ 21.619158] ret_from_fork+0x41/0x80 [ 21.619950] ret_from_fork_asm+0x1a/0x30 [ 21.620537] [ 21.620993] The buggy address belongs to the object at ffff8881017113c0 [ 21.620993] which belongs to the cache kmalloc-16 of size 16 [ 21.622656] The buggy address is located 8 bytes inside of [ 21.622656] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.623431] [ 21.624078] The buggy address belongs to the physical page: [ 21.624730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 21.625892] flags: 0x200000000000000(node=0|zone=2) [ 21.626344] page_type: f5(slab) [ 21.627034] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.628287] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.629045] page dumped because: kasan: bad access detected [ 21.629612] [ 21.629857] Memory state around the buggy address: [ 21.630286] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.631518] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.632645] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.633157] ^ [ 21.634139] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.634757] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.635743] ================================================================== [ 21.373278] ================================================================== [ 21.374099] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.375146] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.375905] [ 21.376221] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.376623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.376664] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.376723] Call Trace: [ 21.376759] <TASK> [ 21.376809] dump_stack_lvl+0x73/0xb0 [ 21.376891] print_report+0xd1/0x650 [ 21.376975] ? __virt_addr_valid+0x1db/0x2d0 [ 21.377063] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.377215] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.377299] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.377386] kasan_report+0x141/0x180 [ 21.377669] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.377916] kasan_check_range+0x10c/0x1c0 [ 21.378031] __kasan_check_write+0x18/0x20 [ 21.378106] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.378188] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.378269] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.378316] ? trace_hardirqs_on+0x37/0xe0 [ 21.378352] ? kasan_bitops_generic+0x92/0x1c0 [ 21.378388] kasan_bitops_generic+0x116/0x1c0 [ 21.378444] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.378550] ? __pfx_read_tsc+0x10/0x10 [ 21.378613] ? ktime_get_ts64+0x86/0x230 [ 21.378675] kunit_try_run_case+0x1a5/0x480 [ 21.378736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.378792] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.378856] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.378919] ? __kthread_parkme+0x82/0x180 [ 21.378975] ? preempt_count_sub+0x50/0x80 [ 21.379040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.379099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.379156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.379221] kthread+0x337/0x6f0 [ 21.379280] ? trace_preempt_on+0x20/0xc0 [ 21.379342] ? __pfx_kthread+0x10/0x10 [ 21.379407] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.379528] ? calculate_sigpending+0x7b/0xa0 [ 21.379611] ? __pfx_kthread+0x10/0x10 [ 21.379664] ret_from_fork+0x41/0x80 [ 21.379698] ? __pfx_kthread+0x10/0x10 [ 21.379730] ret_from_fork_asm+0x1a/0x30 [ 21.379776] </TASK> [ 21.379790] [ 21.402768] Allocated by task 281: [ 21.403206] kasan_save_stack+0x45/0x70 [ 21.404164] kasan_save_track+0x18/0x40 [ 21.404779] kasan_save_alloc_info+0x3b/0x50 [ 21.405130] __kasan_kmalloc+0xb7/0xc0 [ 21.405793] __kmalloc_cache_noprof+0x189/0x420 [ 21.406238] kasan_bitops_generic+0x92/0x1c0 [ 21.406860] kunit_try_run_case+0x1a5/0x480 [ 21.407307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.407983] kthread+0x337/0x6f0 [ 21.408344] ret_from_fork+0x41/0x80 [ 21.409244] ret_from_fork_asm+0x1a/0x30 [ 21.409707] [ 21.410120] The buggy address belongs to the object at ffff8881017113c0 [ 21.410120] which belongs to the cache kmalloc-16 of size 16 [ 21.411207] The buggy address is located 8 bytes inside of [ 21.411207] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.413156] [ 21.413936] The buggy address belongs to the physical page: [ 21.415028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 21.416233] flags: 0x200000000000000(node=0|zone=2) [ 21.417008] page_type: f5(slab) [ 21.417271] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.417997] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.419619] page dumped because: kasan: bad access detected [ 21.420261] [ 21.420439] Memory state around the buggy address: [ 21.421058] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.422138] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.422550] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.423914] ^ [ 21.424422] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.425247] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.426337] ================================================================== [ 21.688106] ================================================================== [ 21.688780] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.689808] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.690350] [ 21.691316] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.691471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.692003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.692126] Call Trace: [ 21.692152] <TASK> [ 21.692196] dump_stack_lvl+0x73/0xb0 [ 21.692281] print_report+0xd1/0x650 [ 21.692359] ? __virt_addr_valid+0x1db/0x2d0 [ 21.692438] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.692562] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.692641] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.692724] kasan_report+0x141/0x180 [ 21.692801] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.692897] kasan_check_range+0x10c/0x1c0 [ 21.692977] __kasan_check_write+0x18/0x20 [ 21.693020] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.693060] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.693099] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.693130] ? trace_hardirqs_on+0x37/0xe0 [ 21.693163] ? kasan_bitops_generic+0x92/0x1c0 [ 21.693195] kasan_bitops_generic+0x116/0x1c0 [ 21.693223] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.693253] ? __pfx_read_tsc+0x10/0x10 [ 21.693279] ? ktime_get_ts64+0x86/0x230 [ 21.693313] kunit_try_run_case+0x1a5/0x480 [ 21.693345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.693375] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.693409] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.693525] ? __kthread_parkme+0x82/0x180 [ 21.693622] ? preempt_count_sub+0x50/0x80 [ 21.693697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.693770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.693847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.693911] kthread+0x337/0x6f0 [ 21.693976] ? trace_preempt_on+0x20/0xc0 [ 21.694052] ? __pfx_kthread+0x10/0x10 [ 21.694125] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.694181] ? calculate_sigpending+0x7b/0xa0 [ 21.694214] ? __pfx_kthread+0x10/0x10 [ 21.694247] ret_from_fork+0x41/0x80 [ 21.694277] ? __pfx_kthread+0x10/0x10 [ 21.694308] ret_from_fork_asm+0x1a/0x30 [ 21.694352] </TASK> [ 21.694365] [ 21.718324] Allocated by task 281: [ 21.719225] kasan_save_stack+0x45/0x70 [ 21.719636] kasan_save_track+0x18/0x40 [ 21.720060] kasan_save_alloc_info+0x3b/0x50 [ 21.720428] __kasan_kmalloc+0xb7/0xc0 [ 21.721292] __kmalloc_cache_noprof+0x189/0x420 [ 21.722014] kasan_bitops_generic+0x92/0x1c0 [ 21.722351] kunit_try_run_case+0x1a5/0x480 [ 21.723592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.724178] kthread+0x337/0x6f0 [ 21.724881] ret_from_fork+0x41/0x80 [ 21.725517] ret_from_fork_asm+0x1a/0x30 [ 21.726240] [ 21.726481] The buggy address belongs to the object at ffff8881017113c0 [ 21.726481] which belongs to the cache kmalloc-16 of size 16 [ 21.728231] The buggy address is located 8 bytes inside of [ 21.728231] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.730013] [ 21.730187] The buggy address belongs to the physical page: [ 21.731099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 21.731817] flags: 0x200000000000000(node=0|zone=2) [ 21.732250] page_type: f5(slab) [ 21.732681] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.733906] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.735110] page dumped because: kasan: bad access detected [ 21.735521] [ 21.736078] Memory state around the buggy address: [ 21.736786] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.737290] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.738154] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.738984] ^ [ 21.739406] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.740547] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.741274] ================================================================== [ 21.482101] ================================================================== [ 21.482656] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.483857] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.485435] [ 21.485895] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.486026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.486045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.486078] Call Trace: [ 21.486107] <TASK> [ 21.486140] dump_stack_lvl+0x73/0xb0 [ 21.486223] print_report+0xd1/0x650 [ 21.486265] ? __virt_addr_valid+0x1db/0x2d0 [ 21.486298] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.486338] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.486370] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.486409] kasan_report+0x141/0x180 [ 21.486807] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.486892] kasan_check_range+0x10c/0x1c0 [ 21.486957] __kasan_check_write+0x18/0x20 [ 21.487010] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.487073] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.487138] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.487196] ? trace_hardirqs_on+0x37/0xe0 [ 21.487287] ? kasan_bitops_generic+0x92/0x1c0 [ 21.487562] kasan_bitops_generic+0x116/0x1c0 [ 21.487606] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.487639] ? __pfx_read_tsc+0x10/0x10 [ 21.487669] ? ktime_get_ts64+0x86/0x230 [ 21.487707] kunit_try_run_case+0x1a5/0x480 [ 21.487742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.487773] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.487810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.487845] ? __kthread_parkme+0x82/0x180 [ 21.487876] ? preempt_count_sub+0x50/0x80 [ 21.487914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.487950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.487983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.488016] kthread+0x337/0x6f0 [ 21.488045] ? trace_preempt_on+0x20/0xc0 [ 21.488078] ? __pfx_kthread+0x10/0x10 [ 21.488109] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.488140] ? calculate_sigpending+0x7b/0xa0 [ 21.488172] ? __pfx_kthread+0x10/0x10 [ 21.488205] ret_from_fork+0x41/0x80 [ 21.488235] ? __pfx_kthread+0x10/0x10 [ 21.488271] ret_from_fork_asm+0x1a/0x30 [ 21.488317] </TASK> [ 21.488331] [ 21.510065] Allocated by task 281: [ 21.511128] kasan_save_stack+0x45/0x70 [ 21.511745] kasan_save_track+0x18/0x40 [ 21.512195] kasan_save_alloc_info+0x3b/0x50 [ 21.512787] __kasan_kmalloc+0xb7/0xc0 [ 21.513181] __kmalloc_cache_noprof+0x189/0x420 [ 21.513862] kasan_bitops_generic+0x92/0x1c0 [ 21.514277] kunit_try_run_case+0x1a5/0x480 [ 21.514921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.515515] kthread+0x337/0x6f0 [ 21.516321] ret_from_fork+0x41/0x80 [ 21.516770] ret_from_fork_asm+0x1a/0x30 [ 21.517348] [ 21.517616] The buggy address belongs to the object at ffff8881017113c0 [ 21.517616] which belongs to the cache kmalloc-16 of size 16 [ 21.519187] The buggy address is located 8 bytes inside of [ 21.519187] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.522376] [ 21.522786] The buggy address belongs to the physical page: [ 21.523717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 21.524121] flags: 0x200000000000000(node=0|zone=2) [ 21.524410] page_type: f5(slab) [ 21.525042] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.527074] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.528370] page dumped because: kasan: bad access detected [ 21.529228] [ 21.529613] Memory state around the buggy address: [ 21.529973] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.530328] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.532133] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.533063] ^ [ 21.533835] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.534793] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.535867] ================================================================== [ 21.636759] ================================================================== [ 21.637314] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.639646] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.640869] [ 21.641371] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.641722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.641760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.641820] Call Trace: [ 21.641867] <TASK> [ 21.641987] dump_stack_lvl+0x73/0xb0 [ 21.642049] print_report+0xd1/0x650 [ 21.642116] ? __virt_addr_valid+0x1db/0x2d0 [ 21.642150] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.642190] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.642224] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.642262] kasan_report+0x141/0x180 [ 21.642295] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.642341] kasan_check_range+0x10c/0x1c0 [ 21.642375] __kasan_check_write+0x18/0x20 [ 21.642402] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.642469] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.642545] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.642580] ? trace_hardirqs_on+0x37/0xe0 [ 21.642613] ? kasan_bitops_generic+0x92/0x1c0 [ 21.642648] kasan_bitops_generic+0x116/0x1c0 [ 21.642678] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.642709] ? __pfx_read_tsc+0x10/0x10 [ 21.642738] ? ktime_get_ts64+0x86/0x230 [ 21.642775] kunit_try_run_case+0x1a5/0x480 [ 21.642810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.642840] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.642876] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.642912] ? __kthread_parkme+0x82/0x180 [ 21.642942] ? preempt_count_sub+0x50/0x80 [ 21.642978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.643011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.643044] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.643077] kthread+0x337/0x6f0 [ 21.643107] ? trace_preempt_on+0x20/0xc0 [ 21.643139] ? __pfx_kthread+0x10/0x10 [ 21.643171] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.643203] ? calculate_sigpending+0x7b/0xa0 [ 21.643233] ? __pfx_kthread+0x10/0x10 [ 21.643266] ret_from_fork+0x41/0x80 [ 21.643296] ? __pfx_kthread+0x10/0x10 [ 21.643328] ret_from_fork_asm+0x1a/0x30 [ 21.643373] </TASK> [ 21.643386] [ 21.668929] Allocated by task 281: [ 21.669674] kasan_save_stack+0x45/0x70 [ 21.670156] kasan_save_track+0x18/0x40 [ 21.670682] kasan_save_alloc_info+0x3b/0x50 [ 21.671086] __kasan_kmalloc+0xb7/0xc0 [ 21.671555] __kmalloc_cache_noprof+0x189/0x420 [ 21.671986] kasan_bitops_generic+0x92/0x1c0 [ 21.672557] kunit_try_run_case+0x1a5/0x480 [ 21.672976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.673684] kthread+0x337/0x6f0 [ 21.674063] ret_from_fork+0x41/0x80 [ 21.674548] ret_from_fork_asm+0x1a/0x30 [ 21.675016] [ 21.675299] The buggy address belongs to the object at ffff8881017113c0 [ 21.675299] which belongs to the cache kmalloc-16 of size 16 [ 21.676308] The buggy address is located 8 bytes inside of [ 21.676308] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.677227] [ 21.677638] The buggy address belongs to the physical page: [ 21.678135] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 21.678768] flags: 0x200000000000000(node=0|zone=2) [ 21.679283] page_type: f5(slab) [ 21.679904] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.680695] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.681157] page dumped because: kasan: bad access detected [ 21.681761] [ 21.681986] Memory state around the buggy address: [ 21.682586] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.683357] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.684060] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.684715] ^ [ 21.685088] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.685774] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.686464] ================================================================== [ 21.427885] ================================================================== [ 21.428447] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.430024] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.430542] [ 21.431419] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.431631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.431653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.431684] Call Trace: [ 21.431710] <TASK> [ 21.431731] dump_stack_lvl+0x73/0xb0 [ 21.431770] print_report+0xd1/0x650 [ 21.431805] ? __virt_addr_valid+0x1db/0x2d0 [ 21.431836] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.431874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.431909] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.431948] kasan_report+0x141/0x180 [ 21.431981] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.432027] kasan_check_range+0x10c/0x1c0 [ 21.432063] __kasan_check_write+0x18/0x20 [ 21.432091] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.432133] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.432174] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.432205] ? trace_hardirqs_on+0x37/0xe0 [ 21.432238] ? kasan_bitops_generic+0x92/0x1c0 [ 21.432274] kasan_bitops_generic+0x116/0x1c0 [ 21.432302] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.432334] ? __pfx_read_tsc+0x10/0x10 [ 21.432363] ? ktime_get_ts64+0x86/0x230 [ 21.432400] kunit_try_run_case+0x1a5/0x480 [ 21.432536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.432616] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.432691] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.432765] ? __kthread_parkme+0x82/0x180 [ 21.432829] ? preempt_count_sub+0x50/0x80 [ 21.432905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.432982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.433021] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.433053] kthread+0x337/0x6f0 [ 21.433084] ? trace_preempt_on+0x20/0xc0 [ 21.433115] ? __pfx_kthread+0x10/0x10 [ 21.433148] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.433179] ? calculate_sigpending+0x7b/0xa0 [ 21.433212] ? __pfx_kthread+0x10/0x10 [ 21.433244] ret_from_fork+0x41/0x80 [ 21.433273] ? __pfx_kthread+0x10/0x10 [ 21.433338] ret_from_fork_asm+0x1a/0x30 [ 21.433548] </TASK> [ 21.433588] [ 21.457258] Allocated by task 281: [ 21.458498] kasan_save_stack+0x45/0x70 [ 21.458953] kasan_save_track+0x18/0x40 [ 21.459269] kasan_save_alloc_info+0x3b/0x50 [ 21.460215] __kasan_kmalloc+0xb7/0xc0 [ 21.461094] __kmalloc_cache_noprof+0x189/0x420 [ 21.461979] kasan_bitops_generic+0x92/0x1c0 [ 21.462345] kunit_try_run_case+0x1a5/0x480 [ 21.462991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.463514] kthread+0x337/0x6f0 [ 21.464052] ret_from_fork+0x41/0x80 [ 21.464401] ret_from_fork_asm+0x1a/0x30 [ 21.465278] [ 21.465826] The buggy address belongs to the object at ffff8881017113c0 [ 21.465826] which belongs to the cache kmalloc-16 of size 16 [ 21.467185] The buggy address is located 8 bytes inside of [ 21.467185] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.468467] [ 21.468832] The buggy address belongs to the physical page: [ 21.469717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 21.471260] flags: 0x200000000000000(node=0|zone=2) [ 21.472068] page_type: f5(slab) [ 21.472909] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.473818] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.474339] page dumped because: kasan: bad access detected [ 21.475184] [ 21.475374] Memory state around the buggy address: [ 21.476064] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.476593] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.477306] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.478818] ^ [ 21.479250] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.480111] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.481044] ================================================================== [ 21.323996] ================================================================== [ 21.324762] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.325469] Write of size 8 at addr ffff8881017113c8 by task kunit_try_catch/281 [ 21.326033] [ 21.326307] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.326444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.326482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.326893] Call Trace: [ 21.326937] <TASK> [ 21.326992] dump_stack_lvl+0x73/0xb0 [ 21.327083] print_report+0xd1/0x650 [ 21.327162] ? __virt_addr_valid+0x1db/0x2d0 [ 21.327245] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.327329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.327408] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.327657] kasan_report+0x141/0x180 [ 21.327739] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.327839] kasan_check_range+0x10c/0x1c0 [ 21.327922] __kasan_check_write+0x18/0x20 [ 21.327998] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.328082] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.328136] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.328170] ? trace_hardirqs_on+0x37/0xe0 [ 21.328208] ? kasan_bitops_generic+0x92/0x1c0 [ 21.328244] kasan_bitops_generic+0x116/0x1c0 [ 21.328272] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.328305] ? __pfx_read_tsc+0x10/0x10 [ 21.328337] ? ktime_get_ts64+0x86/0x230 [ 21.328376] kunit_try_run_case+0x1a5/0x480 [ 21.328433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.328571] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.328619] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.328654] ? __kthread_parkme+0x82/0x180 [ 21.328686] ? preempt_count_sub+0x50/0x80 [ 21.328723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.328756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.328787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.328818] kthread+0x337/0x6f0 [ 21.328849] ? trace_preempt_on+0x20/0xc0 [ 21.328881] ? __pfx_kthread+0x10/0x10 [ 21.328912] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.328942] ? calculate_sigpending+0x7b/0xa0 [ 21.328973] ? __pfx_kthread+0x10/0x10 [ 21.329003] ret_from_fork+0x41/0x80 [ 21.329032] ? __pfx_kthread+0x10/0x10 [ 21.329063] ret_from_fork_asm+0x1a/0x30 [ 21.329107] </TASK> [ 21.329121] [ 21.351342] Allocated by task 281: [ 21.351676] kasan_save_stack+0x45/0x70 [ 21.352036] kasan_save_track+0x18/0x40 [ 21.353764] kasan_save_alloc_info+0x3b/0x50 [ 21.354231] __kasan_kmalloc+0xb7/0xc0 [ 21.354963] __kmalloc_cache_noprof+0x189/0x420 [ 21.355963] kasan_bitops_generic+0x92/0x1c0 [ 21.356142] kunit_try_run_case+0x1a5/0x480 [ 21.356309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.357301] kthread+0x337/0x6f0 [ 21.357841] ret_from_fork+0x41/0x80 [ 21.358731] ret_from_fork_asm+0x1a/0x30 [ 21.359330] [ 21.359550] The buggy address belongs to the object at ffff8881017113c0 [ 21.359550] which belongs to the cache kmalloc-16 of size 16 [ 21.360472] The buggy address is located 8 bytes inside of [ 21.360472] allocated 9-byte region [ffff8881017113c0, ffff8881017113c9) [ 21.361241] [ 21.361477] The buggy address belongs to the physical page: [ 21.362219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 21.362936] flags: 0x200000000000000(node=0|zone=2) [ 21.363650] page_type: f5(slab) [ 21.363963] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.364677] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.365235] page dumped because: kasan: bad access detected [ 21.365746] [ 21.365977] Memory state around the buggy address: [ 21.366340] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.367038] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.367611] >ffff888101711380: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.369263] ^ [ 21.370214] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.370973] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.371382] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 21.270834] ================================================================== [ 21.271432] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 21.272332] Read of size 1 at addr ffff888103c72750 by task kunit_try_catch/279 [ 21.273003] [ 21.273263] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.273401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.273444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.273520] Call Trace: [ 21.273588] <TASK> [ 21.273619] dump_stack_lvl+0x73/0xb0 [ 21.273660] print_report+0xd1/0x650 [ 21.273700] ? __virt_addr_valid+0x1db/0x2d0 [ 21.273773] ? strnlen+0x73/0x80 [ 21.273803] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.273838] ? strnlen+0x73/0x80 [ 21.273866] kasan_report+0x141/0x180 [ 21.273902] ? strnlen+0x73/0x80 [ 21.273936] __asan_report_load1_noabort+0x18/0x20 [ 21.273967] strnlen+0x73/0x80 [ 21.273998] kasan_strings+0x615/0xe80 [ 21.274030] ? trace_hardirqs_on+0x37/0xe0 [ 21.274065] ? __pfx_kasan_strings+0x10/0x10 [ 21.274096] ? finish_task_switch.isra.0+0x153/0x700 [ 21.274132] ? __switch_to+0x5d9/0xf60 [ 21.274162] ? dequeue_task_fair+0x156/0x4e0 [ 21.274196] ? __schedule+0x10cc/0x2b30 [ 21.274232] ? __pfx_read_tsc+0x10/0x10 [ 21.274262] ? ktime_get_ts64+0x86/0x230 [ 21.274300] kunit_try_run_case+0x1a5/0x480 [ 21.274337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.274371] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.274407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.274553] ? __kthread_parkme+0x82/0x180 [ 21.274638] ? preempt_count_sub+0x50/0x80 [ 21.274718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.274796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.274867] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.274942] kthread+0x337/0x6f0 [ 21.275011] ? trace_preempt_on+0x20/0xc0 [ 21.275064] ? __pfx_kthread+0x10/0x10 [ 21.275098] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.275136] ? calculate_sigpending+0x7b/0xa0 [ 21.275168] ? __pfx_kthread+0x10/0x10 [ 21.275203] ret_from_fork+0x41/0x80 [ 21.275234] ? __pfx_kthread+0x10/0x10 [ 21.275268] ret_from_fork_asm+0x1a/0x30 [ 21.275312] </TASK> [ 21.275327] [ 21.294784] Allocated by task 279: [ 21.295236] kasan_save_stack+0x45/0x70 [ 21.295653] kasan_save_track+0x18/0x40 [ 21.296082] kasan_save_alloc_info+0x3b/0x50 [ 21.296451] __kasan_kmalloc+0xb7/0xc0 [ 21.296899] __kmalloc_cache_noprof+0x189/0x420 [ 21.297287] kasan_strings+0xc0/0xe80 [ 21.297735] kunit_try_run_case+0x1a5/0x480 [ 21.298124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.298814] kthread+0x337/0x6f0 [ 21.299160] ret_from_fork+0x41/0x80 [ 21.299535] ret_from_fork_asm+0x1a/0x30 [ 21.300177] [ 21.300434] Freed by task 279: [ 21.300794] kasan_save_stack+0x45/0x70 [ 21.301484] kasan_save_track+0x18/0x40 [ 21.301882] kasan_save_free_info+0x3f/0x60 [ 21.303362] __kasan_slab_free+0x56/0x70 [ 21.303748] kfree+0x222/0x3f0 [ 21.304118] kasan_strings+0x2aa/0xe80 [ 21.304532] kunit_try_run_case+0x1a5/0x480 [ 21.304904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.305385] kthread+0x337/0x6f0 [ 21.305802] ret_from_fork+0x41/0x80 [ 21.306177] ret_from_fork_asm+0x1a/0x30 [ 21.306665] [ 21.306897] The buggy address belongs to the object at ffff888103c72740 [ 21.306897] which belongs to the cache kmalloc-32 of size 32 [ 21.307741] The buggy address is located 16 bytes inside of [ 21.307741] freed 32-byte region [ffff888103c72740, ffff888103c72760) [ 21.308677] [ 21.308869] The buggy address belongs to the physical page: [ 21.309361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c72 [ 21.310100] flags: 0x200000000000000(node=0|zone=2) [ 21.310680] page_type: f5(slab) [ 21.311000] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.311726] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.312216] page dumped because: kasan: bad access detected [ 21.312698] [ 21.312985] Memory state around the buggy address: [ 21.313526] ffff888103c72600: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 21.314000] ffff888103c72680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.314514] >ffff888103c72700: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.315291] ^ [ 21.316032] ffff888103c72780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.316601] ffff888103c72800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.317154] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 21.213162] ================================================================== [ 21.214548] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 21.215052] Read of size 1 at addr ffff888103c72750 by task kunit_try_catch/279 [ 21.215665] [ 21.215943] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.216075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.216114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.216172] Call Trace: [ 21.216219] <TASK> [ 21.216272] dump_stack_lvl+0x73/0xb0 [ 21.216352] print_report+0xd1/0x650 [ 21.216473] ? __virt_addr_valid+0x1db/0x2d0 [ 21.216572] ? strlen+0x8f/0xb0 [ 21.216643] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.216721] ? strlen+0x8f/0xb0 [ 21.216793] kasan_report+0x141/0x180 [ 21.216871] ? strlen+0x8f/0xb0 [ 21.216956] __asan_report_load1_noabort+0x18/0x20 [ 21.217030] strlen+0x8f/0xb0 [ 21.217108] kasan_strings+0x57b/0xe80 [ 21.217180] ? trace_hardirqs_on+0x37/0xe0 [ 21.217264] ? __pfx_kasan_strings+0x10/0x10 [ 21.217336] ? finish_task_switch.isra.0+0x153/0x700 [ 21.217455] ? __switch_to+0x5d9/0xf60 [ 21.217546] ? dequeue_task_fair+0x156/0x4e0 [ 21.217641] ? __schedule+0x10cc/0x2b30 [ 21.217724] ? __pfx_read_tsc+0x10/0x10 [ 21.217788] ? ktime_get_ts64+0x86/0x230 [ 21.217842] kunit_try_run_case+0x1a5/0x480 [ 21.217880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.217914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.217950] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.217985] ? __kthread_parkme+0x82/0x180 [ 21.218017] ? preempt_count_sub+0x50/0x80 [ 21.218051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.218084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.218115] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.218148] kthread+0x337/0x6f0 [ 21.218180] ? trace_preempt_on+0x20/0xc0 [ 21.218212] ? __pfx_kthread+0x10/0x10 [ 21.218245] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.218277] ? calculate_sigpending+0x7b/0xa0 [ 21.218309] ? __pfx_kthread+0x10/0x10 [ 21.218343] ret_from_fork+0x41/0x80 [ 21.218374] ? __pfx_kthread+0x10/0x10 [ 21.218405] ret_from_fork_asm+0x1a/0x30 [ 21.218514] </TASK> [ 21.218532] [ 21.239341] Allocated by task 279: [ 21.240145] kasan_save_stack+0x45/0x70 [ 21.240751] kasan_save_track+0x18/0x40 [ 21.241289] kasan_save_alloc_info+0x3b/0x50 [ 21.241942] __kasan_kmalloc+0xb7/0xc0 [ 21.242270] __kmalloc_cache_noprof+0x189/0x420 [ 21.243099] kasan_strings+0xc0/0xe80 [ 21.243469] kunit_try_run_case+0x1a5/0x480 [ 21.243900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.244611] kthread+0x337/0x6f0 [ 21.244998] ret_from_fork+0x41/0x80 [ 21.245621] ret_from_fork_asm+0x1a/0x30 [ 21.246043] [ 21.246255] Freed by task 279: [ 21.247048] kasan_save_stack+0x45/0x70 [ 21.247374] kasan_save_track+0x18/0x40 [ 21.247814] kasan_save_free_info+0x3f/0x60 [ 21.248244] __kasan_slab_free+0x56/0x70 [ 21.248932] kfree+0x222/0x3f0 [ 21.249526] kasan_strings+0x2aa/0xe80 [ 21.249864] kunit_try_run_case+0x1a5/0x480 [ 21.250284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.251641] kthread+0x337/0x6f0 [ 21.251923] ret_from_fork+0x41/0x80 [ 21.252204] ret_from_fork_asm+0x1a/0x30 [ 21.252508] [ 21.252679] The buggy address belongs to the object at ffff888103c72740 [ 21.252679] which belongs to the cache kmalloc-32 of size 32 [ 21.253714] The buggy address is located 16 bytes inside of [ 21.253714] freed 32-byte region [ffff888103c72740, ffff888103c72760) [ 21.254294] [ 21.254465] The buggy address belongs to the physical page: [ 21.256713] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c72 [ 21.257248] flags: 0x200000000000000(node=0|zone=2) [ 21.257882] page_type: f5(slab) [ 21.258296] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.258743] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.260785] page dumped because: kasan: bad access detected [ 21.261125] [ 21.261276] Memory state around the buggy address: [ 21.261619] ffff888103c72600: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 21.262019] ffff888103c72680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.263697] >ffff888103c72700: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.265380] ^ [ 21.266698] ffff888103c72780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.267890] ffff888103c72800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.268316] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 21.164327] ================================================================== [ 21.164762] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 21.165199] Read of size 1 at addr ffff888103c72750 by task kunit_try_catch/279 [ 21.165931] [ 21.166298] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.166517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.166560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.166621] Call Trace: [ 21.166675] <TASK> [ 21.166760] dump_stack_lvl+0x73/0xb0 [ 21.166852] print_report+0xd1/0x650 [ 21.166935] ? __virt_addr_valid+0x1db/0x2d0 [ 21.167051] ? kasan_strings+0xcbc/0xe80 [ 21.167122] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.167201] ? kasan_strings+0xcbc/0xe80 [ 21.167276] kasan_report+0x141/0x180 [ 21.167358] ? kasan_strings+0xcbc/0xe80 [ 21.167504] __asan_report_load1_noabort+0x18/0x20 [ 21.167629] kasan_strings+0xcbc/0xe80 [ 21.167705] ? trace_hardirqs_on+0x37/0xe0 [ 21.167819] ? __pfx_kasan_strings+0x10/0x10 [ 21.167896] ? finish_task_switch.isra.0+0x153/0x700 [ 21.168220] ? __switch_to+0x5d9/0xf60 [ 21.168287] ? dequeue_task_fair+0x156/0x4e0 [ 21.168365] ? __schedule+0x10cc/0x2b30 [ 21.168503] ? __pfx_read_tsc+0x10/0x10 [ 21.168576] ? ktime_get_ts64+0x86/0x230 [ 21.168661] kunit_try_run_case+0x1a5/0x480 [ 21.168705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.168740] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.168775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.168809] ? __kthread_parkme+0x82/0x180 [ 21.168843] ? preempt_count_sub+0x50/0x80 [ 21.168878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.168912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.168944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.168977] kthread+0x337/0x6f0 [ 21.169009] ? trace_preempt_on+0x20/0xc0 [ 21.169040] ? __pfx_kthread+0x10/0x10 [ 21.169073] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.169105] ? calculate_sigpending+0x7b/0xa0 [ 21.169137] ? __pfx_kthread+0x10/0x10 [ 21.169170] ret_from_fork+0x41/0x80 [ 21.169201] ? __pfx_kthread+0x10/0x10 [ 21.169232] ret_from_fork_asm+0x1a/0x30 [ 21.169275] </TASK> [ 21.169289] [ 21.189403] Allocated by task 279: [ 21.190061] kasan_save_stack+0x45/0x70 [ 21.190958] kasan_save_track+0x18/0x40 [ 21.191798] kasan_save_alloc_info+0x3b/0x50 [ 21.192134] __kasan_kmalloc+0xb7/0xc0 [ 21.192513] __kmalloc_cache_noprof+0x189/0x420 [ 21.192952] kasan_strings+0xc0/0xe80 [ 21.193346] kunit_try_run_case+0x1a5/0x480 [ 21.194231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.194886] kthread+0x337/0x6f0 [ 21.195048] ret_from_fork+0x41/0x80 [ 21.195201] ret_from_fork_asm+0x1a/0x30 [ 21.195360] [ 21.195480] Freed by task 279: [ 21.196036] kasan_save_stack+0x45/0x70 [ 21.196436] kasan_save_track+0x18/0x40 [ 21.196774] kasan_save_free_info+0x3f/0x60 [ 21.197092] __kasan_slab_free+0x56/0x70 [ 21.197507] kfree+0x222/0x3f0 [ 21.197889] kasan_strings+0x2aa/0xe80 [ 21.198792] kunit_try_run_case+0x1a5/0x480 [ 21.199379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.199939] kthread+0x337/0x6f0 [ 21.200361] ret_from_fork+0x41/0x80 [ 21.200774] ret_from_fork_asm+0x1a/0x30 [ 21.201149] [ 21.201383] The buggy address belongs to the object at ffff888103c72740 [ 21.201383] which belongs to the cache kmalloc-32 of size 32 [ 21.202280] The buggy address is located 16 bytes inside of [ 21.202280] freed 32-byte region [ffff888103c72740, ffff888103c72760) [ 21.203203] [ 21.203412] The buggy address belongs to the physical page: [ 21.203938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c72 [ 21.204684] flags: 0x200000000000000(node=0|zone=2) [ 21.205067] page_type: f5(slab) [ 21.205480] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.206186] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.206746] page dumped because: kasan: bad access detected [ 21.207273] [ 21.207575] Memory state around the buggy address: [ 21.207971] ffff888103c72600: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 21.208564] ffff888103c72680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.209167] >ffff888103c72700: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.209809] ^ [ 21.210351] ffff888103c72780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.210962] ffff888103c72800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.211641] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 