Date
May 23, 2025, 11:07 p.m.
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.373229] ================================================================== [ 14.373800] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.374548] Free of addr ffff888103928001 by task kunit_try_catch/262 [ 14.374923] [ 14.375020] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.375406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.375421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.375444] Call Trace: [ 14.375457] <TASK> [ 14.375473] dump_stack_lvl+0x73/0xb0 [ 14.375503] print_report+0xd1/0x650 [ 14.375525] ? __virt_addr_valid+0x1db/0x2d0 [ 14.375548] ? kasan_addr_to_slab+0x11/0xa0 [ 14.375568] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.375594] kasan_report_invalid_free+0x10a/0x130 [ 14.375619] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.375647] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.375672] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.375696] mempool_free+0x2ec/0x380 [ 14.375720] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.375745] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.375770] ? update_load_avg+0x1be/0x21b0 [ 14.375793] ? finish_task_switch.isra.0+0x153/0x700 [ 14.375820] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.375844] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.375868] ? dequeue_task_fair+0x166/0x4e0 [ 14.375948] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.375969] ? __pfx_mempool_kfree+0x10/0x10 [ 14.375991] ? __pfx_read_tsc+0x10/0x10 [ 14.376011] ? ktime_get_ts64+0x86/0x230 [ 14.376036] kunit_try_run_case+0x1a5/0x480 [ 14.376061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.376083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.376106] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.376129] ? __kthread_parkme+0x82/0x180 [ 14.376151] ? preempt_count_sub+0x50/0x80 [ 14.376175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.376199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.376221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.376244] kthread+0x337/0x6f0 [ 14.376260] ? trace_preempt_on+0x20/0xc0 [ 14.376283] ? __pfx_kthread+0x10/0x10 [ 14.376316] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.376337] ? calculate_sigpending+0x7b/0xa0 [ 14.376358] ? __pfx_kthread+0x10/0x10 [ 14.376377] ret_from_fork+0x41/0x80 [ 14.376398] ? __pfx_kthread+0x10/0x10 [ 14.376415] ret_from_fork_asm+0x1a/0x30 [ 14.376447] </TASK> [ 14.376458] [ 14.386166] The buggy address belongs to the physical page: [ 14.386562] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103928 [ 14.387068] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.387358] flags: 0x200000000000040(head|node=0|zone=2) [ 14.387538] page_type: f8(unknown) [ 14.387718] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.388065] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.388483] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.388958] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.389238] head: 0200000000000002 ffffea00040e4a01 00000000ffffffff 00000000ffffffff [ 14.389508] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.389853] page dumped because: kasan: bad access detected [ 14.390152] [ 14.390225] Memory state around the buggy address: [ 14.390391] ffff888103927f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.391091] ffff888103927f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.391398] >ffff888103928000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.391933] ^ [ 14.392167] ffff888103928080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.392407] ffff888103928100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.392728] ================================================================== [ 14.344255] ================================================================== [ 14.344832] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.345250] Free of addr ffff8881026f5a01 by task kunit_try_catch/260 [ 14.345583] [ 14.345706] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.345754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.345767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.345788] Call Trace: [ 14.345801] <TASK> [ 14.345816] dump_stack_lvl+0x73/0xb0 [ 14.345844] print_report+0xd1/0x650 [ 14.345866] ? __virt_addr_valid+0x1db/0x2d0 [ 14.345932] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.345958] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.345984] kasan_report_invalid_free+0x10a/0x130 [ 14.346009] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.346036] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.346060] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.346084] check_slab_allocation+0x11f/0x130 [ 14.346106] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.346130] mempool_free+0x2ec/0x380 [ 14.346153] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.346179] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.346204] ? dequeue_entities+0x852/0x1740 [ 14.346228] ? irqentry_exit+0x2a/0x60 [ 14.346250] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.346276] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.346310] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.346337] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.346357] ? __pfx_mempool_kfree+0x10/0x10 [ 14.346377] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.346403] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.346429] kunit_try_run_case+0x1a5/0x480 [ 14.346454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.346475] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.346497] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.346520] ? __kthread_parkme+0x82/0x180 [ 14.346541] ? preempt_count_sub+0x50/0x80 [ 14.346565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.346589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.346610] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.346633] kthread+0x337/0x6f0 [ 14.346649] ? trace_preempt_on+0x20/0xc0 [ 14.346679] ? __pfx_kthread+0x10/0x10 [ 14.346697] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.346718] ? calculate_sigpending+0x7b/0xa0 [ 14.346740] ? __pfx_kthread+0x10/0x10 [ 14.346758] ret_from_fork+0x41/0x80 [ 14.346780] ? __pfx_kthread+0x10/0x10 [ 14.346797] ret_from_fork_asm+0x1a/0x30 [ 14.346829] </TASK> [ 14.346840] [ 14.357814] Allocated by task 260: [ 14.358107] kasan_save_stack+0x45/0x70 [ 14.358329] kasan_save_track+0x18/0x40 [ 14.358567] kasan_save_alloc_info+0x3b/0x50 [ 14.358764] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.359137] remove_element+0x11e/0x190 [ 14.359341] mempool_alloc_preallocated+0x4d/0x90 [ 14.359682] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.359990] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.360294] kunit_try_run_case+0x1a5/0x480 [ 14.360522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.360697] kthread+0x337/0x6f0 [ 14.360814] ret_from_fork+0x41/0x80 [ 14.360957] ret_from_fork_asm+0x1a/0x30 [ 14.361152] [ 14.361247] The buggy address belongs to the object at ffff8881026f5a00 [ 14.361247] which belongs to the cache kmalloc-128 of size 128 [ 14.362216] The buggy address is located 1 bytes inside of [ 14.362216] 128-byte region [ffff8881026f5a00, ffff8881026f5a80) [ 14.362574] [ 14.362705] The buggy address belongs to the physical page: [ 14.362997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f5 [ 14.363728] flags: 0x200000000000000(node=0|zone=2) [ 14.364152] page_type: f5(slab) [ 14.364335] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.364665] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.364887] page dumped because: kasan: bad access detected [ 14.365089] [ 14.365205] Memory state around the buggy address: [ 14.365443] ffff8881026f5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.366017] ffff8881026f5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.366466] >ffff8881026f5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.366820] ^ [ 14.367129] ffff8881026f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.367524] ffff8881026f5b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.367845] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.301804] ================================================================== [ 14.302473] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.302768] Free of addr ffff888102acc000 by task kunit_try_catch/256 [ 14.303245] [ 14.303369] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.303418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.303430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.303452] Call Trace: [ 14.303463] <TASK> [ 14.303479] dump_stack_lvl+0x73/0xb0 [ 14.303508] print_report+0xd1/0x650 [ 14.303530] ? __virt_addr_valid+0x1db/0x2d0 [ 14.303553] ? kasan_addr_to_slab+0x11/0xa0 [ 14.303573] ? mempool_double_free_helper+0x184/0x370 [ 14.303598] kasan_report_invalid_free+0x10a/0x130 [ 14.303622] ? mempool_double_free_helper+0x184/0x370 [ 14.303649] ? mempool_double_free_helper+0x184/0x370 [ 14.303671] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.303696] mempool_free+0x2ec/0x380 [ 14.303719] mempool_double_free_helper+0x184/0x370 [ 14.303743] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.303766] ? update_load_avg+0x1be/0x21b0 [ 14.303789] ? finish_task_switch.isra.0+0x153/0x700 [ 14.303817] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.303842] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.303866] ? dequeue_task_fair+0x156/0x4e0 [ 14.303889] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.303908] ? __pfx_mempool_kfree+0x10/0x10 [ 14.303930] ? __pfx_read_tsc+0x10/0x10 [ 14.303949] ? ktime_get_ts64+0x86/0x230 [ 14.303974] kunit_try_run_case+0x1a5/0x480 [ 14.303998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.304019] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.304042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.304065] ? __kthread_parkme+0x82/0x180 [ 14.304086] ? preempt_count_sub+0x50/0x80 [ 14.304111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.304134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.304156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.304178] kthread+0x337/0x6f0 [ 14.304195] ? trace_preempt_on+0x20/0xc0 [ 14.304218] ? __pfx_kthread+0x10/0x10 [ 14.304236] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.304257] ? calculate_sigpending+0x7b/0xa0 [ 14.304277] ? __pfx_kthread+0x10/0x10 [ 14.304305] ret_from_fork+0x41/0x80 [ 14.304326] ? __pfx_kthread+0x10/0x10 [ 14.304345] ret_from_fork_asm+0x1a/0x30 [ 14.304375] </TASK> [ 14.304387] [ 14.312739] The buggy address belongs to the physical page: [ 14.313005] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102acc [ 14.313372] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.313646] flags: 0x200000000000040(head|node=0|zone=2) [ 14.314076] page_type: f8(unknown) [ 14.314237] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.314514] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.314758] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.315180] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.315666] head: 0200000000000002 ffffea00040ab301 00000000ffffffff 00000000ffffffff [ 14.315990] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.316218] page dumped because: kasan: bad access detected [ 14.316401] [ 14.316732] Memory state around the buggy address: [ 14.316967] ffff888102acbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.317554] ffff888102acbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.317882] >ffff888102acc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.318197] ^ [ 14.318371] ffff888102acc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.319400] ffff888102acc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.319716] ================================================================== [ 14.271850] ================================================================== [ 14.272400] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.272775] Free of addr ffff8881026f5600 by task kunit_try_catch/254 [ 14.273052] [ 14.273175] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.273222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.273235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.273258] Call Trace: [ 14.273271] <TASK> [ 14.273287] dump_stack_lvl+0x73/0xb0 [ 14.273329] print_report+0xd1/0x650 [ 14.273351] ? __virt_addr_valid+0x1db/0x2d0 [ 14.273374] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.273396] ? mempool_double_free_helper+0x184/0x370 [ 14.273419] kasan_report_invalid_free+0x10a/0x130 [ 14.273445] ? mempool_double_free_helper+0x184/0x370 [ 14.273471] ? mempool_double_free_helper+0x184/0x370 [ 14.273494] ? mempool_double_free_helper+0x184/0x370 [ 14.273518] check_slab_allocation+0x101/0x130 [ 14.273541] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.273565] mempool_free+0x2ec/0x380 [ 14.273591] mempool_double_free_helper+0x184/0x370 [ 14.273616] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.273643] ? dequeue_entities+0x852/0x1740 [ 14.273671] ? finish_task_switch.isra.0+0x153/0x700 [ 14.273699] mempool_kmalloc_double_free+0xed/0x140 [ 14.273722] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.273745] ? dequeue_task_fair+0x166/0x4e0 [ 14.273768] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.273787] ? __pfx_mempool_kfree+0x10/0x10 [ 14.273809] ? __pfx_read_tsc+0x10/0x10 [ 14.273828] ? ktime_get_ts64+0x86/0x230 [ 14.273854] kunit_try_run_case+0x1a5/0x480 [ 14.273953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.273979] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.274004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.274026] ? __kthread_parkme+0x82/0x180 [ 14.274048] ? preempt_count_sub+0x50/0x80 [ 14.274072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.274096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.274118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.274140] kthread+0x337/0x6f0 [ 14.274157] ? trace_preempt_on+0x20/0xc0 [ 14.274181] ? __pfx_kthread+0x10/0x10 [ 14.274198] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.274219] ? calculate_sigpending+0x7b/0xa0 [ 14.274240] ? __pfx_kthread+0x10/0x10 [ 14.274259] ret_from_fork+0x41/0x80 [ 14.274280] ? __pfx_kthread+0x10/0x10 [ 14.274309] ret_from_fork_asm+0x1a/0x30 [ 14.274340] </TASK> [ 14.274351] [ 14.284503] Allocated by task 254: [ 14.284685] kasan_save_stack+0x45/0x70 [ 14.284859] kasan_save_track+0x18/0x40 [ 14.285076] kasan_save_alloc_info+0x3b/0x50 [ 14.285354] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.285699] remove_element+0x11e/0x190 [ 14.285871] mempool_alloc_preallocated+0x4d/0x90 [ 14.286153] mempool_double_free_helper+0x8a/0x370 [ 14.286381] mempool_kmalloc_double_free+0xed/0x140 [ 14.286551] kunit_try_run_case+0x1a5/0x480 [ 14.286706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.286882] kthread+0x337/0x6f0 [ 14.287149] ret_from_fork+0x41/0x80 [ 14.287370] ret_from_fork_asm+0x1a/0x30 [ 14.287757] [ 14.287855] Freed by task 254: [ 14.288080] kasan_save_stack+0x45/0x70 [ 14.288247] kasan_save_track+0x18/0x40 [ 14.288444] kasan_save_free_info+0x3f/0x60 [ 14.288623] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.288795] mempool_free+0x2ec/0x380 [ 14.288928] mempool_double_free_helper+0x109/0x370 [ 14.289094] mempool_kmalloc_double_free+0xed/0x140 [ 14.289432] kunit_try_run_case+0x1a5/0x480 [ 14.289718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.290122] kthread+0x337/0x6f0 [ 14.290312] ret_from_fork+0x41/0x80 [ 14.290567] ret_from_fork_asm+0x1a/0x30 [ 14.290766] [ 14.290841] The buggy address belongs to the object at ffff8881026f5600 [ 14.290841] which belongs to the cache kmalloc-128 of size 128 [ 14.291887] The buggy address is located 0 bytes inside of [ 14.291887] 128-byte region [ffff8881026f5600, ffff8881026f5680) [ 14.292454] [ 14.292555] The buggy address belongs to the physical page: [ 14.292749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f5 [ 14.293092] flags: 0x200000000000000(node=0|zone=2) [ 14.293347] page_type: f5(slab) [ 14.293524] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.293938] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.294207] page dumped because: kasan: bad access detected [ 14.294468] [ 14.294543] Memory state around the buggy address: [ 14.294710] ffff8881026f5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.295188] ffff8881026f5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.295611] >ffff8881026f5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.295839] ^ [ 14.296200] ffff8881026f5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.296575] ffff8881026f5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.296848] ================================================================== [ 14.323412] ================================================================== [ 14.323930] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.324476] Free of addr ffff888103928000 by task kunit_try_catch/258 [ 14.324831] [ 14.325141] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.325192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.325207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.325227] Call Trace: [ 14.325241] <TASK> [ 14.325258] dump_stack_lvl+0x73/0xb0 [ 14.325289] print_report+0xd1/0x650 [ 14.325324] ? __virt_addr_valid+0x1db/0x2d0 [ 14.325348] ? kasan_addr_to_slab+0x11/0xa0 [ 14.325369] ? mempool_double_free_helper+0x184/0x370 [ 14.325394] kasan_report_invalid_free+0x10a/0x130 [ 14.325419] ? mempool_double_free_helper+0x184/0x370 [ 14.325445] ? mempool_double_free_helper+0x184/0x370 [ 14.325468] __kasan_mempool_poison_pages+0x115/0x130 [ 14.325493] mempool_free+0x290/0x380 [ 14.325517] mempool_double_free_helper+0x184/0x370 [ 14.325541] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.325565] ? dequeue_entities+0x852/0x1740 [ 14.325590] ? finish_task_switch.isra.0+0x153/0x700 [ 14.325616] mempool_page_alloc_double_free+0xe8/0x140 [ 14.325638] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.325659] ? dequeue_task_fair+0x166/0x4e0 [ 14.325681] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.325702] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.325724] ? __pfx_read_tsc+0x10/0x10 [ 14.325745] ? ktime_get_ts64+0x86/0x230 [ 14.325770] kunit_try_run_case+0x1a5/0x480 [ 14.325795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.325818] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.325841] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.325863] ? __kthread_parkme+0x82/0x180 [ 14.325954] ? preempt_count_sub+0x50/0x80 [ 14.325982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.326006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.326029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.326052] kthread+0x337/0x6f0 [ 14.326068] ? trace_preempt_on+0x20/0xc0 [ 14.326093] ? __pfx_kthread+0x10/0x10 [ 14.326111] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.326132] ? calculate_sigpending+0x7b/0xa0 [ 14.326155] ? __pfx_kthread+0x10/0x10 [ 14.326173] ret_from_fork+0x41/0x80 [ 14.326194] ? __pfx_kthread+0x10/0x10 [ 14.326212] ret_from_fork_asm+0x1a/0x30 [ 14.326244] </TASK> [ 14.326256] [ 14.334938] The buggy address belongs to the physical page: [ 14.335166] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103928 [ 14.335533] flags: 0x200000000000000(node=0|zone=2) [ 14.335733] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.336071] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.336323] page dumped because: kasan: bad access detected [ 14.336656] [ 14.336756] Memory state around the buggy address: [ 14.336986] ffff888103927f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.337268] ffff888103927f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.337563] >ffff888103928000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.337815] ^ [ 14.337961] ffff888103928080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.338272] ffff888103928100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.338565] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.187572] ================================================================== [ 14.188740] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.189670] Read of size 1 at addr ffff888103924000 by task kunit_try_catch/248 [ 14.190655] [ 14.191000] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.191057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.191071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.191093] Call Trace: [ 14.191108] <TASK> [ 14.191126] dump_stack_lvl+0x73/0xb0 [ 14.191169] print_report+0xd1/0x650 [ 14.191192] ? __virt_addr_valid+0x1db/0x2d0 [ 14.191216] ? mempool_uaf_helper+0x392/0x400 [ 14.191237] ? kasan_addr_to_slab+0x11/0xa0 [ 14.191258] ? mempool_uaf_helper+0x392/0x400 [ 14.191281] kasan_report+0x141/0x180 [ 14.191315] ? mempool_uaf_helper+0x392/0x400 [ 14.191341] __asan_report_load1_noabort+0x18/0x20 [ 14.191362] mempool_uaf_helper+0x392/0x400 [ 14.191384] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.191406] ? dequeue_entities+0x852/0x1740 [ 14.191432] ? finish_task_switch.isra.0+0x153/0x700 [ 14.191460] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.191484] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.191507] ? dequeue_task_fair+0x166/0x4e0 [ 14.191532] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.191554] ? __pfx_mempool_kfree+0x10/0x10 [ 14.191577] ? __pfx_read_tsc+0x10/0x10 [ 14.191599] ? ktime_get_ts64+0x86/0x230 [ 14.191626] kunit_try_run_case+0x1a5/0x480 [ 14.191652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.191674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.191698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.191721] ? __kthread_parkme+0x82/0x180 [ 14.191742] ? preempt_count_sub+0x50/0x80 [ 14.191767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.191790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.191812] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.191836] kthread+0x337/0x6f0 [ 14.191854] ? trace_preempt_on+0x20/0xc0 [ 14.191878] ? __pfx_kthread+0x10/0x10 [ 14.191897] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.191916] ? calculate_sigpending+0x7b/0xa0 [ 14.191939] ? __pfx_kthread+0x10/0x10 [ 14.191957] ret_from_fork+0x41/0x80 [ 14.191978] ? __pfx_kthread+0x10/0x10 [ 14.191996] ret_from_fork_asm+0x1a/0x30 [ 14.192028] </TASK> [ 14.192041] [ 14.206376] The buggy address belongs to the physical page: [ 14.206758] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103924 [ 14.207181] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.207622] flags: 0x200000000000040(head|node=0|zone=2) [ 14.207859] page_type: f8(unknown) [ 14.208121] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.208469] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.208806] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.209207] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.209564] head: 0200000000000002 ffffea00040e4901 00000000ffffffff 00000000ffffffff [ 14.209897] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.210230] page dumped because: kasan: bad access detected [ 14.210546] [ 14.210664] Memory state around the buggy address: [ 14.210862] ffff888103923f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.211222] ffff888103923f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.211603] >ffff888103924000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.211985] ^ [ 14.212307] ffff888103924080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.212691] ffff888103924100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.213079] ================================================================== [ 14.247840] ================================================================== [ 14.248336] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.248707] Read of size 1 at addr ffff888102ac8000 by task kunit_try_catch/252 [ 14.248962] [ 14.249140] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.249222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.249237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.249259] Call Trace: [ 14.249271] <TASK> [ 14.249289] dump_stack_lvl+0x73/0xb0 [ 14.249330] print_report+0xd1/0x650 [ 14.249352] ? __virt_addr_valid+0x1db/0x2d0 [ 14.249375] ? mempool_uaf_helper+0x392/0x400 [ 14.249397] ? kasan_addr_to_slab+0x11/0xa0 [ 14.249418] ? mempool_uaf_helper+0x392/0x400 [ 14.249441] kasan_report+0x141/0x180 [ 14.249463] ? mempool_uaf_helper+0x392/0x400 [ 14.249490] __asan_report_load1_noabort+0x18/0x20 [ 14.249510] mempool_uaf_helper+0x392/0x400 [ 14.249533] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.249555] ? dequeue_entities+0x852/0x1740 [ 14.249580] ? finish_task_switch.isra.0+0x153/0x700 [ 14.249607] mempool_page_alloc_uaf+0xed/0x140 [ 14.249627] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.249647] ? dequeue_task_fair+0x166/0x4e0 [ 14.249668] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.249690] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.249713] ? __pfx_read_tsc+0x10/0x10 [ 14.249733] ? ktime_get_ts64+0x86/0x230 [ 14.249759] kunit_try_run_case+0x1a5/0x480 [ 14.249782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.249804] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.249829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.249851] ? __kthread_parkme+0x82/0x180 [ 14.249874] ? preempt_count_sub+0x50/0x80 [ 14.249898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.249922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.249944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.249967] kthread+0x337/0x6f0 [ 14.249984] ? trace_preempt_on+0x20/0xc0 [ 14.250009] ? __pfx_kthread+0x10/0x10 [ 14.250027] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.250047] ? calculate_sigpending+0x7b/0xa0 [ 14.250069] ? __pfx_kthread+0x10/0x10 [ 14.250087] ret_from_fork+0x41/0x80 [ 14.250108] ? __pfx_kthread+0x10/0x10 [ 14.250126] ret_from_fork_asm+0x1a/0x30 [ 14.250210] </TASK> [ 14.250225] [ 14.260757] The buggy address belongs to the physical page: [ 14.261130] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac8 [ 14.261661] flags: 0x200000000000000(node=0|zone=2) [ 14.262173] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.262658] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.263146] page dumped because: kasan: bad access detected [ 14.263411] [ 14.263677] Memory state around the buggy address: [ 14.264156] ffff888102ac7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.264683] ffff888102ac7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.265231] >ffff888102ac8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.265692] ^ [ 14.266038] ffff888102ac8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.266339] ffff888102ac8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.266864] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.216708] ================================================================== [ 14.217285] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.217718] Read of size 1 at addr ffff888102a49240 by task kunit_try_catch/250 [ 14.218100] [ 14.218205] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.218254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.218266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.218288] Call Trace: [ 14.218314] <TASK> [ 14.218332] dump_stack_lvl+0x73/0xb0 [ 14.218363] print_report+0xd1/0x650 [ 14.218386] ? __virt_addr_valid+0x1db/0x2d0 [ 14.218409] ? mempool_uaf_helper+0x392/0x400 [ 14.218432] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.218456] ? mempool_uaf_helper+0x392/0x400 [ 14.218488] kasan_report+0x141/0x180 [ 14.218511] ? mempool_uaf_helper+0x392/0x400 [ 14.218538] __asan_report_load1_noabort+0x18/0x20 [ 14.218560] mempool_uaf_helper+0x392/0x400 [ 14.218583] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.218610] ? finish_task_switch.isra.0+0x153/0x700 [ 14.218639] mempool_slab_uaf+0xea/0x140 [ 14.218659] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.218684] ? dequeue_task_fair+0x166/0x4e0 [ 14.218708] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.218731] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.218753] ? __pfx_read_tsc+0x10/0x10 [ 14.218773] ? ktime_get_ts64+0x86/0x230 [ 14.218799] kunit_try_run_case+0x1a5/0x480 [ 14.218824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.218845] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.218869] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.218892] ? __kthread_parkme+0x82/0x180 [ 14.218915] ? preempt_count_sub+0x50/0x80 [ 14.218938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.218961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.218984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.219006] kthread+0x337/0x6f0 [ 14.219023] ? trace_preempt_on+0x20/0xc0 [ 14.219047] ? __pfx_kthread+0x10/0x10 [ 14.219065] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.219086] ? calculate_sigpending+0x7b/0xa0 [ 14.219108] ? __pfx_kthread+0x10/0x10 [ 14.219127] ret_from_fork+0x41/0x80 [ 14.219149] ? __pfx_kthread+0x10/0x10 [ 14.219167] ret_from_fork_asm+0x1a/0x30 [ 14.219199] </TASK> [ 14.219209] [ 14.227637] Allocated by task 250: [ 14.227819] kasan_save_stack+0x45/0x70 [ 14.228106] kasan_save_track+0x18/0x40 [ 14.228244] kasan_save_alloc_info+0x3b/0x50 [ 14.228820] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.229114] remove_element+0x11e/0x190 [ 14.229278] mempool_alloc_preallocated+0x4d/0x90 [ 14.229580] mempool_uaf_helper+0x96/0x400 [ 14.229787] mempool_slab_uaf+0xea/0x140 [ 14.229993] kunit_try_run_case+0x1a5/0x480 [ 14.230207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.230579] kthread+0x337/0x6f0 [ 14.230763] ret_from_fork+0x41/0x80 [ 14.230937] ret_from_fork_asm+0x1a/0x30 [ 14.231114] [ 14.231188] Freed by task 250: [ 14.231358] kasan_save_stack+0x45/0x70 [ 14.231522] kasan_save_track+0x18/0x40 [ 14.231788] kasan_save_free_info+0x3f/0x60 [ 14.231956] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.232130] mempool_free+0x2ec/0x380 [ 14.232261] mempool_uaf_helper+0x11a/0x400 [ 14.232419] mempool_slab_uaf+0xea/0x140 [ 14.232616] kunit_try_run_case+0x1a5/0x480 [ 14.232824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.233076] kthread+0x337/0x6f0 [ 14.233243] ret_from_fork+0x41/0x80 [ 14.233495] ret_from_fork_asm+0x1a/0x30 [ 14.233640] [ 14.233713] The buggy address belongs to the object at ffff888102a49240 [ 14.233713] which belongs to the cache test_cache of size 123 [ 14.234459] The buggy address is located 0 bytes inside of [ 14.234459] freed 123-byte region [ffff888102a49240, ffff888102a492bb) [ 14.234996] [ 14.235278] The buggy address belongs to the physical page: [ 14.235609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a49 [ 14.235924] flags: 0x200000000000000(node=0|zone=2) [ 14.236180] page_type: f5(slab) [ 14.236354] raw: 0200000000000000 ffff8881020d6780 dead000000000122 0000000000000000 [ 14.236774] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.237208] page dumped because: kasan: bad access detected [ 14.237398] [ 14.237471] Memory state around the buggy address: [ 14.237700] ffff888102a49100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.238192] ffff888102a49180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.238663] >ffff888102a49200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.238889] ^ [ 14.239059] ffff888102a49280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.239654] ffff888102a49300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.239983] ================================================================== [ 14.160243] ================================================================== [ 14.160860] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.161248] Read of size 1 at addr ffff888102a2de00 by task kunit_try_catch/246 [ 14.161569] [ 14.161712] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.161762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.161775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.161798] Call Trace: [ 14.161810] <TASK> [ 14.161829] dump_stack_lvl+0x73/0xb0 [ 14.161858] print_report+0xd1/0x650 [ 14.161881] ? __virt_addr_valid+0x1db/0x2d0 [ 14.161905] ? mempool_uaf_helper+0x392/0x400 [ 14.161927] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.161950] ? mempool_uaf_helper+0x392/0x400 [ 14.161973] kasan_report+0x141/0x180 [ 14.161995] ? mempool_uaf_helper+0x392/0x400 [ 14.162022] __asan_report_load1_noabort+0x18/0x20 [ 14.162043] mempool_uaf_helper+0x392/0x400 [ 14.162066] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.162088] ? update_load_avg+0x1be/0x21b0 [ 14.162112] ? irqentry_exit+0x2a/0x60 [ 14.162135] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.162160] mempool_kmalloc_uaf+0xef/0x140 [ 14.162183] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.162209] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.162230] ? __pfx_mempool_kfree+0x10/0x10 [ 14.162251] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.162276] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.162313] kunit_try_run_case+0x1a5/0x480 [ 14.162338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.162359] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.162383] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.162405] ? __kthread_parkme+0x82/0x180 [ 14.162427] ? preempt_count_sub+0x50/0x80 [ 14.162453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.162477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.162699] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.162733] kthread+0x337/0x6f0 [ 14.162751] ? trace_preempt_on+0x20/0xc0 [ 14.162776] ? __pfx_kthread+0x10/0x10 [ 14.162795] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.162816] ? calculate_sigpending+0x7b/0xa0 [ 14.162838] ? __pfx_kthread+0x10/0x10 [ 14.162857] ret_from_fork+0x41/0x80 [ 14.162878] ? __pfx_kthread+0x10/0x10 [ 14.162896] ret_from_fork_asm+0x1a/0x30 [ 14.162928] </TASK> [ 14.162941] [ 14.170962] Allocated by task 246: [ 14.171164] kasan_save_stack+0x45/0x70 [ 14.171356] kasan_save_track+0x18/0x40 [ 14.171544] kasan_save_alloc_info+0x3b/0x50 [ 14.171697] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.171959] remove_element+0x11e/0x190 [ 14.172176] mempool_alloc_preallocated+0x4d/0x90 [ 14.172420] mempool_uaf_helper+0x96/0x400 [ 14.172618] mempool_kmalloc_uaf+0xef/0x140 [ 14.172831] kunit_try_run_case+0x1a5/0x480 [ 14.173020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.173270] kthread+0x337/0x6f0 [ 14.173455] ret_from_fork+0x41/0x80 [ 14.173632] ret_from_fork_asm+0x1a/0x30 [ 14.173842] [ 14.173938] Freed by task 246: [ 14.174087] kasan_save_stack+0x45/0x70 [ 14.174318] kasan_save_track+0x18/0x40 [ 14.174530] kasan_save_free_info+0x3f/0x60 [ 14.174765] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.174976] mempool_free+0x2ec/0x380 [ 14.175109] mempool_uaf_helper+0x11a/0x400 [ 14.175259] mempool_kmalloc_uaf+0xef/0x140 [ 14.175424] kunit_try_run_case+0x1a5/0x480 [ 14.175666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.175941] kthread+0x337/0x6f0 [ 14.176110] ret_from_fork+0x41/0x80 [ 14.176320] ret_from_fork_asm+0x1a/0x30 [ 14.176638] [ 14.176738] The buggy address belongs to the object at ffff888102a2de00 [ 14.176738] which belongs to the cache kmalloc-128 of size 128 [ 14.177237] The buggy address is located 0 bytes inside of [ 14.177237] freed 128-byte region [ffff888102a2de00, ffff888102a2de80) [ 14.177818] [ 14.177937] The buggy address belongs to the physical page: [ 14.178158] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2d [ 14.178415] flags: 0x200000000000000(node=0|zone=2) [ 14.178584] page_type: f5(slab) [ 14.178744] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.179094] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.179557] page dumped because: kasan: bad access detected [ 14.179822] [ 14.179894] Memory state around the buggy address: [ 14.180141] ffff888102a2dd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.180465] ffff888102a2dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.180742] >ffff888102a2de00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.180956] ^ [ 14.181072] ffff888102a2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.181354] ffff888102a2df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.182016] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.107458] ================================================================== [ 14.107952] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.108372] Read of size 1 at addr ffff888103922001 by task kunit_try_catch/242 [ 14.108694] [ 14.108829] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.108882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.108946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.108968] Call Trace: [ 14.108983] <TASK> [ 14.109001] dump_stack_lvl+0x73/0xb0 [ 14.109033] print_report+0xd1/0x650 [ 14.109056] ? __virt_addr_valid+0x1db/0x2d0 [ 14.109079] ? mempool_oob_right_helper+0x318/0x380 [ 14.109102] ? kasan_addr_to_slab+0x11/0xa0 [ 14.109123] ? mempool_oob_right_helper+0x318/0x380 [ 14.109147] kasan_report+0x141/0x180 [ 14.109169] ? mempool_oob_right_helper+0x318/0x380 [ 14.109197] __asan_report_load1_noabort+0x18/0x20 [ 14.109219] mempool_oob_right_helper+0x318/0x380 [ 14.109244] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.109268] ? dequeue_entities+0x852/0x1740 [ 14.109293] ? finish_task_switch.isra.0+0x153/0x700 [ 14.109333] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 14.109357] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.109382] ? dequeue_task_fair+0x166/0x4e0 [ 14.109404] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.109424] ? __pfx_mempool_kfree+0x10/0x10 [ 14.109455] ? __pfx_read_tsc+0x10/0x10 [ 14.109476] ? ktime_get_ts64+0x86/0x230 [ 14.109502] kunit_try_run_case+0x1a5/0x480 [ 14.109526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.109547] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.109571] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.109593] ? __kthread_parkme+0x82/0x180 [ 14.109615] ? preempt_count_sub+0x50/0x80 [ 14.109639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.109662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.109684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.109707] kthread+0x337/0x6f0 [ 14.109723] ? trace_preempt_on+0x20/0xc0 [ 14.109747] ? __pfx_kthread+0x10/0x10 [ 14.109764] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.109785] ? calculate_sigpending+0x7b/0xa0 [ 14.109808] ? __pfx_kthread+0x10/0x10 [ 14.109826] ret_from_fork+0x41/0x80 [ 14.109846] ? __pfx_kthread+0x10/0x10 [ 14.109864] ret_from_fork_asm+0x1a/0x30 [ 14.109894] </TASK> [ 14.109906] [ 14.118533] The buggy address belongs to the physical page: [ 14.118843] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103920 [ 14.119314] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.119616] flags: 0x200000000000040(head|node=0|zone=2) [ 14.119841] page_type: f8(unknown) [ 14.120100] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.120379] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.120719] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.121114] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.121452] head: 0200000000000002 ffffea00040e4801 00000000ffffffff 00000000ffffffff [ 14.121804] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.122243] page dumped because: kasan: bad access detected [ 14.122557] [ 14.122655] Memory state around the buggy address: [ 14.122850] ffff888103921f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.123155] ffff888103921f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.123428] >ffff888103922000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.123744] ^ [ 14.123934] ffff888103922080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.124281] ffff888103922100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.124731] ================================================================== [ 14.077590] ================================================================== [ 14.078362] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.078741] Read of size 1 at addr ffff888102a2da73 by task kunit_try_catch/240 [ 14.079511] [ 14.079773] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.079854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.079868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.079892] Call Trace: [ 14.079907] <TASK> [ 14.079926] dump_stack_lvl+0x73/0xb0 [ 14.079961] print_report+0xd1/0x650 [ 14.080062] ? __virt_addr_valid+0x1db/0x2d0 [ 14.080092] ? mempool_oob_right_helper+0x318/0x380 [ 14.080115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.080137] ? mempool_oob_right_helper+0x318/0x380 [ 14.080161] kasan_report+0x141/0x180 [ 14.080184] ? mempool_oob_right_helper+0x318/0x380 [ 14.080212] __asan_report_load1_noabort+0x18/0x20 [ 14.080232] mempool_oob_right_helper+0x318/0x380 [ 14.080257] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.080280] ? dequeue_entities+0x852/0x1740 [ 14.080323] ? finish_task_switch.isra.0+0x153/0x700 [ 14.080351] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.080374] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 14.080397] ? dequeue_task_fair+0x166/0x4e0 [ 14.080419] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.080463] ? __pfx_mempool_kfree+0x10/0x10 [ 14.080485] ? __pfx_read_tsc+0x10/0x10 [ 14.080506] ? ktime_get_ts64+0x86/0x230 [ 14.080533] kunit_try_run_case+0x1a5/0x480 [ 14.080558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.080580] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.080605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.080628] ? __kthread_parkme+0x82/0x180 [ 14.080651] ? preempt_count_sub+0x50/0x80 [ 14.080674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.080698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.080720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.080742] kthread+0x337/0x6f0 [ 14.080759] ? trace_preempt_on+0x20/0xc0 [ 14.080784] ? __pfx_kthread+0x10/0x10 [ 14.080802] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.080822] ? calculate_sigpending+0x7b/0xa0 [ 14.080845] ? __pfx_kthread+0x10/0x10 [ 14.080864] ret_from_fork+0x41/0x80 [ 14.080884] ? __pfx_kthread+0x10/0x10 [ 14.080903] ret_from_fork_asm+0x1a/0x30 [ 14.080935] </TASK> [ 14.080947] [ 14.093604] Allocated by task 240: [ 14.094064] kasan_save_stack+0x45/0x70 [ 14.094292] kasan_save_track+0x18/0x40 [ 14.094698] kasan_save_alloc_info+0x3b/0x50 [ 14.095178] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.095469] remove_element+0x11e/0x190 [ 14.095620] mempool_alloc_preallocated+0x4d/0x90 [ 14.095864] mempool_oob_right_helper+0x8a/0x380 [ 14.096064] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.096373] kunit_try_run_case+0x1a5/0x480 [ 14.096574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.096855] kthread+0x337/0x6f0 [ 14.097048] ret_from_fork+0x41/0x80 [ 14.097273] ret_from_fork_asm+0x1a/0x30 [ 14.097492] [ 14.097570] The buggy address belongs to the object at ffff888102a2da00 [ 14.097570] which belongs to the cache kmalloc-128 of size 128 [ 14.098068] The buggy address is located 0 bytes to the right of [ 14.098068] allocated 115-byte region [ffff888102a2da00, ffff888102a2da73) [ 14.098721] [ 14.098842] The buggy address belongs to the physical page: [ 14.099101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2d [ 14.099676] flags: 0x200000000000000(node=0|zone=2) [ 14.100098] page_type: f5(slab) [ 14.100263] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.100576] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.100997] page dumped because: kasan: bad access detected [ 14.101384] [ 14.101508] Memory state around the buggy address: [ 14.101751] ffff888102a2d900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.102130] ffff888102a2d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.102402] >ffff888102a2da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.102752] ^ [ 14.103063] ffff888102a2da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.103651] ffff888102a2db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.103935] ================================================================== [ 14.129620] ================================================================== [ 14.130548] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.130871] Read of size 1 at addr ffff888102a472bb by task kunit_try_catch/244 [ 14.131206] [ 14.131399] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.131449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.131462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.131484] Call Trace: [ 14.131496] <TASK> [ 14.131513] dump_stack_lvl+0x73/0xb0 [ 14.131543] print_report+0xd1/0x650 [ 14.131566] ? __virt_addr_valid+0x1db/0x2d0 [ 14.131588] ? mempool_oob_right_helper+0x318/0x380 [ 14.131612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.131634] ? mempool_oob_right_helper+0x318/0x380 [ 14.131658] kasan_report+0x141/0x180 [ 14.131681] ? mempool_oob_right_helper+0x318/0x380 [ 14.131710] __asan_report_load1_noabort+0x18/0x20 [ 14.131731] mempool_oob_right_helper+0x318/0x380 [ 14.131756] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.131779] ? update_load_avg+0x1be/0x21b0 [ 14.131804] ? finish_task_switch.isra.0+0x153/0x700 [ 14.131831] mempool_slab_oob_right+0xed/0x140 [ 14.131852] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.131872] ? dequeue_task_fair+0x156/0x4e0 [ 14.131895] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.131916] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.131939] ? __pfx_read_tsc+0x10/0x10 [ 14.131959] ? ktime_get_ts64+0x86/0x230 [ 14.131998] kunit_try_run_case+0x1a5/0x480 [ 14.132022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.132044] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.132068] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.132091] ? __kthread_parkme+0x82/0x180 [ 14.132112] ? preempt_count_sub+0x50/0x80 [ 14.132137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.132159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.132182] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.132205] kthread+0x337/0x6f0 [ 14.132222] ? trace_preempt_on+0x20/0xc0 [ 14.132245] ? __pfx_kthread+0x10/0x10 [ 14.132263] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.132284] ? calculate_sigpending+0x7b/0xa0 [ 14.132318] ? __pfx_kthread+0x10/0x10 [ 14.132336] ret_from_fork+0x41/0x80 [ 14.132357] ? __pfx_kthread+0x10/0x10 [ 14.132376] ret_from_fork_asm+0x1a/0x30 [ 14.132407] </TASK> [ 14.132419] [ 14.141310] Allocated by task 244: [ 14.141516] kasan_save_stack+0x45/0x70 [ 14.141687] kasan_save_track+0x18/0x40 [ 14.141825] kasan_save_alloc_info+0x3b/0x50 [ 14.141970] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.142225] remove_element+0x11e/0x190 [ 14.142486] mempool_alloc_preallocated+0x4d/0x90 [ 14.142729] mempool_oob_right_helper+0x8a/0x380 [ 14.143022] mempool_slab_oob_right+0xed/0x140 [ 14.143181] kunit_try_run_case+0x1a5/0x480 [ 14.143400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.143663] kthread+0x337/0x6f0 [ 14.143960] ret_from_fork+0x41/0x80 [ 14.144106] ret_from_fork_asm+0x1a/0x30 [ 14.144320] [ 14.144399] The buggy address belongs to the object at ffff888102a47240 [ 14.144399] which belongs to the cache test_cache of size 123 [ 14.144867] The buggy address is located 0 bytes to the right of [ 14.144867] allocated 123-byte region [ffff888102a47240, ffff888102a472bb) [ 14.145348] [ 14.145622] The buggy address belongs to the physical page: [ 14.145952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a47 [ 14.146290] flags: 0x200000000000000(node=0|zone=2) [ 14.146575] page_type: f5(slab) [ 14.146735] raw: 0200000000000000 ffff8881020d6640 dead000000000122 0000000000000000 [ 14.147153] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.147407] page dumped because: kasan: bad access detected [ 14.147586] [ 14.147657] Memory state around the buggy address: [ 14.147814] ffff888102a47180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.148105] ffff888102a47200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.148438] >ffff888102a47280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.148829] ^ [ 14.149132] ffff888102a47300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.149665] ffff888102a47380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.150060] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.494616] ================================================================== [ 13.496605] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.497858] Read of size 1 at addr ffff8881020d6500 by task kunit_try_catch/234 [ 13.498398] [ 13.498728] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 13.498784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.498798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.498820] Call Trace: [ 13.498833] <TASK> [ 13.498853] dump_stack_lvl+0x73/0xb0 [ 13.499011] print_report+0xd1/0x650 [ 13.499035] ? __virt_addr_valid+0x1db/0x2d0 [ 13.499059] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.499079] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.499102] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.499160] kasan_report+0x141/0x180 [ 13.499184] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.499208] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.499229] __kasan_check_byte+0x3d/0x50 [ 13.499251] kmem_cache_destroy+0x25/0x1d0 [ 13.499276] kmem_cache_double_destroy+0x1bf/0x380 [ 13.499307] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.499328] ? finish_task_switch.isra.0+0x153/0x700 [ 13.499353] ? __switch_to+0x5d9/0xf60 [ 13.499373] ? dequeue_task_fair+0x166/0x4e0 [ 13.499401] ? __pfx_read_tsc+0x10/0x10 [ 13.499441] ? ktime_get_ts64+0x86/0x230 [ 13.499469] kunit_try_run_case+0x1a5/0x480 [ 13.499494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.499516] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.499540] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.499563] ? __kthread_parkme+0x82/0x180 [ 13.499586] ? preempt_count_sub+0x50/0x80 [ 13.499609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.499633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.499655] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.499677] kthread+0x337/0x6f0 [ 13.499694] ? trace_preempt_on+0x20/0xc0 [ 13.499719] ? __pfx_kthread+0x10/0x10 [ 13.499737] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.499756] ? calculate_sigpending+0x7b/0xa0 [ 13.499779] ? __pfx_kthread+0x10/0x10 [ 13.499797] ret_from_fork+0x41/0x80 [ 13.499818] ? __pfx_kthread+0x10/0x10 [ 13.499836] ret_from_fork_asm+0x1a/0x30 [ 13.499884] </TASK> [ 13.499897] [ 13.516435] Allocated by task 234: [ 13.517057] kasan_save_stack+0x45/0x70 [ 13.517600] kasan_save_track+0x18/0x40 [ 13.518243] kasan_save_alloc_info+0x3b/0x50 [ 13.518876] __kasan_slab_alloc+0x91/0xa0 [ 13.519578] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.520083] __kmem_cache_create_args+0x169/0x240 [ 13.520412] kmem_cache_double_destroy+0xd5/0x380 [ 13.520894] kunit_try_run_case+0x1a5/0x480 [ 13.521506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.522134] kthread+0x337/0x6f0 [ 13.522279] ret_from_fork+0x41/0x80 [ 13.522424] ret_from_fork_asm+0x1a/0x30 [ 13.522565] [ 13.522637] Freed by task 234: [ 13.522759] kasan_save_stack+0x45/0x70 [ 13.523236] kasan_save_track+0x18/0x40 [ 13.523464] kasan_save_free_info+0x3f/0x60 [ 13.524080] __kasan_slab_free+0x56/0x70 [ 13.524594] kmem_cache_free+0x249/0x420 [ 13.524912] slab_kmem_cache_release+0x2e/0x40 [ 13.525578] kmem_cache_release+0x16/0x20 [ 13.525776] kobject_put+0x181/0x450 [ 13.526129] sysfs_slab_release+0x16/0x20 [ 13.526752] kmem_cache_destroy+0xf0/0x1d0 [ 13.527304] kmem_cache_double_destroy+0x14e/0x380 [ 13.527663] kunit_try_run_case+0x1a5/0x480 [ 13.527822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.528410] kthread+0x337/0x6f0 [ 13.528858] ret_from_fork+0x41/0x80 [ 13.529500] ret_from_fork_asm+0x1a/0x30 [ 13.530040] [ 13.530122] The buggy address belongs to the object at ffff8881020d6500 [ 13.530122] which belongs to the cache kmem_cache of size 208 [ 13.530499] The buggy address is located 0 bytes inside of [ 13.530499] freed 208-byte region [ffff8881020d6500, ffff8881020d65d0) [ 13.531583] [ 13.531755] The buggy address belongs to the physical page: [ 13.532349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1020d6 [ 13.532912] flags: 0x200000000000000(node=0|zone=2) [ 13.533082] page_type: f5(slab) [ 13.533207] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.533546] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.534408] page dumped because: kasan: bad access detected [ 13.534997] [ 13.535172] Memory state around the buggy address: [ 13.535669] ffff8881020d6400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.536448] ffff8881020d6480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.536856] >ffff8881020d6500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.537543] ^ [ 13.537666] ffff8881020d6580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.537932] ffff8881020d6600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.538600] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.440367] ================================================================== [ 13.440863] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.441595] Read of size 1 at addr ffff88810270d000 by task kunit_try_catch/232 [ 13.442597] [ 13.442838] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 13.442888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.442900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.442922] Call Trace: [ 13.442937] <TASK> [ 13.442956] dump_stack_lvl+0x73/0xb0 [ 13.442989] print_report+0xd1/0x650 [ 13.443013] ? __virt_addr_valid+0x1db/0x2d0 [ 13.443038] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.443059] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.443083] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.443104] kasan_report+0x141/0x180 [ 13.443128] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.443154] __asan_report_load1_noabort+0x18/0x20 [ 13.443176] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.443197] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.443218] ? finish_task_switch.isra.0+0x153/0x700 [ 13.443244] ? __switch_to+0x5d9/0xf60 [ 13.443266] ? dequeue_task_fair+0x166/0x4e0 [ 13.443306] ? __pfx_read_tsc+0x10/0x10 [ 13.443329] ? ktime_get_ts64+0x86/0x230 [ 13.443356] kunit_try_run_case+0x1a5/0x480 [ 13.443382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.443406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.443444] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.443468] ? __kthread_parkme+0x82/0x180 [ 13.443491] ? preempt_count_sub+0x50/0x80 [ 13.443517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.443541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.443564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.443588] kthread+0x337/0x6f0 [ 13.443606] ? trace_preempt_on+0x20/0xc0 [ 13.443631] ? __pfx_kthread+0x10/0x10 [ 13.443650] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.443672] ? calculate_sigpending+0x7b/0xa0 [ 13.443695] ? __pfx_kthread+0x10/0x10 [ 13.443715] ret_from_fork+0x41/0x80 [ 13.443736] ? __pfx_kthread+0x10/0x10 [ 13.443755] ret_from_fork_asm+0x1a/0x30 [ 13.443789] </TASK> [ 13.443801] [ 13.454108] Allocated by task 232: [ 13.454350] kasan_save_stack+0x45/0x70 [ 13.454501] kasan_save_track+0x18/0x40 [ 13.454762] kasan_save_alloc_info+0x3b/0x50 [ 13.454984] __kasan_slab_alloc+0x91/0xa0 [ 13.455169] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.455390] kmem_cache_rcu_uaf+0x155/0x510 [ 13.455535] kunit_try_run_case+0x1a5/0x480 [ 13.455724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.456021] kthread+0x337/0x6f0 [ 13.456215] ret_from_fork+0x41/0x80 [ 13.456358] ret_from_fork_asm+0x1a/0x30 [ 13.456582] [ 13.456678] Freed by task 0: [ 13.456894] kasan_save_stack+0x45/0x70 [ 13.457374] kasan_save_track+0x18/0x40 [ 13.457562] kasan_save_free_info+0x3f/0x60 [ 13.458317] __kasan_slab_free+0x56/0x70 [ 13.458581] slab_free_after_rcu_debug+0xe4/0x310 [ 13.458933] rcu_core+0x66c/0x1c30 [ 13.459098] rcu_core_si+0x12/0x20 [ 13.459275] handle_softirqs+0x209/0x730 [ 13.459472] __irq_exit_rcu+0xc9/0x110 [ 13.460200] irq_exit_rcu+0x12/0x20 [ 13.460346] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.460902] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.461284] [ 13.461374] Last potentially related work creation: [ 13.461764] kasan_save_stack+0x45/0x70 [ 13.462066] kasan_record_aux_stack+0xb2/0xc0 [ 13.462519] kmem_cache_free+0x131/0x420 [ 13.462747] kmem_cache_rcu_uaf+0x194/0x510 [ 13.462979] kunit_try_run_case+0x1a5/0x480 [ 13.463287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.463740] kthread+0x337/0x6f0 [ 13.464009] ret_from_fork+0x41/0x80 [ 13.464335] ret_from_fork_asm+0x1a/0x30 [ 13.464579] [ 13.464893] The buggy address belongs to the object at ffff88810270d000 [ 13.464893] which belongs to the cache test_cache of size 200 [ 13.465421] The buggy address is located 0 bytes inside of [ 13.465421] freed 200-byte region [ffff88810270d000, ffff88810270d0c8) [ 13.465957] [ 13.466099] The buggy address belongs to the physical page: [ 13.466400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10270d [ 13.466772] flags: 0x200000000000000(node=0|zone=2) [ 13.466975] page_type: f5(slab) [ 13.467473] raw: 0200000000000000 ffff888102707280 dead000000000122 0000000000000000 [ 13.467759] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.468085] page dumped because: kasan: bad access detected [ 13.468335] [ 13.468612] Memory state around the buggy address: [ 13.468906] ffff88810270cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.469322] ffff88810270cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.469699] >ffff88810270d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.470118] ^ [ 13.470291] ffff88810270d080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.470759] ffff88810270d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.471085] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.377438] ================================================================== [ 13.377876] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.378116] Free of addr ffff88810270b001 by task kunit_try_catch/230 [ 13.378327] [ 13.378525] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 13.378573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.378585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.378607] Call Trace: [ 13.378620] <TASK> [ 13.378710] dump_stack_lvl+0x73/0xb0 [ 13.378742] print_report+0xd1/0x650 [ 13.378955] ? __virt_addr_valid+0x1db/0x2d0 [ 13.378985] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.379223] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.379250] kasan_report_invalid_free+0x10a/0x130 [ 13.379275] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.379308] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.379329] check_slab_allocation+0x11f/0x130 [ 13.379350] __kasan_slab_pre_free+0x28/0x40 [ 13.379371] kmem_cache_free+0xed/0x420 [ 13.379393] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.379413] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.379436] kmem_cache_invalid_free+0x1d8/0x460 [ 13.379456] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.379475] ? finish_task_switch.isra.0+0x153/0x700 [ 13.379500] ? __switch_to+0x5d9/0xf60 [ 13.379521] ? dequeue_task_fair+0x166/0x4e0 [ 13.379548] ? __pfx_read_tsc+0x10/0x10 [ 13.379568] ? ktime_get_ts64+0x86/0x230 [ 13.379593] kunit_try_run_case+0x1a5/0x480 [ 13.379617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.379638] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.379662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.379684] ? __kthread_parkme+0x82/0x180 [ 13.379706] ? preempt_count_sub+0x50/0x80 [ 13.379729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.379751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.379773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.379794] kthread+0x337/0x6f0 [ 13.379810] ? trace_preempt_on+0x20/0xc0 [ 13.379834] ? __pfx_kthread+0x10/0x10 [ 13.379852] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.379872] ? calculate_sigpending+0x7b/0xa0 [ 13.379894] ? __pfx_kthread+0x10/0x10 [ 13.379912] ret_from_fork+0x41/0x80 [ 13.379932] ? __pfx_kthread+0x10/0x10 [ 13.379949] ret_from_fork_asm+0x1a/0x30 [ 13.379980] </TASK> [ 13.379992] [ 13.395441] Allocated by task 230: [ 13.395758] kasan_save_stack+0x45/0x70 [ 13.396260] kasan_save_track+0x18/0x40 [ 13.396607] kasan_save_alloc_info+0x3b/0x50 [ 13.396754] __kasan_slab_alloc+0x91/0xa0 [ 13.397054] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.397574] kmem_cache_invalid_free+0x157/0x460 [ 13.398116] kunit_try_run_case+0x1a5/0x480 [ 13.398599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.398841] kthread+0x337/0x6f0 [ 13.399320] ret_from_fork+0x41/0x80 [ 13.399672] ret_from_fork_asm+0x1a/0x30 [ 13.399956] [ 13.400151] The buggy address belongs to the object at ffff88810270b000 [ 13.400151] which belongs to the cache test_cache of size 200 [ 13.400704] The buggy address is located 1 bytes inside of [ 13.400704] 200-byte region [ffff88810270b000, ffff88810270b0c8) [ 13.401546] [ 13.401729] The buggy address belongs to the physical page: [ 13.402348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10270b [ 13.403109] flags: 0x200000000000000(node=0|zone=2) [ 13.403695] page_type: f5(slab) [ 13.403827] raw: 0200000000000000 ffff888102707140 dead000000000122 0000000000000000 [ 13.404544] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.405207] page dumped because: kasan: bad access detected [ 13.405406] [ 13.405555] Memory state around the buggy address: [ 13.405741] ffff88810270af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.405999] ffff88810270af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.406323] >ffff88810270b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.406846] ^ [ 13.407039] ffff88810270b080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.407393] ffff88810270b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.407873] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.329653] ================================================================== [ 13.330510] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.331000] Free of addr ffff888102a44000 by task kunit_try_catch/228 [ 13.331816] [ 13.332216] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 13.332393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.332409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.332433] Call Trace: [ 13.332446] <TASK> [ 13.332465] dump_stack_lvl+0x73/0xb0 [ 13.332499] print_report+0xd1/0x650 [ 13.332522] ? __virt_addr_valid+0x1db/0x2d0 [ 13.332547] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.332570] ? kmem_cache_double_free+0x1e5/0x480 [ 13.332590] kasan_report_invalid_free+0x10a/0x130 [ 13.332614] ? kmem_cache_double_free+0x1e5/0x480 [ 13.332638] ? kmem_cache_double_free+0x1e5/0x480 [ 13.332658] check_slab_allocation+0x101/0x130 [ 13.332680] __kasan_slab_pre_free+0x28/0x40 [ 13.332700] kmem_cache_free+0xed/0x420 [ 13.332721] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.332742] ? kmem_cache_double_free+0x1e5/0x480 [ 13.332765] kmem_cache_double_free+0x1e5/0x480 [ 13.332788] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.332807] ? finish_task_switch.isra.0+0x153/0x700 [ 13.332832] ? __switch_to+0x5d9/0xf60 [ 13.332853] ? dequeue_task_fair+0x166/0x4e0 [ 13.332927] ? __pfx_read_tsc+0x10/0x10 [ 13.332951] ? ktime_get_ts64+0x86/0x230 [ 13.332978] kunit_try_run_case+0x1a5/0x480 [ 13.333003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.333024] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.333047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.333069] ? __kthread_parkme+0x82/0x180 [ 13.333092] ? preempt_count_sub+0x50/0x80 [ 13.333116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.333138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.333160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.333181] kthread+0x337/0x6f0 [ 13.333197] ? trace_preempt_on+0x20/0xc0 [ 13.333222] ? __pfx_kthread+0x10/0x10 [ 13.333240] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.333260] ? calculate_sigpending+0x7b/0xa0 [ 13.333282] ? __pfx_kthread+0x10/0x10 [ 13.333310] ret_from_fork+0x41/0x80 [ 13.333331] ? __pfx_kthread+0x10/0x10 [ 13.333348] ret_from_fork_asm+0x1a/0x30 [ 13.333379] </TASK> [ 13.333391] [ 13.351925] Allocated by task 228: [ 13.352080] kasan_save_stack+0x45/0x70 [ 13.352239] kasan_save_track+0x18/0x40 [ 13.352394] kasan_save_alloc_info+0x3b/0x50 [ 13.352596] __kasan_slab_alloc+0x91/0xa0 [ 13.352781] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.352979] kmem_cache_double_free+0x14f/0x480 [ 13.353181] kunit_try_run_case+0x1a5/0x480 [ 13.353590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.354094] kthread+0x337/0x6f0 [ 13.354406] ret_from_fork+0x41/0x80 [ 13.354763] ret_from_fork_asm+0x1a/0x30 [ 13.355220] [ 13.355403] Freed by task 228: [ 13.355718] kasan_save_stack+0x45/0x70 [ 13.356100] kasan_save_track+0x18/0x40 [ 13.356591] kasan_save_free_info+0x3f/0x60 [ 13.357157] __kasan_slab_free+0x56/0x70 [ 13.357636] kmem_cache_free+0x249/0x420 [ 13.358101] kmem_cache_double_free+0x16a/0x480 [ 13.358687] kunit_try_run_case+0x1a5/0x480 [ 13.359105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.359658] kthread+0x337/0x6f0 [ 13.359778] ret_from_fork+0x41/0x80 [ 13.359993] ret_from_fork_asm+0x1a/0x30 [ 13.360404] [ 13.360575] The buggy address belongs to the object at ffff888102a44000 [ 13.360575] which belongs to the cache test_cache of size 200 [ 13.361262] The buggy address is located 0 bytes inside of [ 13.361262] 200-byte region [ffff888102a44000, ffff888102a440c8) [ 13.361680] [ 13.361842] The buggy address belongs to the physical page: [ 13.362394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a44 [ 13.363205] flags: 0x200000000000000(node=0|zone=2) [ 13.363693] page_type: f5(slab) [ 13.364075] raw: 0200000000000000 ffff8881020d63c0 dead000000000122 0000000000000000 [ 13.364969] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.365203] page dumped because: kasan: bad access detected [ 13.365390] [ 13.365517] Memory state around the buggy address: [ 13.365941] ffff888102a43f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.366560] ffff888102a43f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.367322] >ffff888102a44000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.368044] ^ [ 13.368164] ffff888102a44080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.368393] ffff888102a44100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.368654] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.287321] ================================================================== [ 13.288113] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.288606] Read of size 1 at addr ffff8881027090c8 by task kunit_try_catch/226 [ 13.289427] [ 13.289572] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 13.289624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.289637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.289659] Call Trace: [ 13.289671] <TASK> [ 13.289690] dump_stack_lvl+0x73/0xb0 [ 13.289844] print_report+0xd1/0x650 [ 13.289877] ? __virt_addr_valid+0x1db/0x2d0 [ 13.289901] ? kmem_cache_oob+0x402/0x530 [ 13.289920] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.289942] ? kmem_cache_oob+0x402/0x530 [ 13.289961] kasan_report+0x141/0x180 [ 13.289983] ? kmem_cache_oob+0x402/0x530 [ 13.290006] __asan_report_load1_noabort+0x18/0x20 [ 13.290026] kmem_cache_oob+0x402/0x530 [ 13.290044] ? trace_hardirqs_on+0x37/0xe0 [ 13.290068] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.290087] ? finish_task_switch.isra.0+0x153/0x700 [ 13.290111] ? __switch_to+0x5d9/0xf60 [ 13.290132] ? dequeue_task_fair+0x156/0x4e0 [ 13.290159] ? __pfx_read_tsc+0x10/0x10 [ 13.290179] ? ktime_get_ts64+0x86/0x230 [ 13.290203] kunit_try_run_case+0x1a5/0x480 [ 13.290227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.290248] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.290271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.290303] ? __kthread_parkme+0x82/0x180 [ 13.290325] ? preempt_count_sub+0x50/0x80 [ 13.290348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.290371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.290393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.290415] kthread+0x337/0x6f0 [ 13.290432] ? trace_preempt_on+0x20/0xc0 [ 13.290453] ? __pfx_kthread+0x10/0x10 [ 13.290471] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.290491] ? calculate_sigpending+0x7b/0xa0 [ 13.290512] ? __pfx_kthread+0x10/0x10 [ 13.290530] ret_from_fork+0x41/0x80 [ 13.290549] ? __pfx_kthread+0x10/0x10 [ 13.290567] ret_from_fork_asm+0x1a/0x30 [ 13.290597] </TASK> [ 13.290609] [ 13.300644] Allocated by task 226: [ 13.300883] kasan_save_stack+0x45/0x70 [ 13.301094] kasan_save_track+0x18/0x40 [ 13.301494] kasan_save_alloc_info+0x3b/0x50 [ 13.301669] __kasan_slab_alloc+0x91/0xa0 [ 13.301869] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.302096] kmem_cache_oob+0x157/0x530 [ 13.302237] kunit_try_run_case+0x1a5/0x480 [ 13.302582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.302849] kthread+0x337/0x6f0 [ 13.303156] ret_from_fork+0x41/0x80 [ 13.303366] ret_from_fork_asm+0x1a/0x30 [ 13.303609] [ 13.303681] The buggy address belongs to the object at ffff888102709000 [ 13.303681] which belongs to the cache test_cache of size 200 [ 13.304793] The buggy address is located 0 bytes to the right of [ 13.304793] allocated 200-byte region [ffff888102709000, ffff8881027090c8) [ 13.305735] [ 13.305844] The buggy address belongs to the physical page: [ 13.306405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102709 [ 13.306876] flags: 0x200000000000000(node=0|zone=2) [ 13.307502] page_type: f5(slab) [ 13.307810] raw: 0200000000000000 ffff888102707000 dead000000000122 0000000000000000 [ 13.308374] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.309115] page dumped because: kasan: bad access detected [ 13.309588] [ 13.309845] Memory state around the buggy address: [ 13.310453] ffff888102708f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.310754] ffff888102709000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.311259] >ffff888102709080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.311716] ^ [ 13.312139] ffff888102709100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.312655] ffff888102709180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.313226] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.242931] ================================================================== [ 13.243925] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.244412] Read of size 8 at addr ffff888102705100 by task kunit_try_catch/219 [ 13.245144] [ 13.245464] CPU: 0 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 13.245519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.245532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.245554] Call Trace: [ 13.245699] <TASK> [ 13.245722] dump_stack_lvl+0x73/0xb0 [ 13.245767] print_report+0xd1/0x650 [ 13.245789] ? __virt_addr_valid+0x1db/0x2d0 [ 13.245810] ? workqueue_uaf+0x4d6/0x560 [ 13.245831] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.245885] ? workqueue_uaf+0x4d6/0x560 [ 13.245906] kasan_report+0x141/0x180 [ 13.245928] ? workqueue_uaf+0x4d6/0x560 [ 13.245954] __asan_report_load8_noabort+0x18/0x20 [ 13.245974] workqueue_uaf+0x4d6/0x560 [ 13.245996] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.246019] ? __schedule+0x10cc/0x2b30 [ 13.246040] ? __pfx_read_tsc+0x10/0x10 [ 13.246060] ? ktime_get_ts64+0x86/0x230 [ 13.246085] kunit_try_run_case+0x1a5/0x480 [ 13.246108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.246129] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.246152] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.246174] ? __kthread_parkme+0x82/0x180 [ 13.246195] ? preempt_count_sub+0x50/0x80 [ 13.246220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.246242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.246264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.246286] kthread+0x337/0x6f0 [ 13.246312] ? trace_preempt_on+0x20/0xc0 [ 13.246335] ? __pfx_kthread+0x10/0x10 [ 13.246352] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.246372] ? calculate_sigpending+0x7b/0xa0 [ 13.246393] ? __pfx_kthread+0x10/0x10 [ 13.246411] ret_from_fork+0x41/0x80 [ 13.246430] ? __pfx_kthread+0x10/0x10 [ 13.246448] ret_from_fork_asm+0x1a/0x30 [ 13.246479] </TASK> [ 13.246491] [ 13.255705] Allocated by task 219: [ 13.256129] kasan_save_stack+0x45/0x70 [ 13.256453] kasan_save_track+0x18/0x40 [ 13.256715] kasan_save_alloc_info+0x3b/0x50 [ 13.257029] __kasan_kmalloc+0xb7/0xc0 [ 13.257171] __kmalloc_cache_noprof+0x189/0x420 [ 13.257463] workqueue_uaf+0x152/0x560 [ 13.257670] kunit_try_run_case+0x1a5/0x480 [ 13.258570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.258839] kthread+0x337/0x6f0 [ 13.259185] ret_from_fork+0x41/0x80 [ 13.259423] ret_from_fork_asm+0x1a/0x30 [ 13.259623] [ 13.259720] Freed by task 9: [ 13.260083] kasan_save_stack+0x45/0x70 [ 13.260276] kasan_save_track+0x18/0x40 [ 13.260450] kasan_save_free_info+0x3f/0x60 [ 13.260916] __kasan_slab_free+0x56/0x70 [ 13.261244] kfree+0x222/0x3f0 [ 13.261446] workqueue_uaf_work+0x12/0x20 [ 13.261984] process_one_work+0x5ee/0xf60 [ 13.262306] worker_thread+0x758/0x1220 [ 13.262712] kthread+0x337/0x6f0 [ 13.262930] ret_from_fork+0x41/0x80 [ 13.263117] ret_from_fork_asm+0x1a/0x30 [ 13.263320] [ 13.263403] Last potentially related work creation: [ 13.263867] kasan_save_stack+0x45/0x70 [ 13.264030] kasan_record_aux_stack+0xb2/0xc0 [ 13.264389] __queue_work+0x626/0xeb0 [ 13.264884] queue_work_on+0xb6/0xc0 [ 13.265080] workqueue_uaf+0x26d/0x560 [ 13.265378] kunit_try_run_case+0x1a5/0x480 [ 13.265668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.266193] kthread+0x337/0x6f0 [ 13.266391] ret_from_fork+0x41/0x80 [ 13.266703] ret_from_fork_asm+0x1a/0x30 [ 13.266873] [ 13.267121] The buggy address belongs to the object at ffff888102705100 [ 13.267121] which belongs to the cache kmalloc-32 of size 32 [ 13.267673] The buggy address is located 0 bytes inside of [ 13.267673] freed 32-byte region [ffff888102705100, ffff888102705120) [ 13.268206] [ 13.268323] The buggy address belongs to the physical page: [ 13.268656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102705 [ 13.269476] flags: 0x200000000000000(node=0|zone=2) [ 13.269875] page_type: f5(slab) [ 13.270276] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.270782] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.271272] page dumped because: kasan: bad access detected [ 13.271575] [ 13.271717] Memory state around the buggy address: [ 13.271970] ffff888102705000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.272497] ffff888102705080: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.273165] >ffff888102705100: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.273533] ^ [ 13.273725] ffff888102705180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.274039] ffff888102705200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.274693] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.202107] ================================================================== [ 13.202604] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.202973] Read of size 4 at addr ffff888102705040 by task swapper/0/0 [ 13.203252] [ 13.203385] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 13.203436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.203460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.203481] Call Trace: [ 13.203506] <IRQ> [ 13.203525] dump_stack_lvl+0x73/0xb0 [ 13.203555] print_report+0xd1/0x650 [ 13.203577] ? __virt_addr_valid+0x1db/0x2d0 [ 13.203611] ? rcu_uaf_reclaim+0x50/0x60 [ 13.203632] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.203654] ? rcu_uaf_reclaim+0x50/0x60 [ 13.203685] kasan_report+0x141/0x180 [ 13.203707] ? rcu_uaf_reclaim+0x50/0x60 [ 13.203732] __asan_report_load4_noabort+0x18/0x20 [ 13.203753] rcu_uaf_reclaim+0x50/0x60 [ 13.203773] rcu_core+0x66c/0x1c30 [ 13.203803] ? __pfx_rcu_core+0x10/0x10 [ 13.203826] ? ktime_get+0x6b/0x150 [ 13.203853] rcu_core_si+0x12/0x20 [ 13.203873] handle_softirqs+0x209/0x730 [ 13.203895] ? hrtimer_interrupt+0x2fe/0x780 [ 13.203918] ? __pfx_handle_softirqs+0x10/0x10 [ 13.203944] __irq_exit_rcu+0xc9/0x110 [ 13.203965] irq_exit_rcu+0x12/0x20 [ 13.203982] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.204006] </IRQ> [ 13.204030] <TASK> [ 13.204041] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.204150] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.204405] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 2d 28 00 fb f4 <e9> fc 1f 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.204505] RSP: 0000:ffffffffa3c07dd8 EFLAGS: 00010202 [ 13.204594] RAX: ffff8881b6093000 RBX: ffffffffa3c1ca80 RCX: ffffffffa2a07015 [ 13.204640] RDX: ffffed102b606103 RSI: 0000000000000004 RDI: 0000000000013bd4 [ 13.204683] RBP: ffffffffa3c07de0 R08: 0000000000000001 R09: ffffed102b606102 [ 13.204725] R10: ffff88815b030813 R11: 0000000000000002 R12: 0000000000000000 [ 13.204767] R13: fffffbfff4783950 R14: ffffffffa479bc10 R15: 0000000000000000 [ 13.204824] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.204877] ? default_idle+0xd/0x20 [ 13.204895] arch_cpu_idle+0xd/0x20 [ 13.204912] default_idle_call+0x48/0x80 [ 13.204931] do_idle+0x379/0x4f0 [ 13.204953] ? __pfx_do_idle+0x10/0x10 [ 13.204972] ? trace_preempt_on+0x20/0xc0 [ 13.204994] ? schedule+0x86/0x2e0 [ 13.205013] ? preempt_count_sub+0x50/0x80 [ 13.205037] cpu_startup_entry+0x5c/0x70 [ 13.205057] rest_init+0x11a/0x140 [ 13.205074] ? acpi_subsystem_init+0x5d/0x150 [ 13.205099] start_kernel+0x32b/0x410 [ 13.205120] x86_64_start_reservations+0x1c/0x30 [ 13.205141] x86_64_start_kernel+0xcf/0xe0 [ 13.205161] common_startup_64+0x13e/0x148 [ 13.205192] </TASK> [ 13.205204] [ 13.217222] Allocated by task 217: [ 13.217406] kasan_save_stack+0x45/0x70 [ 13.217592] kasan_save_track+0x18/0x40 [ 13.217767] kasan_save_alloc_info+0x3b/0x50 [ 13.217953] __kasan_kmalloc+0xb7/0xc0 [ 13.218119] __kmalloc_cache_noprof+0x189/0x420 [ 13.218321] rcu_uaf+0xb0/0x330 [ 13.218872] kunit_try_run_case+0x1a5/0x480 [ 13.219227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.219884] kthread+0x337/0x6f0 [ 13.220080] ret_from_fork+0x41/0x80 [ 13.220253] ret_from_fork_asm+0x1a/0x30 [ 13.220663] [ 13.220755] Freed by task 0: [ 13.221166] kasan_save_stack+0x45/0x70 [ 13.221379] kasan_save_track+0x18/0x40 [ 13.221688] kasan_save_free_info+0x3f/0x60 [ 13.222041] __kasan_slab_free+0x56/0x70 [ 13.222220] kfree+0x222/0x3f0 [ 13.222377] rcu_uaf_reclaim+0x1f/0x60 [ 13.222899] rcu_core+0x66c/0x1c30 [ 13.223179] rcu_core_si+0x12/0x20 [ 13.223496] handle_softirqs+0x209/0x730 [ 13.223694] __irq_exit_rcu+0xc9/0x110 [ 13.223873] irq_exit_rcu+0x12/0x20 [ 13.224046] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.224258] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.224473] [ 13.225028] Last potentially related work creation: [ 13.225203] kasan_save_stack+0x45/0x70 [ 13.225515] kasan_record_aux_stack+0xb2/0xc0 [ 13.225674] __call_rcu_common.constprop.0+0x72/0x9c0 [ 13.225844] call_rcu+0x12/0x20 [ 13.225963] rcu_uaf+0x168/0x330 [ 13.226084] kunit_try_run_case+0x1a5/0x480 [ 13.226231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.226420] kthread+0x337/0x6f0 [ 13.226539] ret_from_fork+0x41/0x80 [ 13.226675] ret_from_fork_asm+0x1a/0x30 [ 13.226829] [ 13.226911] The buggy address belongs to the object at ffff888102705040 [ 13.226911] which belongs to the cache kmalloc-32 of size 32 [ 13.227264] The buggy address is located 0 bytes inside of [ 13.227264] freed 32-byte region [ffff888102705040, ffff888102705060) [ 13.228607] [ 13.228837] The buggy address belongs to the physical page: [ 13.229381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102705 [ 13.229892] flags: 0x200000000000000(node=0|zone=2) [ 13.230134] page_type: f5(slab) [ 13.230581] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.231272] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.232166] page dumped because: kasan: bad access detected [ 13.233322] [ 13.233470] Memory state around the buggy address: [ 13.233994] ffff888102704f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.234332] ffff888102704f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.235354] >ffff888102705000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.235968] ^ [ 13.236702] ffff888102705080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.237329] ffff888102705100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.237912] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.138317] ================================================================== [ 13.138846] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.139326] Read of size 1 at addr ffff888102a2d700 by task kunit_try_catch/215 [ 13.139663] [ 13.139781] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 13.139827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.139838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.139860] Call Trace: [ 13.139877] <TASK> [ 13.139894] dump_stack_lvl+0x73/0xb0 [ 13.139922] print_report+0xd1/0x650 [ 13.139945] ? __virt_addr_valid+0x1db/0x2d0 [ 13.139978] ? ksize_uaf+0x5fe/0x6c0 [ 13.139999] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.140022] ? ksize_uaf+0x5fe/0x6c0 [ 13.140328] kasan_report+0x141/0x180 [ 13.140353] ? ksize_uaf+0x5fe/0x6c0 [ 13.140390] __asan_report_load1_noabort+0x18/0x20 [ 13.140410] ksize_uaf+0x5fe/0x6c0 [ 13.140431] ? __pfx_ksize_uaf+0x10/0x10 [ 13.140452] ? __schedule+0x10cc/0x2b30 [ 13.140483] ? __pfx_read_tsc+0x10/0x10 [ 13.140502] ? ktime_get_ts64+0x86/0x230 [ 13.140527] kunit_try_run_case+0x1a5/0x480 [ 13.140561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.140582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.140605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.140627] ? __kthread_parkme+0x82/0x180 [ 13.140648] ? preempt_count_sub+0x50/0x80 [ 13.140672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.140694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.140715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.140737] kthread+0x337/0x6f0 [ 13.140753] ? trace_preempt_on+0x20/0xc0 [ 13.140776] ? __pfx_kthread+0x10/0x10 [ 13.140794] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.140815] ? calculate_sigpending+0x7b/0xa0 [ 13.140836] ? __pfx_kthread+0x10/0x10 [ 13.140853] ret_from_fork+0x41/0x80 [ 13.140873] ? __pfx_kthread+0x10/0x10 [ 13.140890] ret_from_fork_asm+0x1a/0x30 [ 13.140921] </TASK> [ 13.140932] [ 13.149026] Allocated by task 215: [ 13.149255] kasan_save_stack+0x45/0x70 [ 13.149509] kasan_save_track+0x18/0x40 [ 13.149681] kasan_save_alloc_info+0x3b/0x50 [ 13.149875] __kasan_kmalloc+0xb7/0xc0 [ 13.150009] __kmalloc_cache_noprof+0x189/0x420 [ 13.150215] ksize_uaf+0xaa/0x6c0 [ 13.150410] kunit_try_run_case+0x1a5/0x480 [ 13.150701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.151086] kthread+0x337/0x6f0 [ 13.151257] ret_from_fork+0x41/0x80 [ 13.151493] ret_from_fork_asm+0x1a/0x30 [ 13.151691] [ 13.151800] Freed by task 215: [ 13.152065] kasan_save_stack+0x45/0x70 [ 13.152233] kasan_save_track+0x18/0x40 [ 13.152446] kasan_save_free_info+0x3f/0x60 [ 13.152655] __kasan_slab_free+0x56/0x70 [ 13.152807] kfree+0x222/0x3f0 [ 13.152924] ksize_uaf+0x12c/0x6c0 [ 13.153049] kunit_try_run_case+0x1a5/0x480 [ 13.153322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.153572] kthread+0x337/0x6f0 [ 13.153736] ret_from_fork+0x41/0x80 [ 13.153890] ret_from_fork_asm+0x1a/0x30 [ 13.154029] [ 13.154100] The buggy address belongs to the object at ffff888102a2d700 [ 13.154100] which belongs to the cache kmalloc-128 of size 128 [ 13.155005] The buggy address is located 0 bytes inside of [ 13.155005] freed 128-byte region [ffff888102a2d700, ffff888102a2d780) [ 13.155632] [ 13.155720] The buggy address belongs to the physical page: [ 13.156029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2d [ 13.156466] flags: 0x200000000000000(node=0|zone=2) [ 13.156647] page_type: f5(slab) [ 13.156838] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.157232] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.157601] page dumped because: kasan: bad access detected [ 13.157838] [ 13.157997] Memory state around the buggy address: [ 13.158227] ffff888102a2d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.158563] ffff888102a2d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.158931] >ffff888102a2d700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.159184] ^ [ 13.159311] ffff888102a2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.159634] ffff888102a2d800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.159950] ================================================================== [ 13.103707] ================================================================== [ 13.105073] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.105689] Read of size 1 at addr ffff888102a2d700 by task kunit_try_catch/215 [ 13.107045] [ 13.107314] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 13.107368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.107381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.107404] Call Trace: [ 13.107423] <TASK> [ 13.107443] dump_stack_lvl+0x73/0xb0 [ 13.107474] print_report+0xd1/0x650 [ 13.107496] ? __virt_addr_valid+0x1db/0x2d0 [ 13.107519] ? ksize_uaf+0x19d/0x6c0 [ 13.107539] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.107560] ? ksize_uaf+0x19d/0x6c0 [ 13.107581] kasan_report+0x141/0x180 [ 13.107603] ? ksize_uaf+0x19d/0x6c0 [ 13.107626] ? ksize_uaf+0x19d/0x6c0 [ 13.107647] __kasan_check_byte+0x3d/0x50 [ 13.107669] ksize+0x20/0x60 [ 13.107690] ksize_uaf+0x19d/0x6c0 [ 13.107710] ? __pfx_ksize_uaf+0x10/0x10 [ 13.107732] ? __schedule+0x10cc/0x2b30 [ 13.107754] ? __pfx_read_tsc+0x10/0x10 [ 13.107773] ? ktime_get_ts64+0x86/0x230 [ 13.107798] kunit_try_run_case+0x1a5/0x480 [ 13.107822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.107843] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.107865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.107887] ? __kthread_parkme+0x82/0x180 [ 13.107909] ? preempt_count_sub+0x50/0x80 [ 13.107934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.107956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.107977] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.107999] kthread+0x337/0x6f0 [ 13.108015] ? trace_preempt_on+0x20/0xc0 [ 13.108039] ? __pfx_kthread+0x10/0x10 [ 13.108056] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.108076] ? calculate_sigpending+0x7b/0xa0 [ 13.108098] ? __pfx_kthread+0x10/0x10 [ 13.108115] ret_from_fork+0x41/0x80 [ 13.108135] ? __pfx_kthread+0x10/0x10 [ 13.108152] ret_from_fork_asm+0x1a/0x30 [ 13.108183] </TASK> [ 13.108195] [ 13.121216] Allocated by task 215: [ 13.121473] kasan_save_stack+0x45/0x70 [ 13.121865] kasan_save_track+0x18/0x40 [ 13.122180] kasan_save_alloc_info+0x3b/0x50 [ 13.122341] __kasan_kmalloc+0xb7/0xc0 [ 13.122542] __kmalloc_cache_noprof+0x189/0x420 [ 13.123086] ksize_uaf+0xaa/0x6c0 [ 13.123454] kunit_try_run_case+0x1a5/0x480 [ 13.123897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.124378] kthread+0x337/0x6f0 [ 13.124523] ret_from_fork+0x41/0x80 [ 13.124948] ret_from_fork_asm+0x1a/0x30 [ 13.125235] [ 13.125319] Freed by task 215: [ 13.125443] kasan_save_stack+0x45/0x70 [ 13.125710] kasan_save_track+0x18/0x40 [ 13.125900] kasan_save_free_info+0x3f/0x60 [ 13.126388] __kasan_slab_free+0x56/0x70 [ 13.126743] kfree+0x222/0x3f0 [ 13.127088] ksize_uaf+0x12c/0x6c0 [ 13.127288] kunit_try_run_case+0x1a5/0x480 [ 13.127638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.127814] kthread+0x337/0x6f0 [ 13.128010] ret_from_fork+0x41/0x80 [ 13.128400] ret_from_fork_asm+0x1a/0x30 [ 13.128811] [ 13.129080] The buggy address belongs to the object at ffff888102a2d700 [ 13.129080] which belongs to the cache kmalloc-128 of size 128 [ 13.130241] The buggy address is located 0 bytes inside of [ 13.130241] freed 128-byte region [ffff888102a2d700, ffff888102a2d780) [ 13.130709] [ 13.130786] The buggy address belongs to the physical page: [ 13.131183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2d [ 13.132000] flags: 0x200000000000000(node=0|zone=2) [ 13.132528] page_type: f5(slab) [ 13.132864] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.133600] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.133831] page dumped because: kasan: bad access detected [ 13.134348] [ 13.134514] Memory state around the buggy address: [ 13.135043] ffff888102a2d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.135876] ffff888102a2d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.136361] >ffff888102a2d700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.136681] ^ [ 13.136837] ffff888102a2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.137224] ffff888102a2d800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.137511] ================================================================== [ 13.160861] ================================================================== [ 13.161215] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.161440] Read of size 1 at addr ffff888102a2d778 by task kunit_try_catch/215 [ 13.161809] [ 13.162036] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 13.162081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.162125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.162145] Call Trace: [ 13.162155] <TASK> [ 13.162169] dump_stack_lvl+0x73/0xb0 [ 13.162228] print_report+0xd1/0x650 [ 13.162261] ? __virt_addr_valid+0x1db/0x2d0 [ 13.162300] ? ksize_uaf+0x5e4/0x6c0 [ 13.162349] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.162371] ? ksize_uaf+0x5e4/0x6c0 [ 13.162392] kasan_report+0x141/0x180 [ 13.162457] ? ksize_uaf+0x5e4/0x6c0 [ 13.162483] __asan_report_load1_noabort+0x18/0x20 [ 13.162503] ksize_uaf+0x5e4/0x6c0 [ 13.162534] ? __pfx_ksize_uaf+0x10/0x10 [ 13.162555] ? __schedule+0x10cc/0x2b30 [ 13.162576] ? __pfx_read_tsc+0x10/0x10 [ 13.162594] ? ktime_get_ts64+0x86/0x230 [ 13.162618] kunit_try_run_case+0x1a5/0x480 [ 13.162641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.162661] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.162691] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.162712] ? __kthread_parkme+0x82/0x180 [ 13.162734] ? preempt_count_sub+0x50/0x80 [ 13.162758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.162781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.162802] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.162824] kthread+0x337/0x6f0 [ 13.162840] ? trace_preempt_on+0x20/0xc0 [ 13.162862] ? __pfx_kthread+0x10/0x10 [ 13.162879] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.162977] ? calculate_sigpending+0x7b/0xa0 [ 13.162998] ? __pfx_kthread+0x10/0x10 [ 13.163016] ret_from_fork+0x41/0x80 [ 13.163048] ? __pfx_kthread+0x10/0x10 [ 13.163065] ret_from_fork_asm+0x1a/0x30 [ 13.163095] </TASK> [ 13.163106] [ 13.174579] Allocated by task 215: [ 13.174796] kasan_save_stack+0x45/0x70 [ 13.175016] kasan_save_track+0x18/0x40 [ 13.175509] kasan_save_alloc_info+0x3b/0x50 [ 13.175701] __kasan_kmalloc+0xb7/0xc0 [ 13.175893] __kmalloc_cache_noprof+0x189/0x420 [ 13.176157] ksize_uaf+0xaa/0x6c0 [ 13.176342] kunit_try_run_case+0x1a5/0x480 [ 13.176665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.176892] kthread+0x337/0x6f0 [ 13.177058] ret_from_fork+0x41/0x80 [ 13.177733] ret_from_fork_asm+0x1a/0x30 [ 13.178094] [ 13.178201] Freed by task 215: [ 13.178530] kasan_save_stack+0x45/0x70 [ 13.178915] kasan_save_track+0x18/0x40 [ 13.179305] kasan_save_free_info+0x3f/0x60 [ 13.179699] __kasan_slab_free+0x56/0x70 [ 13.180148] kfree+0x222/0x3f0 [ 13.180290] ksize_uaf+0x12c/0x6c0 [ 13.180823] kunit_try_run_case+0x1a5/0x480 [ 13.181435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.181727] kthread+0x337/0x6f0 [ 13.181867] ret_from_fork+0x41/0x80 [ 13.182056] ret_from_fork_asm+0x1a/0x30 [ 13.182210] [ 13.182319] The buggy address belongs to the object at ffff888102a2d700 [ 13.182319] which belongs to the cache kmalloc-128 of size 128 [ 13.183506] The buggy address is located 120 bytes inside of [ 13.183506] freed 128-byte region [ffff888102a2d700, ffff888102a2d780) [ 13.184287] [ 13.184385] The buggy address belongs to the physical page: [ 13.184876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2d [ 13.185429] flags: 0x200000000000000(node=0|zone=2) [ 13.185669] page_type: f5(slab) [ 13.185842] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.186153] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.187138] page dumped because: kasan: bad access detected [ 13.187397] [ 13.187523] Memory state around the buggy address: [ 13.187751] ffff888102a2d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.188271] ffff888102a2d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.188814] >ffff888102a2d700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.189374] ^ [ 13.189871] ffff888102a2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.190492] ffff888102a2d800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.191290] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 13.013178] ================================================================== [ 13.013714] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.014443] Read of size 1 at addr ffff8881026f5373 by task kunit_try_catch/213 [ 13.015367] [ 13.015708] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 13.015759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.015772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.015792] Call Trace: [ 13.015806] <TASK> [ 13.015822] dump_stack_lvl+0x73/0xb0 [ 13.015852] print_report+0xd1/0x650 [ 13.015874] ? __virt_addr_valid+0x1db/0x2d0 [ 13.015999] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.016023] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.016045] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.016069] kasan_report+0x141/0x180 [ 13.016091] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.016120] __asan_report_load1_noabort+0x18/0x20 [ 13.016140] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.016164] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.016185] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.016216] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.016243] kunit_try_run_case+0x1a5/0x480 [ 13.016267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.016288] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.016321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.016343] ? __kthread_parkme+0x82/0x180 [ 13.016364] ? preempt_count_sub+0x50/0x80 [ 13.016389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.016411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.016432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.016454] kthread+0x337/0x6f0 [ 13.016470] ? trace_preempt_on+0x20/0xc0 [ 13.016493] ? __pfx_kthread+0x10/0x10 [ 13.016510] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.016531] ? calculate_sigpending+0x7b/0xa0 [ 13.016552] ? __pfx_kthread+0x10/0x10 [ 13.016569] ret_from_fork+0x41/0x80 [ 13.016590] ? __pfx_kthread+0x10/0x10 [ 13.016607] ret_from_fork_asm+0x1a/0x30 [ 13.016637] </TASK> [ 13.016649] [ 13.029781] Allocated by task 213: [ 13.030101] kasan_save_stack+0x45/0x70 [ 13.030536] kasan_save_track+0x18/0x40 [ 13.031094] kasan_save_alloc_info+0x3b/0x50 [ 13.031386] __kasan_kmalloc+0xb7/0xc0 [ 13.031844] __kmalloc_cache_noprof+0x189/0x420 [ 13.032246] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.032698] kunit_try_run_case+0x1a5/0x480 [ 13.033143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.033338] kthread+0x337/0x6f0 [ 13.033476] ret_from_fork+0x41/0x80 [ 13.034025] ret_from_fork_asm+0x1a/0x30 [ 13.034499] [ 13.034762] The buggy address belongs to the object at ffff8881026f5300 [ 13.034762] which belongs to the cache kmalloc-128 of size 128 [ 13.036115] The buggy address is located 0 bytes to the right of [ 13.036115] allocated 115-byte region [ffff8881026f5300, ffff8881026f5373) [ 13.037072] [ 13.037265] The buggy address belongs to the physical page: [ 13.037950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f5 [ 13.038308] flags: 0x200000000000000(node=0|zone=2) [ 13.038496] page_type: f5(slab) [ 13.038623] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.038862] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.039125] page dumped because: kasan: bad access detected [ 13.039665] [ 13.039834] Memory state around the buggy address: [ 13.040353] ffff8881026f5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.040873] ffff8881026f5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.041374] >ffff8881026f5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.042040] ^ [ 13.042282] ffff8881026f5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.042805] ffff8881026f5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.043528] ================================================================== [ 13.073214] ================================================================== [ 13.073866] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.074139] Read of size 1 at addr ffff8881026f537f by task kunit_try_catch/213 [ 13.074372] [ 13.074467] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 13.074512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.074524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.074543] Call Trace: [ 13.074560] <TASK> [ 13.074575] dump_stack_lvl+0x73/0xb0 [ 13.074602] print_report+0xd1/0x650 [ 13.074624] ? __virt_addr_valid+0x1db/0x2d0 [ 13.074645] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.074672] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.074694] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.074717] kasan_report+0x141/0x180 [ 13.074739] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.074766] __asan_report_load1_noabort+0x18/0x20 [ 13.074786] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.074810] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.074832] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.074860] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.074888] kunit_try_run_case+0x1a5/0x480 [ 13.074911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.074932] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.074954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.074976] ? __kthread_parkme+0x82/0x180 [ 13.074998] ? preempt_count_sub+0x50/0x80 [ 13.075022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.075044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.075065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.075087] kthread+0x337/0x6f0 [ 13.075103] ? trace_preempt_on+0x20/0xc0 [ 13.075125] ? __pfx_kthread+0x10/0x10 [ 13.075143] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.075163] ? calculate_sigpending+0x7b/0xa0 [ 13.075184] ? __pfx_kthread+0x10/0x10 [ 13.075202] ret_from_fork+0x41/0x80 [ 13.075222] ? __pfx_kthread+0x10/0x10 [ 13.075240] ret_from_fork_asm+0x1a/0x30 [ 13.075270] </TASK> [ 13.075282] [ 13.087107] Allocated by task 213: [ 13.087441] kasan_save_stack+0x45/0x70 [ 13.087796] kasan_save_track+0x18/0x40 [ 13.088148] kasan_save_alloc_info+0x3b/0x50 [ 13.088630] __kasan_kmalloc+0xb7/0xc0 [ 13.089035] __kmalloc_cache_noprof+0x189/0x420 [ 13.089215] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.089378] kunit_try_run_case+0x1a5/0x480 [ 13.089703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.090222] kthread+0x337/0x6f0 [ 13.090583] ret_from_fork+0x41/0x80 [ 13.090958] ret_from_fork_asm+0x1a/0x30 [ 13.091344] [ 13.091505] The buggy address belongs to the object at ffff8881026f5300 [ 13.091505] which belongs to the cache kmalloc-128 of size 128 [ 13.092633] The buggy address is located 12 bytes to the right of [ 13.092633] allocated 115-byte region [ffff8881026f5300, ffff8881026f5373) [ 13.093289] [ 13.093375] The buggy address belongs to the physical page: [ 13.093749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f5 [ 13.094568] flags: 0x200000000000000(node=0|zone=2) [ 13.095092] page_type: f5(slab) [ 13.095301] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.095551] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.095777] page dumped because: kasan: bad access detected [ 13.095967] [ 13.096037] Memory state around the buggy address: [ 13.096536] ffff8881026f5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.097316] ffff8881026f5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.097746] >ffff8881026f5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.098435] ^ [ 13.099099] ffff8881026f5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.099733] ffff8881026f5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.100052] ================================================================== [ 13.044731] ================================================================== [ 13.045103] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.045366] Read of size 1 at addr ffff8881026f5378 by task kunit_try_catch/213 [ 13.045785] [ 13.046002] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 13.046050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.046062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.046083] Call Trace: [ 13.046095] <TASK> [ 13.046112] dump_stack_lvl+0x73/0xb0 [ 13.046140] print_report+0xd1/0x650 [ 13.046162] ? __virt_addr_valid+0x1db/0x2d0 [ 13.046185] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.046207] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.046229] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.046252] kasan_report+0x141/0x180 [ 13.046274] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.046313] __asan_report_load1_noabort+0x18/0x20 [ 13.046333] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.046357] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.046379] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.046409] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.046447] kunit_try_run_case+0x1a5/0x480 [ 13.046471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.046492] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.046516] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.046537] ? __kthread_parkme+0x82/0x180 [ 13.046559] ? preempt_count_sub+0x50/0x80 [ 13.046585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.046609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.046630] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.046652] kthread+0x337/0x6f0 [ 13.046675] ? trace_preempt_on+0x20/0xc0 [ 13.046698] ? __pfx_kthread+0x10/0x10 [ 13.046716] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.046736] ? calculate_sigpending+0x7b/0xa0 [ 13.046758] ? __pfx_kthread+0x10/0x10 [ 13.046775] ret_from_fork+0x41/0x80 [ 13.046797] ? __pfx_kthread+0x10/0x10 [ 13.046814] ret_from_fork_asm+0x1a/0x30 [ 13.046845] </TASK> [ 13.046856] [ 13.060405] Allocated by task 213: [ 13.060544] kasan_save_stack+0x45/0x70 [ 13.060925] kasan_save_track+0x18/0x40 [ 13.061338] kasan_save_alloc_info+0x3b/0x50 [ 13.061720] __kasan_kmalloc+0xb7/0xc0 [ 13.062000] __kmalloc_cache_noprof+0x189/0x420 [ 13.062369] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.062851] kunit_try_run_case+0x1a5/0x480 [ 13.063224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.063526] kthread+0x337/0x6f0 [ 13.063784] ret_from_fork+0x41/0x80 [ 13.064176] ret_from_fork_asm+0x1a/0x30 [ 13.064605] [ 13.064771] The buggy address belongs to the object at ffff8881026f5300 [ 13.064771] which belongs to the cache kmalloc-128 of size 128 [ 13.065336] The buggy address is located 5 bytes to the right of [ 13.065336] allocated 115-byte region [ffff8881026f5300, ffff8881026f5373) [ 13.066235] [ 13.066438] The buggy address belongs to the physical page: [ 13.067028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f5 [ 13.067757] flags: 0x200000000000000(node=0|zone=2) [ 13.068235] page_type: f5(slab) [ 13.068440] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.068677] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.068914] page dumped because: kasan: bad access detected [ 13.069371] [ 13.069559] Memory state around the buggy address: [ 13.069856] ffff8881026f5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.070072] ffff8881026f5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.070374] >ffff8881026f5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.070824] ^ [ 13.071277] ffff8881026f5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.071883] ffff8881026f5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.072284] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.974324] ================================================================== [ 12.974905] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.975717] Free of addr ffff8881020cbe80 by task kunit_try_catch/211 [ 12.976319] [ 12.976492] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.976536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.976558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.976578] Call Trace: [ 12.976589] <TASK> [ 12.976604] dump_stack_lvl+0x73/0xb0 [ 12.976641] print_report+0xd1/0x650 [ 12.976663] ? __virt_addr_valid+0x1db/0x2d0 [ 12.976685] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.976706] ? kfree_sensitive+0x2e/0x90 [ 12.976727] kasan_report_invalid_free+0x10a/0x130 [ 12.976751] ? kfree_sensitive+0x2e/0x90 [ 12.976773] ? kfree_sensitive+0x2e/0x90 [ 12.976793] check_slab_allocation+0x101/0x130 [ 12.976814] __kasan_slab_pre_free+0x28/0x40 [ 12.976835] kfree+0xf0/0x3f0 [ 12.976853] ? kfree_sensitive+0x2e/0x90 [ 12.976875] kfree_sensitive+0x2e/0x90 [ 12.976895] kmalloc_double_kzfree+0x19c/0x350 [ 12.976917] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.976941] ? __schedule+0x10cc/0x2b30 [ 12.976963] ? __pfx_read_tsc+0x10/0x10 [ 12.976982] ? ktime_get_ts64+0x86/0x230 [ 12.977005] kunit_try_run_case+0x1a5/0x480 [ 12.977028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.977049] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.977071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.977093] ? __kthread_parkme+0x82/0x180 [ 12.977113] ? preempt_count_sub+0x50/0x80 [ 12.977138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.977160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.977181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.977203] kthread+0x337/0x6f0 [ 12.977220] ? trace_preempt_on+0x20/0xc0 [ 12.977242] ? __pfx_kthread+0x10/0x10 [ 12.977260] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.977280] ? calculate_sigpending+0x7b/0xa0 [ 12.977310] ? __pfx_kthread+0x10/0x10 [ 12.977328] ret_from_fork+0x41/0x80 [ 12.977348] ? __pfx_kthread+0x10/0x10 [ 12.977365] ret_from_fork_asm+0x1a/0x30 [ 12.977396] </TASK> [ 12.977407] [ 12.991645] Allocated by task 211: [ 12.991916] kasan_save_stack+0x45/0x70 [ 12.992198] kasan_save_track+0x18/0x40 [ 12.992635] kasan_save_alloc_info+0x3b/0x50 [ 12.992810] __kasan_kmalloc+0xb7/0xc0 [ 12.993214] __kmalloc_cache_noprof+0x189/0x420 [ 12.993748] kmalloc_double_kzfree+0xa9/0x350 [ 12.994222] kunit_try_run_case+0x1a5/0x480 [ 12.994543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.994978] kthread+0x337/0x6f0 [ 12.995125] ret_from_fork+0x41/0x80 [ 12.995401] ret_from_fork_asm+0x1a/0x30 [ 12.995689] [ 12.995761] Freed by task 211: [ 12.996115] kasan_save_stack+0x45/0x70 [ 12.996540] kasan_save_track+0x18/0x40 [ 12.996961] kasan_save_free_info+0x3f/0x60 [ 12.997210] __kasan_slab_free+0x56/0x70 [ 12.997489] kfree+0x222/0x3f0 [ 12.997789] kfree_sensitive+0x67/0x90 [ 12.998206] kmalloc_double_kzfree+0x12b/0x350 [ 12.998710] kunit_try_run_case+0x1a5/0x480 [ 12.999100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.999316] kthread+0x337/0x6f0 [ 12.999648] ret_from_fork+0x41/0x80 [ 13.000097] ret_from_fork_asm+0x1a/0x30 [ 13.000448] [ 13.000643] The buggy address belongs to the object at ffff8881020cbe80 [ 13.000643] which belongs to the cache kmalloc-16 of size 16 [ 13.001376] The buggy address is located 0 bytes inside of [ 13.001376] 16-byte region [ffff8881020cbe80, ffff8881020cbe90) [ 13.001783] [ 13.001972] The buggy address belongs to the physical page: [ 13.002525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1020cb [ 13.003361] flags: 0x200000000000000(node=0|zone=2) [ 13.003756] page_type: f5(slab) [ 13.004050] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.004640] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.005463] page dumped because: kasan: bad access detected [ 13.005699] [ 13.005830] Memory state around the buggy address: [ 13.006388] ffff8881020cbd80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.007067] ffff8881020cbe00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.007320] >ffff8881020cbe80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.008039] ^ [ 13.008359] ffff8881020cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.009075] ffff8881020cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.009614] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.938856] ================================================================== [ 12.939970] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.940512] Read of size 1 at addr ffff8881020cbe80 by task kunit_try_catch/211 [ 12.940874] [ 12.941140] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.941188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.941200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.941221] Call Trace: [ 12.941233] <TASK> [ 12.941249] dump_stack_lvl+0x73/0xb0 [ 12.941276] print_report+0xd1/0x650 [ 12.941308] ? __virt_addr_valid+0x1db/0x2d0 [ 12.941329] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.941351] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.941402] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.941435] kasan_report+0x141/0x180 [ 12.941469] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.941495] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.941518] __kasan_check_byte+0x3d/0x50 [ 12.941540] kfree_sensitive+0x22/0x90 [ 12.941563] kmalloc_double_kzfree+0x19c/0x350 [ 12.941585] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.941608] ? __schedule+0x10cc/0x2b30 [ 12.941630] ? __pfx_read_tsc+0x10/0x10 [ 12.941649] ? ktime_get_ts64+0x86/0x230 [ 12.941673] kunit_try_run_case+0x1a5/0x480 [ 12.941696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.941717] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.941739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.941761] ? __kthread_parkme+0x82/0x180 [ 12.941781] ? preempt_count_sub+0x50/0x80 [ 12.941806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.941828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.941849] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.941871] kthread+0x337/0x6f0 [ 12.941904] ? trace_preempt_on+0x20/0xc0 [ 12.941927] ? __pfx_kthread+0x10/0x10 [ 12.941944] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.941964] ? calculate_sigpending+0x7b/0xa0 [ 12.941985] ? __pfx_kthread+0x10/0x10 [ 12.942003] ret_from_fork+0x41/0x80 [ 12.942022] ? __pfx_kthread+0x10/0x10 [ 12.942039] ret_from_fork_asm+0x1a/0x30 [ 12.942069] </TASK> [ 12.942081] [ 12.956443] Allocated by task 211: [ 12.956962] kasan_save_stack+0x45/0x70 [ 12.957251] kasan_save_track+0x18/0x40 [ 12.957703] kasan_save_alloc_info+0x3b/0x50 [ 12.957907] __kasan_kmalloc+0xb7/0xc0 [ 12.958325] __kmalloc_cache_noprof+0x189/0x420 [ 12.958824] kmalloc_double_kzfree+0xa9/0x350 [ 12.959224] kunit_try_run_case+0x1a5/0x480 [ 12.959631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.959951] kthread+0x337/0x6f0 [ 12.960320] ret_from_fork+0x41/0x80 [ 12.960682] ret_from_fork_asm+0x1a/0x30 [ 12.960982] [ 12.961053] Freed by task 211: [ 12.961164] kasan_save_stack+0x45/0x70 [ 12.961309] kasan_save_track+0x18/0x40 [ 12.961791] kasan_save_free_info+0x3f/0x60 [ 12.961974] __kasan_slab_free+0x56/0x70 [ 12.962365] kfree+0x222/0x3f0 [ 12.962713] kfree_sensitive+0x67/0x90 [ 12.963146] kmalloc_double_kzfree+0x12b/0x350 [ 12.963479] kunit_try_run_case+0x1a5/0x480 [ 12.963904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.964343] kthread+0x337/0x6f0 [ 12.964717] ret_from_fork+0x41/0x80 [ 12.964874] ret_from_fork_asm+0x1a/0x30 [ 12.965375] [ 12.965535] The buggy address belongs to the object at ffff8881020cbe80 [ 12.965535] which belongs to the cache kmalloc-16 of size 16 [ 12.966233] The buggy address is located 0 bytes inside of [ 12.966233] freed 16-byte region [ffff8881020cbe80, ffff8881020cbe90) [ 12.966889] [ 12.966965] The buggy address belongs to the physical page: [ 12.967543] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1020cb [ 12.968359] flags: 0x200000000000000(node=0|zone=2) [ 12.968923] page_type: f5(slab) [ 12.969308] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.969907] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.970134] page dumped because: kasan: bad access detected [ 12.970312] [ 12.970406] Memory state around the buggy address: [ 12.970576] ffff8881020cbd80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.971179] ffff8881020cbe00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.972015] >ffff8881020cbe80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.972550] ^ [ 12.972877] ffff8881020cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.973420] ffff8881020cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.973734] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.896109] ================================================================== [ 12.896817] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.897230] Read of size 1 at addr ffff888102701628 by task kunit_try_catch/207 [ 12.897875] [ 12.898187] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.898276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.898290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.898324] Call Trace: [ 12.898337] <TASK> [ 12.898358] dump_stack_lvl+0x73/0xb0 [ 12.898389] print_report+0xd1/0x650 [ 12.898411] ? __virt_addr_valid+0x1db/0x2d0 [ 12.898434] ? kmalloc_uaf2+0x4a8/0x520 [ 12.898453] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.898475] ? kmalloc_uaf2+0x4a8/0x520 [ 12.898495] kasan_report+0x141/0x180 [ 12.898517] ? kmalloc_uaf2+0x4a8/0x520 [ 12.898542] __asan_report_load1_noabort+0x18/0x20 [ 12.898561] kmalloc_uaf2+0x4a8/0x520 [ 12.898582] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.898601] ? finish_task_switch.isra.0+0x153/0x700 [ 12.898625] ? __switch_to+0x5d9/0xf60 [ 12.898645] ? dequeue_task_fair+0x166/0x4e0 [ 12.898677] ? __schedule+0x10cc/0x2b30 [ 12.898699] ? __pfx_read_tsc+0x10/0x10 [ 12.898718] ? ktime_get_ts64+0x86/0x230 [ 12.898743] kunit_try_run_case+0x1a5/0x480 [ 12.898767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.898788] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.898810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.898832] ? __kthread_parkme+0x82/0x180 [ 12.898853] ? preempt_count_sub+0x50/0x80 [ 12.898965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.898992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.899014] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.899036] kthread+0x337/0x6f0 [ 12.899052] ? trace_preempt_on+0x20/0xc0 [ 12.899076] ? __pfx_kthread+0x10/0x10 [ 12.899094] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.899114] ? calculate_sigpending+0x7b/0xa0 [ 12.899135] ? __pfx_kthread+0x10/0x10 [ 12.899153] ret_from_fork+0x41/0x80 [ 12.899174] ? __pfx_kthread+0x10/0x10 [ 12.899191] ret_from_fork_asm+0x1a/0x30 [ 12.899221] </TASK> [ 12.899234] [ 12.914010] Allocated by task 207: [ 12.914536] kasan_save_stack+0x45/0x70 [ 12.914997] kasan_save_track+0x18/0x40 [ 12.915148] kasan_save_alloc_info+0x3b/0x50 [ 12.915313] __kasan_kmalloc+0xb7/0xc0 [ 12.915486] __kmalloc_cache_noprof+0x189/0x420 [ 12.916273] kmalloc_uaf2+0xc6/0x520 [ 12.917083] kunit_try_run_case+0x1a5/0x480 [ 12.917633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.918443] kthread+0x337/0x6f0 [ 12.918743] ret_from_fork+0x41/0x80 [ 12.918991] ret_from_fork_asm+0x1a/0x30 [ 12.919513] [ 12.919726] Freed by task 207: [ 12.920282] kasan_save_stack+0x45/0x70 [ 12.921068] kasan_save_track+0x18/0x40 [ 12.921447] kasan_save_free_info+0x3f/0x60 [ 12.921761] __kasan_slab_free+0x56/0x70 [ 12.922063] kfree+0x222/0x3f0 [ 12.922216] kmalloc_uaf2+0x14c/0x520 [ 12.922411] kunit_try_run_case+0x1a5/0x480 [ 12.923088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.923474] kthread+0x337/0x6f0 [ 12.923808] ret_from_fork+0x41/0x80 [ 12.924125] ret_from_fork_asm+0x1a/0x30 [ 12.924333] [ 12.924435] The buggy address belongs to the object at ffff888102701600 [ 12.924435] which belongs to the cache kmalloc-64 of size 64 [ 12.925373] The buggy address is located 40 bytes inside of [ 12.925373] freed 64-byte region [ffff888102701600, ffff888102701640) [ 12.926348] [ 12.926807] The buggy address belongs to the physical page: [ 12.927312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102701 [ 12.927802] flags: 0x200000000000000(node=0|zone=2) [ 12.928236] page_type: f5(slab) [ 12.928403] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.928963] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.929715] page dumped because: kasan: bad access detected [ 12.930018] [ 12.930262] Memory state around the buggy address: [ 12.930707] ffff888102701500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.931442] ffff888102701580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.931840] >ffff888102701600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.932390] ^ [ 12.932693] ffff888102701680: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.932969] ffff888102701700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.933302] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.851176] ================================================================== [ 12.851616] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.851860] Write of size 33 at addr ffff888102a38e00 by task kunit_try_catch/205 [ 12.852551] [ 12.852790] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.852840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.852852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.852874] Call Trace: [ 12.852888] <TASK> [ 12.852906] dump_stack_lvl+0x73/0xb0 [ 12.852936] print_report+0xd1/0x650 [ 12.852958] ? __virt_addr_valid+0x1db/0x2d0 [ 12.852980] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.853000] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.853021] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.853043] kasan_report+0x141/0x180 [ 12.853064] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.853090] kasan_check_range+0x10c/0x1c0 [ 12.853110] __asan_memset+0x27/0x50 [ 12.853129] kmalloc_uaf_memset+0x1a3/0x360 [ 12.853150] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.853171] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.853195] ? trace_hardirqs_on+0x37/0xe0 [ 12.853219] ? __pfx_read_tsc+0x10/0x10 [ 12.853239] ? ktime_get_ts64+0x86/0x230 [ 12.853265] kunit_try_run_case+0x1a5/0x480 [ 12.853289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.853324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.853347] ? __kthread_parkme+0x82/0x180 [ 12.853368] ? preempt_count_sub+0x50/0x80 [ 12.853394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.853416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.853437] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.853459] kthread+0x337/0x6f0 [ 12.853475] ? trace_preempt_on+0x20/0xc0 [ 12.853496] ? __pfx_kthread+0x10/0x10 [ 12.853514] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.853533] ? calculate_sigpending+0x7b/0xa0 [ 12.853555] ? __pfx_kthread+0x10/0x10 [ 12.853573] ret_from_fork+0x41/0x80 [ 12.853593] ? __pfx_kthread+0x10/0x10 [ 12.853610] ret_from_fork_asm+0x1a/0x30 [ 12.853640] </TASK> [ 12.853651] [ 12.866517] Allocated by task 205: [ 12.866879] kasan_save_stack+0x45/0x70 [ 12.867302] kasan_save_track+0x18/0x40 [ 12.867633] kasan_save_alloc_info+0x3b/0x50 [ 12.867790] __kasan_kmalloc+0xb7/0xc0 [ 12.868050] __kmalloc_cache_noprof+0x189/0x420 [ 12.868468] kmalloc_uaf_memset+0xa9/0x360 [ 12.868857] kunit_try_run_case+0x1a5/0x480 [ 12.869357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.869833] kthread+0x337/0x6f0 [ 12.870660] ret_from_fork+0x41/0x80 [ 12.871331] ret_from_fork_asm+0x1a/0x30 [ 12.871845] [ 12.872177] Freed by task 205: [ 12.872684] kasan_save_stack+0x45/0x70 [ 12.873153] kasan_save_track+0x18/0x40 [ 12.873633] kasan_save_free_info+0x3f/0x60 [ 12.873830] __kasan_slab_free+0x56/0x70 [ 12.874546] kfree+0x222/0x3f0 [ 12.874976] kmalloc_uaf_memset+0x12b/0x360 [ 12.875571] kunit_try_run_case+0x1a5/0x480 [ 12.876223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.877022] kthread+0x337/0x6f0 [ 12.877216] ret_from_fork+0x41/0x80 [ 12.877389] ret_from_fork_asm+0x1a/0x30 [ 12.878102] [ 12.878463] The buggy address belongs to the object at ffff888102a38e00 [ 12.878463] which belongs to the cache kmalloc-64 of size 64 [ 12.880013] The buggy address is located 0 bytes inside of [ 12.880013] freed 64-byte region [ffff888102a38e00, ffff888102a38e40) [ 12.881659] [ 12.881764] The buggy address belongs to the physical page: [ 12.881987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 12.882309] flags: 0x200000000000000(node=0|zone=2) [ 12.882522] page_type: f5(slab) [ 12.882681] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.882977] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.883264] page dumped because: kasan: bad access detected [ 12.884471] [ 12.884944] Memory state around the buggy address: [ 12.885801] ffff888102a38d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.886954] ffff888102a38d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.887999] >ffff888102a38e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.889089] ^ [ 12.889650] ffff888102a38e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.890708] ffff888102a38f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.891782] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.814059] ================================================================== [ 12.815023] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.815325] Read of size 1 at addr ffff8881020cbe68 by task kunit_try_catch/203 [ 12.816067] [ 12.816433] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.816487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.816500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.816555] Call Trace: [ 12.816569] <TASK> [ 12.816585] dump_stack_lvl+0x73/0xb0 [ 12.816614] print_report+0xd1/0x650 [ 12.816635] ? __virt_addr_valid+0x1db/0x2d0 [ 12.816657] ? kmalloc_uaf+0x320/0x380 [ 12.816677] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.816699] ? kmalloc_uaf+0x320/0x380 [ 12.816719] kasan_report+0x141/0x180 [ 12.816741] ? kmalloc_uaf+0x320/0x380 [ 12.816766] __asan_report_load1_noabort+0x18/0x20 [ 12.816786] kmalloc_uaf+0x320/0x380 [ 12.816805] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.816826] ? __schedule+0x10cc/0x2b30 [ 12.816847] ? __pfx_read_tsc+0x10/0x10 [ 12.816866] ? ktime_get_ts64+0x86/0x230 [ 12.816889] kunit_try_run_case+0x1a5/0x480 [ 12.816912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.816933] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.816955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.816977] ? __kthread_parkme+0x82/0x180 [ 12.816998] ? preempt_count_sub+0x50/0x80 [ 12.817022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.817045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.817066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.817088] kthread+0x337/0x6f0 [ 12.817104] ? trace_preempt_on+0x20/0xc0 [ 12.817126] ? __pfx_kthread+0x10/0x10 [ 12.817143] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.817163] ? calculate_sigpending+0x7b/0xa0 [ 12.817183] ? __pfx_kthread+0x10/0x10 [ 12.817201] ret_from_fork+0x41/0x80 [ 12.817220] ? __pfx_kthread+0x10/0x10 [ 12.817237] ret_from_fork_asm+0x1a/0x30 [ 12.817267] </TASK> [ 12.817279] [ 12.830106] Allocated by task 203: [ 12.830273] kasan_save_stack+0x45/0x70 [ 12.830782] kasan_save_track+0x18/0x40 [ 12.830938] kasan_save_alloc_info+0x3b/0x50 [ 12.831189] __kasan_kmalloc+0xb7/0xc0 [ 12.831369] __kmalloc_cache_noprof+0x189/0x420 [ 12.832063] kmalloc_uaf+0xaa/0x380 [ 12.832306] kunit_try_run_case+0x1a5/0x480 [ 12.832643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.832944] kthread+0x337/0x6f0 [ 12.833112] ret_from_fork+0x41/0x80 [ 12.833280] ret_from_fork_asm+0x1a/0x30 [ 12.833788] [ 12.833880] Freed by task 203: [ 12.834207] kasan_save_stack+0x45/0x70 [ 12.834402] kasan_save_track+0x18/0x40 [ 12.834897] kasan_save_free_info+0x3f/0x60 [ 12.835398] __kasan_slab_free+0x56/0x70 [ 12.835661] kfree+0x222/0x3f0 [ 12.835815] kmalloc_uaf+0x12c/0x380 [ 12.836339] kunit_try_run_case+0x1a5/0x480 [ 12.836802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.837095] kthread+0x337/0x6f0 [ 12.837252] ret_from_fork+0x41/0x80 [ 12.837435] ret_from_fork_asm+0x1a/0x30 [ 12.837619] [ 12.837709] The buggy address belongs to the object at ffff8881020cbe60 [ 12.837709] which belongs to the cache kmalloc-16 of size 16 [ 12.838762] The buggy address is located 8 bytes inside of [ 12.838762] freed 16-byte region [ffff8881020cbe60, ffff8881020cbe70) [ 12.839843] [ 12.840018] The buggy address belongs to the physical page: [ 12.840251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1020cb [ 12.840879] flags: 0x200000000000000(node=0|zone=2) [ 12.841326] page_type: f5(slab) [ 12.841758] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.842527] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.843213] page dumped because: kasan: bad access detected [ 12.843680] [ 12.843782] Memory state around the buggy address: [ 12.844162] ffff8881020cbd00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.844621] ffff8881020cbd80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.845283] >ffff8881020cbe00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.845731] ^ [ 12.846183] ffff8881020cbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.846648] ffff8881020cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.847147] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.777731] ================================================================== [ 12.778228] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.778545] Read of size 64 at addr ffff888102701384 by task kunit_try_catch/201 [ 12.778782] [ 12.778871] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.778918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.778930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.778950] Call Trace: [ 12.778962] <TASK> [ 12.778977] dump_stack_lvl+0x73/0xb0 [ 12.779004] print_report+0xd1/0x650 [ 12.779025] ? __virt_addr_valid+0x1db/0x2d0 [ 12.779046] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.779069] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.779090] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.779114] kasan_report+0x141/0x180 [ 12.779136] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.779165] kasan_check_range+0x10c/0x1c0 [ 12.779185] __asan_memmove+0x27/0x70 [ 12.779204] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.779228] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.779253] ? __schedule+0x10cc/0x2b30 [ 12.779275] ? __pfx_read_tsc+0x10/0x10 [ 12.779305] ? ktime_get_ts64+0x86/0x230 [ 12.779330] kunit_try_run_case+0x1a5/0x480 [ 12.779353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.779374] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.779396] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.779418] ? __kthread_parkme+0x82/0x180 [ 12.779722] ? preempt_count_sub+0x50/0x80 [ 12.779749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.779787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.779809] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.779831] kthread+0x337/0x6f0 [ 12.779847] ? trace_preempt_on+0x20/0xc0 [ 12.779870] ? __pfx_kthread+0x10/0x10 [ 12.779887] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.779908] ? calculate_sigpending+0x7b/0xa0 [ 12.779928] ? __pfx_kthread+0x10/0x10 [ 12.779946] ret_from_fork+0x41/0x80 [ 12.779966] ? __pfx_kthread+0x10/0x10 [ 12.779984] ret_from_fork_asm+0x1a/0x30 [ 12.780014] </TASK> [ 12.780026] [ 12.794881] Allocated by task 201: [ 12.795156] kasan_save_stack+0x45/0x70 [ 12.795558] kasan_save_track+0x18/0x40 [ 12.795701] kasan_save_alloc_info+0x3b/0x50 [ 12.795847] __kasan_kmalloc+0xb7/0xc0 [ 12.796149] __kmalloc_cache_noprof+0x189/0x420 [ 12.796590] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.797119] kunit_try_run_case+0x1a5/0x480 [ 12.797559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.798119] kthread+0x337/0x6f0 [ 12.798549] ret_from_fork+0x41/0x80 [ 12.798700] ret_from_fork_asm+0x1a/0x30 [ 12.798919] [ 12.799155] The buggy address belongs to the object at ffff888102701380 [ 12.799155] which belongs to the cache kmalloc-64 of size 64 [ 12.800307] The buggy address is located 4 bytes inside of [ 12.800307] allocated 64-byte region [ffff888102701380, ffff8881027013c0) [ 12.800923] [ 12.801153] The buggy address belongs to the physical page: [ 12.801715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102701 [ 12.802187] flags: 0x200000000000000(node=0|zone=2) [ 12.802373] page_type: f5(slab) [ 12.802597] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.803399] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.804226] page dumped because: kasan: bad access detected [ 12.804782] [ 12.804976] Memory state around the buggy address: [ 12.805305] ffff888102701280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.805624] ffff888102701300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.806357] >ffff888102701380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.807069] ^ [ 12.807586] ffff888102701400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.807820] ffff888102701480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.808605] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.746987] ================================================================== [ 12.747833] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.748096] Read of size 18446744073709551614 at addr ffff888102701304 by task kunit_try_catch/199 [ 12.748426] [ 12.748524] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.748572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.748584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.748604] Call Trace: [ 12.748618] <TASK> [ 12.748635] dump_stack_lvl+0x73/0xb0 [ 12.748663] print_report+0xd1/0x650 [ 12.748685] ? __virt_addr_valid+0x1db/0x2d0 [ 12.748705] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.748731] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.748752] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.748792] kasan_report+0x141/0x180 [ 12.748814] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.748844] kasan_check_range+0x10c/0x1c0 [ 12.748865] __asan_memmove+0x27/0x70 [ 12.748885] kmalloc_memmove_negative_size+0x171/0x330 [ 12.748909] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.748935] ? __schedule+0x10cc/0x2b30 [ 12.748957] ? __pfx_read_tsc+0x10/0x10 [ 12.748976] ? ktime_get_ts64+0x86/0x230 [ 12.749001] kunit_try_run_case+0x1a5/0x480 [ 12.749024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.749045] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.749068] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.749090] ? __kthread_parkme+0x82/0x180 [ 12.749112] ? preempt_count_sub+0x50/0x80 [ 12.749136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.749160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.749182] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.749206] kthread+0x337/0x6f0 [ 12.749223] ? trace_preempt_on+0x20/0xc0 [ 12.749245] ? __pfx_kthread+0x10/0x10 [ 12.749262] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.749282] ? calculate_sigpending+0x7b/0xa0 [ 12.749342] ? __pfx_kthread+0x10/0x10 [ 12.749360] ret_from_fork+0x41/0x80 [ 12.749380] ? __pfx_kthread+0x10/0x10 [ 12.749397] ret_from_fork_asm+0x1a/0x30 [ 12.749446] </TASK> [ 12.749458] [ 12.761396] Allocated by task 199: [ 12.761608] kasan_save_stack+0x45/0x70 [ 12.761840] kasan_save_track+0x18/0x40 [ 12.762132] kasan_save_alloc_info+0x3b/0x50 [ 12.762282] __kasan_kmalloc+0xb7/0xc0 [ 12.762452] __kmalloc_cache_noprof+0x189/0x420 [ 12.762674] kmalloc_memmove_negative_size+0xac/0x330 [ 12.763589] kunit_try_run_case+0x1a5/0x480 [ 12.764175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.765037] kthread+0x337/0x6f0 [ 12.765525] ret_from_fork+0x41/0x80 [ 12.765966] ret_from_fork_asm+0x1a/0x30 [ 12.766121] [ 12.766199] The buggy address belongs to the object at ffff888102701300 [ 12.766199] which belongs to the cache kmalloc-64 of size 64 [ 12.767769] The buggy address is located 4 bytes inside of [ 12.767769] 64-byte region [ffff888102701300, ffff888102701340) [ 12.769234] [ 12.769584] The buggy address belongs to the physical page: [ 12.770201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102701 [ 12.770671] flags: 0x200000000000000(node=0|zone=2) [ 12.771472] page_type: f5(slab) [ 12.772065] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.772649] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.772937] page dumped because: kasan: bad access detected [ 12.773164] [ 12.773251] Memory state around the buggy address: [ 12.773469] ffff888102701200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.773720] ffff888102701280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.774033] >ffff888102701300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.774286] ^ [ 12.774508] ffff888102701380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.774823] ffff888102701400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.775062] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.718802] ================================================================== [ 12.719216] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.719855] Write of size 16 at addr ffff888102a2d669 by task kunit_try_catch/197 [ 12.720098] [ 12.720189] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.720236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.720248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.720270] Call Trace: [ 12.720281] <TASK> [ 12.720312] dump_stack_lvl+0x73/0xb0 [ 12.720341] print_report+0xd1/0x650 [ 12.720363] ? __virt_addr_valid+0x1db/0x2d0 [ 12.720384] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.720406] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.720492] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.720519] kasan_report+0x141/0x180 [ 12.720542] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.720569] kasan_check_range+0x10c/0x1c0 [ 12.720590] __asan_memset+0x27/0x50 [ 12.720611] kmalloc_oob_memset_16+0x166/0x330 [ 12.720634] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.720659] ? __schedule+0x10cc/0x2b30 [ 12.720681] ? __pfx_read_tsc+0x10/0x10 [ 12.720700] ? ktime_get_ts64+0x86/0x230 [ 12.720725] kunit_try_run_case+0x1a5/0x480 [ 12.720748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.720769] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.720792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.720813] ? __kthread_parkme+0x82/0x180 [ 12.720836] ? preempt_count_sub+0x50/0x80 [ 12.720863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.720925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.720949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.720971] kthread+0x337/0x6f0 [ 12.720987] ? trace_preempt_on+0x20/0xc0 [ 12.721009] ? __pfx_kthread+0x10/0x10 [ 12.721027] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.721047] ? calculate_sigpending+0x7b/0xa0 [ 12.721068] ? __pfx_kthread+0x10/0x10 [ 12.721085] ret_from_fork+0x41/0x80 [ 12.721105] ? __pfx_kthread+0x10/0x10 [ 12.721123] ret_from_fork_asm+0x1a/0x30 [ 12.721154] </TASK> [ 12.721165] [ 12.732259] Allocated by task 197: [ 12.732710] kasan_save_stack+0x45/0x70 [ 12.732930] kasan_save_track+0x18/0x40 [ 12.733278] kasan_save_alloc_info+0x3b/0x50 [ 12.733696] __kasan_kmalloc+0xb7/0xc0 [ 12.733852] __kmalloc_cache_noprof+0x189/0x420 [ 12.734266] kmalloc_oob_memset_16+0xac/0x330 [ 12.734641] kunit_try_run_case+0x1a5/0x480 [ 12.734851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.735374] kthread+0x337/0x6f0 [ 12.735683] ret_from_fork+0x41/0x80 [ 12.735829] ret_from_fork_asm+0x1a/0x30 [ 12.736110] [ 12.736307] The buggy address belongs to the object at ffff888102a2d600 [ 12.736307] which belongs to the cache kmalloc-128 of size 128 [ 12.736986] The buggy address is located 105 bytes inside of [ 12.736986] allocated 120-byte region [ffff888102a2d600, ffff888102a2d678) [ 12.737724] [ 12.738038] The buggy address belongs to the physical page: [ 12.738286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2d [ 12.738763] flags: 0x200000000000000(node=0|zone=2) [ 12.739146] page_type: f5(slab) [ 12.739276] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.739849] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.740244] page dumped because: kasan: bad access detected [ 12.740563] [ 12.740646] Memory state around the buggy address: [ 12.741063] ffff888102a2d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.741392] ffff888102a2d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.741805] >ffff888102a2d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.742381] ^ [ 12.742744] ffff888102a2d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.743169] ffff888102a2d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.743473] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.695950] ================================================================== [ 12.696426] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.696779] Write of size 8 at addr ffff8881026f5271 by task kunit_try_catch/195 [ 12.697405] [ 12.697552] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.697599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.697611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.697632] Call Trace: [ 12.697644] <TASK> [ 12.697660] dump_stack_lvl+0x73/0xb0 [ 12.697688] print_report+0xd1/0x650 [ 12.697710] ? __virt_addr_valid+0x1db/0x2d0 [ 12.697732] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.697753] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.697775] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.697796] kasan_report+0x141/0x180 [ 12.697818] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.697845] kasan_check_range+0x10c/0x1c0 [ 12.697864] __asan_memset+0x27/0x50 [ 12.697946] kmalloc_oob_memset_8+0x166/0x330 [ 12.697973] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.697996] ? __schedule+0x10cc/0x2b30 [ 12.698019] ? __pfx_read_tsc+0x10/0x10 [ 12.698038] ? ktime_get_ts64+0x86/0x230 [ 12.698064] kunit_try_run_case+0x1a5/0x480 [ 12.698087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.698108] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.698131] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.698153] ? __kthread_parkme+0x82/0x180 [ 12.698174] ? preempt_count_sub+0x50/0x80 [ 12.698200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.698222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.698244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.698265] kthread+0x337/0x6f0 [ 12.698282] ? trace_preempt_on+0x20/0xc0 [ 12.698318] ? __pfx_kthread+0x10/0x10 [ 12.698336] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.698356] ? calculate_sigpending+0x7b/0xa0 [ 12.698377] ? __pfx_kthread+0x10/0x10 [ 12.698395] ret_from_fork+0x41/0x80 [ 12.698415] ? __pfx_kthread+0x10/0x10 [ 12.698432] ret_from_fork_asm+0x1a/0x30 [ 12.698463] </TASK> [ 12.698474] [ 12.705593] Allocated by task 195: [ 12.705886] kasan_save_stack+0x45/0x70 [ 12.706093] kasan_save_track+0x18/0x40 [ 12.706288] kasan_save_alloc_info+0x3b/0x50 [ 12.706510] __kasan_kmalloc+0xb7/0xc0 [ 12.706735] __kmalloc_cache_noprof+0x189/0x420 [ 12.706965] kmalloc_oob_memset_8+0xac/0x330 [ 12.707112] kunit_try_run_case+0x1a5/0x480 [ 12.707374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.707700] kthread+0x337/0x6f0 [ 12.707831] ret_from_fork+0x41/0x80 [ 12.707965] ret_from_fork_asm+0x1a/0x30 [ 12.708162] [ 12.708257] The buggy address belongs to the object at ffff8881026f5200 [ 12.708257] which belongs to the cache kmalloc-128 of size 128 [ 12.708862] The buggy address is located 113 bytes inside of [ 12.708862] allocated 120-byte region [ffff8881026f5200, ffff8881026f5278) [ 12.709218] [ 12.709325] The buggy address belongs to the physical page: [ 12.709576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f5 [ 12.709925] flags: 0x200000000000000(node=0|zone=2) [ 12.710159] page_type: f5(slab) [ 12.710452] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.710736] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.711402] page dumped because: kasan: bad access detected [ 12.711686] [ 12.711784] Memory state around the buggy address: [ 12.712700] ffff8881026f5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.713050] ffff8881026f5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.713369] >ffff8881026f5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.714028] ^ [ 12.714445] ffff8881026f5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.714748] ffff8881026f5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.715226] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.674723] ================================================================== [ 12.675414] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.675710] Write of size 4 at addr ffff888102a2d575 by task kunit_try_catch/193 [ 12.676116] [ 12.676542] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.676590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.676602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.676623] Call Trace: [ 12.676634] <TASK> [ 12.676650] dump_stack_lvl+0x73/0xb0 [ 12.676679] print_report+0xd1/0x650 [ 12.676702] ? __virt_addr_valid+0x1db/0x2d0 [ 12.676723] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.676744] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.676766] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.676788] kasan_report+0x141/0x180 [ 12.676811] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.676837] kasan_check_range+0x10c/0x1c0 [ 12.676857] __asan_memset+0x27/0x50 [ 12.676876] kmalloc_oob_memset_4+0x166/0x330 [ 12.676899] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.676922] ? __schedule+0x10cc/0x2b30 [ 12.676944] ? __pfx_read_tsc+0x10/0x10 [ 12.676964] ? ktime_get_ts64+0x86/0x230 [ 12.676989] kunit_try_run_case+0x1a5/0x480 [ 12.677013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.677035] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.677058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.677079] ? __kthread_parkme+0x82/0x180 [ 12.677101] ? preempt_count_sub+0x50/0x80 [ 12.677126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.677148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.677170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.677192] kthread+0x337/0x6f0 [ 12.677208] ? trace_preempt_on+0x20/0xc0 [ 12.677230] ? __pfx_kthread+0x10/0x10 [ 12.677248] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.677268] ? calculate_sigpending+0x7b/0xa0 [ 12.677302] ? __pfx_kthread+0x10/0x10 [ 12.677328] ret_from_fork+0x41/0x80 [ 12.677348] ? __pfx_kthread+0x10/0x10 [ 12.677365] ret_from_fork_asm+0x1a/0x30 [ 12.677397] </TASK> [ 12.677408] [ 12.685258] Allocated by task 193: [ 12.685517] kasan_save_stack+0x45/0x70 [ 12.685737] kasan_save_track+0x18/0x40 [ 12.685896] kasan_save_alloc_info+0x3b/0x50 [ 12.686042] __kasan_kmalloc+0xb7/0xc0 [ 12.686250] __kmalloc_cache_noprof+0x189/0x420 [ 12.686478] kmalloc_oob_memset_4+0xac/0x330 [ 12.686768] kunit_try_run_case+0x1a5/0x480 [ 12.686918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.687473] kthread+0x337/0x6f0 [ 12.687655] ret_from_fork+0x41/0x80 [ 12.687802] ret_from_fork_asm+0x1a/0x30 [ 12.688097] [ 12.688199] The buggy address belongs to the object at ffff888102a2d500 [ 12.688199] which belongs to the cache kmalloc-128 of size 128 [ 12.688603] The buggy address is located 117 bytes inside of [ 12.688603] allocated 120-byte region [ffff888102a2d500, ffff888102a2d578) [ 12.689146] [ 12.689372] The buggy address belongs to the physical page: [ 12.689609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2d [ 12.689884] flags: 0x200000000000000(node=0|zone=2) [ 12.690173] page_type: f5(slab) [ 12.690355] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.690700] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.690958] page dumped because: kasan: bad access detected [ 12.691214] [ 12.691287] Memory state around the buggy address: [ 12.691564] ffff888102a2d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.691839] ffff888102a2d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.692144] >ffff888102a2d500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.692370] ^ [ 12.692582] ffff888102a2d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.692844] ffff888102a2d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.693160] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.647363] ================================================================== [ 12.648889] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.650621] Write of size 2 at addr ffff888102a2d477 by task kunit_try_catch/191 [ 12.650935] [ 12.651043] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.651090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.651102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.651123] Call Trace: [ 12.651135] <TASK> [ 12.651152] dump_stack_lvl+0x73/0xb0 [ 12.651181] print_report+0xd1/0x650 [ 12.651203] ? __virt_addr_valid+0x1db/0x2d0 [ 12.651224] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.651246] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.651267] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.651303] kasan_report+0x141/0x180 [ 12.651325] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.651352] kasan_check_range+0x10c/0x1c0 [ 12.651371] __asan_memset+0x27/0x50 [ 12.651391] kmalloc_oob_memset_2+0x166/0x330 [ 12.651413] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.651500] ? __schedule+0x10cc/0x2b30 [ 12.651527] ? __pfx_read_tsc+0x10/0x10 [ 12.651547] ? ktime_get_ts64+0x86/0x230 [ 12.651573] kunit_try_run_case+0x1a5/0x480 [ 12.651598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.651619] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.651642] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.651664] ? __kthread_parkme+0x82/0x180 [ 12.651685] ? preempt_count_sub+0x50/0x80 [ 12.651710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.651733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.651754] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.651776] kthread+0x337/0x6f0 [ 12.651793] ? trace_preempt_on+0x20/0xc0 [ 12.651816] ? __pfx_kthread+0x10/0x10 [ 12.651834] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.651854] ? calculate_sigpending+0x7b/0xa0 [ 12.651874] ? __pfx_kthread+0x10/0x10 [ 12.651956] ret_from_fork+0x41/0x80 [ 12.651976] ? __pfx_kthread+0x10/0x10 [ 12.651994] ret_from_fork_asm+0x1a/0x30 [ 12.652025] </TASK> [ 12.652037] [ 12.659498] Allocated by task 191: [ 12.659703] kasan_save_stack+0x45/0x70 [ 12.659905] kasan_save_track+0x18/0x40 [ 12.660096] kasan_save_alloc_info+0x3b/0x50 [ 12.660308] __kasan_kmalloc+0xb7/0xc0 [ 12.660628] __kmalloc_cache_noprof+0x189/0x420 [ 12.660839] kmalloc_oob_memset_2+0xac/0x330 [ 12.661078] kunit_try_run_case+0x1a5/0x480 [ 12.661253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.661442] kthread+0x337/0x6f0 [ 12.661564] ret_from_fork+0x41/0x80 [ 12.661699] ret_from_fork_asm+0x1a/0x30 [ 12.662097] [ 12.662195] The buggy address belongs to the object at ffff888102a2d400 [ 12.662195] which belongs to the cache kmalloc-128 of size 128 [ 12.662685] The buggy address is located 119 bytes inside of [ 12.662685] allocated 120-byte region [ffff888102a2d400, ffff888102a2d478) [ 12.663281] [ 12.663384] The buggy address belongs to the physical page: [ 12.663618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2d [ 12.664048] flags: 0x200000000000000(node=0|zone=2) [ 12.664219] page_type: f5(slab) [ 12.664362] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.664609] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.665067] page dumped because: kasan: bad access detected [ 12.665341] [ 12.665439] Memory state around the buggy address: [ 12.665665] ffff888102a2d300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.666232] ffff888102a2d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.666555] >ffff888102a2d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.666814] ^ [ 12.667391] ffff888102a2d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.667701] ffff888102a2d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.668087] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.625627] ================================================================== [ 12.626070] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.626658] Write of size 128 at addr ffff8881026f5100 by task kunit_try_catch/189 [ 12.626984] [ 12.627162] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.627211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.627224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.627246] Call Trace: [ 12.627257] <TASK> [ 12.627273] dump_stack_lvl+0x73/0xb0 [ 12.627315] print_report+0xd1/0x650 [ 12.627336] ? __virt_addr_valid+0x1db/0x2d0 [ 12.627358] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.627379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.627401] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.627423] kasan_report+0x141/0x180 [ 12.627445] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.627471] kasan_check_range+0x10c/0x1c0 [ 12.627491] __asan_memset+0x27/0x50 [ 12.627510] kmalloc_oob_in_memset+0x15f/0x320 [ 12.627532] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.627555] ? __schedule+0x10cc/0x2b30 [ 12.627578] ? __pfx_read_tsc+0x10/0x10 [ 12.627598] ? ktime_get_ts64+0x86/0x230 [ 12.627622] kunit_try_run_case+0x1a5/0x480 [ 12.627646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.627667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.627690] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.627712] ? __kthread_parkme+0x82/0x180 [ 12.627733] ? preempt_count_sub+0x50/0x80 [ 12.627758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.627781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.627802] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.627824] kthread+0x337/0x6f0 [ 12.627840] ? trace_preempt_on+0x20/0xc0 [ 12.627863] ? __pfx_kthread+0x10/0x10 [ 12.627881] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.627918] ? calculate_sigpending+0x7b/0xa0 [ 12.627939] ? __pfx_kthread+0x10/0x10 [ 12.627957] ret_from_fork+0x41/0x80 [ 12.627977] ? __pfx_kthread+0x10/0x10 [ 12.627994] ret_from_fork_asm+0x1a/0x30 [ 12.628025] </TASK> [ 12.628036] [ 12.635823] Allocated by task 189: [ 12.636037] kasan_save_stack+0x45/0x70 [ 12.636229] kasan_save_track+0x18/0x40 [ 12.636381] kasan_save_alloc_info+0x3b/0x50 [ 12.636594] __kasan_kmalloc+0xb7/0xc0 [ 12.636797] __kmalloc_cache_noprof+0x189/0x420 [ 12.637077] kmalloc_oob_in_memset+0xac/0x320 [ 12.637268] kunit_try_run_case+0x1a5/0x480 [ 12.637477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.637737] kthread+0x337/0x6f0 [ 12.637891] ret_from_fork+0x41/0x80 [ 12.638097] ret_from_fork_asm+0x1a/0x30 [ 12.638302] [ 12.638391] The buggy address belongs to the object at ffff8881026f5100 [ 12.638391] which belongs to the cache kmalloc-128 of size 128 [ 12.638881] The buggy address is located 0 bytes inside of [ 12.638881] allocated 120-byte region [ffff8881026f5100, ffff8881026f5178) [ 12.639486] [ 12.639576] The buggy address belongs to the physical page: [ 12.639804] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f5 [ 12.640180] flags: 0x200000000000000(node=0|zone=2) [ 12.640355] page_type: f5(slab) [ 12.640478] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.640706] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.641100] page dumped because: kasan: bad access detected [ 12.641383] [ 12.641541] Memory state around the buggy address: [ 12.641770] ffff8881026f5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.642338] ffff8881026f5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.642631] >ffff8881026f5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.642851] ^ [ 12.643064] ffff8881026f5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.643277] ffff8881026f5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.643710] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.600730] ================================================================== [ 12.601327] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.601632] Read of size 16 at addr ffff8881020cbe40 by task kunit_try_catch/187 [ 12.602054] [ 12.602175] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.602223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.602235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.602257] Call Trace: [ 12.602272] <TASK> [ 12.602302] dump_stack_lvl+0x73/0xb0 [ 12.602331] print_report+0xd1/0x650 [ 12.602353] ? __virt_addr_valid+0x1db/0x2d0 [ 12.602375] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.602395] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.602417] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.602438] kasan_report+0x141/0x180 [ 12.602460] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.602485] __asan_report_load16_noabort+0x18/0x20 [ 12.602506] kmalloc_uaf_16+0x47b/0x4c0 [ 12.602527] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.602548] ? __schedule+0x2077/0x2b30 [ 12.602570] ? __pfx_read_tsc+0x10/0x10 [ 12.602589] ? ktime_get_ts64+0x86/0x230 [ 12.602616] kunit_try_run_case+0x1a5/0x480 [ 12.602641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.602667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.602689] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.602711] ? __kthread_parkme+0x82/0x180 [ 12.602733] ? preempt_count_sub+0x50/0x80 [ 12.602758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.602780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.602802] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.602824] kthread+0x337/0x6f0 [ 12.602840] ? trace_preempt_on+0x20/0xc0 [ 12.602873] ? __pfx_kthread+0x10/0x10 [ 12.602891] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.602917] ? calculate_sigpending+0x7b/0xa0 [ 12.602938] ? __pfx_kthread+0x10/0x10 [ 12.602956] ret_from_fork+0x41/0x80 [ 12.602976] ? __pfx_kthread+0x10/0x10 [ 12.602993] ret_from_fork_asm+0x1a/0x30 [ 12.603024] </TASK> [ 12.603036] [ 12.610346] Allocated by task 187: [ 12.610530] kasan_save_stack+0x45/0x70 [ 12.610750] kasan_save_track+0x18/0x40 [ 12.611011] kasan_save_alloc_info+0x3b/0x50 [ 12.611199] __kasan_kmalloc+0xb7/0xc0 [ 12.611346] __kmalloc_cache_noprof+0x189/0x420 [ 12.611629] kmalloc_uaf_16+0x15b/0x4c0 [ 12.611827] kunit_try_run_case+0x1a5/0x480 [ 12.612062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.612235] kthread+0x337/0x6f0 [ 12.612443] ret_from_fork+0x41/0x80 [ 12.612865] ret_from_fork_asm+0x1a/0x30 [ 12.613234] [ 12.613327] Freed by task 187: [ 12.613441] kasan_save_stack+0x45/0x70 [ 12.613638] kasan_save_track+0x18/0x40 [ 12.613867] kasan_save_free_info+0x3f/0x60 [ 12.614074] __kasan_slab_free+0x56/0x70 [ 12.614372] kfree+0x222/0x3f0 [ 12.614546] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.614724] kunit_try_run_case+0x1a5/0x480 [ 12.614870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.615043] kthread+0x337/0x6f0 [ 12.615161] ret_from_fork+0x41/0x80 [ 12.615358] ret_from_fork_asm+0x1a/0x30 [ 12.615554] [ 12.615649] The buggy address belongs to the object at ffff8881020cbe40 [ 12.615649] which belongs to the cache kmalloc-16 of size 16 [ 12.616210] The buggy address is located 0 bytes inside of [ 12.616210] freed 16-byte region [ffff8881020cbe40, ffff8881020cbe50) [ 12.616573] [ 12.616648] The buggy address belongs to the physical page: [ 12.617205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1020cb [ 12.617782] flags: 0x200000000000000(node=0|zone=2) [ 12.618020] page_type: f5(slab) [ 12.618189] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.618458] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.618691] page dumped because: kasan: bad access detected [ 12.619107] [ 12.619205] Memory state around the buggy address: [ 12.619440] ffff8881020cbd00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.619716] ffff8881020cbd80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.620201] >ffff8881020cbe00: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 12.620531] ^ [ 12.620767] ffff8881020cbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.621101] ffff8881020cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.621407] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.577845] ================================================================== [ 12.578422] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.578770] Write of size 16 at addr ffff8881029e3040 by task kunit_try_catch/185 [ 12.579194] [ 12.579380] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.579430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.579443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.579464] Call Trace: [ 12.579476] <TASK> [ 12.579493] dump_stack_lvl+0x73/0xb0 [ 12.579523] print_report+0xd1/0x650 [ 12.579545] ? __virt_addr_valid+0x1db/0x2d0 [ 12.579567] ? kmalloc_oob_16+0x452/0x4a0 [ 12.579587] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.579608] ? kmalloc_oob_16+0x452/0x4a0 [ 12.579630] kasan_report+0x141/0x180 [ 12.579651] ? kmalloc_oob_16+0x452/0x4a0 [ 12.579677] __asan_report_store16_noabort+0x1b/0x30 [ 12.579698] kmalloc_oob_16+0x452/0x4a0 [ 12.579719] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.579740] ? __schedule+0x10cc/0x2b30 [ 12.579762] ? __pfx_read_tsc+0x10/0x10 [ 12.579783] ? ktime_get_ts64+0x86/0x230 [ 12.579808] kunit_try_run_case+0x1a5/0x480 [ 12.579831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.579852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.579874] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.579908] ? __kthread_parkme+0x82/0x180 [ 12.579929] ? preempt_count_sub+0x50/0x80 [ 12.579954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.579977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.579999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.580020] kthread+0x337/0x6f0 [ 12.580037] ? trace_preempt_on+0x20/0xc0 [ 12.580060] ? __pfx_kthread+0x10/0x10 [ 12.580077] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.580097] ? calculate_sigpending+0x7b/0xa0 [ 12.580119] ? __pfx_kthread+0x10/0x10 [ 12.580137] ret_from_fork+0x41/0x80 [ 12.580157] ? __pfx_kthread+0x10/0x10 [ 12.580174] ret_from_fork_asm+0x1a/0x30 [ 12.580205] </TASK> [ 12.580217] [ 12.587963] Allocated by task 185: [ 12.588151] kasan_save_stack+0x45/0x70 [ 12.588367] kasan_save_track+0x18/0x40 [ 12.588544] kasan_save_alloc_info+0x3b/0x50 [ 12.588692] __kasan_kmalloc+0xb7/0xc0 [ 12.589040] __kmalloc_cache_noprof+0x189/0x420 [ 12.589303] kmalloc_oob_16+0xa8/0x4a0 [ 12.589572] kunit_try_run_case+0x1a5/0x480 [ 12.589759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.590059] kthread+0x337/0x6f0 [ 12.590228] ret_from_fork+0x41/0x80 [ 12.590386] ret_from_fork_asm+0x1a/0x30 [ 12.590739] [ 12.590825] The buggy address belongs to the object at ffff8881029e3040 [ 12.590825] which belongs to the cache kmalloc-16 of size 16 [ 12.591360] The buggy address is located 0 bytes inside of [ 12.591360] allocated 13-byte region [ffff8881029e3040, ffff8881029e304d) [ 12.591876] [ 12.591954] The buggy address belongs to the physical page: [ 12.592130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 12.592580] flags: 0x200000000000000(node=0|zone=2) [ 12.593237] page_type: f5(slab) [ 12.593460] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.593802] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.594178] page dumped because: kasan: bad access detected [ 12.594367] [ 12.594438] Memory state around the buggy address: [ 12.594596] ffff8881029e2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.594924] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.595385] >ffff8881029e3000: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 12.595779] ^ [ 12.596088] ffff8881029e3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.596383] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.596622] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.547007] ================================================================== [ 12.547358] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.548015] Read of size 1 at addr ffff888100347a00 by task kunit_try_catch/183 [ 12.548314] [ 12.548410] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.548455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.548467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.548487] Call Trace: [ 12.548499] <TASK> [ 12.548513] dump_stack_lvl+0x73/0xb0 [ 12.548540] print_report+0xd1/0x650 [ 12.548562] ? __virt_addr_valid+0x1db/0x2d0 [ 12.548583] ? krealloc_uaf+0x53c/0x5e0 [ 12.548604] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.548625] ? krealloc_uaf+0x53c/0x5e0 [ 12.548647] kasan_report+0x141/0x180 [ 12.548669] ? krealloc_uaf+0x53c/0x5e0 [ 12.548694] __asan_report_load1_noabort+0x18/0x20 [ 12.548714] krealloc_uaf+0x53c/0x5e0 [ 12.548736] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.548756] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.548785] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.548810] kunit_try_run_case+0x1a5/0x480 [ 12.548833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.548854] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.548877] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.548899] ? __kthread_parkme+0x82/0x180 [ 12.548919] ? preempt_count_sub+0x50/0x80 [ 12.548944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.548966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.548988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.549009] kthread+0x337/0x6f0 [ 12.549026] ? trace_preempt_on+0x20/0xc0 [ 12.549048] ? __pfx_kthread+0x10/0x10 [ 12.549065] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.549085] ? calculate_sigpending+0x7b/0xa0 [ 12.549146] ? __pfx_kthread+0x10/0x10 [ 12.549167] ret_from_fork+0x41/0x80 [ 12.549187] ? __pfx_kthread+0x10/0x10 [ 12.549205] ret_from_fork_asm+0x1a/0x30 [ 12.549235] </TASK> [ 12.549246] [ 12.556774] Allocated by task 183: [ 12.557019] kasan_save_stack+0x45/0x70 [ 12.557167] kasan_save_track+0x18/0x40 [ 12.557315] kasan_save_alloc_info+0x3b/0x50 [ 12.557547] __kasan_kmalloc+0xb7/0xc0 [ 12.557737] __kmalloc_cache_noprof+0x189/0x420 [ 12.558101] krealloc_uaf+0xbb/0x5e0 [ 12.558307] kunit_try_run_case+0x1a5/0x480 [ 12.558583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.558829] kthread+0x337/0x6f0 [ 12.558951] ret_from_fork+0x41/0x80 [ 12.559083] ret_from_fork_asm+0x1a/0x30 [ 12.559327] [ 12.559427] Freed by task 183: [ 12.559583] kasan_save_stack+0x45/0x70 [ 12.559799] kasan_save_track+0x18/0x40 [ 12.559990] kasan_save_free_info+0x3f/0x60 [ 12.560179] __kasan_slab_free+0x56/0x70 [ 12.560366] kfree+0x222/0x3f0 [ 12.561452] krealloc_uaf+0x13d/0x5e0 [ 12.562284] kunit_try_run_case+0x1a5/0x480 [ 12.562753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.563038] kthread+0x337/0x6f0 [ 12.563223] ret_from_fork+0x41/0x80 [ 12.563400] ret_from_fork_asm+0x1a/0x30 [ 12.563842] [ 12.563992] The buggy address belongs to the object at ffff888100347a00 [ 12.563992] which belongs to the cache kmalloc-256 of size 256 [ 12.564622] The buggy address is located 0 bytes inside of [ 12.564622] freed 256-byte region [ffff888100347a00, ffff888100347b00) [ 12.565342] [ 12.565432] The buggy address belongs to the physical page: [ 12.565956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.566288] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.566639] flags: 0x200000000000040(head|node=0|zone=2) [ 12.567032] page_type: f5(slab) [ 12.567284] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.567699] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.568115] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.568449] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.568922] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.569431] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.569880] page dumped because: kasan: bad access detected [ 12.570194] [ 12.570437] Memory state around the buggy address: [ 12.570624] ffff888100347900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.571223] ffff888100347980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.571718] >ffff888100347a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.572093] ^ [ 12.572218] ffff888100347a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.572694] ffff888100347b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.572975] ================================================================== [ 12.524177] ================================================================== [ 12.524709] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.524979] Read of size 1 at addr ffff888100347a00 by task kunit_try_catch/183 [ 12.525376] [ 12.525528] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.525575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.525587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.525607] Call Trace: [ 12.525619] <TASK> [ 12.525635] dump_stack_lvl+0x73/0xb0 [ 12.525663] print_report+0xd1/0x650 [ 12.525684] ? __virt_addr_valid+0x1db/0x2d0 [ 12.525705] ? krealloc_uaf+0x1b8/0x5e0 [ 12.525725] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.525747] ? krealloc_uaf+0x1b8/0x5e0 [ 12.525769] kasan_report+0x141/0x180 [ 12.525790] ? krealloc_uaf+0x1b8/0x5e0 [ 12.525815] ? krealloc_uaf+0x1b8/0x5e0 [ 12.525836] __kasan_check_byte+0x3d/0x50 [ 12.525858] krealloc_noprof+0x3f/0x340 [ 12.525882] krealloc_uaf+0x1b8/0x5e0 [ 12.525903] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.525924] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.525995] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.526021] kunit_try_run_case+0x1a5/0x480 [ 12.526046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.526067] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.526090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.526112] ? __kthread_parkme+0x82/0x180 [ 12.526133] ? preempt_count_sub+0x50/0x80 [ 12.526157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.526179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.526201] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.526223] kthread+0x337/0x6f0 [ 12.526239] ? trace_preempt_on+0x20/0xc0 [ 12.526262] ? __pfx_kthread+0x10/0x10 [ 12.526280] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.526314] ? calculate_sigpending+0x7b/0xa0 [ 12.526334] ? __pfx_kthread+0x10/0x10 [ 12.526353] ret_from_fork+0x41/0x80 [ 12.526373] ? __pfx_kthread+0x10/0x10 [ 12.526390] ret_from_fork_asm+0x1a/0x30 [ 12.526420] </TASK> [ 12.526444] [ 12.533942] Allocated by task 183: [ 12.534128] kasan_save_stack+0x45/0x70 [ 12.534356] kasan_save_track+0x18/0x40 [ 12.534772] kasan_save_alloc_info+0x3b/0x50 [ 12.535033] __kasan_kmalloc+0xb7/0xc0 [ 12.535187] __kmalloc_cache_noprof+0x189/0x420 [ 12.535357] krealloc_uaf+0xbb/0x5e0 [ 12.535536] kunit_try_run_case+0x1a5/0x480 [ 12.535791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.536106] kthread+0x337/0x6f0 [ 12.536247] ret_from_fork+0x41/0x80 [ 12.536448] ret_from_fork_asm+0x1a/0x30 [ 12.536627] [ 12.536745] Freed by task 183: [ 12.536953] kasan_save_stack+0x45/0x70 [ 12.537142] kasan_save_track+0x18/0x40 [ 12.537323] kasan_save_free_info+0x3f/0x60 [ 12.537547] __kasan_slab_free+0x56/0x70 [ 12.537719] kfree+0x222/0x3f0 [ 12.537868] krealloc_uaf+0x13d/0x5e0 [ 12.538009] kunit_try_run_case+0x1a5/0x480 [ 12.538154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.538339] kthread+0x337/0x6f0 [ 12.538460] ret_from_fork+0x41/0x80 [ 12.538608] ret_from_fork_asm+0x1a/0x30 [ 12.538869] [ 12.538967] The buggy address belongs to the object at ffff888100347a00 [ 12.538967] which belongs to the cache kmalloc-256 of size 256 [ 12.539541] The buggy address is located 0 bytes inside of [ 12.539541] freed 256-byte region [ffff888100347a00, ffff888100347b00) [ 12.540267] [ 12.540363] The buggy address belongs to the physical page: [ 12.540838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.541237] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.541652] flags: 0x200000000000040(head|node=0|zone=2) [ 12.541923] page_type: f5(slab) [ 12.542070] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.542358] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.542701] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.543307] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.543615] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.543861] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.544209] page dumped because: kasan: bad access detected [ 12.544531] [ 12.544609] Memory state around the buggy address: [ 12.544768] ffff888100347900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.545168] ffff888100347980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.545535] >ffff888100347a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.545858] ^ [ 12.546061] ffff888100347a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.546354] ffff888100347b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.546601] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.331619] ================================================================== [ 12.332066] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.332362] Write of size 1 at addr ffff8881003478da by task kunit_try_catch/177 [ 12.332586] [ 12.332670] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.332713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.332725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.332744] Call Trace: [ 12.332759] <TASK> [ 12.332772] dump_stack_lvl+0x73/0xb0 [ 12.332797] print_report+0xd1/0x650 [ 12.332819] ? __virt_addr_valid+0x1db/0x2d0 [ 12.332839] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.332862] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.332883] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.332908] kasan_report+0x141/0x180 [ 12.332930] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.332958] __asan_report_store1_noabort+0x1b/0x30 [ 12.332979] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.333004] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.333028] ? finish_task_switch.isra.0+0x153/0x700 [ 12.333050] ? __switch_to+0x5d9/0xf60 [ 12.333069] ? dequeue_task_fair+0x156/0x4e0 [ 12.333092] ? __schedule+0x10cc/0x2b30 [ 12.333114] ? __pfx_read_tsc+0x10/0x10 [ 12.333136] krealloc_less_oob+0x1c/0x30 [ 12.333157] kunit_try_run_case+0x1a5/0x480 [ 12.333180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.333201] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.333222] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.333244] ? __kthread_parkme+0x82/0x180 [ 12.333265] ? preempt_count_sub+0x50/0x80 [ 12.333299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.333322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.333343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.333365] kthread+0x337/0x6f0 [ 12.333383] ? trace_preempt_on+0x20/0xc0 [ 12.333405] ? __pfx_kthread+0x10/0x10 [ 12.333423] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.333443] ? calculate_sigpending+0x7b/0xa0 [ 12.333464] ? __pfx_kthread+0x10/0x10 [ 12.333482] ret_from_fork+0x41/0x80 [ 12.333502] ? __pfx_kthread+0x10/0x10 [ 12.333520] ret_from_fork_asm+0x1a/0x30 [ 12.333549] </TASK> [ 12.333559] [ 12.342245] Allocated by task 177: [ 12.342434] kasan_save_stack+0x45/0x70 [ 12.342591] kasan_save_track+0x18/0x40 [ 12.342734] kasan_save_alloc_info+0x3b/0x50 [ 12.342879] __kasan_krealloc+0x190/0x1f0 [ 12.343019] krealloc_noprof+0xf3/0x340 [ 12.343156] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.343394] krealloc_less_oob+0x1c/0x30 [ 12.343979] kunit_try_run_case+0x1a5/0x480 [ 12.344202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.344448] kthread+0x337/0x6f0 [ 12.344575] ret_from_fork+0x41/0x80 [ 12.344707] ret_from_fork_asm+0x1a/0x30 [ 12.344847] [ 12.344918] The buggy address belongs to the object at ffff888100347800 [ 12.344918] which belongs to the cache kmalloc-256 of size 256 [ 12.345436] The buggy address is located 17 bytes to the right of [ 12.345436] allocated 201-byte region [ffff888100347800, ffff8881003478c9) [ 12.346001] [ 12.346103] The buggy address belongs to the physical page: [ 12.346471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.346851] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.347397] flags: 0x200000000000040(head|node=0|zone=2) [ 12.347629] page_type: f5(slab) [ 12.347799] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.348269] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.348663] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.348907] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.349270] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.349757] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.350254] page dumped because: kasan: bad access detected [ 12.350556] [ 12.350656] Memory state around the buggy address: [ 12.350828] ffff888100347780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.351043] ffff888100347800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.351258] >ffff888100347880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.351928] ^ [ 12.352430] ffff888100347900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.352734] ffff888100347980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.353083] ================================================================== [ 12.374872] ================================================================== [ 12.375231] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.375645] Write of size 1 at addr ffff8881003478eb by task kunit_try_catch/177 [ 12.375875] [ 12.376129] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.376176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.376188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.376208] Call Trace: [ 12.376220] <TASK> [ 12.376234] dump_stack_lvl+0x73/0xb0 [ 12.376260] print_report+0xd1/0x650 [ 12.376282] ? __virt_addr_valid+0x1db/0x2d0 [ 12.376315] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.376338] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.376360] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.376383] kasan_report+0x141/0x180 [ 12.376405] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.376442] __asan_report_store1_noabort+0x1b/0x30 [ 12.376463] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.376488] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.376512] ? finish_task_switch.isra.0+0x153/0x700 [ 12.376534] ? __switch_to+0x5d9/0xf60 [ 12.376553] ? dequeue_task_fair+0x156/0x4e0 [ 12.376577] ? __schedule+0x10cc/0x2b30 [ 12.376598] ? __pfx_read_tsc+0x10/0x10 [ 12.376621] krealloc_less_oob+0x1c/0x30 [ 12.376642] kunit_try_run_case+0x1a5/0x480 [ 12.376664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.376685] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.376707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.376729] ? __kthread_parkme+0x82/0x180 [ 12.376749] ? preempt_count_sub+0x50/0x80 [ 12.376773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.376795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.376816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.376838] kthread+0x337/0x6f0 [ 12.376854] ? trace_preempt_on+0x20/0xc0 [ 12.376876] ? __pfx_kthread+0x10/0x10 [ 12.376944] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.376967] ? calculate_sigpending+0x7b/0xa0 [ 12.376988] ? __pfx_kthread+0x10/0x10 [ 12.377006] ret_from_fork+0x41/0x80 [ 12.377026] ? __pfx_kthread+0x10/0x10 [ 12.377044] ret_from_fork_asm+0x1a/0x30 [ 12.377074] </TASK> [ 12.377084] [ 12.385409] Allocated by task 177: [ 12.385592] kasan_save_stack+0x45/0x70 [ 12.385797] kasan_save_track+0x18/0x40 [ 12.386039] kasan_save_alloc_info+0x3b/0x50 [ 12.386190] __kasan_krealloc+0x190/0x1f0 [ 12.386383] krealloc_noprof+0xf3/0x340 [ 12.386613] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.386943] krealloc_less_oob+0x1c/0x30 [ 12.387111] kunit_try_run_case+0x1a5/0x480 [ 12.387341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.387569] kthread+0x337/0x6f0 [ 12.387739] ret_from_fork+0x41/0x80 [ 12.388122] ret_from_fork_asm+0x1a/0x30 [ 12.388316] [ 12.388413] The buggy address belongs to the object at ffff888100347800 [ 12.388413] which belongs to the cache kmalloc-256 of size 256 [ 12.388836] The buggy address is located 34 bytes to the right of [ 12.388836] allocated 201-byte region [ffff888100347800, ffff8881003478c9) [ 12.389204] [ 12.389274] The buggy address belongs to the physical page: [ 12.389525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.390343] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.390762] flags: 0x200000000000040(head|node=0|zone=2) [ 12.390935] page_type: f5(slab) [ 12.391055] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.391286] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.391866] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.392223] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.392578] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.392917] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.393151] page dumped because: kasan: bad access detected [ 12.393409] [ 12.393504] Memory state around the buggy address: [ 12.393843] ffff888100347780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.394131] ffff888100347800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.394556] >ffff888100347880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.395103] ^ [ 12.395421] ffff888100347900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.395711] ffff888100347980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.395965] ================================================================== [ 12.309750] ================================================================== [ 12.310550] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.311086] Write of size 1 at addr ffff8881003478d0 by task kunit_try_catch/177 [ 12.311407] [ 12.311505] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.311547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.311560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.311579] Call Trace: [ 12.311591] <TASK> [ 12.311605] dump_stack_lvl+0x73/0xb0 [ 12.311630] print_report+0xd1/0x650 [ 12.311652] ? __virt_addr_valid+0x1db/0x2d0 [ 12.311672] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.311695] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.311717] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.311740] kasan_report+0x141/0x180 [ 12.311762] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.311790] __asan_report_store1_noabort+0x1b/0x30 [ 12.311812] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.311838] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.311862] ? finish_task_switch.isra.0+0x153/0x700 [ 12.311883] ? __switch_to+0x5d9/0xf60 [ 12.311902] ? dequeue_task_fair+0x156/0x4e0 [ 12.311925] ? __schedule+0x10cc/0x2b30 [ 12.311947] ? __pfx_read_tsc+0x10/0x10 [ 12.311969] krealloc_less_oob+0x1c/0x30 [ 12.311990] kunit_try_run_case+0x1a5/0x480 [ 12.312015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.312036] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.312058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.312080] ? __kthread_parkme+0x82/0x180 [ 12.312101] ? preempt_count_sub+0x50/0x80 [ 12.312125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.312147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.312169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.312191] kthread+0x337/0x6f0 [ 12.312208] ? trace_preempt_on+0x20/0xc0 [ 12.312230] ? __pfx_kthread+0x10/0x10 [ 12.312248] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.312268] ? calculate_sigpending+0x7b/0xa0 [ 12.312299] ? __pfx_kthread+0x10/0x10 [ 12.312317] ret_from_fork+0x41/0x80 [ 12.312337] ? __pfx_kthread+0x10/0x10 [ 12.312355] ret_from_fork_asm+0x1a/0x30 [ 12.312386] </TASK> [ 12.312396] [ 12.320352] Allocated by task 177: [ 12.320595] kasan_save_stack+0x45/0x70 [ 12.320805] kasan_save_track+0x18/0x40 [ 12.320944] kasan_save_alloc_info+0x3b/0x50 [ 12.321091] __kasan_krealloc+0x190/0x1f0 [ 12.321232] krealloc_noprof+0xf3/0x340 [ 12.321489] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.321851] krealloc_less_oob+0x1c/0x30 [ 12.322048] kunit_try_run_case+0x1a5/0x480 [ 12.322321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.322693] kthread+0x337/0x6f0 [ 12.322843] ret_from_fork+0x41/0x80 [ 12.323233] ret_from_fork_asm+0x1a/0x30 [ 12.323452] [ 12.323537] The buggy address belongs to the object at ffff888100347800 [ 12.323537] which belongs to the cache kmalloc-256 of size 256 [ 12.323893] The buggy address is located 7 bytes to the right of [ 12.323893] allocated 201-byte region [ffff888100347800, ffff8881003478c9) [ 12.324340] [ 12.324434] The buggy address belongs to the physical page: [ 12.324685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.325204] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.325446] flags: 0x200000000000040(head|node=0|zone=2) [ 12.325622] page_type: f5(slab) [ 12.325743] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.326131] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.326496] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.327048] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.327487] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.328239] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.328601] page dumped because: kasan: bad access detected [ 12.328833] [ 12.329005] Memory state around the buggy address: [ 12.329175] ffff888100347780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.329459] ffff888100347800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.329787] >ffff888100347880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.330168] ^ [ 12.330462] ffff888100347900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.330754] ffff888100347980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.331189] ================================================================== [ 12.353529] ================================================================== [ 12.353768] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.354116] Write of size 1 at addr ffff8881003478ea by task kunit_try_catch/177 [ 12.354525] [ 12.354632] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.354681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.354693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.354712] Call Trace: [ 12.354728] <TASK> [ 12.354744] dump_stack_lvl+0x73/0xb0 [ 12.354768] print_report+0xd1/0x650 [ 12.354789] ? __virt_addr_valid+0x1db/0x2d0 [ 12.354809] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.354832] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.354854] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.354877] kasan_report+0x141/0x180 [ 12.354899] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.354927] __asan_report_store1_noabort+0x1b/0x30 [ 12.354947] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.354973] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.354996] ? finish_task_switch.isra.0+0x153/0x700 [ 12.355018] ? __switch_to+0x5d9/0xf60 [ 12.355037] ? dequeue_task_fair+0x156/0x4e0 [ 12.355060] ? __schedule+0x10cc/0x2b30 [ 12.355082] ? __pfx_read_tsc+0x10/0x10 [ 12.355104] krealloc_less_oob+0x1c/0x30 [ 12.355125] kunit_try_run_case+0x1a5/0x480 [ 12.355148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.355169] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.355190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.355212] ? __kthread_parkme+0x82/0x180 [ 12.355233] ? preempt_count_sub+0x50/0x80 [ 12.355256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.355279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.355311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.355332] kthread+0x337/0x6f0 [ 12.355349] ? trace_preempt_on+0x20/0xc0 [ 12.355371] ? __pfx_kthread+0x10/0x10 [ 12.355389] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.355409] ? calculate_sigpending+0x7b/0xa0 [ 12.355429] ? __pfx_kthread+0x10/0x10 [ 12.355447] ret_from_fork+0x41/0x80 [ 12.355467] ? __pfx_kthread+0x10/0x10 [ 12.355636] ret_from_fork_asm+0x1a/0x30 [ 12.355677] </TASK> [ 12.355689] [ 12.364328] Allocated by task 177: [ 12.364458] kasan_save_stack+0x45/0x70 [ 12.364605] kasan_save_track+0x18/0x40 [ 12.364812] kasan_save_alloc_info+0x3b/0x50 [ 12.365025] __kasan_krealloc+0x190/0x1f0 [ 12.365237] krealloc_noprof+0xf3/0x340 [ 12.365563] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.365857] krealloc_less_oob+0x1c/0x30 [ 12.366051] kunit_try_run_case+0x1a5/0x480 [ 12.366249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.366525] kthread+0x337/0x6f0 [ 12.366702] ret_from_fork+0x41/0x80 [ 12.366837] ret_from_fork_asm+0x1a/0x30 [ 12.366975] [ 12.367070] The buggy address belongs to the object at ffff888100347800 [ 12.367070] which belongs to the cache kmalloc-256 of size 256 [ 12.367645] The buggy address is located 33 bytes to the right of [ 12.367645] allocated 201-byte region [ffff888100347800, ffff8881003478c9) [ 12.368010] [ 12.368082] The buggy address belongs to the physical page: [ 12.368322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.368853] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.369245] flags: 0x200000000000040(head|node=0|zone=2) [ 12.369525] page_type: f5(slab) [ 12.369676] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.370049] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.370307] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.370540] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.370792] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.371362] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.371706] page dumped because: kasan: bad access detected [ 12.371960] [ 12.372072] Memory state around the buggy address: [ 12.372305] ffff888100347780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.372823] ffff888100347800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.373179] >ffff888100347880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.373466] ^ [ 12.373726] ffff888100347900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.374136] ffff888100347980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.374493] ================================================================== [ 12.436187] ================================================================== [ 12.436682] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.436998] Write of size 1 at addr ffff888102ad60c9 by task kunit_try_catch/181 [ 12.437414] [ 12.437522] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.437571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.437583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.437606] Call Trace: [ 12.437619] <TASK> [ 12.437636] dump_stack_lvl+0x73/0xb0 [ 12.437665] print_report+0xd1/0x650 [ 12.437687] ? __virt_addr_valid+0x1db/0x2d0 [ 12.437709] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.437733] ? kasan_addr_to_slab+0x11/0xa0 [ 12.437754] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.437778] kasan_report+0x141/0x180 [ 12.437801] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.437830] __asan_report_store1_noabort+0x1b/0x30 [ 12.437851] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.437929] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.437958] ? finish_task_switch.isra.0+0x153/0x700 [ 12.437983] ? __switch_to+0x5d9/0xf60 [ 12.438003] ? dequeue_task_fair+0x166/0x4e0 [ 12.438027] ? __schedule+0x10cc/0x2b30 [ 12.438050] ? __pfx_read_tsc+0x10/0x10 [ 12.438073] krealloc_large_less_oob+0x1c/0x30 [ 12.438097] kunit_try_run_case+0x1a5/0x480 [ 12.438122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.438143] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.438167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.438190] ? __kthread_parkme+0x82/0x180 [ 12.438212] ? preempt_count_sub+0x50/0x80 [ 12.438236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.438259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.438281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.438316] kthread+0x337/0x6f0 [ 12.438333] ? trace_preempt_on+0x20/0xc0 [ 12.438357] ? __pfx_kthread+0x10/0x10 [ 12.438375] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.438396] ? calculate_sigpending+0x7b/0xa0 [ 12.438418] ? __pfx_kthread+0x10/0x10 [ 12.438437] ret_from_fork+0x41/0x80 [ 12.438458] ? __pfx_kthread+0x10/0x10 [ 12.438476] ret_from_fork_asm+0x1a/0x30 [ 12.438520] </TASK> [ 12.438532] [ 12.446632] The buggy address belongs to the physical page: [ 12.446944] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 12.447192] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.447814] flags: 0x200000000000040(head|node=0|zone=2) [ 12.448256] page_type: f8(unknown) [ 12.448446] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.448736] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.449249] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.449619] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.449993] head: 0200000000000002 ffffea00040ab501 00000000ffffffff 00000000ffffffff [ 12.450284] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.450593] page dumped because: kasan: bad access detected [ 12.450771] [ 12.450842] Memory state around the buggy address: [ 12.451053] ffff888102ad5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.451584] ffff888102ad6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.451813] >ffff888102ad6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.452022] ^ [ 12.452415] ffff888102ad6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.452750] ffff888102ad6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.453066] ================================================================== [ 12.453639] ================================================================== [ 12.454244] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.454586] Write of size 1 at addr ffff888102ad60d0 by task kunit_try_catch/181 [ 12.454820] [ 12.454907] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.454995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.455009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.455031] Call Trace: [ 12.455042] <TASK> [ 12.455057] dump_stack_lvl+0x73/0xb0 [ 12.455085] print_report+0xd1/0x650 [ 12.455107] ? __virt_addr_valid+0x1db/0x2d0 [ 12.455129] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.455152] ? kasan_addr_to_slab+0x11/0xa0 [ 12.455173] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.455196] kasan_report+0x141/0x180 [ 12.455218] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.455247] __asan_report_store1_noabort+0x1b/0x30 [ 12.455267] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.455305] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.455329] ? finish_task_switch.isra.0+0x153/0x700 [ 12.455352] ? __switch_to+0x5d9/0xf60 [ 12.455372] ? dequeue_task_fair+0x166/0x4e0 [ 12.455396] ? __schedule+0x10cc/0x2b30 [ 12.455418] ? __pfx_read_tsc+0x10/0x10 [ 12.455451] krealloc_large_less_oob+0x1c/0x30 [ 12.455473] kunit_try_run_case+0x1a5/0x480 [ 12.455497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.455518] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.455542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.455564] ? __kthread_parkme+0x82/0x180 [ 12.455585] ? preempt_count_sub+0x50/0x80 [ 12.455609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.455631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.455653] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.455675] kthread+0x337/0x6f0 [ 12.455691] ? trace_preempt_on+0x20/0xc0 [ 12.455715] ? __pfx_kthread+0x10/0x10 [ 12.455732] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.455753] ? calculate_sigpending+0x7b/0xa0 [ 12.455774] ? __pfx_kthread+0x10/0x10 [ 12.455792] ret_from_fork+0x41/0x80 [ 12.455812] ? __pfx_kthread+0x10/0x10 [ 12.455830] ret_from_fork_asm+0x1a/0x30 [ 12.455861] </TASK> [ 12.455872] [ 12.464111] The buggy address belongs to the physical page: [ 12.464398] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 12.464761] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.465143] flags: 0x200000000000040(head|node=0|zone=2) [ 12.465340] page_type: f8(unknown) [ 12.465477] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.465825] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.466172] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.466469] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.466708] head: 0200000000000002 ffffea00040ab501 00000000ffffffff 00000000ffffffff [ 12.466981] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.467336] page dumped because: kasan: bad access detected [ 12.467740] [ 12.467833] Memory state around the buggy address: [ 12.468111] ffff888102ad5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.468374] ffff888102ad6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.468830] >ffff888102ad6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.469205] ^ [ 12.469491] ffff888102ad6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.469732] ffff888102ad6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.469945] ================================================================== [ 12.503812] ================================================================== [ 12.504342] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.504695] Write of size 1 at addr ffff888102ad60eb by task kunit_try_catch/181 [ 12.504938] [ 12.505047] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.505089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.505101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.505121] Call Trace: [ 12.505135] <TASK> [ 12.505168] dump_stack_lvl+0x73/0xb0 [ 12.505194] print_report+0xd1/0x650 [ 12.505216] ? __virt_addr_valid+0x1db/0x2d0 [ 12.505236] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.505259] ? kasan_addr_to_slab+0x11/0xa0 [ 12.505280] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.505315] kasan_report+0x141/0x180 [ 12.505337] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.505365] __asan_report_store1_noabort+0x1b/0x30 [ 12.505385] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.505411] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.505435] ? finish_task_switch.isra.0+0x153/0x700 [ 12.505457] ? __switch_to+0x5d9/0xf60 [ 12.505476] ? dequeue_task_fair+0x166/0x4e0 [ 12.505499] ? __schedule+0x10cc/0x2b30 [ 12.505521] ? __pfx_read_tsc+0x10/0x10 [ 12.505543] krealloc_large_less_oob+0x1c/0x30 [ 12.505566] kunit_try_run_case+0x1a5/0x480 [ 12.505589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.505610] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.505633] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.505655] ? __kthread_parkme+0x82/0x180 [ 12.505676] ? preempt_count_sub+0x50/0x80 [ 12.505700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.505722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.505744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.505766] kthread+0x337/0x6f0 [ 12.505782] ? trace_preempt_on+0x20/0xc0 [ 12.505804] ? __pfx_kthread+0x10/0x10 [ 12.505822] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.505842] ? calculate_sigpending+0x7b/0xa0 [ 12.505863] ? __pfx_kthread+0x10/0x10 [ 12.505881] ret_from_fork+0x41/0x80 [ 12.505901] ? __pfx_kthread+0x10/0x10 [ 12.505918] ret_from_fork_asm+0x1a/0x30 [ 12.505949] </TASK> [ 12.505959] [ 12.514323] The buggy address belongs to the physical page: [ 12.514564] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 12.514867] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.515199] flags: 0x200000000000040(head|node=0|zone=2) [ 12.515419] page_type: f8(unknown) [ 12.515598] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.515842] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.516073] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.516367] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.516717] head: 0200000000000002 ffffea00040ab501 00000000ffffffff 00000000ffffffff [ 12.517374] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.517964] page dumped because: kasan: bad access detected [ 12.518143] [ 12.518214] Memory state around the buggy address: [ 12.518381] ffff888102ad5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.518710] ffff888102ad6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.519287] >ffff888102ad6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.519516] ^ [ 12.519717] ffff888102ad6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.519931] ffff888102ad6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.520187] ================================================================== [ 12.486488] ================================================================== [ 12.487090] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.487489] Write of size 1 at addr ffff888102ad60ea by task kunit_try_catch/181 [ 12.487820] [ 12.487923] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.487964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.487975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.487993] Call Trace: [ 12.488007] <TASK> [ 12.488020] dump_stack_lvl+0x73/0xb0 [ 12.488045] print_report+0xd1/0x650 [ 12.488066] ? __virt_addr_valid+0x1db/0x2d0 [ 12.488086] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.488109] ? kasan_addr_to_slab+0x11/0xa0 [ 12.488129] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.488153] kasan_report+0x141/0x180 [ 12.488175] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.488205] __asan_report_store1_noabort+0x1b/0x30 [ 12.488225] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.488251] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.488275] ? finish_task_switch.isra.0+0x153/0x700 [ 12.488320] ? __switch_to+0x5d9/0xf60 [ 12.488379] ? dequeue_task_fair+0x166/0x4e0 [ 12.488403] ? __schedule+0x10cc/0x2b30 [ 12.488437] ? __pfx_read_tsc+0x10/0x10 [ 12.488460] krealloc_large_less_oob+0x1c/0x30 [ 12.488482] kunit_try_run_case+0x1a5/0x480 [ 12.488507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.488528] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.488550] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.488572] ? __kthread_parkme+0x82/0x180 [ 12.488593] ? preempt_count_sub+0x50/0x80 [ 12.488616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.488639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.488660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.488682] kthread+0x337/0x6f0 [ 12.488699] ? trace_preempt_on+0x20/0xc0 [ 12.488721] ? __pfx_kthread+0x10/0x10 [ 12.488738] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.488758] ? calculate_sigpending+0x7b/0xa0 [ 12.488778] ? __pfx_kthread+0x10/0x10 [ 12.488797] ret_from_fork+0x41/0x80 [ 12.488816] ? __pfx_kthread+0x10/0x10 [ 12.488834] ret_from_fork_asm+0x1a/0x30 [ 12.488864] </TASK> [ 12.488874] [ 12.497082] The buggy address belongs to the physical page: [ 12.497306] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 12.497711] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.498198] flags: 0x200000000000040(head|node=0|zone=2) [ 12.498418] page_type: f8(unknown) [ 12.498602] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.498918] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.499195] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.499802] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.500159] head: 0200000000000002 ffffea00040ab501 00000000ffffffff 00000000ffffffff [ 12.500527] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.500757] page dumped because: kasan: bad access detected [ 12.500927] [ 12.500997] Memory state around the buggy address: [ 12.501153] ffff888102ad5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.501411] ffff888102ad6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.501871] >ffff888102ad6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.502582] ^ [ 12.502926] ffff888102ad6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.503203] ffff888102ad6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.503436] ================================================================== [ 12.470327] ================================================================== [ 12.470671] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.471168] Write of size 1 at addr ffff888102ad60da by task kunit_try_catch/181 [ 12.471420] [ 12.471504] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.471565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.471577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.471595] Call Trace: [ 12.471608] <TASK> [ 12.471621] dump_stack_lvl+0x73/0xb0 [ 12.471647] print_report+0xd1/0x650 [ 12.471668] ? __virt_addr_valid+0x1db/0x2d0 [ 12.471688] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.471711] ? kasan_addr_to_slab+0x11/0xa0 [ 12.471732] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.471755] kasan_report+0x141/0x180 [ 12.471777] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.471805] __asan_report_store1_noabort+0x1b/0x30 [ 12.471826] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.471851] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.471875] ? finish_task_switch.isra.0+0x153/0x700 [ 12.471896] ? __switch_to+0x5d9/0xf60 [ 12.471915] ? dequeue_task_fair+0x166/0x4e0 [ 12.471938] ? __schedule+0x10cc/0x2b30 [ 12.471960] ? __pfx_read_tsc+0x10/0x10 [ 12.471982] krealloc_large_less_oob+0x1c/0x30 [ 12.472004] kunit_try_run_case+0x1a5/0x480 [ 12.472027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.472048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.472070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.472092] ? __kthread_parkme+0x82/0x180 [ 12.472112] ? preempt_count_sub+0x50/0x80 [ 12.472136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.472158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.472180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.472202] kthread+0x337/0x6f0 [ 12.472218] ? trace_preempt_on+0x20/0xc0 [ 12.472240] ? __pfx_kthread+0x10/0x10 [ 12.472257] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.472278] ? calculate_sigpending+0x7b/0xa0 [ 12.472310] ? __pfx_kthread+0x10/0x10 [ 12.472328] ret_from_fork+0x41/0x80 [ 12.472348] ? __pfx_kthread+0x10/0x10 [ 12.472366] ret_from_fork_asm+0x1a/0x30 [ 12.472396] </TASK> [ 12.472406] [ 12.479895] The buggy address belongs to the physical page: [ 12.480234] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 12.480669] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.480950] flags: 0x200000000000040(head|node=0|zone=2) [ 12.481207] page_type: f8(unknown) [ 12.481402] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.481709] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.482099] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.482508] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.482812] head: 0200000000000002 ffffea00040ab501 00000000ffffffff 00000000ffffffff [ 12.483180] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.483533] page dumped because: kasan: bad access detected [ 12.483720] [ 12.483791] Memory state around the buggy address: [ 12.484327] ffff888102ad5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.484771] ffff888102ad6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.485142] >ffff888102ad6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.485404] ^ [ 12.485736] ffff888102ad6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.485994] ffff888102ad6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.486205] ================================================================== [ 12.287816] ================================================================== [ 12.288414] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.288719] Write of size 1 at addr ffff8881003478c9 by task kunit_try_catch/177 [ 12.289077] [ 12.289198] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.289247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.289259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.289280] Call Trace: [ 12.289305] <TASK> [ 12.289323] dump_stack_lvl+0x73/0xb0 [ 12.289352] print_report+0xd1/0x650 [ 12.289374] ? __virt_addr_valid+0x1db/0x2d0 [ 12.289395] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.289419] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.289441] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.289465] kasan_report+0x141/0x180 [ 12.289487] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.289515] __asan_report_store1_noabort+0x1b/0x30 [ 12.289537] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.289563] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.289587] ? finish_task_switch.isra.0+0x153/0x700 [ 12.289610] ? __switch_to+0x5d9/0xf60 [ 12.289630] ? dequeue_task_fair+0x156/0x4e0 [ 12.289654] ? __schedule+0x10cc/0x2b30 [ 12.289676] ? __pfx_read_tsc+0x10/0x10 [ 12.289699] krealloc_less_oob+0x1c/0x30 [ 12.289721] kunit_try_run_case+0x1a5/0x480 [ 12.289744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.289765] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.289788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.289810] ? __kthread_parkme+0x82/0x180 [ 12.289831] ? preempt_count_sub+0x50/0x80 [ 12.289854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.289877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.289898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.289920] kthread+0x337/0x6f0 [ 12.289937] ? trace_preempt_on+0x20/0xc0 [ 12.289960] ? __pfx_kthread+0x10/0x10 [ 12.289977] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.289997] ? calculate_sigpending+0x7b/0xa0 [ 12.290018] ? __pfx_kthread+0x10/0x10 [ 12.290036] ret_from_fork+0x41/0x80 [ 12.290056] ? __pfx_kthread+0x10/0x10 [ 12.290130] ret_from_fork_asm+0x1a/0x30 [ 12.290161] </TASK> [ 12.290173] [ 12.298339] Allocated by task 177: [ 12.298618] kasan_save_stack+0x45/0x70 [ 12.298829] kasan_save_track+0x18/0x40 [ 12.299202] kasan_save_alloc_info+0x3b/0x50 [ 12.299394] __kasan_krealloc+0x190/0x1f0 [ 12.299537] krealloc_noprof+0xf3/0x340 [ 12.299675] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.299987] krealloc_less_oob+0x1c/0x30 [ 12.300200] kunit_try_run_case+0x1a5/0x480 [ 12.300424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.300649] kthread+0x337/0x6f0 [ 12.300802] ret_from_fork+0x41/0x80 [ 12.301026] ret_from_fork_asm+0x1a/0x30 [ 12.301208] [ 12.301327] The buggy address belongs to the object at ffff888100347800 [ 12.301327] which belongs to the cache kmalloc-256 of size 256 [ 12.301749] The buggy address is located 0 bytes to the right of [ 12.301749] allocated 201-byte region [ffff888100347800, ffff8881003478c9) [ 12.302268] [ 12.302380] The buggy address belongs to the physical page: [ 12.302834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.303323] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.303679] flags: 0x200000000000040(head|node=0|zone=2) [ 12.303960] page_type: f5(slab) [ 12.304116] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.304423] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.304737] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.305144] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.305394] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.305625] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.306043] page dumped because: kasan: bad access detected [ 12.306303] [ 12.306402] Memory state around the buggy address: [ 12.306687] ffff888100347780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.307159] ffff888100347800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.307466] >ffff888100347880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.307727] ^ [ 12.307909] ffff888100347900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.308409] ffff888100347980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.308689] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.260603] ================================================================== [ 12.261060] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.261380] Write of size 1 at addr ffff888100a2a8f0 by task kunit_try_catch/175 [ 12.261606] [ 12.261720] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.261767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.261779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.261800] Call Trace: [ 12.261813] <TASK> [ 12.261829] dump_stack_lvl+0x73/0xb0 [ 12.261856] print_report+0xd1/0x650 [ 12.261878] ? __virt_addr_valid+0x1db/0x2d0 [ 12.261900] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.261923] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.261945] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.261969] kasan_report+0x141/0x180 [ 12.261991] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.262019] __asan_report_store1_noabort+0x1b/0x30 [ 12.262039] krealloc_more_oob_helper+0x7eb/0x930 [ 12.262061] ? __schedule+0x10cc/0x2b30 [ 12.262084] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.262107] ? finish_task_switch.isra.0+0x153/0x700 [ 12.262130] ? __switch_to+0x5d9/0xf60 [ 12.262150] ? dequeue_task_fair+0x156/0x4e0 [ 12.262174] ? __schedule+0x10cc/0x2b30 [ 12.262195] ? __pfx_read_tsc+0x10/0x10 [ 12.262218] krealloc_more_oob+0x1c/0x30 [ 12.262235] kunit_try_run_case+0x1a5/0x480 [ 12.262259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.262280] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.262315] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.262338] ? __kthread_parkme+0x82/0x180 [ 12.262359] ? preempt_count_sub+0x50/0x80 [ 12.262385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.262408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.262430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.262451] kthread+0x337/0x6f0 [ 12.262468] ? trace_preempt_on+0x20/0xc0 [ 12.262491] ? __pfx_kthread+0x10/0x10 [ 12.262509] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.262531] ? calculate_sigpending+0x7b/0xa0 [ 12.262553] ? __pfx_kthread+0x10/0x10 [ 12.262571] ret_from_fork+0x41/0x80 [ 12.262593] ? __pfx_kthread+0x10/0x10 [ 12.262611] ret_from_fork_asm+0x1a/0x30 [ 12.262642] </TASK> [ 12.262653] [ 12.270910] Allocated by task 175: [ 12.271052] kasan_save_stack+0x45/0x70 [ 12.271200] kasan_save_track+0x18/0x40 [ 12.271635] kasan_save_alloc_info+0x3b/0x50 [ 12.271857] __kasan_krealloc+0x190/0x1f0 [ 12.272056] krealloc_noprof+0xf3/0x340 [ 12.272257] krealloc_more_oob_helper+0x1a9/0x930 [ 12.272506] krealloc_more_oob+0x1c/0x30 [ 12.272707] kunit_try_run_case+0x1a5/0x480 [ 12.273093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.273367] kthread+0x337/0x6f0 [ 12.273486] ret_from_fork+0x41/0x80 [ 12.273926] ret_from_fork_asm+0x1a/0x30 [ 12.274174] [ 12.274335] The buggy address belongs to the object at ffff888100a2a800 [ 12.274335] which belongs to the cache kmalloc-256 of size 256 [ 12.274874] The buggy address is located 5 bytes to the right of [ 12.274874] allocated 235-byte region [ffff888100a2a800, ffff888100a2a8eb) [ 12.275355] [ 12.275429] The buggy address belongs to the physical page: [ 12.275602] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2a [ 12.275940] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.276298] flags: 0x200000000000040(head|node=0|zone=2) [ 12.276605] page_type: f5(slab) [ 12.276823] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.277256] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.277677] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.278312] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.278649] head: 0200000000000001 ffffea0004028a81 00000000ffffffff 00000000ffffffff [ 12.278885] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.279279] page dumped because: kasan: bad access detected [ 12.279700] [ 12.279796] Memory state around the buggy address: [ 12.280156] ffff888100a2a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.280389] ffff888100a2a800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.280606] >ffff888100a2a880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.280859] ^ [ 12.281172] ffff888100a2a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.281493] ffff888100a2a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.281814] ================================================================== [ 12.415023] ================================================================== [ 12.415386] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.415747] Write of size 1 at addr ffff888102ad60f0 by task kunit_try_catch/179 [ 12.416678] [ 12.416779] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.416822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.416834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.416854] Call Trace: [ 12.416868] <TASK> [ 12.416882] dump_stack_lvl+0x73/0xb0 [ 12.416909] print_report+0xd1/0x650 [ 12.416931] ? __virt_addr_valid+0x1db/0x2d0 [ 12.416951] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.416974] ? kasan_addr_to_slab+0x11/0xa0 [ 12.416994] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.417017] kasan_report+0x141/0x180 [ 12.417039] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.417067] __asan_report_store1_noabort+0x1b/0x30 [ 12.417087] krealloc_more_oob_helper+0x7eb/0x930 [ 12.417109] ? __schedule+0x10cc/0x2b30 [ 12.417130] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.417154] ? finish_task_switch.isra.0+0x153/0x700 [ 12.417176] ? __switch_to+0x5d9/0xf60 [ 12.417196] ? dequeue_task_fair+0x166/0x4e0 [ 12.417220] ? __schedule+0x10cc/0x2b30 [ 12.417240] ? __pfx_read_tsc+0x10/0x10 [ 12.417263] krealloc_large_more_oob+0x1c/0x30 [ 12.417281] kunit_try_run_case+0x1a5/0x480 [ 12.417320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.417341] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.417363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.417384] ? __kthread_parkme+0x82/0x180 [ 12.417406] ? preempt_count_sub+0x50/0x80 [ 12.417429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.417452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.417473] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.417495] kthread+0x337/0x6f0 [ 12.417512] ? trace_preempt_on+0x20/0xc0 [ 12.417535] ? __pfx_kthread+0x10/0x10 [ 12.417553] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.417573] ? calculate_sigpending+0x7b/0xa0 [ 12.417595] ? __pfx_kthread+0x10/0x10 [ 12.417614] ret_from_fork+0x41/0x80 [ 12.417634] ? __pfx_kthread+0x10/0x10 [ 12.417652] ret_from_fork_asm+0x1a/0x30 [ 12.417682] </TASK> [ 12.417748] [ 12.425491] The buggy address belongs to the physical page: [ 12.425850] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 12.426156] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.426468] flags: 0x200000000000040(head|node=0|zone=2) [ 12.426688] page_type: f8(unknown) [ 12.426815] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.427118] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.427463] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.427830] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.428063] head: 0200000000000002 ffffea00040ab501 00000000ffffffff 00000000ffffffff [ 12.428822] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.429135] page dumped because: kasan: bad access detected [ 12.429377] [ 12.429462] Memory state around the buggy address: [ 12.429733] ffff888102ad5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.429992] ffff888102ad6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.430208] >ffff888102ad6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.430439] ^ [ 12.430757] ffff888102ad6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.431084] ffff888102ad6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.431341] ================================================================== [ 12.399416] ================================================================== [ 12.399868] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.400224] Write of size 1 at addr ffff888102ad60eb by task kunit_try_catch/179 [ 12.400556] [ 12.400641] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.400685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.400697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.400717] Call Trace: [ 12.400728] <TASK> [ 12.400744] dump_stack_lvl+0x73/0xb0 [ 12.400769] print_report+0xd1/0x650 [ 12.400790] ? __virt_addr_valid+0x1db/0x2d0 [ 12.400811] ? krealloc_more_oob_helper+0x821/0x930 [ 12.400834] ? kasan_addr_to_slab+0x11/0xa0 [ 12.400854] ? krealloc_more_oob_helper+0x821/0x930 [ 12.400877] kasan_report+0x141/0x180 [ 12.400899] ? krealloc_more_oob_helper+0x821/0x930 [ 12.400928] __asan_report_store1_noabort+0x1b/0x30 [ 12.400948] krealloc_more_oob_helper+0x821/0x930 [ 12.400970] ? __schedule+0x10cc/0x2b30 [ 12.400991] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.401015] ? finish_task_switch.isra.0+0x153/0x700 [ 12.401036] ? __switch_to+0x5d9/0xf60 [ 12.401056] ? dequeue_task_fair+0x166/0x4e0 [ 12.401079] ? __schedule+0x10cc/0x2b30 [ 12.401099] ? __pfx_read_tsc+0x10/0x10 [ 12.401122] krealloc_large_more_oob+0x1c/0x30 [ 12.401140] kunit_try_run_case+0x1a5/0x480 [ 12.401164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.401185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.401206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.401228] ? __kthread_parkme+0x82/0x180 [ 12.401249] ? preempt_count_sub+0x50/0x80 [ 12.401272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.401306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.401328] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.401349] kthread+0x337/0x6f0 [ 12.401366] ? trace_preempt_on+0x20/0xc0 [ 12.401389] ? __pfx_kthread+0x10/0x10 [ 12.401407] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.401427] ? calculate_sigpending+0x7b/0xa0 [ 12.401447] ? __pfx_kthread+0x10/0x10 [ 12.401465] ret_from_fork+0x41/0x80 [ 12.401485] ? __pfx_kthread+0x10/0x10 [ 12.401503] ret_from_fork_asm+0x1a/0x30 [ 12.401533] </TASK> [ 12.401544] [ 12.408945] The buggy address belongs to the physical page: [ 12.409213] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 12.409554] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.409783] flags: 0x200000000000040(head|node=0|zone=2) [ 12.409963] page_type: f8(unknown) [ 12.410137] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.410491] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.410844] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.411076] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.411399] head: 0200000000000002 ffffea00040ab501 00000000ffffffff 00000000ffffffff [ 12.411753] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.412093] page dumped because: kasan: bad access detected [ 12.412354] [ 12.412449] Memory state around the buggy address: [ 12.412609] ffff888102ad5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.412840] ffff888102ad6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.413319] >ffff888102ad6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.413684] ^ [ 12.413890] ffff888102ad6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.414105] ffff888102ad6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.414325] ================================================================== [ 12.237698] ================================================================== [ 12.238159] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.238648] Write of size 1 at addr ffff888100a2a8eb by task kunit_try_catch/175 [ 12.238988] [ 12.239095] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.239145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.239157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.239178] Call Trace: [ 12.239190] <TASK> [ 12.239207] dump_stack_lvl+0x73/0xb0 [ 12.239236] print_report+0xd1/0x650 [ 12.239259] ? __virt_addr_valid+0x1db/0x2d0 [ 12.239281] ? krealloc_more_oob_helper+0x821/0x930 [ 12.239316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.239338] ? krealloc_more_oob_helper+0x821/0x930 [ 12.239362] kasan_report+0x141/0x180 [ 12.239384] ? krealloc_more_oob_helper+0x821/0x930 [ 12.239413] __asan_report_store1_noabort+0x1b/0x30 [ 12.239433] krealloc_more_oob_helper+0x821/0x930 [ 12.239456] ? __schedule+0x10cc/0x2b30 [ 12.239478] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.239502] ? finish_task_switch.isra.0+0x153/0x700 [ 12.239526] ? __switch_to+0x5d9/0xf60 [ 12.239547] ? dequeue_task_fair+0x156/0x4e0 [ 12.239571] ? __schedule+0x10cc/0x2b30 [ 12.239592] ? __pfx_read_tsc+0x10/0x10 [ 12.239615] krealloc_more_oob+0x1c/0x30 [ 12.239633] kunit_try_run_case+0x1a5/0x480 [ 12.239658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.239679] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.239702] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.239724] ? __kthread_parkme+0x82/0x180 [ 12.239745] ? preempt_count_sub+0x50/0x80 [ 12.239769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.239792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.239813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.239835] kthread+0x337/0x6f0 [ 12.239851] ? trace_preempt_on+0x20/0xc0 [ 12.239875] ? __pfx_kthread+0x10/0x10 [ 12.239906] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.239926] ? calculate_sigpending+0x7b/0xa0 [ 12.239948] ? __pfx_kthread+0x10/0x10 [ 12.239966] ret_from_fork+0x41/0x80 [ 12.239986] ? __pfx_kthread+0x10/0x10 [ 12.240003] ret_from_fork_asm+0x1a/0x30 [ 12.240034] </TASK> [ 12.240046] [ 12.248688] Allocated by task 175: [ 12.248915] kasan_save_stack+0x45/0x70 [ 12.249070] kasan_save_track+0x18/0x40 [ 12.249376] kasan_save_alloc_info+0x3b/0x50 [ 12.249655] __kasan_krealloc+0x190/0x1f0 [ 12.249912] krealloc_noprof+0xf3/0x340 [ 12.250049] krealloc_more_oob_helper+0x1a9/0x930 [ 12.250208] krealloc_more_oob+0x1c/0x30 [ 12.250644] kunit_try_run_case+0x1a5/0x480 [ 12.250868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.251121] kthread+0x337/0x6f0 [ 12.251246] ret_from_fork+0x41/0x80 [ 12.251392] ret_from_fork_asm+0x1a/0x30 [ 12.251533] [ 12.251605] The buggy address belongs to the object at ffff888100a2a800 [ 12.251605] which belongs to the cache kmalloc-256 of size 256 [ 12.252437] The buggy address is located 0 bytes to the right of [ 12.252437] allocated 235-byte region [ffff888100a2a800, ffff888100a2a8eb) [ 12.252836] [ 12.252910] The buggy address belongs to the physical page: [ 12.253089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2a [ 12.253566] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.253928] flags: 0x200000000000040(head|node=0|zone=2) [ 12.254189] page_type: f5(slab) [ 12.254376] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.254738] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.255418] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.255723] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.256105] head: 0200000000000001 ffffea0004028a81 00000000ffffffff 00000000ffffffff [ 12.256471] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.256779] page dumped because: kasan: bad access detected [ 12.257075] [ 12.257149] Memory state around the buggy address: [ 12.257319] ffff888100a2a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.257870] ffff888100a2a800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.258305] >ffff888100a2a880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.258575] ^ [ 12.258783] ffff888100a2a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.259314] ffff888100a2a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.259834] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.416360] ================================================================== [ 14.417287] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.417924] Read of size 1 at addr ffff8881039d7d02 by task kunit_try_catch/268 [ 14.418294] [ 14.418414] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.418819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.418835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.418857] Call Trace: [ 14.418870] <TASK> [ 14.418887] dump_stack_lvl+0x73/0xb0 [ 14.418928] print_report+0xd1/0x650 [ 14.418952] ? __virt_addr_valid+0x1db/0x2d0 [ 14.418976] ? kasan_stack_oob+0x2b5/0x300 [ 14.418997] ? kasan_addr_to_slab+0x11/0xa0 [ 14.419018] ? kasan_stack_oob+0x2b5/0x300 [ 14.419070] kasan_report+0x141/0x180 [ 14.419095] ? kasan_stack_oob+0x2b5/0x300 [ 14.419121] __asan_report_load1_noabort+0x18/0x20 [ 14.419141] kasan_stack_oob+0x2b5/0x300 [ 14.419162] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.419181] ? finish_task_switch.isra.0+0x153/0x700 [ 14.419205] ? __switch_to+0x5d9/0xf60 [ 14.419227] ? dequeue_task_fair+0x166/0x4e0 [ 14.419251] ? __schedule+0x10cc/0x2b30 [ 14.419274] ? __pfx_read_tsc+0x10/0x10 [ 14.419294] ? ktime_get_ts64+0x86/0x230 [ 14.419330] kunit_try_run_case+0x1a5/0x480 [ 14.419354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.419376] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.419399] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.419422] ? __kthread_parkme+0x82/0x180 [ 14.419458] ? preempt_count_sub+0x50/0x80 [ 14.419483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.419506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.419528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.419551] kthread+0x337/0x6f0 [ 14.419568] ? trace_preempt_on+0x20/0xc0 [ 14.419592] ? __pfx_kthread+0x10/0x10 [ 14.419610] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.419631] ? calculate_sigpending+0x7b/0xa0 [ 14.419652] ? __pfx_kthread+0x10/0x10 [ 14.419671] ret_from_fork+0x41/0x80 [ 14.419692] ? __pfx_kthread+0x10/0x10 [ 14.419710] ret_from_fork_asm+0x1a/0x30 [ 14.419741] </TASK> [ 14.419753] [ 14.432315] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.433134] and is located at offset 138 in frame: [ 14.433403] kasan_stack_oob+0x0/0x300 [ 14.434111] [ 14.434254] This frame has 4 objects: [ 14.434512] [48, 49) '__assertion' [ 14.434538] [64, 72) 'array' [ 14.434678] [96, 112) '__assertion' [ 14.434807] [128, 138) 'stack_array' [ 14.435026] [ 14.435388] The buggy address belongs to the physical page: [ 14.435586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d7 [ 14.436040] flags: 0x200000000000000(node=0|zone=2) [ 14.436370] raw: 0200000000000000 ffffea00040e75c8 ffffea00040e75c8 0000000000000000 [ 14.436746] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.437147] page dumped because: kasan: bad access detected [ 14.437385] [ 14.437531] Memory state around the buggy address: [ 14.437751] ffff8881039d7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.438040] ffff8881039d7c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.438347] >ffff8881039d7d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.438708] ^ [ 14.438860] ffff8881039d7d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.439203] ffff8881039d7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.439537] ==================================================================
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
[ 113.555423] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.766998] ================================================================== [ 49.767409] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 49.767409] [ 49.767810] Use-after-free read at 0x(____ptrval____) (in kfence-#139): [ 49.768436] test_krealloc+0x6fc/0xbe0 [ 49.768645] kunit_try_run_case+0x1a5/0x480 [ 49.769038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.769268] kthread+0x337/0x6f0 [ 49.769413] ret_from_fork+0x41/0x80 [ 49.769626] ret_from_fork_asm+0x1a/0x30 [ 49.769834] [ 49.769935] kfence-#139: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.769935] [ 49.770294] allocated by task 356 on cpu 0 at 49.766249s (0.004042s ago): [ 49.770570] test_alloc+0x364/0x10f0 [ 49.770744] test_krealloc+0xad/0xbe0 [ 49.770984] kunit_try_run_case+0x1a5/0x480 [ 49.771197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.771392] kthread+0x337/0x6f0 [ 49.771577] ret_from_fork+0x41/0x80 [ 49.771744] ret_from_fork_asm+0x1a/0x30 [ 49.771936] [ 49.772030] freed by task 356 on cpu 0 at 49.766558s (0.005470s ago): [ 49.772303] krealloc_noprof+0x108/0x340 [ 49.772495] test_krealloc+0x226/0xbe0 [ 49.772724] kunit_try_run_case+0x1a5/0x480 [ 49.772912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.773136] kthread+0x337/0x6f0 [ 49.773295] ret_from_fork+0x41/0x80 [ 49.773500] ret_from_fork_asm+0x1a/0x30 [ 49.773706] [ 49.773804] CPU: 0 UID: 0 PID: 356 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 49.774246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.774388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.774661] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.684039] ================================================================== [ 49.684529] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.684529] [ 49.685027] Use-after-free read at 0x(____ptrval____) (in kfence-#138): [ 49.685350] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.686034] kunit_try_run_case+0x1a5/0x480 [ 49.686286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.686904] kthread+0x337/0x6f0 [ 49.687186] ret_from_fork+0x41/0x80 [ 49.687472] ret_from_fork_asm+0x1a/0x30 [ 49.687844] [ 49.688042] kfence-#138: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 49.688042] [ 49.688495] allocated by task 354 on cpu 0 at 49.662114s (0.026378s ago): [ 49.688965] test_alloc+0x2a6/0x10f0 [ 49.689235] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 49.689472] kunit_try_run_case+0x1a5/0x480 [ 49.689835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.690148] kthread+0x337/0x6f0 [ 49.690320] ret_from_fork+0x41/0x80 [ 49.690507] ret_from_fork_asm+0x1a/0x30 [ 49.690898] [ 49.691065] freed by task 354 on cpu 0 at 49.662214s (0.028849s ago): [ 49.691418] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 49.691735] kunit_try_run_case+0x1a5/0x480 [ 49.691904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.692153] kthread+0x337/0x6f0 [ 49.692314] ret_from_fork+0x41/0x80 [ 49.692498] ret_from_fork_asm+0x1a/0x30 [ 49.692948] [ 49.693074] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 49.693601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.693888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.694321] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 24.818819] ================================================================== [ 24.819503] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 24.819503] [ 24.819888] Invalid read at 0x(____ptrval____): [ 24.820639] test_invalid_access+0xf0/0x210 [ 24.821149] kunit_try_run_case+0x1a5/0x480 [ 24.821473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.821998] kthread+0x337/0x6f0 [ 24.822171] ret_from_fork+0x41/0x80 [ 24.822337] ret_from_fork_asm+0x1a/0x30 [ 24.822720] [ 24.822865] CPU: 0 UID: 0 PID: 350 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 24.823524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.823694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.824165] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 24.598439] ================================================================== [ 24.598847] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.598847] [ 24.599246] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#134): [ 24.599968] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.600346] kunit_try_run_case+0x1a5/0x480 [ 24.600572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.600815] kthread+0x337/0x6f0 [ 24.600942] ret_from_fork+0x41/0x80 [ 24.601145] ret_from_fork_asm+0x1a/0x30 [ 24.601357] [ 24.601463] kfence-#134: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.601463] [ 24.601774] allocated by task 344 on cpu 0 at 24.598181s (0.003590s ago): [ 24.602078] test_alloc+0x364/0x10f0 [ 24.602266] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 24.602532] kunit_try_run_case+0x1a5/0x480 [ 24.602782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.603087] kthread+0x337/0x6f0 [ 24.603263] ret_from_fork+0x41/0x80 [ 24.603405] ret_from_fork_asm+0x1a/0x30 [ 24.603547] [ 24.603658] freed by task 344 on cpu 0 at 24.598311s (0.005345s ago): [ 24.603964] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.604201] kunit_try_run_case+0x1a5/0x480 [ 24.604393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.604684] kthread+0x337/0x6f0 [ 24.604851] ret_from_fork+0x41/0x80 [ 24.605018] ret_from_fork_asm+0x1a/0x30 [ 24.605159] [ 24.605285] CPU: 0 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 24.605838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.606022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.606317] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 24.390439] ================================================================== [ 24.390860] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.390860] [ 24.391348] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#132): [ 24.391791] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.391984] kunit_try_run_case+0x1a5/0x480 [ 24.392158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.392430] kthread+0x337/0x6f0 [ 24.392609] ret_from_fork+0x41/0x80 [ 24.392800] ret_from_fork_asm+0x1a/0x30 [ 24.393004] [ 24.393092] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.393092] [ 24.393449] allocated by task 342 on cpu 1 at 24.390225s (0.003222s ago): [ 24.393786] test_alloc+0x364/0x10f0 [ 24.393980] test_kmalloc_aligned_oob_read+0x105/0x560 [ 24.394203] kunit_try_run_case+0x1a5/0x480 [ 24.394410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.394656] kthread+0x337/0x6f0 [ 24.394785] ret_from_fork+0x41/0x80 [ 24.394975] ret_from_fork_asm+0x1a/0x30 [ 24.395174] [ 24.395278] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 24.395630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.395946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.396351] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 20.022410] ================================================================== [ 20.022813] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 20.022813] [ 20.023116] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#90): [ 20.023606] test_corruption+0x216/0x3e0 [ 20.023799] kunit_try_run_case+0x1a5/0x480 [ 20.023967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.024228] kthread+0x337/0x6f0 [ 20.024413] ret_from_fork+0x41/0x80 [ 20.024654] ret_from_fork_asm+0x1a/0x30 [ 20.024843] [ 20.024921] kfence-#90: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.024921] [ 20.025292] allocated by task 332 on cpu 0 at 20.022267s (0.003023s ago): [ 20.025622] test_alloc+0x2a6/0x10f0 [ 20.025781] test_corruption+0x1cb/0x3e0 [ 20.025983] kunit_try_run_case+0x1a5/0x480 [ 20.026135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.026407] kthread+0x337/0x6f0 [ 20.026581] ret_from_fork+0x41/0x80 [ 20.026762] ret_from_fork_asm+0x1a/0x30 [ 20.026905] [ 20.026981] freed by task 332 on cpu 0 at 20.022334s (0.004645s ago): [ 20.027282] test_corruption+0x216/0x3e0 [ 20.027491] kunit_try_run_case+0x1a5/0x480 [ 20.027724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.027914] kthread+0x337/0x6f0 [ 20.028040] ret_from_fork+0x41/0x80 [ 20.028228] ret_from_fork_asm+0x1a/0x30 [ 20.028441] [ 20.028580] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 20.029009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.029187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.029478] ================================================================== [ 19.502452] ================================================================== [ 19.502863] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.502863] [ 19.503194] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#85): [ 19.503698] test_corruption+0x2df/0x3e0 [ 19.503912] kunit_try_run_case+0x1a5/0x480 [ 19.504070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.504259] kthread+0x337/0x6f0 [ 19.504461] ret_from_fork+0x41/0x80 [ 19.504709] ret_from_fork_asm+0x1a/0x30 [ 19.505068] [ 19.505146] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.505146] [ 19.505659] allocated by task 330 on cpu 0 at 19.502184s (0.003472s ago): [ 19.505940] test_alloc+0x364/0x10f0 [ 19.506133] test_corruption+0x1cb/0x3e0 [ 19.506360] kunit_try_run_case+0x1a5/0x480 [ 19.506592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.506855] kthread+0x337/0x6f0 [ 19.507024] ret_from_fork+0x41/0x80 [ 19.507157] ret_from_fork_asm+0x1a/0x30 [ 19.507299] [ 19.507442] freed by task 330 on cpu 0 at 19.502275s (0.005165s ago): [ 19.507793] test_corruption+0x2df/0x3e0 [ 19.508021] kunit_try_run_case+0x1a5/0x480 [ 19.508259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.508555] kthread+0x337/0x6f0 [ 19.508755] ret_from_fork+0x41/0x80 [ 19.508896] ret_from_fork_asm+0x1a/0x30 [ 19.509069] [ 19.509216] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 19.509809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.510016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.510443] ================================================================== [ 18.670385] ================================================================== [ 18.670804] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.670804] [ 18.671234] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#77): [ 18.671914] test_corruption+0x2d2/0x3e0 [ 18.672140] kunit_try_run_case+0x1a5/0x480 [ 18.672361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.672623] kthread+0x337/0x6f0 [ 18.672755] ret_from_fork+0x41/0x80 [ 18.672946] ret_from_fork_asm+0x1a/0x30 [ 18.673188] [ 18.673281] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.673281] [ 18.673798] allocated by task 330 on cpu 0 at 18.670194s (0.003601s ago): [ 18.674093] test_alloc+0x364/0x10f0 [ 18.674277] test_corruption+0xe6/0x3e0 [ 18.674510] kunit_try_run_case+0x1a5/0x480 [ 18.674727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.675042] kthread+0x337/0x6f0 [ 18.675167] ret_from_fork+0x41/0x80 [ 18.675297] ret_from_fork_asm+0x1a/0x30 [ 18.675630] [ 18.675729] freed by task 330 on cpu 0 at 18.670295s (0.005432s ago): [ 18.676045] test_corruption+0x2d2/0x3e0 [ 18.676281] kunit_try_run_case+0x1a5/0x480 [ 18.676546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.676776] kthread+0x337/0x6f0 [ 18.676977] ret_from_fork+0x41/0x80 [ 18.677168] ret_from_fork_asm+0x1a/0x30 [ 18.677379] [ 18.677495] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 18.677950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.678188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.678666] ================================================================== [ 19.814372] ================================================================== [ 19.814788] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.814788] [ 19.815122] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#88): [ 19.815947] test_corruption+0x131/0x3e0 [ 19.816142] kunit_try_run_case+0x1a5/0x480 [ 19.816363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.816562] kthread+0x337/0x6f0 [ 19.816746] ret_from_fork+0x41/0x80 [ 19.816943] ret_from_fork_asm+0x1a/0x30 [ 19.817123] [ 19.817199] kfence-#88: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.817199] [ 19.817676] allocated by task 332 on cpu 0 at 19.814237s (0.003437s ago): [ 19.817939] test_alloc+0x2a6/0x10f0 [ 19.818132] test_corruption+0xe6/0x3e0 [ 19.818341] kunit_try_run_case+0x1a5/0x480 [ 19.818517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.818744] kthread+0x337/0x6f0 [ 19.818918] ret_from_fork+0x41/0x80 [ 19.819080] ret_from_fork_asm+0x1a/0x30 [ 19.819253] [ 19.819341] freed by task 332 on cpu 0 at 19.814283s (0.005055s ago): [ 19.819554] test_corruption+0x131/0x3e0 [ 19.819753] kunit_try_run_case+0x1a5/0x480 [ 19.819961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.820221] kthread+0x337/0x6f0 [ 19.820393] ret_from_fork+0x41/0x80 [ 19.820669] ret_from_fork_asm+0x1a/0x30 [ 19.820856] [ 19.820979] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 19.821371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.821516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.822103] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.462339] ================================================================== [ 18.462775] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.462775] [ 18.463202] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 18.463496] test_invalid_addr_free+0xfb/0x260 [ 18.463708] kunit_try_run_case+0x1a5/0x480 [ 18.463922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.464136] kthread+0x337/0x6f0 [ 18.464328] ret_from_fork+0x41/0x80 [ 18.464530] ret_from_fork_asm+0x1a/0x30 [ 18.464686] [ 18.464762] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.464762] [ 18.465176] allocated by task 328 on cpu 1 at 18.462221s (0.002953s ago): [ 18.465460] test_alloc+0x2a6/0x10f0 [ 18.465594] test_invalid_addr_free+0xdb/0x260 [ 18.465928] kunit_try_run_case+0x1a5/0x480 [ 18.466192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.466433] kthread+0x337/0x6f0 [ 18.466554] ret_from_fork+0x41/0x80 [ 18.466746] ret_from_fork_asm+0x1a/0x30 [ 18.466916] [ 18.467015] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 18.467538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.467740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.468108] ================================================================== [ 18.358294] ================================================================== [ 18.358705] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.358705] [ 18.359145] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 18.359436] test_invalid_addr_free+0x1e1/0x260 [ 18.359727] kunit_try_run_case+0x1a5/0x480 [ 18.360051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.360365] kthread+0x337/0x6f0 [ 18.360635] ret_from_fork+0x41/0x80 [ 18.360869] ret_from_fork_asm+0x1a/0x30 [ 18.361018] [ 18.361117] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.361117] [ 18.361674] allocated by task 326 on cpu 0 at 18.358179s (0.003492s ago): [ 18.361993] test_alloc+0x364/0x10f0 [ 18.362206] test_invalid_addr_free+0xdb/0x260 [ 18.362432] kunit_try_run_case+0x1a5/0x480 [ 18.362653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.362974] kthread+0x337/0x6f0 [ 18.363099] ret_from_fork+0x41/0x80 [ 18.363257] ret_from_fork_asm+0x1a/0x30 [ 18.363477] [ 18.363644] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 18.364107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.364276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.364758] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.150462] ================================================================== [ 18.150889] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.150889] [ 18.151307] Invalid free of 0x(____ptrval____) (in kfence-#72): [ 18.151658] test_double_free+0x1d3/0x260 [ 18.151833] kunit_try_run_case+0x1a5/0x480 [ 18.152055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.152289] kthread+0x337/0x6f0 [ 18.152450] ret_from_fork+0x41/0x80 [ 18.153052] ret_from_fork_asm+0x1a/0x30 [ 18.153276] [ 18.153374] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.153374] [ 18.154152] allocated by task 322 on cpu 1 at 18.150235s (0.003914s ago): [ 18.154500] test_alloc+0x364/0x10f0 [ 18.154678] test_double_free+0xdb/0x260 [ 18.154865] kunit_try_run_case+0x1a5/0x480 [ 18.155054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.155286] kthread+0x337/0x6f0 [ 18.155750] ret_from_fork+0x41/0x80 [ 18.155934] ret_from_fork_asm+0x1a/0x30 [ 18.156098] [ 18.156280] freed by task 322 on cpu 1 at 18.150302s (0.005898s ago): [ 18.156741] test_double_free+0x1e0/0x260 [ 18.157015] kunit_try_run_case+0x1a5/0x480 [ 18.157283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.157573] kthread+0x337/0x6f0 [ 18.157861] ret_from_fork+0x41/0x80 [ 18.158047] ret_from_fork_asm+0x1a/0x30 [ 18.158231] [ 18.158368] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 18.159090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.159382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.159881] ================================================================== [ 18.254352] ================================================================== [ 18.254831] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.254831] [ 18.255364] Invalid free of 0x(____ptrval____) (in kfence-#73): [ 18.256061] test_double_free+0x112/0x260 [ 18.256304] kunit_try_run_case+0x1a5/0x480 [ 18.256810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.257044] kthread+0x337/0x6f0 [ 18.257246] ret_from_fork+0x41/0x80 [ 18.257411] ret_from_fork_asm+0x1a/0x30 [ 18.257668] [ 18.257881] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.257881] [ 18.258323] allocated by task 324 on cpu 0 at 18.254157s (0.004164s ago): [ 18.258651] test_alloc+0x2a6/0x10f0 [ 18.258880] test_double_free+0xdb/0x260 [ 18.259095] kunit_try_run_case+0x1a5/0x480 [ 18.259327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.259608] kthread+0x337/0x6f0 [ 18.259816] ret_from_fork+0x41/0x80 [ 18.260025] ret_from_fork_asm+0x1a/0x30 [ 18.260190] [ 18.260289] freed by task 324 on cpu 0 at 18.254218s (0.006068s ago): [ 18.260571] test_double_free+0xfa/0x260 [ 18.260971] kunit_try_run_case+0x1a5/0x480 [ 18.261157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.261344] kthread+0x337/0x6f0 [ 18.261579] ret_from_fork+0x41/0x80 [ 18.261832] ret_from_fork_asm+0x1a/0x30 [ 18.262085] [ 18.262216] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 18.262652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.263040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.263432] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.734491] ================================================================== [ 17.734932] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.734932] [ 17.735365] Use-after-free read at 0x(____ptrval____) (in kfence-#68): [ 17.735670] test_use_after_free_read+0x129/0x270 [ 17.735839] kunit_try_run_case+0x1a5/0x480 [ 17.736054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.736331] kthread+0x337/0x6f0 [ 17.736509] ret_from_fork+0x41/0x80 [ 17.736702] ret_from_fork_asm+0x1a/0x30 [ 17.736862] [ 17.736948] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.736948] [ 17.737363] allocated by task 314 on cpu 0 at 17.734241s (0.003119s ago): [ 17.737825] test_alloc+0x364/0x10f0 [ 17.737963] test_use_after_free_read+0xdc/0x270 [ 17.738189] kunit_try_run_case+0x1a5/0x480 [ 17.738406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.738716] kthread+0x337/0x6f0 [ 17.738859] ret_from_fork+0x41/0x80 [ 17.739030] ret_from_fork_asm+0x1a/0x30 [ 17.739223] [ 17.739296] freed by task 314 on cpu 0 at 17.734328s (0.004966s ago): [ 17.739518] test_use_after_free_read+0x1e7/0x270 [ 17.739696] kunit_try_run_case+0x1a5/0x480 [ 17.739909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.740290] kthread+0x337/0x6f0 [ 17.740434] ret_from_fork+0x41/0x80 [ 17.740570] ret_from_fork_asm+0x1a/0x30 [ 17.740828] [ 17.740950] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 17.741452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.741610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.741879] ================================================================== [ 17.838394] ================================================================== [ 17.838818] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.838818] [ 17.839358] Use-after-free read at 0x(____ptrval____) (in kfence-#69): [ 17.839675] test_use_after_free_read+0x129/0x270 [ 17.839885] kunit_try_run_case+0x1a5/0x480 [ 17.840261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.840466] kthread+0x337/0x6f0 [ 17.840593] ret_from_fork+0x41/0x80 [ 17.840779] ret_from_fork_asm+0x1a/0x30 [ 17.840984] [ 17.841085] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.841085] [ 17.841468] allocated by task 316 on cpu 1 at 17.838224s (0.003241s ago): [ 17.841774] test_alloc+0x2a6/0x10f0 [ 17.841905] test_use_after_free_read+0xdc/0x270 [ 17.842058] kunit_try_run_case+0x1a5/0x480 [ 17.842260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.842547] kthread+0x337/0x6f0 [ 17.842742] ret_from_fork+0x41/0x80 [ 17.842941] ret_from_fork_asm+0x1a/0x30 [ 17.843173] [ 17.843280] freed by task 316 on cpu 1 at 17.838283s (0.004995s ago): [ 17.843620] test_use_after_free_read+0xfb/0x270 [ 17.843892] kunit_try_run_case+0x1a5/0x480 [ 17.844099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.844351] kthread+0x337/0x6f0 [ 17.844580] ret_from_fork+0x41/0x80 [ 17.844711] ret_from_fork_asm+0x1a/0x30 [ 17.844849] [ 17.844949] CPU: 1 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 17.845478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.845802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.846187] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.526283] ================================================================== [ 17.526799] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.526799] [ 17.527437] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#66): [ 17.527743] test_out_of_bounds_write+0x10d/0x260 [ 17.527941] kunit_try_run_case+0x1a5/0x480 [ 17.528163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.528450] kthread+0x337/0x6f0 [ 17.528575] ret_from_fork+0x41/0x80 [ 17.528760] ret_from_fork_asm+0x1a/0x30 [ 17.528958] [ 17.529120] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.529120] [ 17.529437] allocated by task 310 on cpu 0 at 17.526182s (0.003253s ago): [ 17.529806] test_alloc+0x364/0x10f0 [ 17.530035] test_out_of_bounds_write+0xd4/0x260 [ 17.530272] kunit_try_run_case+0x1a5/0x480 [ 17.530518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.530763] kthread+0x337/0x6f0 [ 17.530938] ret_from_fork+0x41/0x80 [ 17.531149] ret_from_fork_asm+0x1a/0x30 [ 17.531358] [ 17.531482] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 17.532027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.532164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.532760] ================================================================== [ 17.630291] ================================================================== [ 17.630804] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.630804] [ 17.631854] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#67): [ 17.632147] test_out_of_bounds_write+0x10d/0x260 [ 17.632394] kunit_try_run_case+0x1a5/0x480 [ 17.632992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.633230] kthread+0x337/0x6f0 [ 17.633402] ret_from_fork+0x41/0x80 [ 17.633756] ret_from_fork_asm+0x1a/0x30 [ 17.634046] [ 17.634135] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.634135] [ 17.634678] allocated by task 312 on cpu 0 at 17.630230s (0.004445s ago): [ 17.635155] test_alloc+0x2a6/0x10f0 [ 17.635419] test_out_of_bounds_write+0xd4/0x260 [ 17.635731] kunit_try_run_case+0x1a5/0x480 [ 17.635908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.636140] kthread+0x337/0x6f0 [ 17.636286] ret_from_fork+0x41/0x80 [ 17.636750] ret_from_fork_asm+0x1a/0x30 [ 17.636944] [ 17.637052] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 17.637686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.637957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.638334] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.695412] ================================================================== [ 16.695843] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.695843] [ 16.696319] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#58): [ 16.696651] test_out_of_bounds_read+0x126/0x4e0 [ 16.696894] kunit_try_run_case+0x1a5/0x480 [ 16.697082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.697304] kthread+0x337/0x6f0 [ 16.697527] ret_from_fork+0x41/0x80 [ 16.697699] ret_from_fork_asm+0x1a/0x30 [ 16.697885] [ 16.698015] kfence-#58: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.698015] [ 16.698407] allocated by task 306 on cpu 0 at 16.694255s (0.004149s ago): [ 16.698757] test_alloc+0x364/0x10f0 [ 16.698892] test_out_of_bounds_read+0xed/0x4e0 [ 16.699093] kunit_try_run_case+0x1a5/0x480 [ 16.699328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.699628] kthread+0x337/0x6f0 [ 16.699753] ret_from_fork+0x41/0x80 [ 16.699915] ret_from_fork_asm+0x1a/0x30 [ 16.700141] [ 16.700269] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.700803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.701012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.701395] ================================================================== [ 17.214209] ================================================================== [ 17.214806] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.214806] [ 17.215504] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#63): [ 17.215789] test_out_of_bounds_read+0x126/0x4e0 [ 17.216032] kunit_try_run_case+0x1a5/0x480 [ 17.216231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.216488] kthread+0x337/0x6f0 [ 17.217121] ret_from_fork+0x41/0x80 [ 17.217284] ret_from_fork_asm+0x1a/0x30 [ 17.217731] [ 17.217835] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.217835] [ 17.218356] allocated by task 308 on cpu 1 at 17.214147s (0.004206s ago): [ 17.218869] test_alloc+0x2a6/0x10f0 [ 17.219204] test_out_of_bounds_read+0xed/0x4e0 [ 17.219520] kunit_try_run_case+0x1a5/0x480 [ 17.219724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.220017] kthread+0x337/0x6f0 [ 17.220196] ret_from_fork+0x41/0x80 [ 17.220392] ret_from_fork_asm+0x1a/0x30 [ 17.220628] [ 17.220787] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 