21.112887] ================================================================== [ 21.114928] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 21.115661] Read of size 1 at addr ffff888103c72750 by task kunit_try_catch/279 [ 21.116277] [ 21.116582] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.116719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.116756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.116819] Call Trace: [ 21.116914] <TASK> [ 21.116981] dump_stack_lvl+0x73/0xb0 [ 21.117070] print_report+0xd1/0x650 [ 21.117149] ? __virt_addr_valid+0x1db/0x2d0 [ 21.117224] ? strcmp+0xb0/0xc0 [ 21.117289] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.117362] ? strcmp+0xb0/0xc0 [ 21.117430] kasan_report+0x141/0x180 [ 21.117524] ? strcmp+0xb0/0xc0 [ 21.117619] __asan_report_load1_noabort+0x18/0x20 [ 21.117688] strcmp+0xb0/0xc0 [ 21.117720] kasan_strings+0x431/0xe80 [ 21.117750] ? trace_hardirqs_on+0x37/0xe0 [ 21.117785] ? __pfx_kasan_strings+0x10/0x10 [ 21.117814] ? finish_task_switch.isra.0+0x153/0x700 [ 21.117849] ? __switch_to+0x5d9/0xf60 [ 21.117880] ? dequeue_task_fair+0x156/0x4e0 [ 21.117915] ? __schedule+0x10cc/0x2b30 [ 21.117950] ? __pfx_read_tsc+0x10/0x10 [ 21.117979] ? ktime_get_ts64+0x86/0x230 [ 21.118015] kunit_try_run_case+0x1a5/0x480 [ 21.118050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.118080] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.118115] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.118150] ? __kthread_parkme+0x82/0x180 [ 21.118180] ? preempt_count_sub+0x50/0x80 [ 21.118214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.118246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.118277] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.118308] kthread+0x337/0x6f0 [ 21.118337] ? trace_preempt_on+0x20/0xc0 [ 21.118369] ? __pfx_kthread+0x10/0x10 [ 21.118400] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.118473] ? calculate_sigpending+0x7b/0xa0 [ 21.118536] ? __pfx_kthread+0x10/0x10 [ 21.118570] ret_from_fork+0x41/0x80 [ 21.118600] ? __pfx_kthread+0x10/0x10 [ 21.118632] ret_from_fork_asm+0x1a/0x30 [ 21.118676] </TASK> [ 21.118691] [ 21.133955] Allocated by task 279: [ 21.134401] kasan_save_stack+0x45/0x70 [ 21.134895] kasan_save_track+0x18/0x40 [ 21.135258] kasan_save_alloc_info+0x3b/0x50 [ 21.135978] __kasan_kmalloc+0xb7/0xc0 [ 21.136362] __kmalloc_cache_noprof+0x189/0x420 [ 21.137115] kasan_strings+0xc0/0xe80 [ 21.137595] kunit_try_run_case+0x1a5/0x480 [ 21.138113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.138560] kthread+0x337/0x6f0 [ 21.138957] ret_from_fork+0x41/0x80 [ 21.139339] ret_from_fork_asm+0x1a/0x30 [ 21.139810] [ 21.140045] Freed by task 279: [ 21.140385] kasan_save_stack+0x45/0x70 [ 21.140831] kasan_save_track+0x18/0x40 [ 21.141291] kasan_save_free_info+0x3f/0x60 [ 21.141883] __kasan_slab_free+0x56/0x70 [ 21.142289] kfree+0x222/0x3f0 [ 21.142826] kasan_strings+0x2aa/0xe80 [ 21.143263] kunit_try_run_case+0x1a5/0x480 [ 21.144451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.145681] kthread+0x337/0x6f0 [ 21.146107] ret_from_fork+0x41/0x80 [ 21.147583] ret_from_fork_asm+0x1a/0x30 [ 21.147956] [ 21.148139] The buggy address belongs to the object at ffff888103c72740 [ 21.148139] which belongs to the cache kmalloc-32 of size 32 [ 21.150071] The buggy address is located 16 bytes inside of [ 21.150071] freed 32-byte region [ffff888103c72740, ffff888103c72760) [ 21.151398] [ 21.152116] The buggy address belongs to the physical page: [ 21.153089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c72 [ 21.153929] flags: 0x200000000000000(node=0|zone=2) [ 21.154504] page_type: f5(slab) [ 21.155088] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.155959] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.157088] page dumped because: kasan: bad access detected [ 21.157478] [ 21.158048] Memory state around the buggy address: [ 21.158675] ffff888103c72600: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 21.159404] ffff888103c72680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.160125] >ffff888103c72700: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.160745] ^ [ 21.161622] ffff888103c72780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.162341] ffff888103c72800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.163155] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 21.052036] ================================================================== [ 21.053197] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 21.053978] Read of size 1 at addr ffff888103c72698 by task kunit_try_catch/277 [ 21.055153] [ 21.055640] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.055777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.055838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.055906] Call Trace: [ 21.055959] <TASK> [ 21.056010] dump_stack_lvl+0x73/0xb0 [ 21.056086] print_report+0xd1/0x650 [ 21.056142] ? __virt_addr_valid+0x1db/0x2d0 [ 21.056180] ? memcmp+0x1b4/0x1d0 [ 21.056209] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.056245] ? memcmp+0x1b4/0x1d0 [ 21.056273] kasan_report+0x141/0x180 [ 21.056306] ? memcmp+0x1b4/0x1d0 [ 21.056341] __asan_report_load1_noabort+0x18/0x20 [ 21.056370] memcmp+0x1b4/0x1d0 [ 21.056401] kasan_memcmp+0x18f/0x390 [ 21.056530] ? __pfx_kasan_memcmp+0x10/0x10 [ 21.056598] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 21.056649] ? __pfx_read_tsc+0x10/0x10 [ 21.056680] ? ktime_get_ts64+0x86/0x230 [ 21.056718] kunit_try_run_case+0x1a5/0x480 [ 21.056754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.056785] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.056819] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.056853] ? __kthread_parkme+0x82/0x180 [ 21.056885] ? preempt_count_sub+0x50/0x80 [ 21.056920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.056953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.056985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.057017] kthread+0x337/0x6f0 [ 21.057045] ? trace_preempt_on+0x20/0xc0 [ 21.057079] ? __pfx_kthread+0x10/0x10 [ 21.057110] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.057142] ? calculate_sigpending+0x7b/0xa0 [ 21.057173] ? __pfx_kthread+0x10/0x10 [ 21.057205] ret_from_fork+0x41/0x80 [ 21.057236] ? __pfx_kthread+0x10/0x10 [ 21.057269] ret_from_fork_asm+0x1a/0x30 [ 21.057312] </TASK> [ 21.057327] [ 21.077341] Allocated by task 277: [ 21.078269] kasan_save_stack+0x45/0x70 [ 21.078795] kasan_save_track+0x18/0x40 [ 21.079215] kasan_save_alloc_info+0x3b/0x50 [ 21.080091] __kasan_kmalloc+0xb7/0xc0 [ 21.080464] __kmalloc_cache_noprof+0x189/0x420 [ 21.081326] kasan_memcmp+0xb7/0x390 [ 21.082306] kunit_try_run_case+0x1a5/0x480 [ 21.082933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.083991] kthread+0x337/0x6f0 [ 21.084291] ret_from_fork+0x41/0x80 [ 21.085600] ret_from_fork_asm+0x1a/0x30 [ 21.085942] [ 21.086157] The buggy address belongs to the object at ffff888103c72680 [ 21.086157] which belongs to the cache kmalloc-32 of size 32 [ 21.087931] The buggy address is located 0 bytes to the right of [ 21.087931] allocated 24-byte region [ffff888103c72680, ffff888103c72698) [ 21.089066] [ 21.089240] The buggy address belongs to the physical page: [ 21.090549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c72 [ 21.091286] flags: 0x200000000000000(node=0|zone=2) [ 21.092060] page_type: f5(slab) [ 21.092332] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.093763] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.094476] page dumped because: kasan: bad access detected [ 21.095421] [ 21.095708] Memory state around the buggy address: [ 21.096081] ffff888103c72580: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.096688] ffff888103c72600: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 21.098278] >ffff888103c72680: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.099192] ^ [ 21.099642] ffff888103c72700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.100153] ffff888103c72780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.100696] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 18.954687] ================================================================== [ 18.955082] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 18.955549] Read of size 1 at addr ffff888103199c00 by task kunit_try_catch/216 [ 18.956735] [ 18.957220] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.957288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.957304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.957333] Call Trace: [ 18.957351] <TASK> [ 18.957372] dump_stack_lvl+0x73/0xb0 [ 18.957413] print_report+0xd1/0x650 [ 18.957947] ? __virt_addr_valid+0x1db/0x2d0 [ 18.958213] ? ksize_uaf+0x5fe/0x6c0 [ 18.958318] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.958363] ? ksize_uaf+0x5fe/0x6c0 [ 18.958398] kasan_report+0x141/0x180 [ 18.958440] ? ksize_uaf+0x5fe/0x6c0 [ 18.958802] __asan_report_load1_noabort+0x18/0x20 [ 18.958839] ksize_uaf+0x5fe/0x6c0 [ 18.958873] ? __pfx_ksize_uaf+0x10/0x10 [ 18.958904] ? __schedule+0x10cc/0x2b30 [ 18.958937] ? __pfx_read_tsc+0x10/0x10 [ 18.958964] ? ktime_get_ts64+0x86/0x230 [ 18.959002] kunit_try_run_case+0x1a5/0x480 [ 18.959039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.959071] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.959104] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.959138] ? __kthread_parkme+0x82/0x180 [ 18.959169] ? preempt_count_sub+0x50/0x80 [ 18.959204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.959236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.959268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.959301] kthread+0x337/0x6f0 [ 18.959331] ? trace_preempt_on+0x20/0xc0 [ 18.959364] ? __pfx_kthread+0x10/0x10 [ 18.959395] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.959427] ? calculate_sigpending+0x7b/0xa0 [ 18.959519] ? __pfx_kthread+0x10/0x10 [ 18.959595] ret_from_fork+0x41/0x80 [ 18.959667] ? __pfx_kthread+0x10/0x10 [ 18.959738] ret_from_fork_asm+0x1a/0x30 [ 18.959829] </TASK> [ 18.959867] [ 18.981226] Allocated by task 216: [ 18.982551] kasan_save_stack+0x45/0x70 [ 18.982873] kasan_save_track+0x18/0x40 [ 18.983265] kasan_save_alloc_info+0x3b/0x50 [ 18.984086] __kasan_kmalloc+0xb7/0xc0 [ 18.984471] __kmalloc_cache_noprof+0x189/0x420 [ 18.984907] ksize_uaf+0xaa/0x6c0 [ 18.985324] kunit_try_run_case+0x1a5/0x480 [ 18.985791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.986524] kthread+0x337/0x6f0 [ 18.987162] ret_from_fork+0x41/0x80 [ 18.987613] ret_from_fork_asm+0x1a/0x30 [ 18.988074] [ 18.988294] Freed by task 216: [ 18.989129] kasan_save_stack+0x45/0x70 [ 18.989657] kasan_save_track+0x18/0x40 [ 18.989998] kasan_save_free_info+0x3f/0x60 [ 18.990429] __kasan_slab_free+0x56/0x70 [ 18.990918] kfree+0x222/0x3f0 [ 18.991276] ksize_uaf+0x12c/0x6c0 [ 18.991809] kunit_try_run_case+0x1a5/0x480 [ 18.992271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.992848] kthread+0x337/0x6f0 [ 18.993246] ret_from_fork+0x41/0x80 [ 18.994002] ret_from_fork_asm+0x1a/0x30 [ 18.994372] [ 18.994711] The buggy address belongs to the object at ffff888103199c00 [ 18.994711] which belongs to the cache kmalloc-128 of size 128 [ 18.995611] The buggy address is located 0 bytes inside of [ 18.995611] freed 128-byte region [ffff888103199c00, ffff888103199c80) [ 18.996353] [ 18.996596] The buggy address belongs to the physical page: [ 18.997267] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 18.997934] flags: 0x200000000000000(node=0|zone=2) [ 18.998587] page_type: f5(slab) [ 18.999103] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.999823] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.000413] page dumped because: kasan: bad access detected [ 19.000930] [ 19.001154] Memory state around the buggy address: [ 19.001553] ffff888103199b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.002750] ffff888103199b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.003522] >ffff888103199c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.003975] ^ [ 19.004346] ffff888103199c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.005093] ffff888103199d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.005709] ================================================================== [ 18.903970] ================================================================== [ 18.904804] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 18.905439] Read of size 1 at addr ffff888103199c00 by task kunit_try_catch/216 [ 18.906310] [ 18.906790] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.906926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.906985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.907072] Call Trace: [ 18.907118] <TASK> [ 18.907175] dump_stack_lvl+0x73/0xb0 [ 18.907281] print_report+0xd1/0x650 [ 18.907392] ? __virt_addr_valid+0x1db/0x2d0 [ 18.907472] ? ksize_uaf+0x19d/0x6c0 [ 18.907559] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.907632] ? ksize_uaf+0x19d/0x6c0 [ 18.907664] kasan_report+0x141/0x180 [ 18.907732] ? ksize_uaf+0x19d/0x6c0 [ 18.907814] ? ksize_uaf+0x19d/0x6c0 [ 18.907906] __kasan_check_byte+0x3d/0x50 [ 18.908013] ksize+0x20/0x60 [ 18.908086] ksize_uaf+0x19d/0x6c0 [ 18.908161] ? __pfx_ksize_uaf+0x10/0x10 [ 18.908233] ? __schedule+0x10cc/0x2b30 [ 18.908363] ? __pfx_read_tsc+0x10/0x10 [ 18.908436] ? ktime_get_ts64+0x86/0x230 [ 18.908543] kunit_try_run_case+0x1a5/0x480 [ 18.908595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.908626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.908660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.908692] ? __kthread_parkme+0x82/0x180 [ 18.908723] ? preempt_count_sub+0x50/0x80 [ 18.908757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.908788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.908818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.908850] kthread+0x337/0x6f0 [ 18.908879] ? trace_preempt_on+0x20/0xc0 [ 18.908912] ? __pfx_kthread+0x10/0x10 [ 18.908943] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.908973] ? calculate_sigpending+0x7b/0xa0 [ 18.909002] ? __pfx_kthread+0x10/0x10 [ 18.909033] ret_from_fork+0x41/0x80 [ 18.909061] ? __pfx_kthread+0x10/0x10 [ 18.909091] ret_from_fork_asm+0x1a/0x30 [ 18.909134] </TASK> [ 18.909147] [ 18.925049] Allocated by task 216: [ 18.925388] kasan_save_stack+0x45/0x70 [ 18.925947] kasan_save_track+0x18/0x40 [ 18.926453] kasan_save_alloc_info+0x3b/0x50 [ 18.927208] __kasan_kmalloc+0xb7/0xc0 [ 18.927618] __kmalloc_cache_noprof+0x189/0x420 [ 18.928073] ksize_uaf+0xaa/0x6c0 [ 18.928418] kunit_try_run_case+0x1a5/0x480 [ 18.929626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.930653] kthread+0x337/0x6f0 [ 18.931298] ret_from_fork+0x41/0x80 [ 18.931924] ret_from_fork_asm+0x1a/0x30 [ 18.932191] [ 18.932283] Freed by task 216: [ 18.932410] kasan_save_stack+0x45/0x70 [ 18.933240] kasan_save_track+0x18/0x40 [ 18.933971] kasan_save_free_info+0x3f/0x60 [ 18.934955] __kasan_slab_free+0x56/0x70 [ 18.935814] kfree+0x222/0x3f0 [ 18.936444] ksize_uaf+0x12c/0x6c0 [ 18.937182] kunit_try_run_case+0x1a5/0x480 [ 18.938040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.938625] kthread+0x337/0x6f0 [ 18.938878] ret_from_fork+0x41/0x80 [ 18.939407] ret_from_fork_asm+0x1a/0x30 [ 18.939948] [ 18.940195] The buggy address belongs to the object at ffff888103199c00 [ 18.940195] which belongs to the cache kmalloc-128 of size 128 [ 18.941719] The buggy address is located 0 bytes inside of [ 18.941719] freed 128-byte region [ffff888103199c00, ffff888103199c80) [ 18.942912] [ 18.943097] The buggy address belongs to the physical page: [ 18.943615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 18.944189] flags: 0x200000000000000(node=0|zone=2) [ 18.945209] page_type: f5(slab) [ 18.945742] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.946878] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.947417] page dumped because: kasan: bad access detected [ 18.948346] [ 18.948539] Memory state around the buggy address: [ 18.949117] ffff888103199b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.949817] ffff888103199b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.950582] >ffff888103199c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.951255] ^ [ 18.951610] ffff888103199c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.952427] ffff888103199d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.953114] ================================================================== [ 19.008297] ================================================================== [ 19.009263] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 19.009952] Read of size 1 at addr ffff888103199c78 by task kunit_try_catch/216 [ 19.010519] [ 19.010883] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 19.011008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.011045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.011101] Call Trace: [ 19.011141] <TASK> [ 19.011192] dump_stack_lvl+0x73/0xb0 [ 19.011267] print_report+0xd1/0x650 [ 19.011351] ? __virt_addr_valid+0x1db/0x2d0 [ 19.011428] ? ksize_uaf+0x5e4/0x6c0 [ 19.011521] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.011599] ? ksize_uaf+0x5e4/0x6c0 [ 19.011674] kasan_report+0x141/0x180 [ 19.011753] ? ksize_uaf+0x5e4/0x6c0 [ 19.011850] __asan_report_load1_noabort+0x18/0x20 [ 19.011922] ksize_uaf+0x5e4/0x6c0 [ 19.011996] ? __pfx_ksize_uaf+0x10/0x10 [ 19.012074] ? __schedule+0x10cc/0x2b30 [ 19.012160] ? __pfx_read_tsc+0x10/0x10 [ 19.012234] ? ktime_get_ts64+0x86/0x230 [ 19.012316] kunit_try_run_case+0x1a5/0x480 [ 19.012415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.012585] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.012625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.012661] ? __kthread_parkme+0x82/0x180 [ 19.012692] ? preempt_count_sub+0x50/0x80 [ 19.012727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.012761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.012796] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.012829] kthread+0x337/0x6f0 [ 19.012858] ? trace_preempt_on+0x20/0xc0 [ 19.012891] ? __pfx_kthread+0x10/0x10 [ 19.012923] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.012957] ? calculate_sigpending+0x7b/0xa0 [ 19.012987] ? __pfx_kthread+0x10/0x10 [ 19.013019] ret_from_fork+0x41/0x80 [ 19.013049] ? __pfx_kthread+0x10/0x10 [ 19.013080] ret_from_fork_asm+0x1a/0x30 [ 19.013123] </TASK> [ 19.013135] [ 19.031243] Allocated by task 216: [ 19.031425] kasan_save_stack+0x45/0x70 [ 19.031869] kasan_save_track+0x18/0x40 [ 19.032279] kasan_save_alloc_info+0x3b/0x50 [ 19.033859] __kasan_kmalloc+0xb7/0xc0 [ 19.034387] __kmalloc_cache_noprof+0x189/0x420 [ 19.035131] ksize_uaf+0xaa/0x6c0 [ 19.035755] kunit_try_run_case+0x1a5/0x480 [ 19.036246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.037065] kthread+0x337/0x6f0 [ 19.037381] ret_from_fork+0x41/0x80 [ 19.037675] ret_from_fork_asm+0x1a/0x30 [ 19.038096] [ 19.038327] Freed by task 216: [ 19.038687] kasan_save_stack+0x45/0x70 [ 19.039087] kasan_save_track+0x18/0x40 [ 19.039484] kasan_save_free_info+0x3f/0x60 [ 19.040061] __kasan_slab_free+0x56/0x70 [ 19.040374] kfree+0x222/0x3f0 [ 19.040699] ksize_uaf+0x12c/0x6c0 [ 19.041005] kunit_try_run_case+0x1a5/0x480 [ 19.042000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.042689] kthread+0x337/0x6f0 [ 19.043083] ret_from_fork+0x41/0x80 [ 19.043742] ret_from_fork_asm+0x1a/0x30 [ 19.044161] [ 19.044949] The buggy address belongs to the object at ffff888103199c00 [ 19.044949] which belongs to the cache kmalloc-128 of size 128 [ 19.046099] The buggy address is located 120 bytes inside of [ 19.046099] freed 128-byte region [ffff888103199c00, ffff888103199c80) [ 19.047015] [ 19.047327] The buggy address belongs to the physical page: [ 19.047875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 19.048723] flags: 0x200000000000000(node=0|zone=2) [ 19.049268] page_type: f5(slab) [ 19.049861] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.050690] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.051340] page dumped because: kasan: bad access detected [ 19.052653] [ 19.052917] Memory state around the buggy address: [ 19.053452] ffff888103199b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.053965] ffff888103199b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.054892] >ffff888103199c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.055549] ^ [ 19.056148] ffff888103199c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.056827] ffff888103199d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.057880] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 18.803416] ================================================================== [ 18.804030] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.804733] Read of size 1 at addr ffff888103199b78 by task kunit_try_catch/214 [ 18.805588] [ 18.805875] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.806060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.806099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.806207] Call Trace: [ 18.806257] <TASK> [ 18.806720] dump_stack_lvl+0x73/0xb0 [ 18.806767] print_report+0xd1/0x650 [ 18.806804] ? __virt_addr_valid+0x1db/0x2d0 [ 18.806837] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.806870] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.806902] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.806936] kasan_report+0x141/0x180 [ 18.806967] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.807008] __asan_report_load1_noabort+0x18/0x20 [ 18.807036] ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.807072] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.807105] ? __schedule+0x2077/0x2b30 [ 18.807137] ? schedule+0x7c/0x2e0 [ 18.807167] ? trace_hardirqs_on+0x37/0xe0 [ 18.807201] ? __schedule+0x2077/0x2b30 [ 18.807232] ? __pfx_read_tsc+0x10/0x10 [ 18.807259] ? ktime_get_ts64+0x86/0x230 [ 18.807294] kunit_try_run_case+0x1a5/0x480 [ 18.807328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.807359] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.807392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.807431] ? __kthread_parkme+0x82/0x180 [ 18.807528] ? preempt_count_sub+0x50/0x80 [ 18.807569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.807603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.807636] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.807667] kthread+0x337/0x6f0 [ 18.807697] ? trace_preempt_on+0x20/0xc0 [ 18.807728] ? __pfx_kthread+0x10/0x10 [ 18.807761] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.807793] ? calculate_sigpending+0x7b/0xa0 [ 18.807822] ? __pfx_kthread+0x10/0x10 [ 18.807854] ret_from_fork+0x41/0x80 [ 18.807883] ? __pfx_kthread+0x10/0x10 [ 18.807913] ret_from_fork_asm+0x1a/0x30 [ 18.807956] </TASK> [ 18.807969] [ 18.826828] Allocated by task 214: [ 18.827282] kasan_save_stack+0x45/0x70 [ 18.827951] kasan_save_track+0x18/0x40 [ 18.828257] kasan_save_alloc_info+0x3b/0x50 [ 18.829276] __kasan_kmalloc+0xb7/0xc0 [ 18.829588] __kmalloc_cache_noprof+0x189/0x420 [ 18.830062] ksize_unpoisons_memory+0xc7/0x9b0 [ 18.831012] kunit_try_run_case+0x1a5/0x480 [ 18.831372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.831873] kthread+0x337/0x6f0 [ 18.832203] ret_from_fork+0x41/0x80 [ 18.833081] ret_from_fork_asm+0x1a/0x30 [ 18.833535] [ 18.833818] The buggy address belongs to the object at ffff888103199b00 [ 18.833818] which belongs to the cache kmalloc-128 of size 128 [ 18.835108] The buggy address is located 5 bytes to the right of [ 18.835108] allocated 115-byte region [ffff888103199b00, ffff888103199b73) [ 18.837259] [ 18.837445] The buggy address belongs to the physical page: [ 18.838071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 18.839004] flags: 0x200000000000000(node=0|zone=2) [ 18.839389] page_type: f5(slab) [ 18.840288] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.841029] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.841607] page dumped because: kasan: bad access detected [ 18.842230] [ 18.842389] Memory state around the buggy address: [ 18.843360] ffff888103199a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.843918] ffff888103199a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.844389] >ffff888103199b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.844954] ^ [ 18.845467] ffff888103199b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.846203] ffff888103199c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.846856] ================================================================== [ 18.758491] ================================================================== [ 18.759527] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 18.760297] Read of size 1 at addr ffff888103199b73 by task kunit_try_catch/214 [ 18.761155] [ 18.761520] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.761764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.761804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.761862] Call Trace: [ 18.761911] <TASK> [ 18.761965] dump_stack_lvl+0x73/0xb0 [ 18.762051] print_report+0xd1/0x650 [ 18.762124] ? __virt_addr_valid+0x1db/0x2d0 [ 18.762197] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 18.762269] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.762340] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 18.762413] kasan_report+0x141/0x180 [ 18.762565] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 18.762608] __asan_report_load1_noabort+0x18/0x20 [ 18.762636] ksize_unpoisons_memory+0x81c/0x9b0 [ 18.762670] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.762702] ? __schedule+0x2077/0x2b30 [ 18.762733] ? schedule+0x7c/0x2e0 [ 18.762760] ? trace_hardirqs_on+0x37/0xe0 [ 18.762794] ? __schedule+0x2077/0x2b30 [ 18.762824] ? __pfx_read_tsc+0x10/0x10 [ 18.762852] ? ktime_get_ts64+0x86/0x230 [ 18.762888] kunit_try_run_case+0x1a5/0x480 [ 18.762923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.762952] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.762985] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.763018] ? __kthread_parkme+0x82/0x180 [ 18.763049] ? preempt_count_sub+0x50/0x80 [ 18.763083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.763115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.763144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.763174] kthread+0x337/0x6f0 [ 18.763202] ? trace_preempt_on+0x20/0xc0 [ 18.763232] ? __pfx_kthread+0x10/0x10 [ 18.763262] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.763292] ? calculate_sigpending+0x7b/0xa0 [ 18.763321] ? __pfx_kthread+0x10/0x10 [ 18.763351] ret_from_fork+0x41/0x80 [ 18.763379] ? __pfx_kthread+0x10/0x10 [ 18.763409] ret_from_fork_asm+0x1a/0x30 [ 18.763491] </TASK> [ 18.763530] [ 18.781881] Allocated by task 214: [ 18.782323] kasan_save_stack+0x45/0x70 [ 18.782982] kasan_save_track+0x18/0x40 [ 18.783390] kasan_save_alloc_info+0x3b/0x50 [ 18.784132] __kasan_kmalloc+0xb7/0xc0 [ 18.784571] __kmalloc_cache_noprof+0x189/0x420 [ 18.784910] ksize_unpoisons_memory+0xc7/0x9b0 [ 18.785345] kunit_try_run_case+0x1a5/0x480 [ 18.786131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.786800] kthread+0x337/0x6f0 [ 18.787175] ret_from_fork+0x41/0x80 [ 18.787715] ret_from_fork_asm+0x1a/0x30 [ 18.788032] [ 18.788626] The buggy address belongs to the object at ffff888103199b00 [ 18.788626] which belongs to the cache kmalloc-128 of size 128 [ 18.789873] The buggy address is located 0 bytes to the right of [ 18.789873] allocated 115-byte region [ffff888103199b00, ffff888103199b73) [ 18.790861] [ 18.791364] The buggy address belongs to the physical page: [ 18.791960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 18.792785] flags: 0x200000000000000(node=0|zone=2) [ 18.793298] page_type: f5(slab) [ 18.793792] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.794646] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.795233] page dumped because: kasan: bad access detected [ 18.795763] [ 18.796000] Memory state around the buggy address: [ 18.796468] ffff888103199a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.796984] ffff888103199a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.798135] >ffff888103199b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.798680] ^ [ 18.799490] ffff888103199b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.800060] ffff888103199c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.800735] ================================================================== [ 18.848330] ================================================================== [ 18.848895] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.849751] Read of size 1 at addr ffff888103199b7f by task kunit_try_catch/214 [ 18.850806] [ 18.851152] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.851274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.851308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.851362] Call Trace: [ 18.851414] <TASK> [ 18.851524] dump_stack_lvl+0x73/0xb0 [ 18.851626] print_report+0xd1/0x650 [ 18.851731] ? __virt_addr_valid+0x1db/0x2d0 [ 18.851804] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.851880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.851974] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.852082] kasan_report+0x141/0x180 [ 18.852161] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.852272] __asan_report_load1_noabort+0x18/0x20 [ 18.852370] ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.852492] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.852578] ? __schedule+0x2077/0x2b30 [ 18.852611] ? schedule+0x7c/0x2e0 [ 18.852641] ? trace_hardirqs_on+0x37/0xe0 [ 18.852675] ? __schedule+0x2077/0x2b30 [ 18.852706] ? __pfx_read_tsc+0x10/0x10 [ 18.852731] ? ktime_get_ts64+0x86/0x230 [ 18.852765] kunit_try_run_case+0x1a5/0x480 [ 18.852800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.852830] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.852863] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.852895] ? __kthread_parkme+0x82/0x180 [ 18.852924] ? preempt_count_sub+0x50/0x80 [ 18.852958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.852989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.853018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.853048] kthread+0x337/0x6f0 [ 18.853076] ? trace_preempt_on+0x20/0xc0 [ 18.853107] ? __pfx_kthread+0x10/0x10 [ 18.853136] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.853166] ? calculate_sigpending+0x7b/0xa0 [ 18.853194] ? __pfx_kthread+0x10/0x10 [ 18.853224] ret_from_fork+0x41/0x80 [ 18.853253] ? __pfx_kthread+0x10/0x10 [ 18.853282] ret_from_fork_asm+0x1a/0x30 [ 18.853324] </TASK> [ 18.853336] [ 18.870513] Allocated by task 214: [ 18.871012] kasan_save_stack+0x45/0x70 [ 18.871574] kasan_save_track+0x18/0x40 [ 18.872079] kasan_save_alloc_info+0x3b/0x50 [ 18.872550] __kasan_kmalloc+0xb7/0xc0 [ 18.873197] __kmalloc_cache_noprof+0x189/0x420 [ 18.874938] ksize_unpoisons_memory+0xc7/0x9b0 [ 18.875317] kunit_try_run_case+0x1a5/0x480 [ 18.875661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.876036] kthread+0x337/0x6f0 [ 18.876396] ret_from_fork+0x41/0x80 [ 18.876878] ret_from_fork_asm+0x1a/0x30 [ 18.877353] [ 18.877680] The buggy address belongs to the object at ffff888103199b00 [ 18.877680] which belongs to the cache kmalloc-128 of size 128 [ 18.878810] The buggy address is located 12 bytes to the right of [ 18.878810] allocated 115-byte region [ffff888103199b00, ffff888103199b73) [ 18.879838] [ 18.880026] The buggy address belongs to the physical page: [ 18.880588] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 18.881365] flags: 0x200000000000000(node=0|zone=2) [ 18.881926] page_type: f5(slab) [ 18.882305] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.882798] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.884748] page dumped because: kasan: bad access detected [ 18.885285] [ 18.886737] Memory state around the buggy address: [ 18.887093] ffff888103199a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.888561] ffff888103199a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.889965] >ffff888103199b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.891867] ^ [ 18.893546] ffff888103199b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.895110] ffff888103199c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.896303] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 18.690311] ================================================================== [ 18.691268] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 18.692070] Free of addr ffff8881017113a0 by task kunit_try_catch/212 [ 18.692816] [ 18.693154] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.693282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.693318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.693640] Call Trace: [ 18.693736] <TASK> [ 18.693793] dump_stack_lvl+0x73/0xb0 [ 18.693873] print_report+0xd1/0x650 [ 18.693952] ? __virt_addr_valid+0x1db/0x2d0 [ 18.694024] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.694094] ? kfree_sensitive+0x2e/0x90 [ 18.694167] kasan_report_invalid_free+0x10a/0x130 [ 18.694230] ? kfree_sensitive+0x2e/0x90 [ 18.694264] ? kfree_sensitive+0x2e/0x90 [ 18.694293] check_slab_allocation+0x101/0x130 [ 18.694325] __kasan_slab_pre_free+0x28/0x40 [ 18.694356] kfree+0xf0/0x3f0 [ 18.694383] ? kfree_sensitive+0x2e/0x90 [ 18.694415] kfree_sensitive+0x2e/0x90 [ 18.694567] kmalloc_double_kzfree+0x19c/0x350 [ 18.694634] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 18.694698] ? __schedule+0x10cc/0x2b30 [ 18.694757] ? __pfx_read_tsc+0x10/0x10 [ 18.694809] ? ktime_get_ts64+0x86/0x230 [ 18.694873] kunit_try_run_case+0x1a5/0x480 [ 18.694934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.694987] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.695045] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.695110] ? __kthread_parkme+0x82/0x180 [ 18.695176] ? preempt_count_sub+0x50/0x80 [ 18.695247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.695362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.695408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.695770] kthread+0x337/0x6f0 [ 18.695811] ? trace_preempt_on+0x20/0xc0 [ 18.695846] ? __pfx_kthread+0x10/0x10 [ 18.695879] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.695912] ? calculate_sigpending+0x7b/0xa0 [ 18.695942] ? __pfx_kthread+0x10/0x10 [ 18.695974] ret_from_fork+0x41/0x80 [ 18.696004] ? __pfx_kthread+0x10/0x10 [ 18.696036] ret_from_fork_asm+0x1a/0x30 [ 18.696078] </TASK> [ 18.696091] [ 18.719599] Allocated by task 212: [ 18.720123] kasan_save_stack+0x45/0x70 [ 18.721202] kasan_save_track+0x18/0x40 [ 18.721679] kasan_save_alloc_info+0x3b/0x50 [ 18.722037] __kasan_kmalloc+0xb7/0xc0 [ 18.722424] __kmalloc_cache_noprof+0x189/0x420 [ 18.722905] kmalloc_double_kzfree+0xa9/0x350 [ 18.723278] kunit_try_run_case+0x1a5/0x480 [ 18.724982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.725850] kthread+0x337/0x6f0 [ 18.726180] ret_from_fork+0x41/0x80 [ 18.726555] ret_from_fork_asm+0x1a/0x30 [ 18.727684] [ 18.728121] Freed by task 212: [ 18.728262] kasan_save_stack+0x45/0x70 [ 18.728436] kasan_save_track+0x18/0x40 [ 18.729446] kasan_save_free_info+0x3f/0x60 [ 18.729806] __kasan_slab_free+0x56/0x70 [ 18.730661] kfree+0x222/0x3f0 [ 18.731009] kfree_sensitive+0x67/0x90 [ 18.731347] kmalloc_double_kzfree+0x12b/0x350 [ 18.732081] kunit_try_run_case+0x1a5/0x480 [ 18.732421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.733309] kthread+0x337/0x6f0 [ 18.733890] ret_from_fork+0x41/0x80 [ 18.734830] ret_from_fork_asm+0x1a/0x30 [ 18.735769] [ 18.736355] The buggy address belongs to the object at ffff8881017113a0 [ 18.736355] which belongs to the cache kmalloc-16 of size 16 [ 18.737908] The buggy address is located 0 bytes inside of [ 18.737908] 16-byte region [ffff8881017113a0, ffff8881017113b0) [ 18.739222] [ 18.739411] The buggy address belongs to the physical page: [ 18.740237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 18.741856] flags: 0x200000000000000(node=0|zone=2) [ 18.742372] page_type: f5(slab) [ 18.742729] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.743301] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.744726] page dumped because: kasan: bad access detected [ 18.745052] [ 18.745231] Memory state around the buggy address: [ 18.746557] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.747055] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.747905] >ffff888101711380: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.748714] ^ [ 18.749037] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.749847] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.750490] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 18.635017] ================================================================== [ 18.636079] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 18.636837] Read of size 1 at addr ffff8881017113a0 by task kunit_try_catch/212 [ 18.637359] [ 18.639097] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.639229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.639270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.639316] Call Trace: [ 18.639343] <TASK> [ 18.639380] dump_stack_lvl+0x73/0xb0 [ 18.639423] print_report+0xd1/0x650 [ 18.639512] ? __virt_addr_valid+0x1db/0x2d0 [ 18.639719] ? kmalloc_double_kzfree+0x19c/0x350 [ 18.639757] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.639790] ? kmalloc_double_kzfree+0x19c/0x350 [ 18.639829] kasan_report+0x141/0x180 [ 18.639863] ? kmalloc_double_kzfree+0x19c/0x350 [ 18.639902] ? kmalloc_double_kzfree+0x19c/0x350 [ 18.639938] __kasan_check_byte+0x3d/0x50 [ 18.639969] kfree_sensitive+0x22/0x90 [ 18.640002] kmalloc_double_kzfree+0x19c/0x350 [ 18.640037] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 18.640073] ? __schedule+0x10cc/0x2b30 [ 18.640106] ? __pfx_read_tsc+0x10/0x10 [ 18.640134] ? ktime_get_ts64+0x86/0x230 [ 18.640171] kunit_try_run_case+0x1a5/0x480 [ 