17.221233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.221463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.221845] ================================================================== [ 17.318261] ================================================================== [ 17.318679] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.318679] [ 17.319193] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#64): [ 17.319538] test_out_of_bounds_read+0x216/0x4e0 [ 17.319778] kunit_try_run_case+0x1a5/0x480 [ 17.319955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.320136] kthread+0x337/0x6f0 [ 17.320299] ret_from_fork+0x41/0x80 [ 17.320569] ret_from_fork_asm+0x1a/0x30 [ 17.320769] [ 17.320853] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.320853] [ 17.321209] allocated by task 308 on cpu 1 at 17.318209s (0.002998s ago): [ 17.321501] test_alloc+0x2a6/0x10f0 [ 17.321676] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.321947] kunit_try_run_case+0x1a5/0x480 [ 17.322121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.322298] kthread+0x337/0x6f0 [ 17.322433] ret_from_fork+0x41/0x80 [ 17.322632] ret_from_fork_asm+0x1a/0x30 [ 17.322840] [ 17.322964] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 17.323468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.323687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.323989] ================================================================== [ 17.110393] ================================================================== [ 17.110809] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.110809] [ 17.111321] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#62): [ 17.111633] test_out_of_bounds_read+0x216/0x4e0 [ 17.111874] kunit_try_run_case+0x1a5/0x480 [ 17.112063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.112262] kthread+0x337/0x6f0 [ 17.112460] ret_from_fork+0x41/0x80 [ 17.112657] ret_from_fork_asm+0x1a/0x30 [ 17.112817] [ 17.112895] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.112895] [ 17.113322] allocated by task 306 on cpu 0 at 17.110207s (0.003113s ago): [ 17.113611] test_alloc+0x364/0x10f0 [ 17.113755] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.113994] kunit_try_run_case+0x1a5/0x480 [ 17.114207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.114441] kthread+0x337/0x6f0 [ 17.114563] ret_from_fork+0x41/0x80 [ 17.114733] ret_from_fork_asm+0x1a/0x30 [ 17.114960] [ 17.115167] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 17.115538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.115747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.116120] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.395949] ================================================================== [ 14.396522] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.396841] Read of size 1 at addr ffffffffa50422ad by task kunit_try_catch/264 [ 14.397252] [ 14.397412] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.397461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.397474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.397496] Call Trace: [ 14.397508] <TASK> [ 14.397524] dump_stack_lvl+0x73/0xb0 [ 14.397553] print_report+0xd1/0x650 [ 14.397576] ? __virt_addr_valid+0x1db/0x2d0 [ 14.397599] ? kasan_global_oob_right+0x286/0x2d0 [ 14.397621] ? kasan_addr_to_slab+0x11/0xa0 [ 14.397642] ? kasan_global_oob_right+0x286/0x2d0 [ 14.397665] kasan_report+0x141/0x180 [ 14.397688] ? kasan_global_oob_right+0x286/0x2d0 [ 14.397715] __asan_report_load1_noabort+0x18/0x20 [ 14.397736] kasan_global_oob_right+0x286/0x2d0 [ 14.397758] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.397783] ? __schedule+0x10cc/0x2b30 [ 14.397807] ? __pfx_read_tsc+0x10/0x10 [ 14.397827] ? ktime_get_ts64+0x86/0x230 [ 14.397853] kunit_try_run_case+0x1a5/0x480 [ 14.397931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.397958] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.397982] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.398005] ? __kthread_parkme+0x82/0x180 [ 14.398027] ? preempt_count_sub+0x50/0x80 [ 14.398053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.398077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.398100] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.398123] kthread+0x337/0x6f0 [ 14.398140] ? trace_preempt_on+0x20/0xc0 [ 14.398162] ? __pfx_kthread+0x10/0x10 [ 14.398180] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.398201] ? calculate_sigpending+0x7b/0xa0 [ 14.398222] ? __pfx_kthread+0x10/0x10 [ 14.398240] ret_from_fork+0x41/0x80 [ 14.398262] ? __pfx_kthread+0x10/0x10 [ 14.398280] ret_from_fork_asm+0x1a/0x30 [ 14.398325] </TASK> [ 14.398338] [ 14.406082] The buggy address belongs to the variable: [ 14.406526] global_array+0xd/0x40 [ 14.406692] [ 14.406785] The buggy address belongs to the physical page: [ 14.407042] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x159242 [ 14.407565] flags: 0x200000000002000(reserved|node=0|zone=2) [ 14.407853] raw: 0200000000002000 ffffea0005649088 ffffea0005649088 0000000000000000 [ 14.408209] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.408494] page dumped because: kasan: bad access detected [ 14.408670] [ 14.408741] Memory state around the buggy address: [ 14.408964] ffffffffa5042180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.409286] ffffffffa5042200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.409685] >ffffffffa5042280: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 14.410002] ^ [ 14.410235] ffffffffa5042300: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 14.410745] ffffffffa5042380: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 14.411088] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 12.113115] ================================================================== [ 12.114607] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x288/0x520 [ 12.114607] [ 12.114989] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . ] (in kfence-#31): [ 12.116180] kmalloc_track_caller_oob_right+0x288/0x520 [ 12.116867] kunit_try_run_case+0x1a5/0x480 [ 12.117457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.117974] kthread+0x337/0x6f0 [ 12.118138] ret_from_fork+0x41/0x80 [ 12.118273] ret_from_fork_asm+0x1a/0x30 [ 12.118452] [ 12.118764] kfence-#31: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 12.118764] [ 12.119818] allocated by task 161 on cpu 1 at 12.111485s (0.008276s ago): [ 12.120565] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.121080] kunit_try_run_case+0x1a5/0x480 [ 12.121351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.121750] kthread+0x337/0x6f0 [ 12.122090] ret_from_fork+0x41/0x80 [ 12.122436] ret_from_fork_asm+0x1a/0x30 [ 12.122629] [ 12.122814] freed by task 161 on cpu 1 at 12.112643s (0.010099s ago): [ 12.123098] kmalloc_track_caller_oob_right+0x288/0x520 [ 12.123579] kunit_try_run_case+0x1a5/0x480 [ 12.123773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.124105] kthread+0x337/0x6f0 [ 12.124323] ret_from_fork+0x41/0x80 [ 12.124531] ret_from_fork_asm+0x1a/0x30 [ 12.124728] [ 12.124876] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.125371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.125566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.126015] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.547969] ================================================================== [ 16.548365] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.548752] Write of size 121 at addr ffff888102a4e100 by task kunit_try_catch/304 [ 16.549183] [ 16.549331] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.549400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.549414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.549435] Call Trace: [ 16.549454] <TASK> [ 16.549471] dump_stack_lvl+0x73/0xb0 [ 16.549500] print_report+0xd1/0x650 [ 16.549525] ? __virt_addr_valid+0x1db/0x2d0 [ 16.549546] ? strncpy_from_user+0x2e/0x1d0 [ 16.549569] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.549594] ? strncpy_from_user+0x2e/0x1d0 [ 16.549618] kasan_report+0x141/0x180 [ 16.549642] ? strncpy_from_user+0x2e/0x1d0 [ 16.549670] kasan_check_range+0x10c/0x1c0 [ 16.549692] __kasan_check_write+0x18/0x20 [ 16.549713] strncpy_from_user+0x2e/0x1d0 [ 16.549739] copy_user_test_oob+0x760/0x10f0 [ 16.549763] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.549784] ? finish_task_switch.isra.0+0x153/0x700 [ 16.549808] ? __switch_to+0x5d9/0xf60 [ 16.549829] ? dequeue_task_fair+0x166/0x4e0 [ 16.549855] ? __schedule+0x10cc/0x2b30 [ 16.549878] ? __pfx_read_tsc+0x10/0x10 [ 16.549898] ? ktime_get_ts64+0x86/0x230 [ 16.549924] kunit_try_run_case+0x1a5/0x480 [ 16.549950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.549973] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.549997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.550022] ? __kthread_parkme+0x82/0x180 [ 16.550044] ? preempt_count_sub+0x50/0x80 [ 16.550070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.550095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.550118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.550141] kthread+0x337/0x6f0 [ 16.550159] ? trace_preempt_on+0x20/0xc0 [ 16.550183] ? __pfx_kthread+0x10/0x10 [ 16.550203] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.550225] ? calculate_sigpending+0x7b/0xa0 [ 16.550248] ? __pfx_kthread+0x10/0x10 [ 16.550268] ret_from_fork+0x41/0x80 [ 16.550290] ? __pfx_kthread+0x10/0x10 [ 16.550319] ret_from_fork_asm+0x1a/0x30 [ 16.550352] </TASK> [ 16.550364] [ 16.558650] Allocated by task 304: [ 16.558859] kasan_save_stack+0x45/0x70 [ 16.559080] kasan_save_track+0x18/0x40 [ 16.559271] kasan_save_alloc_info+0x3b/0x50 [ 16.559541] __kasan_kmalloc+0xb7/0xc0 [ 16.559740] __kmalloc_noprof+0x1c9/0x500 [ 16.559976] kunit_kmalloc_array+0x25/0x60 [ 16.560212] copy_user_test_oob+0xab/0x10f0 [ 16.560452] kunit_try_run_case+0x1a5/0x480 [ 16.560668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.560949] kthread+0x337/0x6f0 [ 16.561096] ret_from_fork+0x41/0x80 [ 16.561231] ret_from_fork_asm+0x1a/0x30 [ 16.561385] [ 16.561529] The buggy address belongs to the object at ffff888102a4e100 [ 16.561529] which belongs to the cache kmalloc-128 of size 128 [ 16.562064] The buggy address is located 0 bytes inside of [ 16.562064] allocated 120-byte region [ffff888102a4e100, ffff888102a4e178) [ 16.562823] [ 16.562955] The buggy address belongs to the physical page: [ 16.563220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4e [ 16.563649] flags: 0x200000000000000(node=0|zone=2) [ 16.563820] page_type: f5(slab) [ 16.563944] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.564289] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.564775] page dumped because: kasan: bad access detected [ 16.565026] [ 16.565100] Memory state around the buggy address: [ 16.565275] ffff888102a4e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.565809] ffff888102a4e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.566064] >ffff888102a4e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.566426] ^ [ 16.566763] ffff888102a4e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.567084] ffff888102a4e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.567405] ================================================================== [ 16.568424] ================================================================== [ 16.568677] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.568901] Write of size 1 at addr ffff888102a4e178 by task kunit_try_catch/304 [ 16.569379] [ 16.569564] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.569610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.569624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.569646] Call Trace: [ 16.569660] <TASK> [ 16.569675] dump_stack_lvl+0x73/0xb0 [ 16.569703] print_report+0xd1/0x650 [ 16.569726] ? __virt_addr_valid+0x1db/0x2d0 [ 16.569750] ? strncpy_from_user+0x1a5/0x1d0 [ 16.569816] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.569865] ? strncpy_from_user+0x1a5/0x1d0 [ 16.569916] kasan_report+0x141/0x180 [ 16.569964] ? strncpy_from_user+0x1a5/0x1d0 [ 16.569993] __asan_report_store1_noabort+0x1b/0x30 [ 16.570016] strncpy_from_user+0x1a5/0x1d0 [ 16.570069] copy_user_test_oob+0x760/0x10f0 [ 16.570093] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.570115] ? finish_task_switch.isra.0+0x153/0x700 [ 16.570139] ? __switch_to+0x5d9/0xf60 [ 16.570161] ? dequeue_task_fair+0x166/0x4e0 [ 16.570185] ? __schedule+0x10cc/0x2b30 [ 16.570209] ? __pfx_read_tsc+0x10/0x10 [ 16.570230] ? ktime_get_ts64+0x86/0x230 [ 16.570256] kunit_try_run_case+0x1a5/0x480 [ 16.570280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.570303] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.570339] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.570364] ? __kthread_parkme+0x82/0x180 [ 16.570387] ? preempt_count_sub+0x50/0x80 [ 16.570412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.570435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.570460] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.570483] kthread+0x337/0x6f0 [ 16.570502] ? trace_preempt_on+0x20/0xc0 [ 16.570525] ? __pfx_kthread+0x10/0x10 [ 16.570545] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.570567] ? calculate_sigpending+0x7b/0xa0 [ 16.570590] ? __pfx_kthread+0x10/0x10 [ 16.570610] ret_from_fork+0x41/0x80 [ 16.570632] ? __pfx_kthread+0x10/0x10 [ 16.570650] ret_from_fork_asm+0x1a/0x30 [ 16.570687] </TASK> [ 16.570699] [ 16.578396] Allocated by task 304: [ 16.578698] kasan_save_stack+0x45/0x70 [ 16.578844] kasan_save_track+0x18/0x40 [ 16.578983] kasan_save_alloc_info+0x3b/0x50 [ 16.579267] __kasan_kmalloc+0xb7/0xc0 [ 16.579494] __kmalloc_noprof+0x1c9/0x500 [ 16.579741] kunit_kmalloc_array+0x25/0x60 [ 16.579891] copy_user_test_oob+0xab/0x10f0 [ 16.580037] kunit_try_run_case+0x1a5/0x480 [ 16.580263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.580521] kthread+0x337/0x6f0 [ 16.580791] ret_from_fork+0x41/0x80 [ 16.580977] ret_from_fork_asm+0x1a/0x30 [ 16.581181] [ 16.581277] The buggy address belongs to the object at ffff888102a4e100 [ 16.581277] which belongs to the cache kmalloc-128 of size 128 [ 16.581818] The buggy address is located 0 bytes to the right of [ 16.581818] allocated 120-byte region [ffff888102a4e100, ffff888102a4e178) [ 16.582330] [ 16.582408] The buggy address belongs to the physical page: [ 16.582584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4e [ 16.582983] flags: 0x200000000000000(node=0|zone=2) [ 16.583301] page_type: f5(slab) [ 16.583508] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.583967] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.584302] page dumped because: kasan: bad access detected [ 16.584579] [ 16.584653] Memory state around the buggy address: [ 16.584840] ffff888102a4e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.585162] ffff888102a4e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.585492] >ffff888102a4e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.585788] ^ [ 16.586040] ffff888102a4e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.586257] ffff888102a4e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.586802] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.487095] ================================================================== [ 16.487519] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.487748] Read of size 121 at addr ffff888102a4e100 by task kunit_try_catch/304 [ 16.488205] [ 16.488407] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.488454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.488479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.488502] Call Trace: [ 16.488516] <TASK> [ 16.488532] dump_stack_lvl+0x73/0xb0 [ 16.488560] print_report+0xd1/0x650 [ 16.488583] ? __virt_addr_valid+0x1db/0x2d0 [ 16.488606] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.488627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.488650] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.488672] kasan_report+0x141/0x180 [ 16.488696] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.488722] kasan_check_range+0x10c/0x1c0 [ 16.488743] __kasan_check_read+0x15/0x20 [ 16.488764] copy_user_test_oob+0x4aa/0x10f0 [ 16.488788] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.488851] ? finish_task_switch.isra.0+0x153/0x700 [ 16.488901] ? __switch_to+0x5d9/0xf60 [ 16.488946] ? dequeue_task_fair+0x166/0x4e0 [ 16.489018] ? __schedule+0x10cc/0x2b30 [ 16.489087] ? __pfx_read_tsc+0x10/0x10 [ 16.489109] ? ktime_get_ts64+0x86/0x230 [ 16.489136] kunit_try_run_case+0x1a5/0x480 [ 16.489161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.489214] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.489239] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.489263] ? __kthread_parkme+0x82/0x180 [ 16.489286] ? preempt_count_sub+0x50/0x80 [ 16.489321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.489346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.489370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.489394] kthread+0x337/0x6f0 [ 16.489412] ? trace_preempt_on+0x20/0xc0 [ 16.489437] ? __pfx_kthread+0x10/0x10 [ 16.489457] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.489478] ? calculate_sigpending+0x7b/0xa0 [ 16.489500] ? __pfx_kthread+0x10/0x10 [ 16.489520] ret_from_fork+0x41/0x80 [ 16.489541] ? __pfx_kthread+0x10/0x10 [ 16.489560] ret_from_fork_asm+0x1a/0x30 [ 16.489593] </TASK> [ 16.489605] [ 16.497975] Allocated by task 304: [ 16.498111] kasan_save_stack+0x45/0x70 [ 16.498257] kasan_save_track+0x18/0x40 [ 16.498424] kasan_save_alloc_info+0x3b/0x50 [ 16.498593] __kasan_kmalloc+0xb7/0xc0 [ 16.498734] __kmalloc_noprof+0x1c9/0x500 [ 16.498879] kunit_kmalloc_array+0x25/0x60 [ 16.499089] copy_user_test_oob+0xab/0x10f0 [ 16.499301] kunit_try_run_case+0x1a5/0x480 [ 16.499652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.499921] kthread+0x337/0x6f0 [ 16.500096] ret_from_fork+0x41/0x80 [ 16.500266] ret_from_fork_asm+0x1a/0x30 [ 16.500510] [ 16.500622] The buggy address belongs to the object at ffff888102a4e100 [ 16.500622] which belongs to the cache kmalloc-128 of size 128 [ 16.501255] The buggy address is located 0 bytes inside of [ 16.501255] allocated 120-byte region [ffff888102a4e100, ffff888102a4e178) [ 16.501635] [ 16.501712] The buggy address belongs to the physical page: [ 16.501886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4e [ 16.502129] flags: 0x200000000000000(node=0|zone=2) [ 16.502295] page_type: f5(slab) [ 16.502474] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.502937] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.503579] page dumped because: kasan: bad access detected [ 16.503890] [ 16.503992] Memory state around the buggy address: [ 16.504219] ffff888102a4e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.504771] ffff888102a4e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.505111] >ffff888102a4e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.505428] ^ [ 16.505760] ffff888102a4e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506097] ffff888102a4e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506362] ================================================================== [ 16.467758] ================================================================== [ 16.468144] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.468475] Write of size 121 at addr ffff888102a4e100 by task kunit_try_catch/304 [ 16.468810] [ 16.468931] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.468981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.468995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.469035] Call Trace: [ 16.469049] <TASK> [ 16.469066] dump_stack_lvl+0x73/0xb0 [ 16.469113] print_report+0xd1/0x650 [ 16.469137] ? __virt_addr_valid+0x1db/0x2d0 [ 16.469159] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.469180] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.469204] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.469226] kasan_report+0x141/0x180 [ 16.469250] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.469276] kasan_check_range+0x10c/0x1c0 [ 16.469299] __kasan_check_write+0x18/0x20 [ 16.469329] copy_user_test_oob+0x3fd/0x10f0 [ 16.469352] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.469373] ? finish_task_switch.isra.0+0x153/0x700 [ 16.469397] ? __switch_to+0x5d9/0xf60 [ 16.469418] ? dequeue_task_fair+0x166/0x4e0 [ 16.469444] ? __schedule+0x10cc/0x2b30 [ 16.469476] ? __pfx_read_tsc+0x10/0x10 [ 16.469496] ? ktime_get_ts64+0x86/0x230 [ 16.469523] kunit_try_run_case+0x1a5/0x480 [ 16.469548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.469572] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.469597] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.469623] ? __kthread_parkme+0x82/0x180 [ 16.469646] ? preempt_count_sub+0x50/0x80 [ 16.469671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.469696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.469719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.469744] kthread+0x337/0x6f0 [ 16.469762] ? trace_preempt_on+0x20/0xc0 [ 16.469787] ? __pfx_kthread+0x10/0x10 [ 16.469807] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.469830] ? calculate_sigpending+0x7b/0xa0 [ 16.469852] ? __pfx_kthread+0x10/0x10 [ 16.469872] ret_from_fork+0x41/0x80 [ 16.469894] ? __pfx_kthread+0x10/0x10 [ 16.469913] ret_from_fork_asm+0x1a/0x30 [ 16.469944] </TASK> [ 16.469956] [ 16.477577] Allocated by task 304: [ 16.477862] kasan_save_stack+0x45/0x70 [ 16.478104] kasan_save_track+0x18/0x40 [ 16.478314] kasan_save_alloc_info+0x3b/0x50 [ 16.478634] __kasan_kmalloc+0xb7/0xc0 [ 16.478855] __kmalloc_noprof+0x1c9/0x500 [ 16.479033] kunit_kmalloc_array+0x25/0x60 [ 16.479207] copy_user_test_oob+0xab/0x10f0 [ 16.479462] kunit_try_run_case+0x1a5/0x480 [ 16.479700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.479964] kthread+0x337/0x6f0 [ 16.480146] ret_from_fork+0x41/0x80 [ 16.480324] ret_from_fork_asm+0x1a/0x30 [ 16.480531] [ 16.480633] The buggy address belongs to the object at ffff888102a4e100 [ 16.480633] which belongs to the cache kmalloc-128 of size 128 [ 16.481191] The buggy address is located 0 bytes inside of [ 16.481191] allocated 120-byte region [ffff888102a4e100, ffff888102a4e178) [ 16.481798] [ 16.481899] The buggy address belongs to the physical page: [ 16.482160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4e [ 16.482552] flags: 0x200000000000000(node=0|zone=2) [ 16.482809] page_type: f5(slab) [ 16.483000] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.483388] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.483766] page dumped because: kasan: bad access detected [ 16.484043] [ 16.484127] Memory state around the buggy address: [ 16.484370] ffff888102a4e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.484755] ffff888102a4e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.485114] >ffff888102a4e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.485436] ^ [ 16.485756] ffff888102a4e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.486077] ffff888102a4e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.486430] ================================================================== [ 16.507138] ================================================================== [ 16.507464] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.507795] Write of size 121 at addr ffff888102a4e100 by task kunit_try_catch/304 [ 16.508167] [ 16.508279] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.508336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.508350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.508371] Call Trace: [ 16.508389] <TASK> [ 16.508406] dump_stack_lvl+0x73/0xb0 [ 16.508435] print_report+0xd1/0x650 [ 16.508458] ? __virt_addr_valid+0x1db/0x2d0 [ 16.508481] ? copy_user_test_oob+0x557/0x10f0 [ 16.508537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.508563] ? copy_user_test_oob+0x557/0x10f0 [ 16.508584] kasan_report+0x141/0x180 [ 16.508608] ? copy_user_test_oob+0x557/0x10f0 [ 16.508662] kasan_check_range+0x10c/0x1c0 [ 16.508707] __kasan_check_write+0x18/0x20 [ 16.508728] copy_user_test_oob+0x557/0x10f0 [ 16.508752] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.508772] ? finish_task_switch.isra.0+0x153/0x700 [ 16.508797] ? __switch_to+0x5d9/0xf60 [ 16.508818] ? dequeue_task_fair+0x166/0x4e0 [ 16.508843] ? __schedule+0x10cc/0x2b30 [ 16.508867] ? __pfx_read_tsc+0x10/0x10 [ 16.508888] ? ktime_get_ts64+0x86/0x230 [ 16.508915] kunit_try_run_case+0x1a5/0x480 [ 16.508939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.508962] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.508987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.509011] ? __kthread_parkme+0x82/0x180 [ 16.509034] ? preempt_count_sub+0x50/0x80 [ 16.509059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.509084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.509108] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.509132] kthread+0x337/0x6f0 [ 16.509150] ? trace_preempt_on+0x20/0xc0 [ 16.509206] ? __pfx_kthread+0x10/0x10 [ 16.509226] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.509249] ? calculate_sigpending+0x7b/0xa0 [ 16.509295] ? __pfx_kthread+0x10/0x10 [ 16.509323] ret_from_fork+0x41/0x80 [ 16.509346] ? __pfx_kthread+0x10/0x10 [ 16.509365] ret_from_fork_asm+0x1a/0x30 [ 16.509397] </TASK> [ 16.509409] [ 16.517672] Allocated by task 304: [ 16.517862] kasan_save_stack+0x45/0x70 [ 16.518219] kasan_save_track+0x18/0x40 [ 16.518430] kasan_save_alloc_info+0x3b/0x50 [ 16.518638] __kasan_kmalloc+0xb7/0xc0 [ 16.518835] __kmalloc_noprof+0x1c9/0x500 [ 16.519003] kunit_kmalloc_array+0x25/0x60 [ 16.519293] copy_user_test_oob+0xab/0x10f0 [ 16.519520] kunit_try_run_case+0x1a5/0x480 [ 16.519814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.520083] kthread+0x337/0x6f0 [ 16.520205] ret_from_fork+0x41/0x80 [ 16.520361] ret_from_fork_asm+0x1a/0x30 [ 16.520559] [ 16.520657] The buggy address belongs to the object at ffff888102a4e100 [ 16.520657] which belongs to the cache kmalloc-128 of size 128 [ 16.521332] The buggy address is located 0 bytes inside of [ 16.521332] allocated 120-byte region [ffff888102a4e100, ffff888102a4e178) [ 16.521967] [ 16.522067] The buggy address belongs to the physical page: [ 16.522457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4e [ 16.523082] flags: 0x200000000000000(node=0|zone=2) [ 16.523349] page_type: f5(slab) [ 16.523689] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.524057] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.524412] page dumped because: kasan: bad access detected [ 16.524641] [ 16.524727] Memory state around the buggy address: [ 16.524957] ffff888102a4e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.525207] ffff888102a4e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.525527] >ffff888102a4e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.525742] ^ [ 16.526166] ffff888102a4e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.526557] ffff888102a4e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.526797] ================================================================== [ 16.527478] ================================================================== [ 16.527952] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.528322] Read of size 121 at addr ffff888102a4e100 by task kunit_try_catch/304 [ 16.528773] [ 16.528905] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.528953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.528968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.528991] Call Trace: [ 16.529039] <TASK> [ 16.529057] dump_stack_lvl+0x73/0xb0 [ 16.529085] print_report+0xd1/0x650 [ 16.529110] ? __virt_addr_valid+0x1db/0x2d0 [ 16.529132] ? copy_user_test_oob+0x604/0x10f0 [ 16.529184] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.529208] ? copy_user_test_oob+0x604/0x10f0 [ 16.529229] kasan_report+0x141/0x180 [ 16.529253] ? copy_user_test_oob+0x604/0x10f0 [ 16.529279] kasan_check_range+0x10c/0x1c0 [ 16.529343] __kasan_check_read+0x15/0x20 [ 16.529364] copy_user_test_oob+0x604/0x10f0 [ 16.529388] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.529408] ? finish_task_switch.isra.0+0x153/0x700 [ 16.529432] ? __switch_to+0x5d9/0xf60 [ 16.529463] ? dequeue_task_fair+0x166/0x4e0 [ 16.529520] ? __schedule+0x10cc/0x2b30 [ 16.529544] ? __pfx_read_tsc+0x10/0x10 [ 16.529566] ? ktime_get_ts64+0x86/0x230 [ 16.529593] kunit_try_run_case+0x1a5/0x480 [ 16.529618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.529672] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.529697] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.529721] ? __kthread_parkme+0x82/0x180 [ 16.529744] ? preempt_count_sub+0x50/0x80 [ 16.529770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.529795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.529818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.529843] kthread+0x337/0x6f0 [ 16.529860] ? trace_preempt_on+0x20/0xc0 [ 16.529885] ? __pfx_kthread+0x10/0x10 [ 16.529904] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.529925] ? calculate_sigpending+0x7b/0xa0 [ 16.530000] ? __pfx_kthread+0x10/0x10 [ 16.530044] ret_from_fork+0x41/0x80 [ 16.530089] ? __pfx_kthread+0x10/0x10 [ 16.530108] ret_from_fork_asm+0x1a/0x30 [ 16.530164] </TASK> [ 16.530194] [ 16.538566] Allocated by task 304: [ 16.538770] kasan_save_stack+0x45/0x70 [ 16.538965] kasan_save_track+0x18/0x40 [ 16.539170] kasan_save_alloc_info+0x3b/0x50 [ 16.539420] __kasan_kmalloc+0xb7/0xc0 [ 16.539607] __kmalloc_noprof+0x1c9/0x500 [ 16.539839] kunit_kmalloc_array+0x25/0x60 [ 16.540060] copy_user_test_oob+0xab/0x10f0 [ 16.540282] kunit_try_run_case+0x1a5/0x480 [ 16.540524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.540713] kthread+0x337/0x6f0 [ 16.540853] ret_from_fork+0x41/0x80 [ 16.541029] ret_from_fork_asm+0x1a/0x30 [ 16.541238] [ 16.541352] The buggy address belongs to the object at ffff888102a4e100 [ 16.541352] which belongs to the cache kmalloc-128 of size 128 [ 16.541845] The buggy address is located 0 bytes inside of [ 16.541845] allocated 120-byte region [ffff888102a4e100, ffff888102a4e178) [ 16.542295] [ 16.542433] The buggy address belongs to the physical page: [ 16.542894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4e [ 16.543331] flags: 0x200000000000000(node=0|zone=2) [ 16.543612] page_type: f5(slab) [ 16.543746] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.544086] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.544507] page dumped because: kasan: bad access detected [ 16.544768] [ 16.544865] Memory state around the buggy address: [ 16.545127] ffff888102a4e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.545471] ffff888102a4e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.545787] >ffff888102a4e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.546120] ^ [ 16.546469] ffff888102a4e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.546836] ffff888102a4e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.547164] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.444704] ================================================================== [ 16.445089] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 16.445398] Read of size 121 at addr ffff888102a4e100 by task kunit_try_catch/304 [ 16.445838] [ 16.445957] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.446006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.446020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.446042] Call Trace: [ 16.446059] <TASK> [ 16.446076] dump_stack_lvl+0x73/0xb0 [ 16.446124] print_report+0xd1/0x650 [ 16.446149] ? __virt_addr_valid+0x1db/0x2d0 [ 16.446172] ? _copy_to_user+0x4a/0x70 [ 16.446191] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.446215] ? _copy_to_user+0x4a/0x70 [ 16.446235] kasan_report+0x141/0x180 [ 16.446259] ? _copy_to_user+0x4a/0x70 [ 16.446283] kasan_check_range+0x10c/0x1c0 [ 16.446316] __kasan_check_read+0x15/0x20 [ 16.446337] _copy_to_user+0x4a/0x70 [ 16.446358] copy_user_test_oob+0x364/0x10f0 [ 16.446399] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.446420] ? finish_task_switch.isra.0+0x153/0x700 [ 16.446445] ? __switch_to+0x5d9/0xf60 [ 16.446466] ? dequeue_task_fair+0x166/0x4e0 [ 16.446491] ? __schedule+0x10cc/0x2b30 [ 16.446514] ? __pfx_read_tsc+0x10/0x10 [ 16.446534] ? ktime_get_ts64+0x86/0x230 [ 16.446561] kunit_try_run_case+0x1a5/0x480 [ 16.446604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.446628] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.446652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.446677] ? __kthread_parkme+0x82/0x180 [ 16.446706] ? preempt_count_sub+0x50/0x80 [ 16.446731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.446755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.446779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.446803] kthread+0x337/0x6f0 [ 16.446821] ? trace_preempt_on+0x20/0xc0 [ 16.446846] ? __pfx_kthread+0x10/0x10 [ 16.446865] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.446887] ? calculate_sigpending+0x7b/0xa0 [ 16.446910] ? __pfx_kthread+0x10/0x10 [ 16.446931] ret_from_fork+0x41/0x80 [ 16.446952] ? __pfx_kthread+0x10/0x10 [ 16.446971] ret_from_fork_asm+0x1a/0x30 [ 16.447002] </TASK> [ 16.447014] [ 16.454937] Allocated by task 304: [ 16.455107] kasan_save_stack+0x45/0x70 [ 16.455349] kasan_save_track+0x18/0x40 [ 16.455609] kasan_save_alloc_info+0x3b/0x50 [ 16.455891] __kasan_kmalloc+0xb7/0xc0 [ 16.456023] __kmalloc_noprof+0x1c9/0x500 [ 16.456161] kunit_kmalloc_array+0x25/0x60 [ 16.456618] copy_user_test_oob+0xab/0x10f0 [ 16.456830] kunit_try_run_case+0x1a5/0x480 [ 16.457055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.457389] kthread+0x337/0x6f0 [ 16.457586] ret_from_fork+0x41/0x80 [ 16.457788] ret_from_fork_asm+0x1a/0x30 [ 16.457985] [ 16.458080] The buggy address belongs to the object at ffff888102a4e100 [ 16.458080] which belongs to the cache kmalloc-128 of size 128 [ 16.458730] The buggy address is located 0 bytes inside of [ 16.458730] allocated 120-byte region [ffff888102a4e100, ffff888102a4e178) [ 16.459074] [ 16.459146] The buggy address belongs to the physical page: [ 16.459395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4e [ 16.460123] flags: 0x200000000000000(node=0|zone=2) [ 16.460375] page_type: f5(slab) [ 16.460576] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.460912] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.461228] page dumped because: kasan: bad access detected [ 16.461459] [ 16.461559] Memory state around the buggy address: [ 16.461768] ffff888102a4e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.462040] ffff888102a4e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.462340] >ffff888102a4e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.462618] ^ [ 16.462832] ffff888102a4e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.463098] ffff888102a4e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.463420] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.422272] ================================================================== [ 16.422936] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.423379] Write of size 121 at addr ffff888102a4e100 by task kunit_try_catch/304 [ 16.423828] [ 16.423950] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.424003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.424038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.424079] Call Trace: [ 16.424094] <TASK> [ 16.424129] dump_stack_lvl+0x73/0xb0 [ 16.424163] print_report+0xd1/0x650 [ 16.424189] ? __virt_addr_valid+0x1db/0x2d0 [ 16.424213] ? _copy_from_user+0x32/0x90 [ 16.424233] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.424257] ? _copy_from_user+0x32/0x90 [ 16.424278] kasan_report+0x141/0x180 [ 16.424302] ? _copy_from_user+0x32/0x90 [ 16.424358] kasan_check_range+0x10c/0x1c0 [ 16.424380] __kasan_check_write+0x18/0x20 [ 16.424400] _copy_from_user+0x32/0x90 [ 16.424439] copy_user_test_oob+0x2be/0x10f0 [ 16.424464] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.424484] ? finish_task_switch.isra.0+0x153/0x700 [ 16.424511] ? __switch_to+0x5d9/0xf60 [ 16.424533] ? dequeue_task_fair+0x166/0x4e0 [ 16.424558] ? __schedule+0x10cc/0x2b30 [ 16.424584] ? __pfx_read_tsc+0x10/0x10 [ 16.424605] ? ktime_get_ts64+0x86/0x230 [ 16.424632] kunit_try_run_case+0x1a5/0x480 [ 16.424658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.424681] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.424706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.424730] ? __kthread_parkme+0x82/0x180 [ 16.424754] ? preempt_count_sub+0x50/0x80 [ 16.424780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.424804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.424828] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.424852] kthread+0x337/0x6f0 [ 16.424870] ? trace_preempt_on+0x20/0xc0 [ 16.424896] ? __pfx_kthread+0x10/0x10 [ 16.424916] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.424939] ? calculate_sigpending+0x7b/0xa0 [ 16.424962] ? __pfx_kthread+0x10/0x10 [ 16.424982] ret_from_fork+0x41/0x80 [ 16.425005] ? __pfx_kthread+0x10/0x10 [ 16.425025] ret_from_fork_asm+0x1a/0x30 [ 16.425057] </TASK> [ 16.425071] [ 16.433043] Allocated by task 304: [ 16.433177] kasan_save_stack+0x45/0x70 [ 16.433394] kasan_save_track+0x18/0x40 [ 16.433767] kasan_save_alloc_info+0x3b/0x50 [ 16.433995] __kasan_kmalloc+0xb7/0xc0 [ 16.434192] __kmalloc_noprof+0x1c9/0x500 [ 16.434406] kunit_kmalloc_array+0x25/0x60 [ 16.434628] copy_user_test_oob+0xab/0x10f0 [ 16.434812] kunit_try_run_case+0x1a5/0x480 [ 16.435032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.435245] kthread+0x337/0x6f0 [ 16.435444] ret_from_fork+0x41/0x80 [ 16.435660] ret_from_fork_asm+0x1a/0x30 [ 16.435912] [ 16.435989] The buggy address belongs to the object at ffff888102a4e100 [ 16.435989] which belongs to the cache kmalloc-128 of size 128 [ 16.436529] The buggy address is located 0 bytes inside of [ 16.436529] allocated 120-byte region [ffff888102a4e100, ffff888102a4e178) [ 16.436933] [ 16.437010] The buggy address belongs to the physical page: [ 16.437187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4e [ 16.437744] flags: 0x200000000000000(node=0|zone=2) [ 16.438012] page_type: f5(slab) [ 16.438185] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.438590] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.438848] page dumped because: kasan: bad access detected [ 16.439048] [ 16.439171] Memory state around the buggy address: [ 16.439446] ffff888102a4e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.439805] ffff888102a4e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.440107] >ffff888102a4e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.440488] ^ [ 16.440813] ffff888102a4e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.441122] ffff888102a4e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.441535] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.389091] ================================================================== [ 16.389440] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.389675] Write of size 8 at addr ffff8881026f5d78 by task kunit_try_catch/300 [ 16.389953] [ 16.390168] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.390235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.390249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.390271] Call Trace: [ 16.390289] <TASK> [ 16.390335] dump_stack_lvl+0x73/0xb0 [ 16.390364] print_report+0xd1/0x650 [ 16.390388] ? __virt_addr_valid+0x1db/0x2d0 [ 16.390410] ? copy_to_kernel_nofault+0x99/0x260 [ 16.390432] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.390456] ? copy_to_kernel_nofault+0x99/0x260 [ 16.390477] kasan_report+0x141/0x180 [ 16.390501] ? copy_to_kernel_nofault+0x99/0x260 [ 16.390528] kasan_check_range+0x10c/0x1c0 [ 16.390549] __kasan_check_write+0x18/0x20 [ 16.390573] copy_to_kernel_nofault+0x99/0x260 [ 16.390596] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.390622] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.390646] ? finish_task_switch.isra.0+0x153/0x700 [ 16.390670] ? __schedule+0x10cc/0x2b30 [ 16.390698] ? trace_hardirqs_on+0x37/0xe0 [ 16.390750] ? __pfx_read_tsc+0x10/0x10 [ 16.390771] ? ktime_get_ts64+0x86/0x230 [ 16.390797] kunit_try_run_case+0x1a5/0x480 [ 16.390838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.390861] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.390901] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.390926] ? __kthread_parkme+0x82/0x180 [ 16.390949] ? preempt_count_sub+0x50/0x80 [ 16.390975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.391000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.391023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.391240] kthread+0x337/0x6f0 [ 16.391268] ? trace_preempt_on+0x20/0xc0 [ 16.391292] ? __pfx_kthread+0x10/0x10 [ 16.391324] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.391368] ? calculate_sigpending+0x7b/0xa0 [ 16.391391] ? __pfx_kthread+0x10/0x10 [ 16.391424] ret_from_fork+0x41/0x80 [ 16.391447] ? __pfx_kthread+0x10/0x10 [ 16.391477] ret_from_fork_asm+0x1a/0x30 [ 16.391509] </TASK> [ 16.391522] [ 16.400510] Allocated by task 300: [ 16.400718] kasan_save_stack+0x45/0x70 [ 16.400942] kasan_save_track+0x18/0x40 [ 16.401297] kasan_save_alloc_info+0x3b/0x50 [ 16.401572] __kasan_kmalloc+0xb7/0xc0 [ 16.401716] __kmalloc_cache_noprof+0x189/0x420 [ 16.401867] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.402156] kunit_try_run_case+0x1a5/0x480 [ 16.402404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.402690] kthread+0x337/0x6f0 [ 16.402879] ret_from_fork+0x41/0x80 [ 16.403187] ret_from_fork_asm+0x1a/0x30 [ 16.403342] [ 16.403435] The buggy address belongs to the object at ffff8881026f5d00 [ 16.403435] which belongs to the cache kmalloc-128 of size 128 [ 16.404107] The buggy address is located 0 bytes to the right of [ 16.404107] allocated 120-byte region [ffff8881026f5d00, ffff8881026f5d78) [ 16.404807] [ 16.404973] The buggy address belongs to the physical page: [ 16.405228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f5 [ 16.405645] flags: 0x200000000000000(node=0|zone=2) [ 16.405864] page_type: f5(slab) [ 16.406111] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.406472] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.406709] page dumped because: kasan: bad access detected [ 16.406885] [ 16.406958] Memory state around the buggy address: [ 16.407182] ffff8881026f5c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.407554] ffff8881026f5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.408035] >ffff8881026f5d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.408578] ^ [ 16.408875] ffff8881026f5d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.409221] ffff8881026f5e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.409452] ================================================================== [ 16.366035] ================================================================== [ 16.366837] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.367881] Read of size 8 at addr ffff8881026f5d78 by task kunit_try_catch/300 [ 16.368563] [ 16.368660] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.368710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.368725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.368748] Call Trace: [ 16.368763] <TASK> [ 16.368781] dump_stack_lvl+0x73/0xb0 [ 16.368812] print_report+0xd1/0x650 [ 16.368839] ? __virt_addr_valid+0x1db/0x2d0 [ 16.368862] ? copy_to_kernel_nofault+0x225/0x260 [ 16.368884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.368908] ? copy_to_kernel_nofault+0x225/0x260 [ 16.368930] kasan_report+0x141/0x180 [ 16.368955] ? copy_to_kernel_nofault+0x225/0x260 [ 16.368982] __asan_report_load8_noabort+0x18/0x20 [ 16.369005] copy_to_kernel_nofault+0x225/0x260 [ 16.369028] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.369053] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.369077] ? finish_task_switch.isra.0+0x153/0x700 [ 16.369104] ? __schedule+0x10cc/0x2b30 [ 16.369127] ? trace_hardirqs_on+0x37/0xe0 [ 16.369160] ? __pfx_read_tsc+0x10/0x10 [ 16.369182] ? ktime_get_ts64+0x86/0x230 [ 16.369209] kunit_try_run_case+0x1a5/0x480 [ 16.369235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.369258] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.369282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.369318] ? __kthread_parkme+0x82/0x180 [ 16.369342] ? preempt_count_sub+0x50/0x80 [ 16.369368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.369392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.369416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.369440] kthread+0x337/0x6f0 [ 16.369459] ? trace_preempt_on+0x20/0xc0 [ 16.369483] ? __pfx_kthread+0x10/0x10 [ 16.369522] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.369544] ? calculate_sigpending+0x7b/0xa0 [ 16.369568] ? __pfx_kthread+0x10/0x10 [ 16.369588] ret_from_fork+0x41/0x80 [ 16.369610] ? __pfx_kthread+0x10/0x10 [ 16.369630] ret_from_fork_asm+0x1a/0x30 [ 16.369662] </TASK> [ 16.369675] [ 16.378987] Allocated by task 300: [ 16.379225] kasan_save_stack+0x45/0x70 [ 16.379483] kasan_save_track+0x18/0x40 [ 16.379684] kasan_save_alloc_info+0x3b/0x50 [ 16.379890] __kasan_kmalloc+0xb7/0xc0 [ 16.380201] __kmalloc_cache_noprof+0x189/0x420 [ 16.380462] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.380693] kunit_try_run_case+0x1a5/0x480 [ 16.380852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.381192] kthread+0x337/0x6f0 [ 16.381404] ret_from_fork+0x41/0x80 [ 16.381540] ret_from_fork_asm+0x1a/0x30 [ 16.381809] [ 16.381903] The buggy address belongs to the object at ffff8881026f5d00 [ 16.381903] which belongs to the cache kmalloc-128 of size 128 [ 16.382445] The buggy address is located 0 bytes to the right of [ 16.382445] allocated 120-byte region [ffff8881026f5d00, ffff8881026f5d78) [ 16.383294] [ 16.383415] The buggy address belongs to the physical page: [ 16.383810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f5 [ 16.384214] flags: 0x200000000000000(node=0|zone=2) [ 16.384466] page_type: f5(slab) [ 16.384685] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.385081] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.385301] page dumped because: kasan: bad access detected [ 16.385477] [ 16.385703] Memory state around the buggy address: [ 16.386053] ffff8881026f5c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.386419] ffff8881026f5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.386633] >ffff8881026f5d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.387209] ^ [ 16.387591] ffff8881026f5d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.387837] ffff8881026f5e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.388391] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 15.362612] ================================================================== [ 15.363008] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.363316] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.363579] [ 15.363672] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.363720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.363734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.363756] Call Trace: [ 15.363775] <TASK> [ 15.363794] dump_stack_lvl+0x73/0xb0 [ 15.363822] print_report+0xd1/0x650 [ 15.363846] ? __virt_addr_valid+0x1db/0x2d0 [ 15.363869] ? kasan_atomics_helper+0xc70/0x5450 [ 15.363892] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.363916] ? kasan_atomics_helper+0xc70/0x5450 [ 15.363938] kasan_report+0x141/0x180 [ 15.363962] ? kasan_atomics_helper+0xc70/0x5450 [ 15.363990] kasan_check_range+0x10c/0x1c0 [ 15.364011] __kasan_check_write+0x18/0x20 [ 15.364033] kasan_atomics_helper+0xc70/0x5450 [ 15.364058] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.364081] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.364106] ? kasan_atomics+0x152/0x310 [ 15.364132] kasan_atomics+0x1dc/0x310 [ 15.364155] ? __pfx_kasan_atomics+0x10/0x10 [ 15.364177] ? trace_hardirqs_on+0x37/0xe0 [ 15.364203] ? __pfx_read_tsc+0x10/0x10 [ 15.364224] ? ktime_get_ts64+0x86/0x230 [ 15.364250] kunit_try_run_case+0x1a5/0x480 [ 15.364276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.364311] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.364337] ? __kthread_parkme+0x82/0x180 [ 15.364360] ? preempt_count_sub+0x50/0x80 [ 15.364387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.364412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.364455] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.364479] kthread+0x337/0x6f0 [ 15.364497] ? trace_preempt_on+0x20/0xc0 [ 15.364520] ? __pfx_kthread+0x10/0x10 [ 15.364539] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.364562] ? calculate_sigpending+0x7b/0xa0 [ 15.364585] ? __pfx_kthread+0x10/0x10 [ 15.364604] ret_from_fork+0x41/0x80 [ 15.364626] ? __pfx_kthread+0x10/0x10 [ 15.364645] ret_from_fork_asm+0x1a/0x30 [ 15.364678] </TASK> [ 15.364691] [ 15.372171] Allocated by task 284: [ 15.372367] kasan_save_stack+0x45/0x70 [ 15.372572] kasan_save_track+0x18/0x40 [ 15.372714] kasan_save_alloc_info+0x3b/0x50 [ 15.372925] __kasan_kmalloc+0xb7/0xc0 [ 15.373119] __kmalloc_cache_noprof+0x189/0x420 [ 15.373348] kasan_atomics+0x95/0x310 [ 15.373529] kunit_try_run_case+0x1a5/0x480 [ 15.373732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.373973] kthread+0x337/0x6f0 [ 15.374136] ret_from_fork+0x41/0x80 [ 15.374278] ret_from_fork_asm+0x1a/0x30 [ 15.374502] [ 15.374602] The buggy address belongs to the object at ffff888102717100 [ 15.374602] which belongs to the cache kmalloc-64 of size 64 [ 15.375057] The buggy address is located 0 bytes to the right of [ 15.375057] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.375466] [ 15.375543] The buggy address belongs to the physical page: [ 15.375715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.376063] flags: 0x200000000000000(node=0|zone=2) [ 15.376309] page_type: f5(slab) [ 15.376506] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.376848] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.377142] page dumped because: kasan: bad access detected [ 15.377328] [ 15.377399] Memory state around the buggy address: [ 15.377580] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.377853] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.378176] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.378547] ^ [ 15.378789] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.379112] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.380003] ================================================================== [ 15.545094] ================================================================== [ 15.545457] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.545737] Read of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.546162] [ 15.546277] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.546343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.546357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.546389] Call Trace: [ 15.546408] <TASK> [ 15.546426] dump_stack_lvl+0x73/0xb0 [ 15.546462] print_report+0xd1/0x650 [ 15.546485] ? __virt_addr_valid+0x1db/0x2d0 [ 15.546516] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.546538] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.546561] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.546594] kasan_report+0x141/0x180 [ 15.546618] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.546647] __asan_report_load4_noabort+0x18/0x20 [ 15.546668] kasan_atomics_helper+0x4a1c/0x5450 [ 15.546709] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.546732] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.546765] ? kasan_atomics+0x152/0x310 [ 15.546789] kasan_atomics+0x1dc/0x310 [ 15.546809] ? __pfx_kasan_atomics+0x10/0x10 [ 15.546828] ? trace_hardirqs_on+0x37/0xe0 [ 15.546861] ? __pfx_read_tsc+0x10/0x10 [ 15.546881] ? ktime_get_ts64+0x86/0x230 [ 15.546908] kunit_try_run_case+0x1a5/0x480 [ 15.546942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.546966] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.547000] ? __kthread_parkme+0x82/0x180 [ 15.547022] ? preempt_count_sub+0x50/0x80 [ 15.547047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.547082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.547106] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.547130] kthread+0x337/0x6f0 [ 15.547155] ? trace_preempt_on+0x20/0xc0 [ 15.547179] ? __pfx_kthread+0x10/0x10 [ 15.547198] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.547231] ? calculate_sigpending+0x7b/0xa0 [ 15.547254] ? __pfx_kthread+0x10/0x10 [ 15.547273] ret_from_fork+0x41/0x80 [ 15.547295] ? __pfx_kthread+0x10/0x10 [ 15.547324] ret_from_fork_asm+0x1a/0x30 [ 15.547356] </TASK> [ 15.547368] [ 15.555034] Allocated by task 284: [ 15.555219] kasan_save_stack+0x45/0x70 [ 15.555454] kasan_save_track+0x18/0x40 [ 15.555627] kasan_save_alloc_info+0x3b/0x50 [ 15.555775] __kasan_kmalloc+0xb7/0xc0 [ 15.555914] __kmalloc_cache_noprof+0x189/0x420 [ 15.556070] kasan_atomics+0x95/0x310 [ 15.556236] kunit_try_run_case+0x1a5/0x480 [ 15.556464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.556717] kthread+0x337/0x6f0 [ 15.556885] ret_from_fork+0x41/0x80 [ 15.557057] ret_from_fork_asm+0x1a/0x30 [ 15.557199] [ 15.557271] The buggy address belongs to the object at ffff888102717100 [ 15.557271] which belongs to the cache kmalloc-64 of size 64 [ 15.557631] The buggy address is located 0 bytes to the right of [ 15.557631] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.558188] [ 15.558315] The buggy address belongs to the physical page: [ 15.558583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.558960] flags: 0x200000000000000(node=0|zone=2) [ 15.559235] page_type: f5(slab) [ 15.559405] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.559775] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.560006] page dumped because: kasan: bad access detected [ 15.560248] [ 15.560354] Memory state around the buggy address: [ 15.560786] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.561108] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.561438] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.561717] ^ [ 15.561953] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.562262] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.562593] ================================================================== [ 14.974275] ================================================================== [ 14.975199] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.975554] Read of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 14.975858] [ 14.975978] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.976029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.976043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.976065] Call Trace: [ 14.976096] <TASK> [ 14.976115] dump_stack_lvl+0x73/0xb0 [ 14.976146] print_report+0xd1/0x650 [ 14.976168] ? __virt_addr_valid+0x1db/0x2d0 [ 14.976192] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.976214] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.976236] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.976259] kasan_report+0x141/0x180 [ 14.976281] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.976320] __asan_report_load4_noabort+0x18/0x20 [ 14.976341] kasan_atomics_helper+0x4bbc/0x5450 [ 14.976363] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.976386] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.976410] ? kasan_atomics+0x152/0x310 [ 14.976433] kasan_atomics+0x1dc/0x310 [ 14.976453] ? __pfx_kasan_atomics+0x10/0x10 [ 14.976472] ? trace_hardirqs_on+0x37/0xe0 [ 14.976496] ? __pfx_read_tsc+0x10/0x10 [ 14.976517] ? ktime_get_ts64+0x86/0x230 [ 14.976543] kunit_try_run_case+0x1a5/0x480 [ 14.976568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.976593] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.976618] ? __kthread_parkme+0x82/0x180 [ 14.976641] ? preempt_count_sub+0x50/0x80 [ 14.976669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.976693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.976716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.976738] kthread+0x337/0x6f0 [ 14.976755] ? trace_preempt_on+0x20/0xc0 [ 14.976777] ? __pfx_kthread+0x10/0x10 [ 14.976796] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.976816] ? calculate_sigpending+0x7b/0xa0 [ 14.976838] ? __pfx_kthread+0x10/0x10 [ 14.976856] ret_from_fork+0x41/0x80 [ 14.976877] ? __pfx_kthread+0x10/0x10 [ 14.976895] ret_from_fork_asm+0x1a/0x30 [ 14.976927] </TASK> [ 14.976939] [ 14.985339] Allocated by task 284: [ 14.985497] kasan_save_stack+0x45/0x70 [ 14.985652] kasan_save_track+0x18/0x40 [ 14.985792] kasan_save_alloc_info+0x3b/0x50 [ 14.986089] __kasan_kmalloc+0xb7/0xc0 [ 14.986466] __kmalloc_cache_noprof+0x189/0x420 [ 14.986799] kasan_atomics+0x95/0x310 [ 14.987021] kunit_try_run_case+0x1a5/0x480 [ 14.987215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.987466] kthread+0x337/0x6f0 [ 14.987640] ret_from_fork+0x41/0x80 [ 14.987825] ret_from_fork_asm+0x1a/0x30 [ 14.988063] [ 14.988162] The buggy address belongs to the object at ffff888102717100 [ 14.988162] which belongs to the cache kmalloc-64 of size 64 [ 14.988682] The buggy address is located 0 bytes to the right of [ 14.988682] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 14.989324] [ 14.989405] The buggy address belongs to the physical page: [ 14.989582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 14.989836] flags: 0x200000000000000(node=0|zone=2) [ 14.990143] page_type: f5(slab) [ 14.990331] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.990669] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.991314] page dumped because: kasan: bad access detected [ 14.991853] [ 14.992056] Memory state around the buggy address: [ 14.992263] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.992607] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.992900] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.993195] ^ [ 14.993395] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.993618] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.994078] ================================================================== [ 16.100997] ================================================================== [ 16.101686] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.101945] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.102173] [ 16.102260] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.102696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.102718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.102741] Call Trace: [ 16.102758] <TASK> [ 16.102773] dump_stack_lvl+0x73/0xb0 [ 16.102803] print_report+0xd1/0x650 [ 16.102987] ? __virt_addr_valid+0x1db/0x2d0 [ 16.103021] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.103045] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.103070] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.103093] kasan_report+0x141/0x180 [ 16.103118] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.103146] kasan_check_range+0x10c/0x1c0 [ 16.103167] __kasan_check_write+0x18/0x20 [ 16.103188] kasan_atomics_helper+0x1f43/0x5450 [ 16.103213] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.103237] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.103259] ? kasan_atomics+0x152/0x310 [ 16.103283] kasan_atomics+0x1dc/0x310 [ 16.103315] ? __pfx_kasan_atomics+0x10/0x10 [ 16.103336] ? trace_hardirqs_on+0x37/0xe0 [ 16.103359] ? __pfx_read_tsc+0x10/0x10 [ 16.103380] ? ktime_get_ts64+0x86/0x230 [ 16.103405] kunit_try_run_case+0x1a5/0x480 [ 16.103430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.103466] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.103491] ? __kthread_parkme+0x82/0x180 [ 16.103514] ? preempt_count_sub+0x50/0x80 [ 16.103540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.103565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.103589] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.103613] kthread+0x337/0x6f0 [ 16.103632] ? trace_preempt_on+0x20/0xc0 [ 16.103658] ? __pfx_kthread+0x10/0x10 [ 16.103679] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.103703] ? calculate_sigpending+0x7b/0xa0 [ 16.103727] ? __pfx_kthread+0x10/0x10 [ 16.103747] ret_from_fork+0x41/0x80 [ 16.103772] ? __pfx_kthread+0x10/0x10 [ 16.103794] ret_from_fork_asm+0x1a/0x30 [ 16.103826] </TASK> [ 16.103838] [ 16.116358] Allocated by task 284: [ 16.116749] kasan_save_stack+0x45/0x70 [ 16.116973] kasan_save_track+0x18/0x40 [ 16.117157] kasan_save_alloc_info+0x3b/0x50 [ 16.117353] __kasan_kmalloc+0xb7/0xc0 [ 16.117807] __kmalloc_cache_noprof+0x189/0x420 [ 16.118139] kasan_atomics+0x95/0x310 [ 16.118727] kunit_try_run_case+0x1a5/0x480 [ 16.119009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.119392] kthread+0x337/0x6f0 [ 16.119883] ret_from_fork+0x41/0x80 [ 16.120115] ret_from_fork_asm+0x1a/0x30 [ 16.120428] [ 16.120668] The buggy address belongs to the object at ffff888102717100 [ 16.120668] which belongs to the cache kmalloc-64 of size 64 [ 16.121159] The buggy address is located 0 bytes to the right of [ 16.121159] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.121945] [ 16.122189] The buggy address belongs to the physical page: [ 16.122648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.123074] flags: 0x200000000000000(node=0|zone=2) [ 16.123291] page_type: f5(slab) [ 16.123655] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.124100] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.124832] page dumped because: kasan: bad access detected [ 16.125081] [ 16.125168] Memory state around the buggy address: [ 16.125385] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.126151] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.126473] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.126704] ^ [ 16.126861] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.127072] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.127280] ================================================================== [ 15.841808] ================================================================== [ 15.842200] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.842915] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.843245] [ 15.843385] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.843431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.843443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.843465] Call Trace: [ 15.843480] <TASK> [ 15.843495] dump_stack_lvl+0x73/0xb0 [ 15.843523] print_report+0xd1/0x650 [ 15.843546] ? __virt_addr_valid+0x1db/0x2d0 [ 15.843568] ? kasan_atomics_helper+0x177f/0x5450 [ 15.843590] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.843625] ? kasan_atomics_helper+0x177f/0x5450 [ 15.843648] kasan_report+0x141/0x180 [ 15.843672] ? kasan_atomics_helper+0x177f/0x5450 [ 15.843711] kasan_check_range+0x10c/0x1c0 [ 15.843733] __kasan_check_write+0x18/0x20 [ 15.843753] kasan_atomics_helper+0x177f/0x5450 [ 15.843778] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.843801] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.843822] ? kasan_atomics+0x152/0x310 [ 15.843848] kasan_atomics+0x1dc/0x310 [ 15.843869] ? __pfx_kasan_atomics+0x10/0x10 [ 15.843888] ? trace_hardirqs_on+0x37/0xe0 [ 15.843912] ? __pfx_read_tsc+0x10/0x10 [ 15.843932] ? ktime_get_ts64+0x86/0x230 [ 15.843958] kunit_try_run_case+0x1a5/0x480 [ 15.843993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.844017] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.844052] ? __kthread_parkme+0x82/0x180 [ 15.844075] ? preempt_count_sub+0x50/0x80 [ 15.844100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.844125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.844156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.844180] kthread+0x337/0x6f0 [ 15.844197] ? trace_preempt_on+0x20/0xc0 [ 15.844230] ? __pfx_kthread+0x10/0x10 [ 15.844249] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.844272] ? calculate_sigpending+0x7b/0xa0 [ 15.844309] ? __pfx_kthread+0x10/0x10 [ 15.844329] ret_from_fork+0x41/0x80 [ 15.844351] ? __pfx_kthread+0x10/0x10 [ 15.844380] ret_from_fork_asm+0x1a/0x30 [ 15.844413] </TASK> [ 15.844425] [ 15.852483] Allocated by task 284: [ 15.852673] kasan_save_stack+0x45/0x70 [ 15.852878] kasan_save_track+0x18/0x40 [ 15.853049] kasan_save_alloc_info+0x3b/0x50 [ 15.853265] __kasan_kmalloc+0xb7/0xc0 [ 15.853470] __kmalloc_cache_noprof+0x189/0x420 [ 15.853687] kasan_atomics+0x95/0x310 [ 15.853874] kunit_try_run_case+0x1a5/0x480 [ 15.854098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.854339] kthread+0x337/0x6f0 [ 15.854537] ret_from_fork+0x41/0x80 [ 15.854723] ret_from_fork_asm+0x1a/0x30 [ 15.854924] [ 15.855011] The buggy address belongs to the object at ffff888102717100 [ 15.855011] which belongs to the cache kmalloc-64 of size 64 [ 15.855560] The buggy address is located 0 bytes to the right of [ 15.855560] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.855964] [ 15.856038] The buggy address belongs to the physical page: [ 15.856213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.856543] flags: 0x200000000000000(node=0|zone=2) [ 15.856863] page_type: f5(slab) [ 15.857036] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.857381] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.857705] page dumped because: kasan: bad access detected [ 15.857880] [ 15.857951] Memory state around the buggy address: [ 15.858108] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.858425] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.858784] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.859129] ^ [ 15.859364] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.859715] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.860013] ================================================================== [ 15.034159] ================================================================== [ 15.034733] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 15.035196] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.035551] [ 15.035638] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.035685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.035699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.035720] Call Trace: [ 15.035738] <TASK> [ 15.035757] dump_stack_lvl+0x73/0xb0 [ 15.035784] print_report+0xd1/0x650 [ 15.035807] ? __virt_addr_valid+0x1db/0x2d0 [ 15.035828] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.035851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.035874] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.035897] kasan_report+0x141/0x180 [ 15.035921] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.035948] __asan_report_store4_noabort+0x1b/0x30 [ 15.035971] kasan_atomics_helper+0x4b6e/0x5450 [ 15.035995] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.036019] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.036042] ? kasan_atomics+0x152/0x310 [ 15.036078] kasan_atomics+0x1dc/0x310 [ 15.036098] ? __pfx_kasan_atomics+0x10/0x10 [ 15.036119] ? trace_hardirqs_on+0x37/0xe0 [ 15.036143] ? __pfx_read_tsc+0x10/0x10 [ 15.036164] ? ktime_get_ts64+0x86/0x230 [ 15.036216] kunit_try_run_case+0x1a5/0x480 [ 15.036241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.036266] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.036292] ? __kthread_parkme+0x82/0x180 [ 15.036326] ? preempt_count_sub+0x50/0x80 [ 15.036352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.036376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.036400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.036424] kthread+0x337/0x6f0 [ 15.036603] ? trace_preempt_on+0x20/0xc0 [ 15.036787] ? __pfx_kthread+0x10/0x10 [ 15.037128] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.037154] ? calculate_sigpending+0x7b/0xa0 [ 15.037178] ? __pfx_kthread+0x10/0x10 [ 15.037198] ret_from_fork+0x41/0x80 [ 15.037220] ? __pfx_kthread+0x10/0x10 [ 15.037240] ret_from_fork_asm+0x1a/0x30 [ 15.037274] </TASK> [ 15.037287] [ 15.048852] Allocated by task 284: [ 15.049377] kasan_save_stack+0x45/0x70 [ 15.049777] kasan_save_track+0x18/0x40 [ 15.050062] kasan_save_alloc_info+0x3b/0x50 [ 15.050285] __kasan_kmalloc+0xb7/0xc0 [ 15.050686] __kmalloc_cache_noprof+0x189/0x420 [ 15.050926] kasan_atomics+0x95/0x310 [ 15.051243] kunit_try_run_case+0x1a5/0x480 [ 15.051634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.051892] kthread+0x337/0x6f0 [ 15.052118] ret_from_fork+0x41/0x80 [ 15.052278] ret_from_fork_asm+0x1a/0x30 [ 15.052729] [ 15.052979] The buggy address belongs to the object at ffff888102717100 [ 15.052979] which belongs to the cache kmalloc-64 of size 64 [ 15.053476] The buggy address is located 0 bytes to the right of [ 15.053476] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.054284] [ 15.054383] The buggy address belongs to the physical page: [ 15.054953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.055486] flags: 0x200000000000000(node=0|zone=2) [ 15.055840] page_type: f5(slab) [ 15.056249] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.056706] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.057203] page dumped because: kasan: bad access detected [ 15.057513] [ 15.057782] Memory state around the buggy address: [ 15.058171] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.058655] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.059254] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.059810] ^ [ 15.060166] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.060478] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.060965] ================================================================== [ 15.263552] ================================================================== [ 15.263841] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.264419] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.264747] [ 15.264845] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.264895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.264912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.264934] Call Trace: [ 15.264948] <TASK> [ 15.264962] dump_stack_lvl+0x73/0xb0 [ 15.264992] print_report+0xd1/0x650 [ 15.265015] ? __virt_addr_valid+0x1db/0x2d0 [ 15.265039] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.265062] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.265086] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.265109] kasan_report+0x141/0x180 [ 15.265134] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.265163] kasan_check_range+0x10c/0x1c0 [ 15.265186] __kasan_check_write+0x18/0x20 [ 15.265206] kasan_atomics_helper+0x8f9/0x5450 [ 15.265231] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.265255] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.265278] ? kasan_atomics+0x152/0x310 [ 15.265316] kasan_atomics+0x1dc/0x310 [ 15.265337] ? __pfx_kasan_atomics+0x10/0x10 [ 15.265358] ? trace_hardirqs_on+0x37/0xe0 [ 15.265382] ? __pfx_read_tsc+0x10/0x10 [ 15.265402] ? ktime_get_ts64+0x86/0x230 [ 15.265428] kunit_try_run_case+0x1a5/0x480 [ 15.265462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.265488] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.265513] ? __kthread_parkme+0x82/0x180 [ 15.265536] ? preempt_count_sub+0x50/0x80 [ 15.265562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.265586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.265609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.265633] kthread+0x337/0x6f0 [ 15.265650] ? trace_preempt_on+0x20/0xc0 [ 15.265675] ? __pfx_kthread+0x10/0x10 [ 15.265694] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.265716] ? calculate_sigpending+0x7b/0xa0 [ 15.265741] ? __pfx_kthread+0x10/0x10 [ 15.265761] ret_from_fork+0x41/0x80 [ 15.265786] ? __pfx_kthread+0x10/0x10 [ 15.265807] ret_from_fork_asm+0x1a/0x30 [ 15.265839] </TASK> [ 15.265851] [ 15.273578] Allocated by task 284: [ 15.273764] kasan_save_stack+0x45/0x70 [ 15.273951] kasan_save_track+0x18/0x40 [ 15.274102] kasan_save_alloc_info+0x3b/0x50 [ 15.274324] __kasan_kmalloc+0xb7/0xc0 [ 15.274517] __kmalloc_cache_noprof+0x189/0x420 [ 15.274732] kasan_atomics+0x95/0x310 [ 15.274896] kunit_try_run_case+0x1a5/0x480 [ 15.275072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.275296] kthread+0x337/0x6f0 [ 15.275493] ret_from_fork+0x41/0x80 [ 15.275658] ret_from_fork_asm+0x1a/0x30 [ 15.275823] [ 15.275896] The buggy address belongs to the object at ffff888102717100 [ 15.275896] which belongs to the cache kmalloc-64 of size 64 [ 15.276256] The buggy address is located 0 bytes to the right of [ 15.276256] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.276664] [ 15.276763] The buggy address belongs to the physical page: [ 15.277021] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.277395] flags: 0x200000000000000(node=0|zone=2) [ 15.277634] page_type: f5(slab) [ 15.277804] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.278035] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.278263] page dumped because: kasan: bad access detected [ 15.278451] [ 15.278565] Memory state around the buggy address: [ 15.278795] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.279115] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.279455] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.279775] ^ [ 15.279994] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.280298] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.280627] ================================================================== [ 15.126713] ================================================================== [ 15.127370] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.127937] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.128548] [ 15.128666] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.128717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.128731] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.128754] Call Trace: [ 15.128795] <TASK> [ 15.128813] dump_stack_lvl+0x73/0xb0 [ 15.128860] print_report+0xd1/0x650 [ 15.128885] ? __virt_addr_valid+0x1db/0x2d0 [ 15.128920] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.128957] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.128982] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.129019] kasan_report+0x141/0x180 [ 15.129042] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.129084] __asan_report_store4_noabort+0x1b/0x30 [ 15.129106] kasan_atomics_helper+0x4b3a/0x5450 [ 15.129143] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.129180] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.129251] ? kasan_atomics+0x152/0x310 [ 15.129277] kasan_atomics+0x1dc/0x310 [ 15.129310] ? __pfx_kasan_atomics+0x10/0x10 [ 15.129331] ? trace_hardirqs_on+0x37/0xe0 [ 15.129356] ? __pfx_read_tsc+0x10/0x10 [ 15.129376] ? ktime_get_ts64+0x86/0x230 [ 15.129402] kunit_try_run_case+0x1a5/0x480 [ 15.129426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.129451] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.129477] ? __kthread_parkme+0x82/0x180 [ 15.129500] ? preempt_count_sub+0x50/0x80 [ 15.129525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.129550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.129573] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.129597] kthread+0x337/0x6f0 [ 15.129615] ? trace_preempt_on+0x20/0xc0 [ 15.129638] ? __pfx_kthread+0x10/0x10 [ 15.129658] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.129679] ? calculate_sigpending+0x7b/0xa0 [ 15.129701] ? __pfx_kthread+0x10/0x10 [ 15.129721] ret_from_fork+0x41/0x80 [ 15.129742] ? __pfx_kthread+0x10/0x10 [ 15.129761] ret_from_fork_asm+0x1a/0x30 [ 15.129793] </TASK> [ 15.129805] [ 15.138797] Allocated by task 284: [ 15.139045] kasan_save_stack+0x45/0x70 [ 15.139201] kasan_save_track+0x18/0x40 [ 15.139363] kasan_save_alloc_info+0x3b/0x50 [ 15.139588] __kasan_kmalloc+0xb7/0xc0 [ 15.139821] __kmalloc_cache_noprof+0x189/0x420 [ 15.140318] kasan_atomics+0x95/0x310 [ 15.140525] kunit_try_run_case+0x1a5/0x480 [ 15.140779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.141049] kthread+0x337/0x6f0 [ 15.141220] ret_from_fork+0x41/0x80 [ 15.141466] ret_from_fork_asm+0x1a/0x30 [ 15.141701] [ 15.141776] The buggy address belongs to the object at ffff888102717100 [ 15.141776] which belongs to the cache kmalloc-64 of size 64 [ 15.142544] The buggy address is located 0 bytes to the right of [ 15.142544] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.143240] [ 15.143332] The buggy address belongs to the physical page: [ 15.143710] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.144094] flags: 0x200000000000000(node=0|zone=2) [ 15.144369] page_type: f5(slab) [ 15.144602] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.145148] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.145511] page dumped because: kasan: bad access detected [ 15.145741] [ 15.145815] Memory state around the buggy address: [ 15.146010] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.146376] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.146783] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.147073] ^ [ 15.147231] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.147827] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.148320] ================================================================== [ 15.306170] ================================================================== [ 15.306521] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.306762] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.307062] [ 15.307150] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.307196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.307209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.307231] Call Trace: [ 15.307244] <TASK> [ 15.307258] dump_stack_lvl+0x73/0xb0 [ 15.307285] print_report+0xd1/0x650 [ 15.307318] ? __virt_addr_valid+0x1db/0x2d0 [ 15.307341] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.307363] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.307385] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.307408] kasan_report+0x141/0x180 [ 15.307431] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.307459] kasan_check_range+0x10c/0x1c0 [ 15.307479] __kasan_check_write+0x18/0x20 [ 15.307500] kasan_atomics_helper+0xa2b/0x5450 [ 15.307523] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.307546] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.307570] ? kasan_atomics+0x152/0x310 [ 15.307594] kasan_atomics+0x1dc/0x310 [ 15.307614] ? __pfx_kasan_atomics+0x10/0x10 [ 15.307634] ? trace_hardirqs_on+0x37/0xe0 [ 15.307658] ? __pfx_read_tsc+0x10/0x10 [ 15.307678] ? ktime_get_ts64+0x86/0x230 [ 15.307703] kunit_try_run_case+0x1a5/0x480 [ 15.307728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.307752] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.307777] ? __kthread_parkme+0x82/0x180 [ 15.307799] ? preempt_count_sub+0x50/0x80 [ 15.307826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.307850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.307873] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.307897] kthread+0x337/0x6f0 [ 15.307914] ? trace_preempt_on+0x20/0xc0 [ 15.307937] ? __pfx_kthread+0x10/0x10 [ 15.307957] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.307978] ? calculate_sigpending+0x7b/0xa0 [ 15.308000] ? __pfx_kthread+0x10/0x10 [ 15.308019] ret_from_fork+0x41/0x80 [ 15.308040] ? __pfx_kthread+0x10/0x10 [ 15.308059] ret_from_fork_asm+0x1a/0x30 [ 15.308091] </TASK> [ 15.308102] [ 15.315713] Allocated by task 284: [ 15.315904] kasan_save_stack+0x45/0x70 [ 15.316110] kasan_save_track+0x18/0x40 [ 15.316336] kasan_save_alloc_info+0x3b/0x50 [ 15.316565] __kasan_kmalloc+0xb7/0xc0 [ 15.316738] __kmalloc_cache_noprof+0x189/0x420 [ 15.316945] kasan_atomics+0x95/0x310 [ 15.317119] kunit_try_run_case+0x1a5/0x480 [ 15.317315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.318472] kthread+0x337/0x6f0 [ 15.318641] ret_from_fork+0x41/0x80 [ 15.318789] ret_from_fork_asm+0x1a/0x30 [ 15.318995] [ 15.319100] The buggy address belongs to the object at ffff888102717100 [ 15.319100] which belongs to the cache kmalloc-64 of size 64 [ 15.320242] The buggy address is located 0 bytes to the right of [ 15.320242] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.320893] [ 15.321131] The buggy address belongs to the physical page: [ 15.321371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.321882] flags: 0x200000000000000(node=0|zone=2) [ 15.322180] page_type: f5(slab) [ 15.322334] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.322821] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.323208] page dumped because: kasan: bad access detected [ 15.323589] [ 15.323695] Memory state around the buggy address: [ 15.323902] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.324365] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.324780] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.325148] ^ [ 15.325385] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.325837] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.326159] ================================================================== [ 15.599856] ================================================================== [ 15.600275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.600876] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.601198] [ 15.601291] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.601350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.601364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.601386] Call Trace: [ 15.601401] <TASK> [ 15.601416] dump_stack_lvl+0x73/0xb0 [ 15.601445] print_report+0xd1/0x650 [ 15.601469] ? __virt_addr_valid+0x1db/0x2d0 [ 15.601491] ? kasan_atomics_helper+0x1217/0x5450 [ 15.601514] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.601538] ? kasan_atomics_helper+0x1217/0x5450 [ 15.601563] kasan_report+0x141/0x180 [ 15.601588] ? kasan_atomics_helper+0x1217/0x5450 [ 15.601617] kasan_check_range+0x10c/0x1c0 [ 15.601638] __kasan_check_write+0x18/0x20 [ 15.601658] kasan_atomics_helper+0x1217/0x5450 [ 15.601682] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.601705] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.601728] ? kasan_atomics+0x152/0x310 [ 15.601753] kasan_atomics+0x1dc/0x310 [ 15.601774] ? __pfx_kasan_atomics+0x10/0x10 [ 15.601793] ? trace_hardirqs_on+0x37/0xe0 [ 15.601817] ? __pfx_read_tsc+0x10/0x10 [ 15.601838] ? ktime_get_ts64+0x86/0x230 [ 15.601865] kunit_try_run_case+0x1a5/0x480 [ 15.601890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.601915] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.601940] ? __kthread_parkme+0x82/0x180 [ 15.601962] ? preempt_count_sub+0x50/0x80 [ 15.601988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.602024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.602048] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.602082] kthread+0x337/0x6f0 [ 15.602100] ? trace_preempt_on+0x20/0xc0 [ 15.602122] ? __pfx_kthread+0x10/0x10 [ 15.602142] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.602164] ? calculate_sigpending+0x7b/0xa0 [ 15.602197] ? __pfx_kthread+0x10/0x10 [ 15.602216] ret_from_fork+0x41/0x80 [ 15.602238] ? __pfx_kthread+0x10/0x10 [ 15.602267] ret_from_fork_asm+0x1a/0x30 [ 15.602300] </TASK> [ 15.602319] [ 15.610475] Allocated by task 284: [ 15.610690] kasan_save_stack+0x45/0x70 [ 15.610916] kasan_save_track+0x18/0x40 [ 15.611082] kasan_save_alloc_info+0x3b/0x50 [ 15.611286] __kasan_kmalloc+0xb7/0xc0 [ 15.611520] __kmalloc_cache_noprof+0x189/0x420 [ 15.611730] kasan_atomics+0x95/0x310 [ 15.611924] kunit_try_run_case+0x1a5/0x480 [ 15.612097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.612370] kthread+0x337/0x6f0 [ 15.612580] ret_from_fork+0x41/0x80 [ 15.612752] ret_from_fork_asm+0x1a/0x30 [ 15.612959] [ 15.613051] The buggy address belongs to the object at ffff888102717100 [ 15.613051] which belongs to the cache kmalloc-64 of size 64 [ 15.613417] The buggy address is located 0 bytes to the right of [ 15.613417] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.613782] [ 15.613855] The buggy address belongs to the physical page: [ 15.614028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.614382] flags: 0x200000000000000(node=0|zone=2) [ 15.614866] page_type: f5(slab) [ 15.615038] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.615389] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.616098] page dumped because: kasan: bad access detected [ 15.616282] [ 15.616363] Memory state around the buggy address: [ 15.616725] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.617053] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.617395] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.617697] ^ [ 15.617860] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.618078] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.618294] ================================================================== [ 15.879198] ================================================================== [ 15.879521] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.879871] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.880476] [ 15.880565] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.880611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.880625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.880646] Call Trace: [ 15.880663] <TASK> [ 15.880679] dump_stack_lvl+0x73/0xb0 [ 15.880705] print_report+0xd1/0x650 [ 15.880728] ? __virt_addr_valid+0x1db/0x2d0 [ 15.880750] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.880773] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.880795] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.880817] kasan_report+0x141/0x180 [ 15.880841] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.880867] kasan_check_range+0x10c/0x1c0 [ 15.880889] __kasan_check_write+0x18/0x20 [ 15.880909] kasan_atomics_helper+0x18b1/0x5450 [ 15.880933] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.880972] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.881008] ? kasan_atomics+0x152/0x310 [ 15.881032] kasan_atomics+0x1dc/0x310 [ 15.881051] ? __pfx_kasan_atomics+0x10/0x10 [ 15.881084] ? trace_hardirqs_on+0x37/0xe0 [ 15.881107] ? __pfx_read_tsc+0x10/0x10 [ 15.881127] ? ktime_get_ts64+0x86/0x230 [ 15.881152] kunit_try_run_case+0x1a5/0x480 [ 15.881177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.881201] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.881225] ? __kthread_parkme+0x82/0x180 [ 15.881247] ? preempt_count_sub+0x50/0x80 [ 15.881273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.881297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.881330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.881353] kthread+0x337/0x6f0 [ 15.881371] ? trace_preempt_on+0x20/0xc0 [ 15.881394] ? __pfx_kthread+0x10/0x10 [ 15.881413] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.881434] ? calculate_sigpending+0x7b/0xa0 [ 15.881456] ? __pfx_kthread+0x10/0x10 [ 15.881475] ret_from_fork+0x41/0x80 [ 15.881496] ? __pfx_kthread+0x10/0x10 [ 15.881517] ret_from_fork_asm+0x1a/0x30 [ 15.881549] </TASK> [ 15.881561] [ 15.889452] Allocated by task 284: [ 15.889605] kasan_save_stack+0x45/0x70 [ 15.889754] kasan_save_track+0x18/0x40 [ 15.889891] kasan_save_alloc_info+0x3b/0x50 [ 15.890038] __kasan_kmalloc+0xb7/0xc0 [ 15.890257] __kmalloc_cache_noprof+0x189/0x420 [ 15.890486] kasan_atomics+0x95/0x310 [ 15.890671] kunit_try_run_case+0x1a5/0x480 [ 15.890883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.891120] kthread+0x337/0x6f0 [ 15.891242] ret_from_fork+0x41/0x80 [ 15.891386] ret_from_fork_asm+0x1a/0x30 [ 15.891538] [ 15.891635] The buggy address belongs to the object at ffff888102717100 [ 15.891635] which belongs to the cache kmalloc-64 of size 64 [ 15.892193] The buggy address is located 0 bytes to the right of [ 15.892193] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.892759] [ 15.892833] The buggy address belongs to the physical page: [ 15.893007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.893248] flags: 0x200000000000000(node=0|zone=2) [ 15.893537] page_type: f5(slab) [ 15.893722] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.894064] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.894408] page dumped because: kasan: bad access detected [ 15.894812] [ 15.894971] Memory state around the buggy address: [ 15.895128] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.895357] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.895576] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.896213] ^ [ 15.896449] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.896799] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.897184] ================================================================== [ 16.079439] ================================================================== [ 16.079783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.080419] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.080775] [ 16.080883] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.080927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.080941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.080962] Call Trace: [ 16.080987] <TASK> [ 16.081003] dump_stack_lvl+0x73/0xb0 [ 16.081031] print_report+0xd1/0x650 [ 16.081066] ? __virt_addr_valid+0x1db/0x2d0 [ 16.081087] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.081110] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.081133] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.081156] kasan_report+0x141/0x180 [ 16.081180] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.081208] kasan_check_range+0x10c/0x1c0 [ 16.081229] __kasan_check_write+0x18/0x20 [ 16.081249] kasan_atomics_helper+0x1eaa/0x5450 [ 16.081273] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.081297] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.081329] ? kasan_atomics+0x152/0x310 [ 16.081363] kasan_atomics+0x1dc/0x310 [ 16.081384] ? __pfx_kasan_atomics+0x10/0x10 [ 16.081404] ? trace_hardirqs_on+0x37/0xe0 [ 16.081448] ? __pfx_read_tsc+0x10/0x10 [ 16.081469] ? ktime_get_ts64+0x86/0x230 [ 16.081494] kunit_try_run_case+0x1a5/0x480 [ 16.081520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.081555] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.081579] ? __kthread_parkme+0x82/0x180 [ 16.081601] ? preempt_count_sub+0x50/0x80 [ 16.081637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.081661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.081684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.081708] kthread+0x337/0x6f0 [ 16.081735] ? trace_preempt_on+0x20/0xc0 [ 16.081758] ? __pfx_kthread+0x10/0x10 [ 16.081777] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.081809] ? calculate_sigpending+0x7b/0xa0 [ 16.081831] ? __pfx_kthread+0x10/0x10 [ 16.081850] ret_from_fork+0x41/0x80 [ 16.081872] ? __pfx_kthread+0x10/0x10 [ 16.081899] ret_from_fork_asm+0x1a/0x30 [ 16.081930] </TASK> [ 16.081943] [ 16.089923] Allocated by task 284: [ 16.090133] kasan_save_stack+0x45/0x70 [ 16.090295] kasan_save_track+0x18/0x40 [ 16.090532] kasan_save_alloc_info+0x3b/0x50 [ 16.090698] __kasan_kmalloc+0xb7/0xc0 [ 16.090910] __kmalloc_cache_noprof+0x189/0x420 [ 16.091107] kasan_atomics+0x95/0x310 [ 16.091270] kunit_try_run_case+0x1a5/0x480 [ 16.091483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.091715] kthread+0x337/0x6f0 [ 16.091886] ret_from_fork+0x41/0x80 [ 16.092079] ret_from_fork_asm+0x1a/0x30 [ 16.092245] [ 16.092356] The buggy address belongs to the object at ffff888102717100 [ 16.092356] which belongs to the cache kmalloc-64 of size 64 [ 16.092852] The buggy address is located 0 bytes to the right of [ 16.092852] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.093265] [ 16.093347] The buggy address belongs to the physical page: [ 16.093560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.094102] flags: 0x200000000000000(node=0|zone=2) [ 16.094260] page_type: f5(slab) [ 16.094428] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.094777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.095144] page dumped because: kasan: bad access detected [ 16.095367] [ 16.095439] Memory state around the buggy address: [ 16.095589] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.095910] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.096231] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.097806] ^ [ 16.098485] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.099248] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.099874] ================================================================== [ 15.581520] ================================================================== [ 15.581881] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.582297] Read of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.582665] [ 15.582759] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.582802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.582815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.582836] Call Trace: [ 15.582850] <TASK> [ 15.582866] dump_stack_lvl+0x73/0xb0 [ 15.582893] print_report+0xd1/0x650 [ 15.582917] ? __virt_addr_valid+0x1db/0x2d0 [ 15.582938] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.582960] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.582983] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.583006] kasan_report+0x141/0x180 [ 15.583029] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.583058] __asan_report_load4_noabort+0x18/0x20 [ 15.583093] kasan_atomics_helper+0x4a02/0x5450 [ 15.583117] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.583141] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.583174] ? kasan_atomics+0x152/0x310 [ 15.583199] kasan_atomics+0x1dc/0x310 [ 15.583219] ? __pfx_kasan_atomics+0x10/0x10 [ 15.583238] ? trace_hardirqs_on+0x37/0xe0 [ 15.583261] ? __pfx_read_tsc+0x10/0x10 [ 15.583281] ? ktime_get_ts64+0x86/0x230 [ 15.583314] kunit_try_run_case+0x1a5/0x480 [ 15.583339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.583363] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.583387] ? __kthread_parkme+0x82/0x180 [ 15.583409] ? preempt_count_sub+0x50/0x80 [ 15.583435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.583458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.583481] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.583505] kthread+0x337/0x6f0 [ 15.583523] ? trace_preempt_on+0x20/0xc0 [ 15.583546] ? __pfx_kthread+0x10/0x10 [ 15.583565] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.583587] ? calculate_sigpending+0x7b/0xa0 [ 15.583618] ? __pfx_kthread+0x10/0x10 [ 15.583638] ret_from_fork+0x41/0x80 [ 15.583659] ? __pfx_kthread+0x10/0x10 [ 15.583678] ret_from_fork_asm+0x1a/0x30 [ 15.583721] </TASK> [ 15.583733] [ 15.591740] Allocated by task 284: [ 15.591917] kasan_save_stack+0x45/0x70 [ 15.592119] kasan_save_track+0x18/0x40 [ 15.592338] kasan_save_alloc_info+0x3b/0x50 [ 15.592582] __kasan_kmalloc+0xb7/0xc0 [ 15.592769] __kmalloc_cache_noprof+0x189/0x420 [ 15.592926] kasan_atomics+0x95/0x310 [ 15.593059] kunit_try_run_case+0x1a5/0x480 [ 15.593209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.593482] kthread+0x337/0x6f0 [ 15.593652] ret_from_fork+0x41/0x80 [ 15.593836] ret_from_fork_asm+0x1a/0x30 [ 15.594032] [ 15.594130] The buggy address belongs to the object at ffff888102717100 [ 15.594130] which belongs to the cache kmalloc-64 of size 64 [ 15.594784] The buggy address is located 0 bytes to the right of [ 15.594784] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.595151] [ 15.595224] The buggy address belongs to the physical page: [ 15.595407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.595737] flags: 0x200000000000000(node=0|zone=2) [ 15.595971] page_type: f5(slab) [ 15.596138] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.596495] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.596833] page dumped because: kasan: bad access detected [ 15.597099] [ 15.597194] Memory state around the buggy address: [ 15.597405] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.597785] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.598106] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.598352] ^ [ 15.598511] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.598732] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.599149] ================================================================== [ 16.309293] ================================================================== [ 16.309686] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.309971] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.310314] [ 16.310462] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.310507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.310520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.310541] Call Trace: [ 16.310554] <TASK> [ 16.310569] dump_stack_lvl+0x73/0xb0 [ 16.310597] print_report+0xd1/0x650 [ 16.310621] ? __virt_addr_valid+0x1db/0x2d0 [ 16.310643] ? kasan_atomics_helper+0x224c/0x5450 [ 16.310665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.310692] ? kasan_atomics_helper+0x224c/0x5450 [ 16.310716] kasan_report+0x141/0x180 [ 16.310740] ? kasan_atomics_helper+0x224c/0x5450 [ 16.310767] kasan_check_range+0x10c/0x1c0 [ 16.310790] __kasan_check_write+0x18/0x20 [ 16.310811] kasan_atomics_helper+0x224c/0x5450 [ 16.310834] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.310869] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.310892] ? kasan_atomics+0x152/0x310 [ 16.310927] kasan_atomics+0x1dc/0x310 [ 16.310948] ? __pfx_kasan_atomics+0x10/0x10 [ 16.310968] ? trace_hardirqs_on+0x37/0xe0 [ 16.310991] ? __pfx_read_tsc+0x10/0x10 [ 16.311012] ? ktime_get_ts64+0x86/0x230 [ 16.311036] kunit_try_run_case+0x1a5/0x480 [ 16.311061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.311086] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.311111] ? __kthread_parkme+0x82/0x180 [ 16.311134] ? preempt_count_sub+0x50/0x80 [ 16.311160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.311184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.311208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.311233] kthread+0x337/0x6f0 [ 16.311258] ? trace_preempt_on+0x20/0xc0 [ 16.311281] ? __pfx_kthread+0x10/0x10 [ 16.311300] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.311337] ? calculate_sigpending+0x7b/0xa0 [ 16.311359] ? __pfx_kthread+0x10/0x10 [ 16.311379] ret_from_fork+0x41/0x80 [ 16.311400] ? __pfx_kthread+0x10/0x10 [ 16.311419] ret_from_fork_asm+0x1a/0x30 [ 16.311469] </TASK> [ 16.311481] [ 16.318934] Allocated by task 284: [ 16.319062] kasan_save_stack+0x45/0x70 [ 16.319211] kasan_save_track+0x18/0x40 [ 16.319450] kasan_save_alloc_info+0x3b/0x50 [ 16.319662] __kasan_kmalloc+0xb7/0xc0 [ 16.319851] __kmalloc_cache_noprof+0x189/0x420 [ 16.320069] kasan_atomics+0x95/0x310 [ 16.320253] kunit_try_run_case+0x1a5/0x480 [ 16.320497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.320720] kthread+0x337/0x6f0 [ 16.320840] ret_from_fork+0x41/0x80 [ 16.321025] ret_from_fork_asm+0x1a/0x30 [ 16.321226] [ 16.321355] The buggy address belongs to the object at ffff888102717100 [ 16.321355] which belongs to the cache kmalloc-64 of size 64 [ 16.321867] The buggy address is located 0 bytes to the right of [ 16.321867] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.322324] [ 16.322465] The buggy address belongs to the physical page: [ 16.322722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.323081] flags: 0x200000000000000(node=0|zone=2) [ 16.323259] page_type: f5(slab) [ 16.323396] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.323802] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.324183] page dumped because: kasan: bad access detected [ 16.324366] [ 16.324488] Memory state around the buggy address: [ 16.324743] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.325082] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.325363] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.325706] ^ [ 16.325947] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.326239] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.326536] ================================================================== [ 15.226524] ================================================================== [ 15.226848] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.227369] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.227726] [ 15.227820] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.227869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.227883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.227906] Call Trace: [ 15.227919] <TASK> [ 15.227934] dump_stack_lvl+0x73/0xb0 [ 15.227963] print_report+0xd1/0x650 [ 15.227986] ? __virt_addr_valid+0x1db/0x2d0 [ 15.228009] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.228031] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.228056] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.228079] kasan_report+0x141/0x180 [ 15.228103] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.228131] kasan_check_range+0x10c/0x1c0 [ 15.228153] __kasan_check_write+0x18/0x20 [ 15.228174] kasan_atomics_helper+0x7c7/0x5450 [ 15.228198] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.228222] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.228246] ? kasan_atomics+0x152/0x310 [ 15.228270] kasan_atomics+0x1dc/0x310 [ 15.228291] ? __pfx_kasan_atomics+0x10/0x10 [ 15.228324] ? trace_hardirqs_on+0x37/0xe0 [ 15.228347] ? __pfx_read_tsc+0x10/0x10 [ 15.228368] ? ktime_get_ts64+0x86/0x230 [ 15.228393] kunit_try_run_case+0x1a5/0x480 [ 15.228417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.228453] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.228478] ? __kthread_parkme+0x82/0x180 [ 15.228500] ? preempt_count_sub+0x50/0x80 [ 15.228527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.228551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.228575] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.228598] kthread+0x337/0x6f0 [ 15.228616] ? trace_preempt_on+0x20/0xc0 [ 15.228639] ? __pfx_kthread+0x10/0x10 [ 15.228659] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.228681] ? calculate_sigpending+0x7b/0xa0 [ 15.228703] ? __pfx_kthread+0x10/0x10 [ 15.228722] ret_from_fork+0x41/0x80 [ 15.228744] ? __pfx_kthread+0x10/0x10 [ 15.228763] ret_from_fork_asm+0x1a/0x30 [ 15.228795] </TASK> [ 15.228808] [ 15.236054] Allocated by task 284: [ 15.236205] kasan_save_stack+0x45/0x70 [ 15.236421] kasan_save_track+0x18/0x40 [ 15.236761] kasan_save_alloc_info+0x3b/0x50 [ 15.236973] __kasan_kmalloc+0xb7/0xc0 [ 15.237166] __kmalloc_cache_noprof+0x189/0x420 [ 15.237402] kasan_atomics+0x95/0x310 [ 15.237628] kunit_try_run_case+0x1a5/0x480 [ 15.237810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.238051] kthread+0x337/0x6f0 [ 15.238206] ret_from_fork+0x41/0x80 [ 15.238352] ret_from_fork_asm+0x1a/0x30 [ 15.238712] [ 15.238809] The buggy address belongs to the object at ffff888102717100 [ 15.238809] which belongs to the cache kmalloc-64 of size 64 [ 15.239218] The buggy address is located 0 bytes to the right of [ 15.239218] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.239854] [ 15.239954] The buggy address belongs to the physical page: [ 15.240179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.240443] flags: 0x200000000000000(node=0|zone=2) [ 15.240606] page_type: f5(slab) [ 15.240729] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.240988] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.241334] page dumped because: kasan: bad access detected [ 15.241788] [ 15.241866] Memory state around the buggy address: [ 15.242023] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.242242] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.242470] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.242733] ^ [ 15.242959] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.243286] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.243616] ================================================================== [ 15.456099] ================================================================== [ 15.456775] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.457107] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.457402] [ 15.457540] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.457587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.457600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.457621] Call Trace: [ 15.457640] <TASK> [ 15.457657] dump_stack_lvl+0x73/0xb0 [ 15.457684] print_report+0xd1/0x650 [ 15.457707] ? __virt_addr_valid+0x1db/0x2d0 [ 15.457729] ? kasan_atomics_helper+0xf10/0x5450 [ 15.457751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.457775] ? kasan_atomics_helper+0xf10/0x5450 [ 15.457797] kasan_report+0x141/0x180 [ 15.457820] ? kasan_atomics_helper+0xf10/0x5450 [ 15.457849] kasan_check_range+0x10c/0x1c0 [ 15.457871] __kasan_check_write+0x18/0x20 [ 15.457891] kasan_atomics_helper+0xf10/0x5450 [ 15.457915] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.457939] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.457962] ? kasan_atomics+0x152/0x310 [ 15.457987] kasan_atomics+0x1dc/0x310 [ 15.458008] ? __pfx_kasan_atomics+0x10/0x10 [ 15.458027] ? trace_hardirqs_on+0x37/0xe0 [ 15.458051] ? __pfx_read_tsc+0x10/0x10 [ 15.458071] ? ktime_get_ts64+0x86/0x230 [ 15.458097] kunit_try_run_case+0x1a5/0x480 [ 15.458123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.458147] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.458173] ? __kthread_parkme+0x82/0x180 [ 15.458196] ? preempt_count_sub+0x50/0x80 [ 15.458221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.458245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.458269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.458293] kthread+0x337/0x6f0 [ 15.458322] ? trace_preempt_on+0x20/0xc0 [ 15.458346] ? __pfx_kthread+0x10/0x10 [ 15.458365] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.458387] ? calculate_sigpending+0x7b/0xa0 [ 15.458409] ? __pfx_kthread+0x10/0x10 [ 15.458447] ret_from_fork+0x41/0x80 [ 15.458468] ? __pfx_kthread+0x10/0x10 [ 15.458488] ret_from_fork_asm+0x1a/0x30 [ 15.458521] </TASK> [ 15.458533] [ 15.465629] Allocated by task 284: [ 15.465804] kasan_save_stack+0x45/0x70 [ 15.466009] kasan_save_track+0x18/0x40 [ 15.466201] kasan_save_alloc_info+0x3b/0x50 [ 15.466420] __kasan_kmalloc+0xb7/0xc0 [ 15.466630] __kmalloc_cache_noprof+0x189/0x420 [ 15.466792] kasan_atomics+0x95/0x310 [ 15.466924] kunit_try_run_case+0x1a5/0x480 [ 15.467139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.467413] kthread+0x337/0x6f0 [ 15.467602] ret_from_fork+0x41/0x80 [ 15.467788] ret_from_fork_asm+0x1a/0x30 [ 15.467966] [ 15.468055] The buggy address belongs to the object at ffff888102717100 [ 15.468055] which belongs to the cache kmalloc-64 of size 64 [ 15.468581] The buggy address is located 0 bytes to the right of [ 15.468581] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.469066] [ 15.469152] The buggy address belongs to the physical page: [ 15.469410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.469685] flags: 0x200000000000000(node=0|zone=2) [ 15.469854] page_type: f5(slab) [ 15.469979] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.470213] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.470585] page dumped because: kasan: bad access detected [ 15.470845] [ 15.470939] Memory state around the buggy address: [ 15.471163] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.471517] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.471834] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.472058] ^ [ 15.472214] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.472951] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.473234] ================================================================== [ 15.728058] ================================================================== [ 15.728377] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.729260] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.729621] [ 15.729731] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.729781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.729796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.729818] Call Trace: [ 15.729833] <TASK> [ 15.729850] dump_stack_lvl+0x73/0xb0 [ 15.729879] print_report+0xd1/0x650 [ 15.729914] ? __virt_addr_valid+0x1db/0x2d0 [ 15.729937] ? kasan_atomics_helper+0x1467/0x5450 [ 15.729960] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.729994] ? kasan_atomics_helper+0x1467/0x5450 [ 15.730017] kasan_report+0x141/0x180 [ 15.730041] ? kasan_atomics_helper+0x1467/0x5450 [ 15.730069] kasan_check_range+0x10c/0x1c0 [ 15.730089] __kasan_check_write+0x18/0x20 [ 15.730110] kasan_atomics_helper+0x1467/0x5450 [ 15.730134] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.730157] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.730181] ? kasan_atomics+0x152/0x310 [ 15.730213] kasan_atomics+0x1dc/0x310 [ 15.730233] ? __pfx_kasan_atomics+0x10/0x10 [ 15.730253] ? trace_hardirqs_on+0x37/0xe0 [ 15.730289] ? __pfx_read_tsc+0x10/0x10 [ 15.730318] ? ktime_get_ts64+0x86/0x230 [ 15.730344] kunit_try_run_case+0x1a5/0x480 [ 15.730370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.730395] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.730421] ? __kthread_parkme+0x82/0x180 [ 15.730453] ? preempt_count_sub+0x50/0x80 [ 15.730480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.730504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.730528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.730552] kthread+0x337/0x6f0 [ 15.730569] ? trace_preempt_on+0x20/0xc0 [ 15.730593] ? __pfx_kthread+0x10/0x10 [ 15.730611] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.730634] ? calculate_sigpending+0x7b/0xa0 [ 15.730656] ? __pfx_kthread+0x10/0x10 [ 15.730680] ret_from_fork+0x41/0x80 [ 15.730702] ? __pfx_kthread+0x10/0x10 [ 15.730721] ret_from_fork_asm+0x1a/0x30 [ 15.730754] </TASK> [ 15.730766] [ 15.738335] Allocated by task 284: [ 15.738556] kasan_save_stack+0x45/0x70 [ 15.738792] kasan_save_track+0x18/0x40 [ 15.739012] kasan_save_alloc_info+0x3b/0x50 [ 15.739225] __kasan_kmalloc+0xb7/0xc0 [ 15.739452] __kmalloc_cache_noprof+0x189/0x420 [ 15.739656] kasan_atomics+0x95/0x310 [ 15.739836] kunit_try_run_case+0x1a5/0x480 [ 15.740047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.740264] kthread+0x337/0x6f0 [ 15.740453] ret_from_fork+0x41/0x80 [ 15.740660] ret_from_fork_asm+0x1a/0x30 [ 15.740851] [ 15.740964] The buggy address belongs to the object at ffff888102717100 [ 15.740964] which belongs to the cache kmalloc-64 of size 64 [ 15.741513] The buggy address is located 0 bytes to the right of [ 15.741513] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.741902] [ 15.741977] The buggy address belongs to the physical page: [ 15.742154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.742555] flags: 0x200000000000000(node=0|zone=2) [ 15.742794] page_type: f5(slab) [ 15.743149] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.743400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.743770] page dumped because: kasan: bad access detected [ 15.744078] [ 15.744198] Memory state around the buggy address: [ 15.744400] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.744620] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.744839] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.745428] ^ [ 15.745758] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.746105] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.746327] ================================================================== [ 15.747100] ================================================================== [ 15.747414] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.747760] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.748188] [ 15.748288] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.748343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.748357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.748378] Call Trace: [ 15.748393] <TASK> [ 15.748408] dump_stack_lvl+0x73/0xb0 [ 15.748445] print_report+0xd1/0x650 [ 15.748479] ? __virt_addr_valid+0x1db/0x2d0 [ 15.748501] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.748523] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.748559] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.748583] kasan_report+0x141/0x180 [ 15.748606] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.748635] __asan_report_store8_noabort+0x1b/0x30 [ 15.748658] kasan_atomics_helper+0x50d4/0x5450 [ 15.748682] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.748706] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.748728] ? kasan_atomics+0x152/0x310 [ 15.748751] kasan_atomics+0x1dc/0x310 [ 15.748772] ? __pfx_kasan_atomics+0x10/0x10 [ 15.748792] ? trace_hardirqs_on+0x37/0xe0 [ 15.748825] ? __pfx_read_tsc+0x10/0x10 [ 15.748846] ? ktime_get_ts64+0x86/0x230 [ 15.748871] kunit_try_run_case+0x1a5/0x480 [ 15.748905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.748931] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.748955] ? __kthread_parkme+0x82/0x180 [ 15.748978] ? preempt_count_sub+0x50/0x80 [ 15.749012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.749036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.749059] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.749093] kthread+0x337/0x6f0 [ 15.749111] ? trace_preempt_on+0x20/0xc0 [ 15.749134] ? __pfx_kthread+0x10/0x10 [ 15.749153] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.749183] ? calculate_sigpending+0x7b/0xa0 [ 15.749205] ? __pfx_kthread+0x10/0x10 [ 15.749225] ret_from_fork+0x41/0x80 [ 15.749256] ? __pfx_kthread+0x10/0x10 [ 15.749275] ret_from_fork_asm+0x1a/0x30 [ 15.749316] </TASK> [ 15.749337] [ 15.756914] Allocated by task 284: [ 15.757095] kasan_save_stack+0x45/0x70 [ 15.757241] kasan_save_track+0x18/0x40 [ 15.757389] kasan_save_alloc_info+0x3b/0x50 [ 15.757537] __kasan_kmalloc+0xb7/0xc0 [ 15.757673] __kmalloc_cache_noprof+0x189/0x420 [ 15.757827] kasan_atomics+0x95/0x310 [ 15.757957] kunit_try_run_case+0x1a5/0x480 [ 15.758431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.758702] kthread+0x337/0x6f0 [ 15.758870] ret_from_fork+0x41/0x80 [ 15.759053] ret_from_fork_asm+0x1a/0x30 [ 15.759248] [ 15.759352] The buggy address belongs to the object at ffff888102717100 [ 15.759352] which belongs to the cache kmalloc-64 of size 64 [ 15.760149] The buggy address is located 0 bytes to the right of [ 15.760149] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.760815] [ 15.760927] The buggy address belongs to the physical page: [ 15.761192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.761593] flags: 0x200000000000000(node=0|zone=2) [ 15.761809] page_type: f5(slab) [ 15.761931] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.762163] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.762441] page dumped because: kasan: bad access detected [ 15.762704] [ 15.762800] Memory state around the buggy address: [ 15.763116] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.763473] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.763856] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.764091] ^ [ 15.764337] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.764842] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.765151] ================================================================== [ 16.061397] ================================================================== [ 16.062095] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.062497] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.062827] [ 16.062919] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.062966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.062979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.063002] Call Trace: [ 16.063015] <TASK> [ 16.063030] dump_stack_lvl+0x73/0xb0 [ 16.063057] print_report+0xd1/0x650 [ 16.063080] ? __virt_addr_valid+0x1db/0x2d0 [ 16.063114] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.063136] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.063160] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.063195] kasan_report+0x141/0x180 [ 16.063219] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.063247] kasan_check_range+0x10c/0x1c0 [ 16.063276] __kasan_check_write+0x18/0x20 [ 16.063296] kasan_atomics_helper+0x1e12/0x5450 [ 16.063337] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.063360] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.063384] ? kasan_atomics+0x152/0x310 [ 16.063408] kasan_atomics+0x1dc/0x310 [ 16.063428] ? __pfx_kasan_atomics+0x10/0x10 [ 16.063457] ? trace_hardirqs_on+0x37/0xe0 [ 16.063481] ? __pfx_read_tsc+0x10/0x10 [ 16.063502] ? ktime_get_ts64+0x86/0x230 [ 16.063537] kunit_try_run_case+0x1a5/0x480 [ 16.063562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.063588] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.063614] ? __kthread_parkme+0x82/0x180 [ 16.063645] ? preempt_count_sub+0x50/0x80 [ 16.063671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.063705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.063729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.063753] kthread+0x337/0x6f0 [ 16.063770] ? trace_preempt_on+0x20/0xc0 [ 16.063793] ? __pfx_kthread+0x10/0x10 [ 16.063812] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.063833] ? calculate_sigpending+0x7b/0xa0 [ 16.063855] ? __pfx_kthread+0x10/0x10 [ 16.063875] ret_from_fork+0x41/0x80 [ 16.063896] ? __pfx_kthread+0x10/0x10 [ 16.063915] ret_from_fork_asm+0x1a/0x30 [ 16.063946] </TASK> [ 16.063959] [ 16.071734] Allocated by task 284: [ 16.071882] kasan_save_stack+0x45/0x70 [ 16.072062] kasan_save_track+0x18/0x40 [ 16.072196] kasan_save_alloc_info+0x3b/0x50 [ 16.072358] __kasan_kmalloc+0xb7/0xc0 [ 16.072545] __kmalloc_cache_noprof+0x189/0x420 [ 16.072803] kasan_atomics+0x95/0x310 [ 16.073002] kunit_try_run_case+0x1a5/0x480 [ 16.073160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.073340] kthread+0x337/0x6f0 [ 16.073579] ret_from_fork+0x41/0x80 [ 16.073792] ret_from_fork_asm+0x1a/0x30 [ 16.073991] [ 16.074085] The buggy address belongs to the object at ffff888102717100 [ 16.074085] which belongs to the cache kmalloc-64 of size 64 [ 16.074652] The buggy address is located 0 bytes to the right of [ 16.074652] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.075168] [ 16.075268] The buggy address belongs to the physical page: [ 16.075545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.075876] flags: 0x200000000000000(node=0|zone=2) [ 16.076106] page_type: f5(slab) [ 16.076266] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.076632] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.076954] page dumped because: kasan: bad access detected [ 16.077180] [ 16.077250] Memory state around the buggy address: [ 16.077415] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.077625] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.077863] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.078399] ^ [ 16.078643] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.078864] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.079071] ================================================================== [ 16.223805] ================================================================== [ 16.224555] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.224876] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.225106] [ 16.225197] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.225243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.225258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.225279] Call Trace: [ 16.225298] <TASK> [ 16.225329] dump_stack_lvl+0x73/0xb0 [ 16.225357] print_report+0xd1/0x650 [ 16.225380] ? __virt_addr_valid+0x1db/0x2d0 [ 16.225403] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.225452] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.225476] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.225499] kasan_report+0x141/0x180 [ 16.225523] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.225550] kasan_check_range+0x10c/0x1c0 [ 16.225572] __kasan_check_write+0x18/0x20 [ 16.225592] kasan_atomics_helper+0x20c8/0x5450 [ 16.225617] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.225641] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.225663] ? kasan_atomics+0x152/0x310 [ 16.225686] kasan_atomics+0x1dc/0x310 [ 16.225707] ? __pfx_kasan_atomics+0x10/0x10 [ 16.225727] ? trace_hardirqs_on+0x37/0xe0 [ 16.225750] ? __pfx_read_tsc+0x10/0x10 [ 16.225771] ? ktime_get_ts64+0x86/0x230 [ 16.225797] kunit_try_run_case+0x1a5/0x480 [ 16.225822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.225847] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.225872] ? __kthread_parkme+0x82/0x180 [ 16.225894] ? preempt_count_sub+0x50/0x80 [ 16.225920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.225944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.225968] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.225992] kthread+0x337/0x6f0 [ 16.226009] ? trace_preempt_on+0x20/0xc0 [ 16.226033] ? __pfx_kthread+0x10/0x10 [ 16.226052] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.226074] ? calculate_sigpending+0x7b/0xa0 [ 16.226097] ? __pfx_kthread+0x10/0x10 [ 16.226117] ret_from_fork+0x41/0x80 [ 16.226140] ? __pfx_kthread+0x10/0x10 [ 16.226159] ret_from_fork_asm+0x1a/0x30 [ 16.226192] </TASK> [ 16.226206] [ 16.233593] Allocated by task 284: [ 16.233725] kasan_save_stack+0x45/0x70 [ 16.233870] kasan_save_track+0x18/0x40 [ 16.234031] kasan_save_alloc_info+0x3b/0x50 [ 16.234244] __kasan_kmalloc+0xb7/0xc0 [ 16.234446] __kmalloc_cache_noprof+0x189/0x420 [ 16.234668] kasan_atomics+0x95/0x310 [ 16.234856] kunit_try_run_case+0x1a5/0x480 [ 16.235041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.235217] kthread+0x337/0x6f0 [ 16.235394] ret_from_fork+0x41/0x80 [ 16.235765] ret_from_fork_asm+0x1a/0x30 [ 16.235964] [ 16.236060] The buggy address belongs to the object at ffff888102717100 [ 16.236060] which belongs to the cache kmalloc-64 of size 64 [ 16.236557] The buggy address is located 0 bytes to the right of [ 16.236557] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.236960] [ 16.237034] The buggy address belongs to the physical page: [ 16.237207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.238356] flags: 0x200000000000000(node=0|zone=2) [ 16.238979] page_type: f5(slab) [ 16.239561] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.240578] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.241330] page dumped because: kasan: bad access detected [ 16.241918] [ 16.241999] Memory state around the buggy address: [ 16.242162] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.242865] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.243716] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.244592] ^ [ 16.245052] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.245614] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.245840] ================================================================== [ 15.327343] ================================================================== [ 15.327703] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.328029] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.328355] [ 15.328474] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.328522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.328536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.328557] Call Trace: [ 15.328574] <TASK> [ 15.328591] dump_stack_lvl+0x73/0xb0 [ 15.328620] print_report+0xd1/0x650 [ 15.328643] ? __virt_addr_valid+0x1db/0x2d0 [ 15.328665] ? kasan_atomics_helper+0xac7/0x5450 [ 15.328687] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.328711] ? kasan_atomics_helper+0xac7/0x5450 [ 15.328734] kasan_report+0x141/0x180 [ 15.328757] ? kasan_atomics_helper+0xac7/0x5450 [ 15.328785] kasan_check_range+0x10c/0x1c0 [ 15.328806] __kasan_check_write+0x18/0x20 [ 15.328827] kasan_atomics_helper+0xac7/0x5450 [ 15.328851] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.328876] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.328898] ? kasan_atomics+0x152/0x310 [ 15.328923] kasan_atomics+0x1dc/0x310 [ 15.328944] ? __pfx_kasan_atomics+0x10/0x10 [ 15.328966] ? trace_hardirqs_on+0x37/0xe0 [ 15.328992] ? __pfx_read_tsc+0x10/0x10 [ 15.329013] ? ktime_get_ts64+0x86/0x230 [ 15.329039] kunit_try_run_case+0x1a5/0x480 [ 15.329064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.329089] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.329114] ? __kthread_parkme+0x82/0x180 [ 15.329137] ? preempt_count_sub+0x50/0x80 [ 15.329163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.329187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.329211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.329235] kthread+0x337/0x6f0 [ 15.329253] ? trace_preempt_on+0x20/0xc0 [ 15.329276] ? __pfx_kthread+0x10/0x10 [ 15.329296] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.329329] ? calculate_sigpending+0x7b/0xa0 [ 15.329351] ? __pfx_kthread+0x10/0x10 [ 15.329371] ret_from_fork+0x41/0x80 [ 15.329394] ? __pfx_kthread+0x10/0x10 [ 15.329413] ret_from_fork_asm+0x1a/0x30 [ 15.329464] </TASK> [ 15.329477] [ 15.336632] Allocated by task 284: [ 15.336766] kasan_save_stack+0x45/0x70 [ 15.336912] kasan_save_track+0x18/0x40 [ 15.337082] kasan_save_alloc_info+0x3b/0x50 [ 15.337293] __kasan_kmalloc+0xb7/0xc0 [ 15.337519] __kmalloc_cache_noprof+0x189/0x420 [ 15.337753] kasan_atomics+0x95/0x310 [ 15.337945] kunit_try_run_case+0x1a5/0x480 [ 15.338154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.338417] kthread+0x337/0x6f0 [ 15.338611] ret_from_fork+0x41/0x80 [ 15.338774] ret_from_fork_asm+0x1a/0x30 [ 15.338964] [ 15.339062] The buggy address belongs to the object at ffff888102717100 [ 15.339062] which belongs to the cache kmalloc-64 of size 64 [ 15.339540] The buggy address is located 0 bytes to the right of [ 15.339540] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.340042] [ 15.340117] The buggy address belongs to the physical page: [ 15.340292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.340589] flags: 0x200000000000000(node=0|zone=2) [ 15.340823] page_type: f5(slab) [ 15.340993] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.341347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.341700] page dumped because: kasan: bad access detected [ 15.341908] [ 15.341980] Memory state around the buggy address: [ 15.342137] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.342364] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.342652] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.342985] ^ [ 15.343218] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.343578] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.343904] ================================================================== [ 15.344883] ================================================================== [ 15.345241] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.345557] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.345788] [ 15.345901] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.345946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.345960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.345981] Call Trace: [ 15.345996] <TASK> [ 15.346011] dump_stack_lvl+0x73/0xb0 [ 15.346040] print_report+0xd1/0x650 [ 15.346063] ? __virt_addr_valid+0x1db/0x2d0 [ 15.346085] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.346107] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.346131] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.346154] kasan_report+0x141/0x180 [ 15.346177] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.346205] kasan_check_range+0x10c/0x1c0 [ 15.346227] __kasan_check_write+0x18/0x20 [ 15.346247] kasan_atomics_helper+0xb6a/0x5450 [ 15.346271] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.346295] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.346327] ? kasan_atomics+0x152/0x310 [ 15.346352] kasan_atomics+0x1dc/0x310 [ 15.346371] ? __pfx_kasan_atomics+0x10/0x10 [ 15.346391] ? trace_hardirqs_on+0x37/0xe0 [ 15.346416] ? __pfx_read_tsc+0x10/0x10 [ 15.346456] ? ktime_get_ts64+0x86/0x230 [ 15.346482] kunit_try_run_case+0x1a5/0x480 [ 15.346508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.346532] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.346558] ? __kthread_parkme+0x82/0x180 [ 15.346581] ? preempt_count_sub+0x50/0x80 [ 15.346606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.346632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.346654] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.346684] kthread+0x337/0x6f0 [ 15.346702] ? trace_preempt_on+0x20/0xc0 [ 15.346725] ? __pfx_kthread+0x10/0x10 [ 15.346744] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.346768] ? calculate_sigpending+0x7b/0xa0 [ 15.346791] ? __pfx_kthread+0x10/0x10 [ 15.346811] ret_from_fork+0x41/0x80 [ 15.346832] ? __pfx_kthread+0x10/0x10 [ 15.346856] ret_from_fork_asm+0x1a/0x30 [ 15.346891] </TASK> [ 15.346904] [ 15.354190] Allocated by task 284: [ 15.354386] kasan_save_stack+0x45/0x70 [ 15.354612] kasan_save_track+0x18/0x40 [ 15.354809] kasan_save_alloc_info+0x3b/0x50 [ 15.354987] __kasan_kmalloc+0xb7/0xc0 [ 15.355180] __kmalloc_cache_noprof+0x189/0x420 [ 15.355357] kasan_atomics+0x95/0x310 [ 15.355515] kunit_try_run_case+0x1a5/0x480 [ 15.355667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.355859] kthread+0x337/0x6f0 [ 15.356028] ret_from_fork+0x41/0x80 [ 15.356217] ret_from_fork_asm+0x1a/0x30 [ 15.356442] [ 15.356541] The buggy address belongs to the object at ffff888102717100 [ 15.356541] which belongs to the cache kmalloc-64 of size 64 [ 15.357011] The buggy address is located 0 bytes to the right of [ 15.357011] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.357389] [ 15.357512] The buggy address belongs to the physical page: [ 15.357769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.358124] flags: 0x200000000000000(node=0|zone=2) [ 15.358368] page_type: f5(slab) [ 15.358559] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.358900] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.359131] page dumped because: kasan: bad access detected [ 15.359316] [ 15.359412] Memory state around the buggy address: [ 15.359660] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.360000] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.360351] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.360676] ^ [ 15.360866] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.361084] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.361344] ================================================================== [ 15.399588] ================================================================== [ 15.399984] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.400334] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.400662] [ 15.400765] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.400813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.400827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.400850] Call Trace: [ 15.400867] <TASK> [ 15.400884] dump_stack_lvl+0x73/0xb0 [ 15.400912] print_report+0xd1/0x650 [ 15.400935] ? __virt_addr_valid+0x1db/0x2d0 [ 15.400958] ? kasan_atomics_helper+0xd47/0x5450 [ 15.400980] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.401003] ? kasan_atomics_helper+0xd47/0x5450 [ 15.401027] kasan_report+0x141/0x180 [ 15.401051] ? kasan_atomics_helper+0xd47/0x5450 [ 15.401079] kasan_check_range+0x10c/0x1c0 [ 15.401101] __kasan_check_write+0x18/0x20 [ 15.401122] kasan_atomics_helper+0xd47/0x5450 [ 15.401146] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.401170] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.401193] ? kasan_atomics+0x152/0x310 [ 15.401218] kasan_atomics+0x1dc/0x310 [ 15.401239] ? __pfx_kasan_atomics+0x10/0x10 [ 15.401260] ? trace_hardirqs_on+0x37/0xe0 [ 15.401284] ? __pfx_read_tsc+0x10/0x10 [ 15.401315] ? ktime_get_ts64+0x86/0x230 [ 15.401342] kunit_try_run_case+0x1a5/0x480 [ 15.401367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.401392] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.401417] ? __kthread_parkme+0x82/0x180 [ 15.401460] ? preempt_count_sub+0x50/0x80 [ 15.401487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.401511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.401535] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.401560] kthread+0x337/0x6f0 [ 15.401578] ? trace_preempt_on+0x20/0xc0 [ 15.401602] ? __pfx_kthread+0x10/0x10 [ 15.401621] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.401643] ? calculate_sigpending+0x7b/0xa0 [ 15.401665] ? __pfx_kthread+0x10/0x10 [ 15.401685] ret_from_fork+0x41/0x80 [ 15.401707] ? __pfx_kthread+0x10/0x10 [ 15.401726] ret_from_fork_asm+0x1a/0x30 [ 15.401759] </TASK> [ 15.401772] [ 15.408884] Allocated by task 284: [ 15.409052] kasan_save_stack+0x45/0x70 [ 15.409251] kasan_save_track+0x18/0x40 [ 15.409482] kasan_save_alloc_info+0x3b/0x50 [ 15.409691] __kasan_kmalloc+0xb7/0xc0 [ 15.409880] __kmalloc_cache_noprof+0x189/0x420 [ 15.410100] kasan_atomics+0x95/0x310 [ 15.410284] kunit_try_run_case+0x1a5/0x480 [ 15.410465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.410645] kthread+0x337/0x6f0 [ 15.410779] ret_from_fork+0x41/0x80 [ 15.410966] ret_from_fork_asm+0x1a/0x30 [ 15.411170] [ 15.411265] The buggy address belongs to the object at ffff888102717100 [ 15.411265] which belongs to the cache kmalloc-64 of size 64 [ 15.411838] The buggy address is located 0 bytes to the right of [ 15.411838] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.412345] [ 15.412465] The buggy address belongs to the physical page: [ 15.412694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.413010] flags: 0x200000000000000(node=0|zone=2) [ 15.413232] page_type: f5(slab) [ 15.413400] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.413717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.414010] page dumped because: kasan: bad access detected [ 15.414252] [ 15.414354] Memory state around the buggy address: [ 15.414576] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.414851] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.415136] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.415417] ^ [ 15.415594] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.415812] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.416027] ================================================================== [ 15.860534] ================================================================== [ 15.861061] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 15.861409] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.861748] [ 15.861854] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.861910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.861924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.861946] Call Trace: [ 15.861963] <TASK> [ 15.861990] dump_stack_lvl+0x73/0xb0 [ 15.862019] print_report+0xd1/0x650 [ 15.862041] ? __virt_addr_valid+0x1db/0x2d0 [ 15.862063] ? kasan_atomics_helper+0x1818/0x5450 [ 15.862085] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.862108] ? kasan_atomics_helper+0x1818/0x5450 [ 15.862131] kasan_report+0x141/0x180 [ 15.862154] ? kasan_atomics_helper+0x1818/0x5450 [ 15.862191] kasan_check_range+0x10c/0x1c0 [ 15.862212] __kasan_check_write+0x18/0x20 [ 15.862232] kasan_atomics_helper+0x1818/0x5450 [ 15.862268] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.862291] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.862322] ? kasan_atomics+0x152/0x310 [ 15.862346] kasan_atomics+0x1dc/0x310 [ 15.862376] ? __pfx_kasan_atomics+0x10/0x10 [ 15.862396] ? trace_hardirqs_on+0x37/0xe0 [ 15.862420] ? __pfx_read_tsc+0x10/0x10 [ 15.862450] ? ktime_get_ts64+0x86/0x230 [ 15.862475] kunit_try_run_case+0x1a5/0x480 [ 15.862500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.862525] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.862550] ? __kthread_parkme+0x82/0x180 [ 15.862572] ? preempt_count_sub+0x50/0x80 [ 15.862598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.862622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.862645] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.862668] kthread+0x337/0x6f0 [ 15.862690] ? trace_preempt_on+0x20/0xc0 [ 15.862713] ? __pfx_kthread+0x10/0x10 [ 15.862732] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.862754] ? calculate_sigpending+0x7b/0xa0 [ 15.862776] ? __pfx_kthread+0x10/0x10 [ 15.862796] ret_from_fork+0x41/0x80 [ 15.862817] ? __pfx_kthread+0x10/0x10 [ 15.862836] ret_from_fork_asm+0x1a/0x30 [ 15.862868] </TASK> [ 15.862879] [ 15.870968] Allocated by task 284: [ 15.871178] kasan_save_stack+0x45/0x70 [ 15.871371] kasan_save_track+0x18/0x40 [ 15.871618] kasan_save_alloc_info+0x3b/0x50 [ 15.871834] __kasan_kmalloc+0xb7/0xc0 [ 15.872023] __kmalloc_cache_noprof+0x189/0x420 [ 15.872244] kasan_atomics+0x95/0x310 [ 15.872446] kunit_try_run_case+0x1a5/0x480 [ 15.872669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.872930] kthread+0x337/0x6f0 [ 15.873111] ret_from_fork+0x41/0x80 [ 15.873317] ret_from_fork_asm+0x1a/0x30 [ 15.873518] [ 15.873604] The buggy address belongs to the object at ffff888102717100 [ 15.873604] which belongs to the cache kmalloc-64 of size 64 [ 15.873955] The buggy address is located 0 bytes to the right of [ 15.873955] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.874326] [ 15.874436] The buggy address belongs to the physical page: [ 15.874757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.875122] flags: 0x200000000000000(node=0|zone=2) [ 15.875367] page_type: f5(slab) [ 15.875649] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.875991] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.876221] page dumped because: kasan: bad access detected [ 15.876404] [ 15.876570] Memory state around the buggy address: [ 15.876825] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.877180] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.877576] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.877901] ^ [ 15.878114] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.878424] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.878747] ================================================================== [ 15.920285] ================================================================== [ 15.920831] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.921143] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.921627] [ 15.921860] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.922075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.922094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.922116] Call Trace: [ 15.922131] <TASK> [ 15.922147] dump_stack_lvl+0x73/0xb0 [ 15.922176] print_report+0xd1/0x650 [ 15.922200] ? __virt_addr_valid+0x1db/0x2d0 [ 15.922221] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.922244] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.922267] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.922290] kasan_report+0x141/0x180 [ 15.922323] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.922351] kasan_check_range+0x10c/0x1c0 [ 15.922373] __kasan_check_write+0x18/0x20 [ 15.922393] kasan_atomics_helper+0x19e3/0x5450 [ 15.922417] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.922506] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.922544] ? kasan_atomics+0x152/0x310 [ 15.922569] kasan_atomics+0x1dc/0x310 [ 15.922601] ? __pfx_kasan_atomics+0x10/0x10 [ 15.922621] ? trace_hardirqs_on+0x37/0xe0 [ 15.922644] ? __pfx_read_tsc+0x10/0x10 [ 15.922697] ? ktime_get_ts64+0x86/0x230 [ 15.922723] kunit_try_run_case+0x1a5/0x480 [ 15.922748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.922773] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.922797] ? __kthread_parkme+0x82/0x180 [ 15.922819] ? preempt_count_sub+0x50/0x80 [ 15.922845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.922869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.922892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.922915] kthread+0x337/0x6f0 [ 15.922933] ? trace_preempt_on+0x20/0xc0 [ 15.922956] ? __pfx_kthread+0x10/0x10 [ 15.922975] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.922997] ? calculate_sigpending+0x7b/0xa0 [ 15.923018] ? __pfx_kthread+0x10/0x10 [ 15.923038] ret_from_fork+0x41/0x80 [ 15.923059] ? __pfx_kthread+0x10/0x10 [ 15.923078] ret_from_fork_asm+0x1a/0x30 [ 15.923110] </TASK> [ 15.923122] [ 15.934223] Allocated by task 284: [ 15.934405] kasan_save_stack+0x45/0x70 [ 15.934864] kasan_save_track+0x18/0x40 [ 15.935059] kasan_save_alloc_info+0x3b/0x50 [ 15.935243] __kasan_kmalloc+0xb7/0xc0 [ 15.935403] __kmalloc_cache_noprof+0x189/0x420 [ 15.935571] kasan_atomics+0x95/0x310 [ 15.935782] kunit_try_run_case+0x1a5/0x480 [ 15.935985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.936236] kthread+0x337/0x6f0 [ 15.936427] ret_from_fork+0x41/0x80 [ 15.936672] ret_from_fork_asm+0x1a/0x30 [ 15.936813] [ 15.936958] The buggy address belongs to the object at ffff888102717100 [ 15.936958] which belongs to the cache kmalloc-64 of size 64 [ 15.937550] The buggy address is located 0 bytes to the right of [ 15.937550] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.938039] [ 15.938151] The buggy address belongs to the physical page: [ 15.938357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.938635] flags: 0x200000000000000(node=0|zone=2) [ 15.939007] page_type: f5(slab) [ 15.939182] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.939642] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.939997] page dumped because: kasan: bad access detected [ 15.940172] [ 15.940248] Memory state around the buggy address: [ 15.940522] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.940821] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.941173] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.941498] ^ [ 15.941729] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.942030] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.942346] ================================================================== [ 15.563231] ================================================================== [ 15.563603] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.563840] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.564499] [ 15.564612] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.564669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.564683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.564705] Call Trace: [ 15.564730] <TASK> [ 15.564745] dump_stack_lvl+0x73/0xb0 [ 15.564775] print_report+0xd1/0x650 [ 15.564798] ? __virt_addr_valid+0x1db/0x2d0 [ 15.564819] ? kasan_atomics_helper+0x1148/0x5450 [ 15.564841] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.564865] ? kasan_atomics_helper+0x1148/0x5450 [ 15.564889] kasan_report+0x141/0x180 [ 15.564912] ? kasan_atomics_helper+0x1148/0x5450 [ 15.564940] kasan_check_range+0x10c/0x1c0 [ 15.564961] __kasan_check_write+0x18/0x20 [ 15.564982] kasan_atomics_helper+0x1148/0x5450 [ 15.565006] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.565029] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.565051] ? kasan_atomics+0x152/0x310 [ 15.565085] kasan_atomics+0x1dc/0x310 [ 15.565106] ? __pfx_kasan_atomics+0x10/0x10 [ 15.565126] ? trace_hardirqs_on+0x37/0xe0 [ 15.565160] ? __pfx_read_tsc+0x10/0x10 [ 15.565180] ? ktime_get_ts64+0x86/0x230 [ 15.565206] kunit_try_run_case+0x1a5/0x480 [ 15.565236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.565261] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.565286] ? __kthread_parkme+0x82/0x180 [ 15.565324] ? preempt_count_sub+0x50/0x80 [ 15.565350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.565374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.565397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.565429] kthread+0x337/0x6f0 [ 15.565456] ? trace_preempt_on+0x20/0xc0 [ 15.565480] ? __pfx_kthread+0x10/0x10 [ 15.565509] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.565531] ? calculate_sigpending+0x7b/0xa0 [ 15.565553] ? __pfx_kthread+0x10/0x10 [ 15.565572] ret_from_fork+0x41/0x80 [ 15.565594] ? __pfx_kthread+0x10/0x10 [ 15.565613] ret_from_fork_asm+0x1a/0x30 [ 15.565645] </TASK> [ 15.565656] [ 15.573364] Allocated by task 284: [ 15.573496] kasan_save_stack+0x45/0x70 [ 15.573642] kasan_save_track+0x18/0x40 [ 15.573780] kasan_save_alloc_info+0x3b/0x50 [ 15.573990] __kasan_kmalloc+0xb7/0xc0 [ 15.574181] __kmalloc_cache_noprof+0x189/0x420 [ 15.574434] kasan_atomics+0x95/0x310 [ 15.574623] kunit_try_run_case+0x1a5/0x480 [ 15.574834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.575091] kthread+0x337/0x6f0 [ 15.575286] ret_from_fork+0x41/0x80 [ 15.575513] ret_from_fork_asm+0x1a/0x30 [ 15.575710] [ 15.575804] The buggy address belongs to the object at ffff888102717100 [ 15.575804] which belongs to the cache kmalloc-64 of size 64 [ 15.576219] The buggy address is located 0 bytes to the right of [ 15.576219] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.576982] [ 15.577056] The buggy address belongs to the physical page: [ 15.577229] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.577799] flags: 0x200000000000000(node=0|zone=2) [ 15.578059] page_type: f5(slab) [ 15.578251] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.578613] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.578849] page dumped because: kasan: bad access detected [ 15.579024] [ 15.579095] Memory state around the buggy address: [ 15.579299] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.579669] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.579991] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.580299] ^ [ 15.580560] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.580873] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.581120] ================================================================== [ 16.159458] ================================================================== [ 16.160255] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.161083] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.162062] [ 16.162283] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.162432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.162448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.162470] Call Trace: [ 16.162485] <TASK> [ 16.162501] dump_stack_lvl+0x73/0xb0 [ 16.162531] print_report+0xd1/0x650 [ 16.162555] ? __virt_addr_valid+0x1db/0x2d0 [ 16.162578] ? kasan_atomics_helper+0x2006/0x5450 [ 16.162693] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.162721] ? kasan_atomics_helper+0x2006/0x5450 [ 16.162745] kasan_report+0x141/0x180 [ 16.162769] ? kasan_atomics_helper+0x2006/0x5450 [ 16.162797] kasan_check_range+0x10c/0x1c0 [ 16.162819] __kasan_check_write+0x18/0x20 [ 16.162840] kasan_atomics_helper+0x2006/0x5450 [ 16.162866] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.162890] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.162913] ? kasan_atomics+0x152/0x310 [ 16.162937] kasan_atomics+0x1dc/0x310 [ 16.162957] ? __pfx_kasan_atomics+0x10/0x10 [ 16.162977] ? trace_hardirqs_on+0x37/0xe0 [ 16.163001] ? __pfx_read_tsc+0x10/0x10 [ 16.163021] ? ktime_get_ts64+0x86/0x230 [ 16.163047] kunit_try_run_case+0x1a5/0x480 [ 16.163071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.163096] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.163121] ? __kthread_parkme+0x82/0x180 [ 16.163144] ? preempt_count_sub+0x50/0x80 [ 16.163170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.163195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.163218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.163242] kthread+0x337/0x6f0 [ 16.163260] ? trace_preempt_on+0x20/0xc0 [ 16.163283] ? __pfx_kthread+0x10/0x10 [ 16.163313] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.163335] ? calculate_sigpending+0x7b/0xa0 [ 16.163358] ? __pfx_kthread+0x10/0x10 [ 16.163377] ret_from_fork+0x41/0x80 [ 16.163399] ? __pfx_kthread+0x10/0x10 [ 16.163418] ret_from_fork_asm+0x1a/0x30 [ 16.163450] </TASK> [ 16.163462] [ 16.177463] Allocated by task 284: [ 16.177635] kasan_save_stack+0x45/0x70 [ 16.177815] kasan_save_track+0x18/0x40 [ 16.177976] kasan_save_alloc_info+0x3b/0x50 [ 16.178156] __kasan_kmalloc+0xb7/0xc0 [ 16.178906] __kmalloc_cache_noprof+0x189/0x420 [ 16.179777] kasan_atomics+0x95/0x310 [ 16.180238] kunit_try_run_case+0x1a5/0x480 [ 16.180970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.181587] kthread+0x337/0x6f0 [ 16.182076] ret_from_fork+0x41/0x80 [ 16.182671] ret_from_fork_asm+0x1a/0x30 [ 16.183215] [ 16.183631] The buggy address belongs to the object at ffff888102717100 [ 16.183631] which belongs to the cache kmalloc-64 of size 64 [ 16.185097] The buggy address is located 0 bytes to the right of [ 16.185097] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.186698] [ 16.187005] The buggy address belongs to the physical page: [ 16.187677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.187948] flags: 0x200000000000000(node=0|zone=2) [ 16.188118] page_type: f5(slab) [ 16.188244] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.188951] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.190015] page dumped because: kasan: bad access detected [ 16.190821] [ 16.191223] Memory state around the buggy address: [ 16.191965] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.192833] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.193063] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.193279] ^ [ 16.193804] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.194463] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.195068] ================================================================== [ 15.646493] ================================================================== [ 15.647219] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.647988] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.648505] [ 15.648705] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.648753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.648767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.648790] Call Trace: [ 15.648803] <TASK> [ 15.648818] dump_stack_lvl+0x73/0xb0 [ 15.648846] print_report+0xd1/0x650 [ 15.648881] ? __virt_addr_valid+0x1db/0x2d0 [ 15.648903] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.648925] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.648960] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.648982] kasan_report+0x141/0x180 [ 15.649006] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.649034] kasan_check_range+0x10c/0x1c0 [ 15.649054] __kasan_check_write+0x18/0x20 [ 15.649076] kasan_atomics_helper+0x12e6/0x5450 [ 15.649100] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.649122] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.649146] ? kasan_atomics+0x152/0x310 [ 15.649170] kasan_atomics+0x1dc/0x310 [ 15.649189] ? __pfx_kasan_atomics+0x10/0x10 [ 15.649209] ? trace_hardirqs_on+0x37/0xe0 [ 15.649232] ? __pfx_read_tsc+0x10/0x10 [ 15.649253] ? ktime_get_ts64+0x86/0x230 [ 15.649279] kunit_try_run_case+0x1a5/0x480 [ 15.649362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.649387] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.649413] ? __kthread_parkme+0x82/0x180 [ 15.649447] ? preempt_count_sub+0x50/0x80 [ 15.649473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.649497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.649520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.649546] kthread+0x337/0x6f0 [ 15.649563] ? trace_preempt_on+0x20/0xc0 [ 15.649586] ? __pfx_kthread+0x10/0x10 [ 15.649605] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.649627] ? calculate_sigpending+0x7b/0xa0 [ 15.649648] ? __pfx_kthread+0x10/0x10 [ 15.649667] ret_from_fork+0x41/0x80 [ 15.649690] ? __pfx_kthread+0x10/0x10 [ 15.649709] ret_from_fork_asm+0x1a/0x30 [ 15.649741] </TASK> [ 15.649754] [ 15.660753] Allocated by task 284: [ 15.660887] kasan_save_stack+0x45/0x70 [ 15.661114] kasan_save_track+0x18/0x40 [ 15.661327] kasan_save_alloc_info+0x3b/0x50 [ 15.661553] __kasan_kmalloc+0xb7/0xc0 [ 15.661742] __kmalloc_cache_noprof+0x189/0x420 [ 15.661898] kasan_atomics+0x95/0x310 [ 15.662030] kunit_try_run_case+0x1a5/0x480 [ 15.662209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.662498] kthread+0x337/0x6f0 [ 15.662701] ret_from_fork+0x41/0x80 [ 15.662954] ret_from_fork_asm+0x1a/0x30 [ 15.663155] [ 15.663262] The buggy address belongs to the object at ffff888102717100 [ 15.663262] which belongs to the cache kmalloc-64 of size 64 [ 15.663815] The buggy address is located 0 bytes to the right of [ 15.663815] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.664357] [ 15.664439] The buggy address belongs to the physical page: [ 15.664752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.665107] flags: 0x200000000000000(node=0|zone=2) [ 15.665347] page_type: f5(slab) [ 15.665523] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.665853] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.666190] page dumped because: kasan: bad access detected [ 15.666448] [ 15.666555] Memory state around the buggy address: [ 15.666777] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.667080] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.667290] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.667643] ^ [ 15.667875] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.668192] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.668507] ================================================================== [ 15.475196] ================================================================== [ 15.475542] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.475783] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.476593] [ 15.477004] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.477056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.477071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.477094] Call Trace: [ 15.477108] <TASK> [ 15.477124] dump_stack_lvl+0x73/0xb0 [ 15.477154] print_report+0xd1/0x650 [ 15.477178] ? __virt_addr_valid+0x1db/0x2d0 [ 15.477200] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.477222] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.477247] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.477269] kasan_report+0x141/0x180 [ 15.477293] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.477332] kasan_check_range+0x10c/0x1c0 [ 15.477354] __kasan_check_write+0x18/0x20 [ 15.477374] kasan_atomics_helper+0xfa9/0x5450 [ 15.477398] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.477422] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.477445] ? kasan_atomics+0x152/0x310 [ 15.477491] kasan_atomics+0x1dc/0x310 [ 15.477512] ? __pfx_kasan_atomics+0x10/0x10 [ 15.477532] ? trace_hardirqs_on+0x37/0xe0 [ 15.477556] ? __pfx_read_tsc+0x10/0x10 [ 15.477576] ? ktime_get_ts64+0x86/0x230 [ 15.477601] kunit_try_run_case+0x1a5/0x480 [ 15.477626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.477650] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.477676] ? __kthread_parkme+0x82/0x180 [ 15.477698] ? preempt_count_sub+0x50/0x80 [ 15.477724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.477749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.477772] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.477795] kthread+0x337/0x6f0 [ 15.477813] ? trace_preempt_on+0x20/0xc0 [ 15.477836] ? __pfx_kthread+0x10/0x10 [ 15.477856] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.477877] ? calculate_sigpending+0x7b/0xa0 [ 15.477899] ? __pfx_kthread+0x10/0x10 [ 15.477918] ret_from_fork+0x41/0x80 [ 15.477940] ? __pfx_kthread+0x10/0x10 [ 15.477959] ret_from_fork_asm+0x1a/0x30 [ 15.477991] </TASK> [ 15.478004] [ 15.489875] Allocated by task 284: [ 15.490106] kasan_save_stack+0x45/0x70 [ 15.490531] kasan_save_track+0x18/0x40 [ 15.490849] kasan_save_alloc_info+0x3b/0x50 [ 15.491191] __kasan_kmalloc+0xb7/0xc0 [ 15.491370] __kmalloc_cache_noprof+0x189/0x420 [ 15.491823] kasan_atomics+0x95/0x310 [ 15.492172] kunit_try_run_case+0x1a5/0x480 [ 15.492413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.492901] kthread+0x337/0x6f0 [ 15.493023] ret_from_fork+0x41/0x80 [ 15.493154] ret_from_fork_asm+0x1a/0x30 [ 15.493296] [ 15.493380] The buggy address belongs to the object at ffff888102717100 [ 15.493380] which belongs to the cache kmalloc-64 of size 64 [ 15.494433] The buggy address is located 0 bytes to the right of [ 15.494433] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.495564] [ 15.495785] The buggy address belongs to the physical page: [ 15.496284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.496984] flags: 0x200000000000000(node=0|zone=2) [ 15.497366] page_type: f5(slab) [ 15.497519] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.498181] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.498780] page dumped because: kasan: bad access detected [ 15.499130] [ 15.499327] Memory state around the buggy address: [ 15.499658] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.500016] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.500235] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.500472] ^ [ 15.500639] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.500982] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.501264] ================================================================== [ 15.688235] ================================================================== [ 15.688930] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.689271] Read of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.689670] [ 15.689774] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.689825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.689839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.689863] Call Trace: [ 15.689886] <TASK> [ 15.689910] dump_stack_lvl+0x73/0xb0 [ 15.689942] print_report+0xd1/0x650 [ 15.689967] ? __virt_addr_valid+0x1db/0x2d0 [ 15.689992] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.690014] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.690038] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.690061] kasan_report+0x141/0x180 [ 15.690084] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.690113] kasan_check_range+0x10c/0x1c0 [ 15.690133] __kasan_check_read+0x15/0x20 [ 15.690154] kasan_atomics_helper+0x13b5/0x5450 [ 15.690178] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.690201] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.690224] ? kasan_atomics+0x152/0x310 [ 15.690248] kasan_atomics+0x1dc/0x310 [ 15.690268] ? __pfx_kasan_atomics+0x10/0x10 [ 15.690288] ? trace_hardirqs_on+0x37/0xe0 [ 15.690323] ? __pfx_read_tsc+0x10/0x10 [ 15.690345] ? ktime_get_ts64+0x86/0x230 [ 15.690372] kunit_try_run_case+0x1a5/0x480 [ 15.690400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.690425] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.690453] ? __kthread_parkme+0x82/0x180 [ 15.690475] ? preempt_count_sub+0x50/0x80 [ 15.690502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.690526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.690549] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.690573] kthread+0x337/0x6f0 [ 15.690590] ? trace_preempt_on+0x20/0xc0 [ 15.690613] ? __pfx_kthread+0x10/0x10 [ 15.690632] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.690654] ? calculate_sigpending+0x7b/0xa0 [ 15.690682] ? __pfx_kthread+0x10/0x10 [ 15.690701] ret_from_fork+0x41/0x80 [ 15.690723] ? __pfx_kthread+0x10/0x10 [ 15.690741] ret_from_fork_asm+0x1a/0x30 [ 15.690775] </TASK> [ 15.690789] [ 15.698544] Allocated by task 284: [ 15.698736] kasan_save_stack+0x45/0x70 [ 15.698946] kasan_save_track+0x18/0x40 [ 15.699142] kasan_save_alloc_info+0x3b/0x50 [ 15.699367] __kasan_kmalloc+0xb7/0xc0 [ 15.699629] __kmalloc_cache_noprof+0x189/0x420 [ 15.699837] kasan_atomics+0x95/0x310 [ 15.699976] kunit_try_run_case+0x1a5/0x480 [ 15.700124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.700298] kthread+0x337/0x6f0 [ 15.700501] ret_from_fork+0x41/0x80 [ 15.700794] ret_from_fork_asm+0x1a/0x30 [ 15.701045] [ 15.701143] The buggy address belongs to the object at ffff888102717100 [ 15.701143] which belongs to the cache kmalloc-64 of size 64 [ 15.701780] The buggy address is located 0 bytes to the right of [ 15.701780] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.702149] [ 15.702226] The buggy address belongs to the physical page: [ 15.702577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.702955] flags: 0x200000000000000(node=0|zone=2) [ 15.703230] page_type: f5(slab) [ 15.703414] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.703803] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.704175] page dumped because: kasan: bad access detected [ 15.704362] [ 15.704442] Memory state around the buggy address: [ 15.704640] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.705002] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.705561] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.705812] ^ [ 15.706064] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.706371] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.706737] ================================================================== [ 16.022383] ================================================================== [ 16.023119] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.023417] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.023686] [ 16.023775] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.023821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.023835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.023868] Call Trace: [ 16.023886] <TASK> [ 16.023903] dump_stack_lvl+0x73/0xb0 [ 16.023942] print_report+0xd1/0x650 [ 16.023966] ? __virt_addr_valid+0x1db/0x2d0 [ 16.023989] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.024012] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.024035] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.024058] kasan_report+0x141/0x180 [ 16.024082] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.024111] kasan_check_range+0x10c/0x1c0 [ 16.024132] __kasan_check_write+0x18/0x20 [ 16.024153] kasan_atomics_helper+0x1ce1/0x5450 [ 16.024178] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.024201] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.024224] ? kasan_atomics+0x152/0x310 [ 16.024248] kasan_atomics+0x1dc/0x310 [ 16.024269] ? __pfx_kasan_atomics+0x10/0x10 [ 16.024289] ? trace_hardirqs_on+0x37/0xe0 [ 16.024321] ? __pfx_read_tsc+0x10/0x10 [ 16.024341] ? ktime_get_ts64+0x86/0x230 [ 16.024368] kunit_try_run_case+0x1a5/0x480 [ 16.024393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.024418] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.024442] ? __kthread_parkme+0x82/0x180 [ 16.024464] ? preempt_count_sub+0x50/0x80 [ 16.024489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.024513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.024536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.024560] kthread+0x337/0x6f0 [ 16.024577] ? trace_preempt_on+0x20/0xc0 [ 16.024600] ? __pfx_kthread+0x10/0x10 [ 16.024619] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.024641] ? calculate_sigpending+0x7b/0xa0 [ 16.024663] ? __pfx_kthread+0x10/0x10 [ 16.024683] ret_from_fork+0x41/0x80 [ 16.024703] ? __pfx_kthread+0x10/0x10 [ 16.024722] ret_from_fork_asm+0x1a/0x30 [ 16.024754] </TASK> [ 16.024766] [ 16.032779] Allocated by task 284: [ 16.032991] kasan_save_stack+0x45/0x70 [ 16.033193] kasan_save_track+0x18/0x40 [ 16.033392] kasan_save_alloc_info+0x3b/0x50 [ 16.033764] __kasan_kmalloc+0xb7/0xc0 [ 16.033957] __kmalloc_cache_noprof+0x189/0x420 [ 16.034177] kasan_atomics+0x95/0x310 [ 16.034352] kunit_try_run_case+0x1a5/0x480 [ 16.034655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.034915] kthread+0x337/0x6f0 [ 16.035087] ret_from_fork+0x41/0x80 [ 16.035286] ret_from_fork_asm+0x1a/0x30 [ 16.035442] [ 16.035569] The buggy address belongs to the object at ffff888102717100 [ 16.035569] which belongs to the cache kmalloc-64 of size 64 [ 16.036147] The buggy address is located 0 bytes to the right of [ 16.036147] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.036672] [ 16.036799] The buggy address belongs to the physical page: [ 16.037030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.037319] flags: 0x200000000000000(node=0|zone=2) [ 16.037488] page_type: f5(slab) [ 16.037613] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.037899] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.038263] page dumped because: kasan: bad access detected [ 16.038528] [ 16.038707] Memory state around the buggy address: [ 16.038932] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.039166] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.039393] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.039944] ^ [ 16.040182] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.040646] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.041045] ================================================================== [ 16.041652] ================================================================== [ 16.042316] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.042806] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.043046] [ 16.043180] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.043225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.043239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.043260] Call Trace: [ 16.043277] <TASK> [ 16.043295] dump_stack_lvl+0x73/0xb0 [ 16.043332] print_report+0xd1/0x650 [ 16.043355] ? __virt_addr_valid+0x1db/0x2d0 [ 16.043377] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.043399] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.043422] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.043446] kasan_report+0x141/0x180 [ 16.043480] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.043508] kasan_check_range+0x10c/0x1c0 [ 16.043529] __kasan_check_write+0x18/0x20 [ 16.043561] kasan_atomics_helper+0x1d7a/0x5450 [ 16.043585] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.043609] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.043632] ? kasan_atomics+0x152/0x310 [ 16.043656] kasan_atomics+0x1dc/0x310 [ 16.043676] ? __pfx_kasan_atomics+0x10/0x10 [ 16.043696] ? trace_hardirqs_on+0x37/0xe0 [ 16.043720] ? __pfx_read_tsc+0x10/0x10 [ 16.043740] ? ktime_get_ts64+0x86/0x230 [ 16.043766] kunit_try_run_case+0x1a5/0x480 [ 16.043791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.043816] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.043849] ? __kthread_parkme+0x82/0x180 [ 16.043872] ? preempt_count_sub+0x50/0x80 [ 16.043899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.043933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.043956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.043979] kthread+0x337/0x6f0 [ 16.043996] ? trace_preempt_on+0x20/0xc0 [ 16.044029] ? __pfx_kthread+0x10/0x10 [ 16.044047] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.044069] ? calculate_sigpending+0x7b/0xa0 [ 16.044101] ? __pfx_kthread+0x10/0x10 [ 16.044122] ret_from_fork+0x41/0x80 [ 16.044144] ? __pfx_kthread+0x10/0x10 [ 16.044163] ret_from_fork_asm+0x1a/0x30 [ 16.044195] </TASK> [ 16.044207] [ 16.052172] Allocated by task 284: [ 16.052360] kasan_save_stack+0x45/0x70 [ 16.052584] kasan_save_track+0x18/0x40 [ 16.052783] kasan_save_alloc_info+0x3b/0x50 [ 16.053001] __kasan_kmalloc+0xb7/0xc0 [ 16.053166] __kmalloc_cache_noprof+0x189/0x420 [ 16.053406] kasan_atomics+0x95/0x310 [ 16.053645] kunit_try_run_case+0x1a5/0x480 [ 16.053793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.053985] kthread+0x337/0x6f0 [ 16.054175] ret_from_fork+0x41/0x80 [ 16.054372] ret_from_fork_asm+0x1a/0x30 [ 16.054574] [ 16.054648] The buggy address belongs to the object at ffff888102717100 [ 16.054648] which belongs to the cache kmalloc-64 of size 64 [ 16.055285] The buggy address is located 0 bytes to the right of [ 16.055285] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.055758] [ 16.055835] The buggy address belongs to the physical page: [ 16.056012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.056364] flags: 0x200000000000000(node=0|zone=2) [ 16.056742] page_type: f5(slab) [ 16.057018] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.057385] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.057677] page dumped because: kasan: bad access detected [ 16.057853] [ 16.057925] Memory state around the buggy address: [ 16.058084] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.058380] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.059056] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.059422] ^ [ 16.059679] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.059990] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.060287] ================================================================== [ 15.526613] ================================================================== [ 15.527067] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.527429] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.527731] [ 15.527873] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.527919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.527933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.527956] Call Trace: [ 15.527982] <TASK> [ 15.527999] dump_stack_lvl+0x73/0xb0 [ 15.528027] print_report+0xd1/0x650 [ 15.528065] ? __virt_addr_valid+0x1db/0x2d0 [ 15.528087] ? kasan_atomics_helper+0x1079/0x5450 [ 15.528110] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.528134] ? kasan_atomics_helper+0x1079/0x5450 [ 15.528157] kasan_report+0x141/0x180 [ 15.528181] ? kasan_atomics_helper+0x1079/0x5450 [ 15.528209] kasan_check_range+0x10c/0x1c0 [ 