18.640205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.640234] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.640267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.640301] ? __kthread_parkme+0x82/0x180 [ 18.640332] ? preempt_count_sub+0x50/0x80 [ 18.640367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.640400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.640442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.640589] kthread+0x337/0x6f0 [ 18.640653] ? trace_preempt_on+0x20/0xc0 [ 18.640721] ? __pfx_kthread+0x10/0x10 [ 18.640753] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.640785] ? calculate_sigpending+0x7b/0xa0 [ 18.640814] ? __pfx_kthread+0x10/0x10 [ 18.640844] ret_from_fork+0x41/0x80 [ 18.640873] ? __pfx_kthread+0x10/0x10 [ 18.640904] ret_from_fork_asm+0x1a/0x30 [ 18.640947] </TASK> [ 18.640962] [ 18.662873] Allocated by task 212: [ 18.663349] kasan_save_stack+0x45/0x70 [ 18.663867] kasan_save_track+0x18/0x40 [ 18.664259] kasan_save_alloc_info+0x3b/0x50 [ 18.664938] __kasan_kmalloc+0xb7/0xc0 [ 18.665345] __kmalloc_cache_noprof+0x189/0x420 [ 18.665939] kmalloc_double_kzfree+0xa9/0x350 [ 18.666303] kunit_try_run_case+0x1a5/0x480 [ 18.666997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.667472] kthread+0x337/0x6f0 [ 18.667780] ret_from_fork+0x41/0x80 [ 18.668176] ret_from_fork_asm+0x1a/0x30 [ 18.668776] [ 18.669129] Freed by task 212: [ 18.669451] kasan_save_stack+0x45/0x70 [ 18.669918] kasan_save_track+0x18/0x40 [ 18.671020] kasan_save_free_info+0x3f/0x60 [ 18.671282] __kasan_slab_free+0x56/0x70 [ 18.671572] kfree+0x222/0x3f0 [ 18.672206] kfree_sensitive+0x67/0x90 [ 18.673015] kmalloc_double_kzfree+0x12b/0x350 [ 18.674089] kunit_try_run_case+0x1a5/0x480 [ 18.674609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.675262] kthread+0x337/0x6f0 [ 18.675691] ret_from_fork+0x41/0x80 [ 18.676047] ret_from_fork_asm+0x1a/0x30 [ 18.676791] [ 18.677009] The buggy address belongs to the object at ffff8881017113a0 [ 18.677009] which belongs to the cache kmalloc-16 of size 16 [ 18.678114] The buggy address is located 0 bytes inside of [ 18.678114] freed 16-byte region [ffff8881017113a0, ffff8881017113b0) [ 18.679244] [ 18.679467] The buggy address belongs to the physical page: [ 18.680151] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101711 [ 18.681227] flags: 0x200000000000000(node=0|zone=2) [ 18.681798] page_type: f5(slab) [ 18.682218] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.682974] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.683587] page dumped because: kasan: bad access detected [ 18.684175] [ 18.684588] Memory state around the buggy address: [ 18.685049] ffff888101711280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.685719] ffff888101711300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.686386] >ffff888101711380: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.687126] ^ [ 18.687619] ffff888101711400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.688316] ffff888101711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.689094] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 18.566990] ================================================================== [ 18.567786] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 18.569056] Read of size 1 at addr ffff8881031aa528 by task kunit_try_catch/208 [ 18.569932] [ 18.570308] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.570449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.570486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.570562] Call Trace: [ 18.570602] <TASK> [ 18.570707] dump_stack_lvl+0x73/0xb0 [ 18.570799] print_report+0xd1/0x650 [ 18.570891] ? __virt_addr_valid+0x1db/0x2d0 [ 18.570962] ? kmalloc_uaf2+0x4a8/0x520 [ 18.571014] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.571048] ? kmalloc_uaf2+0x4a8/0x520 [ 18.571077] kasan_report+0x141/0x180 [ 18.571108] ? kmalloc_uaf2+0x4a8/0x520 [ 18.571142] __asan_report_load1_noabort+0x18/0x20 [ 18.571169] kmalloc_uaf2+0x4a8/0x520 [ 18.571197] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 18.571224] ? finish_task_switch.isra.0+0x153/0x700 [ 18.571255] ? __switch_to+0x5d9/0xf60 [ 18.571284] ? dequeue_task_fair+0x166/0x4e0 [ 18.571319] ? __schedule+0x10cc/0x2b30 [ 18.571352] ? __pfx_read_tsc+0x10/0x10 [ 18.571380] ? ktime_get_ts64+0x86/0x230 [ 18.571415] kunit_try_run_case+0x1a5/0x480 [ 18.571491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.571553] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.571588] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.571623] ? __kthread_parkme+0x82/0x180 [ 18.571653] ? preempt_count_sub+0x50/0x80 [ 18.571686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.571719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.571751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.571784] kthread+0x337/0x6f0 [ 18.571813] ? trace_preempt_on+0x20/0xc0 [ 18.571847] ? __pfx_kthread+0x10/0x10 [ 18.571881] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.571912] ? calculate_sigpending+0x7b/0xa0 [ 18.571942] ? __pfx_kthread+0x10/0x10 [ 18.571973] ret_from_fork+0x41/0x80 [ 18.572002] ? __pfx_kthread+0x10/0x10 [ 18.572034] ret_from_fork_asm+0x1a/0x30 [ 18.572078] </TASK> [ 18.572091] [ 18.591452] Allocated by task 208: [ 18.591828] kasan_save_stack+0x45/0x70 [ 18.592278] kasan_save_track+0x18/0x40 [ 18.593145] kasan_save_alloc_info+0x3b/0x50 [ 18.593520] __kasan_kmalloc+0xb7/0xc0 [ 18.594253] __kmalloc_cache_noprof+0x189/0x420 [ 18.594749] kmalloc_uaf2+0xc6/0x520 [ 18.595336] kunit_try_run_case+0x1a5/0x480 [ 18.595887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.596312] kthread+0x337/0x6f0 [ 18.597157] ret_from_fork+0x41/0x80 [ 18.597754] ret_from_fork_asm+0x1a/0x30 [ 18.598053] [ 18.598286] Freed by task 208: [ 18.598652] kasan_save_stack+0x45/0x70 [ 18.599336] kasan_save_track+0x18/0x40 [ 18.600016] kasan_save_free_info+0x3f/0x60 [ 18.600775] __kasan_slab_free+0x56/0x70 [ 18.601291] kfree+0x222/0x3f0 [ 18.601750] kmalloc_uaf2+0x14c/0x520 [ 18.602114] kunit_try_run_case+0x1a5/0x480 [ 18.602553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.603040] kthread+0x337/0x6f0 [ 18.603354] ret_from_fork+0x41/0x80 [ 18.603789] ret_from_fork_asm+0x1a/0x30 [ 18.604213] [ 18.604449] The buggy address belongs to the object at ffff8881031aa500 [ 18.604449] which belongs to the cache kmalloc-64 of size 64 [ 18.606666] The buggy address is located 40 bytes inside of [ 18.606666] freed 64-byte region [ffff8881031aa500, ffff8881031aa540) [ 18.608892] [ 18.609104] The buggy address belongs to the physical page: [ 18.610178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031aa [ 18.611041] flags: 0x200000000000000(node=0|zone=2) [ 18.611380] page_type: f5(slab) [ 18.611698] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.612879] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.613525] page dumped because: kasan: bad access detected [ 18.613950] [ 18.614127] Memory state around the buggy address: [ 18.614726] ffff8881031aa400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.615294] ffff8881031aa480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.615850] >ffff8881031aa500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.616578] ^ [ 18.616900] ffff8881031aa580: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 18.617325] ffff8881031aa600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.617835] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 18.504944] ================================================================== [ 18.506144] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 18.507779] Write of size 33 at addr ffff8881031aa480 by task kunit_try_catch/206 [ 18.508644] [ 18.508906] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.509036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.509074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.509134] Call Trace: [ 18.509185] <TASK> [ 18.509240] dump_stack_lvl+0x73/0xb0 [ 18.509332] print_report+0xd1/0x650 [ 18.509408] ? __virt_addr_valid+0x1db/0x2d0 [ 18.509445] ? kmalloc_uaf_memset+0x1a3/0x360 [ 18.509476] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.509863] ? kmalloc_uaf_memset+0x1a3/0x360 [ 18.509944] kasan_report+0x141/0x180 [ 18.510018] ? kmalloc_uaf_memset+0x1a3/0x360 [ 18.510102] kasan_check_range+0x10c/0x1c0 [ 18.510180] __asan_memset+0x27/0x50 [ 18.510249] kmalloc_uaf_memset+0x1a3/0x360 [ 18.510299] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 18.510335] ? __schedule+0x10cc/0x2b30 [ 18.510373] ? __pfx_read_tsc+0x10/0x10 [ 18.510404] ? ktime_get_ts64+0x86/0x230 [ 18.510574] kunit_try_run_case+0x1a5/0x480 [ 18.510623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.510656] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.510691] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.510725] ? __kthread_parkme+0x82/0x180 [ 18.510758] ? preempt_count_sub+0x50/0x80 [ 18.510792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.510825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.510856] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.510889] kthread+0x337/0x6f0 [ 18.510920] ? trace_preempt_on+0x20/0xc0 [ 18.510955] ? __pfx_kthread+0x10/0x10 [ 18.510987] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.511018] ? calculate_sigpending+0x7b/0xa0 [ 18.511048] ? __pfx_kthread+0x10/0x10 [ 18.511081] ret_from_fork+0x41/0x80 [ 18.511110] ? __pfx_kthread+0x10/0x10 [ 18.511141] ret_from_fork_asm+0x1a/0x30 [ 18.511184] </TASK> [ 18.511198] [ 18.533479] Allocated by task 206: [ 18.534018] kasan_save_stack+0x45/0x70 [ 18.534418] kasan_save_track+0x18/0x40 [ 18.535622] kasan_save_alloc_info+0x3b/0x50 [ 18.536042] __kasan_kmalloc+0xb7/0xc0 [ 18.536420] __kmalloc_cache_noprof+0x189/0x420 [ 18.536828] kmalloc_uaf_memset+0xa9/0x360 [ 18.537259] kunit_try_run_case+0x1a5/0x480 [ 18.538567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.539584] kthread+0x337/0x6f0 [ 18.539895] ret_from_fork+0x41/0x80 [ 18.540379] ret_from_fork_asm+0x1a/0x30 [ 18.540963] [ 18.541142] Freed by task 206: [ 18.541611] kasan_save_stack+0x45/0x70 [ 18.542154] kasan_save_track+0x18/0x40 [ 18.542588] kasan_save_free_info+0x3f/0x60 [ 18.542992] __kasan_slab_free+0x56/0x70 [ 18.543658] kfree+0x222/0x3f0 [ 18.544027] kmalloc_uaf_memset+0x12b/0x360 [ 18.544585] kunit_try_run_case+0x1a5/0x480 [ 18.544946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.545990] kthread+0x337/0x6f0 [ 18.546288] ret_from_fork+0x41/0x80 [ 18.547131] ret_from_fork_asm+0x1a/0x30 [ 18.547492] [ 18.548019] The buggy address belongs to the object at ffff8881031aa480 [ 18.548019] which belongs to the cache kmalloc-64 of size 64 [ 18.549051] The buggy address is located 0 bytes inside of [ 18.549051] freed 64-byte region [ffff8881031aa480, ffff8881031aa4c0) [ 18.549892] [ 18.550351] The buggy address belongs to the physical page: [ 18.550996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031aa [ 18.551895] flags: 0x200000000000000(node=0|zone=2) [ 18.552358] page_type: f5(slab) [ 18.552747] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.553395] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.554165] page dumped because: kasan: bad access detected [ 18.554552] [ 18.554976] Memory state around the buggy address: [ 18.555460] ffff8881031aa380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.556298] ffff8881031aa400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.556975] >ffff8881031aa480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.557761] ^ [ 18.558165] ffff8881031aa500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.558935] ffff8881031aa580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.559570] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 18.446381] ================================================================== [ 18.447376] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 18.448878] Read of size 1 at addr ffff8881021e3ee8 by task kunit_try_catch/204 [ 18.449837] [ 18.450057] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.450124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.450140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.450169] Call Trace: [ 18.450187] <TASK> [ 18.450208] dump_stack_lvl+0x73/0xb0 [ 18.450246] print_report+0xd1/0x650 [ 18.450279] ? __virt_addr_valid+0x1db/0x2d0 [ 18.450311] ? kmalloc_uaf+0x320/0x380 [ 18.450338] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.450368] ? kmalloc_uaf+0x320/0x380 [ 18.450396] kasan_report+0x141/0x180 [ 18.450428] ? kmalloc_uaf+0x320/0x380 [ 18.450966] __asan_report_load1_noabort+0x18/0x20 [ 18.451048] kmalloc_uaf+0x320/0x380 [ 18.451122] ? __pfx_kmalloc_uaf+0x10/0x10 [ 18.451193] ? __schedule+0x10cc/0x2b30 [ 18.451271] ? __pfx_read_tsc+0x10/0x10 [ 18.451342] ? ktime_get_ts64+0x86/0x230 [ 18.451448] kunit_try_run_case+0x1a5/0x480 [ 18.451551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.451623] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.451694] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.451774] ? __kthread_parkme+0x82/0x180 [ 18.451849] ? preempt_count_sub+0x50/0x80 [ 18.451938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.452025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.452098] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.452172] kthread+0x337/0x6f0 [ 18.452238] ? trace_preempt_on+0x20/0xc0 [ 18.452300] ? __pfx_kthread+0x10/0x10 [ 18.452366] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.452433] ? calculate_sigpending+0x7b/0xa0 [ 18.452532] ? __pfx_kthread+0x10/0x10 [ 18.452608] ret_from_fork+0x41/0x80 [ 18.452640] ? __pfx_kthread+0x10/0x10 [ 18.452671] ret_from_fork_asm+0x1a/0x30 [ 18.452715] </TASK> [ 18.452731] [ 18.469611] Allocated by task 204: [ 18.470043] kasan_save_stack+0x45/0x70 [ 18.471197] kasan_save_track+0x18/0x40 [ 18.471656] kasan_save_alloc_info+0x3b/0x50 [ 18.472129] __kasan_kmalloc+0xb7/0xc0 [ 18.472584] __kmalloc_cache_noprof+0x189/0x420 [ 18.473026] kmalloc_uaf+0xaa/0x380 [ 18.473362] kunit_try_run_case+0x1a5/0x480 [ 18.473904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.474278] kthread+0x337/0x6f0 [ 18.474667] ret_from_fork+0x41/0x80 [ 18.475063] ret_from_fork_asm+0x1a/0x30 [ 18.475582] [ 18.475813] Freed by task 204: [ 18.476150] kasan_save_stack+0x45/0x70 [ 18.477278] kasan_save_track+0x18/0x40 [ 18.477814] kasan_save_free_info+0x3f/0x60 [ 18.478449] __kasan_slab_free+0x56/0x70 [ 18.478805] kfree+0x222/0x3f0 [ 18.479075] kmalloc_uaf+0x12c/0x380 [ 18.479359] kunit_try_run_case+0x1a5/0x480 [ 18.480086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.481465] kthread+0x337/0x6f0 [ 18.481808] ret_from_fork+0x41/0x80 [ 18.482207] ret_from_fork_asm+0x1a/0x30 [ 18.483367] [ 18.483636] The buggy address belongs to the object at ffff8881021e3ee0 [ 18.483636] which belongs to the cache kmalloc-16 of size 16 [ 18.484204] The buggy address is located 8 bytes inside of [ 18.484204] freed 16-byte region [ffff8881021e3ee0, ffff8881021e3ef0) [ 18.485686] [ 18.485921] The buggy address belongs to the physical page: [ 18.487122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1021e3 [ 18.487985] flags: 0x200000000000000(node=0|zone=2) [ 18.488298] page_type: f5(slab) [ 18.489147] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.490339] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.491374] page dumped because: kasan: bad access detected [ 18.491995] [ 18.492619] Memory state around the buggy address: [ 18.493314] ffff8881021e3d80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 18.494213] ffff8881021e3e00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 18.494992] >ffff8881021e3e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.495333] ^ [ 18.495720] ffff8881021e3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.496317] ffff8881021e3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.497032] ==================================================================
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
[ 141.601919] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 57.074935] ================================================================== [ 57.075612] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 57.075612] [ 57.076255] Use-after-free read at 0x(____ptrval____) (in kfence-#161): [ 57.076692] test_krealloc+0x6fc/0xbe0 [ 57.077155] kunit_try_run_case+0x1a5/0x480 [ 57.077672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 57.078155] kthread+0x337/0x6f0 [ 57.078498] ret_from_fork+0x41/0x80 [ 57.078982] ret_from_fork_asm+0x1a/0x30 [ 57.079404] [ 57.079671] kfence-#161: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 57.079671] [ 57.080276] allocated by task 357 on cpu 0 at 57.074019s (0.006252s ago): [ 57.081108] test_alloc+0x364/0x10f0 [ 57.081469] test_krealloc+0xad/0xbe0 [ 57.081782] kunit_try_run_case+0x1a5/0x480 [ 57.082348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 57.082891] kthread+0x337/0x6f0 [ 57.083220] ret_from_fork+0x41/0x80 [ 57.083754] ret_from_fork_asm+0x1a/0x30 [ 57.084080] [ 57.084310] freed by task 357 on cpu 0 at 57.074308s (0.009996s ago): [ 57.085133] krealloc_noprof+0x108/0x340 [ 57.085493] test_krealloc+0x226/0xbe0 [ 57.085917] kunit_try_run_case+0x1a5/0x480 [ 57.086481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 57.086884] kthread+0x337/0x6f0 [ 57.087174] ret_from_fork+0x41/0x80 [ 57.087580] ret_from_fork_asm+0x1a/0x30 [ 57.088057] [ 57.088346] CPU: 0 UID: 0 PID: 357 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 57.089227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 57.089568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 57.090369] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 18.391920] ================================================================== [ 18.393276] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.394442] Read of size 64 at addr ffff8881031aa204 by task kunit_try_catch/202 [ 18.395664] [ 18.395901] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.396022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.396052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.396098] Call Trace: [ 18.396139] <TASK> [ 18.396187] dump_stack_lvl+0x73/0xb0 [ 18.396262] print_report+0xd1/0x650 [ 18.396323] ? __virt_addr_valid+0x1db/0x2d0 [ 18.396383] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.396450] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.396531] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.396733] kasan_report+0x141/0x180 [ 18.396876] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.396971] kasan_check_range+0x10c/0x1c0 [ 18.397048] __asan_memmove+0x27/0x70 [ 18.397110] kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.397185] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 18.397265] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 18.397354] kunit_try_run_case+0x1a5/0x480 [ 18.397547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.397630] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.397671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.397705] ? __kthread_parkme+0x82/0x180 [ 18.397738] ? preempt_count_sub+0x50/0x80 [ 18.397773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.397805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.397839] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.397869] kthread+0x337/0x6f0 [ 18.397898] ? trace_preempt_on+0x20/0xc0 [ 18.397935] ? __pfx_kthread+0x10/0x10 [ 18.397965] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.397994] ? calculate_sigpending+0x7b/0xa0 [ 18.398024] ? __pfx_kthread+0x10/0x10 [ 18.398054] ret_from_fork+0x41/0x80 [ 18.398084] ? __pfx_kthread+0x10/0x10 [ 18.398114] ret_from_fork_asm+0x1a/0x30 [ 18.398158] </TASK> [ 18.398173] [ 18.419044] Allocated by task 202: [ 18.419431] kasan_save_stack+0x45/0x70 [ 18.419904] kasan_save_track+0x18/0x40 [ 18.420249] kasan_save_alloc_info+0x3b/0x50 [ 18.421442] __kasan_kmalloc+0xb7/0xc0 [ 18.422328] __kmalloc_cache_noprof+0x189/0x420 [ 18.422901] kmalloc_memmove_invalid_size+0xac/0x330 [ 18.423287] kunit_try_run_case+0x1a5/0x480 [ 18.424662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.425067] kthread+0x337/0x6f0 [ 18.425659] ret_from_fork+0x41/0x80 [ 18.426244] ret_from_fork_asm+0x1a/0x30 [ 18.426815] [ 18.427047] The buggy address belongs to the object at ffff8881031aa200 [ 18.427047] which belongs to the cache kmalloc-64 of size 64 [ 18.428109] The buggy address is located 4 bytes inside of [ 18.428109] allocated 64-byte region [ffff8881031aa200, ffff8881031aa240) [ 18.428560] [ 18.428744] The buggy address belongs to the physical page: [ 18.429821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031aa [ 18.430819] flags: 0x200000000000000(node=0|zone=2) [ 18.431244] page_type: f5(slab) [ 18.431797] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.432551] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.433195] page dumped because: kasan: bad access detected [ 18.433868] [ 18.434079] Memory state around the buggy address: [ 18.435199] ffff8881031aa100: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 18.436312] ffff8881031aa180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.437019] >ffff8881031aa200: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.438624] ^ [ 18.439128] ffff8881031aa280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.439791] ffff8881031aa300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.440295] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 18.328176] ================================================================== [ 18.330212] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 18.331314] Read of size 18446744073709551614 at addr ffff888102975104 by task kunit_try_catch/200 [ 18.332696] [ 18.333178] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.333341] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.333374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.333422] Call Trace: [ 18.333472] <TASK> [ 18.333555] dump_stack_lvl+0x73/0xb0 [ 18.333654] print_report+0xd1/0x650 [ 18.333716] ? __virt_addr_valid+0x1db/0x2d0 [ 18.333751] ? kmalloc_memmove_negative_size+0x171/0x330 [ 18.333787] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.333818] ? kmalloc_memmove_negative_size+0x171/0x330 [ 18.333854] kasan_report+0x141/0x180 [ 18.333885] ? kmalloc_memmove_negative_size+0x171/0x330 [ 18.333926] kasan_check_range+0x10c/0x1c0 [ 18.333959] __asan_memmove+0x27/0x70 [ 18.333986] kmalloc_memmove_negative_size+0x171/0x330 [ 18.334020] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 18.334056] ? __schedule+0x10cc/0x2b30 [ 18.334089] ? __pfx_read_tsc+0x10/0x10 [ 18.334116] ? ktime_get_ts64+0x86/0x230 [ 18.334153] kunit_try_run_case+0x1a5/0x480 [ 18.334187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.334216] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.334251] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.334285] ? __kthread_parkme+0x82/0x180 [ 18.334315] ? preempt_count_sub+0x50/0x80 [ 18.334349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.334380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.334411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.334513] kthread+0x337/0x6f0 [ 18.334585] ? trace_preempt_on+0x20/0xc0 [ 18.334623] ? __pfx_kthread+0x10/0x10 [ 18.334654] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.334684] ? calculate_sigpending+0x7b/0xa0 [ 18.334714] ? __pfx_kthread+0x10/0x10 [ 18.334744] ret_from_fork+0x41/0x80 [ 18.334772] ? __pfx_kthread+0x10/0x10 [ 18.334802] ret_from_fork_asm+0x1a/0x30 [ 18.334846] </TASK> [ 18.334862] [ 18.359946] Allocated by task 200: [ 18.360261] kasan_save_stack+0x45/0x70 [ 18.361980] kasan_save_track+0x18/0x40 [ 18.363367] kasan_save_alloc_info+0x3b/0x50 [ 18.364175] __kasan_kmalloc+0xb7/0xc0 [ 18.364801] __kmalloc_cache_noprof+0x189/0x420 [ 18.365232] kmalloc_memmove_negative_size+0xac/0x330 [ 18.366324] kunit_try_run_case+0x1a5/0x480 [ 18.367064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.367748] kthread+0x337/0x6f0 [ 18.368107] ret_from_fork+0x41/0x80 [ 18.368981] ret_from_fork_asm+0x1a/0x30 [ 18.369325] [ 18.369658] The buggy address belongs to the object at ffff888102975100 [ 18.369658] which belongs to the cache kmalloc-64 of size 64 [ 18.371020] The buggy address is located 4 bytes inside of [ 18.371020] 64-byte region [ffff888102975100, ffff888102975140) [ 18.372310] [ 18.372751] The buggy address belongs to the physical page: [ 18.373340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102975 [ 18.374372] flags: 0x200000000000000(node=0|zone=2) [ 18.375228] page_type: f5(slab) [ 18.375838] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.376385] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.377488] page dumped because: kasan: bad access detected [ 18.378091] [ 18.378244] Memory state around the buggy address: [ 18.379359] ffff888102975000: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 18.379951] ffff888102975080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.380892] >ffff888102975100: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.381408] ^ [ 18.382317] ffff888102975180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.383061] ffff888102975200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.384067] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 18.272340] ================================================================== [ 18.273436] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 18.274312] Write of size 16 at addr ffff888102968e69 by task kunit_try_catch/198 [ 18.275393] [ 18.275971] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.276112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.276143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.276196] Call Trace: [ 18.276238] <TASK> [ 18.276285] dump_stack_lvl+0x73/0xb0 [ 18.276364] print_report+0xd1/0x650 [ 18.276451] ? __virt_addr_valid+0x1db/0x2d0 [ 18.276603] ? kmalloc_oob_memset_16+0x166/0x330 [ 18.276638] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.276668] ? kmalloc_oob_memset_16+0x166/0x330 [ 18.276699] kasan_report+0x141/0x180 [ 18.276729] ? kmalloc_oob_memset_16+0x166/0x330 [ 18.276767] kasan_check_range+0x10c/0x1c0 [ 18.276801] __asan_memset+0x27/0x50 [ 18.276827] kmalloc_oob_memset_16+0x166/0x330 [ 18.276858] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 18.276890] ? __schedule+0x10cc/0x2b30 [ 18.276924] ? __pfx_read_tsc+0x10/0x10 [ 18.276951] ? ktime_get_ts64+0x86/0x230 [ 18.276986] kunit_try_run_case+0x1a5/0x480 [ 18.277018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.277047] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.277079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.277111] ? __kthread_parkme+0x82/0x180 [ 18.277140] ? preempt_count_sub+0x50/0x80 [ 18.277173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.277203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.277233] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.277262] kthread+0x337/0x6f0 [ 18.277292] ? trace_preempt_on+0x20/0xc0 [ 18.277323] ? __pfx_kthread+0x10/0x10 [ 18.277352] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.277381] ? calculate_sigpending+0x7b/0xa0 [ 18.277409] ? __pfx_kthread+0x10/0x10 [ 18.277517] ret_from_fork+0x41/0x80 [ 18.277602] ? __pfx_kthread+0x10/0x10 [ 18.277636] ret_from_fork_asm+0x1a/0x30 [ 18.277681] </TASK> [ 18.277695] [ 18.298186] Allocated by task 198: [ 18.299075] kasan_save_stack+0x45/0x70 [ 18.299910] kasan_save_track+0x18/0x40 [ 18.300702] kasan_save_alloc_info+0x3b/0x50 [ 18.301079] __kasan_kmalloc+0xb7/0xc0 [ 18.301394] __kmalloc_cache_noprof+0x189/0x420 [ 18.302284] kmalloc_oob_memset_16+0xac/0x330 [ 18.302943] kunit_try_run_case+0x1a5/0x480 [ 18.303274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.304391] kthread+0x337/0x6f0 [ 18.304676] ret_from_fork+0x41/0x80 [ 18.305709] ret_from_fork_asm+0x1a/0x30 [ 18.306314] [ 18.306586] The buggy address belongs to the object at ffff888102968e00 [ 18.306586] which belongs to the cache kmalloc-128 of size 128 [ 18.308241] The buggy address is located 105 bytes inside of [ 18.308241] allocated 120-byte region [ffff888102968e00, ffff888102968e78) [ 18.309478] [ 18.310149] The buggy address belongs to the physical page: [ 18.310593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102968 [ 18.311831] flags: 0x200000000000000(node=0|zone=2) [ 18.312249] page_type: f5(slab) [ 18.312834] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.313436] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.314137] page dumped because: kasan: bad access detected [ 18.314788] [ 18.314973] Memory state around the buggy address: [ 18.315510] ffff888102968d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.316368] ffff888102968d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.317101] >ffff888102968e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.317900] ^ [ 18.318597] ffff888102968e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.319249] ffff888102968f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.320002] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 18.221966] ================================================================== [ 18.222851] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 18.224677] Write of size 8 at addr ffff888102968d71 by task kunit_try_catch/196 [ 18.225569] [ 18.226061] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.226233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.226280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.226338] Call Trace: [ 18.226382] <TASK> [ 18.226408] dump_stack_lvl+0x73/0xb0 [ 18.226553] print_report+0xd1/0x650 [ 18.226635] ? __virt_addr_valid+0x1db/0x2d0 [ 18.226683] ? kmalloc_oob_memset_8+0x166/0x330 [ 18.226716] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.226747] ? kmalloc_oob_memset_8+0x166/0x330 [ 18.226777] kasan_report+0x141/0x180 [ 18.226809] ? kmalloc_oob_memset_8+0x166/0x330 [ 18.226846] kasan_check_range+0x10c/0x1c0 [ 18.226879] __asan_memset+0x27/0x50 [ 18.226905] kmalloc_oob_memset_8+0x166/0x330 [ 18.226936] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 18.226967] ? __schedule+0x10cc/0x2b30 [ 18.227001] ? __pfx_read_tsc+0x10/0x10 [ 18.227029] ? ktime_get_ts64+0x86/0x230 [ 18.227064] kunit_try_run_case+0x1a5/0x480 [ 18.227097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.227126] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.227158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.227190] ? __kthread_parkme+0x82/0x180 [ 18.227219] ? preempt_count_sub+0x50/0x80 [ 18.227252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.227283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.227312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.227342] kthread+0x337/0x6f0 [ 18.227370] ? trace_preempt_on+0x20/0xc0 [ 18.227402] ? __pfx_kthread+0x10/0x10 [ 18.227457] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.227582] ? calculate_sigpending+0x7b/0xa0 [ 18.227624] ? __pfx_kthread+0x10/0x10 [ 18.227655] ret_from_fork+0x41/0x80 [ 18.227684] ? __pfx_kthread+0x10/0x10 [ 18.227714] ret_from_fork_asm+0x1a/0x30 [ 18.227757] </TASK> [ 18.227771] [ 18.246026] Allocated by task 196: [ 18.246806] kasan_save_stack+0x45/0x70 [ 18.247210] kasan_save_track+0x18/0x40 [ 18.247852] kasan_save_alloc_info+0x3b/0x50 [ 18.248404] __kasan_kmalloc+0xb7/0xc0 [ 18.248899] __kmalloc_cache_noprof+0x189/0x420 [ 18.249350] kmalloc_oob_memset_8+0xac/0x330 [ 18.249921] kunit_try_run_case+0x1a5/0x480 [ 18.250583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.251141] kthread+0x337/0x6f0 [ 18.251850] ret_from_fork+0x41/0x80 [ 18.252325] ret_from_fork_asm+0x1a/0x30 [ 18.253137] [ 18.253320] The buggy address belongs to the object at ffff888102968d00 [ 18.253320] which belongs to the cache kmalloc-128 of size 128 [ 18.255198] The buggy address is located 113 bytes inside of [ 18.255198] allocated 120-byte region [ffff888102968d00, ffff888102968d78) [ 18.256163] [ 18.256686] The buggy address belongs to the physical page: [ 18.257189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102968 [ 18.257917] flags: 0x200000000000000(node=0|zone=2) [ 18.258695] page_type: f5(slab) [ 18.259137] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.259925] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.260510] page dumped because: kasan: bad access detected [ 18.260990] [ 18.261217] Memory state around the buggy address: [ 18.261938] ffff888102968c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.262456] ffff888102968c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.263157] >ffff888102968d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.263752] ^ [ 18.265021] ffff888102968d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.265847] ffff888102968e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.266355] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 18.179933] ================================================================== [ 18.180728] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 18.181397] Write of size 4 at addr ffff888103199a75 by task kunit_try_catch/194 [ 18.182729] [ 18.182983] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 18.183112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.183143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.183173] Call Trace: [ 18.183191] <TASK> [ 18.183213] dump_stack_lvl+0x73/0xb0 [ 18.183252] print_report+0xd1/0x650 [ 18.183319] ? __virt_addr_valid+0x1db/0x2d0 [ 18.183370] ? kmalloc_oob_memset_4+0x166/0x330 [ 18.183405] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.183448] ? kmalloc_oob_memset_4+0x166/0x330 [ 18.183533] kasan_report+0x141/0x180 [ 18.183614] ? kmalloc_oob_memset_4+0x166/0x330 [ 18.183695] kasan_check_range+0x10c/0x1c0 [ 18.183737] __asan_memset+0x27/0x50 [ 18.183768] kmalloc_oob_memset_4+0x166/0x330 [ 18.183804] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 18.183848] kunit_try_run_case+0x1a5/0x480 [ 18.183884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.183914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.183949] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.183982] ? __kthread_parkme+0x82/0x180 [ 18.184012] ? preempt_count_sub+0x50/0x80 [ 18.184046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.184079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.184110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.184141] kthread+0x337/0x6f0 [ 18.184171] ? trace_preempt_on+0x20/0xc0 [ 18.184205] ? __pfx_kthread+0x10/0x10 [ 18.184237] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.184269] ? calculate_sigpending+0x7b/0xa0 [ 18.184299] ? __pfx_kthread+0x10/0x10 [ 18.184331] ret_from_fork+0x41/0x80 [ 18.184362] ? __pfx_kthread+0x10/0x10 [ 18.184394] ret_from_fork_asm+0x1a/0x30 [ 18.184549] </TASK> [ 18.184592] [ 18.197912] Allocated by task 194: [ 18.198396] kasan_save_stack+0x45/0x70 [ 18.198906] kasan_save_track+0x18/0x40 [ 18.199360] kasan_save_alloc_info+0x3b/0x50 [ 18.199856] __kasan_kmalloc+0xb7/0xc0 [ 18.200275] __kmalloc_cache_noprof+0x189/0x420 [ 18.200802] kmalloc_oob_memset_4+0xac/0x330 [ 18.201187] kunit_try_run_case+0x1a5/0x480 [ 18.201682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.202226] kthread+0x337/0x6f0 [ 18.202692] ret_from_fork+0x41/0x80 [ 18.203015] ret_from_fork_asm+0x1a/0x30 [ 18.203339] [ 18.203607] The buggy address belongs to the object at ffff888103199a00 [ 18.203607] which belongs to the cache kmalloc-128 of size 128 [ 18.204762] The buggy address is located 117 bytes inside of [ 18.204762] allocated 120-byte region [ffff888103199a00, ffff888103199a78) [ 18.205638] [ 18.205857] The buggy address belongs to the physical page: [ 18.206387] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 18.207198] flags: 0x200000000000000(node=0|zone=2) [ 18.207793] page_type: f5(slab) [ 18.208211] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.208779] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.209317] page dumped because: kasan: bad access detected [ 18.209927] [ 18.210196] Memory state around the buggy address: [ 18.210765] ffff888103199900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.211360] ffff888103199980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.212021] >ffff888103199a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.212603] ^ [ 18.213279] ffff888103199a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.213988] ffff888103199b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.214579] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 56.978172] ================================================================== [ 56.978808] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 56.978808] [ 56.979602] Use-after-free read at 0x(____ptrval____) (in kfence-#160): [ 56.980100] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 56.980509] kunit_try_run_case+0x1a5/0x480 [ 56.980956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 56.981659] kthread+0x337/0x6f0 [ 56.982534] ret_from_fork+0x41/0x80 [ 56.983321] ret_from_fork_asm+0x1a/0x30 [ 56.983900] [ 56.984188] kfence-#160: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 56.984188] [ 56.985006] allocated by task 355 on cpu 1 at 56.971948s (0.013052s ago): [ 56.985757] test_alloc+0x2a6/0x10f0 [ 56.986133] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 56.986667] kunit_try_run_case+0x1a5/0x480 [ 56.987113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 56.987964] kthread+0x337/0x6f0 [ 56.988241] ret_from_fork+0x41/0x80 [ 56.988777] ret_from_fork_asm+0x1a/0x30 [ 56.989112] [ 56.989341] freed by task 355 on cpu 1 at 56.972114s (0.017221s ago): [ 56.989810] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 56.990304] kunit_try_run_case+0x1a5/0x480 [ 56.990765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 56.991252] kthread+0x337/0x6f0 [ 56.991640] ret_from_fork+0x41/0x80 [ 56.991992] ret_from_fork_asm+0x1a/0x30 [ 56.992412] [ 56.992725] CPU: 1 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 56.993556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 56.994134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 