15.528237] __kasan_check_write+0x18/0x20 [ 15.528258] kasan_atomics_helper+0x1079/0x5450 [ 15.528282] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.528320] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.528343] ? kasan_atomics+0x152/0x310 [ 15.528366] kasan_atomics+0x1dc/0x310 [ 15.528386] ? __pfx_kasan_atomics+0x10/0x10 [ 15.528406] ? trace_hardirqs_on+0x37/0xe0 [ 15.528429] ? __pfx_read_tsc+0x10/0x10 [ 15.528463] ? ktime_get_ts64+0x86/0x230 [ 15.528489] kunit_try_run_case+0x1a5/0x480 [ 15.528515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.528539] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.528563] ? __kthread_parkme+0x82/0x180 [ 15.528596] ? preempt_count_sub+0x50/0x80 [ 15.528621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.528664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.528687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.528710] kthread+0x337/0x6f0 [ 15.528739] ? trace_preempt_on+0x20/0xc0 [ 15.528763] ? __pfx_kthread+0x10/0x10 [ 15.528782] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.528804] ? calculate_sigpending+0x7b/0xa0 [ 15.528828] ? __pfx_kthread+0x10/0x10 [ 15.528849] ret_from_fork+0x41/0x80 [ 15.528879] ? __pfx_kthread+0x10/0x10 [ 15.528899] ret_from_fork_asm+0x1a/0x30 [ 15.528932] </TASK> [ 15.528954] [ 15.536518] Allocated by task 284: [ 15.536662] kasan_save_stack+0x45/0x70 [ 15.536819] kasan_save_track+0x18/0x40 [ 15.537058] kasan_save_alloc_info+0x3b/0x50 [ 15.537300] __kasan_kmalloc+0xb7/0xc0 [ 15.537503] __kmalloc_cache_noprof+0x189/0x420 [ 15.537770] kasan_atomics+0x95/0x310 [ 15.538142] kunit_try_run_case+0x1a5/0x480 [ 15.538373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.538596] kthread+0x337/0x6f0 [ 15.538723] ret_from_fork+0x41/0x80 [ 15.538999] ret_from_fork_asm+0x1a/0x30 [ 15.539221] [ 15.539327] The buggy address belongs to the object at ffff888102717100 [ 15.539327] which belongs to the cache kmalloc-64 of size 64 [ 15.539845] The buggy address is located 0 bytes to the right of [ 15.539845] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.540379] [ 15.540493] The buggy address belongs to the physical page: [ 15.540802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.541143] flags: 0x200000000000000(node=0|zone=2) [ 15.541318] page_type: f5(slab) [ 15.541443] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.541676] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.541991] page dumped because: kasan: bad access detected [ 15.542242] [ 15.542344] Memory state around the buggy address: [ 15.542567] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.542817] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.543038] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.543253] ^ [ 15.543756] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.544081] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.544440] ================================================================== [ 15.962313] ================================================================== [ 15.962876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.963182] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.963549] [ 15.963647] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.963695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.963710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.963744] Call Trace: [ 15.963762] <TASK> [ 15.963779] dump_stack_lvl+0x73/0xb0 [ 15.963817] print_report+0xd1/0x650 [ 15.963841] ? __virt_addr_valid+0x1db/0x2d0 [ 15.963864] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.963896] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.963921] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.963945] kasan_report+0x141/0x180 [ 15.963979] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.964008] kasan_check_range+0x10c/0x1c0 [ 15.964031] __kasan_check_write+0x18/0x20 [ 15.964060] kasan_atomics_helper+0x1b22/0x5450 [ 15.964085] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.964120] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.964143] ? kasan_atomics+0x152/0x310 [ 15.964168] kasan_atomics+0x1dc/0x310 [ 15.964197] ? __pfx_kasan_atomics+0x10/0x10 [ 15.964218] ? trace_hardirqs_on+0x37/0xe0 [ 15.964242] ? __pfx_read_tsc+0x10/0x10 [ 15.964272] ? ktime_get_ts64+0x86/0x230 [ 15.964300] kunit_try_run_case+0x1a5/0x480 [ 15.964334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.964367] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.964393] ? __kthread_parkme+0x82/0x180 [ 15.964416] ? preempt_count_sub+0x50/0x80 [ 15.964464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.964489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.964513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.964537] kthread+0x337/0x6f0 [ 15.964565] ? trace_preempt_on+0x20/0xc0 [ 15.964589] ? __pfx_kthread+0x10/0x10 [ 15.964608] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.964641] ? calculate_sigpending+0x7b/0xa0 [ 15.964663] ? __pfx_kthread+0x10/0x10 [ 15.964683] ret_from_fork+0x41/0x80 [ 15.964704] ? __pfx_kthread+0x10/0x10 [ 15.964733] ret_from_fork_asm+0x1a/0x30 [ 15.964766] </TASK> [ 15.964777] [ 15.972591] Allocated by task 284: [ 15.972866] kasan_save_stack+0x45/0x70 [ 15.973056] kasan_save_track+0x18/0x40 [ 15.973209] kasan_save_alloc_info+0x3b/0x50 [ 15.973368] __kasan_kmalloc+0xb7/0xc0 [ 15.973505] __kmalloc_cache_noprof+0x189/0x420 [ 15.973660] kasan_atomics+0x95/0x310 [ 15.973791] kunit_try_run_case+0x1a5/0x480 [ 15.973986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.974362] kthread+0x337/0x6f0 [ 15.974543] ret_from_fork+0x41/0x80 [ 15.974731] ret_from_fork_asm+0x1a/0x30 [ 15.974926] [ 15.975019] The buggy address belongs to the object at ffff888102717100 [ 15.975019] which belongs to the cache kmalloc-64 of size 64 [ 15.975534] The buggy address is located 0 bytes to the right of [ 15.975534] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.975898] [ 15.975970] The buggy address belongs to the physical page: [ 15.976141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.976392] flags: 0x200000000000000(node=0|zone=2) [ 15.976601] page_type: f5(slab) [ 15.976724] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.976955] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.977181] page dumped because: kasan: bad access detected [ 15.977403] [ 15.977501] Memory state around the buggy address: [ 15.977699] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.977920] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.978137] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.978363] ^ [ 15.978520] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.978743] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.978958] ================================================================== [ 15.083477] ================================================================== [ 15.083858] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.084384] Read of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.084708] [ 15.084820] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.084937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.084953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.084975] Call Trace: [ 15.084990] <TASK> [ 15.085004] dump_stack_lvl+0x73/0xb0 [ 15.085034] print_report+0xd1/0x650 [ 15.085079] ? __virt_addr_valid+0x1db/0x2d0 [ 15.085101] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.085123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.085164] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.085186] kasan_report+0x141/0x180 [ 15.085210] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.085239] __asan_report_load4_noabort+0x18/0x20 [ 15.085260] kasan_atomics_helper+0x4b54/0x5450 [ 15.085284] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.085320] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.085359] ? kasan_atomics+0x152/0x310 [ 15.085383] kasan_atomics+0x1dc/0x310 [ 15.085403] ? __pfx_kasan_atomics+0x10/0x10 [ 15.085424] ? trace_hardirqs_on+0x37/0xe0 [ 15.085447] ? __pfx_read_tsc+0x10/0x10 [ 15.085467] ? ktime_get_ts64+0x86/0x230 [ 15.085493] kunit_try_run_case+0x1a5/0x480 [ 15.085518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.085543] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.085568] ? __kthread_parkme+0x82/0x180 [ 15.085590] ? preempt_count_sub+0x50/0x80 [ 15.085632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.085657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.085681] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.085705] kthread+0x337/0x6f0 [ 15.085724] ? trace_preempt_on+0x20/0xc0 [ 15.085748] ? __pfx_kthread+0x10/0x10 [ 15.085767] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.085804] ? calculate_sigpending+0x7b/0xa0 [ 15.085827] ? __pfx_kthread+0x10/0x10 [ 15.085847] ret_from_fork+0x41/0x80 [ 15.085869] ? __pfx_kthread+0x10/0x10 [ 15.085927] ret_from_fork_asm+0x1a/0x30 [ 15.085963] </TASK> [ 15.085976] [ 15.094729] Allocated by task 284: [ 15.094864] kasan_save_stack+0x45/0x70 [ 15.095100] kasan_save_track+0x18/0x40 [ 15.095486] kasan_save_alloc_info+0x3b/0x50 [ 15.095772] __kasan_kmalloc+0xb7/0xc0 [ 15.096068] __kmalloc_cache_noprof+0x189/0x420 [ 15.096234] kasan_atomics+0x95/0x310 [ 15.096439] kunit_try_run_case+0x1a5/0x480 [ 15.097013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.097245] kthread+0x337/0x6f0 [ 15.097588] ret_from_fork+0x41/0x80 [ 15.097831] ret_from_fork_asm+0x1a/0x30 [ 15.098121] [ 15.098228] The buggy address belongs to the object at ffff888102717100 [ 15.098228] which belongs to the cache kmalloc-64 of size 64 [ 15.098816] The buggy address is located 0 bytes to the right of [ 15.098816] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.099384] [ 15.099528] The buggy address belongs to the physical page: [ 15.099865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.100255] flags: 0x200000000000000(node=0|zone=2) [ 15.100533] page_type: f5(slab) [ 15.100730] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.101076] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.101594] page dumped because: kasan: bad access detected [ 15.101843] [ 15.102036] Memory state around the buggy address: [ 15.102266] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.102617] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.102864] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.103204] ^ [ 15.103513] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.103835] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.104197] ================================================================== [ 15.381380] ================================================================== [ 15.381736] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.382065] Read of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.382992] [ 15.383168] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.383221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.383237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.383260] Call Trace: [ 15.383279] <TASK> [ 15.383295] dump_stack_lvl+0x73/0xb0 [ 15.383339] print_report+0xd1/0x650 [ 15.383364] ? __virt_addr_valid+0x1db/0x2d0 [ 15.383387] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.383410] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.383456] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.383481] kasan_report+0x141/0x180 [ 15.383504] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.383533] __asan_report_load4_noabort+0x18/0x20 [ 15.383555] kasan_atomics_helper+0x4a84/0x5450 [ 15.383579] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.383603] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.383625] ? kasan_atomics+0x152/0x310 [ 15.383650] kasan_atomics+0x1dc/0x310 [ 15.383669] ? __pfx_kasan_atomics+0x10/0x10 [ 15.383689] ? trace_hardirqs_on+0x37/0xe0 [ 15.383713] ? __pfx_read_tsc+0x10/0x10 [ 15.383734] ? ktime_get_ts64+0x86/0x230 [ 15.383760] kunit_try_run_case+0x1a5/0x480 [ 15.383785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.383811] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.383835] ? __kthread_parkme+0x82/0x180 [ 15.383858] ? preempt_count_sub+0x50/0x80 [ 15.383884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.383908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.383932] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.383955] kthread+0x337/0x6f0 [ 15.383973] ? trace_preempt_on+0x20/0xc0 [ 15.383997] ? __pfx_kthread+0x10/0x10 [ 15.384016] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.384038] ? calculate_sigpending+0x7b/0xa0 [ 15.384060] ? __pfx_kthread+0x10/0x10 [ 15.384080] ret_from_fork+0x41/0x80 [ 15.384102] ? __pfx_kthread+0x10/0x10 [ 15.384121] ret_from_fork_asm+0x1a/0x30 [ 15.384153] </TASK> [ 15.384166] [ 15.391209] Allocated by task 284: [ 15.391400] kasan_save_stack+0x45/0x70 [ 15.391596] kasan_save_track+0x18/0x40 [ 15.391781] kasan_save_alloc_info+0x3b/0x50 [ 15.391972] __kasan_kmalloc+0xb7/0xc0 [ 15.392145] __kmalloc_cache_noprof+0x189/0x420 [ 15.392372] kasan_atomics+0x95/0x310 [ 15.392558] kunit_try_run_case+0x1a5/0x480 [ 15.392739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.392981] kthread+0x337/0x6f0 [ 15.393139] ret_from_fork+0x41/0x80 [ 15.393272] ret_from_fork_asm+0x1a/0x30 [ 15.393484] [ 15.393586] The buggy address belongs to the object at ffff888102717100 [ 15.393586] which belongs to the cache kmalloc-64 of size 64 [ 15.394042] The buggy address is located 0 bytes to the right of [ 15.394042] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.394585] [ 15.394671] The buggy address belongs to the physical page: [ 15.394898] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.395234] flags: 0x200000000000000(node=0|zone=2) [ 15.395412] page_type: f5(slab) [ 15.395558] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.395792] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.396103] page dumped because: kasan: bad access detected [ 15.396364] [ 15.396486] Memory state around the buggy address: [ 15.396714] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.397040] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.397329] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.397573] ^ [ 15.397732] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.398015] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.398344] ================================================================== [ 15.169042] ================================================================== [ 15.169414] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.169979] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.170664] [ 15.170760] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.170805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.170819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.170840] Call Trace: [ 15.170856] <TASK> [ 15.170872] dump_stack_lvl+0x73/0xb0 [ 15.170900] print_report+0xd1/0x650 [ 15.171102] ? __virt_addr_valid+0x1db/0x2d0 [ 15.171132] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.171155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.171180] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.171203] kasan_report+0x141/0x180 [ 15.171227] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.171255] kasan_check_range+0x10c/0x1c0 [ 15.171276] __kasan_check_write+0x18/0x20 [ 15.171299] kasan_atomics_helper+0x5fe/0x5450 [ 15.171336] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.171360] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.171383] ? kasan_atomics+0x152/0x310 [ 15.171407] kasan_atomics+0x1dc/0x310 [ 15.171427] ? __pfx_kasan_atomics+0x10/0x10 [ 15.171447] ? trace_hardirqs_on+0x37/0xe0 [ 15.171469] ? __pfx_read_tsc+0x10/0x10 [ 15.171490] ? ktime_get_ts64+0x86/0x230 [ 15.171517] kunit_try_run_case+0x1a5/0x480 [ 15.171542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.171567] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.171591] ? __kthread_parkme+0x82/0x180 [ 15.171614] ? preempt_count_sub+0x50/0x80 [ 15.171639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.171664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.171687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.171711] kthread+0x337/0x6f0 [ 15.171729] ? trace_preempt_on+0x20/0xc0 [ 15.171753] ? __pfx_kthread+0x10/0x10 [ 15.171772] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.171794] ? calculate_sigpending+0x7b/0xa0 [ 15.171815] ? __pfx_kthread+0x10/0x10 [ 15.171835] ret_from_fork+0x41/0x80 [ 15.171856] ? __pfx_kthread+0x10/0x10 [ 15.171884] ret_from_fork_asm+0x1a/0x30 [ 15.171916] </TASK> [ 15.171928] [ 15.179558] Allocated by task 284: [ 15.179689] kasan_save_stack+0x45/0x70 [ 15.179884] kasan_save_track+0x18/0x40 [ 15.180081] kasan_save_alloc_info+0x3b/0x50 [ 15.180314] __kasan_kmalloc+0xb7/0xc0 [ 15.180496] __kmalloc_cache_noprof+0x189/0x420 [ 15.180699] kasan_atomics+0x95/0x310 [ 15.180858] kunit_try_run_case+0x1a5/0x480 [ 15.181067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.181329] kthread+0x337/0x6f0 [ 15.181512] ret_from_fork+0x41/0x80 [ 15.181667] ret_from_fork_asm+0x1a/0x30 [ 15.181845] [ 15.181949] The buggy address belongs to the object at ffff888102717100 [ 15.181949] which belongs to the cache kmalloc-64 of size 64 [ 15.182447] The buggy address is located 0 bytes to the right of [ 15.182447] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.182842] [ 15.182918] The buggy address belongs to the physical page: [ 15.183092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.183401] flags: 0x200000000000000(node=0|zone=2) [ 15.183634] page_type: f5(slab) [ 15.183806] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.184149] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.184465] page dumped because: kasan: bad access detected [ 15.184641] [ 15.184713] Memory state around the buggy address: [ 15.184868] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.185179] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.185598] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.185921] ^ [ 15.186153] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.186536] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.186836] ================================================================== [ 15.979370] ================================================================== [ 15.979967] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 15.980386] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.980959] [ 15.981075] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.981121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.981135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.981157] Call Trace: [ 15.981170] <TASK> [ 15.981185] dump_stack_lvl+0x73/0xb0 [ 15.981212] print_report+0xd1/0x650 [ 15.981235] ? __virt_addr_valid+0x1db/0x2d0 [ 15.981258] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.981280] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.981318] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.981342] kasan_report+0x141/0x180 [ 15.981365] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.981393] kasan_check_range+0x10c/0x1c0 [ 15.981415] __kasan_check_write+0x18/0x20 [ 15.981436] kasan_atomics_helper+0x1c18/0x5450 [ 15.981468] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.981492] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.981525] ? kasan_atomics+0x152/0x310 [ 15.981550] kasan_atomics+0x1dc/0x310 [ 15.981570] ? __pfx_kasan_atomics+0x10/0x10 [ 15.981590] ? trace_hardirqs_on+0x37/0xe0 [ 15.981632] ? __pfx_read_tsc+0x10/0x10 [ 15.981653] ? ktime_get_ts64+0x86/0x230 [ 15.981678] kunit_try_run_case+0x1a5/0x480 [ 15.981712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.981737] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.981762] ? __kthread_parkme+0x82/0x180 [ 15.981784] ? preempt_count_sub+0x50/0x80 [ 15.981811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.981835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.981858] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.981882] kthread+0x337/0x6f0 [ 15.981899] ? trace_preempt_on+0x20/0xc0 [ 15.981922] ? __pfx_kthread+0x10/0x10 [ 15.981941] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.981963] ? calculate_sigpending+0x7b/0xa0 [ 15.981986] ? __pfx_kthread+0x10/0x10 [ 15.982005] ret_from_fork+0x41/0x80 [ 15.982026] ? __pfx_kthread+0x10/0x10 [ 15.982045] ret_from_fork_asm+0x1a/0x30 [ 15.982078] </TASK> [ 15.982090] [ 15.989881] Allocated by task 284: [ 15.990081] kasan_save_stack+0x45/0x70 [ 15.990284] kasan_save_track+0x18/0x40 [ 15.990598] kasan_save_alloc_info+0x3b/0x50 [ 15.990784] __kasan_kmalloc+0xb7/0xc0 [ 15.990991] __kmalloc_cache_noprof+0x189/0x420 [ 15.991211] kasan_atomics+0x95/0x310 [ 15.991407] kunit_try_run_case+0x1a5/0x480 [ 15.991580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.991779] kthread+0x337/0x6f0 [ 15.991918] ret_from_fork+0x41/0x80 [ 15.992087] ret_from_fork_asm+0x1a/0x30 [ 15.992265] [ 15.992373] The buggy address belongs to the object at ffff888102717100 [ 15.992373] which belongs to the cache kmalloc-64 of size 64 [ 15.992869] The buggy address is located 0 bytes to the right of [ 15.992869] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.993268] [ 15.993353] The buggy address belongs to the physical page: [ 15.993528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.993771] flags: 0x200000000000000(node=0|zone=2) [ 15.993933] page_type: f5(slab) [ 15.994055] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.994356] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.995078] page dumped because: kasan: bad access detected [ 15.995340] [ 15.995436] Memory state around the buggy address: [ 15.995787] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.996164] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.996548] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.996868] ^ [ 15.997091] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.997422] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.997676] ================================================================== [ 15.998108] ================================================================== [ 15.998377] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 15.998716] Read of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.999247] [ 15.999428] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.999471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.999484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.999516] Call Trace: [ 15.999530] <TASK> [ 15.999545] dump_stack_lvl+0x73/0xb0 [ 15.999572] print_report+0xd1/0x650 [ 15.999594] ? __virt_addr_valid+0x1db/0x2d0 [ 15.999616] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.999638] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.999662] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.999685] kasan_report+0x141/0x180 [ 15.999709] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.999737] __asan_report_load8_noabort+0x18/0x20 [ 15.999759] kasan_atomics_helper+0x4f30/0x5450 [ 15.999783] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.999806] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.999828] ? kasan_atomics+0x152/0x310 [ 15.999852] kasan_atomics+0x1dc/0x310 [ 15.999872] ? __pfx_kasan_atomics+0x10/0x10 [ 15.999891] ? trace_hardirqs_on+0x37/0xe0 [ 15.999914] ? __pfx_read_tsc+0x10/0x10 [ 15.999935] ? ktime_get_ts64+0x86/0x230 [ 15.999960] kunit_try_run_case+0x1a5/0x480 [ 15.999984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.000009] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.000033] ? __kthread_parkme+0x82/0x180 [ 16.000055] ? preempt_count_sub+0x50/0x80 [ 16.000082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.000107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.000129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.000152] kthread+0x337/0x6f0 [ 16.000170] ? trace_preempt_on+0x20/0xc0 [ 16.000194] ? __pfx_kthread+0x10/0x10 [ 16.000213] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.000234] ? calculate_sigpending+0x7b/0xa0 [ 16.000256] ? __pfx_kthread+0x10/0x10 [ 16.000275] ret_from_fork+0x41/0x80 [ 16.000298] ? __pfx_kthread+0x10/0x10 [ 16.000335] ret_from_fork_asm+0x1a/0x30 [ 16.000368] </TASK> [ 16.000379] [ 16.011221] Allocated by task 284: [ 16.011405] kasan_save_stack+0x45/0x70 [ 16.012016] kasan_save_track+0x18/0x40 [ 16.012279] kasan_save_alloc_info+0x3b/0x50 [ 16.012660] __kasan_kmalloc+0xb7/0xc0 [ 16.012852] __kmalloc_cache_noprof+0x189/0x420 [ 16.013056] kasan_atomics+0x95/0x310 [ 16.013217] kunit_try_run_case+0x1a5/0x480 [ 16.013415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.013918] kthread+0x337/0x6f0 [ 16.014082] ret_from_fork+0x41/0x80 [ 16.014249] ret_from_fork_asm+0x1a/0x30 [ 16.014425] [ 16.014801] The buggy address belongs to the object at ffff888102717100 [ 16.014801] which belongs to the cache kmalloc-64 of size 64 [ 16.015474] The buggy address is located 0 bytes to the right of [ 16.015474] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.015849] [ 16.015923] The buggy address belongs to the physical page: [ 16.016097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.016350] flags: 0x200000000000000(node=0|zone=2) [ 16.016515] page_type: f5(slab) [ 16.016639] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.017509] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.017886] page dumped because: kasan: bad access detected [ 16.018131] [ 16.018222] Memory state around the buggy address: [ 16.018441] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.018740] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.019020] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.019292] ^ [ 16.020009] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.020657] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.021100] ================================================================== [ 15.416625] ================================================================== [ 15.416976] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.417643] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.417923] [ 15.418012] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.418058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.418072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.418094] Call Trace: [ 15.418111] <TASK> [ 15.418127] dump_stack_lvl+0x73/0xb0 [ 15.418155] print_report+0xd1/0x650 [ 15.418178] ? __virt_addr_valid+0x1db/0x2d0 [ 15.418200] ? kasan_atomics_helper+0xde0/0x5450 [ 15.418223] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.418246] ? kasan_atomics_helper+0xde0/0x5450 [ 15.418270] kasan_report+0x141/0x180 [ 15.418294] ? kasan_atomics_helper+0xde0/0x5450 [ 15.418335] kasan_check_range+0x10c/0x1c0 [ 15.418357] __kasan_check_write+0x18/0x20 [ 15.418378] kasan_atomics_helper+0xde0/0x5450 [ 15.418402] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.418447] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.418472] ? kasan_atomics+0x152/0x310 [ 15.418496] kasan_atomics+0x1dc/0x310 [ 15.418516] ? __pfx_kasan_atomics+0x10/0x10 [ 15.418537] ? trace_hardirqs_on+0x37/0xe0 [ 15.418561] ? __pfx_read_tsc+0x10/0x10 [ 15.418582] ? ktime_get_ts64+0x86/0x230 [ 15.418608] kunit_try_run_case+0x1a5/0x480 [ 15.418633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.418659] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.418691] ? __kthread_parkme+0x82/0x180 [ 15.418714] ? preempt_count_sub+0x50/0x80 [ 15.418739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.418764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.418787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.418812] kthread+0x337/0x6f0 [ 15.418831] ? trace_preempt_on+0x20/0xc0 [ 15.418854] ? __pfx_kthread+0x10/0x10 [ 15.418874] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.418896] ? calculate_sigpending+0x7b/0xa0 [ 15.418919] ? __pfx_kthread+0x10/0x10 [ 15.418939] ret_from_fork+0x41/0x80 [ 15.418961] ? __pfx_kthread+0x10/0x10 [ 15.418981] ret_from_fork_asm+0x1a/0x30 [ 15.419013] </TASK> [ 15.419025] [ 15.426389] Allocated by task 284: [ 15.426541] kasan_save_stack+0x45/0x70 [ 15.426694] kasan_save_track+0x18/0x40 [ 15.426834] kasan_save_alloc_info+0x3b/0x50 [ 15.426982] __kasan_kmalloc+0xb7/0xc0 [ 15.427118] __kmalloc_cache_noprof+0x189/0x420 [ 15.427317] kasan_atomics+0x95/0x310 [ 15.427527] kunit_try_run_case+0x1a5/0x480 [ 15.427739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.427992] kthread+0x337/0x6f0 [ 15.428159] ret_from_fork+0x41/0x80 [ 15.428355] ret_from_fork_asm+0x1a/0x30 [ 15.428578] [ 15.428674] The buggy address belongs to the object at ffff888102717100 [ 15.428674] which belongs to the cache kmalloc-64 of size 64 [ 15.429197] The buggy address is located 0 bytes to the right of [ 15.429197] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.429736] [ 15.429817] The buggy address belongs to the physical page: [ 15.429993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.430356] flags: 0x200000000000000(node=0|zone=2) [ 15.430615] page_type: f5(slab) [ 15.430798] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.431140] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.431490] page dumped because: kasan: bad access detected [ 15.431718] [ 15.431814] Memory state around the buggy address: [ 15.432015] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.432278] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.432532] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.432843] ^ [ 15.433081] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.433408] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.433647] ================================================================== [ 15.804004] ================================================================== [ 15.804366] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.804748] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.805124] [ 15.805254] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.805324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.805338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.805360] Call Trace: [ 15.805381] <TASK> [ 15.805412] dump_stack_lvl+0x73/0xb0 [ 15.805444] print_report+0xd1/0x650 [ 15.805468] ? __virt_addr_valid+0x1db/0x2d0 [ 15.805492] ? kasan_atomics_helper+0x164f/0x5450 [ 15.805523] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.805547] ? kasan_atomics_helper+0x164f/0x5450 [ 15.805572] kasan_report+0x141/0x180 [ 15.805606] ? kasan_atomics_helper+0x164f/0x5450 [ 15.805635] kasan_check_range+0x10c/0x1c0 [ 15.805656] __kasan_check_write+0x18/0x20 [ 15.805676] kasan_atomics_helper+0x164f/0x5450 [ 15.805700] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.805725] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.805758] ? kasan_atomics+0x152/0x310 [ 15.805784] kasan_atomics+0x1dc/0x310 [ 15.805804] ? __pfx_kasan_atomics+0x10/0x10 [ 15.805835] ? trace_hardirqs_on+0x37/0xe0 [ 15.805860] ? __pfx_read_tsc+0x10/0x10 [ 15.805882] ? ktime_get_ts64+0x86/0x230 [ 15.805917] kunit_try_run_case+0x1a5/0x480 [ 15.805943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.805968] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.806005] ? __kthread_parkme+0x82/0x180 [ 15.806029] ? preempt_count_sub+0x50/0x80 [ 15.806065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.806089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.806112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.806148] kthread+0x337/0x6f0 [ 15.806166] ? trace_preempt_on+0x20/0xc0 [ 15.806190] ? __pfx_kthread+0x10/0x10 [ 15.806221] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.806243] ? calculate_sigpending+0x7b/0xa0 [ 15.806266] ? __pfx_kthread+0x10/0x10 [ 15.806296] ret_from_fork+0x41/0x80 [ 15.806326] ? __pfx_kthread+0x10/0x10 [ 15.806344] ret_from_fork_asm+0x1a/0x30 [ 15.806389] </TASK> [ 15.806403] [ 15.814105] Allocated by task 284: [ 15.814434] kasan_save_stack+0x45/0x70 [ 15.814871] kasan_save_track+0x18/0x40 [ 15.815018] kasan_save_alloc_info+0x3b/0x50 [ 15.815168] __kasan_kmalloc+0xb7/0xc0 [ 15.815312] __kmalloc_cache_noprof+0x189/0x420 [ 15.815547] kasan_atomics+0x95/0x310 [ 15.815737] kunit_try_run_case+0x1a5/0x480 [ 15.815954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.816219] kthread+0x337/0x6f0 [ 15.816408] ret_from_fork+0x41/0x80 [ 15.816589] ret_from_fork_asm+0x1a/0x30 [ 15.816780] [ 15.816855] The buggy address belongs to the object at ffff888102717100 [ 15.816855] which belongs to the cache kmalloc-64 of size 64 [ 15.817285] The buggy address is located 0 bytes to the right of [ 15.817285] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.818220] [ 15.818298] The buggy address belongs to the physical page: [ 15.818578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.818964] flags: 0x200000000000000(node=0|zone=2) [ 15.819165] page_type: f5(slab) [ 15.819292] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.819815] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.820088] page dumped because: kasan: bad access detected [ 15.820362] [ 15.820469] Memory state around the buggy address: [ 15.820700] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.820977] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.821286] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.821669] ^ [ 15.821890] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.822187] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.822543] ================================================================== [ 15.148784] ================================================================== [ 15.149218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.149586] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.149900] [ 15.150017] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.150065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.150078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.150101] Call Trace: [ 15.150114] <TASK> [ 15.150128] dump_stack_lvl+0x73/0xb0 [ 15.150156] print_report+0xd1/0x650 [ 15.150179] ? __virt_addr_valid+0x1db/0x2d0 [ 15.150201] ? kasan_atomics_helper+0x565/0x5450 [ 15.150224] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.150248] ? kasan_atomics_helper+0x565/0x5450 [ 15.150272] kasan_report+0x141/0x180 [ 15.150296] ? kasan_atomics_helper+0x565/0x5450 [ 15.150336] kasan_check_range+0x10c/0x1c0 [ 15.150359] __kasan_check_write+0x18/0x20 [ 15.150380] kasan_atomics_helper+0x565/0x5450 [ 15.150405] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.150429] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.150532] ? kasan_atomics+0x152/0x310 [ 15.150577] kasan_atomics+0x1dc/0x310 [ 15.150598] ? __pfx_kasan_atomics+0x10/0x10 [ 15.150619] ? trace_hardirqs_on+0x37/0xe0 [ 15.150642] ? __pfx_read_tsc+0x10/0x10 [ 15.150662] ? ktime_get_ts64+0x86/0x230 [ 15.150693] kunit_try_run_case+0x1a5/0x480 [ 15.150717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.150742] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.150767] ? __kthread_parkme+0x82/0x180 [ 15.150790] ? preempt_count_sub+0x50/0x80 [ 15.150816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.150840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.150916] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.150943] kthread+0x337/0x6f0 [ 15.150962] ? trace_preempt_on+0x20/0xc0 [ 15.150985] ? __pfx_kthread+0x10/0x10 [ 15.151025] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.151048] ? calculate_sigpending+0x7b/0xa0 [ 15.151070] ? __pfx_kthread+0x10/0x10 [ 15.151089] ret_from_fork+0x41/0x80 [ 15.151127] ? __pfx_kthread+0x10/0x10 [ 15.151146] ret_from_fork_asm+0x1a/0x30 [ 15.151179] </TASK> [ 15.151192] [ 15.160417] Allocated by task 284: [ 15.160608] kasan_save_stack+0x45/0x70 [ 15.160817] kasan_save_track+0x18/0x40 [ 15.161039] kasan_save_alloc_info+0x3b/0x50 [ 15.161198] __kasan_kmalloc+0xb7/0xc0 [ 15.161407] __kmalloc_cache_noprof+0x189/0x420 [ 15.161634] kasan_atomics+0x95/0x310 [ 15.161842] kunit_try_run_case+0x1a5/0x480 [ 15.162062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.162281] kthread+0x337/0x6f0 [ 15.162465] ret_from_fork+0x41/0x80 [ 15.162697] ret_from_fork_asm+0x1a/0x30 [ 15.162953] [ 15.163040] The buggy address belongs to the object at ffff888102717100 [ 15.163040] which belongs to the cache kmalloc-64 of size 64 [ 15.163502] The buggy address is located 0 bytes to the right of [ 15.163502] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.163870] [ 15.163945] The buggy address belongs to the physical page: [ 15.164487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.164864] flags: 0x200000000000000(node=0|zone=2) [ 15.165368] page_type: f5(slab) [ 15.165619] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.165871] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.166257] page dumped because: kasan: bad access detected [ 15.166519] [ 15.166617] Memory state around the buggy address: [ 15.166811] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.167186] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.167435] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.167770] ^ [ 15.168069] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.168321] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.168537] ================================================================== [ 15.823248] ================================================================== [ 15.823733] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.823978] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.824342] [ 15.824492] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.824543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.824556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.824580] Call Trace: [ 15.824601] <TASK> [ 15.824620] dump_stack_lvl+0x73/0xb0 [ 15.824653] print_report+0xd1/0x650 [ 15.824678] ? __virt_addr_valid+0x1db/0x2d0 [ 15.824701] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.824724] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.824747] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.824771] kasan_report+0x141/0x180 [ 15.824794] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.824823] kasan_check_range+0x10c/0x1c0 [ 15.824844] __kasan_check_write+0x18/0x20 [ 15.824876] kasan_atomics_helper+0x16e7/0x5450 [ 15.824901] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.824924] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.824959] ? kasan_atomics+0x152/0x310 [ 15.824984] kasan_atomics+0x1dc/0x310 [ 15.825003] ? __pfx_kasan_atomics+0x10/0x10 [ 15.825024] ? trace_hardirqs_on+0x37/0xe0 [ 15.825050] ? __pfx_read_tsc+0x10/0x10 [ 15.825070] ? ktime_get_ts64+0x86/0x230 [ 15.825097] kunit_try_run_case+0x1a5/0x480 [ 15.825122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.825147] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.825174] ? __kthread_parkme+0x82/0x180 [ 15.825198] ? preempt_count_sub+0x50/0x80 [ 15.825224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.825249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.825272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.825296] kthread+0x337/0x6f0 [ 15.825324] ? trace_preempt_on+0x20/0xc0 [ 15.825347] ? __pfx_kthread+0x10/0x10 [ 15.825367] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.825388] ? calculate_sigpending+0x7b/0xa0 [ 15.825411] ? __pfx_kthread+0x10/0x10 [ 15.825431] ret_from_fork+0x41/0x80 [ 15.825452] ? __pfx_kthread+0x10/0x10 [ 15.825471] ret_from_fork_asm+0x1a/0x30 [ 15.825504] </TASK> [ 15.825517] [ 15.833008] Allocated by task 284: [ 15.833219] kasan_save_stack+0x45/0x70 [ 15.833452] kasan_save_track+0x18/0x40 [ 15.833684] kasan_save_alloc_info+0x3b/0x50 [ 15.833899] __kasan_kmalloc+0xb7/0xc0 [ 15.834115] __kmalloc_cache_noprof+0x189/0x420 [ 15.834319] kasan_atomics+0x95/0x310 [ 15.834516] kunit_try_run_case+0x1a5/0x480 [ 15.834731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.834971] kthread+0x337/0x6f0 [ 15.835152] ret_from_fork+0x41/0x80 [ 15.835338] ret_from_fork_asm+0x1a/0x30 [ 15.835567] [ 15.835651] The buggy address belongs to the object at ffff888102717100 [ 15.835651] which belongs to the cache kmalloc-64 of size 64 [ 15.836130] The buggy address is located 0 bytes to the right of [ 15.836130] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.836736] [ 15.836815] The buggy address belongs to the physical page: [ 15.837056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.837377] flags: 0x200000000000000(node=0|zone=2) [ 15.837753] page_type: f5(slab) [ 15.837957] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.838277] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.838634] page dumped because: kasan: bad access detected [ 15.838896] [ 15.838969] Memory state around the buggy address: [ 15.839125] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.839354] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.839644] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.840011] ^ [ 15.840274] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.840725] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.840962] ================================================================== [ 15.619492] ================================================================== [ 15.619901] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.620254] Read of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.620805] [ 15.620943] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.620990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.621004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.621025] Call Trace: [ 15.621044] <TASK> [ 15.621063] dump_stack_lvl+0x73/0xb0 [ 15.621092] print_report+0xd1/0x650 [ 15.621116] ? __virt_addr_valid+0x1db/0x2d0 [ 15.621137] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.621160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.621183] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.621206] kasan_report+0x141/0x180 [ 15.621229] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.621258] __asan_report_load4_noabort+0x18/0x20 [ 15.621280] kasan_atomics_helper+0x49e8/0x5450 [ 15.621315] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.621338] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.621361] ? kasan_atomics+0x152/0x310 [ 15.621385] kasan_atomics+0x1dc/0x310 [ 15.621405] ? __pfx_kasan_atomics+0x10/0x10 [ 15.621424] ? trace_hardirqs_on+0x37/0xe0 [ 15.621448] ? __pfx_read_tsc+0x10/0x10 [ 15.621468] ? ktime_get_ts64+0x86/0x230 [ 15.621495] kunit_try_run_case+0x1a5/0x480 [ 15.621520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.621545] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.621570] ? __kthread_parkme+0x82/0x180 [ 15.621592] ? preempt_count_sub+0x50/0x80 [ 15.621617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.621642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.621665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.621689] kthread+0x337/0x6f0 [ 15.621708] ? trace_preempt_on+0x20/0xc0 [ 15.621731] ? __pfx_kthread+0x10/0x10 [ 15.621751] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.621772] ? calculate_sigpending+0x7b/0xa0 [ 15.621794] ? __pfx_kthread+0x10/0x10 [ 15.621814] ret_from_fork+0x41/0x80 [ 15.621835] ? __pfx_kthread+0x10/0x10 [ 15.621854] ret_from_fork_asm+0x1a/0x30 [ 15.621886] </TASK> [ 15.621897] [ 15.629542] Allocated by task 284: [ 15.629740] kasan_save_stack+0x45/0x70 [ 15.629897] kasan_save_track+0x18/0x40 [ 15.630112] kasan_save_alloc_info+0x3b/0x50 [ 15.630260] __kasan_kmalloc+0xb7/0xc0 [ 15.631223] __kmalloc_cache_noprof+0x189/0x420 [ 15.631993] kasan_atomics+0x95/0x310 [ 15.632382] kunit_try_run_case+0x1a5/0x480 [ 15.633141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.634045] kthread+0x337/0x6f0 [ 15.634459] ret_from_fork+0x41/0x80 [ 15.634870] ret_from_fork_asm+0x1a/0x30 [ 15.635021] [ 15.635096] The buggy address belongs to the object at ffff888102717100 [ 15.635096] which belongs to the cache kmalloc-64 of size 64 [ 15.635729] The buggy address is located 0 bytes to the right of [ 15.635729] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.637234] [ 15.637595] The buggy address belongs to the physical page: [ 15.638230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.639310] flags: 0x200000000000000(node=0|zone=2) [ 15.639787] page_type: f5(slab) [ 15.640159] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.640404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.641412] page dumped because: kasan: bad access detected [ 15.642057] [ 15.642445] Memory state around the buggy address: [ 15.642916] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.643137] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.643360] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.643711] ^ [ 15.644154] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.644883] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.645567] ================================================================== [ 15.897842] ================================================================== [ 15.898121] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.898372] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.899055] [ 15.899182] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.899240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.899254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.899276] Call Trace: [ 15.899290] <TASK> [ 15.899320] dump_stack_lvl+0x73/0xb0 [ 15.899348] print_report+0xd1/0x650 [ 15.899371] ? __virt_addr_valid+0x1db/0x2d0 [ 15.899393] ? kasan_atomics_helper+0x194a/0x5450 [ 15.899416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.899440] ? kasan_atomics_helper+0x194a/0x5450 [ 15.899464] kasan_report+0x141/0x180 [ 15.899496] ? kasan_atomics_helper+0x194a/0x5450 [ 15.899524] kasan_check_range+0x10c/0x1c0 [ 15.899545] __kasan_check_write+0x18/0x20 [ 15.899576] kasan_atomics_helper+0x194a/0x5450 [ 15.899600] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.899623] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.899646] ? kasan_atomics+0x152/0x310 [ 15.899678] kasan_atomics+0x1dc/0x310 [ 15.899698] ? __pfx_kasan_atomics+0x10/0x10 [ 15.899718] ? trace_hardirqs_on+0x37/0xe0 [ 15.899752] ? __pfx_read_tsc+0x10/0x10 [ 15.899772] ? ktime_get_ts64+0x86/0x230 [ 15.899797] kunit_try_run_case+0x1a5/0x480 [ 15.899829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.899854] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.899880] ? __kthread_parkme+0x82/0x180 [ 15.899913] ? preempt_count_sub+0x50/0x80 [ 15.899939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.899962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.899995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.900019] kthread+0x337/0x6f0 [ 15.900037] ? trace_preempt_on+0x20/0xc0 [ 15.900071] ? __pfx_kthread+0x10/0x10 [ 15.900091] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.900113] ? calculate_sigpending+0x7b/0xa0 [ 15.900143] ? __pfx_kthread+0x10/0x10 [ 15.900162] ret_from_fork+0x41/0x80 [ 15.900184] ? __pfx_kthread+0x10/0x10 [ 15.900212] ret_from_fork_asm+0x1a/0x30 [ 15.900245] </TASK> [ 15.900258] [ 15.908056] Allocated by task 284: [ 15.908184] kasan_save_stack+0x45/0x70 [ 15.908345] kasan_save_track+0x18/0x40 [ 15.908536] kasan_save_alloc_info+0x3b/0x50 [ 15.908762] __kasan_kmalloc+0xb7/0xc0 [ 15.908955] __kmalloc_cache_noprof+0x189/0x420 [ 15.909182] kasan_atomics+0x95/0x310 [ 15.909380] kunit_try_run_case+0x1a5/0x480 [ 15.909703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.909880] kthread+0x337/0x6f0 [ 15.910000] ret_from_fork+0x41/0x80 [ 15.910133] ret_from_fork_asm+0x1a/0x30 [ 15.910335] [ 15.910426] The buggy address belongs to the object at ffff888102717100 [ 15.910426] which belongs to the cache kmalloc-64 of size 64 [ 15.910894] The buggy address is located 0 bytes to the right of [ 15.910894] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.912334] [ 15.912444] The buggy address belongs to the physical page: [ 15.912681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.912980] flags: 0x200000000000000(node=0|zone=2) [ 15.913185] page_type: f5(slab) [ 15.913343] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.914436] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.915094] page dumped because: kasan: bad access detected [ 15.915561] [ 15.915799] Memory state around the buggy address: [ 15.916233] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.916761] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.917289] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.917941] ^ [ 15.918233] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.918672] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.919163] ================================================================== [ 15.765767] ================================================================== [ 15.766358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.766804] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.767103] [ 15.767189] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.767235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.767249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.767270] Call Trace: [ 15.767285] <TASK> [ 15.767300] dump_stack_lvl+0x73/0xb0 [ 15.767341] print_report+0xd1/0x650 [ 15.767365] ? __virt_addr_valid+0x1db/0x2d0 [ 15.767387] ? kasan_atomics_helper+0x151d/0x5450 [ 15.767409] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.767433] ? kasan_atomics_helper+0x151d/0x5450 [ 15.767456] kasan_report+0x141/0x180 [ 15.767480] ? kasan_atomics_helper+0x151d/0x5450 [ 15.767508] kasan_check_range+0x10c/0x1c0 [ 15.767529] __kasan_check_write+0x18/0x20 [ 15.767550] kasan_atomics_helper+0x151d/0x5450 [ 15.767574] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.767599] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.767622] ? kasan_atomics+0x152/0x310 [ 15.767646] kasan_atomics+0x1dc/0x310 [ 15.767666] ? __pfx_kasan_atomics+0x10/0x10 [ 15.767686] ? trace_hardirqs_on+0x37/0xe0 [ 15.767710] ? __pfx_read_tsc+0x10/0x10 [ 15.767741] ? ktime_get_ts64+0x86/0x230 [ 15.767767] kunit_try_run_case+0x1a5/0x480 [ 15.767792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.767828] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.767853] ? __kthread_parkme+0x82/0x180 [ 15.767876] ? preempt_count_sub+0x50/0x80 [ 15.767902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.767926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.767950] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.767974] kthread+0x337/0x6f0 [ 15.767992] ? trace_preempt_on+0x20/0xc0 [ 15.768017] ? __pfx_kthread+0x10/0x10 [ 15.768036] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.768067] ? calculate_sigpending+0x7b/0xa0 [ 15.768092] ? __pfx_kthread+0x10/0x10 [ 15.768113] ret_from_fork+0x41/0x80 [ 15.768146] ? __pfx_kthread+0x10/0x10 [ 15.768166] ret_from_fork_asm+0x1a/0x30 [ 15.768200] </TASK> [ 15.768214] [ 15.776736] Allocated by task 284: [ 15.776918] kasan_save_stack+0x45/0x70 [ 15.777118] kasan_save_track+0x18/0x40 [ 15.777297] kasan_save_alloc_info+0x3b/0x50 [ 15.777584] __kasan_kmalloc+0xb7/0xc0 [ 15.777776] __kmalloc_cache_noprof+0x189/0x420 [ 15.778005] kasan_atomics+0x95/0x310 [ 15.778198] kunit_try_run_case+0x1a5/0x480 [ 15.778416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.778681] kthread+0x337/0x6f0 [ 15.778837] ret_from_fork+0x41/0x80 [ 15.779033] ret_from_fork_asm+0x1a/0x30 [ 15.779228] [ 15.779330] The buggy address belongs to the object at ffff888102717100 [ 15.779330] which belongs to the cache kmalloc-64 of size 64 [ 15.779781] The buggy address is located 0 bytes to the right of [ 15.779781] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.780328] [ 15.780401] The buggy address belongs to the physical page: [ 15.780652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.781015] flags: 0x200000000000000(node=0|zone=2) [ 15.781248] page_type: f5(slab) [ 15.781381] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.781964] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.782248] page dumped because: kasan: bad access detected [ 15.782431] [ 15.782502] Memory state around the buggy address: [ 15.782732] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.783081] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.783333] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.783550] ^ [ 15.783714] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.784096] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.784450] ================================================================== [ 15.501831] ================================================================== [ 15.502282] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.503122] Read of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.503581] [ 15.503682] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.503740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.503753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.503774] Call Trace: [ 15.503797] <TASK> [ 15.503813] dump_stack_lvl+0x73/0xb0 [ 15.503841] print_report+0xd1/0x650 [ 15.503873] ? __virt_addr_valid+0x1db/0x2d0 [ 15.503895] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.503917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.503952] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.503974] kasan_report+0x141/0x180 [ 15.503997] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.504025] __asan_report_load4_noabort+0x18/0x20 [ 15.504047] kasan_atomics_helper+0x4a36/0x5450 [ 15.504070] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.504095] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.504117] ? kasan_atomics+0x152/0x310 [ 15.504141] kasan_atomics+0x1dc/0x310 [ 15.504171] ? __pfx_kasan_atomics+0x10/0x10 [ 15.504190] ? trace_hardirqs_on+0x37/0xe0 [ 15.504213] ? __pfx_read_tsc+0x10/0x10 [ 15.504234] ? ktime_get_ts64+0x86/0x230 [ 15.504271] kunit_try_run_case+0x1a5/0x480 [ 15.504296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.504329] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.504362] ? __kthread_parkme+0x82/0x180 [ 15.504385] ? preempt_count_sub+0x50/0x80 [ 15.504411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.504445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.504468] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.504492] kthread+0x337/0x6f0 [ 15.504510] ? trace_preempt_on+0x20/0xc0 [ 15.504533] ? __pfx_kthread+0x10/0x10 [ 15.504552] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.504573] ? calculate_sigpending+0x7b/0xa0 [ 15.504595] ? __pfx_kthread+0x10/0x10 [ 15.504615] ret_from_fork+0x41/0x80 [ 15.504636] ? __pfx_kthread+0x10/0x10 [ 15.504655] ret_from_fork_asm+0x1a/0x30 [ 15.504687] </TASK> [ 15.504699] [ 15.516922] Allocated by task 284: [ 15.517106] kasan_save_stack+0x45/0x70 [ 15.517527] kasan_save_track+0x18/0x40 [ 15.517843] kasan_save_alloc_info+0x3b/0x50 [ 15.518464] __kasan_kmalloc+0xb7/0xc0 [ 15.518616] __kmalloc_cache_noprof+0x189/0x420 [ 15.518976] kasan_atomics+0x95/0x310 [ 15.519355] kunit_try_run_case+0x1a5/0x480 [ 15.519811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.520127] kthread+0x337/0x6f0 [ 15.520484] ret_from_fork+0x41/0x80 [ 15.520732] ret_from_fork_asm+0x1a/0x30 [ 15.520876] [ 15.520949] The buggy address belongs to the object at ffff888102717100 [ 15.520949] which belongs to the cache kmalloc-64 of size 64 [ 15.521314] The buggy address is located 0 bytes to the right of [ 15.521314] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.521856] [ 15.521936] The buggy address belongs to the physical page: [ 15.522168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.522581] flags: 0x200000000000000(node=0|zone=2) [ 15.522791] page_type: f5(slab) [ 15.522969] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.523213] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.523687] page dumped because: kasan: bad access detected [ 15.523934] [ 15.524016] Memory state around the buggy address: [ 15.524265] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.524517] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.524948] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.525174] ^ [ 15.525409] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.525756] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.526045] ================================================================== [ 16.195793] ================================================================== [ 16.196501] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.197379] Read of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.197971] [ 16.198061] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.198109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.198122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.198145] Call Trace: [ 16.198162] <TASK> [ 16.198178] dump_stack_lvl+0x73/0xb0 [ 16.198208] print_report+0xd1/0x650 [ 16.198231] ? __virt_addr_valid+0x1db/0x2d0 [ 16.198254] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.198276] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.198300] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.198334] kasan_report+0x141/0x180 [ 16.198357] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.198385] __asan_report_load8_noabort+0x18/0x20 [ 16.198407] kasan_atomics_helper+0x4f98/0x5450 [ 16.198478] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.198502] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.198525] ? kasan_atomics+0x152/0x310 [ 16.198549] kasan_atomics+0x1dc/0x310 [ 16.198570] ? __pfx_kasan_atomics+0x10/0x10 [ 16.198589] ? trace_hardirqs_on+0x37/0xe0 [ 16.198613] ? __pfx_read_tsc+0x10/0x10 [ 16.198633] ? ktime_get_ts64+0x86/0x230 [ 16.198659] kunit_try_run_case+0x1a5/0x480 [ 16.198691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.198716] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.198743] ? __kthread_parkme+0x82/0x180 [ 16.198766] ? preempt_count_sub+0x50/0x80 [ 16.198793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.198818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.198841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.198865] kthread+0x337/0x6f0 [ 16.198884] ? trace_preempt_on+0x20/0xc0 [ 16.198908] ? __pfx_kthread+0x10/0x10 [ 16.198927] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.198949] ? calculate_sigpending+0x7b/0xa0 [ 16.198972] ? __pfx_kthread+0x10/0x10 [ 16.198992] ret_from_fork+0x41/0x80 [ 16.199014] ? __pfx_kthread+0x10/0x10 [ 16.199034] ret_from_fork_asm+0x1a/0x30 [ 16.199067] </TASK> [ 16.199079] [ 16.210977] Allocated by task 284: [ 16.211123] kasan_save_stack+0x45/0x70 [ 16.211273] kasan_save_track+0x18/0x40 [ 16.211423] kasan_save_alloc_info+0x3b/0x50 [ 16.211826] __kasan_kmalloc+0xb7/0xc0 [ 16.212167] __kmalloc_cache_noprof+0x189/0x420 [ 16.212607] kasan_atomics+0x95/0x310 [ 16.212941] kunit_try_run_case+0x1a5/0x480 [ 16.213325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.213814] kthread+0x337/0x6f0 [ 16.214110] ret_from_fork+0x41/0x80 [ 16.214476] ret_from_fork_asm+0x1a/0x30 [ 16.214835] [ 16.214998] The buggy address belongs to the object at ffff888102717100 [ 16.214998] which belongs to the cache kmalloc-64 of size 64 [ 16.216075] The buggy address is located 0 bytes to the right of [ 16.216075] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.216562] [ 16.216728] The buggy address belongs to the physical page: [ 16.217217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.217927] flags: 0x200000000000000(node=0|zone=2) [ 16.218117] page_type: f5(slab) [ 16.218242] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.218614] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.219272] page dumped because: kasan: bad access detected [ 16.219778] [ 16.219938] Memory state around the buggy address: [ 16.220368] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.220819] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.221037] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.221252] ^ [ 16.221636] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.222251] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.222899] ================================================================== [ 16.326977] ================================================================== [ 16.327344] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.327714] Read of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.328076] [ 16.328187] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.328230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.328244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.328264] Call Trace: [ 16.328278] <TASK> [ 16.328293] dump_stack_lvl+0x73/0xb0 [ 16.328333] print_report+0xd1/0x650 [ 16.328355] ? __virt_addr_valid+0x1db/0x2d0 [ 16.328377] ? kasan_atomics_helper+0x5115/0x5450 [ 16.328399] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.328422] ? kasan_atomics_helper+0x5115/0x5450 [ 16.328468] kasan_report+0x141/0x180 [ 16.328492] ? kasan_atomics_helper+0x5115/0x5450 [ 16.328520] __asan_report_load8_noabort+0x18/0x20 [ 16.328542] kasan_atomics_helper+0x5115/0x5450 [ 16.328566] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.328589] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.328611] ? kasan_atomics+0x152/0x310 [ 16.328636] kasan_atomics+0x1dc/0x310 [ 16.328656] ? __pfx_kasan_atomics+0x10/0x10 [ 16.328676] ? trace_hardirqs_on+0x37/0xe0 [ 16.328699] ? __pfx_read_tsc+0x10/0x10 [ 16.328718] ? ktime_get_ts64+0x86/0x230 [ 16.328743] kunit_try_run_case+0x1a5/0x480 [ 16.328767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.328793] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.328829] ? __kthread_parkme+0x82/0x180 [ 16.328851] ? preempt_count_sub+0x50/0x80 [ 16.328877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.328913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.328937] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.328960] kthread+0x337/0x6f0 [ 16.328978] ? trace_preempt_on+0x20/0xc0 [ 16.329001] ? __pfx_kthread+0x10/0x10 [ 16.329020] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.329042] ? calculate_sigpending+0x7b/0xa0 [ 16.329065] ? __pfx_kthread+0x10/0x10 [ 16.329085] ret_from_fork+0x41/0x80 [ 16.329106] ? __pfx_kthread+0x10/0x10 [ 16.329125] ret_from_fork_asm+0x1a/0x30 [ 16.329157] </TASK> [ 16.329169] [ 16.336587] Allocated by task 284: [ 16.336766] kasan_save_stack+0x45/0x70 [ 16.336974] kasan_save_track+0x18/0x40 [ 16.337191] kasan_save_alloc_info+0x3b/0x50 [ 16.337401] __kasan_kmalloc+0xb7/0xc0 [ 16.337609] __kmalloc_cache_noprof+0x189/0x420 [ 16.337830] kasan_atomics+0x95/0x310 [ 16.338008] kunit_try_run_case+0x1a5/0x480 [ 16.338157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.338382] kthread+0x337/0x6f0 [ 16.338588] ret_from_fork+0x41/0x80 [ 16.338785] ret_from_fork_asm+0x1a/0x30 [ 16.338983] [ 16.339074] The buggy address belongs to the object at ffff888102717100 [ 16.339074] which belongs to the cache kmalloc-64 of size 64 [ 16.339576] The buggy address is located 0 bytes to the right of [ 16.339576] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.340102] [ 16.340210] The buggy address belongs to the physical page: [ 16.340408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.340667] flags: 0x200000000000000(node=0|zone=2) [ 16.340829] page_type: f5(slab) [ 16.340949] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.341335] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.341756] page dumped because: kasan: bad access detected [ 16.342026] [ 16.342115] Memory state around the buggy address: [ 16.342272] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.342525] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.342790] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.343126] ^ [ 16.343372] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.343746] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.344063] ================================================================== [ 15.285561] ================================================================== [ 15.286363] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.286994] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.287371] [ 15.287504] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.287554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.287567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.287590] Call Trace: [ 15.287610] <TASK> [ 15.287628] dump_stack_lvl+0x73/0xb0 [ 15.287656] print_report+0xd1/0x650 [ 15.287679] ? __virt_addr_valid+0x1db/0x2d0 [ 15.287701] ? kasan_atomics_helper+0x992/0x5450 [ 15.287723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.287747] ? kasan_atomics_helper+0x992/0x5450 [ 15.287770] kasan_report+0x141/0x180 [ 15.287793] ? kasan_atomics_helper+0x992/0x5450 [ 15.287820] kasan_check_range+0x10c/0x1c0 [ 15.287841] __kasan_check_write+0x18/0x20 [ 15.287862] kasan_atomics_helper+0x992/0x5450 [ 15.287886] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.287908] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.287931] ? kasan_atomics+0x152/0x310 [ 15.287955] kasan_atomics+0x1dc/0x310 [ 15.287975] ? __pfx_kasan_atomics+0x10/0x10 [ 15.287995] ? trace_hardirqs_on+0x37/0xe0 [ 15.288019] ? __pfx_read_tsc+0x10/0x10 [ 15.288039] ? ktime_get_ts64+0x86/0x230 [ 15.288065] kunit_try_run_case+0x1a5/0x480 [ 15.288090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.288115] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.288140] ? __kthread_parkme+0x82/0x180 [ 15.288162] ? preempt_count_sub+0x50/0x80 [ 15.288188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.288212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.288235] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.288260] kthread+0x337/0x6f0 [ 15.288277] ? trace_preempt_on+0x20/0xc0 [ 15.288331] ? __pfx_kthread+0x10/0x10 [ 15.288353] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.288376] ? calculate_sigpending+0x7b/0xa0 [ 15.288398] ? __pfx_kthread+0x10/0x10 [ 15.288418] ret_from_fork+0x41/0x80 [ 15.288460] ? __pfx_kthread+0x10/0x10 [ 15.288479] ret_from_fork_asm+0x1a/0x30 [ 15.288512] </TASK> [ 15.288525] [ 15.297552] Allocated by task 284: [ 15.297739] kasan_save_stack+0x45/0x70 [ 15.297943] kasan_save_track+0x18/0x40 [ 15.298136] kasan_save_alloc_info+0x3b/0x50 [ 15.298320] __kasan_kmalloc+0xb7/0xc0 [ 15.298482] __kmalloc_cache_noprof+0x189/0x420 [ 15.298711] kasan_atomics+0x95/0x310 [ 15.298920] kunit_try_run_case+0x1a5/0x480 [ 15.299154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.299410] kthread+0x337/0x6f0 [ 15.299603] ret_from_fork+0x41/0x80 [ 15.299783] ret_from_fork_asm+0x1a/0x30 [ 15.299961] [ 15.300077] The buggy address belongs to the object at ffff888102717100 [ 15.300077] which belongs to the cache kmalloc-64 of size 64 [ 15.300585] The buggy address is located 0 bytes to the right of [ 15.300585] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.301127] [ 15.301215] The buggy address belongs to the physical page: [ 15.301484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.301849] flags: 0x200000000000000(node=0|zone=2) [ 15.302082] page_type: f5(slab) [ 15.302276] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.302643] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.302967] page dumped because: kasan: bad access detected [ 15.303205] [ 15.303291] Memory state around the buggy address: [ 15.303564] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.303889] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.304145] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.304522] ^ [ 15.304756] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.305066] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.305467] ================================================================== [ 16.291769] ================================================================== [ 16.292176] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.292529] Read of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.292871] [ 16.292988] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.293032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.293045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.293067] Call Trace: [ 16.293085] <TASK> [ 16.293101] dump_stack_lvl+0x73/0xb0 [ 16.293139] print_report+0xd1/0x650 [ 16.293163] ? __virt_addr_valid+0x1db/0x2d0 [ 16.293184] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.293217] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.293240] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.293263] kasan_report+0x141/0x180 [ 16.293294] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.293336] __asan_report_load8_noabort+0x18/0x20 [ 16.293359] kasan_atomics_helper+0x4fa5/0x5450 [ 16.293383] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.293406] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.293446] ? kasan_atomics+0x152/0x310 [ 16.293470] kasan_atomics+0x1dc/0x310 [ 16.293490] ? __pfx_kasan_atomics+0x10/0x10 [ 16.293510] ? trace_hardirqs_on+0x37/0xe0 [ 16.293534] ? __pfx_read_tsc+0x10/0x10 [ 16.293554] ? ktime_get_ts64+0x86/0x230 [ 16.293580] kunit_try_run_case+0x1a5/0x480 [ 16.293604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.293629] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.293654] ? __kthread_parkme+0x82/0x180 [ 16.293676] ? preempt_count_sub+0x50/0x80 [ 16.293702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.293726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.293749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.293773] kthread+0x337/0x6f0 [ 16.293791] ? trace_preempt_on+0x20/0xc0 [ 16.293815] ? __pfx_kthread+0x10/0x10 [ 16.293834] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.293856] ? calculate_sigpending+0x7b/0xa0 [ 16.293887] ? __pfx_kthread+0x10/0x10 [ 16.293907] ret_from_fork+0x41/0x80 [ 16.293928] ? __pfx_kthread+0x10/0x10 [ 16.293958] ret_from_fork_asm+0x1a/0x30 [ 16.293990] </TASK> [ 16.294002] [ 16.301407] Allocated by task 284: [ 16.301616] kasan_save_stack+0x45/0x70 [ 16.301795] kasan_save_track+0x18/0x40 [ 16.301935] kasan_save_alloc_info+0x3b/0x50 [ 16.302083] __kasan_kmalloc+0xb7/0xc0 [ 16.302245] __kmalloc_cache_noprof+0x189/0x420 [ 16.302508] kasan_atomics+0x95/0x310 [ 16.302697] kunit_try_run_case+0x1a5/0x480 [ 16.302905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.303159] kthread+0x337/0x6f0 [ 16.303329] ret_from_fork+0x41/0x80 [ 16.303489] ret_from_fork_asm+0x1a/0x30 [ 16.303696] [ 16.303793] The buggy address belongs to the object at ffff888102717100 [ 16.303793] which belongs to the cache kmalloc-64 of size 64 [ 16.304227] The buggy address is located 0 bytes to the right of [ 16.304227] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.304628] [ 16.304728] The buggy address belongs to the physical page: [ 16.305009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.305369] flags: 0x200000000000000(node=0|zone=2) [ 16.305628] page_type: f5(slab) [ 16.305797] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.306079] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.306317] page dumped because: kasan: bad access detected [ 16.306594] [ 16.306721] Memory state around the buggy address: [ 16.306977] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.307299] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.307599] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.307936] ^ [ 16.308142] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.308506] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.308822] ================================================================== [ 15.669070] ================================================================== [ 15.669466] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.669835] Read of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.670385] [ 15.670477] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.670525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.670538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.670560] Call Trace: [ 15.670574] <TASK> [ 15.670590] dump_stack_lvl+0x73/0xb0 [ 15.670617] print_report+0xd1/0x650 [ 15.670640] ? __virt_addr_valid+0x1db/0x2d0 [ 15.670661] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.670690] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.670713] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.670737] kasan_report+0x141/0x180 [ 15.670760] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.670787] __asan_report_load4_noabort+0x18/0x20 [ 15.670809] kasan_atomics_helper+0x49ce/0x5450 [ 15.670832] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.670856] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.670878] ? kasan_atomics+0x152/0x310 [ 15.670902] kasan_atomics+0x1dc/0x310 [ 15.670922] ? __pfx_kasan_atomics+0x10/0x10 [ 15.670941] ? trace_hardirqs_on+0x37/0xe0 [ 15.670965] ? __pfx_read_tsc+0x10/0x10 [ 15.670984] ? ktime_get_ts64+0x86/0x230 [ 15.671010] kunit_try_run_case+0x1a5/0x480 [ 15.671034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.671058] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.671083] ? __kthread_parkme+0x82/0x180 [ 15.671105] ? preempt_count_sub+0x50/0x80 [ 15.671130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.671155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.671178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.671201] kthread+0x337/0x6f0 [ 15.671219] ? trace_preempt_on+0x20/0xc0 [ 15.671242] ? __pfx_kthread+0x10/0x10 [ 15.671261] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.671282] ? calculate_sigpending+0x7b/0xa0 [ 15.671314] ? __pfx_kthread+0x10/0x10 [ 15.671335] ret_from_fork+0x41/0x80 [ 15.671356] ? __pfx_kthread+0x10/0x10 [ 15.671376] ret_from_fork_asm+0x1a/0x30 [ 15.671407] </TASK> [ 15.671420] [ 15.679431] Allocated by task 284: [ 15.679630] kasan_save_stack+0x45/0x70 [ 15.679872] kasan_save_track+0x18/0x40 [ 15.680144] kasan_save_alloc_info+0x3b/0x50 [ 15.680386] __kasan_kmalloc+0xb7/0xc0 [ 15.680589] __kmalloc_cache_noprof+0x189/0x420 [ 15.680741] kasan_atomics+0x95/0x310 [ 15.680870] kunit_try_run_case+0x1a5/0x480 [ 15.681030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.681298] kthread+0x337/0x6f0 [ 15.681493] ret_from_fork+0x41/0x80 [ 15.681880] ret_from_fork_asm+0x1a/0x30 [ 15.682098] [ 15.682230] The buggy address belongs to the object at ffff888102717100 [ 15.682230] which belongs to the cache kmalloc-64 of size 64 [ 15.682750] The buggy address is located 0 bytes to the right of [ 15.682750] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.683373] [ 15.683452] The buggy address belongs to the physical page: [ 15.683816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.684204] flags: 0x200000000000000(node=0|zone=2) [ 15.684431] page_type: f5(slab) [ 15.684618] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.684965] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.685288] page dumped because: kasan: bad access detected [ 15.685597] [ 15.685682] Memory state around the buggy address: [ 15.685843] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.686181] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.686491] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.686863] ^ [ 15.687021] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.687239] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.687573] ================================================================== [ 15.014079] ================================================================== [ 15.014336] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 15.014699] Read of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.015249] [ 15.015369] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.015413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.015425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.015446] Call Trace: [ 15.015460] <TASK> [ 15.015474] dump_stack_lvl+0x73/0xb0 [ 15.015501] print_report+0xd1/0x650 [ 15.015522] ? __virt_addr_valid+0x1db/0x2d0 [ 15.015543] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.015564] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.015587] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.015608] kasan_report+0x141/0x180 [ 15.015631] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.015658] __asan_report_load4_noabort+0x18/0x20 [ 15.015678] kasan_atomics_helper+0x4b88/0x5450 [ 15.015701] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.015724] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.015745] ? kasan_atomics+0x152/0x310 [ 15.015769] kasan_atomics+0x1dc/0x310 [ 15.015787] ? __pfx_kasan_atomics+0x10/0x10 [ 15.015806] ? trace_hardirqs_on+0x37/0xe0 [ 15.015829] ? __pfx_read_tsc+0x10/0x10 [ 15.015848] ? ktime_get_ts64+0x86/0x230 [ 15.015873] kunit_try_run_case+0x1a5/0x480 [ 15.015898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.015922] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.015947] ? __kthread_parkme+0x82/0x180 [ 15.015969] ? preempt_count_sub+0x50/0x80 [ 15.015993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.016016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.016039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.016061] kthread+0x337/0x6f0 [ 15.016078] ? trace_preempt_on+0x20/0xc0 [ 15.016101] ? __pfx_kthread+0x10/0x10 [ 15.016118] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.016139] ? calculate_sigpending+0x7b/0xa0 [ 15.016161] ? __pfx_kthread+0x10/0x10 [ 15.016180] ret_from_fork+0x41/0x80 [ 15.016200] ? __pfx_kthread+0x10/0x10 [ 15.016218] ret_from_fork_asm+0x1a/0x30 [ 15.016249] </TASK> [ 15.016260] [ 15.024561] Allocated by task 284: [ 15.024717] kasan_save_stack+0x45/0x70 [ 15.024885] kasan_save_track+0x18/0x40 [ 15.025023] kasan_save_alloc_info+0x3b/0x50 [ 15.025171] __kasan_kmalloc+0xb7/0xc0 [ 15.025320] __kmalloc_cache_noprof+0x189/0x420 [ 15.025474] kasan_atomics+0x95/0x310 [ 15.025744] kunit_try_run_case+0x1a5/0x480 [ 15.025966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.026227] kthread+0x337/0x6f0 [ 15.026428] ret_from_fork+0x41/0x80 [ 15.026844] ret_from_fork_asm+0x1a/0x30 [ 15.027032] [ 15.027107] The buggy address belongs to the object at ffff888102717100 [ 15.027107] which belongs to the cache kmalloc-64 of size 64 [ 15.027479] The buggy address is located 0 bytes to the right of [ 15.027479] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.028281] [ 15.028393] The buggy address belongs to the physical page: [ 15.029102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.029489] flags: 0x200000000000000(node=0|zone=2) [ 15.029691] page_type: f5(slab) [ 15.029846] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.030233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.030480] page dumped because: kasan: bad access detected [ 15.030656] [ 15.030736] Memory state around the buggy address: [ 15.030988] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.031338] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.031800] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.032281] ^ [ 15.032659] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.032990] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.033486] ================================================================== [ 15.105131] ================================================================== [ 15.105712] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.106142] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.106525] [ 15.106615] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.106661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.106681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.106703] Call Trace: [ 15.106716] <TASK> [ 15.106731] dump_stack_lvl+0x73/0xb0 [ 15.106784] print_report+0xd1/0x650 [ 15.106807] ? __virt_addr_valid+0x1db/0x2d0 [ 15.106846] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.106869] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.106905] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.106940] kasan_report+0x141/0x180 [ 15.106964] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.106992] kasan_check_range+0x10c/0x1c0 [ 15.107013] __kasan_check_write+0x18/0x20 [ 15.107037] kasan_atomics_helper+0x4a0/0x5450 [ 15.107061] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.107084] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.107107] ? kasan_atomics+0x152/0x310 [ 15.107131] kasan_atomics+0x1dc/0x310 [ 15.107152] ? __pfx_kasan_atomics+0x10/0x10 [ 15.107172] ? trace_hardirqs_on+0x37/0xe0 [ 15.107196] ? __pfx_read_tsc+0x10/0x10 [ 15.107215] ? ktime_get_ts64+0x86/0x230 [ 15.107242] kunit_try_run_case+0x1a5/0x480 [ 15.107340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.107385] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.107424] ? __kthread_parkme+0x82/0x180 [ 15.107460] ? preempt_count_sub+0x50/0x80 [ 15.107486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.107511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.107548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.107586] kthread+0x337/0x6f0 [ 15.107603] ? trace_preempt_on+0x20/0xc0 [ 15.107627] ? __pfx_kthread+0x10/0x10 [ 15.107647] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.107668] ? calculate_sigpending+0x7b/0xa0 [ 15.107692] ? __pfx_kthread+0x10/0x10 [ 15.107720] ret_from_fork+0x41/0x80 [ 15.107741] ? __pfx_kthread+0x10/0x10 [ 15.107760] ret_from_fork_asm+0x1a/0x30 [ 15.107793] </TASK> [ 15.107805] [ 15.116928] Allocated by task 284: [ 15.117245] kasan_save_stack+0x45/0x70 [ 15.117535] kasan_save_track+0x18/0x40 [ 15.117694] kasan_save_alloc_info+0x3b/0x50 [ 15.117845] __kasan_kmalloc+0xb7/0xc0 [ 15.118288] __kmalloc_cache_noprof+0x189/0x420 [ 15.118597] kasan_atomics+0x95/0x310 [ 15.118800] kunit_try_run_case+0x1a5/0x480 [ 15.119056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.119336] kthread+0x337/0x6f0 [ 15.119460] ret_from_fork+0x41/0x80 [ 15.119644] ret_from_fork_asm+0x1a/0x30 [ 15.119841] [ 15.119976] The buggy address belongs to the object at ffff888102717100 [ 15.119976] which belongs to the cache kmalloc-64 of size 64 [ 15.120640] The buggy address is located 0 bytes to the right of [ 15.120640] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.121259] [ 15.121395] The buggy address belongs to the physical page: [ 15.121681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.122058] flags: 0x200000000000000(node=0|zone=2) [ 15.122409] page_type: f5(slab) [ 15.122547] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.122790] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.123474] page dumped because: kasan: bad access detected [ 15.123748] [ 15.123870] Memory state around the buggy address: [ 15.124180] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.124538] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.124842] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.125142] ^ [ 15.125573] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.126035] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.126373] ================================================================== [ 15.434451] ================================================================== [ 15.434814] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.435183] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.435552] [ 15.435668] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.435714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.435728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.435749] Call Trace: [ 15.435765] <TASK> [ 15.435781] dump_stack_lvl+0x73/0xb0 [ 15.435810] print_report+0xd1/0x650 [ 15.435834] ? __virt_addr_valid+0x1db/0x2d0 [ 15.435856] ? kasan_atomics_helper+0xe78/0x5450 [ 15.435879] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.435903] ? kasan_atomics_helper+0xe78/0x5450 [ 15.435926] kasan_report+0x141/0x180 [ 15.435950] ? kasan_atomics_helper+0xe78/0x5450 [ 15.435979] kasan_check_range+0x10c/0x1c0 [ 15.436000] __kasan_check_write+0x18/0x20 [ 15.436021] kasan_atomics_helper+0xe78/0x5450 [ 15.436045] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.436069] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.436091] ? kasan_atomics+0x152/0x310 [ 15.436116] kasan_atomics+0x1dc/0x310 [ 15.436137] ? __pfx_kasan_atomics+0x10/0x10 [ 15.436157] ? trace_hardirqs_on+0x37/0xe0 [ 15.436181] ? __pfx_read_tsc+0x10/0x10 [ 15.436201] ? ktime_get_ts64+0x86/0x230 [ 15.436228] kunit_try_run_case+0x1a5/0x480 [ 15.436253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.436279] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.436315] ? __kthread_parkme+0x82/0x180 [ 15.436338] ? preempt_count_sub+0x50/0x80 [ 15.436364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.436389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.436412] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.436456] kthread+0x337/0x6f0 [ 15.436474] ? trace_preempt_on+0x20/0xc0 [ 15.436498] ? __pfx_kthread+0x10/0x10 [ 15.436518] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.436540] ? calculate_sigpending+0x7b/0xa0 [ 15.436563] ? __pfx_kthread+0x10/0x10 [ 15.436583] ret_from_fork+0x41/0x80 [ 15.436605] ? __pfx_kthread+0x10/0x10 [ 15.436625] ret_from_fork_asm+0x1a/0x30 [ 15.436657] </TASK> [ 15.436669] [ 15.445354] Allocated by task 284: [ 15.445797] kasan_save_stack+0x45/0x70 [ 15.446074] kasan_save_track+0x18/0x40 [ 15.446356] kasan_save_alloc_info+0x3b/0x50 [ 15.446630] __kasan_kmalloc+0xb7/0xc0 [ 15.446828] __kmalloc_cache_noprof+0x189/0x420 [ 15.447031] kasan_atomics+0x95/0x310 [ 15.447210] kunit_try_run_case+0x1a5/0x480 [ 15.447408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.447904] kthread+0x337/0x6f0 [ 15.448080] ret_from_fork+0x41/0x80 [ 15.448417] ret_from_fork_asm+0x1a/0x30 [ 15.448727] [ 15.448889] The buggy address belongs to the object at ffff888102717100 [ 15.448889] which belongs to the cache kmalloc-64 of size 64 [ 15.449461] The buggy address is located 0 bytes to the right of [ 15.449461] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.450128] [ 15.450227] The buggy address belongs to the physical page: [ 15.450661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.451112] flags: 0x200000000000000(node=0|zone=2) [ 15.451359] page_type: f5(slab) [ 15.451661] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.452059] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.452497] page dumped because: kasan: bad access detected [ 15.452703] [ 15.452808] Memory state around the buggy address: [ 15.453180] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.453601] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.453995] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.454260] ^ [ 15.454635] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.455014] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.455337] ================================================================== [ 15.188044] ================================================================== [ 15.188384] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.188882] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.189224] [ 15.189345] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.189447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.189462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.189485] Call Trace: [ 15.189501] <TASK> [ 15.189516] dump_stack_lvl+0x73/0xb0 [ 15.189545] print_report+0xd1/0x650 [ 15.189568] ? __virt_addr_valid+0x1db/0x2d0 [ 15.189591] ? kasan_atomics_helper+0x697/0x5450 [ 15.189613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.189637] ? kasan_atomics_helper+0x697/0x5450 [ 15.189661] kasan_report+0x141/0x180 [ 15.189685] ? kasan_atomics_helper+0x697/0x5450 [ 15.189713] kasan_check_range+0x10c/0x1c0 [ 15.189735] __kasan_check_write+0x18/0x20 [ 15.189756] kasan_atomics_helper+0x697/0x5450 [ 15.189779] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.189802] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.189825] ? kasan_atomics+0x152/0x310 [ 15.189849] kasan_atomics+0x1dc/0x310 [ 15.189869] ? __pfx_kasan_atomics+0x10/0x10 [ 15.189889] ? trace_hardirqs_on+0x37/0xe0 [ 15.189913] ? __pfx_read_tsc+0x10/0x10 [ 15.189932] ? ktime_get_ts64+0x86/0x230 [ 15.189959] kunit_try_run_case+0x1a5/0x480 [ 15.189984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.190009] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.190033] ? __kthread_parkme+0x82/0x180 [ 15.190055] ? preempt_count_sub+0x50/0x80 [ 15.190082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.190105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.190129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.190153] kthread+0x337/0x6f0 [ 15.190171] ? trace_preempt_on+0x20/0xc0 [ 15.190194] ? __pfx_kthread+0x10/0x10 [ 15.190213] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.190234] ? calculate_sigpending+0x7b/0xa0 [ 15.190258] ? __pfx_kthread+0x10/0x10 [ 15.190277] ret_from_fork+0x41/0x80 [ 15.190311] ? __pfx_kthread+0x10/0x10 [ 15.190330] ret_from_fork_asm+0x1a/0x30 [ 15.190363] </TASK> [ 15.190374] [ 15.198143] Allocated by task 284: [ 15.198320] kasan_save_stack+0x45/0x70 [ 15.198552] kasan_save_track+0x18/0x40 [ 15.198704] kasan_save_alloc_info+0x3b/0x50 [ 15.198924] __kasan_kmalloc+0xb7/0xc0 [ 15.199103] __kmalloc_cache_noprof+0x189/0x420 [ 15.199262] kasan_atomics+0x95/0x310 [ 15.199475] kunit_try_run_case+0x1a5/0x480 [ 15.199691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.199921] kthread+0x337/0x6f0 [ 15.200075] ret_from_fork+0x41/0x80 [ 15.200265] ret_from_fork_asm+0x1a/0x30 [ 15.200508] [ 15.200607] The buggy address belongs to the object at ffff888102717100 [ 15.200607] which belongs to the cache kmalloc-64 of size 64 [ 15.201073] The buggy address is located 0 bytes to the right of [ 15.201073] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.201590] [ 15.201697] The buggy address belongs to the physical page: [ 15.201954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.202265] flags: 0x200000000000000(node=0|zone=2) [ 15.202534] page_type: f5(slab) [ 15.202661] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.202945] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.203279] page dumped because: kasan: bad access detected [ 15.203504] [ 15.203576] Memory state around the buggy address: [ 15.203819] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.204111] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.204379] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.204595] ^ [ 15.204751] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.204966] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.205442] ================================================================== [ 16.128405] ================================================================== [ 16.129504] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.130155] Read of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.130510] [ 16.130692] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.130742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.130756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.130779] Call Trace: [ 16.130799] <TASK> [ 16.130818] dump_stack_lvl+0x73/0xb0 [ 16.130845] print_report+0xd1/0x650 [ 16.130869] ? __virt_addr_valid+0x1db/0x2d0 [ 16.130891] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.130913] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.130937] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.130960] kasan_report+0x141/0x180 [ 16.130984] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.131014] __asan_report_load8_noabort+0x18/0x20 [ 16.131036] kasan_atomics_helper+0x4f71/0x5450 [ 16.131060] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.131084] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.131106] ? kasan_atomics+0x152/0x310 [ 16.131131] kasan_atomics+0x1dc/0x310 [ 16.131151] ? __pfx_kasan_atomics+0x10/0x10 [ 16.131171] ? trace_hardirqs_on+0x37/0xe0 [ 16.131195] ? __pfx_read_tsc+0x10/0x10 [ 16.131215] ? ktime_get_ts64+0x86/0x230 [ 16.131241] kunit_try_run_case+0x1a5/0x480 [ 16.131267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.131292] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.131329] ? __kthread_parkme+0x82/0x180 [ 16.131352] ? preempt_count_sub+0x50/0x80 [ 16.131378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.131402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.131446] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.131471] kthread+0x337/0x6f0 [ 16.131489] ? trace_preempt_on+0x20/0xc0 [ 16.131513] ? __pfx_kthread+0x10/0x10 [ 16.131533] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.131555] ? calculate_sigpending+0x7b/0xa0 [ 16.131578] ? __pfx_kthread+0x10/0x10 [ 16.131597] ret_from_fork+0x41/0x80 [ 16.131619] ? __pfx_kthread+0x10/0x10 [ 16.131638] ret_from_fork_asm+0x1a/0x30 [ 16.131670] </TASK> [ 16.131683] [ 16.145006] Allocated by task 284: [ 16.145574] kasan_save_stack+0x45/0x70 [ 16.146100] kasan_save_track+0x18/0x40 [ 16.146660] kasan_save_alloc_info+0x3b/0x50 [ 16.147185] __kasan_kmalloc+0xb7/0xc0 [ 16.147422] __kmalloc_cache_noprof+0x189/0x420 [ 16.147970] kasan_atomics+0x95/0x310 [ 16.148112] kunit_try_run_case+0x1a5/0x480 [ 16.148263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.148479] kthread+0x337/0x6f0 [ 16.148870] ret_from_fork+0x41/0x80 [ 16.149256] ret_from_fork_asm+0x1a/0x30 [ 16.149721] [ 16.149923] The buggy address belongs to the object at ffff888102717100 [ 16.149923] which belongs to the cache kmalloc-64 of size 64 [ 16.150923] The buggy address is located 0 bytes to the right of [ 16.150923] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.151321] [ 16.151398] The buggy address belongs to the physical page: [ 16.151890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.152675] flags: 0x200000000000000(node=0|zone=2) [ 16.153244] page_type: f5(slab) [ 16.153625] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.154313] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.154743] page dumped because: kasan: bad access detected [ 16.155249] [ 16.155455] Memory state around the buggy address: [ 16.155905] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.156142] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.156454] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.157117] ^ [ 16.157671] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.158391] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.158953] ================================================================== [ 15.707364] ================================================================== [ 15.707942] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.708192] Read of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.708512] [ 15.708640] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.708699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.708712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.708747] Call Trace: [ 15.708768] <TASK> [ 15.708788] dump_stack_lvl+0x73/0xb0 [ 15.708828] print_report+0xd1/0x650 [ 15.708851] ? __virt_addr_valid+0x1db/0x2d0 [ 15.708874] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.708908] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.708932] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.708966] kasan_report+0x141/0x180 [ 15.708989] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.709028] __asan_report_load8_noabort+0x18/0x20 [ 15.709061] kasan_atomics_helper+0x4eae/0x5450 [ 15.709085] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.709108] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.709140] ? kasan_atomics+0x152/0x310 [ 15.709164] kasan_atomics+0x1dc/0x310 [ 15.709183] ? __pfx_kasan_atomics+0x10/0x10 [ 15.709214] ? trace_hardirqs_on+0x37/0xe0 [ 15.709239] ? __pfx_read_tsc+0x10/0x10 [ 15.709259] ? ktime_get_ts64+0x86/0x230 [ 15.709286] kunit_try_run_case+0x1a5/0x480 [ 15.709329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.709354] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.709390] ? __kthread_parkme+0x82/0x180 [ 15.709413] ? preempt_count_sub+0x50/0x80 [ 15.709449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.709473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.709497] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.709520] kthread+0x337/0x6f0 [ 15.709537] ? trace_preempt_on+0x20/0xc0 [ 15.709561] ? __pfx_kthread+0x10/0x10 [ 15.709581] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.709604] ? calculate_sigpending+0x7b/0xa0 [ 15.709627] ? __pfx_kthread+0x10/0x10 [ 15.709647] ret_from_fork+0x41/0x80 [ 15.709669] ? __pfx_kthread+0x10/0x10 [ 15.709688] ret_from_fork_asm+0x1a/0x30 [ 15.709719] </TASK> [ 15.709732] [ 15.717457] Allocated by task 284: [ 15.717589] kasan_save_stack+0x45/0x70 [ 15.717780] kasan_save_track+0x18/0x40 [ 15.717968] kasan_save_alloc_info+0x3b/0x50 [ 15.718182] __kasan_kmalloc+0xb7/0xc0 [ 15.718397] __kmalloc_cache_noprof+0x189/0x420 [ 15.718683] kasan_atomics+0x95/0x310 [ 15.718817] kunit_try_run_case+0x1a5/0x480 [ 15.718968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.719144] kthread+0x337/0x6f0 [ 15.719264] ret_from_fork+0x41/0x80 [ 15.719407] ret_from_fork_asm+0x1a/0x30 [ 15.719548] [ 15.719621] The buggy address belongs to the object at ffff888102717100 [ 15.719621] which belongs to the cache kmalloc-64 of size 64 [ 15.720228] The buggy address is located 0 bytes to the right of [ 15.720228] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.720887] [ 15.720996] The buggy address belongs to the physical page: [ 15.721251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.721855] flags: 0x200000000000000(node=0|zone=2) [ 15.722024] page_type: f5(slab) [ 15.722148] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.722390] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.722891] page dumped because: kasan: bad access detected [ 15.723151] [ 15.723266] Memory state around the buggy address: [ 15.724147] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.725621] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.725958] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.726252] ^ [ 15.726478] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.726775] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.727110] ================================================================== [ 16.246203] ================================================================== [ 16.246781] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.247626] Read of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.248423] [ 16.248622] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.248670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.248684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.248706] Call Trace: [ 16.248721] <TASK> [ 16.248736] dump_stack_lvl+0x73/0xb0 [ 16.248763] print_report+0xd1/0x650 [ 16.248799] ? __virt_addr_valid+0x1db/0x2d0 [ 16.248822] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.248844] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.248879] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.248902] kasan_report+0x141/0x180 [ 16.248926] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.248954] __asan_report_load8_noabort+0x18/0x20 [ 16.248976] kasan_atomics_helper+0x4fb2/0x5450 [ 16.249001] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.249024] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.249046] ? kasan_atomics+0x152/0x310 [ 16.249070] kasan_atomics+0x1dc/0x310 [ 16.249090] ? __pfx_kasan_atomics+0x10/0x10 [ 16.249110] ? trace_hardirqs_on+0x37/0xe0 [ 16.249133] ? __pfx_read_tsc+0x10/0x10 [ 16.249153] ? ktime_get_ts64+0x86/0x230 [ 16.249178] kunit_try_run_case+0x1a5/0x480 [ 16.249202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.249228] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.249253] ? __kthread_parkme+0x82/0x180 [ 16.249275] ? preempt_count_sub+0x50/0x80 [ 16.249301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.249335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.249359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.249383] kthread+0x337/0x6f0 [ 16.249400] ? trace_preempt_on+0x20/0xc0 [ 16.249424] ? __pfx_kthread+0x10/0x10 [ 16.249463] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.249484] ? calculate_sigpending+0x7b/0xa0 [ 16.249507] ? __pfx_kthread+0x10/0x10 [ 16.249526] ret_from_fork+0x41/0x80 [ 16.249547] ? __pfx_kthread+0x10/0x10 [ 16.249567] ret_from_fork_asm+0x1a/0x30 [ 16.249599] </TASK> [ 16.249612] [ 16.261198] Allocated by task 284: [ 16.261568] kasan_save_stack+0x45/0x70 [ 16.261743] kasan_save_track+0x18/0x40 [ 16.262125] kasan_save_alloc_info+0x3b/0x50 [ 16.262345] __kasan_kmalloc+0xb7/0xc0 [ 16.262749] __kmalloc_cache_noprof+0x189/0x420 [ 16.263024] kasan_atomics+0x95/0x310 [ 16.263158] kunit_try_run_case+0x1a5/0x480 [ 16.263323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.263839] kthread+0x337/0x6f0 [ 16.264157] ret_from_fork+0x41/0x80 [ 16.264602] ret_from_fork_asm+0x1a/0x30 [ 16.264994] [ 16.265154] The buggy address belongs to the object at ffff888102717100 [ 16.265154] which belongs to the cache kmalloc-64 of size 64 [ 16.265740] The buggy address is located 0 bytes to the right of [ 16.265740] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.266107] [ 16.266180] The buggy address belongs to the physical page: [ 16.266468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.267163] flags: 0x200000000000000(node=0|zone=2) [ 16.267649] page_type: f5(slab) [ 16.267970] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.268672] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.269351] page dumped because: kasan: bad access detected [ 16.269876] [ 16.270056] Memory state around the buggy address: [ 16.270532] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.270967] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.271185] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.271652] ^ [ 16.272122] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.272817] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.273261] ================================================================== [ 15.061489] ================================================================== [ 15.061789] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 15.062236] Read of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.062584] [ 15.062682] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.062730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.062744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.062766] Call Trace: [ 15.062779] <TASK> [ 15.062794] dump_stack_lvl+0x73/0xb0 [ 15.062823] print_report+0xd1/0x650 [ 15.062847] ? __virt_addr_valid+0x1db/0x2d0 [ 15.062869] ? kasan_atomics_helper+0x3df/0x5450 [ 15.062892] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.062915] ? kasan_atomics_helper+0x3df/0x5450 [ 15.062939] kasan_report+0x141/0x180 [ 15.062962] ? kasan_atomics_helper+0x3df/0x5450 [ 15.063042] kasan_check_range+0x10c/0x1c0 [ 15.063068] __kasan_check_read+0x15/0x20 [ 15.063089] kasan_atomics_helper+0x3df/0x5450 [ 15.063114] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.063138] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.063162] ? kasan_atomics+0x152/0x310 [ 15.063186] kasan_atomics+0x1dc/0x310 [ 15.063208] ? __pfx_kasan_atomics+0x10/0x10 [ 15.063227] ? trace_hardirqs_on+0x37/0xe0 [ 15.063251] ? __pfx_read_tsc+0x10/0x10 [ 15.063272] ? ktime_get_ts64+0x86/0x230 [ 15.063298] kunit_try_run_case+0x1a5/0x480 [ 15.063337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.063362] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.063387] ? __kthread_parkme+0x82/0x180 [ 15.063410] ? preempt_count_sub+0x50/0x80 [ 15.063447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.063471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.063495] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.063518] kthread+0x337/0x6f0 [ 15.063537] ? trace_preempt_on+0x20/0xc0 [ 15.063560] ? __pfx_kthread+0x10/0x10 [ 15.063581] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.063603] ? calculate_sigpending+0x7b/0xa0 [ 15.063626] ? __pfx_kthread+0x10/0x10 [ 15.063646] ret_from_fork+0x41/0x80 [ 15.063668] ? __pfx_kthread+0x10/0x10 [ 15.063687] ret_from_fork_asm+0x1a/0x30 [ 15.063720] </TASK> [ 15.063732] [ 15.072427] Allocated by task 284: [ 15.072563] kasan_save_stack+0x45/0x70 [ 15.072726] kasan_save_track+0x18/0x40 [ 15.073021] kasan_save_alloc_info+0x3b/0x50 [ 15.073264] __kasan_kmalloc+0xb7/0xc0 [ 15.073539] __kmalloc_cache_noprof+0x189/0x420 [ 15.073726] kasan_atomics+0x95/0x310 [ 15.074023] kunit_try_run_case+0x1a5/0x480 [ 15.074275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.074747] kthread+0x337/0x6f0 [ 15.074964] ret_from_fork+0x41/0x80 [ 15.075103] ret_from_fork_asm+0x1a/0x30 [ 15.075316] [ 15.075454] The buggy address belongs to the object at ffff888102717100 [ 15.075454] which belongs to the cache kmalloc-64 of size 64 [ 15.076073] The buggy address is located 0 bytes to the right of [ 15.076073] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.076698] [ 15.076806] The buggy address belongs to the physical page: [ 15.077105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.077804] flags: 0x200000000000000(node=0|zone=2) [ 15.078056] page_type: f5(slab) [ 15.078278] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.078759] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.079259] page dumped because: kasan: bad access detected [ 15.079544] [ 15.079665] Memory state around the buggy address: [ 15.079842] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.080072] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.080708] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.081421] ^ [ 15.081731] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.082060] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.082422] ================================================================== [ 15.245568] ================================================================== [ 15.246080] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.246366] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.246881] [ 15.246972] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.247017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.247031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.247052] Call Trace: [ 15.247067] <TASK> [ 15.247083] dump_stack_lvl+0x73/0xb0 [ 15.247109] print_report+0xd1/0x650 [ 15.247133] ? __virt_addr_valid+0x1db/0x2d0 [ 15.247155] ? kasan_atomics_helper+0x860/0x5450 [ 15.247177] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.247200] ? kasan_atomics_helper+0x860/0x5450 [ 15.247223] kasan_report+0x141/0x180 [ 15.247247] ? kasan_atomics_helper+0x860/0x5450 [ 15.247276] kasan_check_range+0x10c/0x1c0 [ 15.247297] __kasan_check_write+0x18/0x20 [ 15.247329] kasan_atomics_helper+0x860/0x5450 [ 15.247353] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.247377] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.247400] ? kasan_atomics+0x152/0x310 [ 15.247425] kasan_atomics+0x1dc/0x310 [ 15.247445] ? __pfx_kasan_atomics+0x10/0x10 [ 15.247465] ? trace_hardirqs_on+0x37/0xe0 [ 15.247488] ? __pfx_read_tsc+0x10/0x10 [ 15.247509] ? ktime_get_ts64+0x86/0x230 [ 15.247535] kunit_try_run_case+0x1a5/0x480 [ 15.247560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.247584] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.247608] ? __kthread_parkme+0x82/0x180 [ 15.247630] ? preempt_count_sub+0x50/0x80 [ 15.247655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.247680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.247703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.247726] kthread+0x337/0x6f0 [ 15.247745] ? trace_preempt_on+0x20/0xc0 [ 15.247768] ? __pfx_kthread+0x10/0x10 [ 15.247788] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.247811] ? calculate_sigpending+0x7b/0xa0 [ 15.247833] ? __pfx_kthread+0x10/0x10 [ 15.247853] ret_from_fork+0x41/0x80 [ 15.247874] ? __pfx_kthread+0x10/0x10 [ 15.247894] ret_from_fork_asm+0x1a/0x30 [ 15.247926] </TASK> [ 15.247938] [ 15.255560] Allocated by task 284: [ 15.255706] kasan_save_stack+0x45/0x70 [ 15.255900] kasan_save_track+0x18/0x40 [ 15.256046] kasan_save_alloc_info+0x3b/0x50 [ 15.256195] __kasan_kmalloc+0xb7/0xc0 [ 15.256342] __kmalloc_cache_noprof+0x189/0x420 [ 15.256602] kasan_atomics+0x95/0x310 [ 15.256794] kunit_try_run_case+0x1a5/0x480 [ 15.257008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.257215] kthread+0x337/0x6f0 [ 15.257350] ret_from_fork+0x41/0x80 [ 15.257485] ret_from_fork_asm+0x1a/0x30 [ 15.257680] [ 15.257776] The buggy address belongs to the object at ffff888102717100 [ 15.257776] which belongs to the cache kmalloc-64 of size 64 [ 15.258315] The buggy address is located 0 bytes to the right of [ 15.258315] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.258854] [ 15.258929] The buggy address belongs to the physical page: [ 15.259102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.259378] flags: 0x200000000000000(node=0|zone=2) [ 15.259608] page_type: f5(slab) [ 15.259777] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.260121] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.260644] page dumped because: kasan: bad access detected [ 15.260820] [ 15.260892] Memory state around the buggy address: [ 15.261050] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.261321] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.261720] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.262058] ^ [ 15.262453] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.262727] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.263055] ================================================================== [ 16.273840] ================================================================== [ 16.274138] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.274623] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 16.274930] [ 16.275043] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 16.275100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.275114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.275155] Call Trace: [ 16.275172] <TASK> [ 16.275189] dump_stack_lvl+0x73/0xb0 [ 16.275228] print_report+0xd1/0x650 [ 16.275252] ? __virt_addr_valid+0x1db/0x2d0 [ 16.275274] ? kasan_atomics_helper+0x218a/0x5450 [ 16.275296] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.275329] ? kasan_atomics_helper+0x218a/0x5450 [ 16.275352] kasan_report+0x141/0x180 [ 16.275383] ? kasan_atomics_helper+0x218a/0x5450 [ 16.275412] kasan_check_range+0x10c/0x1c0 [ 16.275468] __kasan_check_write+0x18/0x20 [ 16.275490] kasan_atomics_helper+0x218a/0x5450 [ 16.275514] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.275547] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.275570] ? kasan_atomics+0x152/0x310 [ 16.275593] kasan_atomics+0x1dc/0x310 [ 16.275613] ? __pfx_kasan_atomics+0x10/0x10 [ 16.275633] ? trace_hardirqs_on+0x37/0xe0 [ 16.275657] ? __pfx_read_tsc+0x10/0x10 [ 16.275678] ? ktime_get_ts64+0x86/0x230 [ 16.275705] kunit_try_run_case+0x1a5/0x480 [ 16.275730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.275763] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.275789] ? __kthread_parkme+0x82/0x180 [ 16.275812] ? preempt_count_sub+0x50/0x80 [ 16.275848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.275872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.275896] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.275919] kthread+0x337/0x6f0 [ 16.275937] ? trace_preempt_on+0x20/0xc0 [ 16.275961] ? __pfx_kthread+0x10/0x10 [ 16.275980] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.276003] ? calculate_sigpending+0x7b/0xa0 [ 16.276026] ? __pfx_kthread+0x10/0x10 [ 16.276045] ret_from_fork+0x41/0x80 [ 16.276067] ? __pfx_kthread+0x10/0x10 [ 16.276086] ret_from_fork_asm+0x1a/0x30 [ 16.276118] </TASK> [ 16.276139] [ 16.283554] Allocated by task 284: [ 16.283754] kasan_save_stack+0x45/0x70 [ 16.283981] kasan_save_track+0x18/0x40 [ 16.284198] kasan_save_alloc_info+0x3b/0x50 [ 16.284417] __kasan_kmalloc+0xb7/0xc0 [ 16.284624] __kmalloc_cache_noprof+0x189/0x420 [ 16.284779] kasan_atomics+0x95/0x310 [ 16.284991] kunit_try_run_case+0x1a5/0x480 [ 16.285202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.285420] kthread+0x337/0x6f0 [ 16.285610] ret_from_fork+0x41/0x80 [ 16.285799] ret_from_fork_asm+0x1a/0x30 [ 16.286006] [ 16.286079] The buggy address belongs to the object at ffff888102717100 [ 16.286079] which belongs to the cache kmalloc-64 of size 64 [ 16.286459] The buggy address is located 0 bytes to the right of [ 16.286459] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 16.287041] [ 16.287144] The buggy address belongs to the physical page: [ 16.287403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 16.287777] flags: 0x200000000000000(node=0|zone=2) [ 16.287973] page_type: f5(slab) [ 16.288166] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.288416] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.288730] page dumped because: kasan: bad access detected [ 16.289004] [ 16.289101] Memory state around the buggy address: [ 16.289362] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.289710] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.290045] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.290359] ^ [ 16.290609] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.290916] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.291218] ================================================================== [ 14.994606] ================================================================== [ 14.994944] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.995452] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 14.995738] [ 14.995823] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.995865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.995878] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.995898] Call Trace: [ 14.995914] <TASK> [ 14.995927] dump_stack_lvl+0x73/0xb0 [ 14.995953] print_report+0xd1/0x650 [ 14.995975] ? __virt_addr_valid+0x1db/0x2d0 [ 14.995995] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.996016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.996038] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.996060] kasan_report+0x141/0x180 [ 14.996082] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.996110] __asan_report_store4_noabort+0x1b/0x30 [ 14.996131] kasan_atomics_helper+0x4ba2/0x5450 [ 14.996153] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.996176] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.996198] ? kasan_atomics+0x152/0x310 [ 14.996221] kasan_atomics+0x1dc/0x310 [ 14.996240] ? __pfx_kasan_atomics+0x10/0x10 [ 14.996259] ? trace_hardirqs_on+0x37/0xe0 [ 14.996281] ? __pfx_read_tsc+0x10/0x10 [ 14.996313] ? ktime_get_ts64+0x86/0x230 [ 14.996337] kunit_try_run_case+0x1a5/0x480 [ 14.996361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.996434] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.996463] ? __kthread_parkme+0x82/0x180 [ 14.996484] ? preempt_count_sub+0x50/0x80 [ 14.996508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.996532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.996554] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.996577] kthread+0x337/0x6f0 [ 14.996594] ? trace_preempt_on+0x20/0xc0 [ 14.996615] ? __pfx_kthread+0x10/0x10 [ 14.996634] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.996654] ? calculate_sigpending+0x7b/0xa0 [ 14.996675] ? __pfx_kthread+0x10/0x10 [ 14.996694] ret_from_fork+0x41/0x80 [ 14.996715] ? __pfx_kthread+0x10/0x10 [ 14.996732] ret_from_fork_asm+0x1a/0x30 [ 14.996763] </TASK> [ 14.996774] [ 15.004916] Allocated by task 284: [ 15.005052] kasan_save_stack+0x45/0x70 [ 15.005200] kasan_save_track+0x18/0x40 [ 15.005361] kasan_save_alloc_info+0x3b/0x50 [ 15.005581] __kasan_kmalloc+0xb7/0xc0 [ 15.005896] __kmalloc_cache_noprof+0x189/0x420 [ 15.006114] kasan_atomics+0x95/0x310 [ 15.006307] kunit_try_run_case+0x1a5/0x480 [ 15.006561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.006807] kthread+0x337/0x6f0 [ 15.007181] ret_from_fork+0x41/0x80 [ 15.007382] ret_from_fork_asm+0x1a/0x30 [ 15.007604] [ 15.007678] The buggy address belongs to the object at ffff888102717100 [ 15.007678] which belongs to the cache kmalloc-64 of size 64 [ 15.008383] The buggy address is located 0 bytes to the right of [ 15.008383] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.008926] [ 15.008999] The buggy address belongs to the physical page: [ 15.009169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.009421] flags: 0x200000000000000(node=0|zone=2) [ 15.009583] page_type: f5(slab) [ 15.009874] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.010213] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.010762] page dumped because: kasan: bad access detected [ 15.011068] [ 15.011142] Memory state around the buggy address: [ 15.011312] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.011944] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.012210] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.012547] ^ [ 15.012756] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.013268] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.013646] ================================================================== [ 15.943485] ================================================================== [ 15.943825] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.944234] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.944610] [ 15.944712] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.944759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.944772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.944805] Call Trace: [ 15.944822] <TASK> [ 15.944838] dump_stack_lvl+0x73/0xb0 [ 15.944879] print_report+0xd1/0x650 [ 15.944903] ? __virt_addr_valid+0x1db/0x2d0 [ 15.944925] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.944956] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.944980] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.945003] kasan_report+0x141/0x180 [ 15.945038] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.945066] kasan_check_range+0x10c/0x1c0 [ 15.945089] __kasan_check_write+0x18/0x20 [ 15.945109] kasan_atomics_helper+0x1a7f/0x5450 [ 15.945134] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.945157] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.945179] ? kasan_atomics+0x152/0x310 [ 15.945203] kasan_atomics+0x1dc/0x310 [ 15.945222] ? __pfx_kasan_atomics+0x10/0x10 [ 15.945243] ? trace_hardirqs_on+0x37/0xe0 [ 15.945266] ? __pfx_read_tsc+0x10/0x10 [ 15.945286] ? ktime_get_ts64+0x86/0x230 [ 15.945322] kunit_try_run_case+0x1a5/0x480 [ 15.945347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.945382] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.945407] ? __kthread_parkme+0x82/0x180 [ 15.945429] ? preempt_count_sub+0x50/0x80 [ 15.945465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.945498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.945522] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.945555] kthread+0x337/0x6f0 [ 15.945572] ? trace_preempt_on+0x20/0xc0 [ 15.945596] ? __pfx_kthread+0x10/0x10 [ 15.945625] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.945648] ? calculate_sigpending+0x7b/0xa0 [ 15.945670] ? __pfx_kthread+0x10/0x10 [ 15.945690] ret_from_fork+0x41/0x80 [ 15.945711] ? __pfx_kthread+0x10/0x10 [ 15.945730] ret_from_fork_asm+0x1a/0x30 [ 15.945762] </TASK> [ 15.945773] [ 15.953646] Allocated by task 284: [ 15.953849] kasan_save_stack+0x45/0x70 [ 15.954056] kasan_save_track+0x18/0x40 [ 15.954265] kasan_save_alloc_info+0x3b/0x50 [ 15.954437] __kasan_kmalloc+0xb7/0xc0 [ 15.954599] __kmalloc_cache_noprof+0x189/0x420 [ 15.954822] kasan_atomics+0x95/0x310 [ 15.955038] kunit_try_run_case+0x1a5/0x480 [ 15.955248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.955523] kthread+0x337/0x6f0 [ 15.955643] ret_from_fork+0x41/0x80 [ 15.955827] ret_from_fork_asm+0x1a/0x30 [ 15.956027] [ 15.956155] The buggy address belongs to the object at ffff888102717100 [ 15.956155] which belongs to the cache kmalloc-64 of size 64 [ 15.956782] The buggy address is located 0 bytes to the right of [ 15.956782] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.957210] [ 15.957286] The buggy address belongs to the physical page: [ 15.957470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.957781] flags: 0x200000000000000(node=0|zone=2) [ 15.958099] page_type: f5(slab) [ 15.958270] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.958597] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.958829] page dumped because: kasan: bad access detected [ 15.959001] [ 15.959072] Memory state around the buggy address: [ 15.959361] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.960011] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.960365] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.960727] ^ [ 15.960981] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.961257] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.961677] ================================================================== [ 15.207008] ================================================================== [ 15.207382] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.207998] Write of size 4 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.208332] [ 15.208447] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.208495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.208509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.208532] Call Trace: [ 15.208550] <TASK> [ 15.208568] dump_stack_lvl+0x73/0xb0 [ 15.208596] print_report+0xd1/0x650 [ 15.208619] ? __virt_addr_valid+0x1db/0x2d0 [ 15.208641] ? kasan_atomics_helper+0x72f/0x5450 [ 15.208663] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.208687] ? kasan_atomics_helper+0x72f/0x5450 [ 15.208710] kasan_report+0x141/0x180 [ 15.208735] ? kasan_atomics_helper+0x72f/0x5450 [ 15.208762] kasan_check_range+0x10c/0x1c0 [ 15.208784] __kasan_check_write+0x18/0x20 [ 15.208805] kasan_atomics_helper+0x72f/0x5450 [ 15.208828] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.208851] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.208874] ? kasan_atomics+0x152/0x310 [ 15.208899] kasan_atomics+0x1dc/0x310 [ 15.208919] ? __pfx_kasan_atomics+0x10/0x10 [ 15.208939] ? trace_hardirqs_on+0x37/0xe0 [ 15.208963] ? __pfx_read_tsc+0x10/0x10 [ 15.208983] ? ktime_get_ts64+0x86/0x230 [ 15.209008] kunit_try_run_case+0x1a5/0x480 [ 15.209034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.209059] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.209083] ? __kthread_parkme+0x82/0x180 [ 15.209106] ? preempt_count_sub+0x50/0x80 [ 15.209132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.209156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.209179] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.209203] kthread+0x337/0x6f0 [ 15.209221] ? trace_preempt_on+0x20/0xc0 [ 15.209244] ? __pfx_kthread+0x10/0x10 [ 15.209265] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.209287] ? calculate_sigpending+0x7b/0xa0 [ 15.209320] ? __pfx_kthread+0x10/0x10 [ 15.209341] ret_from_fork+0x41/0x80 [ 15.209362] ? __pfx_kthread+0x10/0x10 [ 15.209381] ret_from_fork_asm+0x1a/0x30 [ 15.209414] </TASK> [ 15.209425] [ 15.216908] Allocated by task 284: [ 15.217088] kasan_save_stack+0x45/0x70 [ 15.217269] kasan_save_track+0x18/0x40 [ 15.217427] kasan_save_alloc_info+0x3b/0x50 [ 15.217578] __kasan_kmalloc+0xb7/0xc0 [ 15.217714] __kmalloc_cache_noprof+0x189/0x420 [ 15.217911] kasan_atomics+0x95/0x310 [ 15.218093] kunit_try_run_case+0x1a5/0x480 [ 15.218309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.218565] kthread+0x337/0x6f0 [ 15.218758] ret_from_fork+0x41/0x80 [ 15.218893] ret_from_fork_asm+0x1a/0x30 [ 15.219034] [ 15.219120] The buggy address belongs to the object at ffff888102717100 [ 15.219120] which belongs to the cache kmalloc-64 of size 64 [ 15.219939] The buggy address is located 0 bytes to the right of [ 15.219939] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.220432] [ 15.220778] The buggy address belongs to the physical page: [ 15.221009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.221338] flags: 0x200000000000000(node=0|zone=2) [ 15.222243] page_type: f5(slab) [ 15.222888] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.223189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.223560] page dumped because: kasan: bad access detected [ 15.223740] [ 15.223813] Memory state around the buggy address: [ 15.224045] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.224354] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.224766] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.225017] ^ [ 15.225244] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.225581] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.225870] ================================================================== [ 15.785117] ================================================================== [ 15.785499] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.785798] Write of size 8 at addr ffff888102717130 by task kunit_try_catch/284 [ 15.786288] [ 15.786439] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 15.786487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.786510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.786534] Call Trace: [ 15.786553] <TASK> [ 15.786570] dump_stack_lvl+0x73/0xb0 [ 15.786608] print_report+0xd1/0x650 [ 15.786631] ? __virt_addr_valid+0x1db/0x2d0 [ 15.786654] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.786683] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.786707] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.786731] kasan_report+0x141/0x180 [ 15.786755] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.786784] kasan_check_range+0x10c/0x1c0 [ 15.786808] __kasan_check_write+0x18/0x20 [ 15.786829] kasan_atomics_helper+0x15b6/0x5450 [ 15.786853] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.786877] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.786900] ? kasan_atomics+0x152/0x310 [ 15.786925] kasan_atomics+0x1dc/0x310 [ 15.786945] ? __pfx_kasan_atomics+0x10/0x10 [ 15.786965] ? trace_hardirqs_on+0x37/0xe0 [ 15.786989] ? __pfx_read_tsc+0x10/0x10 [ 15.787009] ? ktime_get_ts64+0x86/0x230 [ 15.787035] kunit_try_run_case+0x1a5/0x480 [ 15.787060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.787084] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.787108] ? __kthread_parkme+0x82/0x180 [ 15.787131] ? preempt_count_sub+0x50/0x80 [ 15.787156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.787180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.787204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.787227] kthread+0x337/0x6f0 [ 15.787253] ? trace_preempt_on+0x20/0xc0 [ 15.787276] ? __pfx_kthread+0x10/0x10 [ 15.787295] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.787331] ? calculate_sigpending+0x7b/0xa0 [ 15.787353] ? __pfx_kthread+0x10/0x10 [ 15.787373] ret_from_fork+0x41/0x80 [ 15.787394] ? __pfx_kthread+0x10/0x10 [ 15.787414] ret_from_fork_asm+0x1a/0x30 [ 15.787457] </TASK> [ 15.787469] [ 15.795356] Allocated by task 284: [ 15.795541] kasan_save_stack+0x45/0x70 [ 15.795711] kasan_save_track+0x18/0x40 [ 15.795932] kasan_save_alloc_info+0x3b/0x50 [ 15.796084] __kasan_kmalloc+0xb7/0xc0 [ 15.796221] __kmalloc_cache_noprof+0x189/0x420 [ 15.796386] kasan_atomics+0x95/0x310 [ 15.796520] kunit_try_run_case+0x1a5/0x480 [ 15.796670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.796848] kthread+0x337/0x6f0 [ 15.796997] ret_from_fork+0x41/0x80 [ 15.797230] ret_from_fork_asm+0x1a/0x30 [ 15.797458] [ 15.797555] The buggy address belongs to the object at ffff888102717100 [ 15.797555] which belongs to the cache kmalloc-64 of size 64 [ 15.798080] The buggy address is located 0 bytes to the right of [ 15.798080] allocated 48-byte region [ffff888102717100, ffff888102717130) [ 15.798775] [ 15.798851] The buggy address belongs to the physical page: [ 15.799024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102717 [ 15.799266] flags: 0x200000000000000(node=0|zone=2) [ 15.799453] page_type: f5(slab) [ 15.799630] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.800008] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.800409] page dumped because: kasan: bad access detected [ 15.800736] [ 15.800835] Memory state around the buggy address: [ 15.801101] ffff888102717000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.801456] ffff888102717080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.801762] >ffff888102717100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.801976] ^ [ 15.802133] ffff888102717180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.802402] ffff888102717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.803105] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.903866] ================================================================== [ 14.904206] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.904634] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.905072] [ 14.905184] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.905228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.905239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.905259] Call Trace: [ 14.905272] <TASK> [ 14.905285] dump_stack_lvl+0x73/0xb0 [ 14.905323] print_report+0xd1/0x650 [ 14.905346] ? __virt_addr_valid+0x1db/0x2d0 [ 14.905366] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.905389] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.905411] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.905435] kasan_report+0x141/0x180 [ 14.905458] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.905486] kasan_check_range+0x10c/0x1c0 [ 14.905506] __kasan_check_write+0x18/0x20 [ 14.905526] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.905549] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.905574] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.905593] ? trace_hardirqs_on+0x37/0xe0 [ 14.905614] ? kasan_bitops_generic+0x92/0x1c0 [ 14.905638] kasan_bitops_generic+0x121/0x1c0 [ 14.905658] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.905679] ? __pfx_read_tsc+0x10/0x10 [ 14.905698] ? ktime_get_ts64+0x86/0x230 [ 14.905735] kunit_try_run_case+0x1a5/0x480 [ 14.905758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.905780] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.905802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.905824] ? __kthread_parkme+0x82/0x180 [ 14.905845] ? preempt_count_sub+0x50/0x80 [ 14.905870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.905893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.905916] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.905939] kthread+0x337/0x6f0 [ 14.905956] ? trace_preempt_on+0x20/0xc0 [ 14.905978] ? __pfx_kthread+0x10/0x10 [ 14.905997] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.906017] ? calculate_sigpending+0x7b/0xa0 [ 14.906038] ? __pfx_kthread+0x10/0x10 [ 14.906057] ret_from_fork+0x41/0x80 [ 14.906077] ? __pfx_kthread+0x10/0x10 [ 14.906095] ret_from_fork_asm+0x1a/0x30 [ 14.906126] </TASK> [ 14.906136] [ 14.914819] Allocated by task 280: [ 14.915256] kasan_save_stack+0x45/0x70 [ 14.915513] kasan_save_track+0x18/0x40 [ 14.915656] kasan_save_alloc_info+0x3b/0x50 [ 14.915805] __kasan_kmalloc+0xb7/0xc0 [ 14.915974] __kmalloc_cache_noprof+0x189/0x420 [ 14.916265] kasan_bitops_generic+0x92/0x1c0 [ 14.916548] kunit_try_run_case+0x1a5/0x480 [ 14.916703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.916879] kthread+0x337/0x6f0 [ 14.917012] ret_from_fork+0x41/0x80 [ 14.917208] ret_from_fork_asm+0x1a/0x30 [ 14.917424] [ 14.917579] The buggy address belongs to the object at ffff8881029e3080 [ 14.917579] which belongs to the cache kmalloc-16 of size 16 [ 14.918399] The buggy address is located 8 bytes inside of [ 14.918399] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.918781] [ 14.918856] The buggy address belongs to the physical page: [ 14.919107] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.919602] flags: 0x200000000000000(node=0|zone=2) [ 14.920100] page_type: f5(slab) [ 14.920274] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.920640] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.921004] page dumped because: kasan: bad access detected [ 14.921191] [ 14.921265] Memory state around the buggy address: [ 14.921435] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.921759] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.922311] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.922600] ^ [ 14.922733] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.922950] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.923163] ================================================================== [ 14.798517] ================================================================== [ 14.798832] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.799559] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.799790] [ 14.799878] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.799923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.799935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.799956] Call Trace: [ 14.799971] <TASK> [ 14.800061] dump_stack_lvl+0x73/0xb0 [ 14.800119] print_report+0xd1/0x650 [ 14.800142] ? __virt_addr_valid+0x1db/0x2d0 [ 14.800163] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.800186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.800209] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.800233] kasan_report+0x141/0x180 [ 14.800256] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.800284] kasan_check_range+0x10c/0x1c0 [ 14.800316] __kasan_check_write+0x18/0x20 [ 14.800336] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.800378] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.800402] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.800423] ? trace_hardirqs_on+0x37/0xe0 [ 14.800445] ? kasan_bitops_generic+0x92/0x1c0 [ 14.800469] kasan_bitops_generic+0x121/0x1c0 [ 14.800490] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.800511] ? __pfx_read_tsc+0x10/0x10 [ 14.800532] ? ktime_get_ts64+0x86/0x230 [ 14.800557] kunit_try_run_case+0x1a5/0x480 [ 14.800579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.800601] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.800624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.800646] ? __kthread_parkme+0x82/0x180 [ 14.800668] ? preempt_count_sub+0x50/0x80 [ 14.800693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.800716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.800739] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.800761] kthread+0x337/0x6f0 [ 14.800778] ? trace_preempt_on+0x20/0xc0 [ 14.800800] ? __pfx_kthread+0x10/0x10 [ 14.800818] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.800839] ? calculate_sigpending+0x7b/0xa0 [ 14.800859] ? __pfx_kthread+0x10/0x10 [ 14.800878] ret_from_fork+0x41/0x80 [ 14.800898] ? __pfx_kthread+0x10/0x10 [ 14.800916] ret_from_fork_asm+0x1a/0x30 [ 14.800947] </TASK> [ 14.800957] [ 14.811079] Allocated by task 280: [ 14.811321] kasan_save_stack+0x45/0x70 [ 14.811542] kasan_save_track+0x18/0x40 [ 14.811740] kasan_save_alloc_info+0x3b/0x50 [ 14.812008] __kasan_kmalloc+0xb7/0xc0 [ 14.812216] __kmalloc_cache_noprof+0x189/0x420 [ 14.812470] kasan_bitops_generic+0x92/0x1c0 [ 14.812709] kunit_try_run_case+0x1a5/0x480 [ 14.812913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.813173] kthread+0x337/0x6f0 [ 14.813449] ret_from_fork+0x41/0x80 [ 14.813630] ret_from_fork_asm+0x1a/0x30 [ 14.813772] [ 14.813847] The buggy address belongs to the object at ffff8881029e3080 [ 14.813847] which belongs to the cache kmalloc-16 of size 16 [ 14.814404] The buggy address is located 8 bytes inside of [ 14.814404] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.815016] [ 14.815237] The buggy address belongs to the physical page: [ 14.815560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.816043] flags: 0x200000000000000(node=0|zone=2) [ 14.816247] page_type: f5(slab) [ 14.816385] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.817033] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.817375] page dumped because: kasan: bad access detected [ 14.817669] [ 14.817770] Memory state around the buggy address: [ 14.818234] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.818807] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.819131] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.819383] ^ [ 14.819546] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.819869] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.820175] ================================================================== [ 14.820556] ================================================================== [ 14.820980] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.821312] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.821539] [ 14.821647] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.821690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.821702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.821745] Call Trace: [ 14.821758] <TASK> [ 14.821773] dump_stack_lvl+0x73/0xb0 [ 14.821798] print_report+0xd1/0x650 [ 14.821837] ? __virt_addr_valid+0x1db/0x2d0 [ 14.821866] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.822071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.822100] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.822124] kasan_report+0x141/0x180 [ 14.822147] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.822175] kasan_check_range+0x10c/0x1c0 [ 14.822196] __kasan_check_write+0x18/0x20 [ 14.822215] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.822239] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.822264] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.822284] ? trace_hardirqs_on+0x37/0xe0 [ 14.822319] ? kasan_bitops_generic+0x92/0x1c0 [ 14.822343] kasan_bitops_generic+0x121/0x1c0 [ 14.822363] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.822384] ? __pfx_read_tsc+0x10/0x10 [ 14.822424] ? ktime_get_ts64+0x86/0x230 [ 14.822457] kunit_try_run_case+0x1a5/0x480 [ 14.822482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.822524] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.822547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.822569] ? __kthread_parkme+0x82/0x180 [ 14.822590] ? preempt_count_sub+0x50/0x80 [ 14.822615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.822638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.822661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.822690] kthread+0x337/0x6f0 [ 14.822707] ? trace_preempt_on+0x20/0xc0 [ 14.822746] ? __pfx_kthread+0x10/0x10 [ 14.822778] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.822799] ? calculate_sigpending+0x7b/0xa0 [ 14.822820] ? __pfx_kthread+0x10/0x10 [ 14.822839] ret_from_fork+0x41/0x80 [ 14.822860] ? __pfx_kthread+0x10/0x10 [ 14.822882] ret_from_fork_asm+0x1a/0x30 [ 14.822969] </TASK> [ 14.822980] [ 14.832933] Allocated by task 280: [ 14.833339] kasan_save_stack+0x45/0x70 [ 14.833516] kasan_save_track+0x18/0x40 [ 14.833736] kasan_save_alloc_info+0x3b/0x50 [ 14.833956] __kasan_kmalloc+0xb7/0xc0 [ 14.834249] __kmalloc_cache_noprof+0x189/0x420 [ 14.834657] kasan_bitops_generic+0x92/0x1c0 [ 14.834934] kunit_try_run_case+0x1a5/0x480 [ 14.835158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.835430] kthread+0x337/0x6f0 [ 14.835599] ret_from_fork+0x41/0x80 [ 14.835755] ret_from_fork_asm+0x1a/0x30 [ 14.836041] [ 14.836167] The buggy address belongs to the object at ffff8881029e3080 [ 14.836167] which belongs to the cache kmalloc-16 of size 16 [ 14.836741] The buggy address is located 8 bytes inside of [ 14.836741] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.837517] [ 14.837685] The buggy address belongs to the physical page: [ 14.838085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.838462] flags: 0x200000000000000(node=0|zone=2) [ 14.838717] page_type: f5(slab) [ 14.838888] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.839228] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.839680] page dumped because: kasan: bad access detected [ 14.839922] [ 14.840143] Memory state around the buggy address: [ 14.840377] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.840709] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.840934] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.841487] ^ [ 14.841712] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.842218] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.842693] ================================================================== [ 14.843258] ================================================================== [ 14.843760] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.844197] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.844753] [ 14.844892] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.844938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.844949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.844970] Call Trace: [ 14.844984] <TASK> [ 14.844998] dump_stack_lvl+0x73/0xb0 [ 14.845086] print_report+0xd1/0x650 [ 14.845109] ? __virt_addr_valid+0x1db/0x2d0 [ 14.845131] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.845153] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.845175] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.845220] kasan_report+0x141/0x180 [ 14.845242] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.845270] kasan_check_range+0x10c/0x1c0 [ 14.845291] __kasan_check_write+0x18/0x20 [ 14.845323] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.845347] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.845373] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.845396] ? trace_hardirqs_on+0x37/0xe0 [ 14.845436] ? kasan_bitops_generic+0x92/0x1c0 [ 14.845475] kasan_bitops_generic+0x121/0x1c0 [ 14.845512] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.845548] ? __pfx_read_tsc+0x10/0x10 [ 14.845567] ? ktime_get_ts64+0x86/0x230 [ 14.845593] kunit_try_run_case+0x1a5/0x480 [ 14.845619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.845641] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.845664] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.845686] ? __kthread_parkme+0x82/0x180 [ 14.845709] ? preempt_count_sub+0x50/0x80 [ 14.845734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.845756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.845779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.845801] kthread+0x337/0x6f0 [ 14.845818] ? trace_preempt_on+0x20/0xc0 [ 14.845841] ? __pfx_kthread+0x10/0x10 [ 14.845858] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.846160] ? calculate_sigpending+0x7b/0xa0 [ 14.846195] ? __pfx_kthread+0x10/0x10 [ 14.846215] ret_from_fork+0x41/0x80 [ 14.846237] ? __pfx_kthread+0x10/0x10 [ 14.846254] ret_from_fork_asm+0x1a/0x30 [ 14.846286] </TASK> [ 14.846316] [ 14.854986] Allocated by task 280: [ 14.855173] kasan_save_stack+0x45/0x70 [ 14.855389] kasan_save_track+0x18/0x40 [ 14.855626] kasan_save_alloc_info+0x3b/0x50 [ 14.855775] __kasan_kmalloc+0xb7/0xc0 [ 14.855929] __kmalloc_cache_noprof+0x189/0x420 [ 14.856155] kasan_bitops_generic+0x92/0x1c0 [ 14.856372] kunit_try_run_case+0x1a5/0x480 [ 14.856725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.856946] kthread+0x337/0x6f0 [ 14.857117] ret_from_fork+0x41/0x80 [ 14.857271] ret_from_fork_asm+0x1a/0x30 [ 14.857615] [ 14.857732] The buggy address belongs to the object at ffff8881029e3080 [ 14.857732] which belongs to the cache kmalloc-16 of size 16 [ 14.858412] The buggy address is located 8 bytes inside of [ 14.858412] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.858780] [ 14.858855] The buggy address belongs to the physical page: [ 14.859088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.859455] flags: 0x200000000000000(node=0|zone=2) [ 14.860031] page_type: f5(slab) [ 14.860161] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.860408] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.861133] page dumped because: kasan: bad access detected [ 14.861451] [ 14.861544] Memory state around the buggy address: [ 14.861753] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.862292] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.862537] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.862861] ^ [ 14.863046] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.863391] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.864000] ================================================================== [ 14.864437] ================================================================== [ 14.864736] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.865137] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.865378] [ 14.865469] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.865514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.865530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.865551] Call Trace: [ 14.865571] <TASK> [ 14.865585] dump_stack_lvl+0x73/0xb0 [ 14.865612] print_report+0xd1/0x650 [ 14.865636] ? __virt_addr_valid+0x1db/0x2d0 [ 14.865658] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.865682] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.865704] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.865728] kasan_report+0x141/0x180 [ 14.865751] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.865790] kasan_check_range+0x10c/0x1c0 [ 14.865814] __kasan_check_write+0x18/0x20 [ 14.865834] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.865859] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.866088] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.866122] ? trace_hardirqs_on+0x37/0xe0 [ 14.866145] ? kasan_bitops_generic+0x92/0x1c0 [ 14.866169] kasan_bitops_generic+0x121/0x1c0 [ 14.866190] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.866211] ? __pfx_read_tsc+0x10/0x10 [ 14.866231] ? ktime_get_ts64+0x86/0x230 [ 14.866256] kunit_try_run_case+0x1a5/0x480 [ 14.866279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.866316] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.866339] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.866362] ? __kthread_parkme+0x82/0x180 [ 14.866383] ? preempt_count_sub+0x50/0x80 [ 14.866408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.866431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.866465] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.866487] kthread+0x337/0x6f0 [ 14.866505] ? trace_preempt_on+0x20/0xc0 [ 14.866528] ? __pfx_kthread+0x10/0x10 [ 14.866546] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.866567] ? calculate_sigpending+0x7b/0xa0 [ 14.866588] ? __pfx_kthread+0x10/0x10 [ 14.866607] ret_from_fork+0x41/0x80 [ 14.866627] ? __pfx_kthread+0x10/0x10 [ 14.866645] ret_from_fork_asm+0x1a/0x30 [ 14.866682] </TASK> [ 14.866692] [ 14.875874] Allocated by task 280: [ 14.876063] kasan_save_stack+0x45/0x70 [ 14.876267] kasan_save_track+0x18/0x40 [ 14.876475] kasan_save_alloc_info+0x3b/0x50 [ 14.876722] __kasan_kmalloc+0xb7/0xc0 [ 14.876862] __kmalloc_cache_noprof+0x189/0x420 [ 14.877036] kasan_bitops_generic+0x92/0x1c0 [ 14.877293] kunit_try_run_case+0x1a5/0x480 [ 14.877520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.877781] kthread+0x337/0x6f0 [ 14.877927] ret_from_fork+0x41/0x80 [ 14.878059] ret_from_fork_asm+0x1a/0x30 [ 14.878198] [ 14.878271] The buggy address belongs to the object at ffff8881029e3080 [ 14.878271] which belongs to the cache kmalloc-16 of size 16 [ 14.878998] The buggy address is located 8 bytes inside of [ 14.878998] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.879890] [ 14.879997] The buggy address belongs to the physical page: [ 14.880211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.880615] flags: 0x200000000000000(node=0|zone=2) [ 14.880846] page_type: f5(slab) [ 14.880982] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.881252] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.881492] page dumped because: kasan: bad access detected [ 14.881725] [ 14.881822] Memory state around the buggy address: [ 14.882051] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.882388] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.882717] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.883204] ^ [ 14.883390] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.883669] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.883988] ================================================================== [ 14.945995] ================================================================== [ 14.946278] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.946762] Read of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.947137] [ 14.947256] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.947315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.947328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.947348] Call Trace: [ 14.947364] <TASK> [ 14.947379] dump_stack_lvl+0x73/0xb0 [ 14.947406] print_report+0xd1/0x650 [ 14.947428] ? __virt_addr_valid+0x1db/0x2d0 [ 14.947448] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.947475] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.947498] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.947521] kasan_report+0x141/0x180 [ 14.947544] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.947572] __asan_report_load8_noabort+0x18/0x20 [ 14.947593] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.947617] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.947644] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.947665] ? trace_hardirqs_on+0x37/0xe0 [ 14.947687] ? kasan_bitops_generic+0x92/0x1c0 [ 14.947711] kasan_bitops_generic+0x121/0x1c0 [ 14.947730] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.947752] ? __pfx_read_tsc+0x10/0x10 [ 14.947771] ? ktime_get_ts64+0x86/0x230 [ 14.947797] kunit_try_run_case+0x1a5/0x480 [ 14.947821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.947842] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.947864] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.947887] ? __kthread_parkme+0x82/0x180 [ 14.947909] ? preempt_count_sub+0x50/0x80 [ 14.947934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.947957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.947981] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.948003] kthread+0x337/0x6f0 [ 14.948021] ? trace_preempt_on+0x20/0xc0 [ 14.948044] ? __pfx_kthread+0x10/0x10 [ 14.948062] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.948082] ? calculate_sigpending+0x7b/0xa0 [ 14.948104] ? __pfx_kthread+0x10/0x10 [ 14.948123] ret_from_fork+0x41/0x80 [ 14.948144] ? __pfx_kthread+0x10/0x10 [ 14.948162] ret_from_fork_asm+0x1a/0x30 [ 14.948192] </TASK> [ 14.948203] [ 14.957860] Allocated by task 280: [ 14.958055] kasan_save_stack+0x45/0x70 [ 14.958258] kasan_save_track+0x18/0x40 [ 14.958466] kasan_save_alloc_info+0x3b/0x50 [ 14.958731] __kasan_kmalloc+0xb7/0xc0 [ 14.958979] __kmalloc_cache_noprof+0x189/0x420 [ 14.959158] kasan_bitops_generic+0x92/0x1c0 [ 14.959385] kunit_try_run_case+0x1a5/0x480 [ 14.959562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.959812] kthread+0x337/0x6f0 [ 14.959959] ret_from_fork+0x41/0x80 [ 14.960149] ret_from_fork_asm+0x1a/0x30 [ 14.960375] [ 14.960451] The buggy address belongs to the object at ffff8881029e3080 [ 14.960451] which belongs to the cache kmalloc-16 of size 16 [ 14.960826] The buggy address is located 8 bytes inside of [ 14.960826] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.961257] [ 14.961341] The buggy address belongs to the physical page: [ 14.961514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.961754] flags: 0x200000000000000(node=0|zone=2) [ 14.961917] page_type: f5(slab) [ 14.962040] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.962273] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.962507] page dumped because: kasan: bad access detected [ 14.962720] [ 14.962815] Memory state around the buggy address: [ 14.963390] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.963743] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.964110] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.964426] ^ [ 14.964671] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.965068] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.965345] ================================================================== [ 14.884397] ================================================================== [ 14.884630] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.885475] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.885779] [ 14.885882] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.885928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.885940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.885960] Call Trace: [ 14.885973] <TASK> [ 14.885987] dump_stack_lvl+0x73/0xb0 [ 14.886016] print_report+0xd1/0x650 [ 14.886038] ? __virt_addr_valid+0x1db/0x2d0 [ 14.886059] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.886082] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.886105] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.886128] kasan_report+0x141/0x180 [ 14.886150] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.886178] kasan_check_range+0x10c/0x1c0 [ 14.886198] __kasan_check_write+0x18/0x20 [ 14.886218] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.886242] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.886322] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.886347] ? trace_hardirqs_on+0x37/0xe0 [ 14.886369] ? kasan_bitops_generic+0x92/0x1c0 [ 14.886393] kasan_bitops_generic+0x121/0x1c0 [ 14.886413] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.886435] ? __pfx_read_tsc+0x10/0x10 [ 14.886454] ? ktime_get_ts64+0x86/0x230 [ 14.886478] kunit_try_run_case+0x1a5/0x480 [ 14.886501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.886523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.886546] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.886569] ? __kthread_parkme+0x82/0x180 [ 14.886590] ? preempt_count_sub+0x50/0x80 [ 14.886615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.886638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.886660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.886689] kthread+0x337/0x6f0 [ 14.886705] ? trace_preempt_on+0x20/0xc0 [ 14.886728] ? __pfx_kthread+0x10/0x10 [ 14.886745] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.886766] ? calculate_sigpending+0x7b/0xa0 [ 14.886788] ? __pfx_kthread+0x10/0x10 [ 14.886806] ret_from_fork+0x41/0x80 [ 14.886827] ? __pfx_kthread+0x10/0x10 [ 14.886845] ret_from_fork_asm+0x1a/0x30 [ 14.886876] </TASK> [ 14.887033] [ 14.895086] Allocated by task 280: [ 14.895266] kasan_save_stack+0x45/0x70 [ 14.895456] kasan_save_track+0x18/0x40 [ 14.895597] kasan_save_alloc_info+0x3b/0x50 [ 14.895815] __kasan_kmalloc+0xb7/0xc0 [ 14.896005] __kmalloc_cache_noprof+0x189/0x420 [ 14.896222] kasan_bitops_generic+0x92/0x1c0 [ 14.896382] kunit_try_run_case+0x1a5/0x480 [ 14.896627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.896869] kthread+0x337/0x6f0 [ 14.896988] ret_from_fork+0x41/0x80 [ 14.897119] ret_from_fork_asm+0x1a/0x30 [ 14.897258] [ 14.897339] The buggy address belongs to the object at ffff8881029e3080 [ 14.897339] which belongs to the cache kmalloc-16 of size 16 [ 14.897900] The buggy address is located 8 bytes inside of [ 14.897900] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.898683] [ 14.898762] The buggy address belongs to the physical page: [ 14.899128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.899607] flags: 0x200000000000000(node=0|zone=2) [ 14.899817] page_type: f5(slab) [ 14.900045] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.900281] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.900566] page dumped because: kasan: bad access detected [ 14.900823] [ 14.900916] Memory state around the buggy address: [ 14.901268] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.901776] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.902257] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.902651] ^ [ 14.902818] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.903151] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.903419] ================================================================== [ 14.923580] ================================================================== [ 14.924094] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.924641] Read of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.925065] [ 14.925165] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.925209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.925221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.925241] Call Trace: [ 14.925255] <TASK> [ 14.925268] dump_stack_lvl+0x73/0xb0 [ 14.925294] print_report+0xd1/0x650 [ 14.925329] ? __virt_addr_valid+0x1db/0x2d0 [ 14.925350] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.925372] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.925395] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.925418] kasan_report+0x141/0x180 [ 14.925441] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.925470] kasan_check_range+0x10c/0x1c0 [ 14.925489] __kasan_check_read+0x15/0x20 [ 14.925508] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.925532] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.925556] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.925576] ? trace_hardirqs_on+0x37/0xe0 [ 14.925597] ? kasan_bitops_generic+0x92/0x1c0 [ 14.925621] kasan_bitops_generic+0x121/0x1c0 [ 14.925641] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.925661] ? __pfx_read_tsc+0x10/0x10 [ 14.925680] ? ktime_get_ts64+0x86/0x230 [ 14.925704] kunit_try_run_case+0x1a5/0x480 [ 14.925728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.925748] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.925771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.925794] ? __kthread_parkme+0x82/0x180 [ 14.925816] ? preempt_count_sub+0x50/0x80 [ 14.925841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.925864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.925933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.925959] kthread+0x337/0x6f0 [ 14.925976] ? trace_preempt_on+0x20/0xc0 [ 14.925999] ? __pfx_kthread+0x10/0x10 [ 14.926018] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.926039] ? calculate_sigpending+0x7b/0xa0 [ 14.926060] ? __pfx_kthread+0x10/0x10 [ 14.926079] ret_from_fork+0x41/0x80 [ 14.926101] ? __pfx_kthread+0x10/0x10 [ 14.926119] ret_from_fork_asm+0x1a/0x30 [ 14.926150] </TASK> [ 14.926161] [ 14.935154] Allocated by task 280: [ 14.935359] kasan_save_stack+0x45/0x70 [ 14.935567] kasan_save_track+0x18/0x40 [ 14.935764] kasan_save_alloc_info+0x3b/0x50 [ 14.935978] __kasan_kmalloc+0xb7/0xc0 [ 14.936169] __kmalloc_cache_noprof+0x189/0x420 [ 14.936547] kasan_bitops_generic+0x92/0x1c0 [ 14.936782] kunit_try_run_case+0x1a5/0x480 [ 14.937059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.937253] kthread+0x337/0x6f0 [ 14.937407] ret_from_fork+0x41/0x80 [ 14.937592] ret_from_fork_asm+0x1a/0x30 [ 14.937906] [ 14.938085] The buggy address belongs to the object at ffff8881029e3080 [ 14.938085] which belongs to the cache kmalloc-16 of size 16 [ 14.938523] The buggy address is located 8 bytes inside of [ 14.938523] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.939172] [ 14.939257] The buggy address belongs to the physical page: [ 14.939442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.939685] flags: 0x200000000000000(node=0|zone=2) [ 14.940234] page_type: f5(slab) [ 14.940493] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.940847] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.941672] page dumped because: kasan: bad access detected [ 14.941857] [ 14.942230] Memory state around the buggy address: [ 14.942658] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.943194] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.943671] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.944408] ^ [ 14.944708] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.944951] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.945615] ================================================================== [ 14.775689] ================================================================== [ 14.776335] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.776690] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.777239] [ 14.777350] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.777396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.777409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.777431] Call Trace: [ 14.777444] <TASK> [ 14.777458] dump_stack_lvl+0x73/0xb0 [ 14.777484] print_report+0xd1/0x650 [ 14.777506] ? __virt_addr_valid+0x1db/0x2d0 [ 14.777526] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.777550] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.777572] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.777595] kasan_report+0x141/0x180 [ 14.777618] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.777646] kasan_check_range+0x10c/0x1c0 [ 14.777666] __kasan_check_write+0x18/0x20 [ 14.777686] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.777709] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.777734] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.777754] ? trace_hardirqs_on+0x37/0xe0 [ 14.777776] ? kasan_bitops_generic+0x92/0x1c0 [ 14.777800] kasan_bitops_generic+0x121/0x1c0 [ 14.777820] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.777841] ? __pfx_read_tsc+0x10/0x10 [ 14.777859] ? ktime_get_ts64+0x86/0x230 [ 14.777884] kunit_try_run_case+0x1a5/0x480 [ 14.777921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.777943] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.777965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.777988] ? __kthread_parkme+0x82/0x180 [ 14.778008] ? preempt_count_sub+0x50/0x80 [ 14.778033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.778057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.778079] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.778101] kthread+0x337/0x6f0 [ 14.778118] ? trace_preempt_on+0x20/0xc0 [ 14.778141] ? __pfx_kthread+0x10/0x10 [ 14.778160] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.778181] ? calculate_sigpending+0x7b/0xa0 [ 14.778202] ? __pfx_kthread+0x10/0x10 [ 14.778221] ret_from_fork+0x41/0x80 [ 14.778241] ? __pfx_kthread+0x10/0x10 [ 14.778260] ret_from_fork_asm+0x1a/0x30 [ 14.778289] </TASK> [ 14.778310] [ 14.787424] Allocated by task 280: [ 14.787609] kasan_save_stack+0x45/0x70 [ 14.787821] kasan_save_track+0x18/0x40 [ 14.788054] kasan_save_alloc_info+0x3b/0x50 [ 14.788336] __kasan_kmalloc+0xb7/0xc0 [ 14.788583] __kmalloc_cache_noprof+0x189/0x420 [ 14.788813] kasan_bitops_generic+0x92/0x1c0 [ 14.789020] kunit_try_run_case+0x1a5/0x480 [ 14.789229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.789491] kthread+0x337/0x6f0 [ 14.789657] ret_from_fork+0x41/0x80 [ 14.789882] ret_from_fork_asm+0x1a/0x30 [ 14.791251] [ 14.791386] The buggy address belongs to the object at ffff8881029e3080 [ 14.791386] which belongs to the cache kmalloc-16 of size 16 [ 14.792377] The buggy address is located 8 bytes inside of [ 14.792377] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.792932] [ 14.793114] The buggy address belongs to the physical page: [ 14.793419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.793779] flags: 0x200000000000000(node=0|zone=2) [ 14.794205] page_type: f5(slab) [ 14.794404] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.794719] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.795187] page dumped because: kasan: bad access detected [ 14.795565] [ 14.795680] Memory state around the buggy address: [ 14.795945] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.796232] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.796503] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.796847] ^ [ 14.797134] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.797520] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.797819] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.668085] ================================================================== [ 14.668423] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.668716] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.669407] [ 14.669603] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.669649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.669662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.669682] Call Trace: [ 14.669699] <TASK> [ 14.669715] dump_stack_lvl+0x73/0xb0 [ 14.669743] print_report+0xd1/0x650 [ 14.669765] ? __virt_addr_valid+0x1db/0x2d0 [ 14.669786] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.669807] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.669830] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.669852] kasan_report+0x141/0x180 [ 14.669874] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.669981] kasan_check_range+0x10c/0x1c0 [ 14.670003] __kasan_check_write+0x18/0x20 [ 14.670041] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.670063] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.670087] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.670124] ? trace_hardirqs_on+0x37/0xe0 [ 14.670147] ? kasan_bitops_generic+0x92/0x1c0 [ 14.670188] kasan_bitops_generic+0x116/0x1c0 [ 14.670209] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.670230] ? __pfx_read_tsc+0x10/0x10 [ 14.670250] ? ktime_get_ts64+0x86/0x230 [ 14.670274] kunit_try_run_case+0x1a5/0x480 [ 14.670310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.670332] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.670372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.670408] ? __kthread_parkme+0x82/0x180 [ 14.670431] ? preempt_count_sub+0x50/0x80 [ 14.670467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.670491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.670514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.670536] kthread+0x337/0x6f0 [ 14.670554] ? trace_preempt_on+0x20/0xc0 [ 14.670577] ? __pfx_kthread+0x10/0x10 [ 14.670594] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.670615] ? calculate_sigpending+0x7b/0xa0 [ 14.670635] ? __pfx_kthread+0x10/0x10 [ 14.670654] ret_from_fork+0x41/0x80 [ 14.670680] ? __pfx_kthread+0x10/0x10 [ 14.670716] ret_from_fork_asm+0x1a/0x30 [ 14.670761] </TASK> [ 14.670771] [ 14.680424] Allocated by task 280: [ 14.680616] kasan_save_stack+0x45/0x70 [ 14.680805] kasan_save_track+0x18/0x40 [ 14.680943] kasan_save_alloc_info+0x3b/0x50 [ 14.681144] __kasan_kmalloc+0xb7/0xc0 [ 14.681352] __kmalloc_cache_noprof+0x189/0x420 [ 14.681578] kasan_bitops_generic+0x92/0x1c0 [ 14.681787] kunit_try_run_case+0x1a5/0x480 [ 14.682217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.682536] kthread+0x337/0x6f0 [ 14.682691] ret_from_fork+0x41/0x80 [ 14.682851] ret_from_fork_asm+0x1a/0x30 [ 14.682986] [ 14.683056] The buggy address belongs to the object at ffff8881029e3080 [ 14.683056] which belongs to the cache kmalloc-16 of size 16 [ 14.683834] The buggy address is located 8 bytes inside of [ 14.683834] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.684473] [ 14.684581] The buggy address belongs to the physical page: [ 14.684872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.685266] flags: 0x200000000000000(node=0|zone=2) [ 14.685493] page_type: f5(slab) [ 14.685675] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.685990] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.686210] page dumped because: kasan: bad access detected [ 14.686385] [ 14.686456] Memory state around the buggy address: [ 14.686990] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.687510] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.687844] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.688504] ^ [ 14.688672] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.689078] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.689430] ================================================================== [ 14.689847] ================================================================== [ 14.690184] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.690699] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.691281] [ 14.691412] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.691458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.691470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.691491] Call Trace: [ 14.691508] <TASK> [ 14.691524] dump_stack_lvl+0x73/0xb0 [ 14.691552] print_report+0xd1/0x650 [ 14.691584] ? __virt_addr_valid+0x1db/0x2d0 [ 14.691606] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.691628] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.691673] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.691695] kasan_report+0x141/0x180 [ 14.691718] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.691762] kasan_check_range+0x10c/0x1c0 [ 14.691782] __kasan_check_write+0x18/0x20 [ 14.691802] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.691824] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.691846] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.691867] ? trace_hardirqs_on+0x37/0xe0 [ 14.691889] ? kasan_bitops_generic+0x92/0x1c0 [ 14.691913] kasan_bitops_generic+0x116/0x1c0 [ 14.692131] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.692152] ? __pfx_read_tsc+0x10/0x10 [ 14.692173] ? ktime_get_ts64+0x86/0x230 [ 14.692198] kunit_try_run_case+0x1a5/0x480 [ 14.692222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.692244] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.692267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.692289] ? __kthread_parkme+0x82/0x180 [ 14.692320] ? preempt_count_sub+0x50/0x80 [ 