56.995049] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 32.758419] ================================================================== [ 32.759253] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 32.759253] [ 32.760152] Invalid read at 0x(____ptrval____): [ 32.760679] test_invalid_access+0xf0/0x210 [ 32.762088] kunit_try_run_case+0x1a5/0x480 [ 32.762856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.763381] kthread+0x337/0x6f0 [ 32.763966] ret_from_fork+0x41/0x80 [ 32.764436] ret_from_fork_asm+0x1a/0x30 [ 32.765216] [ 32.765775] CPU: 1 UID: 0 PID: 351 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 32.766943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.767320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.768032] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 32.530574] ================================================================== [ 32.531161] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 32.531161] [ 32.532439] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#156): [ 32.533834] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 32.534057] kunit_try_run_case+0x1a5/0x480 [ 32.534233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.534576] kthread+0x337/0x6f0 [ 32.535029] ret_from_fork+0x41/0x80 [ 32.535353] ret_from_fork_asm+0x1a/0x30 [ 32.535724] [ 32.535913] kfence-#156: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 32.535913] [ 32.536634] allocated by task 345 on cpu 1 at 32.530149s (0.006480s ago): [ 32.537241] test_alloc+0x364/0x10f0 [ 32.537700] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 32.538102] kunit_try_run_case+0x1a5/0x480 [ 32.538616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.539149] kthread+0x337/0x6f0 [ 32.539587] ret_from_fork+0x41/0x80 [ 32.540016] ret_from_fork_asm+0x1a/0x30 [ 32.540461] [ 32.540676] freed by task 345 on cpu 1 at 32.530365s (0.010305s ago): [ 32.541164] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 32.541752] kunit_try_run_case+0x1a5/0x480 [ 32.542195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.542750] kthread+0x337/0x6f0 [ 32.543096] ret_from_fork+0x41/0x80 [ 32.543492] ret_from_fork_asm+0x1a/0x30 [ 32.543927] [ 32.544210] CPU: 1 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 32.545207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.545660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.546418] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 32.426716] ================================================================== [ 32.427259] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 32.427259] [ 32.428210] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#155): [ 32.430177] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 32.430707] kunit_try_run_case+0x1a5/0x480 [ 32.431141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.432031] kthread+0x337/0x6f0 [ 32.432555] ret_from_fork+0x41/0x80 [ 32.432859] ret_from_fork_asm+0x1a/0x30 [ 32.433308] [ 32.433576] kfence-#155: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 32.433576] [ 32.434620] allocated by task 343 on cpu 0 at 32.426263s (0.008351s ago): [ 32.435139] test_alloc+0x364/0x10f0 [ 32.435543] test_kmalloc_aligned_oob_read+0x105/0x560 [ 32.435984] kunit_try_run_case+0x1a5/0x480 [ 32.436320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.436772] kthread+0x337/0x6f0 [ 32.437125] ret_from_fork+0x41/0x80 [ 32.437538] ret_from_fork_asm+0x1a/0x30 [ 32.438240] [ 32.438715] CPU: 0 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 32.440288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.441261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.442101] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 28.163395] ================================================================== [ 28.163982] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 28.163982] [ 28.165456] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#114): [ 28.168940] test_corruption+0x131/0x3e0 [ 28.170194] kunit_try_run_case+0x1a5/0x480 [ 28.171261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.171603] kthread+0x337/0x6f0 [ 28.171867] ret_from_fork+0x41/0x80 [ 28.172987] ret_from_fork_asm+0x1a/0x30 [ 28.173446] [ 28.173725] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.173725] [ 28.174422] allocated by task 333 on cpu 0 at 28.163191s (0.011225s ago): [ 28.175156] test_alloc+0x2a6/0x10f0 [ 28.175620] test_corruption+0xe6/0x3e0 [ 28.176065] kunit_try_run_case+0x1a5/0x480 [ 28.176624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.177132] kthread+0x337/0x6f0 [ 28.177635] ret_from_fork+0x41/0x80 [ 28.178076] ret_from_fork_asm+0x1a/0x30 [ 28.178527] [ 28.178770] freed by task 333 on cpu 0 at 28.163276s (0.015488s ago): [ 28.179505] test_corruption+0x131/0x3e0 [ 28.179872] kunit_try_run_case+0x1a5/0x480 [ 28.180338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.180885] kthread+0x337/0x6f0 [ 28.181291] ret_from_fork+0x41/0x80 [ 28.181794] ret_from_fork_asm+0x1a/0x30 [ 28.182188] [ 28.182523] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 28.183504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.183895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.184721] ================================================================== [ 28.058544] ================================================================== [ 28.059108] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 28.059108] [ 28.059814] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#113): [ 28.060497] test_corruption+0x2df/0x3e0 [ 28.060853] kunit_try_run_case+0x1a5/0x480 [ 28.061304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.061960] kthread+0x337/0x6f0 [ 28.062365] ret_from_fork+0x41/0x80 [ 28.062884] ret_from_fork_asm+0x1a/0x30 [ 28.063259] [ 28.063507] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 28.063507] [ 28.064430] allocated by task 331 on cpu 1 at 28.058107s (0.006318s ago): [ 28.065032] test_alloc+0x364/0x10f0 [ 28.065437] test_corruption+0x1cb/0x3e0 [ 28.065980] kunit_try_run_case+0x1a5/0x480 [ 28.066318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.066923] kthread+0x337/0x6f0 [ 28.067256] ret_from_fork+0x41/0x80 [ 28.067834] ret_from_fork_asm+0x1a/0x30 [ 28.068195] [ 28.068392] freed by task 331 on cpu 1 at 28.058267s (0.010119s ago): [ 28.068916] test_corruption+0x2df/0x3e0 [ 28.069401] kunit_try_run_case+0x1a5/0x480 [ 28.069961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.070372] kthread+0x337/0x6f0 [ 28.070783] ret_from_fork+0x41/0x80 [ 28.071205] ret_from_fork_asm+0x1a/0x30 [ 28.071813] [ 28.072063] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 28.073022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.073349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.074280] ================================================================== [ 28.578324] ================================================================== [ 28.578973] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 28.578973] [ 28.580225] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#118): [ 28.580946] test_corruption+0x216/0x3e0 [ 28.581371] kunit_try_run_case+0x1a5/0x480 [ 28.581827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.582842] kthread+0x337/0x6f0 [ 28.583142] ret_from_fork+0x41/0x80 [ 28.583561] ret_from_fork_asm+0x1a/0x30 [ 28.583914] [ 28.584160] kfence-#118: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.584160] [ 28.584870] allocated by task 333 on cpu 0 at 28.578099s (0.006765s ago): [ 28.585732] test_alloc+0x2a6/0x10f0 [ 28.586597] test_corruption+0x1cb/0x3e0 [ 28.587318] kunit_try_run_case+0x1a5/0x480 [ 28.587919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.588425] kthread+0x337/0x6f0 [ 28.588871] ret_from_fork+0x41/0x80 [ 28.589346] ret_from_fork_asm+0x1a/0x30 [ 28.590088] [ 28.590305] freed by task 333 on cpu 0 at 28.578178s (0.012120s ago): [ 28.591244] test_corruption+0x216/0x3e0 [ 28.591966] kunit_try_run_case+0x1a5/0x480 [ 28.592584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.593260] kthread+0x337/0x6f0 [ 28.594033] ret_from_fork+0x41/0x80 [ 28.594378] ret_from_fork_asm+0x1a/0x30 [ 28.594863] [ 28.595549] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 28.596316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.596783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.597822] ================================================================== [ 27.954448] ================================================================== [ 27.955073] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 27.955073] [ 27.955767] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#112): [ 27.957514] test_corruption+0x2d2/0x3e0 [ 27.957924] kunit_try_run_case+0x1a5/0x480 [ 27.958368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.958828] kthread+0x337/0x6f0 [ 27.959215] ret_from_fork+0x41/0x80 [ 27.959689] ret_from_fork_asm+0x1a/0x30 [ 27.960102] [ 27.960347] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.960347] [ 27.961123] allocated by task 331 on cpu 1 at 27.954070s (0.007048s ago): [ 27.961787] test_alloc+0x364/0x10f0 [ 27.962286] test_corruption+0xe6/0x3e0 [ 27.962764] kunit_try_run_case+0x1a5/0x480 [ 27.963143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.963693] kthread+0x337/0x6f0 [ 27.964014] ret_from_fork+0x41/0x80 [ 27.964413] ret_from_fork_asm+0x1a/0x30 [ 27.964772] [ 27.964949] freed by task 331 on cpu 1 at 27.954209s (0.010734s ago): [ 27.965625] test_corruption+0x2d2/0x3e0 [ 27.966036] kunit_try_run_case+0x1a5/0x480 [ 27.966518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.966982] kthread+0x337/0x6f0 [ 27.967353] ret_from_fork+0x41/0x80 [ 27.967754] ret_from_fork_asm+0x1a/0x30 [ 27.968081] [ 27.968318] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 27.969310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.969706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.970502] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 27.746283] ================================================================== [ 27.747313] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 27.747313] [ 27.748059] Invalid free of 0x(____ptrval____) (in kfence-#110): [ 27.748281] test_invalid_addr_free+0x1e1/0x260 [ 27.749378] kunit_try_run_case+0x1a5/0x480 [ 27.749808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.750225] kthread+0x337/0x6f0 [ 27.750947] ret_from_fork+0x41/0x80 [ 27.751891] ret_from_fork_asm+0x1a/0x30 [ 27.752287] [ 27.752744] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.752744] [ 27.753444] allocated by task 327 on cpu 1 at 27.746097s (0.007345s ago): [ 27.754391] test_alloc+0x364/0x10f0 [ 27.754771] test_invalid_addr_free+0xdb/0x260 [ 27.755247] kunit_try_run_case+0x1a5/0x480 [ 27.755927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.756896] kthread+0x337/0x6f0 [ 27.757193] ret_from_fork+0x41/0x80 [ 27.757838] ret_from_fork_asm+0x1a/0x30 [ 27.758367] [ 27.758749] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 27.759980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.760324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.761267] ================================================================== [ 27.850107] ================================================================== [ 27.850737] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 27.850737] [ 27.851366] Invalid free of 0x(____ptrval____) (in kfence-#111): [ 27.851771] test_invalid_addr_free+0xfb/0x260 [ 27.852255] kunit_try_run_case+0x1a5/0x480 [ 27.852709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.853102] kthread+0x337/0x6f0 [ 27.853519] ret_from_fork+0x41/0x80 [ 27.853949] ret_from_fork_asm+0x1a/0x30 [ 27.854389] [ 27.854656] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.854656] [ 27.855310] allocated by task 329 on cpu 0 at 27.849970s (0.005334s ago): [ 27.855999] test_alloc+0x2a6/0x10f0 [ 27.856334] test_invalid_addr_free+0xdb/0x260 [ 27.857041] kunit_try_run_case+0x1a5/0x480 [ 27.857452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.857909] kthread+0x337/0x6f0 [ 27.858294] ret_from_fork+0x41/0x80 [ 27.858739] ret_from_fork_asm+0x1a/0x30 [ 27.859081] [ 27.859318] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 27.860312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.860665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.861376] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 27.643817] ================================================================== [ 27.644533] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 27.644533] [ 27.645024] Invalid free of 0x(____ptrval____) (in kfence-#109): [ 27.645371] test_double_free+0x112/0x260 [ 27.645800] kunit_try_run_case+0x1a5/0x480 [ 27.646196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.646615] kthread+0x337/0x6f0 [ 27.646927] ret_from_fork+0x41/0x80 [ 27.647223] ret_from_fork_asm+0x1a/0x30 [ 27.647664] [ 27.647921] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.647921] [ 27.648752] allocated by task 325 on cpu 1 at 27.643545s (0.005200s ago): [ 27.649209] test_alloc+0x2a6/0x10f0 [ 27.649763] test_double_free+0xdb/0x260 [ 27.650188] kunit_try_run_case+0x1a5/0x480 [ 27.650684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.651070] kthread+0x337/0x6f0 [ 27.651369] ret_from_fork+0x41/0x80 [ 27.651721] ret_from_fork_asm+0x1a/0x30 [ 27.652159] [ 27.652398] freed by task 325 on cpu 1 at 27.643630s (0.008763s ago): [ 27.653051] test_double_free+0xfa/0x260 [ 27.653395] kunit_try_run_case+0x1a5/0x480 [ 27.653875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.654371] kthread+0x337/0x6f0 [ 27.654793] ret_from_fork+0x41/0x80 [ 27.655185] ret_from_fork_asm+0x1a/0x30 [ 27.655611] [ 27.656010] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 27.656876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.657264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.658007] ================================================================== [ 27.538537] ================================================================== [ 27.539165] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 27.539165] [ 27.539836] Invalid free of 0x(____ptrval____) (in kfence-#108): [ 27.540275] test_double_free+0x1d3/0x260 [ 27.540719] kunit_try_run_case+0x1a5/0x480 [ 27.541223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.541788] kthread+0x337/0x6f0 [ 27.542152] ret_from_fork+0x41/0x80 [ 27.542527] ret_from_fork_asm+0x1a/0x30 [ 27.543043] [ 27.543272] kfence-#108: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.543272] [ 27.544054] allocated by task 323 on cpu 1 at 27.538112s (0.005936s ago): [ 27.544574] test_alloc+0x364/0x10f0 [ 27.544935] test_double_free+0xdb/0x260 [ 27.545508] kunit_try_run_case+0x1a5/0x480 [ 27.546091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.546501] kthread+0x337/0x6f0 [ 27.547018] ret_from_fork+0x41/0x80 [ 27.547430] ret_from_fork_asm+0x1a/0x30 [ 27.547878] [ 27.548102] freed by task 323 on cpu 1 at 27.538215s (0.009881s ago): [ 27.548586] test_double_free+0x1e0/0x260 [ 27.549078] kunit_try_run_case+0x1a5/0x480 [ 27.549659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.550125] kthread+0x337/0x6f0 [ 27.550456] ret_from_fork+0x41/0x80 [ 27.550906] ret_from_fork_asm+0x1a/0x30 [ 27.551249] [ 27.551506] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 27.552687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.553051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.553994] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 27.226248] ================================================================== [ 27.227007] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 27.227007] [ 27.227866] Use-after-free read at 0x(____ptrval____) (in kfence-#105): [ 27.228455] test_use_after_free_read+0x129/0x270 [ 27.229817] kunit_try_run_case+0x1a5/0x480 [ 27.230314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.230812] kthread+0x337/0x6f0 [ 27.231200] ret_from_fork+0x41/0x80 [ 27.231634] ret_from_fork_asm+0x1a/0x30 [ 27.232019] [ 27.232249] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.232249] [ 27.233308] allocated by task 317 on cpu 1 at 27.226045s (0.007257s ago): [ 27.234189] test_alloc+0x2a6/0x10f0 [ 27.234541] test_use_after_free_read+0xdc/0x270 [ 27.235257] kunit_try_run_case+0x1a5/0x480 [ 27.235886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.236326] kthread+0x337/0x6f0 [ 27.236915] ret_from_fork+0x41/0x80 [ 27.237332] ret_from_fork_asm+0x1a/0x30 [ 27.237819] [ 27.238058] freed by task 317 on cpu 1 at 27.226110s (0.011941s ago): [ 27.238783] test_use_after_free_read+0xfb/0x270 [ 27.239191] kunit_try_run_case+0x1a5/0x480 [ 27.239993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.240778] kthread+0x337/0x6f0 [ 27.241190] ret_from_fork+0x41/0x80 [ 27.241654] ret_from_fork_asm+0x1a/0x30 [ 27.242269] [ 27.242532] CPU: 1 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 27.243565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.244091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.244842] ================================================================== [ 27.122496] ================================================================== [ 27.123150] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 27.123150] [ 27.124504] Use-after-free read at 0x(____ptrval____) (in kfence-#104): [ 27.124983] test_use_after_free_read+0x129/0x270 [ 27.125350] kunit_try_run_case+0x1a5/0x480 [ 27.126956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.127656] kthread+0x337/0x6f0 [ 27.128195] ret_from_fork+0x41/0x80 [ 27.128750] ret_from_fork_asm+0x1a/0x30 [ 27.129293] [ 27.129786] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.129786] [ 27.130744] allocated by task 315 on cpu 0 at 27.122107s (0.008633s ago): [ 27.131412] test_alloc+0x364/0x10f0 [ 27.132154] test_use_after_free_read+0xdc/0x270 [ 27.132850] kunit_try_run_case+0x1a5/0x480 [ 27.133411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.133920] kthread+0x337/0x6f0 [ 27.134281] ret_from_fork+0x41/0x80 [ 27.134688] ret_from_fork_asm+0x1a/0x30 [ 27.135153] [ 27.135723] freed by task 315 on cpu 0 at 27.122215s (0.013279s ago): [ 27.136296] test_use_after_free_read+0x1e7/0x270 [ 27.137110] kunit_try_run_case+0x1a5/0x480 [ 27.137782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.138331] kthread+0x337/0x6f0 [ 27.138710] ret_from_fork+0x41/0x80 [ 27.139086] ret_from_fork_asm+0x1a/0x30 [ 27.139841] [ 27.140368] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 27.141318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.141711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.142246] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 26.810045] ================================================================== [ 26.810815] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 26.810815] [ 26.811572] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#101): [ 26.812210] test_out_of_bounds_write+0x10d/0x260 [ 26.812591] kunit_try_run_case+0x1a5/0x480 [ 26.813165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.813782] kthread+0x337/0x6f0 [ 26.814268] ret_from_fork+0x41/0x80 [ 26.814871] ret_from_fork_asm+0x1a/0x30 [ 26.815212] [ 26.815422] kfence-#101: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.815422] [ 26.816300] allocated by task 311 on cpu 1 at 26.809906s (0.006387s ago): [ 26.817068] test_alloc+0x364/0x10f0 [ 26.817520] test_out_of_bounds_write+0xd4/0x260 [ 26.818012] kunit_try_run_case+0x1a5/0x480 [ 26.818342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.818916] kthread+0x337/0x6f0 [ 26.819370] ret_from_fork+0x41/0x80 [ 26.819877] ret_from_fork_asm+0x1a/0x30 [ 26.820238] [ 26.820548] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 26.821847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.822156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.823283] ================================================================== [ 27.018143] ================================================================== [ 27.018867] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 27.018867] [ 27.019726] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#103): [ 27.020377] test_out_of_bounds_write+0x10d/0x260 [ 27.020889] kunit_try_run_case+0x1a5/0x480 [ 27.021358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.022007] kthread+0x337/0x6f0 [ 27.022445] ret_from_fork+0x41/0x80 [ 27.022881] ret_from_fork_asm+0x1a/0x30 [ 27.023437] [ 27.023722] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.023722] [ 27.024611] allocated by task 313 on cpu 1 at 27.018042s (0.006564s ago): [ 27.025184] test_alloc+0x2a6/0x10f0 [ 27.025681] test_out_of_bounds_write+0xd4/0x260 [ 27.026145] kunit_try_run_case+0x1a5/0x480 [ 27.026690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.027184] kthread+0x337/0x6f0 [ 27.027630] ret_from_fork+0x41/0x80 [ 27.028045] ret_from_fork_asm+0x1a/0x30 [ 27.028681] [ 27.028944] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 27.030079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.030554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.031281] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 26.394158] ================================================================== [ 26.394706] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 26.394706] [ 26.395392] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#97): [ 26.396034] test_out_of_bounds_read+0x126/0x4e0 [ 26.396496] kunit_try_run_case+0x1a5/0x480 [ 26.396833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.397204] kthread+0x337/0x6f0 [ 26.397602] ret_from_fork+0x41/0x80 [ 26.398013] ret_from_fork_asm+0x1a/0x30 [ 26.398447] [ 26.398780] kfence-#97: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.398780] [ 26.399690] allocated by task 309 on cpu 0 at 26.394057s (0.005627s ago): [ 26.400486] test_alloc+0x2a6/0x10f0 [ 26.400818] test_out_of_bounds_read+0xed/0x4e0 [ 26.401158] kunit_try_run_case+0x1a5/0x480 [ 26.401602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.402123] kthread+0x337/0x6f0 [ 26.402590] ret_from_fork+0x41/0x80 [ 26.403058] ret_from_fork_asm+0x1a/0x30 [ 26.403554] [ 26.403875] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 26.404847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.405288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.405909] ================================================================== [ 26.186259] ================================================================== [ 26.186955] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 26.186955] [ 26.187820] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#95): [ 26.188487] test_out_of_bounds_read+0x216/0x4e0 [ 26.188953] kunit_try_run_case+0x1a5/0x480 [ 26.189385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.190062] kthread+0x337/0x6f0 [ 26.190453] ret_from_fork+0x41/0x80 [ 26.190782] ret_from_fork_asm+0x1a/0x30 [ 26.191259] [ 26.191538] kfence-#95: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.191538] [ 26.192258] allocated by task 307 on cpu 1 at 26.186061s (0.006191s ago): [ 26.193118] test_alloc+0x364/0x10f0 [ 26.193628] test_out_of_bounds_read+0x1e2/0x4e0 [ 26.194121] kunit_try_run_case+0x1a5/0x480 [ 26.194602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.195265] kthread+0x337/0x6f0 [ 26.195634] ret_from_fork+0x41/0x80 [ 26.195975] ret_from_fork_asm+0x1a/0x30 [ 26.196406] [ 26.196799] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 26.197772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.198115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.198934] ================================================================== [ 25.978349] ================================================================== [ 25.978883] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 25.978883] [ 25.980160] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#93): [ 25.980789] test_out_of_bounds_read+0x126/0x4e0 [ 25.981336] kunit_try_run_case+0x1a5/0x480 [ 25.981929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.982332] kthread+0x337/0x6f0 [ 25.982660] ret_from_fork+0x41/0x80 [ 25.983128] ret_from_fork_asm+0x1a/0x30 [ 25.984007] [ 25.984255] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.984255] [ 25.985115] allocated by task 307 on cpu 1 at 25.978053s (0.007056s ago): [ 25.985664] test_alloc+0x364/0x10f0 [ 25.986512] test_out_of_bounds_read+0xed/0x4e0 [ 25.987043] kunit_try_run_case+0x1a5/0x480 [ 25.987412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.987955] kthread+0x337/0x6f0 [ 25.988361] ret_from_fork+0x41/0x80 [ 25.988831] ret_from_fork_asm+0x1a/0x30 [ 25.989374] [ 25.989781] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 25.990553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.991069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.992222] ================================================================== [ 26.498157] ================================================================== [ 26.498923] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 26.498923] [ 26.500111] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#98): [ 26.501180] test_out_of_bounds_read+0x216/0x4e0 [ 26.501726] kunit_try_run_case+0x1a5/0x480 [ 26.502164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.502729] kthread+0x337/0x6f0 [ 26.503151] ret_from_fork+0x41/0x80 [ 26.503617] ret_from_fork_asm+0x1a/0x30 [ 26.504061] [ 26.504336] kfence-#98: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.504336] [ 26.505133] allocated by task 309 on cpu 0 at 26.498068s (0.007059s ago): [ 26.505796] test_alloc+0x2a6/0x10f0 [ 26.506266] test_out_of_bounds_read+0x1e2/0x4e0 [ 26.506675] kunit_try_run_case+0x1a5/0x480 [ 26.507203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.507784] kthread+0x337/0x6f0 [ 26.508134] ret_from_fork+0x41/0x80 [ 26.508586] ret_from_fork_asm+0x1a/0x30 [ 26.509117] [ 26.509388] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 26.510350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.510867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.511666] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-kmalloc_node_oob_right
[ 16.767859] ================================================================== [ 16.768752] BUG: KFENCE: out-of-bounds read in kmalloc_node_oob_right+0x183/0x3c0 [ 16.768752] [ 16.770180] Out-of-bounds read at 0x(____ptrval____) (4096B right of kfence-#49): [ 16.771777] kmalloc_node_oob_right+0x183/0x3c0 [ 16.772161] kunit_try_run_case+0x1a5/0x480 [ 16.772800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.773202] kthread+0x337/0x6f0 [ 16.773628] ret_from_fork+0x41/0x80 [ 16.774032] ret_from_fork_asm+0x1a/0x30 [ 16.774475] [ 16.775130] kfence-#49: 0x(____ptrval____)-0x(____ptrval____), size=4096, cache=kmalloc-4k [ 16.775130] [ 16.776804] allocated by task 160 on cpu 1 at 16.764230s (0.012417s ago): [ 16.778019] kmalloc_node_oob_right+0xab/0x3c0 [ 16.778625] kunit_try_run_case+0x1a5/0x480 [ 16.779009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.779897] kthread+0x337/0x6f0 [ 16.780185] ret_from_fork+0x41/0x80 [ 16.780839] ret_from_fork_asm+0x1a/0x30 [ 16.781373] [ 16.781904] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.782978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.783421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.784521] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-cs_dsp_mock_bin_add_name_or_infoisra
[ 216.228965] ================================================================== [ 216.230058] BUG: KASAN: global-out-of-bounds in cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 216.230914] Read of size 12 at addr ffffffff9aeccd00 by task kunit_try_catch/4184 [ 216.231617] [ 216.231852] CPU: 1 UID: 0 PID: 4184 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 216.231980] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 216.232019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 216.232067] Call Trace: [ 216.232105] <TASK> [ 216.232177] dump_stack_lvl+0x73/0xb0 [ 216.232283] print_report+0xd1/0x650 [ 216.232369] ? __virt_addr_valid+0x1db/0x2d0 [ 216.232447] ? cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 216.232524] ? kasan_addr_to_slab+0x11/0xa0 [ 216.232597] ? cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 216.232675] kasan_report+0x141/0x180 [ 216.232752] ? cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 216.232840] kasan_check_range+0x10c/0x1c0 [ 216.232926] __asan_memcpy+0x27/0x70 [ 216.232962] cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 216.232998] ? __pfx_cs_dsp_mock_bin_add_name_or_info.isra.0+0x10/0x10 [ 216.233030] ? __pfx_cs_dsp_mock_reg_addr_inc_per_unpacked_word+0x10/0x10 [ 216.233059] ? __pfx__cs_dsp_remove_wrapper+0x10/0x10 [ 216.233094] cs_dsp_mock_bin_add_info+0x12/0x20 [ 216.233162] bin_patch_name_and_info+0x1a1/0x8d0 [ 216.233228] ? __pfx_bin_patch_name_and_info+0x10/0x10 [ 216.233265] ? __pfx_kfree_action_wrapper+0x10/0x10 [ 216.233309] ? kunit_add_action_or_reset+0x1d/0x40 [ 216.233338] ? __pfx_read_tsc+0x10/0x10 [ 216.233364] ? ktime_get_ts64+0x86/0x230 [ 216.233399] kunit_try_run_case+0x1a5/0x480 [ 216.233427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 216.233457] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 216.233487] ? __kthread_parkme+0x82/0x180 [ 216.233516] ? preempt_count_sub+0x50/0x80 [ 216.233548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 216.233576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 216.233603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 216.233628] kthread+0x337/0x6f0 [ 216.233657] ? trace_preempt_on+0x20/0xc0 [ 216.233690] ? __pfx_kthread+0x10/0x10 [ 216.233721] ? _raw_spin_unlock_irq+0x47/0x80 [ 216.233749] ? calculate_sigpending+0x7b/0xa0 [ 216.233777] ? __pfx_kthread+0x10/0x10 [ 216.233808] ret_from_fork+0x41/0x80 [ 216.233835] ? __pfx_kthread+0x10/0x10 [ 216.233864] ret_from_fork_asm+0x1a/0x30 [ 216.233907] </TASK> [ 216.233921] [ 216.249905] The buggy address belongs to the variable: [ 216.250373] __loc.16+0x80/0x540 [ 216.250766] [ 216.251001] The buggy address belongs to the physical page: [ 216.251568] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x596cc [ 216.252323] flags: 0x100000000002000(reserved|node=0|zone=1) [ 216.252728] raw: 0100000000002000 ffffea000165b308 ffffea000165b308 0000000000000000 [ 216.253424] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 216.254010] page dumped because: kasan: bad access detected [ 216.254476] [ 216.254713] Memory state around the buggy address: [ 216.255165] ffffffff9aeccc00: 00 00 f9 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 [ 216.255729] ffffffff9aeccc80: 00 00 f9 f9 f9 f9 f9 f9 00 01 f9 f9 f9 f9 f9 f9 [ 216.256294] >ffffffff9aeccd00: 00 02 f9 f9 f9 f9 f9 f9 00 00 00 00 00 07 f9 f9 [ 216.256800] ^ [ 216.257085] ffffffff9aeccd80: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 06 f9 f9 [ 216.257804] ffffffff9aecce00: f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 00 01 f9 f9 [ 216.258477] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 21.002975] ================================================================== [ 21.003995] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 21.005223] Read of size 1 at addr ffff888103c27c4a by task kunit_try_catch/273 [ 21.006207] [ 21.006544] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 21.006793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.006837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.006896] Call Trace: [ 21.006935] <TASK> [ 21.007190] dump_stack_lvl+0x73/0xb0 [ 21.007267] print_report+0xd1/0x650 [ 21.007349] ? __virt_addr_valid+0x1db/0x2d0 [ 21.007395] ? kasan_alloca_oob_right+0x329/0x390 [ 21.007463] ? kasan_addr_to_slab+0x11/0xa0 [ 21.007561] ? kasan_alloca_oob_right+0x329/0x390 [ 21.007635] kasan_report+0x141/0x180 [ 21.007673] ? kasan_alloca_oob_right+0x329/0x390 [ 21.007714] __asan_report_load1_noabort+0x18/0x20 [ 21.007744] kasan_alloca_oob_right+0x329/0x390 [ 21.007780] ? finish_task_switch.isra.0+0x153/0x700 [ 21.007815] ? rwsem_down_read_slowpath+0x64e/0xb90 [ 21.007849] ? trace_hardirqs_on+0x37/0xe0 [ 21.007885] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 21.007923] ? __schedule+0x10cc/0x2b30 [ 21.007955] ? __pfx_read_tsc+0x10/0x10 [ 21.007985] ? ktime_get_ts64+0x86/0x230 [ 21.008021] kunit_try_run_case+0x1a5/0x480 [ 21.008055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.008086] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.008120] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.008154] ? __kthread_parkme+0x82/0x180 [ 21.008187] ? preempt_count_sub+0x50/0x80 [ 21.008223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.008256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.008287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.008319] kthread+0x337/0x6f0 [ 21.008349] ? trace_preempt_on+0x20/0xc0 [ 21.008382] ? __pfx_kthread+0x10/0x10 [ 21.008411] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.008514] ? calculate_sigpending+0x7b/0xa0 [ 21.008599] ? __pfx_kthread+0x10/0x10 [ 21.008654] ret_from_fork+0x41/0x80 [ 21.008685] ? __pfx_kthread+0x10/0x10 [ 21.008717] ret_from_fork_asm+0x1a/0x30 [ 21.008763] </TASK> [ 21.008778] [ 21.028208] The buggy address belongs to stack of task kunit_try_catch/273 [ 21.028834] [ 21.029173] The buggy address belongs to the physical page: [ 21.030971] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c27 [ 21.031564] flags: 0x200000000000000(node=0|zone=2) [ 21.032720] raw: 0200000000000000 ffffea00040f09c8 ffffea00040f09c8 0000000000000000 [ 21.033633] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 21.033887] page dumped because: kasan: bad access detected [ 21.034072] [ 21.034160] Memory state around the buggy address: [ 21.034335] ffff888103c27b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.034741] ffff888103c27b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.035821] >ffff888103c27c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 21.036396] ^ [ 21.037080] ffff888103c27c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 21.037827] ffff888103c27d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 21.038667] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 20.953255] ================================================================== [ 20.954225] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 20.954873] Read of size 1 at addr ffff888103cffc3f by task kunit_try_catch/271 [ 20.955345] [ 20.955670] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.955826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.955868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.955948] Call Trace: [ 20.956016] <TASK> [ 20.956067] dump_stack_lvl+0x73/0xb0 [ 20.956147] print_report+0xd1/0x650 [ 20.956225] ? __virt_addr_valid+0x1db/0x2d0 [ 20.956304] ? kasan_alloca_oob_left+0x320/0x380 [ 20.956399] ? kasan_addr_to_slab+0x11/0xa0 [ 20.956552] ? kasan_alloca_oob_left+0x320/0x380 [ 20.956631] kasan_report+0x141/0x180 [ 20.956728] ? kasan_alloca_oob_left+0x320/0x380 [ 20.956954] __asan_report_load1_noabort+0x18/0x20 [ 20.957039] kasan_alloca_oob_left+0x320/0x380 [ 20.957122] ? finish_task_switch.isra.0+0x153/0x700 [ 20.957202] ? rwsem_down_read_slowpath+0x64e/0xb90 [ 20.957239] ? trace_hardirqs_on+0x37/0xe0 [ 20.957278] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 20.957316] ? __schedule+0x10cc/0x2b30 [ 20.957350] ? __pfx_read_tsc+0x10/0x10 [ 20.957379] ? ktime_get_ts64+0x86/0x230 [ 20.957438] kunit_try_run_case+0x1a5/0x480 [ 20.957554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.957633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.957672] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.957707] ? __kthread_parkme+0x82/0x180 [ 20.957739] ? preempt_count_sub+0x50/0x80 [ 20.957772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.957804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.957836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.957868] kthread+0x337/0x6f0 [ 20.957897] ? trace_preempt_on+0x20/0xc0 [ 20.957929] ? __pfx_kthread+0x10/0x10 [ 20.957960] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.957991] ? calculate_sigpending+0x7b/0xa0 [ 20.958021] ? __pfx_kthread+0x10/0x10 [ 20.958053] ret_from_fork+0x41/0x80 [ 20.958083] ? __pfx_kthread+0x10/0x10 [ 20.958113] ret_from_fork_asm+0x1a/0x30 [ 20.958157] </TASK> [ 20.958171] [ 20.978735] The buggy address belongs to stack of task kunit_try_catch/271 [ 20.979385] [ 20.979848] The buggy address belongs to the physical page: [ 20.980324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cff [ 20.981201] flags: 0x200000000000000(node=0|zone=2) [ 20.982271] raw: 0200000000000000 ffffea00040f3fc8 ffffea00040f3fc8 0000000000000000 [ 20.983138] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.983989] page dumped because: kasan: bad access detected [ 20.984630] [ 20.984910] Memory state around the buggy address: [ 20.985339] ffff888103cffb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.986224] ffff888103cffb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.988003] >ffff888103cffc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.989195] ^ [ 20.989422] ffff888103cffc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 20.990279] ffff888103cffd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 20.991918] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 20.903273] ================================================================== [ 20.904544] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 20.905292] Read of size 1 at addr ffff888103d0fd02 by task kunit_try_catch/269 [ 20.905979] [ 20.906385] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.906532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.906567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.906629] Call Trace: [ 20.906671] <TASK> [ 20.906724] dump_stack_lvl+0x73/0xb0 [ 20.906820] print_report+0xd1/0x650 [ 20.906999] ? __virt_addr_valid+0x1db/0x2d0 [ 20.907118] ? kasan_stack_oob+0x2b5/0x300 [ 20.907189] ? kasan_addr_to_slab+0x11/0xa0 [ 20.907259] ? kasan_stack_oob+0x2b5/0x300 [ 20.907327] kasan_report+0x141/0x180 [ 20.907400] ? kasan_stack_oob+0x2b5/0x300 [ 20.907486] __asan_report_load1_noabort+0x18/0x20 [ 20.907571] kasan_stack_oob+0x2b5/0x300 [ 20.907644] ? __pfx_kasan_stack_oob+0x10/0x10 [ 20.907711] ? finish_task_switch.isra.0+0x153/0x700 [ 20.907832] ? __switch_to+0x5d9/0xf60 [ 20.907873] ? dequeue_task_fair+0x166/0x4e0 [ 20.907912] ? __schedule+0x10cc/0x2b30 [ 20.907945] ? __pfx_read_tsc+0x10/0x10 [ 20.907975] ? ktime_get_ts64+0x86/0x230 [ 20.908011] kunit_try_run_case+0x1a5/0x480 [ 20.908046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.908076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.908109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.908142] ? __kthread_parkme+0x82/0x180 [ 20.908172] ? preempt_count_sub+0x50/0x80 [ 20.908205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.908236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.908266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.908298] kthread+0x337/0x6f0 [ 20.908326] ? trace_preempt_on+0x20/0xc0 [ 20.908360] ? __pfx_kthread+0x10/0x10 [ 20.908390] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.908421] ? calculate_sigpending+0x7b/0xa0 [ 20.908538] ? __pfx_kthread+0x10/0x10 [ 20.908590] ret_from_fork+0x41/0x80 [ 20.908621] ? __pfx_kthread+0x10/0x10 [ 20.908652] ret_from_fork_asm+0x1a/0x30 [ 20.908697] </TASK> [ 20.908712] [ 20.932014] The buggy address belongs to stack of task kunit_try_catch/269 [ 20.933267] and is located at offset 138 in frame: [ 20.933973] kasan_stack_oob+0x0/0x300 [ 20.934898] [ 20.935143] This frame has 4 objects: [ 20.936019] [48, 49) '__assertion' [ 20.936061] [64, 72) 'array' [ 20.936363] [96, 112) '__assertion' [ 20.937277] [128, 138) 'stack_array' [ 20.937910] [ 20.938133] The buggy address belongs to the physical page: [ 20.938325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d0f [ 20.938789] flags: 0x200000000000000(node=0|zone=2) [ 20.939761] raw: 0200000000000000 ffffea00040f43c8 ffffea00040f43c8 0000000000000000 [ 20.940884] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.941658] page dumped because: kasan: bad access detected [ 20.942093] [ 20.942296] Memory state around the buggy address: [ 20.942985] ffff888103d0fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 20.944274] ffff888103d0fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 20.944957] >ffff888103d0fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 20.945525] ^ [ 20.946326] ffff888103d0fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 20.947092] ffff888103d0fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.947329] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 20.855239] ================================================================== [ 20.856382] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 20.857065] Read of size 1 at addr ffffffff9cc9a28d by task kunit_try_catch/265 [ 20.857805] [ 20.858167] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.858328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.858570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.858637] Call Trace: [ 20.858683] <TASK> [ 20.858731] dump_stack_lvl+0x73/0xb0 [ 20.858814] print_report+0xd1/0x650 [ 20.858897] ? __virt_addr_valid+0x1db/0x2d0 [ 20.859017] ? kasan_global_oob_right+0x286/0x2d0 [ 20.859098] ? kasan_addr_to_slab+0x11/0xa0 [ 20.859172] ? kasan_global_oob_right+0x286/0x2d0 [ 20.859248] kasan_report+0x141/0x180 [ 20.859288] ? kasan_global_oob_right+0x286/0x2d0 [ 20.859329] __asan_report_load1_noabort+0x18/0x20 [ 20.859360] kasan_global_oob_right+0x286/0x2d0 [ 20.859395] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 20.859588] ? __schedule+0x10cc/0x2b30 [ 20.859641] ? __pfx_read_tsc+0x10/0x10 [ 20.859674] ? ktime_get_ts64+0x86/0x230 [ 20.859715] kunit_try_run_case+0x1a5/0x480 [ 20.859753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.859785] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.859821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.859857] ? __kthread_parkme+0x82/0x180 [ 20.859891] ? preempt_count_sub+0x50/0x80 [ 20.859927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.859962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.859996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.860028] kthread+0x337/0x6f0 [ 20.860059] ? trace_preempt_on+0x20/0xc0 [ 20.860095] ? __pfx_kthread+0x10/0x10 [ 20.860127] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.860158] ? calculate_sigpending+0x7b/0xa0 [ 20.860192] ? __pfx_kthread+0x10/0x10 [ 20.860226] ret_from_fork+0x41/0x80 [ 20.860258] ? __pfx_kthread+0x10/0x10 [ 20.860289] ret_from_fork_asm+0x1a/0x30 [ 20.860335] </TASK> [ 20.860350] [ 20.881354] The buggy address belongs to the variable: [ 20.882253] global_array+0xd/0x40 [ 20.882904] [ 20.883143] The buggy address belongs to the physical page: [ 20.883887] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5b49a [ 20.884894] flags: 0x100000000002000(reserved|node=0|zone=1) [ 20.885342] raw: 0100000000002000 ffffea00016d2688 ffffea00016d2688 0000000000000000 [ 20.886438] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.887076] page dumped because: kasan: bad access detected [ 20.887703] [ 20.888180] Memory state around the buggy address: [ 20.888587] ffffffff9cc9a180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.889679] ffffffff9cc9a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.890229] >ffffffff9cc9a280: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 20.890964] ^ [ 20.891390] ffffffff9cc9a300: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 20.892205] ffffffff9cc9a380: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 20.893346] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 20.803113] ================================================================== [ 20.804585] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.805953] Free of addr ffff888103ba8001 by task kunit_try_catch/263 [ 20.806436] [ 20.806676] CPU: 0 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.806750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.806768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.806801] Call Trace: [ 20.806826] <TASK> [ 20.806853] dump_stack_lvl+0x73/0xb0 [ 20.806900] print_report+0xd1/0x650 [ 20.806938] ? __virt_addr_valid+0x1db/0x2d0 [ 20.806974] ? kasan_addr_to_slab+0x11/0xa0 [ 20.807004] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.807044] kasan_report_invalid_free+0x10a/0x130 [ 20.807082] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.807125] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.807162] __kasan_mempool_poison_object+0x102/0x1d0 [ 20.807199] mempool_free+0x2ec/0x380 [ 20.807235] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.807274] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 20.807314] ? dequeue_entities+0xa24/0x1790 [ 20.807350] ? finish_task_switch.isra.0+0x153/0x700 [ 20.807391] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 20.807503] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 20.807582] ? dequeue_task_fair+0x166/0x4e0 [ 20.807649] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.807705] ? __pfx_mempool_kfree+0x10/0x10 [ 20.807767] ? __pfx_read_tsc+0x10/0x10 [ 20.807829] ? ktime_get_ts64+0x86/0x230 [ 20.807908] kunit_try_run_case+0x1a5/0x480 [ 20.807988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.808053] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.808130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.808211] ? __kthread_parkme+0x82/0x180 [ 20.808284] ? preempt_count_sub+0x50/0x80 [ 20.808483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.808608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.808674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.808736] kthread+0x337/0x6f0 [ 20.808796] ? trace_preempt_on+0x20/0xc0 [ 20.808873] ? __pfx_kthread+0x10/0x10 [ 20.808943] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.809012] ? calculate_sigpending+0x7b/0xa0 [ 20.809079] ? __pfx_kthread+0x10/0x10 [ 20.809152] ret_from_fork+0x41/0x80 [ 20.809218] ? __pfx_kthread+0x10/0x10 [ 20.809290] ret_from_fork_asm+0x1a/0x30 [ 20.809474] </TASK> [ 20.809523] [ 20.834460] The buggy address belongs to the physical page: [ 20.835162] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ba8 [ 20.836137] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.837020] flags: 0x200000000000040(head|node=0|zone=2) [ 20.837936] page_type: f8(unknown) [ 20.838590] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.839275] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.840133] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.840923] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.842085] head: 0200000000000002 ffffea00040eea01 00000000ffffffff 00000000ffffffff [ 20.842734] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.843364] page dumped because: kasan: bad access detected [ 20.843910] [ 20.844467] Memory state around the buggy address: [ 20.844978] ffff888103ba7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.846054] ffff888103ba7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.846623] >ffff888103ba8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.847190] ^ [ 20.847696] ffff888103ba8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.848232] ffff888103ba8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.848839] ================================================================== [ 20.748804] ================================================================== [ 20.749821] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.750802] Free of addr ffff888103c6a901 by task kunit_try_catch/261 [ 20.751380] [ 20.751741] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.751870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.751950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.752012] Call Trace: [ 20.752051] <TASK> [ 20.752100] dump_stack_lvl+0x73/0xb0 [ 20.752180] print_report+0xd1/0x650 [ 20.752261] ? __virt_addr_valid+0x1db/0x2d0 [ 20.752380] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.752515] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.752641] kasan_report_invalid_free+0x10a/0x130 [ 20.752728] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.752820] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.752901] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.752964] check_slab_allocation+0x11f/0x130 [ 20.753001] __kasan_mempool_poison_object+0x91/0x1d0 [ 20.753037] mempool_free+0x2ec/0x380 [ 20.753071] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.753108] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 20.753145] ? kasan_save_track+0x18/0x40 [ 20.753172] ? kasan_save_alloc_info+0x3b/0x50 [ 20.753197] ? kasan_save_stack+0x45/0x70 [ 20.753231] mempool_kmalloc_invalid_free+0xed/0x140 [ 20.753264] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 20.753297] ? dequeue_task_fair+0x166/0x4e0 [ 20.753330] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.753356] ? __pfx_mempool_kfree+0x10/0x10 [ 20.753384] ? __pfx_read_tsc+0x10/0x10 [ 20.753411] ? ktime_get_ts64+0x86/0x230 [ 20.753526] kunit_try_run_case+0x1a5/0x480 [ 20.753569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.753614] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.753652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.753686] ? __kthread_parkme+0x82/0x180 [ 20.753718] ? preempt_count_sub+0x50/0x80 [ 20.753752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.753783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.753814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.753845] kthread+0x337/0x6f0 [ 20.753873] ? trace_preempt_on+0x20/0xc0 [ 20.753906] ? __pfx_kthread+0x10/0x10 [ 20.753938] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.753969] ? calculate_sigpending+0x7b/0xa0 [ 20.753998] ? __pfx_kthread+0x10/0x10 [ 20.754028] ret_from_fork+0x41/0x80 [ 20.754056] ? __pfx_kthread+0x10/0x10 [ 20.754086] ret_from_fork_asm+0x1a/0x30 [ 20.754129] </TASK> [ 20.754142] [ 20.777031] Allocated by task 261: [ 20.777567] kasan_save_stack+0x45/0x70 [ 20.778282] kasan_save_track+0x18/0x40 [ 20.779171] kasan_save_alloc_info+0x3b/0x50 [ 20.779765] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.780326] remove_element+0x11e/0x190 [ 20.780945] mempool_alloc_preallocated+0x4d/0x90 [ 20.781375] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 20.781949] mempool_kmalloc_invalid_free+0xed/0x140 [ 20.782372] kunit_try_run_case+0x1a5/0x480 [ 20.783302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.783744] kthread+0x337/0x6f0 [ 20.784134] ret_from_fork+0x41/0x80 [ 20.784558] ret_from_fork_asm+0x1a/0x30 [ 20.785081] [ 20.785329] The buggy address belongs to the object at ffff888103c6a900 [ 20.785329] which belongs to the cache kmalloc-128 of size 128 [ 20.787206] The buggy address is located 1 bytes inside of [ 20.787206] 128-byte region [ffff888103c6a900, ffff888103c6a980) [ 20.788005] [ 20.788157] The buggy address belongs to the physical page: [ 20.788993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6a [ 20.790070] flags: 0x200000000000000(node=0|zone=2) [ 20.790652] page_type: f5(slab) [ 20.790805] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.791054] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.791294] page dumped because: kasan: bad access detected [ 20.791579] [ 20.791836] Memory state around the buggy address: [ 20.792228] ffff888103c6a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.793394] ffff888103c6a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.794265] >ffff888103c6a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.795182] ^ [ 20.795741] ffff888103c6a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.796409] ffff888103c6aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.797089] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 20.650126] ================================================================== [ 20.651098] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 20.651606] Free of addr ffff888103ba4000 by task kunit_try_catch/257 [ 20.652222] [ 20.652555] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.652683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.652714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.652770] Call Trace: [ 20.652802] <TASK> [ 20.652844] dump_stack_lvl+0x73/0xb0 [ 20.652926] print_report+0xd1/0x650 [ 20.652997] ? __virt_addr_valid+0x1db/0x2d0 [ 20.653078] ? kasan_addr_to_slab+0x11/0xa0 [ 20.653145] ? mempool_double_free_helper+0x184/0x370 [ 20.653228] kasan_report_invalid_free+0x10a/0x130 [ 20.653307] ? mempool_double_free_helper+0x184/0x370 [ 20.653396] ? mempool_double_free_helper+0x184/0x370 [ 20.653761] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 20.653864] mempool_free+0x2ec/0x380 [ 20.653949] mempool_double_free_helper+0x184/0x370 [ 20.654030] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.654108] ? dequeue_entities+0xa24/0x1790 [ 20.654237] ? finish_task_switch.isra.0+0x153/0x700 [ 20.654332] mempool_kmalloc_large_double_free+0xed/0x140 [ 20.654414] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 20.654660] ? dequeue_task_fair+0x166/0x4e0 [ 20.654744] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.654808] ? __pfx_mempool_kfree+0x10/0x10 [ 20.654881] ? __pfx_read_tsc+0x10/0x10 [ 20.654924] ? ktime_get_ts64+0x86/0x230 [ 20.654964] kunit_try_run_case+0x1a5/0x480 [ 20.655000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.655032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.655067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.655102] ? __kthread_parkme+0x82/0x180 [ 20.655132] ? preempt_count_sub+0x50/0x80 [ 20.655166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.655198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.655228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.655260] kthread+0x337/0x6f0 [ 20.655289] ? trace_preempt_on+0x20/0xc0 [ 20.655324] ? __pfx_kthread+0x10/0x10 [ 20.655354] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.655385] ? calculate_sigpending+0x7b/0xa0 [ 20.655416] ? __pfx_kthread+0x10/0x10 [ 20.655553] ret_from_fork+0x41/0x80 [ 20.655616] ? __pfx_kthread+0x10/0x10 [ 20.655650] ret_from_fork_asm+0x1a/0x30 [ 20.655697] </TASK> [ 20.655712] [ 20.674915] The buggy address belongs to the physical page: [ 20.675678] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ba4 [ 20.676243] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.676844] flags: 0x200000000000040(head|node=0|zone=2) [ 20.677812] page_type: f8(unknown) [ 20.678434] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.679374] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.681174] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.682150] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.682413] head: 0200000000000002 ffffea00040ee901 00000000ffffffff 00000000ffffffff [ 20.683374] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.684288] page dumped because: kasan: bad access detected [ 20.685003] [ 20.685266] Memory state around the buggy address: [ 20.686161] ffff888103ba3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.686793] ffff888103ba3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.687710] >ffff888103ba4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.688296] ^ [ 20.688933] ffff888103ba4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.689976] ffff888103ba4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.690464] ================================================================== [ 20.696799] ================================================================== [ 20.698029] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 20.698612] Free of addr ffff888103cb8000 by task kunit_try_catch/259 [ 20.699874] [ 20.700227] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.700322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.700363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.700455] Call Trace: [ 20.700553] <TASK> [ 20.700608] dump_stack_lvl+0x73/0xb0 [ 20.700690] print_report+0xd1/0x650 [ 20.700765] ? __virt_addr_valid+0x1db/0x2d0 [ 20.700836] ? kasan_addr_to_slab+0x11/0xa0 [ 20.700911] ? mempool_double_free_helper+0x184/0x370 [ 20.700950] kasan_report_invalid_free+0x10a/0x130 [ 20.700985] ? mempool_double_free_helper+0x184/0x370 [ 20.701022] ? mempool_double_free_helper+0x184/0x370 [ 20.701054] __kasan_mempool_poison_pages+0x115/0x130 [ 20.701088] mempool_free+0x290/0x380 [ 20.701122] mempool_double_free_helper+0x184/0x370 [ 20.701155] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.701188] ? dequeue_entities+0xa24/0x1790 [ 20.701221] ? irqentry_exit+0x2a/0x60 [ 20.701247] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 20.701285] mempool_page_alloc_double_free+0xe8/0x140 [ 20.701314] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 20.701347] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 20.701373] ? __pfx_mempool_free_pages+0x10/0x10 [ 20.701402] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 20.701435] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 20.701638] kunit_try_run_case+0x1a5/0x480 [ 20.701729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.701790] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.701829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.701863] ? __kthread_parkme+0x82/0x180 [ 20.701896] ? preempt_count_sub+0x50/0x80 [ 20.701930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.701962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.701993] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.702024] kthread+0x337/0x6f0 [ 20.702053] ? trace_preempt_on+0x20/0xc0 [ 20.702086] ? __pfx_kthread+0x10/0x10 [ 20.702117] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.702146] ? calculate_sigpending+0x7b/0xa0 [ 20.702177] ? __pfx_kthread+0x10/0x10 [ 20.702206] ret_from_fork+0x41/0x80 [ 20.702236] ? __pfx_kthread+0x10/0x10 [ 20.702266] ret_from_fork_asm+0x1a/0x30 [ 20.702309] </TASK> [ 20.702324] [ 20.726914] The buggy address belongs to the physical page: [ 20.727259] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cb8 [ 20.732262] flags: 0x200000000000000(node=0|zone=2) [ 20.734384] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.736173] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.737062] page dumped because: kasan: bad access detected [ 20.737757] [ 20.737925] Memory state around the buggy address: [ 20.738946] ffff888103cb7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.739538] ffff888103cb7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.740346] >ffff888103cb8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.741232] ^ [ 20.741615] ffff888103cb8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.742140] ffff888103cb8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.742675] ================================================================== [ 20.578776] ================================================================== [ 20.579525] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 20.580434] Free of addr ffff888103c6a500 by task kunit_try_catch/255 [ 20.581027] [ 20.581289] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.581395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.581414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.581466] Call Trace: [ 20.581486] <TASK> [ 20.582446] dump_stack_lvl+0x73/0xb0 [ 20.582512] print_report+0xd1/0x650 [ 20.582591] ? __virt_addr_valid+0x1db/0x2d0 [ 20.582670] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.582737] ? mempool_double_free_helper+0x184/0x370 [ 20.582778] kasan_report_invalid_free+0x10a/0x130 [ 20.582816] ? mempool_double_free_helper+0x184/0x370 [ 20.582855] ? mempool_double_free_helper+0x184/0x370 [ 20.582888] ? mempool_double_free_helper+0x184/0x370 [ 20.582923] check_slab_allocation+0x101/0x130 [ 20.582956] __kasan_mempool_poison_object+0x91/0x1d0 [ 20.582991] mempool_free+0x2ec/0x380 [ 20.583018] ? mempool_alloc_preallocated+0x5b/0x90 [ 20.583053] mempool_double_free_helper+0x184/0x370 [ 20.583088] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.583122] ? dequeue_entities+0xa24/0x1790 [ 20.583156] ? finish_task_switch.isra.0+0x153/0x700 [ 20.583195] mempool_kmalloc_double_free+0xed/0x140 [ 20.583227] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 20.583259] ? dequeue_task_fair+0x166/0x4e0 [ 20.583289] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.583314] ? __pfx_mempool_kfree+0x10/0x10 [ 20.583344] ? __pfx_read_tsc+0x10/0x10 [ 20.583371] ? ktime_get_ts64+0x86/0x230 [ 20.583406] kunit_try_run_case+0x1a5/0x480 [ 20.583471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.583564] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.583618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.583654] ? __kthread_parkme+0x82/0x180 [ 20.583685] ? preempt_count_sub+0x50/0x80 [ 20.583717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.583751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.583783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.583814] kthread+0x337/0x6f0 [ 20.583842] ? trace_preempt_on+0x20/0xc0 [ 20.583875] ? __pfx_kthread+0x10/0x10 [ 20.583904] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.583935] ? calculate_sigpending+0x7b/0xa0 [ 20.583964] ? __pfx_kthread+0x10/0x10 [ 20.583994] ret_from_fork+0x41/0x80 [ 20.584022] ? __pfx_kthread+0x10/0x10 [ 20.584053] ret_from_fork_asm+0x1a/0x30 [ 20.584097] </TASK> [ 20.584111] [ 20.611450] Allocated by task 255: [ 20.612613] kasan_save_stack+0x45/0x70 [ 20.612963] kasan_save_track+0x18/0x40 [ 20.613382] kasan_save_alloc_info+0x3b/0x50 [ 20.614232] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.615196] remove_element+0x11e/0x190 [ 20.615539] mempool_alloc_preallocated+0x4d/0x90 [ 20.616127] mempool_double_free_helper+0x8a/0x370 [ 20.617188] mempool_kmalloc_double_free+0xed/0x140 [ 20.617726] kunit_try_run_case+0x1a5/0x480 [ 20.618064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.618568] kthread+0x337/0x6f0 [ 20.619309] ret_from_fork+0x41/0x80 [ 20.619716] ret_from_fork_asm+0x1a/0x30 [ 20.620134] [ 20.620343] Freed by task 255: [ 20.620957] kasan_save_stack+0x45/0x70 [ 20.621741] kasan_save_track+0x18/0x40 [ 20.622287] kasan_save_free_info+0x3f/0x60 [ 20.623058] __kasan_mempool_poison_object+0x131/0x1d0 [ 20.623460] mempool_free+0x2ec/0x380 [ 20.624200] mempool_double_free_helper+0x109/0x370 [ 20.624827] mempool_kmalloc_double_free+0xed/0x140 [ 20.625206] kunit_try_run_case+0x1a5/0x480 [ 20.626150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.626584] kthread+0x337/0x6f0 [ 20.627256] ret_from_fork+0x41/0x80 [ 20.628319] ret_from_fork_asm+0x1a/0x30 [ 20.628782] [ 20.629006] The buggy address belongs to the object at ffff888103c6a500 [ 20.629006] which belongs to the cache kmalloc-128 of size 128 [ 20.630305] The buggy address is located 0 bytes inside of [ 20.630305] 128-byte region [ffff888103c6a500, ffff888103c6a580) [ 20.632036] [ 20.632204] The buggy address belongs to the physical page: [ 20.632842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6a [ 20.633801] flags: 0x200000000000000(node=0|zone=2) [ 20.634201] page_type: f5(slab) [ 20.635031] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.636060] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.636805] page dumped because: kasan: bad access detected [ 20.637672] [ 20.637838] Memory state around the buggy address: [ 20.638199] ffff888103c6a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.638810] ffff888103c6a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.640310] >ffff888103c6a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.640881] ^ [ 20.641211] ffff888103c6a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.642302] ffff888103c6a600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.643199] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 20.403461] ================================================================== [ 20.404517] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 20.405839] Read of size 1 at addr ffff888103cb4000 by task kunit_try_catch/249 [ 20.406377] [ 20.407204] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.407296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.407314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.407347] Call Trace: [ 20.407369] <TASK> [ 20.407396] dump_stack_lvl+0x73/0xb0 [ 20.407808] print_report+0xd1/0x650 [ 20.407860] ? __virt_addr_valid+0x1db/0x2d0 [ 20.407901] ? mempool_uaf_helper+0x392/0x400 [ 20.407935] ? kasan_addr_to_slab+0x11/0xa0 [ 20.407964] ? mempool_uaf_helper+0x392/0x400 [ 20.407996] kasan_report+0x141/0x180 [ 20.408028] ? mempool_uaf_helper+0x392/0x400 [ 20.408067] __asan_report_load1_noabort+0x18/0x20 [ 20.408095] mempool_uaf_helper+0x392/0x400 [ 20.408129] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 20.408163] ? dequeue_entities+0xa24/0x1790 [ 20.408201] ? finish_task_switch.isra.0+0x153/0x700 [ 20.408241] mempool_kmalloc_large_uaf+0xef/0x140 [ 20.408275] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 20.408308] ? dequeue_task_fair+0x166/0x4e0 [ 20.408339] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.408369] ? __pfx_mempool_kfree+0x10/0x10 [ 20.408398] ? __pfx_read_tsc+0x10/0x10 [ 20.408437] ? ktime_get_ts64+0x86/0x230 [ 20.408581] kunit_try_run_case+0x1a5/0x480 [ 20.408626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.408658] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.408695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.408730] ? __kthread_parkme+0x82/0x180 [ 20.408762] ? preempt_count_sub+0x50/0x80 [ 20.408795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.408828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.408861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.408893] kthread+0x337/0x6f0 [ 20.408922] ? trace_preempt_on+0x20/0xc0 [ 20.408957] ? __pfx_kthread+0x10/0x10 [ 20.408988] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.409019] ? calculate_sigpending+0x7b/0xa0 [ 20.409050] ? __pfx_kthread+0x10/0x10 [ 20.409081] ret_from_fork+0x41/0x80 [ 20.409110] ? __pfx_kthread+0x10/0x10 [ 20.409141] ret_from_fork_asm+0x1a/0x30 [ 20.409186] </TASK> [ 20.409201] [ 20.429866] The buggy address belongs to the physical page: [ 20.430440] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cb4 [ 20.431114] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.431623] flags: 0x200000000000040(head|node=0|zone=2) [ 20.432398] page_type: f8(unknown) [ 20.432930] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.433664] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.434364] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.434987] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.436673] head: 0200000000000002 ffffea00040f2d01 00000000ffffffff 00000000ffffffff [ 20.437205] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.437856] page dumped because: kasan: bad access detected [ 20.438231] [ 20.438457] Memory state around the buggy address: [ 20.439046] ffff888103cb3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.439847] ffff888103cb3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.440469] >ffff888103cb4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.441214] ^ [ 20.441646] ffff888103cb4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.442246] ffff888103cb4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.442978] ================================================================== [ 20.531034] ================================================================== [ 20.531718] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 20.532728] Read of size 1 at addr ffff888103cb4000 by task kunit_try_catch/253 [ 20.533273] [ 20.534176] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.534764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.534803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.534866] Call Trace: [ 20.534921] <TASK> [ 20.534991] dump_stack_lvl+0x73/0xb0 [ 20.535082] print_report+0xd1/0x650 [ 20.535159] ? __virt_addr_valid+0x1db/0x2d0 [ 20.535218] ? mempool_uaf_helper+0x392/0x400 [ 20.535255] ? kasan_addr_to_slab+0x11/0xa0 [ 20.535287] ? mempool_uaf_helper+0x392/0x400 [ 20.535321] kasan_report+0x141/0x180 [ 20.535354] ? mempool_uaf_helper+0x392/0x400 [ 20.535394] __asan_report_load1_noabort+0x18/0x20 [ 20.535433] mempool_uaf_helper+0x392/0x400 [ 20.535559] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 20.535624] ? dequeue_entities+0xa24/0x1790 [ 20.535665] ? finish_task_switch.isra.0+0x153/0x700 [ 20.535706] mempool_page_alloc_uaf+0xed/0x140 [ 20.535736] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 20.535763] ? dequeue_task_fair+0x166/0x4e0 [ 20.535795] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 20.535826] ? __pfx_mempool_free_pages+0x10/0x10 [ 20.535857] ? __pfx_read_tsc+0x10/0x10 [ 20.535887] ? ktime_get_ts64+0x86/0x230 [ 20.535924] kunit_try_run_case+0x1a5/0x480 [ 20.535961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.535992] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.536027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.536061] ? __kthread_parkme+0x82/0x180 [ 20.536093] ? preempt_count_sub+0x50/0x80 [ 20.536126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.536160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.536194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.536227] kthread+0x337/0x6f0 [ 20.536257] ? trace_preempt_on+0x20/0xc0 [ 20.536291] ? __pfx_kthread+0x10/0x10 [ 20.536321] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.536355] ? calculate_sigpending+0x7b/0xa0 [ 20.536386] ? __pfx_kthread+0x10/0x10 [ 20.536418] ret_from_fork+0x41/0x80 [ 20.536466] ? __pfx_kthread+0x10/0x10 [ 20.536558] ret_from_fork_asm+0x1a/0x30 [ 20.536654] </TASK> [ 20.536689] [ 20.560809] The buggy address belongs to the physical page: [ 20.561241] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cb4 [ 20.562772] flags: 0x200000000000000(node=0|zone=2) [ 20.563221] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.564140] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.565054] page dumped because: kasan: bad access detected [ 20.565476] [ 20.565709] Memory state around the buggy address: [ 20.566142] ffff888103cb3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.567339] ffff888103cb3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.568512] >ffff888103cb4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.569095] ^ [ 20.569727] ffff888103cb4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.570394] ffff888103cb4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.571222] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 20.451061] ================================================================== [ 20.452125] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 20.452795] Read of size 1 at addr ffff888103c72240 by task kunit_try_catch/251 [ 20.453634] [ 20.453915] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.454053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.454092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.454158] Call Trace: [ 20.454198] <TASK> [ 20.454255] dump_stack_lvl+0x73/0xb0 [ 20.454353] print_report+0xd1/0x650 [ 20.454441] ? __virt_addr_valid+0x1db/0x2d0 [ 20.454544] ? mempool_uaf_helper+0x392/0x400 [ 20.454624] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.454701] ? mempool_uaf_helper+0x392/0x400 [ 20.454780] kasan_report+0x141/0x180 [ 20.454857] ? mempool_uaf_helper+0x392/0x400 [ 20.454952] __asan_report_load1_noabort+0x18/0x20 [ 20.455028] mempool_uaf_helper+0x392/0x400 [ 20.455107] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 20.455193] ? finish_task_switch.isra.0+0x153/0x700 [ 20.455297] mempool_slab_uaf+0xea/0x140 [ 20.455371] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 20.455435] ? dequeue_task_fair+0x166/0x4e0 [ 20.455660] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 20.455703] ? __pfx_mempool_free_slab+0x10/0x10 [ 20.455741] ? __pfx_read_tsc+0x10/0x10 [ 20.455773] ? ktime_get_ts64+0x86/0x230 [ 20.455815] kunit_try_run_case+0x1a5/0x480 [ 20.455856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.455892] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.455931] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.455967] ? __kthread_parkme+0x82/0x180 [ 20.456002] ? preempt_count_sub+0x50/0x80 [ 20.456040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.456076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.456111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.456146] kthread+0x337/0x6f0 [ 20.456179] ? trace_preempt_on+0x20/0xc0 [ 20.456217] ? __pfx_kthread+0x10/0x10 [ 20.456250] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.456287] ? calculate_sigpending+0x7b/0xa0 [ 20.456321] ? __pfx_kthread+0x10/0x10 [ 20.456355] ret_from_fork+0x41/0x80 [ 20.456387] ? __pfx_kthread+0x10/0x10 [ 20.456426] ret_from_fork_asm+0x1a/0x30 [ 20.456599] </TASK> [ 20.456619] [ 20.484999] Allocated by task 251: [ 20.485375] kasan_save_stack+0x45/0x70 [ 20.486169] kasan_save_track+0x18/0x40 [ 20.486583] kasan_save_alloc_info+0x3b/0x50 [ 20.487095] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 20.487736] remove_element+0x11e/0x190 [ 20.488162] mempool_alloc_preallocated+0x4d/0x90 [ 20.488588] mempool_uaf_helper+0x96/0x400 [ 20.489684] mempool_slab_uaf+0xea/0x140 [ 20.490048] kunit_try_run_case+0x1a5/0x480 [ 20.490484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.490982] kthread+0x337/0x6f0 [ 20.491320] ret_from_fork+0x41/0x80 [ 20.492340] ret_from_fork_asm+0x1a/0x30 [ 20.492950] [ 20.493395] Freed by task 251: [ 20.493687] kasan_save_stack+0x45/0x70 [ 20.494116] kasan_save_track+0x18/0x40 [ 20.495151] kasan_save_free_info+0x3f/0x60 [ 20.495523] __kasan_mempool_poison_object+0x131/0x1d0 [ 20.496113] mempool_free+0x2ec/0x380 [ 20.496428] mempool_uaf_helper+0x11a/0x400 [ 20.497398] mempool_slab_uaf+0xea/0x140 [ 20.498079] kunit_try_run_case+0x1a5/0x480 [ 20.498420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.499290] kthread+0x337/0x6f0 [ 20.500234] ret_from_fork+0x41/0x80 [ 20.500621] ret_from_fork_asm+0x1a/0x30 [ 20.501069] [ 20.501300] The buggy address belongs to the object at ffff888103c72240 [ 20.501300] which belongs to the cache test_cache of size 123 [ 20.502811] The buggy address is located 0 bytes inside of [ 20.502811] freed 123-byte region [ffff888103c72240, ffff888103c722bb) [ 20.504661] [ 20.505088] The buggy address belongs to the physical page: [ 20.505483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c72 [ 20.506155] flags: 0x200000000000000(node=0|zone=2) [ 20.507792] page_type: f5(slab) [ 20.508118] raw: 0200000000000000 ffff888101692c80 dead000000000122 0000000000000000 [ 20.509262] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.510121] page dumped because: kasan: bad access detected [ 20.510477] [ 20.511000] Memory state around the buggy address: [ 20.512046] ffff888103c72100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.512602] ffff888103c72180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.513325] >ffff888103c72200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 20.514455] ^ [ 20.515381] ffff888103c72280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.516028] ffff888103c72300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.516590] ================================================================== [ 20.336023] ================================================================== [ 20.337386] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 20.338408] Read of size 1 at addr ffff888103199f00 by task kunit_try_catch/247 [ 20.339665] [ 20.340111] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.340322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.340363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.340435] Call Trace: [ 20.340535] <TASK> [ 20.340596] dump_stack_lvl+0x73/0xb0 [ 20.340686] print_report+0xd1/0x650 [ 20.340764] ? __virt_addr_valid+0x1db/0x2d0 [ 20.340839] ? mempool_uaf_helper+0x392/0x400 [ 20.340920] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.340959] ? mempool_uaf_helper+0x392/0x400 [ 20.340994] kasan_report+0x141/0x180 [ 20.341026] ? mempool_uaf_helper+0x392/0x400 [ 20.341067] __asan_report_load1_noabort+0x18/0x20 [ 20.341097] mempool_uaf_helper+0x392/0x400 [ 20.341132] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 20.341165] ? dequeue_entities+0xa24/0x1790 [ 20.341205] ? irqentry_exit+0x2a/0x60 [ 20.341235] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 20.341278] mempool_kmalloc_uaf+0xef/0x140 [ 20.341314] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 20.341353] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.341385] ? __pfx_mempool_kfree+0x10/0x10 [ 20.341417] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 20.341609] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 20.341656] kunit_try_run_case+0x1a5/0x480 [ 20.341700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.341738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.341779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.341818] ? __kthread_parkme+0x82/0x180 [ 20.341854] ? preempt_count_sub+0x50/0x80 [ 20.341895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.341931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.341966] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.342003] kthread+0x337/0x6f0 [ 20.342037] ? trace_preempt_on+0x20/0xc0 [ 20.342075] ? __pfx_kthread+0x10/0x10 [ 20.342111] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.342146] ? calculate_sigpending+0x7b/0xa0 [ 20.342181] ? __pfx_kthread+0x10/0x10 [ 20.342215] ret_from_fork+0x41/0x80 [ 20.342250] ? __pfx_kthread+0x10/0x10 [ 20.342284] ret_from_fork_asm+0x1a/0x30 [ 20.342332] </TASK> [ 20.342348] [ 20.367081] Allocated by task 247: [ 20.367756] kasan_save_stack+0x45/0x70 [ 20.368469] kasan_save_track+0x18/0x40 [ 20.369119] kasan_save_alloc_info+0x3b/0x50 [ 20.369742] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.370358] remove_element+0x11e/0x190 [ 20.371217] mempool_alloc_preallocated+0x4d/0x90 [ 20.371879] mempool_uaf_helper+0x96/0x400 [ 20.372069] mempool_kmalloc_uaf+0xef/0x140 [ 20.372247] kunit_try_run_case+0x1a5/0x480 [ 20.372427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.373703] kthread+0x337/0x6f0 [ 20.374276] ret_from_fork+0x41/0x80 [ 20.374865] ret_from_fork_asm+0x1a/0x30 [ 20.375219] [ 20.375754] Freed by task 247: [ 20.376453] kasan_save_stack+0x45/0x70 [ 20.377329] kasan_save_track+0x18/0x40 [ 20.378066] kasan_save_free_info+0x3f/0x60 [ 20.378471] __kasan_mempool_poison_object+0x131/0x1d0 [ 20.379184] mempool_free+0x2ec/0x380 [ 20.379831] mempool_uaf_helper+0x11a/0x400 [ 20.380338] mempool_kmalloc_uaf+0xef/0x140 [ 20.380920] kunit_try_run_case+0x1a5/0x480 [ 20.381355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.382099] kthread+0x337/0x6f0 [ 20.382932] ret_from_fork+0x41/0x80 [ 20.383242] ret_from_fork_asm+0x1a/0x30 [ 20.383656] [ 20.383907] The buggy address belongs to the object at ffff888103199f00 [ 20.383907] which belongs to the cache kmalloc-128 of size 128 [ 20.385016] The buggy address is located 0 bytes inside of [ 20.385016] freed 128-byte region [ffff888103199f00, ffff888103199f80) [ 20.386012] [ 20.386253] The buggy address belongs to the physical page: [ 20.386764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 20.387445] flags: 0x200000000000000(node=0|zone=2) [ 20.387906] page_type: f5(slab) [ 20.388296] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.389633] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 20.390226] page dumped because: kasan: bad access detected [ 20.390683] [ 20.390924] Memory state around the buggy address: [ 20.391342] ffff888103199e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.392051] ffff888103199e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.392701] >ffff888103199f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.393261] ^ [ 20.394191] ffff888103199f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.394973] ffff88810319a000: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.395725] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 20.280217] ================================================================== [ 20.280968] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 20.281391] Read of size 1 at addr ffff8881029812bb by task kunit_try_catch/245 [ 20.281851] [ 20.283166] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.283455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.283482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.283549] Call Trace: [ 20.283578] <TASK> [ 20.283622] dump_stack_lvl+0x73/0xb0 [ 20.283682] print_report+0xd1/0x650 [ 20.283734] ? __virt_addr_valid+0x1db/0x2d0 [ 20.283784] ? mempool_oob_right_helper+0x318/0x380 [ 20.283833] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.283881] ? mempool_oob_right_helper+0x318/0x380 [ 20.283932] kasan_report+0x141/0x180 [ 20.283979] ? mempool_oob_right_helper+0x318/0x380 [ 20.284044] __asan_report_load1_noabort+0x18/0x20 [ 20.284089] mempool_oob_right_helper+0x318/0x380 [ 20.284142] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 20.284200] ? finish_task_switch.isra.0+0x153/0x700 [ 20.284259] mempool_slab_oob_right+0xed/0x140 [ 20.284302] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 20.284344] ? dequeue_task_fair+0x166/0x4e0 [ 20.284400] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 20.284446] ? __pfx_mempool_free_slab+0x10/0x10 [ 20.284507] ? __pfx_read_tsc+0x10/0x10 [ 20.284556] ? ktime_get_ts64+0x86/0x230 [ 20.284609] kunit_try_run_case+0x1a5/0x480 [ 20.284666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.284787] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.284933] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.285106] ? __kthread_parkme+0x82/0x180 [ 20.285202] ? preempt_count_sub+0x50/0x80 [ 20.285245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.285280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.285313] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.285345] kthread+0x337/0x6f0 [ 20.285375] ? trace_preempt_on+0x20/0xc0 [ 20.285436] ? __pfx_kthread+0x10/0x10 [ 20.285531] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.285568] ? calculate_sigpending+0x7b/0xa0 [ 20.285609] ? __pfx_kthread+0x10/0x10 [ 20.285642] ret_from_fork+0x41/0x80 [ 20.285674] ? __pfx_kthread+0x10/0x10 [ 20.285704] ret_from_fork_asm+0x1a/0x30 [ 20.285748] </TASK> [ 20.285763] [ 20.304755] Allocated by task 245: [ 20.305550] kasan_save_stack+0x45/0x70 [ 20.305883] kasan_save_track+0x18/0x40 [ 20.306114] kasan_save_alloc_info+0x3b/0x50 [ 20.306357] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 20.307335] remove_element+0x11e/0x190 [ 20.308093] mempool_alloc_preallocated+0x4d/0x90 [ 20.308360] mempool_oob_right_helper+0x8a/0x380 [ 20.308638] mempool_slab_oob_right+0xed/0x140 [ 20.308881] kunit_try_run_case+0x1a5/0x480 [ 20.309116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.309394] kthread+0x337/0x6f0 [ 20.310144] ret_from_fork+0x41/0x80 [ 20.311023] ret_from_fork_asm+0x1a/0x30 [ 20.311418] [ 20.311999] The buggy address belongs to the object at ffff888102981240 [ 20.311999] which belongs to the cache test_cache of size 123 [ 20.312590] The buggy address is located 0 bytes to the right of [ 20.312590] allocated 123-byte region [ffff888102981240, ffff8881029812bb) [ 20.313813] [ 20.313953] The buggy address belongs to the physical page: [ 20.314216] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102981 [ 20.315869] flags: 0x200000000000000(node=0|zone=2) [ 20.316467] page_type: f5(slab) [ 20.317021] raw: 0200000000000000 ffff888101ad4dc0 dead000000000122 0000000000000000 [ 20.317398] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.317900] page dumped because: kasan: bad access detected [ 20.318176] [ 20.318299] Memory state around the buggy address: [ 20.319442] ffff888102981180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.319960] ffff888102981200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 20.320460] >ffff888102981280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 20.320965] ^ [ 20.321358] ffff888102981300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.322798] ffff888102981380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.323328] ================================================================== [ 20.173398] ================================================================== [ 20.174381] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 20.175009] Read of size 1 at addr ffff888103c6a173 by task kunit_try_catch/241 [ 20.176649] [ 20.176938] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.177070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.177108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.177171] Call Trace: [ 20.177212] <TASK> [ 20.177275] dump_stack_lvl+0x73/0xb0 [ 20.177342] print_report+0xd1/0x650 [ 20.177387] ? __virt_addr_valid+0x1db/0x2d0 [ 20.177465] ? mempool_oob_right_helper+0x318/0x380 [ 20.177557] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.177654] ? mempool_oob_right_helper+0x318/0x380 [ 20.177737] kasan_report+0x141/0x180 [ 20.177812] ? mempool_oob_right_helper+0x318/0x380 [ 20.177908] __asan_report_load1_noabort+0x18/0x20 [ 20.177985] mempool_oob_right_helper+0x318/0x380 [ 20.178069] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 20.178148] ? dequeue_entities+0xa24/0x1790 [ 20.178234] ? finish_task_switch.isra.0+0x153/0x700 [ 20.178326] mempool_kmalloc_oob_right+0xf2/0x150 [ 20.178393] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 20.178444] ? dequeue_task_fair+0x166/0x4e0 [ 20.178557] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.178622] ? __pfx_mempool_kfree+0x10/0x10 [ 20.178656] ? __pfx_read_tsc+0x10/0x10 [ 20.178687] ? ktime_get_ts64+0x86/0x230 [ 20.178724] kunit_try_run_case+0x1a5/0x480 [ 20.178762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.178792] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.178828] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.178861] ? __kthread_parkme+0x82/0x180 [ 20.178893] ? preempt_count_sub+0x50/0x80 [ 20.178926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.178960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.178993] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.179024] kthread+0x337/0x6f0 [ 20.179055] ? trace_preempt_on+0x20/0xc0 [ 20.179090] ? __pfx_kthread+0x10/0x10 [ 20.179122] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.179153] ? calculate_sigpending+0x7b/0xa0 [ 20.179183] ? __pfx_kthread+0x10/0x10 [ 20.179215] ret_from_fork+0x41/0x80 [ 20.179244] ? __pfx_kthread+0x10/0x10 [ 20.179276] ret_from_fork_asm+0x1a/0x30 [ 20.179320] </TASK> [ 20.179334] [ 20.203258] Allocated by task 241: [ 20.204057] kasan_save_stack+0x45/0x70 [ 20.205146] kasan_save_track+0x18/0x40 [ 20.206114] kasan_save_alloc_info+0x3b/0x50 [ 20.207182] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.208262] remove_element+0x11e/0x190 [ 20.209142] mempool_alloc_preallocated+0x4d/0x90 [ 20.209641] mempool_oob_right_helper+0x8a/0x380 [ 20.209973] mempool_kmalloc_oob_right+0xf2/0x150 [ 20.210442] kunit_try_run_case+0x1a5/0x480 [ 20.211583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.212464] kthread+0x337/0x6f0 [ 20.213192] ret_from_fork+0x41/0x80 [ 20.213889] ret_from_fork_asm+0x1a/0x30 [ 20.214539] [ 20.214976] The buggy address belongs to the object at ffff888103c6a100 [ 20.214976] which belongs to the cache kmalloc-128 of size 128 [ 20.216155] The buggy address is located 0 bytes to the right of [ 20.216155] allocated 115-byte region [ffff888103c6a100, ffff888103c6a173) [ 20.217696] [ 20.218163] The buggy address belongs to the physical page: [ 20.218740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c6a [ 20.219796] flags: 0x200000000000000(node=0|zone=2) [ 20.220388] page_type: f5(slab) [ 20.220756] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.221415] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.222068] page dumped because: kasan: bad access detected [ 20.222348] [ 20.222990] Memory state around the buggy address: [ 20.223258] ffff888103c6a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.223648] ffff888103c6a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.224015] >ffff888103c6a100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.224486] ^ [ 20.226216] ffff888103c6a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.226590] ffff888103c6a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.227655] ================================================================== [ 20.235389] ================================================================== [ 20.236256] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 20.236844] Read of size 1 at addr ffff888103cb6001 by task kunit_try_catch/243 [ 20.237202] [ 20.237361] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 20.237456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.237482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.238000] Call Trace: [ 20.238029] <TASK> [ 20.238064] dump_stack_lvl+0x73/0xb0 [ 20.238120] print_report+0xd1/0x650 [ 20.238170] ? __virt_addr_valid+0x1db/0x2d0 [ 20.238215] ? mempool_oob_right_helper+0x318/0x380 [ 20.238270] ? kasan_addr_to_slab+0x11/0xa0 [ 20.238316] ? mempool_oob_right_helper+0x318/0x380 [ 20.238367] kasan_report+0x141/0x180 [ 20.238453] ? mempool_oob_right_helper+0x318/0x380 [ 20.238561] __asan_report_load1_noabort+0x18/0x20 [ 20.238633] mempool_oob_right_helper+0x318/0x380 [ 20.239110] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 20.239216] ? dequeue_entities+0xa24/0x1790 [ 20.239304] ? finish_task_switch.isra.0+0x153/0x700 [ 20.239393] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 20.239580] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 20.240072] ? dequeue_task_fair+0x166/0x4e0 [ 20.240134] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.240179] ? __pfx_mempool_kfree+0x10/0x10 [ 20.240225] ? __pfx_read_tsc+0x10/0x10 [ 20.240273] ? ktime_get_ts64+0x86/0x230 [ 20.240327] kunit_try_run_case+0x1a5/0x480 [ 20.240379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.240462] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.240538] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.240590] ? __kthread_parkme+0x82/0x180 [ 20.240634] ? preempt_count_sub+0x50/0x80 [ 20.240686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.240737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.240788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.240837] kthread+0x337/0x6f0 [ 20.240882] ? trace_preempt_on+0x20/0xc0 [ 20.240931] ? __pfx_kthread+0x10/0x10 [ 20.240978] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.241024] ? calculate_sigpending+0x7b/0xa0 [ 20.241068] ? __pfx_kthread+0x10/0x10 [ 20.241115] ret_from_fork+0x41/0x80 [ 20.241158] ? __pfx_kthread+0x10/0x10 [ 20.241223] ret_from_fork_asm+0x1a/0x30 [ 20.241298] </TASK> [ 20.241315] [ 20.255106] The buggy address belongs to the physical page: [ 20.255751] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cb4 [ 20.256513] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.257060] flags: 0x200000000000040(head|node=0|zone=2) [ 20.257519] page_type: f8(unknown) [ 20.257929] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.258688] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.259410] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.260195] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.260834] head: 0200000000000002 ffffea00040f2d01 00000000ffffffff 00000000ffffffff [ 20.261667] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.262281] page dumped because: kasan: bad access detected [ 20.262802] [ 20.263082] Memory state around the buggy address: [ 20.263620] ffff888103cb5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.264215] ffff888103cb5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.264805] >ffff888103cb6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.265303] ^ [ 20.265586] ffff888103cb6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.265929] ffff888103cb6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.266261] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 19.547888] ================================================================== [ 19.548769] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 19.549937] Read of size 1 at addr ffff888101ad4c80 by task kunit_try_catch/235 [ 19.550580] [ 19.551239] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 19.551384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.551441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.551568] Call Trace: [ 19.551653] <TASK> [ 19.551716] dump_stack_lvl+0x73/0xb0 [ 19.551797] print_report+0xd1/0x650 [ 19.551836] ? __virt_addr_valid+0x1db/0x2d0 [ 19.551873] ? kmem_cache_double_destroy+0x1bf/0x380 [ 19.551904] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.551934] ? kmem_cache_double_destroy+0x1bf/0x380 [ 19.551963] kasan_report+0x141/0x180 [ 19.551993] ? kmem_cache_double_destroy+0x1bf/0x380 [ 19.552026] ? kmem_cache_double_destroy+0x1bf/0x380 [ 19.552055] __kasan_check_byte+0x3d/0x50 [ 19.552086] kmem_cache_destroy+0x25/0x1d0 [ 19.552119] kmem_cache_double_destroy+0x1bf/0x380 [ 19.552148] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 19.552175] ? finish_task_switch.isra.0+0x153/0x700 [ 19.552209] ? __switch_to+0x5d9/0xf60 [ 19.552237] ? dequeue_task_fair+0x166/0x4e0 [ 19.552275] ? __pfx_read_tsc+0x10/0x10 [ 19.552302] ? ktime_get_ts64+0x86/0x230 [ 19.552340] kunit_try_run_case+0x1a5/0x480 [ 19.552374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.552404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.552475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.552544] ? __kthread_parkme+0x82/0x180 [ 19.552579] ? preempt_count_sub+0x50/0x80 [ 19.552612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.552644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.552675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.552708] kthread+0x337/0x6f0 [ 19.552737] ? trace_preempt_on+0x20/0xc0 [ 19.552771] ? __pfx_kthread+0x10/0x10 [ 19.552802] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.552833] ? calculate_sigpending+0x7b/0xa0 [ 19.552863] ? __pfx_kthread+0x10/0x10 [ 19.552894] ret_from_fork+0x41/0x80 [ 19.552922] ? __pfx_kthread+0x10/0x10 [ 19.552952] ret_from_fork_asm+0x1a/0x30 [ 19.552995] </TASK> [ 19.553008] [ 19.575084] Allocated by task 235: [ 19.575374] kasan_save_stack+0x45/0x70 [ 19.576215] kasan_save_track+0x18/0x40 [ 19.576796] kasan_save_alloc_info+0x3b/0x50 [ 19.577403] __kasan_slab_alloc+0x91/0xa0 [ 19.578020] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.578664] __kmem_cache_create_args+0x169/0x240 [ 19.579218] kmem_cache_double_destroy+0xd5/0x380 [ 19.579915] kunit_try_run_case+0x1a5/0x480 [ 19.580265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.580779] kthread+0x337/0x6f0 [ 19.581086] ret_from_fork+0x41/0x80 [ 19.582151] ret_from_fork_asm+0x1a/0x30 [ 19.582517] [ 19.582753] Freed by task 235: [ 19.583287] kasan_save_stack+0x45/0x70 [ 19.583919] kasan_save_track+0x18/0x40 [ 19.584820] kasan_save_free_info+0x3f/0x60 [ 19.585352] __kasan_slab_free+0x56/0x70 [ 19.585855] kmem_cache_free+0x249/0x420 [ 19.586252] slab_kmem_cache_release+0x2e/0x40 [ 19.586694] kmem_cache_release+0x16/0x20 [ 19.587226] kobject_put+0x181/0x450 [ 19.588068] sysfs_slab_release+0x16/0x20 [ 19.588383] kmem_cache_destroy+0xf0/0x1d0 [ 19.589088] kmem_cache_double_destroy+0x14e/0x380 [ 19.589637] kunit_try_run_case+0x1a5/0x480 [ 19.590315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.591050] kthread+0x337/0x6f0 [ 19.591355] ret_from_fork+0x41/0x80 [ 19.591957] ret_from_fork_asm+0x1a/0x30 [ 19.592718] [ 19.593181] The buggy address belongs to the object at ffff888101ad4c80 [ 19.593181] which belongs to the cache kmem_cache of size 208 [ 19.594242] The buggy address is located 0 bytes inside of [ 19.594242] freed 208-byte region [ffff888101ad4c80, ffff888101ad4d50) [ 19.595475] [ 19.596171] The buggy address belongs to the physical page: [ 19.596601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ad4 [ 19.597333] flags: 0x200000000000000(node=0|zone=2) [ 19.598208] page_type: f5(slab) [ 19.598563] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 19.599510] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 19.600047] page dumped because: kasan: bad access detected [ 19.600437] [ 19.601320] Memory state around the buggy address: [ 19.601740] ffff888101ad4b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.602379] ffff888101ad4c00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.603194] >ffff888101ad4c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.604224] ^ [ 19.604570] ffff888101ad4d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 19.605475] ffff888101ad4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.606259] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 19.465857] ================================================================== [ 19.466644] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.467958] Read of size 1 at addr ffff88810297c000 by task kunit_try_catch/233 [ 19.469092] [ 19.469291] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 19.469404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.469598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.469899] Call Trace: [ 19.469956] <TASK> [ 19.470015] dump_stack_lvl+0x73/0xb0 [ 19.470110] print_report+0xd1/0x650 [ 19.470187] ? __virt_addr_valid+0x1db/0x2d0 [ 19.470254] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.470284] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.470316] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.470344] kasan_report+0x141/0x180 [ 19.470375] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.470408] __asan_report_load1_noabort+0x18/0x20 [ 19.470445] kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.470562] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 19.470607] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.470653] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 19.470686] kunit_try_run_case+0x1a5/0x480 [ 19.470722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.470751] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.470784] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.470816] ? __kthread_parkme+0x82/0x180 [ 19.470848] ? preempt_count_sub+0x50/0x80 [ 19.470882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.470913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.470943] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.470973] kthread+0x337/0x6f0 [ 19.471001] ? trace_preempt_on+0x20/0xc0 [ 19.471036] ? __pfx_kthread+0x10/0x10 [ 19.471066] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.471095] ? calculate_sigpending+0x7b/0xa0 [ 19.471124] ? __pfx_kthread+0x10/0x10 [ 19.471154] ret_from_fork+0x41/0x80 [ 19.471184] ? __pfx_kthread+0x10/0x10 [ 19.471214] ret_from_fork_asm+0x1a/0x30 [ 19.471258] </TASK> [ 19.471273] [ 19.489078] Allocated by task 233: [ 19.489694] kasan_save_stack+0x45/0x70 [ 19.490197] kasan_save_track+0x18/0x40 [ 19.490742] kasan_save_alloc_info+0x3b/0x50 [ 19.491230] __kasan_slab_alloc+0x91/0xa0 [ 19.491821] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.492342] kmem_cache_rcu_uaf+0x155/0x510 [ 19.493184] kunit_try_run_case+0x1a5/0x480 [ 19.493848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.494324] kthread+0x337/0x6f0 [ 19.494789] ret_from_fork+0x41/0x80 [ 19.495299] ret_from_fork_asm+0x1a/0x30 [ 19.495937] [ 19.496162] Freed by task 0: [ 19.497002] kasan_save_stack+0x45/0x70 [ 19.497423] kasan_save_track+0x18/0x40 [ 19.498050] kasan_save_free_info+0x3f/0x60 [ 19.498609] __kasan_slab_free+0x56/0x70 [ 19.499060] slab_free_after_rcu_debug+0xe4/0x310 [ 19.499789] rcu_core+0x66c/0x1c30 [ 19.500180] rcu_core_si+0x12/0x20 [ 19.500896] handle_softirqs+0x209/0x730 [ 19.501308] __irq_exit_rcu+0xc9/0x110 [ 19.501957] irq_exit_rcu+0x12/0x20 [ 19.502414] sysvec_apic_timer_interrupt+0x81/0x90 [ 19.503035] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 19.503771] [ 19.504039] Last potentially related work creation: [ 19.504461] kasan_save_stack+0x45/0x70 [ 19.505217] kasan_record_aux_stack+0xb2/0xc0 [ 19.505880] kmem_cache_free+0x131/0x420 [ 19.506339] kmem_cache_rcu_uaf+0x194/0x510 [ 19.507063] kunit_try_run_case+0x1a5/0x480 [ 19.507257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.507531] kthread+0x337/0x6f0 [ 19.507987] ret_from_fork+0x41/0x80 [ 19.508983] ret_from_fork_asm+0x1a/0x30 [ 19.509476] [ 19.509715] The buggy address belongs to the object at ffff88810297c000 [ 19.509715] which belongs to the cache test_cache of size 200 [ 19.511222] The buggy address is located 0 bytes inside of [ 19.511222] freed 200-byte region [ffff88810297c000, ffff88810297c0c8) [ 19.512226] [ 19.512546] The buggy address belongs to the physical page: [ 19.513686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10297c [ 19.514382] flags: 0x200000000000000(node=0|zone=2) [ 19.515109] page_type: f5(slab) [ 19.515526] raw: 0200000000000000 ffff888101ad4b40 dead000000000122 0000000000000000 [ 19.516579] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.517480] page dumped because: kasan: bad access detected [ 19.518173] [ 19.518362] Memory state around the buggy address: [ 19.519242] ffff88810297bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.519853] ffff88810297bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.520398] >ffff88810297c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.520980] ^ [ 19.521344] ffff88810297c080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.522125] ffff88810297c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.523131] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 19.365994] ================================================================== [ 19.366817] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 19.367884] Free of addr ffff8881031b3001 by task kunit_try_catch/231 [ 19.368340] [ 19.369454] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 19.369670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.369707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.369768] Call Trace: [ 19.369805] <TASK> [ 19.369855] dump_stack_lvl+0x73/0xb0 [ 19.369939] print_report+0xd1/0x650 [ 19.370010] ? __virt_addr_valid+0x1db/0x2d0 [ 19.370064] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.370098] ? kmem_cache_invalid_free+0x1d8/0x460 [ 19.370129] kasan_report_invalid_free+0x10a/0x130 [ 19.370164] ? kmem_cache_invalid_free+0x1d8/0x460 [ 19.370197] ? kmem_cache_invalid_free+0x1d8/0x460 [ 19.370225] check_slab_allocation+0x11f/0x130 [ 19.370257] __kasan_slab_pre_free+0x28/0x40 [ 19.370288] kmem_cache_free+0xed/0x420 [ 19.370318] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.370349] ? kmem_cache_invalid_free+0x1d8/0x460 [ 19.370382] kmem_cache_invalid_free+0x1d8/0x460 [ 19.370411] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 19.370456] ? finish_task_switch.isra.0+0x153/0x700 [ 19.370550] ? __switch_to+0x5d9/0xf60 [ 19.370616] ? dequeue_task_fair+0x166/0x4e0 [ 19.370701] ? __pfx_read_tsc+0x10/0x10 [ 19.370765] ? ktime_get_ts64+0x86/0x230 [ 19.370805] kunit_try_run_case+0x1a5/0x480 [ 19.370844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.370875] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.370911] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.370946] ? __kthread_parkme+0x82/0x180 [ 19.370977] ? preempt_count_sub+0x50/0x80 [ 19.371011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.371043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.371074] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.371107] kthread+0x337/0x6f0 [ 19.371137] ? trace_preempt_on+0x20/0xc0 [ 19.371171] ? __pfx_kthread+0x10/0x10 [ 19.371203] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.371234] ? calculate_sigpending+0x7b/0xa0 [ 19.371264] ? __pfx_kthread+0x10/0x10 [ 19.371296] ret_from_fork+0x41/0x80 [ 19.371325] ? __pfx_kthread+0x10/0x10 [ 19.371356] ret_from_fork_asm+0x1a/0x30 [ 19.371400] </TASK> [ 19.371414] [ 19.394749] Allocated by task 231: [ 19.394965] kasan_save_stack+0x45/0x70 [ 19.395148] kasan_save_track+0x18/0x40 [ 19.395301] kasan_save_alloc_info+0x3b/0x50 [ 19.395548] __kasan_slab_alloc+0x91/0xa0 [ 19.396211] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.397209] kmem_cache_invalid_free+0x157/0x460 [ 19.398062] kunit_try_run_case+0x1a5/0x480 [ 19.398921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.399863] kthread+0x337/0x6f0 [ 19.400182] ret_from_fork+0x41/0x80 [ 19.400905] ret_from_fork_asm+0x1a/0x30 [ 19.401294] [ 19.402018] The buggy address belongs to the object at ffff8881031b3000 [ 19.402018] which belongs to the cache test_cache of size 200 [ 19.403702] The buggy address is located 1 bytes inside of [ 19.403702] 200-byte region [ffff8881031b3000, ffff8881031b30c8) [ 19.405088] [ 19.405250] The buggy address belongs to the physical page: [ 19.405637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031b3 [ 19.406541] flags: 0x200000000000000(node=0|zone=2) [ 19.407418] page_type: f5(slab) [ 19.408646] raw: 0200000000000000 ffff8881016928c0 dead000000000122 0000000000000000 [ 19.409215] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.410996] page dumped because: kasan: bad access detected [ 19.411295] [ 19.411871] Memory state around the buggy address: [ 19.412192] ffff8881031b2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.412666] ffff8881031b2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.413121] >ffff8881031b3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.413481] ^ [ 19.416050] ffff8881031b3080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 19.417080] ffff8881031b3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.417571] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 19.300784] ================================================================== [ 19.302023] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 19.302785] Free of addr ffff88810297b000 by task kunit_try_catch/229 [ 19.303907] [ 19.304241] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 19.304420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.304680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.304734] Call Trace: [ 19.304773] <TASK> [ 19.304815] dump_stack_lvl+0x73/0xb0 [ 19.304898] print_report+0xd1/0x650 [ 19.304938] ? __virt_addr_valid+0x1db/0x2d0 [ 19.304969] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.304999] ? kmem_cache_double_free+0x1e5/0x480 [ 19.305027] kasan_report_invalid_free+0x10a/0x130 [ 19.305060] ? kmem_cache_double_free+0x1e5/0x480 [ 19.305091] ? kmem_cache_double_free+0x1e5/0x480 [ 19.305118] check_slab_allocation+0x101/0x130 [ 19.305149] __kasan_slab_pre_free+0x28/0x40 [ 19.305178] kmem_cache_free+0xed/0x420 [ 19.305206] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.305234] ? kmem_cache_double_free+0x1e5/0x480 [ 19.305264] kmem_cache_double_free+0x1e5/0x480 [ 19.305292] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 19.305318] ? finish_task_switch.isra.0+0x153/0x700 [ 19.305351] ? __switch_to+0x5d9/0xf60 [ 19.305378] ? dequeue_task_fair+0x166/0x4e0 [ 19.305415] ? __pfx_read_tsc+0x10/0x10 [ 19.305441] ? ktime_get_ts64+0x86/0x230 [ 19.305477] kunit_try_run_case+0x1a5/0x480 [ 19.305545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.305616] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.305704] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.305760] ? __kthread_parkme+0x82/0x180 [ 19.305794] ? preempt_count_sub+0x50/0x80 [ 19.305827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.305859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.305890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.305920] kthread+0x337/0x6f0 [ 19.305948] ? trace_preempt_on+0x20/0xc0 [ 19.305982] ? __pfx_kthread+0x10/0x10 [ 19.306013] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.306044] ? calculate_sigpending+0x7b/0xa0 [ 19.306074] ? __pfx_kthread+0x10/0x10 [ 19.306105] ret_from_fork+0x41/0x80 [ 19.306133] ? __pfx_kthread+0x10/0x10 [ 19.306163] ret_from_fork_asm+0x1a/0x30 [ 19.306204] </TASK> [ 19.306218] [ 19.326641] Allocated by task 229: [ 19.327009] kasan_save_stack+0x45/0x70 [ 19.327361] kasan_save_track+0x18/0x40 [ 19.327952] kasan_save_alloc_info+0x3b/0x50 [ 19.328394] __kasan_slab_alloc+0x91/0xa0 [ 19.329666] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.330116] kmem_cache_double_free+0x14f/0x480 [ 19.330730] kunit_try_run_case+0x1a5/0x480 [ 19.331144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.331774] kthread+0x337/0x6f0 [ 19.332095] ret_from_fork+0x41/0x80 [ 19.332986] ret_from_fork_asm+0x1a/0x30 [ 19.333311] [ 19.333546] Freed by task 229: [ 19.333919] kasan_save_stack+0x45/0x70 [ 19.334292] kasan_save_track+0x18/0x40 [ 19.334751] kasan_save_free_info+0x3f/0x60 [ 19.335154] __kasan_slab_free+0x56/0x70 [ 19.335707] kmem_cache_free+0x249/0x420 [ 19.336132] kmem_cache_double_free+0x16a/0x480 [ 19.337049] kunit_try_run_case+0x1a5/0x480 [ 19.337461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.337868] kthread+0x337/0x6f0 [ 19.338384] ret_from_fork+0x41/0x80 [ 19.338954] ret_from_fork_asm+0x1a/0x30 [ 19.339366] [ 19.339738] The buggy address belongs to the object at ffff88810297b000 [ 19.339738] which belongs to the cache test_cache of size 200 [ 19.341203] The buggy address is located 0 bytes inside of [ 19.341203] 200-byte region [ffff88810297b000, ffff88810297b0c8) [ 19.342056] [ 19.342247] The buggy address belongs to the physical page: [ 19.342643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10297b [ 19.343305] flags: 0x200000000000000(node=0|zone=2) [ 19.344005] page_type: f5(slab) [ 19.344385] raw: 0200000000000000 ffff888101ad4a00 dead000000000122 0000000000000000 [ 19.345766] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.346256] page dumped because: kasan: bad access detected [ 19.346912] [ 19.347150] Memory state around the buggy address: [ 19.347760] ffff88810297af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.348266] ffff88810297af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.349309] >ffff88810297b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.350104] ^ [ 19.350600] ffff88810297b080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.351209] ffff88810297b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.351950] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 19.233844] ================================================================== [ 19.234533] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 19.235842] Read of size 1 at addr ffff8881031b20c8 by task kunit_try_catch/227 [ 19.236321] [ 19.236627] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 19.236755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.236781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.236813] Call Trace: [ 19.236831] <TASK> [ 19.236855] dump_stack_lvl+0x73/0xb0 [ 19.236910] print_report+0xd1/0x650 [ 19.236975] ? __virt_addr_valid+0x1db/0x2d0 [ 19.237007] ? kmem_cache_oob+0x402/0x530 [ 19.237033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.237065] ? kmem_cache_oob+0x402/0x530 [ 19.237092] kasan_report+0x141/0x180 [ 19.237124] ? kmem_cache_oob+0x402/0x530 [ 19.237157] __asan_report_load1_noabort+0x18/0x20 [ 19.237187] kmem_cache_oob+0x402/0x530 [ 19.237213] ? trace_hardirqs_on+0x37/0xe0 [ 19.237248] ? __pfx_kmem_cache_oob+0x10/0x10 [ 19.237274] ? finish_task_switch.isra.0+0x153/0x700 [ 19.237310] ? __switch_to+0x5d9/0xf60 [ 19.237343] ? dequeue_task_fair+0x156/0x4e0 [ 19.237383] ? __pfx_read_tsc+0x10/0x10 [ 19.237411] ? ktime_get_ts64+0x86/0x230 [ 19.237555] kunit_try_run_case+0x1a5/0x480 [ 19.237657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.237725] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.237797] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.237871] ? __kthread_parkme+0x82/0x180 [ 19.237939] ? preempt_count_sub+0x50/0x80 [ 19.238016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.238090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.238164] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.238216] kthread+0x337/0x6f0 [ 19.238249] ? trace_preempt_on+0x20/0xc0 [ 19.238281] ? __pfx_kthread+0x10/0x10 [ 19.238312] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.238344] ? calculate_sigpending+0x7b/0xa0 [ 19.238374] ? __pfx_kthread+0x10/0x10 [ 19.238404] ret_from_fork+0x41/0x80 [ 19.238451] ? __pfx_kthread+0x10/0x10 [ 19.238520] ret_from_fork_asm+0x1a/0x30 [ 19.238569] </TASK> [ 19.238584] [ 19.257389] Allocated by task 227: [ 19.258152] kasan_save_stack+0x45/0x70 [ 19.258594] kasan_save_track+0x18/0x40 [ 19.259020] kasan_save_alloc_info+0x3b/0x50 [ 19.259426] __kasan_slab_alloc+0x91/0xa0 [ 19.260176] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.260648] kmem_cache_oob+0x157/0x530 [ 19.261312] kunit_try_run_case+0x1a5/0x480 [ 19.261767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.262224] kthread+0x337/0x6f0 [ 19.262597] ret_from_fork+0x41/0x80 [ 19.263403] ret_from_fork_asm+0x1a/0x30 [ 19.263957] [ 19.264131] The buggy address belongs to the object at ffff8881031b2000 [ 19.264131] which belongs to the cache test_cache of size 200 [ 19.265374] The buggy address is located 0 bytes to the right of [ 19.265374] allocated 200-byte region [ffff8881031b2000, ffff8881031b20c8) [ 19.266890] [ 19.267001] The buggy address belongs to the physical page: [ 19.267193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031b2 [ 19.267528] flags: 0x200000000000000(node=0|zone=2) [ 19.268378] page_type: f5(slab) [ 19.269021] raw: 0200000000000000 ffff888101692780 dead000000000122 0000000000000000 [ 19.269916] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.270823] page dumped because: kasan: bad access detected [ 19.271290] [ 19.271721] Memory state around the buggy address: [ 19.271927] ffff8881031b1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.272165] ffff8881031b2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.272396] >ffff8881031b2080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 19.273052] ^ [ 19.274264] ffff8881031b2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.275224] ffff8881031b2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.275852] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 19.157179] ================================================================== [ 19.160160] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 19.161162] Read of size 8 at addr ffff8881031af1c0 by task kunit_try_catch/220 [ 19.162262] [ 19.162529] CPU: 0 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 19.162663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.162701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.162758] Call Trace: [ 19.162807] <TASK> [ 19.162862] dump_stack_lvl+0x73/0xb0 [ 19.162950] print_report+0xd1/0x650 [ 19.163030] ? __virt_addr_valid+0x1db/0x2d0 [ 19.163110] ? workqueue_uaf+0x4d6/0x560 [ 19.163182] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.163256] ? workqueue_uaf+0x4d6/0x560 [ 19.163333] kasan_report+0x141/0x180 [ 19.163410] ? workqueue_uaf+0x4d6/0x560 [ 19.163955] __asan_report_load8_noabort+0x18/0x20 [ 19.164037] workqueue_uaf+0x4d6/0x560 [ 19.164111] ? __pfx_workqueue_uaf+0x10/0x10 [ 19.164184] ? __schedule+0x10cc/0x2b30 [ 19.164255] ? __pfx_read_tsc+0x10/0x10 [ 19.164289] ? ktime_get_ts64+0x86/0x230 [ 19.164329] kunit_try_run_case+0x1a5/0x480 [ 19.164366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.164398] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.164557] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.164611] ? __kthread_parkme+0x82/0x180 [ 19.164646] ? preempt_count_sub+0x50/0x80 [ 19.164681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.164715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.164746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.164776] kthread+0x337/0x6f0 [ 19.164806] ? trace_preempt_on+0x20/0xc0 [ 19.164841] ? __pfx_kthread+0x10/0x10 [ 19.164871] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.164901] ? calculate_sigpending+0x7b/0xa0 [ 19.164930] ? __pfx_kthread+0x10/0x10 [ 19.164960] ret_from_fork+0x41/0x80 [ 19.164989] ? __pfx_kthread+0x10/0x10 [ 19.165019] ret_from_fork_asm+0x1a/0x30 [ 19.165062] </TASK> [ 19.165076] [ 19.183234] Allocated by task 220: [ 19.184077] kasan_save_stack+0x45/0x70 [ 19.184486] kasan_save_track+0x18/0x40 [ 19.185109] kasan_save_alloc_info+0x3b/0x50 [ 19.185622] __kasan_kmalloc+0xb7/0xc0 [ 19.186038] __kmalloc_cache_noprof+0x189/0x420 [ 19.186606] workqueue_uaf+0x152/0x560 [ 19.187047] kunit_try_run_case+0x1a5/0x480 [ 19.187598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.188140] kthread+0x337/0x6f0 [ 19.188641] ret_from_fork+0x41/0x80 [ 19.189127] ret_from_fork_asm+0x1a/0x30 [ 19.189621] [ 19.189860] Freed by task 9: [ 19.190902] kasan_save_stack+0x45/0x70 [ 19.191796] kasan_save_track+0x18/0x40 [ 19.192185] kasan_save_free_info+0x3f/0x60 [ 19.192660] __kasan_slab_free+0x56/0x70 [ 19.193055] kfree+0x222/0x3f0 [ 19.193513] workqueue_uaf_work+0x12/0x20 [ 19.193887] process_one_work+0x5ee/0xf60 [ 19.194360] worker_thread+0x725/0x1320 [ 19.194860] kthread+0x337/0x6f0 [ 19.195160] ret_from_fork+0x41/0x80 [ 19.195629] ret_from_fork_asm+0x1a/0x30 [ 19.196053] [ 19.196289] Last potentially related work creation: [ 19.196733] kasan_save_stack+0x45/0x70 [ 19.197126] kasan_record_aux_stack+0xb2/0xc0 [ 19.197462] __queue_work+0x626/0xeb0 [ 19.197798] queue_work_on+0xb6/0xc0 [ 19.198230] workqueue_uaf+0x26d/0x560 [ 19.198884] kunit_try_run_case+0x1a5/0x480 [ 19.199599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.199805] kthread+0x337/0x6f0 [ 19.199946] ret_from_fork+0x41/0x80 [ 19.200096] ret_from_fork_asm+0x1a/0x30 [ 19.200251] [ 19.200334] The buggy address belongs to the object at ffff8881031af1c0 [ 19.200334] which belongs to the cache kmalloc-32 of size 32 [ 19.201922] The buggy address is located 0 bytes inside of [ 19.201922] freed 32-byte region [ffff8881031af1c0, ffff8881031af1e0) [ 19.203758] [ 19.203912] The buggy address belongs to the physical page: [ 19.205017] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031af [ 19.206373] flags: 0x200000000000000(node=0|zone=2) [ 19.207381] page_type: f5(slab) [ 19.208169] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 19.209023] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.209692] page dumped because: kasan: bad access detected [ 19.210908] [ 19.211122] Memory state around the buggy address: [ 19.212183] ffff8881031af080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.213014] ffff8881031af100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.213950] >ffff8881031af180: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 19.214957] ^ [ 19.215291] ffff8881031af200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.216112] ffff8881031af280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.216641] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 19.069758] ================================================================== [ 19.071384] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 19.072247] Read of size 4 at addr ffff888102974900 by task swapper/1/0 [ 19.072883] [ 19.073149] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 19.073270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.073388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.073452] Call Trace: [ 19.073538] <IRQ> [ 19.073609] dump_stack_lvl+0x73/0xb0 [ 19.073693] print_report+0xd1/0x650 [ 19.073770] ? __virt_addr_valid+0x1db/0x2d0 [ 19.073853] ? rcu_uaf_reclaim+0x50/0x60 [ 19.073924] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.074258] ? rcu_uaf_reclaim+0x50/0x60 [ 19.074330] kasan_report+0x141/0x180 [ 19.074449] ? rcu_uaf_reclaim+0x50/0x60 [ 19.074560] __asan_report_load4_noabort+0x18/0x20 [ 19.074635] rcu_uaf_reclaim+0x50/0x60 [ 19.074705] rcu_core+0x66c/0x1c30 [ 19.074887] ? __pfx_rcu_core+0x10/0x10 [ 19.074925] ? ktime_get+0x6b/0x150 [ 19.074965] rcu_core_si+0x12/0x20 [ 19.074994] handle_softirqs+0x209/0x730 [ 19.075025] ? hrtimer_interrupt+0x2fe/0x780 [ 19.075056] ? __pfx_handle_softirqs+0x10/0x10 [ 19.075093] __irq_exit_rcu+0xc9/0x110 [ 19.075122] irq_exit_rcu+0x12/0x20 [ 19.075150] sysvec_apic_timer_interrupt+0x81/0x90 [ 19.075187] </IRQ> [ 19.075226] <TASK> [ 19.075241] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 19.075355] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 19.075722] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 43 c8 1b 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 19.075837] RSP: 0000:ffff88810086fdc8 EFLAGS: 00010212 [ 19.075953] RAX: ffff8881be53b000 RBX: ffff8881008353c0 RCX: ffffffff9a6cd0b5 [ 19.076015] RDX: ffffed102b626103 RSI: 0000000000000004 RDI: 0000000000020f2c [ 19.076071] RBP: ffff88810086fdd0 R08: 0000000000000001 R09: ffffed102b626102 [ 19.076129] R10: ffff88815b130813 R11: 0000000000044c00 R12: 0000000000000001 [ 19.076186] R13: ffffed1020106a78 R14: ffffffff9c3e7010 R15: 0000000000000000 [ 19.076261] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 19.076307] ? default_idle+0xd/0x20 [ 19.076333] arch_cpu_idle+0xd/0x20 [ 19.076358] default_idle_call+0x48/0x80 [ 19.076383] do_idle+0x379/0x4f0 [ 19.076414] ? __pfx_do_idle+0x10/0x10 [ 19.076526] cpu_startup_entry+0x5c/0x70 [ 19.076598] start_secondary+0x211/0x290 [ 19.076629] ? __pfx_start_secondary+0x10/0x10 [ 19.076663] common_startup_64+0x13e/0x148 [ 19.076706] </TASK> [ 19.076720] [ 19.102057] Allocated by task 218: [ 19.102777] kasan_save_stack+0x45/0x70 [ 19.103520] kasan_save_track+0x18/0x40 [ 19.104263] kasan_save_alloc_info+0x3b/0x50 [ 19.105002] __kasan_kmalloc+0xb7/0xc0 [ 19.105622] __kmalloc_cache_noprof+0x189/0x420 [ 19.106141] rcu_uaf+0xb0/0x330 [ 19.106820] kunit_try_run_case+0x1a5/0x480 [ 19.107727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.108252] kthread+0x337/0x6f0 [ 19.108810] ret_from_fork+0x41/0x80 [ 19.109537] ret_from_fork_asm+0x1a/0x30 [ 19.109756] [ 19.109854] Freed by task 0: [ 19.109983] kasan_save_stack+0x45/0x70 [ 19.110143] kasan_save_track+0x18/0x40 [ 19.110295] kasan_save_free_info+0x3f/0x60 [ 19.110453] __kasan_slab_free+0x56/0x70 [ 19.111737] kfree+0x222/0x3f0 [ 19.111986] rcu_uaf_reclaim+0x1f/0x60 [ 19.112220] rcu_core+0x66c/0x1c30 [ 19.112464] rcu_core_si+0x12/0x20 [ 19.113388] handle_softirqs+0x209/0x730 [ 19.114841] __irq_exit_rcu+0xc9/0x110 [ 19.115986] irq_exit_rcu+0x12/0x20 [ 19.116778] sysvec_apic_timer_interrupt+0x81/0x90 [ 19.117943] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 19.118841] [ 19.119270] Last potentially related work creation: [ 19.119783] kasan_save_stack+0x45/0x70 [ 19.120273] kasan_record_aux_stack+0xb2/0xc0 [ 19.120769] __call_rcu_common.constprop.0+0x72/0x9c0 [ 19.121383] call_rcu+0x12/0x20 [ 19.121729] rcu_uaf+0x168/0x330 [ 19.122165] kunit_try_run_case+0x1a5/0x480 [ 19.123587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.124254] kthread+0x337/0x6f0 [ 19.124776] ret_from_fork+0x41/0x80 [ 19.125149] ret_from_fork_asm+0x1a/0x30 [ 19.126082] [ 19.126294] The buggy address belongs to the object at ffff888102974900 [ 19.126294] which belongs to the cache kmalloc-32 of size 32 [ 19.127779] The buggy address is located 0 bytes inside of [ 19.127779] freed 32-byte region [ffff888102974900, ffff888102974920) [ 19.128967] [ 19.129163] The buggy address belongs to the physical page: [ 19.130086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102974 [ 19.131347] flags: 0x200000000000000(node=0|zone=2) [ 19.132337] page_type: f5(slab) [ 19.132657] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 19.133296] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.134281] page dumped because: kasan: bad access detected [ 19.135343] [ 19.135822] Memory state around the buggy address: [ 19.136202] ffff888102974800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.136708] ffff888102974880: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.137276] >ffff888102974900: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 19.138242] ^ [ 19.138678] ffff888102974980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.139225] ffff888102974a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.139930] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 17.094169] ================================================================== [ 17.095326] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 17.097383] Read of size 1 at addr ffff888103bc0000 by task kunit_try_catch/174 [ 17.097983] [ 17.098289] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.098677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.098695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.098727] Call Trace: [ 17.098744] <TASK> [ 17.098769] dump_stack_lvl+0x73/0xb0 [ 17.098811] print_report+0xd1/0x650 [ 17.098845] ? __virt_addr_valid+0x1db/0x2d0 [ 17.098878] ? page_alloc_uaf+0x356/0x3d0 [ 17.098910] ? kasan_addr_to_slab+0x11/0xa0 [ 17.098939] ? page_alloc_uaf+0x356/0x3d0 [ 17.098970] kasan_report+0x141/0x180 [ 17.099003] ? page_alloc_uaf+0x356/0x3d0 [ 17.099042] __asan_report_load1_noabort+0x18/0x20 [ 17.099071] page_alloc_uaf+0x356/0x3d0 [ 17.099103] ? __pfx_page_alloc_uaf+0x10/0x10 [ 17.099136] ? __schedule+0x10cc/0x2b30 [ 17.099171] ? __pfx_read_tsc+0x10/0x10 [ 17.099199] ? ktime_get_ts64+0x86/0x230 [ 17.099237] kunit_try_run_case+0x1a5/0x480 [ 17.099273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.099304] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.099338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.099372] ? __kthread_parkme+0x82/0x180 [ 17.099404] ? preempt_count_sub+0x50/0x80 [ 17.099453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.099527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.099564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.099597] kthread+0x337/0x6f0 [ 17.099628] ? trace_preempt_on+0x20/0xc0 [ 17.099664] ? __pfx_kthread+0x10/0x10 [ 17.099696] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.099727] ? calculate_sigpending+0x7b/0xa0 [ 17.099758] ? __pfx_kthread+0x10/0x10 [ 17.099789] ret_from_fork+0x41/0x80 [ 17.099818] ? __pfx_kthread+0x10/0x10 [ 17.099849] ret_from_fork_asm+0x1a/0x30 [ 17.099893] </TASK> [ 17.099908] [ 17.114530] The buggy address belongs to the physical page: [ 17.115114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103bc0 [ 17.115889] flags: 0x200000000000000(node=0|zone=2) [ 17.116397] page_type: f0(buddy) [ 17.116838] raw: 0200000000000000 ffff88817fffb470 ffff88817fffb470 0000000000000000 [ 17.117381] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 17.118009] page dumped because: kasan: bad access detected [ 17.118570] [ 17.118794] Memory state around the buggy address: [ 17.119248] ffff888103bbff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.119907] ffff888103bbff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.120574] >ffff888103bc0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.121120] ^ [ 17.121529] ffff888103bc0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.122077] ffff888103bc0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.122690] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 17.046693] ================================================================== [ 17.047694] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 17.047928] Free of addr ffff8881028a0001 by task kunit_try_catch/170 [ 17.048150] [ 17.048256] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.048316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.048332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.048359] Call Trace: [ 17.048374] <TASK> [ 17.048395] dump_stack_lvl+0x73/0xb0 [ 17.048430] print_report+0xd1/0x650 [ 17.048461] ? __virt_addr_valid+0x1db/0x2d0 [ 17.048491] ? kasan_addr_to_slab+0x11/0xa0 [ 17.048565] ? kfree+0x274/0x3f0 [ 17.048632] kasan_report_invalid_free+0x10a/0x130 [ 17.048707] ? kfree+0x274/0x3f0 [ 17.048778] ? kfree+0x274/0x3f0 [ 17.048840] __kasan_kfree_large+0x86/0xd0 [ 17.048914] free_large_kmalloc+0x4b/0x110 [ 17.048994] kfree+0x274/0x3f0 [ 17.049062] ? kmalloc_large_invalid_free+0x8f/0x2b0 [ 17.049140] kmalloc_large_invalid_free+0x120/0x2b0 [ 17.049213] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 17.049283] ? __schedule+0x10cc/0x2b30 [ 17.049355] ? __pfx_read_tsc+0x10/0x10 [ 17.049416] ? ktime_get_ts64+0x86/0x230 [ 17.049487] kunit_try_run_case+0x1a5/0x480 [ 17.049733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.049807] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.049882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.049959] ? __kthread_parkme+0x82/0x180 [ 17.050030] ? preempt_count_sub+0x50/0x80 [ 17.050110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.050188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.050265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.050335] kthread+0x337/0x6f0 [ 17.050394] ? trace_preempt_on+0x20/0xc0 [ 17.050447] ? __pfx_kthread+0x10/0x10 [ 17.050581] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.050648] ? calculate_sigpending+0x7b/0xa0 [ 17.050680] ? __pfx_kthread+0x10/0x10 [ 17.050711] ret_from_fork+0x41/0x80 [ 17.050739] ? __pfx_kthread+0x10/0x10 [ 17.050769] ret_from_fork_asm+0x1a/0x30 [ 17.050813] </TASK> [ 17.050826] [ 17.069456] The buggy address belongs to the physical page: [ 17.069967] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a0 [ 17.071244] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.072312] flags: 0x200000000000040(head|node=0|zone=2) [ 17.072769] page_type: f8(unknown) [ 17.073803] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.074423] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.075371] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.076231] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.077055] head: 0200000000000002 ffffea00040a2801 00000000ffffffff 00000000ffffffff [ 17.077788] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.078037] page dumped because: kasan: bad access detected [ 17.078218] [ 17.078298] Memory state around the buggy address: [ 17.079081] ffff88810289ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.079932] ffff88810289ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.080520] >ffff8881028a0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.081236] ^ [ 17.081711] ffff8881028a0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.082281] ffff8881028a0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.082900] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 17.001006] ================================================================== [ 17.001920] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 17.002895] Read of size 1 at addr ffff8881028a0000 by task kunit_try_catch/168 [ 17.004126] [ 17.004319] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 17.004384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.004400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.004429] Call Trace: [ 17.004466] <TASK> [ 17.004530] dump_stack_lvl+0x73/0xb0 [ 17.004618] print_report+0xd1/0x650 [ 17.004666] ? __virt_addr_valid+0x1db/0x2d0 [ 17.004696] ? kmalloc_large_uaf+0x2f1/0x340 [ 17.004726] ? kasan_addr_to_slab+0x11/0xa0 [ 17.004755] ? kmalloc_large_uaf+0x2f1/0x340 [ 17.004784] kasan_report+0x141/0x180 [ 17.004813] ? kmalloc_large_uaf+0x2f1/0x340 [ 17.004849] __asan_report_load1_noabort+0x18/0x20 [ 17.004875] kmalloc_large_uaf+0x2f1/0x340 [ 17.004905] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 17.004935] ? __schedule+0x10cc/0x2b30 [ 17.004968] ? __pfx_read_tsc+0x10/0x10 [ 17.004996] ? ktime_get_ts64+0x86/0x230 [ 17.005030] kunit_try_run_case+0x1a5/0x480 [ 17.005063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.005092] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.005124] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.005156] ? __kthread_parkme+0x82/0x180 [ 17.005185] ? preempt_count_sub+0x50/0x80 [ 17.005218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.005249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.005279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.005309] kthread+0x337/0x6f0 [ 17.005336] ? trace_preempt_on+0x20/0xc0 [ 17.005369] ? __pfx_kthread+0x10/0x10 [ 17.005399] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.005432] ? calculate_sigpending+0x7b/0xa0 [ 17.005523] ? __pfx_kthread+0x10/0x10 [ 17.005613] ret_from_fork+0x41/0x80 [ 17.005680] ? __pfx_kthread+0x10/0x10 [ 17.005752] ret_from_fork_asm+0x1a/0x30 [ 17.005864] </TASK> [ 17.005899] [ 17.029695] The buggy address belongs to the physical page: [ 17.030052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a0 [ 17.030446] flags: 0x200000000000000(node=0|zone=2) [ 17.032371] raw: 0200000000000000 ffffea00040a2908 ffff88815b139a80 0000000000000000 [ 17.033263] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 17.033884] page dumped because: kasan: bad access detected [ 17.034348] [ 17.034850] Memory state around the buggy address: [ 17.035778] ffff88810289ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.036282] ffff88810289ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.037031] >ffff8881028a0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.037812] ^ [ 17.038169] ffff8881028a0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.038958] ffff8881028a0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.040116] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.954211] ================================================================== [ 16.955352] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 16.956368] Write of size 1 at addr ffff888103b8a00a by task kunit_try_catch/166 [ 16.956925] [ 16.957181] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.957879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.958046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.958107] Call Trace: [ 16.958145] <TASK> [ 16.958176] dump_stack_lvl+0x73/0xb0 [ 16.958216] print_report+0xd1/0x650 [ 16.958249] ? __virt_addr_valid+0x1db/0x2d0 [ 16.958278] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.958309] ? kasan_addr_to_slab+0x11/0xa0 [ 16.958337] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.958367] kasan_report+0x141/0x180 [ 16.958398] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.958455] __asan_report_store1_noabort+0x1b/0x30 [ 16.958572] kmalloc_large_oob_right+0x2e9/0x330 [ 16.958644] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 16.958714] ? __schedule+0x10cc/0x2b30 [ 16.958777] ? __pfx_read_tsc+0x10/0x10 [ 16.958837] ? ktime_get_ts64+0x86/0x230 [ 16.958902] kunit_try_run_case+0x1a5/0x480 [ 16.958973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.959031] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.959067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.959100] ? __kthread_parkme+0x82/0x180 [ 16.959133] ? preempt_count_sub+0x50/0x80 [ 16.959171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.959203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.959234] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.959265] kthread+0x337/0x6f0 [ 16.959294] ? trace_preempt_on+0x20/0xc0 [ 16.959326] ? __pfx_kthread+0x10/0x10 [ 16.959356] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.959387] ? calculate_sigpending+0x7b/0xa0 [ 16.959416] ? __pfx_kthread+0x10/0x10 [ 16.959531] ret_from_fork+0x41/0x80 [ 16.959600] ? __pfx_kthread+0x10/0x10 [ 16.959635] ret_from_fork_asm+0x1a/0x30 [ 16.959680] </TASK> [ 16.959694] [ 16.979489] The buggy address belongs to the physical page: [ 16.980091] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b88 [ 16.981535] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.982115] flags: 0x200000000000040(head|node=0|zone=2) [ 16.983092] page_type: f8(unknown) [ 16.983429] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.984104] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.985196] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.986274] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.987012] head: 0200000000000002 ffffea00040ee201 00000000ffffffff 00000000ffffffff [ 16.987976] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.988646] page dumped because: kasan: bad access detected [ 16.988975] [ 16.989196] Memory state around the buggy address: [ 16.990311] ffff888103b89f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.991171] ffff888103b89f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.992008] >ffff888103b8a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.992601] ^ [ 16.992941] ffff888103b8a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.994156] ffff888103b8a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.994721] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.897193] ================================================================== [ 16.898158] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 16.899780] Write of size 1 at addr ffff888102db1f00 by task kunit_try_catch/164 [ 16.900680] [ 16.900846] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.900914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.900931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.900960] Call Trace: [ 16.900982] <TASK> [ 16.901008] dump_stack_lvl+0x73/0xb0 [ 16.901049] print_report+0xd1/0x650 [ 16.901082] ? __virt_addr_valid+0x1db/0x2d0 [ 16.901113] ? kmalloc_big_oob_right+0x316/0x370 [ 16.901143] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.901173] ? kmalloc_big_oob_right+0x316/0x370 [ 16.901204] kasan_report+0x141/0x180 [ 16.901234] ? kmalloc_big_oob_right+0x316/0x370 [ 16.901271] __asan_report_store1_noabort+0x1b/0x30 [ 16.901298] kmalloc_big_oob_right+0x316/0x370 [ 16.901332] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 16.901365] ? __schedule+0x10cc/0x2b30 [ 16.901398] ? __pfx_read_tsc+0x10/0x10 [ 16.901425] ? ktime_get_ts64+0x86/0x230 [ 16.901522] kunit_try_run_case+0x1a5/0x480 [ 16.901620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.901708] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.901816] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.901894] ? __kthread_parkme+0x82/0x180 [ 16.901972] ? preempt_count_sub+0x50/0x80 [ 16.902038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.902097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.902157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.902213] kthread+0x337/0x6f0 [ 16.902271] ? trace_preempt_on+0x20/0xc0 [ 16.902333] ? __pfx_kthread+0x10/0x10 [ 16.902388] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.902450] ? calculate_sigpending+0x7b/0xa0 [ 16.902535] ? __pfx_kthread+0x10/0x10 [ 16.902610] ret_from_fork+0x41/0x80 [ 16.902680] ? __pfx_kthread+0x10/0x10 [ 16.902776] ret_from_fork_asm+0x1a/0x30 [ 16.902907] </TASK> [ 16.902942] [ 16.921925] Allocated by task 164: [ 16.922259] kasan_save_stack+0x45/0x70 [ 16.923385] kasan_save_track+0x18/0x40 [ 16.924166] kasan_save_alloc_info+0x3b/0x50 [ 16.924838] __kasan_kmalloc+0xb7/0xc0 [ 16.925351] __kmalloc_cache_noprof+0x189/0x420 [ 16.926075] kmalloc_big_oob_right+0xa9/0x370 [ 16.926856] kunit_try_run_case+0x1a5/0x480 [ 16.927144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.928327] kthread+0x337/0x6f0 [ 16.928714] ret_from_fork+0x41/0x80 [ 16.929199] ret_from_fork_asm+0x1a/0x30 [ 16.929660] [ 16.929887] The buggy address belongs to the object at ffff888102db0000 [ 16.929887] which belongs to the cache kmalloc-8k of size 8192 [ 16.930778] The buggy address is located 0 bytes to the right of [ 16.930778] allocated 7936-byte region [ffff888102db0000, ffff888102db1f00) [ 16.931810] [ 16.932395] The buggy address belongs to the physical page: [ 16.932959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102db0 [ 16.935121] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.935841] flags: 0x200000000000040(head|node=0|zone=2) [ 16.936716] page_type: f5(slab) [ 16.937038] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 16.938220] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.938949] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 16.939714] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.940880] head: 0200000000000003 ffffea00040b6c01 00000000ffffffff 00000000ffffffff [ 16.941422] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.942363] page dumped because: kasan: bad access detected [ 16.943043] [ 16.943257] Memory state around the buggy address: [ 16.943825] ffff888102db1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.944867] ffff888102db1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.945746] >ffff888102db1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.946341] ^ [ 16.946826] ffff888102db1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.947406] ffff888102db2000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.948086] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.842144] ================================================================== [ 16.842810] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.843455] Write of size 1 at addr ffff888103199778 by task kunit_try_catch/162 [ 16.844952] [ 16.845478] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.845885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.845921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.845953] Call Trace: [ 16.845969] <TASK> [ 16.845990] dump_stack_lvl+0x73/0xb0 [ 16.846025] print_report+0xd1/0x650 [ 16.846055] ? __virt_addr_valid+0x1db/0x2d0 [ 16.846083] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.846117] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.846148] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.846183] kasan_report+0x141/0x180 [ 16.846214] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.846255] __asan_report_store1_noabort+0x1b/0x30 [ 16.846284] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.846321] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 16.846360] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 16.846401] kunit_try_run_case+0x1a5/0x480 [ 16.846435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.846523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.846606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.846657] ? __kthread_parkme+0x82/0x180 [ 16.846688] ? preempt_count_sub+0x50/0x80 [ 16.846722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.846753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.846783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.846814] kthread+0x337/0x6f0 [ 16.846842] ? trace_preempt_on+0x20/0xc0 [ 16.846876] ? __pfx_kthread+0x10/0x10 [ 16.846906] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.846935] ? calculate_sigpending+0x7b/0xa0 [ 16.846964] ? __pfx_kthread+0x10/0x10 [ 16.846994] ret_from_fork+0x41/0x80 [ 16.847022] ? __pfx_kthread+0x10/0x10 [ 16.847052] ret_from_fork_asm+0x1a/0x30 [ 16.847093] </TASK> [ 16.847105] [ 16.868199] Allocated by task 162: [ 16.869313] kasan_save_stack+0x45/0x70 [ 16.869717] kasan_save_track+0x18/0x40 [ 16.870132] kasan_save_alloc_info+0x3b/0x50 [ 16.871091] __kasan_kmalloc+0xb7/0xc0 [ 16.871418] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 16.872183] kmalloc_track_caller_oob_right+0x19a/0x520 [ 16.872970] kunit_try_run_case+0x1a5/0x480 [ 16.873540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.874064] kthread+0x337/0x6f0 [ 16.875025] ret_from_fork+0x41/0x80 [ 16.875192] ret_from_fork_asm+0x1a/0x30 [ 16.875353] [ 16.875448] The buggy address belongs to the object at ffff888103199700 [ 16.875448] which belongs to the cache kmalloc-128 of size 128 [ 16.876867] The buggy address is located 0 bytes to the right of [ 16.876867] allocated 120-byte region [ffff888103199700, ffff888103199778) [ 16.878082] [ 16.878318] The buggy address belongs to the physical page: [ 16.879242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 16.880654] flags: 0x200000000000000(node=0|zone=2) [ 16.881214] page_type: f5(slab) [ 16.882144] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.882870] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.883864] page dumped because: kasan: bad access detected [ 16.884270] [ 16.884429] Memory state around the buggy address: [ 16.885493] ffff888103199600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.886623] ffff888103199680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.887322] >ffff888103199700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.888436] ^ [ 16.889059] ffff888103199780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.889575] ffff888103199800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.890693] ================================================================== [ 16.794996] ================================================================== [ 16.796225] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.797176] Write of size 1 at addr ffff888103199678 by task kunit_try_catch/162 [ 16.798216] [ 16.798436] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.798780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.798984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.799016] Call Trace: [ 16.799035] <TASK> [ 16.799059] dump_stack_lvl+0x73/0xb0 [ 16.799099] print_report+0xd1/0x650 [ 16.799132] ? __virt_addr_valid+0x1db/0x2d0 [ 16.799162] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.799198] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.799230] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.799267] kasan_report+0x141/0x180 [ 16.799299] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.799342] __asan_report_store1_noabort+0x1b/0x30 [ 16.799371] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.799408] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 16.799545] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 16.799621] kunit_try_run_case+0x1a5/0x480 [ 16.799660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.799690] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.799723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.799755] ? __kthread_parkme+0x82/0x180 [ 16.799785] ? preempt_count_sub+0x50/0x80 [ 16.799819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.799850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.799880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.799909] kthread+0x337/0x6f0 [ 16.799937] ? trace_preempt_on+0x20/0xc0 [ 16.799970] ? __pfx_kthread+0x10/0x10 [ 16.800000] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.800029] ? calculate_sigpending+0x7b/0xa0 [ 16.800057] ? __pfx_kthread+0x10/0x10 [ 16.800087] ret_from_fork+0x41/0x80 [ 16.800118] ? __pfx_kthread+0x10/0x10 [ 16.800148] ret_from_fork_asm+0x1a/0x30 [ 16.800191] </TASK> [ 16.800205] [ 16.818827] Allocated by task 162: [ 16.819370] kasan_save_stack+0x45/0x70 [ 16.820048] kasan_save_track+0x18/0x40 [ 16.820653] kasan_save_alloc_info+0x3b/0x50 [ 16.821225] __kasan_kmalloc+0xb7/0xc0 [ 16.821960] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 16.822730] kmalloc_track_caller_oob_right+0x99/0x520 [ 16.823297] kunit_try_run_case+0x1a5/0x480 [ 16.823872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.824333] kthread+0x337/0x6f0 [ 16.825426] ret_from_fork+0x41/0x80 [ 16.825861] ret_from_fork_asm+0x1a/0x30 [ 16.826209] [ 16.826440] The buggy address belongs to the object at ffff888103199600 [ 16.826440] which belongs to the cache kmalloc-128 of size 128 [ 16.827283] The buggy address is located 0 bytes to the right of [ 16.827283] allocated 120-byte region [ffff888103199600, ffff888103199678) [ 16.829008] [ 16.829319] The buggy address belongs to the physical page: [ 16.830046] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 16.830998] flags: 0x200000000000000(node=0|zone=2) [ 16.831634] page_type: f5(slab) [ 16.832099] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.832901] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.833709] page dumped because: kasan: bad access detected [ 16.834313] [ 16.834551] Memory state around the buggy address: [ 16.835224] ffff888103199500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.836021] ffff888103199580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.836841] >ffff888103199600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.837563] ^ [ 16.838218] ffff888103199680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.838901] ffff888103199700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.839685] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.706335] ================================================================== [ 16.707372] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 16.708279] Read of size 1 at addr ffff8881021e3e3f by task kunit_try_catch/158 [ 16.709198] [ 16.709534] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.709683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.709721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.709816] Call Trace: [ 16.709856] <TASK> [ 16.709905] dump_stack_lvl+0x73/0xb0 [ 16.710001] print_report+0xd1/0x650 [ 16.710090] ? __virt_addr_valid+0x1db/0x2d0 [ 16.710185] ? kmalloc_oob_left+0x361/0x3c0 [ 16.710313] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.710405] ? kmalloc_oob_left+0x361/0x3c0 [ 16.710569] kasan_report+0x141/0x180 [ 16.710648] ? kmalloc_oob_left+0x361/0x3c0 [ 16.710697] __asan_report_load1_noabort+0x18/0x20 [ 16.710734] kmalloc_oob_left+0x361/0x3c0 [ 16.710773] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 16.710812] ? __schedule+0x10cc/0x2b30 [ 16.710854] ? __pfx_read_tsc+0x10/0x10 [ 16.710889] ? ktime_get_ts64+0x86/0x230 [ 16.710932] kunit_try_run_case+0x1a5/0x480 [ 16.710974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.711010] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.711049] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.711089] ? __kthread_parkme+0x82/0x180 [ 16.711126] ? preempt_count_sub+0x50/0x80 [ 16.711167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.711205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.711242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.711280] kthread+0x337/0x6f0 [ 16.711336] ? trace_preempt_on+0x20/0xc0 [ 16.711405] ? __pfx_kthread+0x10/0x10 [ 16.711499] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.711609] ? calculate_sigpending+0x7b/0xa0 [ 16.711659] ? __pfx_kthread+0x10/0x10 [ 16.711699] ret_from_fork+0x41/0x80 [ 16.711735] ? __pfx_kthread+0x10/0x10 [ 16.711774] ret_from_fork_asm+0x1a/0x30 [ 16.711825] </TASK> [ 16.711840] [ 16.728190] Allocated by task 1: [ 16.728678] kasan_save_stack+0x45/0x70 [ 16.729174] kasan_save_track+0x18/0x40 [ 16.729705] kasan_save_alloc_info+0x3b/0x50 [ 16.731631] __kasan_kmalloc+0xb7/0xc0 [ 16.732291] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 16.733130] kvasprintf+0xc5/0x150 [ 16.733873] __kthread_create_on_node+0x18b/0x3a0 [ 16.734470] kthread_create_on_node+0xab/0xe0 [ 16.735315] create_worker+0x3e5/0x7b0 [ 16.736148] alloc_unbound_pwq+0x8ea/0xdb0 [ 16.737142] apply_wqattrs_prepare+0x332/0xd20 [ 16.737548] apply_workqueue_attrs_locked+0x4d/0xa0 [ 16.737822] alloc_workqueue+0xcc7/0x1ad0 [ 16.737996] latency_fsnotify_init+0x1b/0x50 [ 16.738170] do_one_initcall+0xd8/0x370 [ 16.738329] kernel_init_freeable+0x420/0x6f0 [ 16.738533] kernel_init+0x23/0x1e0 [ 16.738879] ret_from_fork+0x41/0x80 [ 16.739199] ret_from_fork_asm+0x1a/0x30 [ 16.739713] [ 16.739947] The buggy address belongs to the object at ffff8881021e3e20 [ 16.739947] which belongs to the cache kmalloc-16 of size 16 [ 16.741149] The buggy address is located 18 bytes to the right of [ 16.741149] allocated 13-byte region [ffff8881021e3e20, ffff8881021e3e2d) [ 16.742166] [ 16.742383] The buggy address belongs to the physical page: [ 16.742856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1021e3 [ 16.743400] flags: 0x200000000000000(node=0|zone=2) [ 16.743938] page_type: f5(slab) [ 16.744314] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.744979] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.745370] page dumped because: kasan: bad access detected [ 16.745914] [ 16.746144] Memory state around the buggy address: [ 16.746655] ffff8881021e3d00: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 16.747290] ffff8881021e3d80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 16.747756] >ffff8881021e3e00: fa fb fc fc 00 05 fc fc 00 07 fc fc fc fc fc fc [ 16.749671] ^ [ 16.751774] ffff8881021e3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.752350] ffff8881021e3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.752796] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.604278] ================================================================== [ 16.605050] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 16.605937] Write of size 1 at addr ffff888103199578 by task kunit_try_catch/156 [ 16.607326] [ 16.607626] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.607752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.607789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.607847] Call Trace: [ 16.607889] <TASK> [ 16.607934] dump_stack_lvl+0x73/0xb0 [ 16.608012] print_report+0xd1/0x650 [ 16.608068] ? __virt_addr_valid+0x1db/0x2d0 [ 16.608105] ? kmalloc_oob_right+0x6bd/0x7f0 [ 16.608154] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.608186] ? kmalloc_oob_right+0x6bd/0x7f0 [ 16.608216] kasan_report+0x141/0x180 [ 16.608246] ? kmalloc_oob_right+0x6bd/0x7f0 [ 16.608282] __asan_report_store1_noabort+0x1b/0x30 [ 16.608310] kmalloc_oob_right+0x6bd/0x7f0 [ 16.608341] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.608371] ? __schedule+0x10cc/0x2b30 [ 16.608403] ? __pfx_read_tsc+0x10/0x10 [ 16.608429] ? ktime_get_ts64+0x86/0x230 [ 16.608535] kunit_try_run_case+0x1a5/0x480 [ 16.608602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.608635] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.608667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.608699] ? __kthread_parkme+0x82/0x180 [ 16.608728] ? preempt_count_sub+0x50/0x80 [ 16.608761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.608792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.608822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.608852] kthread+0x337/0x6f0 [ 16.608880] ? trace_preempt_on+0x20/0xc0 [ 16.608911] ? __pfx_kthread+0x10/0x10 [ 16.608940] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.608970] ? calculate_sigpending+0x7b/0xa0 [ 16.608998] ? __pfx_kthread+0x10/0x10 [ 16.609028] ret_from_fork+0x41/0x80 [ 16.609056] ? __pfx_kthread+0x10/0x10 [ 16.609086] ret_from_fork_asm+0x1a/0x30 [ 16.609127] </TASK> [ 16.609139] [ 16.629790] Allocated by task 156: [ 16.630416] kasan_save_stack+0x45/0x70 [ 16.631303] kasan_save_track+0x18/0x40 [ 16.631934] kasan_save_alloc_info+0x3b/0x50 [ 16.632366] __kasan_kmalloc+0xb7/0xc0 [ 16.633211] __kmalloc_cache_noprof+0x189/0x420 [ 16.634190] kmalloc_oob_right+0xa9/0x7f0 [ 16.634558] kunit_try_run_case+0x1a5/0x480 [ 16.635320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.636270] kthread+0x337/0x6f0 [ 16.636903] ret_from_fork+0x41/0x80 [ 16.637196] ret_from_fork_asm+0x1a/0x30 [ 16.638359] [ 16.638656] The buggy address belongs to the object at ffff888103199500 [ 16.638656] which belongs to the cache kmalloc-128 of size 128 [ 16.639558] The buggy address is located 5 bytes to the right of [ 16.639558] allocated 115-byte region [ffff888103199500, ffff888103199573) [ 16.641163] [ 16.641331] The buggy address belongs to the physical page: [ 16.641845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 16.643122] flags: 0x200000000000000(node=0|zone=2) [ 16.643860] page_type: f5(slab) [ 16.644375] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.645301] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.646455] page dumped because: kasan: bad access detected [ 16.647060] [ 16.647220] Memory state around the buggy address: [ 16.648331] ffff888103199400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.649207] ffff888103199480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.650204] >ffff888103199500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.651190] ^ [ 16.652009] ffff888103199580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.652599] ffff888103199600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.653445] ================================================================== [ 16.554271] ================================================================== [ 16.555837] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 16.556900] Write of size 1 at addr ffff888103199573 by task kunit_try_catch/156 [ 16.557861] [ 16.559575] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.560067] Tainted: [N]=TEST [ 16.560112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.560380] Call Trace: [ 16.560538] <TASK> [ 16.560761] dump_stack_lvl+0x73/0xb0 [ 16.560876] print_report+0xd1/0x650 [ 16.560921] ? __virt_addr_valid+0x1db/0x2d0 [ 16.560956] ? kmalloc_oob_right+0x6f0/0x7f0 [ 16.560986] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.561016] ? kmalloc_oob_right+0x6f0/0x7f0 [ 16.561046] kasan_report+0x141/0x180 [ 16.561076] ? kmalloc_oob_right+0x6f0/0x7f0 [ 16.561112] __asan_report_store1_noabort+0x1b/0x30 [ 16.561140] kmalloc_oob_right+0x6f0/0x7f0 [ 16.561171] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.561202] ? __schedule+0x10cc/0x2b30 [ 16.561235] ? __pfx_read_tsc+0x10/0x10 [ 16.561262] ? ktime_get_ts64+0x86/0x230 [ 16.561297] kunit_try_run_case+0x1a5/0x480 [ 16.561331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.561359] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.561392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.561424] ? __kthread_parkme+0x82/0x180 [ 16.561528] ? preempt_count_sub+0x50/0x80 [ 16.561634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.561672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.561718] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.561786] kthread+0x337/0x6f0 [ 16.561838] ? trace_preempt_on+0x20/0xc0 [ 16.561873] ? __pfx_kthread+0x10/0x10 [ 16.561903] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.561933] ? calculate_sigpending+0x7b/0xa0 [ 16.561962] ? __pfx_kthread+0x10/0x10 [ 16.561992] ret_from_fork+0x41/0x80 [ 16.562020] ? __pfx_kthread+0x10/0x10 [ 16.562050] ret_from_fork_asm+0x1a/0x30 [ 16.562131] </TASK> [ 16.562215] [ 16.576242] Allocated by task 156: [ 16.578041] kasan_save_stack+0x45/0x70 [ 16.578707] kasan_save_track+0x18/0x40 [ 16.579119] kasan_save_alloc_info+0x3b/0x50 [ 16.579723] __kasan_kmalloc+0xb7/0xc0 [ 16.580125] __kmalloc_cache_noprof+0x189/0x420 [ 16.580746] kmalloc_oob_right+0xa9/0x7f0 [ 16.581177] kunit_try_run_case+0x1a5/0x480 [ 16.582471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.582900] kthread+0x337/0x6f0 [ 16.583189] ret_from_fork+0x41/0x80 [ 16.583763] ret_from_fork_asm+0x1a/0x30 [ 16.584297] [ 16.584805] The buggy address belongs to the object at ffff888103199500 [ 16.584805] which belongs to the cache kmalloc-128 of size 128 [ 16.586115] The buggy address is located 0 bytes to the right of [ 16.586115] allocated 115-byte region [ffff888103199500, ffff888103199573) [ 16.587263] [ 16.588655] The buggy address belongs to the physical page: [ 16.589637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 16.590890] flags: 0x200000000000000(node=0|zone=2) [ 16.592051] page_type: f5(slab) [ 16.593122] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.593736] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.594450] page dumped because: kasan: bad access detected [ 16.594998] [ 16.595250] Memory state around the buggy address: [ 16.596465] ffff888103199400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.597168] ffff888103199480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.598017] >ffff888103199500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.599077] ^ [ 16.599657] ffff888103199580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.600402] ffff888103199600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.601099] ================================================================== [ 16.654677] ================================================================== [ 16.656405] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 16.657143] Read of size 1 at addr ffff888103199580 by task kunit_try_catch/156 [ 16.658236] [ 16.658518] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 16.658651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.658687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.658820] Call Trace: [ 16.658866] <TASK> [ 16.658913] dump_stack_lvl+0x73/0xb0 [ 16.658953] print_report+0xd1/0x650 [ 16.658987] ? __virt_addr_valid+0x1db/0x2d0 [ 16.659018] ? kmalloc_oob_right+0x68a/0x7f0 [ 16.659050] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.659081] ? kmalloc_oob_right+0x68a/0x7f0 [ 16.659113] kasan_report+0x141/0x180 [ 16.659145] ? kmalloc_oob_right+0x68a/0x7f0 [ 16.659182] __asan_report_load1_noabort+0x18/0x20 [ 16.659210] kmalloc_oob_right+0x68a/0x7f0 [ 16.659243] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.659276] ? __schedule+0x10cc/0x2b30 [ 16.659309] ? __pfx_read_tsc+0x10/0x10 [ 16.659336] ? ktime_get_ts64+0x86/0x230 [ 16.659372] kunit_try_run_case+0x1a5/0x480 [ 16.659406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.659440] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.659630] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.659707] ? __kthread_parkme+0x82/0x180 [ 16.659778] ? preempt_count_sub+0x50/0x80 [ 16.659856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.659913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.659949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.659981] kthread+0x337/0x6f0 [ 16.660012] ? trace_preempt_on+0x20/0xc0 [ 16.660046] ? __pfx_kthread+0x10/0x10 [ 16.660078] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.660109] ? calculate_sigpending+0x7b/0xa0 [ 16.660139] ? __pfx_kthread+0x10/0x10 [ 16.660170] ret_from_fork+0x41/0x80 [ 16.660199] ? __pfx_kthread+0x10/0x10 [ 16.660231] ret_from_fork_asm+0x1a/0x30 [ 16.660276] </TASK> [ 16.660290] [ 16.678212] Allocated by task 156: [ 16.678565] kasan_save_stack+0x45/0x70 [ 16.679153] kasan_save_track+0x18/0x40 [ 16.679663] kasan_save_alloc_info+0x3b/0x50 [ 16.680111] __kasan_kmalloc+0xb7/0xc0 [ 16.680696] __kmalloc_cache_noprof+0x189/0x420 [ 16.681099] kmalloc_oob_right+0xa9/0x7f0 [ 16.682382] kunit_try_run_case+0x1a5/0x480 [ 16.683758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.684146] kthread+0x337/0x6f0 [ 16.684484] ret_from_fork+0x41/0x80 [ 16.685234] ret_from_fork_asm+0x1a/0x30 [ 16.685697] [ 16.685898] The buggy address belongs to the object at ffff888103199500 [ 16.685898] which belongs to the cache kmalloc-128 of size 128 [ 16.687072] The buggy address is located 13 bytes to the right of [ 16.687072] allocated 115-byte region [ffff888103199500, ffff888103199573) [ 16.689344] [ 16.689761] The buggy address belongs to the physical page: [ 16.690274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103199 [ 16.691298] flags: 0x200000000000000(node=0|zone=2) [ 16.692112] page_type: f5(slab) [ 16.692613] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.693219] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.693609] page dumped because: kasan: bad access detected [ 16.693918] [ 16.694200] Memory state around the buggy address: [ 16.694669] ffff888103199480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.696142] ffff888103199500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.697128] >ffff888103199580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.697818] ^ [ 16.698100] ffff888103199600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.699184] ffff888103199680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.699668] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 194.858337] WARNING: CPU: 1 PID: 2740 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 194.859202] Modules linked in: [ 194.860326] CPU: 1 UID: 0 PID: 2740 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 194.861703] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 194.862239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 194.863804] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 194.864271] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 194.865913] RSP: 0000:ffff88810609fc78 EFLAGS: 00010286 [ 194.866127] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 194.866664] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9ac2327c [ 194.867910] RBP: ffff88810609fca0 R08: 0000000000000000 R09: ffffed1020c3ccc0 [ 194.868789] R10: ffff8881061e6607 R11: 0000000000000000 R12: ffffffff9ac23268 [ 194.869316] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810609fd38 [ 194.869976] FS: 0000000000000000(0000) GS:ffff8881be53b000(0000) knlGS:0000000000000000 [ 194.870721] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.871881] CR2: 00007ffff7ffe000 CR3: 000000005a0ba000 CR4: 00000000000006f0 [ 194.872554] DR0: ffffffff9cc88880 DR1: ffffffff9cc88881 DR2: ffffffff9cc88883 [ 194.873337] DR3: ffffffff9cc88885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 194.874130] Call Trace: [ 194.874826] <TASK> [ 194.875126] drm_test_rect_calc_vscale+0x108/0x270 [ 194.876003] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 194.876595] ? __schedule+0x10cc/0x2b30 [ 194.877110] ? __pfx_read_tsc+0x10/0x10 [ 194.877584] ? ktime_get_ts64+0x86/0x230 [ 194.878264] kunit_try_run_case+0x1a5/0x480 [ 194.878907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.879434] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 194.880231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 194.880919] ? __kthread_parkme+0x82/0x180 [ 194.881444] ? preempt_count_sub+0x50/0x80 [ 194.882209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.882743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 194.883845] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 194.884696] kthread+0x337/0x6f0 [ 194.885027] ? trace_preempt_on+0x20/0xc0 [ 194.885798] ? __pfx_kthread+0x10/0x10 [ 194.886250] ? _raw_spin_unlock_irq+0x47/0x80 [ 194.886845] ? calculate_sigpending+0x7b/0xa0 [ 194.887380] ? __pfx_kthread+0x10/0x10 [ 194.888095] ret_from_fork+0x41/0x80 [ 194.888451] ? __pfx_kthread+0x10/0x10 [ 194.889117] ret_from_fork_asm+0x1a/0x30 [ 194.889969] </TASK> [ 194.890249] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 194.894947] WARNING: CPU: 0 PID: 2742 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 194.895945] Modules linked in: [ 194.897323] CPU: 0 UID: 0 PID: 2742 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 194.898506] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 194.899392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 194.900290] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 194.900920] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 194.902237] RSP: 0000:ffff888106247c78 EFLAGS: 00010286 [ 194.902815] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 194.903443] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9ac232b4 [ 194.904332] RBP: ffff888106247ca0 R08: 0000000000000000 R09: ffffed1020c3cd00 [ 194.905101] R10: ffff8881061e6807 R11: 0000000000000000 R12: ffffffff9ac232a0 [ 194.905881] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888106247d38 [ 194.906397] FS: 0000000000000000(0000) GS:ffff8881be43b000(0000) knlGS:0000000000000000 [ 194.907397] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.908262] CR2: ffffffffffffffff CR3: 000000005a0ba000 CR4: 00000000000006f0 [ 194.909015] DR0: ffffffff9cc88880 DR1: ffffffff9cc88881 DR2: ffffffff9cc88882 [ 194.909842] DR3: ffffffff9cc88883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 194.910673] Call Trace: [ 194.910953] <TASK> [ 194.911238] drm_test_rect_calc_vscale+0x108/0x270 [ 194.912284] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 194.912763] ? __schedule+0x10cc/0x2b30 [ 194.913553] ? __pfx_read_tsc+0x10/0x10 [ 194.914166] ? ktime_get_ts64+0x86/0x230 [ 194.914612] kunit_try_run_case+0x1a5/0x480 [ 194.915136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.915836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 194.916821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 194.917308] ? __kthread_parkme+0x82/0x180 [ 194.917992] ? preempt_count_sub+0x50/0x80 [ 194.918490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.919297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 194.920137] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 194.921228] kthread+0x337/0x6f0 [ 194.921968] ? trace_preempt_on+0x20/0xc0 [ 194.922536] ? __pfx_kthread+0x10/0x10 [ 194.923403] ? _raw_spin_unlock_irq+0x47/0x80 [ 194.924093] ? calculate_sigpending+0x7b/0xa0 [ 194.924761] ? __pfx_kthread+0x10/0x10 [ 194.925740] ret_from_fork+0x41/0x80 [ 194.926407] ? __pfx_kthread+0x10/0x10 [ 194.926906] ret_from_fork_asm+0x1a/0x30 [ 194.927320] </TASK> [ 194.927596] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 194.756496] WARNING: CPU: 0 PID: 2728 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 194.757621] Modules linked in: [ 194.758514] CPU: 0 UID: 0 PID: 2728 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 194.759588] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 194.760429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 194.761443] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 194.762278] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 194.764129] RSP: 0000:ffff8881089ffc78 EFLAGS: 00010286 [ 194.764742] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 194.765513] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff9ac23280 [ 194.766738] RBP: ffff8881089ffca0 R08: 0000000000000000 R09: ffffed1020bc78c0 [ 194.767303] R10: ffff888105e3c607 R11: 0000000000000000 R12: ffffffff9ac23268 [ 194.767899] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881089ffd38 [ 194.768781] FS: 0000000000000000(0000) GS:ffff8881be43b000(0000) knlGS:0000000000000000 [ 194.769769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.770256] CR2: ffffffffffffffff CR3: 000000005a0ba000 CR4: 00000000000006f0 [ 194.771256] DR0: ffffffff9cc88880 DR1: ffffffff9cc88881 DR2: ffffffff9cc88882 [ 194.772130] DR3: ffffffff9cc88883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 194.773001] Call Trace: [ 194.773448] <TASK> [ 194.773986] drm_test_rect_calc_hscale+0x108/0x270 [ 194.775208] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 194.775818] ? __schedule+0x10cc/0x2b30 [ 194.776155] ? __pfx_read_tsc+0x10/0x10 [ 194.776482] ? ktime_get_ts64+0x86/0x230 [ 194.776780] kunit_try_run_case+0x1a5/0x480 [ 194.777069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.782456] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 194.783807] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 194.785651] ? __kthread_parkme+0x82/0x180 [ 194.787765] ? preempt_count_sub+0x50/0x80 [ 194.789096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.789527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 194.790122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 194.791132] kthread+0x337/0x6f0 [ 194.791529] ? trace_preempt_on+0x20/0xc0 [ 194.792551] ? __pfx_kthread+0x10/0x10 [ 194.793173] ? _raw_spin_unlock_irq+0x47/0x80 [ 194.793963] ? calculate_sigpending+0x7b/0xa0 [ 194.794990] ? __pfx_kthread+0x10/0x10 [ 194.795387] ret_from_fork+0x41/0x80 [ 194.795983] ? __pfx_kthread+0x10/0x10 [ 194.796453] ret_from_fork_asm+0x1a/0x30 [ 194.796896] </TASK> [ 194.797680] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 194.804959] WARNING: CPU: 1 PID: 2730 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 194.806034] Modules linked in: [ 194.806882] CPU: 1 UID: 0 PID: 2730 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 194.807734] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 194.807936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 194.809346] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 194.809918] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 194.811856] RSP: 0000:ffff8881089ffc78 EFLAGS: 00010286 [ 194.812379] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 194.813292] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff9ac232b8 [ 194.814132] RBP: ffff8881089ffca0 R08: 0000000000000000 R09: ffffed1020c3cc20 [ 194.814689] R10: ffff8881061e6107 R11: 0000000000000000 R12: ffffffff9ac232a0 [ 194.815563] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881089ffd38 [ 194.816230] FS: 0000000000000000(0000) GS:ffff8881be53b000(0000) knlGS:0000000000000000 [ 194.817197] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.817927] CR2: 00007ffff7ffe000 CR3: 000000005a0ba000 CR4: 00000000000006f0 [ 194.818548] DR0: ffffffff9cc88880 DR1: ffffffff9cc88881 DR2: ffffffff9cc88883 [ 194.819095] DR3: ffffffff9cc88885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 194.819656] Call Trace: [ 194.819939] <TASK> [ 194.821259] drm_test_rect_calc_hscale+0x108/0x270 [ 194.822029] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 194.822747] ? __schedule+0x10cc/0x2b30 [ 194.823291] ? __pfx_read_tsc+0x10/0x10 [ 194.823888] ? ktime_get_ts64+0x86/0x230 [ 194.824465] kunit_try_run_case+0x1a5/0x480 [ 194.825238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.825760] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 194.826295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 194.827094] ? __kthread_parkme+0x82/0x180 [ 194.827814] ? preempt_count_sub+0x50/0x80 [ 194.828272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.828965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 194.829799] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 194.830346] kthread+0x337/0x6f0 [ 194.831103] ? trace_preempt_on+0x20/0xc0 [ 194.831522] ? __pfx_kthread+0x10/0x10 [ 194.831913] ? _raw_spin_unlock_irq+0x47/0x80 [ 194.832397] ? calculate_sigpending+0x7b/0xa0 [ 194.832813] ? __pfx_kthread+0x10/0x10 [ 194.833623] ret_from_fork+0x41/0x80 [ 194.834102] ? __pfx_kthread+0x10/0x10 [ 194.834955] ret_from_fork_asm+0x1a/0x30 [ 194.835684] </TASK> [ 194.836009] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 193.565080] WARNING: CPU: 0 PID: 2526 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 193.566093] Modules linked in: [ 193.566972] CPU: 0 UID: 0 PID: 2526 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 193.568252] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 193.568892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 193.569756] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 193.570939] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 193.572229] RSP: 0000:ffff888105a17b30 EFLAGS: 00010246 [ 193.572712] RAX: dffffc0000000000 RBX: ffff888105a17c28 RCX: 0000000000000000 [ 193.573432] RDX: 1ffff11020b42f8e RSI: ffff888105a17c28 RDI: ffff888105a17c70 [ 193.574054] RBP: ffff888105a17b70 R08: ffff8881044a1000 R09: ffffffff9abc9f20 [ 193.574957] R10: 0000000000000003 R11: 0000000057645853 R12: ffff8881044a1000 [ 193.575947] R13: ffff88810031fae8 R14: ffff888105a17ba8 R15: 0000000000000000 [ 193.576618] FS: 0000000000000000(0000) GS:ffff8881be43b000(0000) knlGS:0000000000000000 [ 193.577587] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.578256] CR2: ffffffffffffffff CR3: 000000005a0ba000 CR4: 00000000000006f0 [ 193.579111] DR0: ffffffff9cc88880 DR1: ffffffff9cc88881 DR2: ffffffff9cc88882 [ 193.579875] DR3: ffffffff9cc88883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 193.580737] Call Trace: [ 193.581171] <TASK> [ 193.581531] ? add_dr+0xc1/0x1d0 [ 193.582090] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 193.582641] ? add_dr+0x148/0x1d0 [ 193.583237] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 193.584086] ? __drmm_add_action+0x1a4/0x280 [ 193.584550] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 193.585210] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 193.586176] ? __drmm_add_action_or_reset+0x22/0x50 [ 193.587016] ? __schedule+0x10cc/0x2b30 [ 193.587412] ? __pfx_read_tsc+0x10/0x10 [ 193.588233] ? ktime_get_ts64+0x86/0x230 [ 193.589009] kunit_try_run_case+0x1a5/0x480 [ 193.589859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.590632] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 193.590833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 193.591024] ? __kthread_parkme+0x82/0x180 [ 193.591304] ? preempt_count_sub+0x50/0x80 [ 193.592620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.593016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 193.593838] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 193.594347] kthread+0x337/0x6f0 [ 193.594933] ? trace_preempt_on+0x20/0xc0 [ 193.595420] ? __pfx_kthread+0x10/0x10 [ 193.596149] ? _raw_spin_unlock_irq+0x47/0x80 [ 193.596818] ? calculate_sigpending+0x7b/0xa0 [ 193.597386] ? __pfx_kthread+0x10/0x10 [ 193.598437] ret_from_fork+0x41/0x80 [ 193.598885] ? __pfx_kthread+0x10/0x10 [ 193.599262] ret_from_fork_asm+0x1a/0x30 [ 193.599722] </TASK> [ 193.600111] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 193.505203] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 193.505992] WARNING: CPU: 0 PID: 2522 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 193.507708] Modules linked in: [ 193.508103] CPU: 0 UID: 0 PID: 2522 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 193.509630] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 193.510282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 193.511564] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 193.512011] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 1b 87 84 00 48 c7 c1 20 4f bc 9a 4c 89 fa 48 c7 c7 80 4f bc 9a 48 89 c6 e8 62 0f 82 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 193.513139] RSP: 0000:ffff8881044a7b68 EFLAGS: 00010282 [ 193.513921] RAX: 0000000000000000 RBX: ffff8881044a7c40 RCX: 1ffffffff3724ab4 [ 193.514659] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 193.515168] RBP: ffff8881044a7b90 R08: 0000000000000000 R09: fffffbfff3724ab4 [ 193.515739] R10: 0000000000000003 R11: 0000000000036a08 R12: ffff8881044a7c18 [ 193.516850] R13: ffff8881086a0800 R14: ffff888105aad000 R15: ffff888108b5a500 [ 193.517629] FS: 0000000000000000(0000) GS:ffff8881be43b000(0000) knlGS:0000000000000000 [ 193.518334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.518961] CR2: ffffffffffffffff CR3: 000000005a0ba000 CR4: 00000000000006f0 [ 193.519559] DR0: ffffffff9cc88880 DR1: ffffffff9cc88881 DR2: ffffffff9cc88882 [ 193.520113] DR3: ffffffff9cc88883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 193.521276] Call Trace: [ 193.521753] <TASK> [ 193.522057] drm_test_framebuffer_free+0x1ab/0x610 [ 193.522804] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 193.523311] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 193.524032] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 193.524976] ? __drmm_add_action_or_reset+0x22/0x50 [ 193.525603] ? __schedule+0x10cc/0x2b30 [ 193.526312] ? __pfx_read_tsc+0x10/0x10 [ 193.526812] ? ktime_get_ts64+0x86/0x230 [ 193.527381] kunit_try_run_case+0x1a5/0x480 [ 193.528122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.528823] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 193.529265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 193.530339] ? __kthread_parkme+0x82/0x180 [ 193.531205] ? preempt_count_sub+0x50/0x80 [ 193.531842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.532289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 193.532781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 193.533555] kthread+0x337/0x6f0 [ 193.533892] ? trace_preempt_on+0x20/0xc0 [ 193.534394] ? __pfx_kthread+0x10/0x10 [ 193.535210] ? _raw_spin_unlock_irq+0x47/0x80 [ 193.535957] ? calculate_sigpending+0x7b/0xa0 [ 193.536579] ? __pfx_kthread+0x10/0x10 [ 193.537397] ret_from_fork+0x41/0x80 [ 193.538163] ? __pfx_kthread+0x10/0x10 [ 193.538708] ret_from_fork_asm+0x1a/0x30 [ 193.539240] </TASK> [ 193.539671] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 191.285360] WARNING: CPU: 0 PID: 1952 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 191.286194] Modules linked in: [ 191.286580] CPU: 0 UID: 0 PID: 1952 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 191.288287] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 191.289269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 191.290367] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 191.291324] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 d8 [ 191.292925] RSP: 0000:ffff8881057f7c90 EFLAGS: 00010246 [ 191.293312] RAX: dffffc0000000000 RBX: ffff888103ddc000 RCX: 0000000000000000 [ 191.294834] RDX: 1ffff110207bb832 RSI: ffffffff97deed08 RDI: ffff888103ddc190 [ 191.295478] RBP: ffff8881057f7ca0 R08: 1ffff11020063f69 R09: ffffed1020afef65 [ 191.296618] R10: 0000000000000003 R11: ffffffff9737ec38 R12: 0000000000000000 [ 191.297169] R13: ffff8881057f7d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 191.297928] FS: 0000000000000000(0000) GS:ffff8881be43b000(0000) knlGS:0000000000000000 [ 191.299076] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.299788] CR2: ffffffffffffffff CR3: 000000005a0ba000 CR4: 00000000000006f0 [ 191.300946] DR0: ffffffff9cc88880 DR1: ffffffff9cc88881 DR2: ffffffff9cc88882 [ 191.301796] DR3: ffffffff9cc88883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 191.302077] Call Trace: [ 191.302312] <TASK> [ 191.303029] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 191.304195] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 191.305296] ? __schedule+0x10cc/0x2b30 [ 191.305625] ? __pfx_read_tsc+0x10/0x10 [ 191.306521] ? ktime_get_ts64+0x86/0x230 [ 191.307298] kunit_try_run_case+0x1a5/0x480 [ 191.308423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 191.309067] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 191.309947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 191.310762] ? __kthread_parkme+0x82/0x180 [ 191.311719] ? preempt_count_sub+0x50/0x80 [ 191.312302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 191.312955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 191.313849] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 191.314847] kthread+0x337/0x6f0 [ 191.315188] ? trace_preempt_on+0x20/0xc0 [ 191.316060] ? __pfx_kthread+0x10/0x10 [ 191.316372] ? _raw_spin_unlock_irq+0x47/0x80 [ 191.316838] ? calculate_sigpending+0x7b/0xa0 [ 191.318035] ? __pfx_kthread+0x10/0x10 [ 191.318591] ret_from_fork+0x41/0x80 [ 191.319663] ? __pfx_kthread+0x10/0x10 [ 191.320402] ret_from_fork_asm+0x1a/0x30 [ 191.321096] </TASK> [ 191.321496] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 191.420050] WARNING: CPU: 1 PID: 1960 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 191.421138] Modules linked in: [ 191.421817] CPU: 1 UID: 0 PID: 1960 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 191.422996] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 191.424001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 191.425477] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 191.426240] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 d8 [ 191.427689] RSP: 0000:ffff888103dafc90 EFLAGS: 00010246 [ 191.428132] RAX: dffffc0000000000 RBX: ffff888108478000 RCX: 0000000000000000 [ 191.429158] RDX: 1ffff1102108f032 RSI: ffffffff97deed08 RDI: ffff888108478190 [ 191.429996] RBP: ffff888103dafca0 R08: 1ffff11020063f69 R09: ffffed10207b5f65 [ 191.430587] R10: 0000000000000003 R11: ffffffff9737ec38 R12: 0000000000000000 [ 191.431584] R13: ffff888103dafd38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 191.432147] FS: 0000000000000000(0000) GS:ffff8881be53b000(0000) knlGS:0000000000000000 [ 191.432824] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.433631] CR2: 00007ffff7ffe000 CR3: 000000005a0ba000 CR4: 00000000000006f0 [ 191.434213] DR0: ffffffff9cc88880 DR1: ffffffff9cc88881 DR2: ffffffff9cc88883 [ 191.435009] DR3: ffffffff9cc88885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 191.435629] Call Trace: [ 191.436185] <TASK> [ 191.436682] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 191.437674] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 191.438211] ? __schedule+0x10cc/0x2b30 [ 191.438870] ? __pfx_read_tsc+0x10/0x10 [ 191.439318] ? ktime_get_ts64+0x86/0x230 [ 191.439885] kunit_try_run_case+0x1a5/0x480 [ 191.440294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 191.440888] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 191.441342] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 191.442043] ? __kthread_parkme+0x82/0x180 [ 191.442862] ? preempt_count_sub+0x50/0x80 [ 191.443445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 191.444026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 191.444547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 191.445424] kthread+0x337/0x6f0 [ 191.446041] ? trace_preempt_on+0x20/0xc0 [ 191.446434] ? __pfx_kthread+0x10/0x10 [ 191.447009] ? _raw_spin_unlock_irq+0x47/0x80 [ 191.447660] ? calculate_sigpending+0x7b/0xa0 [ 191.448119] ? __pfx_kthread+0x10/0x10 [ 191.448681] ret_from_fork+0x41/0x80 [ 191.449123] ? __pfx_kthread+0x10/0x10 [ 191.449567] ret_from_fork_asm+0x1a/0x30 [ 191.451074] </TASK> [ 191.451599] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 142.528987] WARNING: CPU: 1 PID: 676 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 142.529664] Modules linked in: [ 142.530050] CPU: 1 UID: 0 PID: 676 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 142.532376] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.533590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.535551] RIP: 0010:intlog10+0x2a/0x40 [ 142.536764] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 142.539868] RSP: 0000:ffff888100cb7cb0 EFLAGS: 00010246 [ 142.541342] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020196fb4 [ 142.542611] RDX: 1ffffffff3552458 RSI: 1ffff11020196fb3 RDI: 0000000000000000 [ 142.543113] RBP: ffff888100cb7d60 R08: 0000000000000000 R09: ffffed1020528780 [ 142.543515] R10: ffff888102943c07 R11: 0000000000000000 R12: 1ffff11020196f97 [ 142.543876] R13: ffffffff9aa922c0 R14: 0000000000000000 R15: ffff888100cb7d38 [ 142.544247] FS: 0000000000000000(0000) GS:ffff8881be53b000(0000) knlGS:0000000000000000 [ 142.545468] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.546724] CR2: dffffc0000000000 CR3: 000000005a0ba000 CR4: 00000000000006f0 [ 142.547749] DR0: ffffffff9cc88880 DR1: ffffffff9cc88881 DR2: ffffffff9cc88883 [ 142.548346] DR3: ffffffff9cc88885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.549067] Call Trace: [ 142.549371] <TASK> [ 142.549958] ? intlog10_test+0xf2/0x220 [ 142.550732] ? __pfx_intlog10_test+0x10/0x10 [ 142.551131] ? __schedule+0x10cc/0x2b30 [ 142.551568] ? __pfx_read_tsc+0x10/0x10 [ 142.552005] ? ktime_get_ts64+0x86/0x230 [ 142.552751] kunit_try_run_case+0x1a5/0x480 [ 142.553322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.553770] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.554253] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.555071] ? __kthread_parkme+0x82/0x180 [ 142.555787] ? preempt_count_sub+0x50/0x80 [ 142.556315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.556865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.557336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.557991] kthread+0x337/0x6f0 [ 142.558407] ? trace_preempt_on+0x20/0xc0 [ 142.558920] ? __pfx_kthread+0x10/0x10 [ 142.559357] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.559885] ? calculate_sigpending+0x7b/0xa0 [ 142.560282] ? __pfx_kthread+0x10/0x10 [ 142.560704] ret_from_fork+0x41/0x80 [ 142.561883] ? __pfx_kthread+0x10/0x10 [ 142.562668] ret_from_fork_asm+0x1a/0x30 [ 142.563279] </TASK> [ 142.563909] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 142.460086] WARNING: CPU: 1 PID: 658 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 142.461344] Modules linked in: [ 142.461798] CPU: 1 UID: 0 PID: 658 Comm: kunit_try_catch Tainted: G B D N 6.15.0-rc3 #1 PREEMPT(voluntary) [ 142.462921] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 142.463357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.464588] RIP: 0010:intlog2+0xdf/0x110 [ 142.465133] Code: a9 9a c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 1f e5 56 ff 8b 45 e4 eb [ 142.466409] RSP: 0000:ffff8881064cfcb0 EFLAGS: 00010246 [ 142.467060] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020c99fb4 [ 142.468094] RDX: 1ffffffff35524ac RSI: 1ffff11020c99fb3 RDI: 0000000000000000 [ 142.468887] RBP: ffff8881064cfd60 R08: 0000000000000000 R09: ffffed1020528660 [ 142.469774] R10: ffff888102943307 R11: 0000000000000000 R12: 1ffff11020c99f97 [ 142.470341] R13: ffffffff9aa92560 R14: 0000000000000000 R15: ffff8881064cfd38 [ 142.471109] FS: 0000000000000000(0000) GS:ffff8881be53b000(0000) knlGS:0000000000000000 [ 142.472109] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.472807] CR2: dffffc0000000000 CR3: 000000005a0ba000 CR4: 00000000000006f0 [ 142.473396] DR0: ffffffff9cc88880 DR1: ffffffff9cc88881 DR2: ffffffff9cc88883 [ 142.473902] DR3: ffffffff9cc88885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.474801] Call Trace: [ 142.475116] <TASK> [ 142.475420] ? intlog2_test+0xf2/0x220 [ 142.476272] ? __pfx_intlog2_test+0x10/0x10 [ 142.476913] ? __schedule+0x10cc/0x2b30 [ 142.477419] ? __pfx_read_tsc+0x10/0x10 [ 142.477805] ? ktime_get_ts64+0x86/0x230 [ 142.478258] kunit_try_run_case+0x1a5/0x480 [ 142.478992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.479915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.480349] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.481020] ? __kthread_parkme+0x82/0x180 [ 142.481666] ? preempt_count_sub+0x50/0x80 [ 142.482061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.482548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.483033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.483568] kthread+0x337/0x6f0 [ 142.483934] ? trace_preempt_on+0x20/0xc0 [ 142.484721] ? __pfx_kthread+0x10/0x10 [ 142.485120] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.486001] ? calculate_sigpending+0x7b/0xa0 [ 142.486736] ? __pfx_kthread+0x10/0x10 [ 142.487184] ret_from_fork+0x41/0x80 [ 142.487790] ? __pfx_kthread+0x10/0x10 [ 142.488208] ret_from_fork_asm+0x1a/0x30 [ 142.488883] </TASK> [ 142.489169] ---[ end trace 0000000000000000 ]---