14.692345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.692367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.692390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.692412] kthread+0x337/0x6f0 [ 14.692429] ? trace_preempt_on+0x20/0xc0 [ 14.692451] ? __pfx_kthread+0x10/0x10 [ 14.692469] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.692489] ? calculate_sigpending+0x7b/0xa0 [ 14.692510] ? __pfx_kthread+0x10/0x10 [ 14.692549] ret_from_fork+0x41/0x80 [ 14.692569] ? __pfx_kthread+0x10/0x10 [ 14.692587] ret_from_fork_asm+0x1a/0x30 [ 14.692617] </TASK> [ 14.692627] [ 14.702683] Allocated by task 280: [ 14.702975] kasan_save_stack+0x45/0x70 [ 14.703154] kasan_save_track+0x18/0x40 [ 14.703293] kasan_save_alloc_info+0x3b/0x50 [ 14.703743] __kasan_kmalloc+0xb7/0xc0 [ 14.704036] __kmalloc_cache_noprof+0x189/0x420 [ 14.704320] kasan_bitops_generic+0x92/0x1c0 [ 14.704568] kunit_try_run_case+0x1a5/0x480 [ 14.704731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.704942] kthread+0x337/0x6f0 [ 14.705220] ret_from_fork+0x41/0x80 [ 14.705421] ret_from_fork_asm+0x1a/0x30 [ 14.705664] [ 14.705738] The buggy address belongs to the object at ffff8881029e3080 [ 14.705738] which belongs to the cache kmalloc-16 of size 16 [ 14.706153] The buggy address is located 8 bytes inside of [ 14.706153] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.707007] [ 14.707126] The buggy address belongs to the physical page: [ 14.707732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.708232] flags: 0x200000000000000(node=0|zone=2) [ 14.708414] page_type: f5(slab) [ 14.708665] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.709017] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.709473] page dumped because: kasan: bad access detected [ 14.709764] [ 14.709858] Memory state around the buggy address: [ 14.710153] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.710451] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.710830] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.711331] ^ [ 14.711559] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.711911] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.712352] ================================================================== [ 14.646590] ================================================================== [ 14.647335] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.648049] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.648828] [ 14.649122] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.649183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.649197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.649220] Call Trace: [ 14.649237] <TASK> [ 14.649253] dump_stack_lvl+0x73/0xb0 [ 14.649283] print_report+0xd1/0x650 [ 14.649318] ? __virt_addr_valid+0x1db/0x2d0 [ 14.649340] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.649361] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.649383] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.649405] kasan_report+0x141/0x180 [ 14.649429] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.649457] kasan_check_range+0x10c/0x1c0 [ 14.649477] __kasan_check_write+0x18/0x20 [ 14.649497] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.649519] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.649541] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.649563] ? trace_hardirqs_on+0x37/0xe0 [ 14.649585] ? kasan_bitops_generic+0x92/0x1c0 [ 14.649609] kasan_bitops_generic+0x116/0x1c0 [ 14.649629] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.649650] ? __pfx_read_tsc+0x10/0x10 [ 14.649669] ? ktime_get_ts64+0x86/0x230 [ 14.649694] kunit_try_run_case+0x1a5/0x480 [ 14.649718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.649740] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.649763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.649786] ? __kthread_parkme+0x82/0x180 [ 14.649808] ? preempt_count_sub+0x50/0x80 [ 14.649832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.649856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.649878] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.649903] kthread+0x337/0x6f0 [ 14.649920] ? trace_preempt_on+0x20/0xc0 [ 14.649943] ? __pfx_kthread+0x10/0x10 [ 14.649962] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.649983] ? calculate_sigpending+0x7b/0xa0 [ 14.650007] ? __pfx_kthread+0x10/0x10 [ 14.650025] ret_from_fork+0x41/0x80 [ 14.650046] ? __pfx_kthread+0x10/0x10 [ 14.650065] ret_from_fork_asm+0x1a/0x30 [ 14.650097] </TASK> [ 14.650108] [ 14.658647] Allocated by task 280: [ 14.658785] kasan_save_stack+0x45/0x70 [ 14.659125] kasan_save_track+0x18/0x40 [ 14.659346] kasan_save_alloc_info+0x3b/0x50 [ 14.659562] __kasan_kmalloc+0xb7/0xc0 [ 14.659726] __kmalloc_cache_noprof+0x189/0x420 [ 14.660000] kasan_bitops_generic+0x92/0x1c0 [ 14.660155] kunit_try_run_case+0x1a5/0x480 [ 14.660350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.660627] kthread+0x337/0x6f0 [ 14.660792] ret_from_fork+0x41/0x80 [ 14.660971] ret_from_fork_asm+0x1a/0x30 [ 14.661401] [ 14.661534] The buggy address belongs to the object at ffff8881029e3080 [ 14.661534] which belongs to the cache kmalloc-16 of size 16 [ 14.661969] The buggy address is located 8 bytes inside of [ 14.661969] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.662376] [ 14.662571] The buggy address belongs to the physical page: [ 14.662855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.663310] flags: 0x200000000000000(node=0|zone=2) [ 14.663558] page_type: f5(slab) [ 14.663678] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.664206] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.664616] page dumped because: kasan: bad access detected [ 14.665083] [ 14.665203] Memory state around the buggy address: [ 14.665372] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.665971] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.666279] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.666636] ^ [ 14.666829] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.667154] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.667593] ================================================================== [ 14.712954] ================================================================== [ 14.713360] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.713796] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.714160] [ 14.714248] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.714293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.714316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.714402] Call Trace: [ 14.714420] <TASK> [ 14.714436] dump_stack_lvl+0x73/0xb0 [ 14.714464] print_report+0xd1/0x650 [ 14.714486] ? __virt_addr_valid+0x1db/0x2d0 [ 14.714507] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.714528] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.714550] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.714572] kasan_report+0x141/0x180 [ 14.714595] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.714622] kasan_check_range+0x10c/0x1c0 [ 14.714642] __kasan_check_write+0x18/0x20 [ 14.714662] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.714689] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.714737] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.714759] ? trace_hardirqs_on+0x37/0xe0 [ 14.714782] ? kasan_bitops_generic+0x92/0x1c0 [ 14.714820] kasan_bitops_generic+0x116/0x1c0 [ 14.714841] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.714862] ? __pfx_read_tsc+0x10/0x10 [ 14.714882] ? ktime_get_ts64+0x86/0x230 [ 14.715091] kunit_try_run_case+0x1a5/0x480 [ 14.715116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.715137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.715161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.715183] ? __kthread_parkme+0x82/0x180 [ 14.715205] ? preempt_count_sub+0x50/0x80 [ 14.715229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.715252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.715381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.715405] kthread+0x337/0x6f0 [ 14.715422] ? trace_preempt_on+0x20/0xc0 [ 14.715445] ? __pfx_kthread+0x10/0x10 [ 14.715463] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.715485] ? calculate_sigpending+0x7b/0xa0 [ 14.715506] ? __pfx_kthread+0x10/0x10 [ 14.715524] ret_from_fork+0x41/0x80 [ 14.715545] ? __pfx_kthread+0x10/0x10 [ 14.715562] ret_from_fork_asm+0x1a/0x30 [ 14.715593] </TASK> [ 14.715604] [ 14.725804] Allocated by task 280: [ 14.726101] kasan_save_stack+0x45/0x70 [ 14.726293] kasan_save_track+0x18/0x40 [ 14.726791] kasan_save_alloc_info+0x3b/0x50 [ 14.727026] __kasan_kmalloc+0xb7/0xc0 [ 14.727414] __kmalloc_cache_noprof+0x189/0x420 [ 14.727643] kasan_bitops_generic+0x92/0x1c0 [ 14.727852] kunit_try_run_case+0x1a5/0x480 [ 14.728109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.728391] kthread+0x337/0x6f0 [ 14.728642] ret_from_fork+0x41/0x80 [ 14.728788] ret_from_fork_asm+0x1a/0x30 [ 14.729083] [ 14.729199] The buggy address belongs to the object at ffff8881029e3080 [ 14.729199] which belongs to the cache kmalloc-16 of size 16 [ 14.729713] The buggy address is located 8 bytes inside of [ 14.729713] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.730328] [ 14.730436] The buggy address belongs to the physical page: [ 14.730693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.731285] flags: 0x200000000000000(node=0|zone=2) [ 14.731644] page_type: f5(slab) [ 14.731834] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.732281] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.732713] page dumped because: kasan: bad access detected [ 14.732914] [ 14.733010] Memory state around the buggy address: [ 14.733238] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.733573] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.733959] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.734245] ^ [ 14.734433] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.734701] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.734992] ================================================================== [ 14.619646] ================================================================== [ 14.620186] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.620500] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.620861] [ 14.621045] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.621092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.621105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.621126] Call Trace: [ 14.621144] <TASK> [ 14.621160] dump_stack_lvl+0x73/0xb0 [ 14.621186] print_report+0xd1/0x650 [ 14.621208] ? __virt_addr_valid+0x1db/0x2d0 [ 14.621230] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.621251] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.621273] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.621295] kasan_report+0x141/0x180 [ 14.621330] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.621357] kasan_check_range+0x10c/0x1c0 [ 14.621377] __kasan_check_write+0x18/0x20 [ 14.621396] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.621438] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.621462] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.621483] ? trace_hardirqs_on+0x37/0xe0 [ 14.621506] ? kasan_bitops_generic+0x92/0x1c0 [ 14.621530] kasan_bitops_generic+0x116/0x1c0 [ 14.621550] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.621571] ? __pfx_read_tsc+0x10/0x10 [ 14.621591] ? ktime_get_ts64+0x86/0x230 [ 14.621615] kunit_try_run_case+0x1a5/0x480 [ 14.621640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.621662] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.621685] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.621707] ? __kthread_parkme+0x82/0x180 [ 14.621730] ? preempt_count_sub+0x50/0x80 [ 14.621755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.621779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.621801] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.621823] kthread+0x337/0x6f0 [ 14.621840] ? trace_preempt_on+0x20/0xc0 [ 14.621862] ? __pfx_kthread+0x10/0x10 [ 14.621887] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.621907] ? calculate_sigpending+0x7b/0xa0 [ 14.621928] ? __pfx_kthread+0x10/0x10 [ 14.621947] ret_from_fork+0x41/0x80 [ 14.621967] ? __pfx_kthread+0x10/0x10 [ 14.621985] ret_from_fork_asm+0x1a/0x30 [ 14.622016] </TASK> [ 14.622026] [ 14.631051] Allocated by task 280: [ 14.631236] kasan_save_stack+0x45/0x70 [ 14.631448] kasan_save_track+0x18/0x40 [ 14.631629] kasan_save_alloc_info+0x3b/0x50 [ 14.631809] __kasan_kmalloc+0xb7/0xc0 [ 14.631986] __kmalloc_cache_noprof+0x189/0x420 [ 14.632171] kasan_bitops_generic+0x92/0x1c0 [ 14.633213] kunit_try_run_case+0x1a5/0x480 [ 14.633584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.634121] kthread+0x337/0x6f0 [ 14.634288] ret_from_fork+0x41/0x80 [ 14.634669] ret_from_fork_asm+0x1a/0x30 [ 14.635141] [ 14.635386] The buggy address belongs to the object at ffff8881029e3080 [ 14.635386] which belongs to the cache kmalloc-16 of size 16 [ 14.636394] The buggy address is located 8 bytes inside of [ 14.636394] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.637335] [ 14.637627] The buggy address belongs to the physical page: [ 14.637875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.638194] flags: 0x200000000000000(node=0|zone=2) [ 14.639059] page_type: f5(slab) [ 14.639392] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.640220] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.640760] page dumped because: kasan: bad access detected [ 14.641220] [ 14.641330] Memory state around the buggy address: [ 14.641742] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.642270] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.642733] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.643400] ^ [ 14.643719] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.644503] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.645111] ================================================================== [ 14.735378] ================================================================== [ 14.735839] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.736278] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.736633] [ 14.736748] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.736793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.736805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.736827] Call Trace: [ 14.736842] <TASK> [ 14.736859] dump_stack_lvl+0x73/0xb0 [ 14.736938] print_report+0xd1/0x650 [ 14.736964] ? __virt_addr_valid+0x1db/0x2d0 [ 14.736985] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.737007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.737030] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.737051] kasan_report+0x141/0x180 [ 14.737074] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.737102] kasan_check_range+0x10c/0x1c0 [ 14.737122] __kasan_check_write+0x18/0x20 [ 14.737141] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.737164] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.737187] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.737207] ? trace_hardirqs_on+0x37/0xe0 [ 14.737229] ? kasan_bitops_generic+0x92/0x1c0 [ 14.737253] kasan_bitops_generic+0x116/0x1c0 [ 14.737272] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.737294] ? __pfx_read_tsc+0x10/0x10 [ 14.737324] ? ktime_get_ts64+0x86/0x230 [ 14.737349] kunit_try_run_case+0x1a5/0x480 [ 14.737372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.737394] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.737416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.737439] ? __kthread_parkme+0x82/0x180 [ 14.737460] ? preempt_count_sub+0x50/0x80 [ 14.737485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.737508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.737530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.737552] kthread+0x337/0x6f0 [ 14.737569] ? trace_preempt_on+0x20/0xc0 [ 14.737591] ? __pfx_kthread+0x10/0x10 [ 14.737609] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.737629] ? calculate_sigpending+0x7b/0xa0 [ 14.737651] ? __pfx_kthread+0x10/0x10 [ 14.737669] ret_from_fork+0x41/0x80 [ 14.737689] ? __pfx_kthread+0x10/0x10 [ 14.737707] ret_from_fork_asm+0x1a/0x30 [ 14.737738] </TASK> [ 14.737748] [ 14.746683] Allocated by task 280: [ 14.746879] kasan_save_stack+0x45/0x70 [ 14.747140] kasan_save_track+0x18/0x40 [ 14.747294] kasan_save_alloc_info+0x3b/0x50 [ 14.747554] __kasan_kmalloc+0xb7/0xc0 [ 14.747707] __kmalloc_cache_noprof+0x189/0x420 [ 14.747894] kasan_bitops_generic+0x92/0x1c0 [ 14.748041] kunit_try_run_case+0x1a5/0x480 [ 14.748186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.748492] kthread+0x337/0x6f0 [ 14.748845] ret_from_fork+0x41/0x80 [ 14.749131] ret_from_fork_asm+0x1a/0x30 [ 14.749409] [ 14.749607] The buggy address belongs to the object at ffff8881029e3080 [ 14.749607] which belongs to the cache kmalloc-16 of size 16 [ 14.750146] The buggy address is located 8 bytes inside of [ 14.750146] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.750532] [ 14.750630] The buggy address belongs to the physical page: [ 14.750917] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.751340] flags: 0x200000000000000(node=0|zone=2) [ 14.751524] page_type: f5(slab) [ 14.751646] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.752257] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.752722] page dumped because: kasan: bad access detected [ 14.752899] [ 14.752971] Memory state around the buggy address: [ 14.753152] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.753654] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.753977] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.754266] ^ [ 14.754544] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.754810] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.755166] ================================================================== [ 14.755539] ================================================================== [ 14.755881] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.756241] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.756665] [ 14.756777] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.756822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.756834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.756854] Call Trace: [ 14.756868] <TASK> [ 14.756882] dump_stack_lvl+0x73/0xb0 [ 14.756907] print_report+0xd1/0x650 [ 14.756929] ? __virt_addr_valid+0x1db/0x2d0 [ 14.756949] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.756971] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.756994] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.757016] kasan_report+0x141/0x180 [ 14.757038] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.757064] kasan_check_range+0x10c/0x1c0 [ 14.757084] __kasan_check_write+0x18/0x20 [ 14.757103] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.757125] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.757148] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.757168] ? trace_hardirqs_on+0x37/0xe0 [ 14.757189] ? kasan_bitops_generic+0x92/0x1c0 [ 14.757213] kasan_bitops_generic+0x116/0x1c0 [ 14.757232] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.757253] ? __pfx_read_tsc+0x10/0x10 [ 14.757272] ? ktime_get_ts64+0x86/0x230 [ 14.757297] kunit_try_run_case+0x1a5/0x480 [ 14.757330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.757351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.757374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.757396] ? __kthread_parkme+0x82/0x180 [ 14.757417] ? preempt_count_sub+0x50/0x80 [ 14.757617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.757654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.757677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.757700] kthread+0x337/0x6f0 [ 14.757718] ? trace_preempt_on+0x20/0xc0 [ 14.757741] ? __pfx_kthread+0x10/0x10 [ 14.757758] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.757780] ? calculate_sigpending+0x7b/0xa0 [ 14.757801] ? __pfx_kthread+0x10/0x10 [ 14.757819] ret_from_fork+0x41/0x80 [ 14.757839] ? __pfx_kthread+0x10/0x10 [ 14.757857] ret_from_fork_asm+0x1a/0x30 [ 14.757942] </TASK> [ 14.757955] [ 14.766786] Allocated by task 280: [ 14.766968] kasan_save_stack+0x45/0x70 [ 14.767162] kasan_save_track+0x18/0x40 [ 14.767357] kasan_save_alloc_info+0x3b/0x50 [ 14.767592] __kasan_kmalloc+0xb7/0xc0 [ 14.767782] __kmalloc_cache_noprof+0x189/0x420 [ 14.767941] kasan_bitops_generic+0x92/0x1c0 [ 14.768155] kunit_try_run_case+0x1a5/0x480 [ 14.768343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.768571] kthread+0x337/0x6f0 [ 14.768816] ret_from_fork+0x41/0x80 [ 14.769011] ret_from_fork_asm+0x1a/0x30 [ 14.769173] [ 14.769270] The buggy address belongs to the object at ffff8881029e3080 [ 14.769270] which belongs to the cache kmalloc-16 of size 16 [ 14.769650] The buggy address is located 8 bytes inside of [ 14.769650] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.770003] [ 14.770090] The buggy address belongs to the physical page: [ 14.770347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.770957] flags: 0x200000000000000(node=0|zone=2) [ 14.771189] page_type: f5(slab) [ 14.771370] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.771753] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.771981] page dumped because: kasan: bad access detected [ 14.772154] [ 14.772223] Memory state around the buggy address: [ 14.772421] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.772748] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.773083] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.773683] ^ [ 14.773866] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.774188] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.774537] ================================================================== [ 14.599141] ================================================================== [ 14.599811] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.600458] Write of size 8 at addr ffff8881029e3088 by task kunit_try_catch/280 [ 14.600761] [ 14.600859] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.600975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.600988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.601011] Call Trace: [ 14.601023] <TASK> [ 14.601041] dump_stack_lvl+0x73/0xb0 [ 14.601072] print_report+0xd1/0x650 [ 14.601095] ? __virt_addr_valid+0x1db/0x2d0 [ 14.601119] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.601141] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.601163] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.601185] kasan_report+0x141/0x180 [ 14.601208] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.601235] kasan_check_range+0x10c/0x1c0 [ 14.601255] __kasan_check_write+0x18/0x20 [ 14.601275] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.601309] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.601332] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.601353] ? trace_hardirqs_on+0x37/0xe0 [ 14.601378] ? kasan_bitops_generic+0x92/0x1c0 [ 14.601402] kasan_bitops_generic+0x116/0x1c0 [ 14.601441] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.601463] ? __pfx_read_tsc+0x10/0x10 [ 14.601484] ? ktime_get_ts64+0x86/0x230 [ 14.601510] kunit_try_run_case+0x1a5/0x480 [ 14.601534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.601579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.601602] ? __kthread_parkme+0x82/0x180 [ 14.601625] ? preempt_count_sub+0x50/0x80 [ 14.601652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.601697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.601720] kthread+0x337/0x6f0 [ 14.601736] ? trace_preempt_on+0x20/0xc0 [ 14.601759] ? __pfx_kthread+0x10/0x10 [ 14.601777] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.601797] ? calculate_sigpending+0x7b/0xa0 [ 14.601819] ? __pfx_kthread+0x10/0x10 [ 14.601838] ret_from_fork+0x41/0x80 [ 14.601858] ? __pfx_kthread+0x10/0x10 [ 14.602071] ret_from_fork_asm+0x1a/0x30 [ 14.602105] </TASK> [ 14.602116] [ 14.610702] Allocated by task 280: [ 14.610961] kasan_save_stack+0x45/0x70 [ 14.611180] kasan_save_track+0x18/0x40 [ 14.611369] kasan_save_alloc_info+0x3b/0x50 [ 14.611598] __kasan_kmalloc+0xb7/0xc0 [ 14.611777] __kmalloc_cache_noprof+0x189/0x420 [ 14.612256] kasan_bitops_generic+0x92/0x1c0 [ 14.612502] kunit_try_run_case+0x1a5/0x480 [ 14.612676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.613024] kthread+0x337/0x6f0 [ 14.613173] ret_from_fork+0x41/0x80 [ 14.613357] ret_from_fork_asm+0x1a/0x30 [ 14.613545] [ 14.613648] The buggy address belongs to the object at ffff8881029e3080 [ 14.613648] which belongs to the cache kmalloc-16 of size 16 [ 14.614131] The buggy address is located 8 bytes inside of [ 14.614131] allocated 9-byte region [ffff8881029e3080, ffff8881029e3089) [ 14.614616] [ 14.614724] The buggy address belongs to the physical page: [ 14.615058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 14.615426] flags: 0x200000000000000(node=0|zone=2) [ 14.615692] page_type: f5(slab) [ 14.616035] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.616375] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.616711] page dumped because: kasan: bad access detected [ 14.617023] [ 14.617116] Memory state around the buggy address: [ 14.617311] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.617556] ffff8881029e3000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.617958] >ffff8881029e3080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.618285] ^ [ 14.618496] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.618809] ffff8881029e3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.619118] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.574353] ================================================================== [ 14.574758] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.575077] Read of size 1 at addr ffff888102714790 by task kunit_try_catch/278 [ 14.575547] [ 14.575671] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.575716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.575728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.575747] Call Trace: [ 14.575762] <TASK> [ 14.575777] dump_stack_lvl+0x73/0xb0 [ 14.575804] print_report+0xd1/0x650 [ 14.575826] ? __virt_addr_valid+0x1db/0x2d0 [ 14.575847] ? strnlen+0x73/0x80 [ 14.575884] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.575907] ? strnlen+0x73/0x80 [ 14.575925] kasan_report+0x141/0x180 [ 14.575948] ? strnlen+0x73/0x80 [ 14.575971] __asan_report_load1_noabort+0x18/0x20 [ 14.575992] strnlen+0x73/0x80 [ 14.576011] kasan_strings+0x615/0xe80 [ 14.576031] ? trace_hardirqs_on+0x37/0xe0 [ 14.576054] ? __pfx_kasan_strings+0x10/0x10 [ 14.576075] ? finish_task_switch.isra.0+0x153/0x700 [ 14.576098] ? __switch_to+0x5d9/0xf60 [ 14.576117] ? dequeue_task_fair+0x156/0x4e0 [ 14.576141] ? __schedule+0x10cc/0x2b30 [ 14.576163] ? __pfx_read_tsc+0x10/0x10 [ 14.576183] ? ktime_get_ts64+0x86/0x230 [ 14.576207] kunit_try_run_case+0x1a5/0x480 [ 14.576231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.576253] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.576276] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.576308] ? __kthread_parkme+0x82/0x180 [ 14.576328] ? preempt_count_sub+0x50/0x80 [ 14.576353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.576375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.576398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.576437] kthread+0x337/0x6f0 [ 14.576454] ? trace_preempt_on+0x20/0xc0 [ 14.576477] ? __pfx_kthread+0x10/0x10 [ 14.576495] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.576516] ? calculate_sigpending+0x7b/0xa0 [ 14.576537] ? __pfx_kthread+0x10/0x10 [ 14.576556] ret_from_fork+0x41/0x80 [ 14.576576] ? __pfx_kthread+0x10/0x10 [ 14.576595] ret_from_fork_asm+0x1a/0x30 [ 14.576626] </TASK> [ 14.576637] [ 14.584008] Allocated by task 278: [ 14.584186] kasan_save_stack+0x45/0x70 [ 14.584392] kasan_save_track+0x18/0x40 [ 14.584613] kasan_save_alloc_info+0x3b/0x50 [ 14.584821] __kasan_kmalloc+0xb7/0xc0 [ 14.584996] __kmalloc_cache_noprof+0x189/0x420 [ 14.585180] kasan_strings+0xc0/0xe80 [ 14.585361] kunit_try_run_case+0x1a5/0x480 [ 14.585571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.585830] kthread+0x337/0x6f0 [ 14.585971] ret_from_fork+0x41/0x80 [ 14.586126] ret_from_fork_asm+0x1a/0x30 [ 14.586269] [ 14.586349] Freed by task 278: [ 14.586480] kasan_save_stack+0x45/0x70 [ 14.586664] kasan_save_track+0x18/0x40 [ 14.586862] kasan_save_free_info+0x3f/0x60 [ 14.587066] __kasan_slab_free+0x56/0x70 [ 14.587261] kfree+0x222/0x3f0 [ 14.587456] kasan_strings+0x2aa/0xe80 [ 14.587646] kunit_try_run_case+0x1a5/0x480 [ 14.587840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.588016] kthread+0x337/0x6f0 [ 14.588134] ret_from_fork+0x41/0x80 [ 14.588323] ret_from_fork_asm+0x1a/0x30 [ 14.588548] [ 14.588642] The buggy address belongs to the object at ffff888102714780 [ 14.588642] which belongs to the cache kmalloc-32 of size 32 [ 14.589182] The buggy address is located 16 bytes inside of [ 14.589182] freed 32-byte region [ffff888102714780, ffff8881027147a0) [ 14.589655] [ 14.589730] The buggy address belongs to the physical page: [ 14.589903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102714 [ 14.590145] flags: 0x200000000000000(node=0|zone=2) [ 14.590317] page_type: f5(slab) [ 14.590458] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.590727] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.591073] page dumped because: kasan: bad access detected [ 14.591340] [ 14.591454] Memory state around the buggy address: [ 14.591680] ffff888102714680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.592002] ffff888102714700: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.592250] >ffff888102714780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.592498] ^ [ 14.592628] ffff888102714800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.592844] ffff888102714880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.593058] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.554595] ================================================================== [ 14.554993] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.555282] Read of size 1 at addr ffff888102714790 by task kunit_try_catch/278 [ 14.555734] [ 14.555832] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.555881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.555893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.555915] Call Trace: [ 14.555930] <TASK> [ 14.555945] dump_stack_lvl+0x73/0xb0 [ 14.555973] print_report+0xd1/0x650 [ 14.555996] ? __virt_addr_valid+0x1db/0x2d0 [ 14.556018] ? strlen+0x8f/0xb0 [ 14.556036] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.556059] ? strlen+0x8f/0xb0 [ 14.556076] kasan_report+0x141/0x180 [ 14.556099] ? strlen+0x8f/0xb0 [ 14.556122] __asan_report_load1_noabort+0x18/0x20 [ 14.556143] strlen+0x8f/0xb0 [ 14.556161] kasan_strings+0x57b/0xe80 [ 14.556181] ? trace_hardirqs_on+0x37/0xe0 [ 14.556204] ? __pfx_kasan_strings+0x10/0x10 [ 14.556225] ? finish_task_switch.isra.0+0x153/0x700 [ 14.556248] ? __switch_to+0x5d9/0xf60 [ 14.556269] ? dequeue_task_fair+0x156/0x4e0 [ 14.556293] ? __schedule+0x10cc/0x2b30 [ 14.556331] ? __pfx_read_tsc+0x10/0x10 [ 14.556350] ? ktime_get_ts64+0x86/0x230 [ 14.556376] kunit_try_run_case+0x1a5/0x480 [ 14.556400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.556442] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.556466] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.556488] ? __kthread_parkme+0x82/0x180 [ 14.556510] ? preempt_count_sub+0x50/0x80 [ 14.556534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.556557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.556580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.556602] kthread+0x337/0x6f0 [ 14.556620] ? trace_preempt_on+0x20/0xc0 [ 14.556642] ? __pfx_kthread+0x10/0x10 [ 14.556660] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.556681] ? calculate_sigpending+0x7b/0xa0 [ 14.556702] ? __pfx_kthread+0x10/0x10 [ 14.556721] ret_from_fork+0x41/0x80 [ 14.556741] ? __pfx_kthread+0x10/0x10 [ 14.556759] ret_from_fork_asm+0x1a/0x30 [ 14.556791] </TASK> [ 14.556802] [ 14.564205] Allocated by task 278: [ 14.564339] kasan_save_stack+0x45/0x70 [ 14.564511] kasan_save_track+0x18/0x40 [ 14.564707] kasan_save_alloc_info+0x3b/0x50 [ 14.564922] __kasan_kmalloc+0xb7/0xc0 [ 14.565117] __kmalloc_cache_noprof+0x189/0x420 [ 14.565349] kasan_strings+0xc0/0xe80 [ 14.565565] kunit_try_run_case+0x1a5/0x480 [ 14.565772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.566030] kthread+0x337/0x6f0 [ 14.566185] ret_from_fork+0x41/0x80 [ 14.566360] ret_from_fork_asm+0x1a/0x30 [ 14.566584] [ 14.566691] Freed by task 278: [ 14.566834] kasan_save_stack+0x45/0x70 [ 14.567037] kasan_save_track+0x18/0x40 [ 14.567202] kasan_save_free_info+0x3f/0x60 [ 14.567376] __kasan_slab_free+0x56/0x70 [ 14.567592] kfree+0x222/0x3f0 [ 14.567747] kasan_strings+0x2aa/0xe80 [ 14.567920] kunit_try_run_case+0x1a5/0x480 [ 14.568116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.568334] kthread+0x337/0x6f0 [ 14.568526] ret_from_fork+0x41/0x80 [ 14.568680] ret_from_fork_asm+0x1a/0x30 [ 14.568879] [ 14.568956] The buggy address belongs to the object at ffff888102714780 [ 14.568956] which belongs to the cache kmalloc-32 of size 32 [ 14.569450] The buggy address is located 16 bytes inside of [ 14.569450] freed 32-byte region [ffff888102714780, ffff8881027147a0) [ 14.569916] [ 14.569999] The buggy address belongs to the physical page: [ 14.570239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102714 [ 14.570590] flags: 0x200000000000000(node=0|zone=2) [ 14.570802] page_type: f5(slab) [ 14.570926] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.571161] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.571401] page dumped because: kasan: bad access detected [ 14.571592] [ 14.571662] Memory state around the buggy address: [ 14.571873] ffff888102714680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.572191] ffff888102714700: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.572544] >ffff888102714780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.572860] ^ [ 14.573040] ffff888102714800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.573292] ffff888102714880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.573537] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.534813] ================================================================== [ 14.535115] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.535376] Read of size 1 at addr ffff888102714790 by task kunit_try_catch/278 [ 14.535654] [ 14.535756] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.535800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.535813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.535834] Call Trace: [ 14.535846] <TASK> [ 14.535862] dump_stack_lvl+0x73/0xb0 [ 14.535889] print_report+0xd1/0x650 [ 14.535911] ? __virt_addr_valid+0x1db/0x2d0 [ 14.535933] ? kasan_strings+0xcbc/0xe80 [ 14.535953] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.535977] ? kasan_strings+0xcbc/0xe80 [ 14.535998] kasan_report+0x141/0x180 [ 14.536021] ? kasan_strings+0xcbc/0xe80 [ 14.536047] __asan_report_load1_noabort+0x18/0x20 [ 14.536068] kasan_strings+0xcbc/0xe80 [ 14.536088] ? trace_hardirqs_on+0x37/0xe0 [ 14.536111] ? __pfx_kasan_strings+0x10/0x10 [ 14.536132] ? finish_task_switch.isra.0+0x153/0x700 [ 14.536155] ? __switch_to+0x5d9/0xf60 [ 14.536176] ? dequeue_task_fair+0x156/0x4e0 [ 14.536200] ? __schedule+0x10cc/0x2b30 [ 14.536222] ? __pfx_read_tsc+0x10/0x10 [ 14.536241] ? ktime_get_ts64+0x86/0x230 [ 14.536267] kunit_try_run_case+0x1a5/0x480 [ 14.536290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.536322] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.536345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.536367] ? __kthread_parkme+0x82/0x180 [ 14.536389] ? preempt_count_sub+0x50/0x80 [ 14.536414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.536437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.536460] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.536482] kthread+0x337/0x6f0 [ 14.536499] ? trace_preempt_on+0x20/0xc0 [ 14.536521] ? __pfx_kthread+0x10/0x10 [ 14.536540] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.536560] ? calculate_sigpending+0x7b/0xa0 [ 14.536581] ? __pfx_kthread+0x10/0x10 [ 14.536599] ret_from_fork+0x41/0x80 [ 14.536619] ? __pfx_kthread+0x10/0x10 [ 14.536637] ret_from_fork_asm+0x1a/0x30 [ 14.536667] </TASK> [ 14.536677] [ 14.543744] Allocated by task 278: [ 14.543871] kasan_save_stack+0x45/0x70 [ 14.544018] kasan_save_track+0x18/0x40 [ 14.544213] kasan_save_alloc_info+0x3b/0x50 [ 14.544454] __kasan_kmalloc+0xb7/0xc0 [ 14.544653] __kmalloc_cache_noprof+0x189/0x420 [ 14.544868] kasan_strings+0xc0/0xe80 [ 14.545057] kunit_try_run_case+0x1a5/0x480 [ 14.545245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.545473] kthread+0x337/0x6f0 [ 14.545646] ret_from_fork+0x41/0x80 [ 14.545817] ret_from_fork_asm+0x1a/0x30 [ 14.545976] [ 14.546071] Freed by task 278: [ 14.546222] kasan_save_stack+0x45/0x70 [ 14.546401] kasan_save_track+0x18/0x40 [ 14.546583] kasan_save_free_info+0x3f/0x60 [ 14.546794] __kasan_slab_free+0x56/0x70 [ 14.546975] kfree+0x222/0x3f0 [ 14.547130] kasan_strings+0x2aa/0xe80 [ 14.547291] kunit_try_run_case+0x1a5/0x480 [ 14.547529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.547736] kthread+0x337/0x6f0 [ 14.547856] ret_from_fork+0x41/0x80 [ 14.547987] ret_from_fork_asm+0x1a/0x30 [ 14.548125] [ 14.548196] The buggy address belongs to the object at ffff888102714780 [ 14.548196] which belongs to the cache kmalloc-32 of size 32 [ 14.548719] The buggy address is located 16 bytes inside of [ 14.548719] freed 32-byte region [ffff888102714780, ffff8881027147a0) [ 14.549235] [ 14.549339] The buggy address belongs to the physical page: [ 14.549616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102714 [ 14.549914] flags: 0x200000000000000(node=0|zone=2) [ 14.550082] page_type: f5(slab) [ 14.550207] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.550591] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.550941] page dumped because: kasan: bad access detected [ 14.551198] [ 14.551293] Memory state around the buggy address: [ 14.551521] ffff888102714680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.551816] ffff888102714700: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.552107] >ffff888102714780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.552394] ^ [ 14.552596] ffff888102714800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.552840] ffff888102714880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.553056] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.512132] ================================================================== [ 14.513149] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.513686] Read of size 1 at addr ffff888102714790 by task kunit_try_catch/278 [ 14.514008] [ 14.514122] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.514171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.514184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.514207] Call Trace: [ 14.514219] <TASK> [ 14.514237] dump_stack_lvl+0x73/0xb0 [ 14.514266] print_report+0xd1/0x650 [ 14.514290] ? __virt_addr_valid+0x1db/0x2d0 [ 14.514326] ? strcmp+0xb0/0xc0 [ 14.514344] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.514368] ? strcmp+0xb0/0xc0 [ 14.514385] kasan_report+0x141/0x180 [ 14.514408] ? strcmp+0xb0/0xc0 [ 14.514430] __asan_report_load1_noabort+0x18/0x20 [ 14.514452] strcmp+0xb0/0xc0 [ 14.514471] kasan_strings+0x431/0xe80 [ 14.514491] ? trace_hardirqs_on+0x37/0xe0 [ 14.514515] ? __pfx_kasan_strings+0x10/0x10 [ 14.514536] ? finish_task_switch.isra.0+0x153/0x700 [ 14.514560] ? __switch_to+0x5d9/0xf60 [ 14.514582] ? dequeue_task_fair+0x156/0x4e0 [ 14.514607] ? __schedule+0x10cc/0x2b30 [ 14.514630] ? __pfx_read_tsc+0x10/0x10 [ 14.514649] ? ktime_get_ts64+0x86/0x230 [ 14.514680] kunit_try_run_case+0x1a5/0x480 [ 14.514705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.514727] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.514751] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.514782] ? __kthread_parkme+0x82/0x180 [ 14.514805] ? preempt_count_sub+0x50/0x80 [ 14.514828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.514852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.514874] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.514897] kthread+0x337/0x6f0 [ 14.514914] ? trace_preempt_on+0x20/0xc0 [ 14.514936] ? __pfx_kthread+0x10/0x10 [ 14.514954] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.514975] ? calculate_sigpending+0x7b/0xa0 [ 14.514997] ? __pfx_kthread+0x10/0x10 [ 14.515015] ret_from_fork+0x41/0x80 [ 14.515036] ? __pfx_kthread+0x10/0x10 [ 14.515053] ret_from_fork_asm+0x1a/0x30 [ 14.515084] </TASK> [ 14.515096] [ 14.522819] Allocated by task 278: [ 14.522988] kasan_save_stack+0x45/0x70 [ 14.523136] kasan_save_track+0x18/0x40 [ 14.523275] kasan_save_alloc_info+0x3b/0x50 [ 14.523493] __kasan_kmalloc+0xb7/0xc0 [ 14.523688] __kmalloc_cache_noprof+0x189/0x420 [ 14.523910] kasan_strings+0xc0/0xe80 [ 14.524087] kunit_try_run_case+0x1a5/0x480 [ 14.524235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.524421] kthread+0x337/0x6f0 [ 14.524656] ret_from_fork+0x41/0x80 [ 14.524841] ret_from_fork_asm+0x1a/0x30 [ 14.525041] [ 14.525135] Freed by task 278: [ 14.525296] kasan_save_stack+0x45/0x70 [ 14.525520] kasan_save_track+0x18/0x40 [ 14.525692] kasan_save_free_info+0x3f/0x60 [ 14.525888] __kasan_slab_free+0x56/0x70 [ 14.526067] kfree+0x222/0x3f0 [ 14.526212] kasan_strings+0x2aa/0xe80 [ 14.526407] kunit_try_run_case+0x1a5/0x480 [ 14.526619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.526875] kthread+0x337/0x6f0 [ 14.527005] ret_from_fork+0x41/0x80 [ 14.527141] ret_from_fork_asm+0x1a/0x30 [ 14.527282] [ 14.527364] The buggy address belongs to the object at ffff888102714780 [ 14.527364] which belongs to the cache kmalloc-32 of size 32 [ 14.527739] The buggy address is located 16 bytes inside of [ 14.527739] freed 32-byte region [ffff888102714780, ffff8881027147a0) [ 14.528561] [ 14.528664] The buggy address belongs to the physical page: [ 14.528917] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102714 [ 14.529367] flags: 0x200000000000000(node=0|zone=2) [ 14.529747] page_type: f5(slab) [ 14.529911] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.530163] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.530419] page dumped because: kasan: bad access detected [ 14.530654] [ 14.530755] Memory state around the buggy address: [ 14.530985] ffff888102714680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.531320] ffff888102714700: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.531744] >ffff888102714780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.531994] ^ [ 14.532170] ffff888102714800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.532528] ffff888102714880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.532805] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.484625] ================================================================== [ 14.485151] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.485501] Read of size 1 at addr ffff888102a4c418 by task kunit_try_catch/276 [ 14.485790] [ 14.485954] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.486003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.486016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.486038] Call Trace: [ 14.486051] <TASK> [ 14.486067] dump_stack_lvl+0x73/0xb0 [ 14.486094] print_report+0xd1/0x650 [ 14.486117] ? __virt_addr_valid+0x1db/0x2d0 [ 14.486140] ? memcmp+0x1b4/0x1d0 [ 14.486157] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.486180] ? memcmp+0x1b4/0x1d0 [ 14.486199] kasan_report+0x141/0x180 [ 14.486221] ? memcmp+0x1b4/0x1d0 [ 14.486244] __asan_report_load1_noabort+0x18/0x20 [ 14.486265] memcmp+0x1b4/0x1d0 [ 14.486285] kasan_memcmp+0x18f/0x390 [ 14.486319] ? trace_hardirqs_on+0x37/0xe0 [ 14.486343] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.486366] ? __kasan_check_write+0x18/0x20 [ 14.486385] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.486410] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.486446] ? __pfx_read_tsc+0x10/0x10 [ 14.486467] ? ktime_get_ts64+0x86/0x230 [ 14.486492] kunit_try_run_case+0x1a5/0x480 [ 14.486517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.486539] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.486561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.486584] ? __kthread_parkme+0x82/0x180 [ 14.486606] ? preempt_count_sub+0x50/0x80 [ 14.486631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.486655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.486682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.486705] kthread+0x337/0x6f0 [ 14.486722] ? trace_preempt_on+0x20/0xc0 [ 14.486744] ? __pfx_kthread+0x10/0x10 [ 14.486763] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.486783] ? calculate_sigpending+0x7b/0xa0 [ 14.486804] ? __pfx_kthread+0x10/0x10 [ 14.486822] ret_from_fork+0x41/0x80 [ 14.486843] ? __pfx_kthread+0x10/0x10 [ 14.486861] ret_from_fork_asm+0x1a/0x30 [ 14.486909] </TASK> [ 14.486920] [ 14.494624] Allocated by task 276: [ 14.494823] kasan_save_stack+0x45/0x70 [ 14.495037] kasan_save_track+0x18/0x40 [ 14.495320] kasan_save_alloc_info+0x3b/0x50 [ 14.495501] __kasan_kmalloc+0xb7/0xc0 [ 14.495664] __kmalloc_cache_noprof+0x189/0x420 [ 14.496011] kasan_memcmp+0xb7/0x390 [ 14.496193] kunit_try_run_case+0x1a5/0x480 [ 14.496353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.496528] kthread+0x337/0x6f0 [ 14.496685] ret_from_fork+0x41/0x80 [ 14.496890] ret_from_fork_asm+0x1a/0x30 [ 14.497100] [ 14.497200] The buggy address belongs to the object at ffff888102a4c400 [ 14.497200] which belongs to the cache kmalloc-32 of size 32 [ 14.497716] The buggy address is located 0 bytes to the right of [ 14.497716] allocated 24-byte region [ffff888102a4c400, ffff888102a4c418) [ 14.498082] [ 14.498156] The buggy address belongs to the physical page: [ 14.498730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4c [ 14.499251] flags: 0x200000000000000(node=0|zone=2) [ 14.499735] page_type: f5(slab) [ 14.499969] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.500290] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.500625] page dumped because: kasan: bad access detected [ 14.500819] [ 14.500892] Memory state around the buggy address: [ 14.501051] ffff888102a4c300: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.501269] ffff888102a4c380: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.502031] >ffff888102a4c400: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.502370] ^ [ 14.502565] ffff888102a4c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.502835] ffff888102a4c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.503066] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.460472] ================================================================== [ 14.460910] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.461274] Read of size 1 at addr ffff888103a0fc4a by task kunit_try_catch/272 [ 14.461612] [ 14.461727] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.462008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.462024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.462046] Call Trace: [ 14.462058] <TASK> [ 14.462075] dump_stack_lvl+0x73/0xb0 [ 14.462105] print_report+0xd1/0x650 [ 14.462128] ? __virt_addr_valid+0x1db/0x2d0 [ 14.462149] ? kasan_alloca_oob_right+0x329/0x390 [ 14.462172] ? kasan_addr_to_slab+0x11/0xa0 [ 14.462193] ? kasan_alloca_oob_right+0x329/0x390 [ 14.462217] kasan_report+0x141/0x180 [ 14.462239] ? kasan_alloca_oob_right+0x329/0x390 [ 14.462267] __asan_report_load1_noabort+0x18/0x20 [ 14.462288] kasan_alloca_oob_right+0x329/0x390 [ 14.462327] ? finish_task_switch.isra.0+0x153/0x700 [ 14.462352] ? rt_mutex_adjust_prio_chain+0x19ae/0x20e0 [ 14.462374] ? trace_hardirqs_on+0x37/0xe0 [ 14.462399] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.462425] ? __schedule+0x10cc/0x2b30 [ 14.462460] ? __pfx_read_tsc+0x10/0x10 [ 14.462479] ? ktime_get_ts64+0x86/0x230 [ 14.462504] kunit_try_run_case+0x1a5/0x480 [ 14.462529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.462551] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.462573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.462597] ? __kthread_parkme+0x82/0x180 [ 14.462618] ? preempt_count_sub+0x50/0x80 [ 14.462644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.462667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.462697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.462720] kthread+0x337/0x6f0 [ 14.462736] ? trace_preempt_on+0x20/0xc0 [ 14.462760] ? __pfx_kthread+0x10/0x10 [ 14.462778] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.462799] ? calculate_sigpending+0x7b/0xa0 [ 14.462819] ? __pfx_kthread+0x10/0x10 [ 14.462838] ret_from_fork+0x41/0x80 [ 14.462859] ? __pfx_kthread+0x10/0x10 [ 14.462877] ret_from_fork_asm+0x1a/0x30 [ 14.462964] </TASK> [ 14.462976] [ 14.471007] The buggy address belongs to stack of task kunit_try_catch/272 [ 14.471409] [ 14.471592] The buggy address belongs to the physical page: [ 14.471780] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0f [ 14.472352] flags: 0x200000000000000(node=0|zone=2) [ 14.472600] raw: 0200000000000000 ffffea00040e83c8 ffffea00040e83c8 0000000000000000 [ 14.472833] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.473180] page dumped because: kasan: bad access detected [ 14.473425] [ 14.473496] Memory state around the buggy address: [ 14.473652] ffff888103a0fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.474050] ffff888103a0fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.474376] >ffff888103a0fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.474956] ^ [ 14.475136] ffff888103a0fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.475390] ffff888103a0fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.475710] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.442822] ================================================================== [ 14.443679] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.444096] Read of size 1 at addr ffff8881039ffc3f by task kunit_try_catch/270 [ 14.444414] [ 14.444541] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 14.444592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.444604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.444627] Call Trace: [ 14.444640] <TASK> [ 14.444657] dump_stack_lvl+0x73/0xb0 [ 14.444685] print_report+0xd1/0x650 [ 14.444708] ? __virt_addr_valid+0x1db/0x2d0 [ 14.444730] ? kasan_alloca_oob_left+0x320/0x380 [ 14.444754] ? kasan_addr_to_slab+0x11/0xa0 [ 14.444775] ? kasan_alloca_oob_left+0x320/0x380 [ 14.444798] kasan_report+0x141/0x180 [ 14.444821] ? kasan_alloca_oob_left+0x320/0x380 [ 14.444850] __asan_report_load1_noabort+0x18/0x20 [ 14.444871] kasan_alloca_oob_left+0x320/0x380 [ 14.444896] ? finish_task_switch.isra.0+0x153/0x700 [ 14.444920] ? rt_mutex_adjust_prio_chain+0x19ae/0x20e0 [ 14.444943] ? trace_hardirqs_on+0x37/0xe0 [ 14.444968] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.444994] ? __schedule+0x10cc/0x2b30 [ 14.445016] ? __pfx_read_tsc+0x10/0x10 [ 14.445035] ? ktime_get_ts64+0x86/0x230 [ 14.445061] kunit_try_run_case+0x1a5/0x480 [ 14.445086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.445108] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.445132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.445155] ? __kthread_parkme+0x82/0x180 [ 14.445176] ? preempt_count_sub+0x50/0x80 [ 14.445201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.445243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.445265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.445289] kthread+0x337/0x6f0 [ 14.445316] ? trace_preempt_on+0x20/0xc0 [ 14.445339] ? __pfx_kthread+0x10/0x10 [ 14.445357] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.445378] ? calculate_sigpending+0x7b/0xa0 [ 14.445401] ? __pfx_kthread+0x10/0x10 [ 14.445419] ret_from_fork+0x41/0x80 [ 14.445440] ? __pfx_kthread+0x10/0x10 [ 14.445458] ret_from_fork_asm+0x1a/0x30 [ 14.445490] </TASK> [ 14.445501] [ 14.453360] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.453757] [ 14.453832] The buggy address belongs to the physical page: [ 14.454004] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ff [ 14.454521] flags: 0x200000000000000(node=0|zone=2) [ 14.454736] raw: 0200000000000000 ffffea00040e7fc8 ffffea00040e7fc8 0000000000000000 [ 14.455219] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.455592] page dumped because: kasan: bad access detected [ 14.455812] [ 14.455913] Memory state around the buggy address: [ 14.456072] ffff8881039ffb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.456403] ffff8881039ffb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.456741] >ffff8881039ffc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.456955] ^ [ 14.457120] ffff8881039ffc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.457441] ffff8881039ffd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.457755] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.217692] ================================================================== [ 12.218357] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.218637] Read of size 1 at addr ffff888103910000 by task kunit_try_catch/173 [ 12.218952] [ 12.219059] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.219108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.219120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.219142] Call Trace: [ 12.219157] <TASK> [ 12.219175] dump_stack_lvl+0x73/0xb0 [ 12.219206] print_report+0xd1/0x650 [ 12.219228] ? __virt_addr_valid+0x1db/0x2d0 [ 12.219252] ? page_alloc_uaf+0x356/0x3d0 [ 12.219269] ? kasan_addr_to_slab+0x11/0xa0 [ 12.219302] ? page_alloc_uaf+0x356/0x3d0 [ 12.219320] kasan_report+0x141/0x180 [ 12.219343] ? page_alloc_uaf+0x356/0x3d0 [ 12.219366] __asan_report_load1_noabort+0x18/0x20 [ 12.219386] page_alloc_uaf+0x356/0x3d0 [ 12.219404] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.219423] ? __schedule+0x10cc/0x2b30 [ 12.219446] ? __pfx_read_tsc+0x10/0x10 [ 12.219467] ? ktime_get_ts64+0x86/0x230 [ 12.219493] kunit_try_run_case+0x1a5/0x480 [ 12.219518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.219539] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.219563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.219585] ? __kthread_parkme+0x82/0x180 [ 12.219607] ? preempt_count_sub+0x50/0x80 [ 12.219633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.219657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.219679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.219700] kthread+0x337/0x6f0 [ 12.219717] ? trace_preempt_on+0x20/0xc0 [ 12.219742] ? __pfx_kthread+0x10/0x10 [ 12.219759] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.219780] ? calculate_sigpending+0x7b/0xa0 [ 12.219802] ? __pfx_kthread+0x10/0x10 [ 12.219820] ret_from_fork+0x41/0x80 [ 12.219840] ? __pfx_kthread+0x10/0x10 [ 12.219857] ret_from_fork_asm+0x1a/0x30 [ 12.219889] </TASK> [ 12.219901] [ 12.227603] The buggy address belongs to the physical page: [ 12.228076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103910 [ 12.228342] flags: 0x200000000000000(node=0|zone=2) [ 12.228768] page_type: f0(buddy) [ 12.229068] raw: 0200000000000000 ffff88817fffc3e0 ffff88817fffc3e0 0000000000000000 [ 12.229443] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 12.229736] page dumped because: kasan: bad access detected [ 12.230041] [ 12.230120] Memory state around the buggy address: [ 12.230325] ffff88810390ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.230639] ffff88810390ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.230929] >ffff888103910000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.231243] ^ [ 12.231420] ffff888103910080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.231755] ffff888103910100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.232125] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.196309] ================================================================== [ 12.196920] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.197321] Free of addr ffff888102ab0001 by task kunit_try_catch/169 [ 12.197596] [ 12.197727] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.197777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.197789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.197811] Call Trace: [ 12.197823] <TASK> [ 12.197841] dump_stack_lvl+0x73/0xb0 [ 12.197871] print_report+0xd1/0x650 [ 12.197894] ? __virt_addr_valid+0x1db/0x2d0 [ 12.197971] ? kasan_addr_to_slab+0x11/0xa0 [ 12.197991] ? kfree+0x274/0x3f0 [ 12.198010] kasan_report_invalid_free+0x10a/0x130 [ 12.198034] ? kfree+0x274/0x3f0 [ 12.198054] ? kfree+0x274/0x3f0 [ 12.198071] __kasan_kfree_large+0x86/0xd0 [ 12.198092] free_large_kmalloc+0x4b/0x110 [ 12.198112] kfree+0x274/0x3f0 [ 12.198134] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.198156] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.198179] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.198203] ? trace_hardirqs_on+0x37/0xe0 [ 12.198227] ? __pfx_read_tsc+0x10/0x10 [ 12.198247] ? ktime_get_ts64+0x86/0x230 [ 12.198272] kunit_try_run_case+0x1a5/0x480 [ 12.198312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.198335] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.198359] ? __kthread_parkme+0x82/0x180 [ 12.198381] ? preempt_count_sub+0x50/0x80 [ 12.198406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.198429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.198450] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.198472] kthread+0x337/0x6f0 [ 12.198488] ? trace_preempt_on+0x20/0xc0 [ 12.198510] ? __pfx_kthread+0x10/0x10 [ 12.198529] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.198559] ? calculate_sigpending+0x7b/0xa0 [ 12.198581] ? __pfx_kthread+0x10/0x10 [ 12.198599] ret_from_fork+0x41/0x80 [ 12.198619] ? __pfx_kthread+0x10/0x10 [ 12.198636] ret_from_fork_asm+0x1a/0x30 [ 12.198672] </TASK> [ 12.198684] [ 12.206225] The buggy address belongs to the physical page: [ 12.206429] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab0 [ 12.207320] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.207674] flags: 0x200000000000040(head|node=0|zone=2) [ 12.207939] page_type: f8(unknown) [ 12.208166] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.208416] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.208761] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.209244] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.209485] head: 0200000000000002 ffffea00040aac01 00000000ffffffff 00000000ffffffff [ 12.210079] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.210402] page dumped because: kasan: bad access detected [ 12.210575] [ 12.210645] Memory state around the buggy address: [ 12.210951] ffff888102aaff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.211283] ffff888102aaff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.211558] >ffff888102ab0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.211862] ^ [ 12.212037] ffff888102ab0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.212301] ffff888102ab0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.212589] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.173725] ================================================================== [ 12.174694] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.175006] Read of size 1 at addr ffff888102ab0000 by task kunit_try_catch/167 [ 12.175343] [ 12.175532] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.175587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.175600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.175621] Call Trace: [ 12.175634] <TASK> [ 12.175653] dump_stack_lvl+0x73/0xb0 [ 12.175684] print_report+0xd1/0x650 [ 12.175707] ? __virt_addr_valid+0x1db/0x2d0 [ 12.175730] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.175750] ? kasan_addr_to_slab+0x11/0xa0 [ 12.175771] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.175792] kasan_report+0x141/0x180 [ 12.175814] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.175839] __asan_report_load1_noabort+0x18/0x20 [ 12.175859] kmalloc_large_uaf+0x2f1/0x340 [ 12.175880] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.175901] ? __schedule+0x10cc/0x2b30 [ 12.175924] ? __pfx_read_tsc+0x10/0x10 [ 12.175944] ? ktime_get_ts64+0x86/0x230 [ 12.175971] kunit_try_run_case+0x1a5/0x480 [ 12.175995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.176016] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.176039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.176061] ? __kthread_parkme+0x82/0x180 [ 12.176131] ? preempt_count_sub+0x50/0x80 [ 12.176159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.176182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.176204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.176225] kthread+0x337/0x6f0 [ 12.176243] ? trace_preempt_on+0x20/0xc0 [ 12.176269] ? __pfx_kthread+0x10/0x10 [ 12.176301] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.176321] ? calculate_sigpending+0x7b/0xa0 [ 12.176344] ? __pfx_kthread+0x10/0x10 [ 12.176363] ret_from_fork+0x41/0x80 [ 12.176383] ? __pfx_kthread+0x10/0x10 [ 12.176401] ret_from_fork_asm+0x1a/0x30 [ 12.176446] </TASK> [ 12.176460] [ 12.184638] The buggy address belongs to the physical page: [ 12.184892] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab0 [ 12.185170] flags: 0x200000000000000(node=0|zone=2) [ 12.185358] raw: 0200000000000000 ffffea00040aad08 ffff88815b139a80 0000000000000000 [ 12.186043] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.186376] page dumped because: kasan: bad access detected [ 12.186559] [ 12.186690] Memory state around the buggy address: [ 12.186923] ffff888102aaff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.187214] ffff888102aaff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.187535] >ffff888102ab0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.187743] ^ [ 12.187859] ffff888102ab0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.188164] ffff888102ab0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.188479] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.152685] ================================================================== [ 12.153181] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.153524] Write of size 1 at addr ffff88810211200a by task kunit_try_catch/165 [ 12.153815] [ 12.153923] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.153971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.153982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.154003] Call Trace: [ 12.154014] <TASK> [ 12.154030] dump_stack_lvl+0x73/0xb0 [ 12.154058] print_report+0xd1/0x650 [ 12.154080] ? __virt_addr_valid+0x1db/0x2d0 [ 12.154101] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.154122] ? kasan_addr_to_slab+0x11/0xa0 [ 12.154142] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.154164] kasan_report+0x141/0x180 [ 12.154186] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.154213] __asan_report_store1_noabort+0x1b/0x30 [ 12.154234] kmalloc_large_oob_right+0x2e9/0x330 [ 12.154256] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.154279] ? __schedule+0x10cc/0x2b30 [ 12.154312] ? __pfx_read_tsc+0x10/0x10 [ 12.154333] ? ktime_get_ts64+0x86/0x230 [ 12.154358] kunit_try_run_case+0x1a5/0x480 [ 12.154382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.154403] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.154425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.154447] ? __kthread_parkme+0x82/0x180 [ 12.154468] ? preempt_count_sub+0x50/0x80 [ 12.154493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.154515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.154537] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.154880] kthread+0x337/0x6f0 [ 12.154911] ? trace_preempt_on+0x20/0xc0 [ 12.154934] ? __pfx_kthread+0x10/0x10 [ 12.154952] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.154973] ? calculate_sigpending+0x7b/0xa0 [ 12.154994] ? __pfx_kthread+0x10/0x10 [ 12.155013] ret_from_fork+0x41/0x80 [ 12.155033] ? __pfx_kthread+0x10/0x10 [ 12.155051] ret_from_fork_asm+0x1a/0x30 [ 12.155082] </TASK> [ 12.155093] [ 12.162753] The buggy address belongs to the physical page: [ 12.163108] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102110 [ 12.163563] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.163971] flags: 0x200000000000040(head|node=0|zone=2) [ 12.164257] page_type: f8(unknown) [ 12.164460] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.164774] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.165383] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.165838] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.166229] head: 0200000000000002 ffffea0004084401 00000000ffffffff 00000000ffffffff [ 12.166650] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.167038] page dumped because: kasan: bad access detected [ 12.167272] [ 12.167380] Memory state around the buggy address: [ 12.167567] ffff888102111f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.167785] ffff888102111f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.168050] >ffff888102112000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.168563] ^ [ 12.168697] ffff888102112080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.169142] ffff888102112100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.169536] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.128678] ================================================================== [ 12.129187] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.129485] Write of size 1 at addr ffff8881038e1f00 by task kunit_try_catch/163 [ 12.129831] [ 12.129993] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.130038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.130051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.130071] Call Trace: [ 12.130082] <TASK> [ 12.130098] dump_stack_lvl+0x73/0xb0 [ 12.130126] print_report+0xd1/0x650 [ 12.130147] ? __virt_addr_valid+0x1db/0x2d0 [ 12.130168] ? kmalloc_big_oob_right+0x316/0x370 [ 12.130189] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.130211] ? kmalloc_big_oob_right+0x316/0x370 [ 12.130234] kasan_report+0x141/0x180 [ 12.130256] ? kmalloc_big_oob_right+0x316/0x370 [ 12.130283] __asan_report_store1_noabort+0x1b/0x30 [ 12.130316] kmalloc_big_oob_right+0x316/0x370 [ 12.130338] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.130361] ? __schedule+0x10cc/0x2b30 [ 12.130383] ? __pfx_read_tsc+0x10/0x10 [ 12.130402] ? ktime_get_ts64+0x86/0x230 [ 12.130427] kunit_try_run_case+0x1a5/0x480 [ 12.130451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.130472] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.130496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.130518] ? __kthread_parkme+0x82/0x180 [ 12.130601] ? preempt_count_sub+0x50/0x80 [ 12.130632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.130654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.130684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.130705] kthread+0x337/0x6f0 [ 12.130722] ? trace_preempt_on+0x20/0xc0 [ 12.130745] ? __pfx_kthread+0x10/0x10 [ 12.130763] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.130783] ? calculate_sigpending+0x7b/0xa0 [ 12.130803] ? __pfx_kthread+0x10/0x10 [ 12.130821] ret_from_fork+0x41/0x80 [ 12.130841] ? __pfx_kthread+0x10/0x10 [ 12.130859] ret_from_fork_asm+0x1a/0x30 [ 12.130928] </TASK> [ 12.130942] [ 12.138809] Allocated by task 163: [ 12.138949] kasan_save_stack+0x45/0x70 [ 12.139095] kasan_save_track+0x18/0x40 [ 12.139344] kasan_save_alloc_info+0x3b/0x50 [ 12.139610] __kasan_kmalloc+0xb7/0xc0 [ 12.139804] __kmalloc_cache_noprof+0x189/0x420 [ 12.140348] kmalloc_big_oob_right+0xa9/0x370 [ 12.140617] kunit_try_run_case+0x1a5/0x480 [ 12.140794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.141051] kthread+0x337/0x6f0 [ 12.141172] ret_from_fork+0x41/0x80 [ 12.141392] ret_from_fork_asm+0x1a/0x30 [ 12.141658] [ 12.141756] The buggy address belongs to the object at ffff8881038e0000 [ 12.141756] which belongs to the cache kmalloc-8k of size 8192 [ 12.142537] The buggy address is located 0 bytes to the right of [ 12.142537] allocated 7936-byte region [ffff8881038e0000, ffff8881038e1f00) [ 12.143180] [ 12.143408] The buggy address belongs to the physical page: [ 12.143595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e0 [ 12.144081] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.144421] flags: 0x200000000000040(head|node=0|zone=2) [ 12.144657] page_type: f5(slab) [ 12.144792] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.145022] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.145459] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.145808] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.146102] head: 0200000000000003 ffffea00040e3801 00000000ffffffff 00000000ffffffff [ 12.146348] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.147096] page dumped because: kasan: bad access detected [ 12.147374] [ 12.147507] Memory state around the buggy address: [ 12.147698] ffff8881038e1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.147947] ffff8881038e1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.148365] >ffff8881038e1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.148793] ^ [ 12.148936] ffff8881038e1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.149478] ffff8881038e2000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.149750] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.079760] ================================================================== [ 12.080351] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.081010] Write of size 1 at addr ffff888102a2d278 by task kunit_try_catch/161 [ 12.081805] [ 12.081985] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.082033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.082045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.082066] Call Trace: [ 12.082078] <TASK> [ 12.082096] dump_stack_lvl+0x73/0xb0 [ 12.082126] print_report+0xd1/0x650 [ 12.082148] ? __virt_addr_valid+0x1db/0x2d0 [ 12.082171] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.082191] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.082213] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.082235] kasan_report+0x141/0x180 [ 12.082256] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.082282] __asan_report_store1_noabort+0x1b/0x30 [ 12.082314] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.082335] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.082356] ? __schedule+0x10cc/0x2b30 [ 12.082378] ? __pfx_read_tsc+0x10/0x10 [ 12.082398] ? ktime_get_ts64+0x86/0x230 [ 12.082424] kunit_try_run_case+0x1a5/0x480 [ 12.082449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.082471] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.082493] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.082515] ? __kthread_parkme+0x82/0x180 [ 12.082537] ? preempt_count_sub+0x50/0x80 [ 12.082563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.082585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.082606] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.082628] kthread+0x337/0x6f0 [ 12.082644] ? trace_preempt_on+0x20/0xc0 [ 12.082675] ? __pfx_kthread+0x10/0x10 [ 12.082693] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.082713] ? calculate_sigpending+0x7b/0xa0 [ 12.082735] ? __pfx_kthread+0x10/0x10 [ 12.082753] ret_from_fork+0x41/0x80 [ 12.082773] ? __pfx_kthread+0x10/0x10 [ 12.082791] ret_from_fork_asm+0x1a/0x30 [ 12.082821] </TASK> [ 12.082833] [ 12.096668] Allocated by task 161: [ 12.096817] kasan_save_stack+0x45/0x70 [ 12.097203] kasan_save_track+0x18/0x40 [ 12.097616] kasan_save_alloc_info+0x3b/0x50 [ 12.098033] __kasan_kmalloc+0xb7/0xc0 [ 12.098428] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.098788] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.099073] kunit_try_run_case+0x1a5/0x480 [ 12.099486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.100056] kthread+0x337/0x6f0 [ 12.100359] ret_from_fork+0x41/0x80 [ 12.100518] ret_from_fork_asm+0x1a/0x30 [ 12.100657] [ 12.100731] The buggy address belongs to the object at ffff888102a2d200 [ 12.100731] which belongs to the cache kmalloc-128 of size 128 [ 12.101710] The buggy address is located 0 bytes to the right of [ 12.101710] allocated 120-byte region [ffff888102a2d200, ffff888102a2d278) [ 12.102954] [ 12.103121] The buggy address belongs to the physical page: [ 12.103390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2d [ 12.104139] flags: 0x200000000000000(node=0|zone=2) [ 12.104533] page_type: f5(slab) [ 12.104743] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.105159] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.106194] page dumped because: kasan: bad access detected [ 12.106420] [ 12.106494] Memory state around the buggy address: [ 12.106652] ffff888102a2d100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.106872] ffff888102a2d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.107565] >ffff888102a2d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.108357] ^ [ 12.109051] ffff888102a2d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.109795] ffff888102a2d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.110519] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.039839] ================================================================== [ 12.041165] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 12.041855] Read of size 1 at addr ffff8881029b7000 by task kunit_try_catch/159 [ 12.042776] [ 12.043018] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.043068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.043081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.043103] Call Trace: [ 12.043115] <TASK> [ 12.043132] dump_stack_lvl+0x73/0xb0 [ 12.043160] print_report+0xd1/0x650 [ 12.043182] ? __virt_addr_valid+0x1db/0x2d0 [ 12.043204] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.043224] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.043246] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.043266] kasan_report+0x141/0x180 [ 12.043302] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.043327] __asan_report_load1_noabort+0x18/0x20 [ 12.043347] kmalloc_node_oob_right+0x369/0x3c0 [ 12.043368] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.043388] ? __schedule+0x10cc/0x2b30 [ 12.043410] ? __pfx_read_tsc+0x10/0x10 [ 12.043429] ? ktime_get_ts64+0x86/0x230 [ 12.043455] kunit_try_run_case+0x1a5/0x480 [ 12.043479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.043500] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.043522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.043544] ? __kthread_parkme+0x82/0x180 [ 12.043565] ? preempt_count_sub+0x50/0x80 [ 12.043590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.043613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.043634] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.043656] kthread+0x337/0x6f0 [ 12.043672] ? trace_preempt_on+0x20/0xc0 [ 12.043695] ? __pfx_kthread+0x10/0x10 [ 12.043713] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.043733] ? calculate_sigpending+0x7b/0xa0 [ 12.043754] ? __pfx_kthread+0x10/0x10 [ 12.043772] ret_from_fork+0x41/0x80 [ 12.043792] ? __pfx_kthread+0x10/0x10 [ 12.043809] ret_from_fork_asm+0x1a/0x30 [ 12.043840] </TASK> [ 12.043851] [ 12.057242] Allocated by task 159: [ 12.057659] kasan_save_stack+0x45/0x70 [ 12.057814] kasan_save_track+0x18/0x40 [ 12.058101] kasan_save_alloc_info+0x3b/0x50 [ 12.058511] __kasan_kmalloc+0xb7/0xc0 [ 12.058913] __kmalloc_cache_node_noprof+0x188/0x420 [ 12.059495] kmalloc_node_oob_right+0xab/0x3c0 [ 12.059843] kunit_try_run_case+0x1a5/0x480 [ 12.060381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.060687] kthread+0x337/0x6f0 [ 12.060812] ret_from_fork+0x41/0x80 [ 12.061003] ret_from_fork_asm+0x1a/0x30 [ 12.061377] [ 12.061539] The buggy address belongs to the object at ffff8881029b6000 [ 12.061539] which belongs to the cache kmalloc-4k of size 4096 [ 12.062576] The buggy address is located 0 bytes to the right of [ 12.062576] allocated 4096-byte region [ffff8881029b6000, ffff8881029b7000) [ 12.063147] [ 12.063327] The buggy address belongs to the physical page: [ 12.063910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b0 [ 12.065091] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.065841] flags: 0x200000000000040(head|node=0|zone=2) [ 12.066507] page_type: f5(slab) [ 12.066786] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.067343] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.067698] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.068110] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.068974] head: 0200000000000003 ffffea00040a6c01 00000000ffffffff 00000000ffffffff [ 12.069692] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.070463] page dumped because: kasan: bad access detected [ 12.070861] [ 12.070935] Memory state around the buggy address: [ 12.071512] ffff8881029b6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.072306] ffff8881029b6f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.072732] >ffff8881029b7000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.073043] ^ [ 12.073365] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.074048] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.074726] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 12.001886] ================================================================== [ 12.003022] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 12.003791] Read of size 1 at addr ffff8881020cbdff by task kunit_try_catch/157 [ 12.004799] [ 12.005050] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 12.005108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.005121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.005143] Call Trace: [ 12.005157] <TASK> [ 12.005176] dump_stack_lvl+0x73/0xb0 [ 12.005215] print_report+0xd1/0x650 [ 12.005237] ? __virt_addr_valid+0x1db/0x2d0 [ 12.005260] ? kmalloc_oob_left+0x361/0x3c0 [ 12.005281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.005442] ? kmalloc_oob_left+0x361/0x3c0 [ 12.005472] kasan_report+0x141/0x180 [ 12.005496] ? kmalloc_oob_left+0x361/0x3c0 [ 12.005522] __asan_report_load1_noabort+0x18/0x20 [ 12.005542] kmalloc_oob_left+0x361/0x3c0 [ 12.005564] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.005587] ? __schedule+0x10cc/0x2b30 [ 12.005609] ? __pfx_read_tsc+0x10/0x10 [ 12.005629] ? ktime_get_ts64+0x86/0x230 [ 12.005656] kunit_try_run_case+0x1a5/0x480 [ 12.005681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.005703] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.005726] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.005747] ? __kthread_parkme+0x82/0x180 [ 12.005769] ? preempt_count_sub+0x50/0x80 [ 12.005795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.005817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.005839] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.005861] kthread+0x337/0x6f0 [ 12.005893] ? trace_preempt_on+0x20/0xc0 [ 12.005917] ? __pfx_kthread+0x10/0x10 [ 12.005935] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.005954] ? calculate_sigpending+0x7b/0xa0 [ 12.005976] ? __pfx_kthread+0x10/0x10 [ 12.005995] ret_from_fork+0x41/0x80 [ 12.006015] ? __pfx_kthread+0x10/0x10 [ 12.006032] ret_from_fork_asm+0x1a/0x30 [ 12.006063] </TASK> [ 12.006074] [ 12.019645] Allocated by task 1: [ 12.019879] kasan_save_stack+0x45/0x70 [ 12.020212] kasan_save_track+0x18/0x40 [ 12.020444] kasan_save_alloc_info+0x3b/0x50 [ 12.020764] __kasan_kmalloc+0xb7/0xc0 [ 12.021259] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.022110] kvasprintf+0xc5/0x150 [ 12.022268] __kthread_create_on_node+0x18b/0x3a0 [ 12.022455] kthread_create_on_node+0xab/0xe0 [ 12.022850] create_worker+0x3e5/0x7b0 [ 12.023348] alloc_unbound_pwq+0x8ea/0xdb0 [ 12.023787] apply_wqattrs_prepare+0x332/0xd20 [ 12.024161] apply_workqueue_attrs_locked+0x4d/0xa0 [ 12.024344] alloc_workqueue+0xcc7/0x1ad0 [ 12.024602] latency_fsnotify_init+0x1b/0x50 [ 12.024983] do_one_initcall+0xd8/0x370 [ 12.025443] kernel_init_freeable+0x420/0x6f0 [ 12.025837] kernel_init+0x23/0x1e0 [ 12.026285] ret_from_fork+0x41/0x80 [ 12.026579] ret_from_fork_asm+0x1a/0x30 [ 12.026729] [ 12.026803] The buggy address belongs to the object at ffff8881020cbde0 [ 12.026803] which belongs to the cache kmalloc-16 of size 16 [ 12.027927] The buggy address is located 18 bytes to the right of [ 12.027927] allocated 13-byte region [ffff8881020cbde0, ffff8881020cbded) [ 12.029206] [ 12.029302] The buggy address belongs to the physical page: [ 12.029532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1020cb [ 12.030410] flags: 0x200000000000000(node=0|zone=2) [ 12.030876] page_type: f5(slab) [ 12.031275] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.031711] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.032089] page dumped because: kasan: bad access detected [ 12.032666] [ 12.032868] Memory state around the buggy address: [ 12.033347] ffff8881020cbc80: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 12.034074] ffff8881020cbd00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.034356] >ffff8881020cbd80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.034850] ^ [ 12.035597] ffff8881020cbe00: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.036414] ffff8881020cbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.036678] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.981279] ================================================================== [ 11.981758] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.982074] Read of size 1 at addr ffff888102a2d180 by task kunit_try_catch/155 [ 11.982434] [ 11.982526] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 11.982567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.982579] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.982597] Call Trace: [ 11.982611] <TASK> [ 11.982625] dump_stack_lvl+0x73/0xb0 [ 11.982649] print_report+0xd1/0x650 [ 11.982678] ? __virt_addr_valid+0x1db/0x2d0 [ 11.982697] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.982718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.982740] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.982761] kasan_report+0x141/0x180 [ 11.982783] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.982809] __asan_report_load1_noabort+0x18/0x20 [ 11.982829] kmalloc_oob_right+0x68a/0x7f0 [ 11.982851] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.982873] ? __schedule+0x10cc/0x2b30 [ 11.982894] ? __pfx_read_tsc+0x10/0x10 [ 11.982912] ? ktime_get_ts64+0x86/0x230 [ 11.982936] kunit_try_run_case+0x1a5/0x480 [ 11.982970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.982991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.983013] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.983035] ? __kthread_parkme+0x82/0x180 [ 11.983055] ? preempt_count_sub+0x50/0x80 [ 11.983079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.983101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.983122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.983144] kthread+0x337/0x6f0 [ 11.983161] ? trace_preempt_on+0x20/0xc0 [ 11.983183] ? __pfx_kthread+0x10/0x10 [ 11.983200] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.983220] ? calculate_sigpending+0x7b/0xa0 [ 11.983241] ? __pfx_kthread+0x10/0x10 [ 11.983259] ret_from_fork+0x41/0x80 [ 11.983279] ? __pfx_kthread+0x10/0x10 [ 11.983307] ret_from_fork_asm+0x1a/0x30 [ 11.983338] </TASK> [ 11.983349] [ 11.989942] Allocated by task 155: [ 11.990067] kasan_save_stack+0x45/0x70 [ 11.990210] kasan_save_track+0x18/0x40 [ 11.990383] kasan_save_alloc_info+0x3b/0x50 [ 11.990593] __kasan_kmalloc+0xb7/0xc0 [ 11.990793] __kmalloc_cache_noprof+0x189/0x420 [ 11.991010] kmalloc_oob_right+0xa9/0x7f0 [ 11.991208] kunit_try_run_case+0x1a5/0x480 [ 11.991430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.991672] kthread+0x337/0x6f0 [ 11.991811] ret_from_fork+0x41/0x80 [ 11.991941] ret_from_fork_asm+0x1a/0x30 [ 11.992079] [ 11.992149] The buggy address belongs to the object at ffff888102a2d100 [ 11.992149] which belongs to the cache kmalloc-128 of size 128 [ 11.992777] The buggy address is located 13 bytes to the right of [ 11.992777] allocated 115-byte region [ffff888102a2d100, ffff888102a2d173) [ 11.993352] [ 11.993486] The buggy address belongs to the physical page: [ 11.993749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2d [ 11.994086] flags: 0x200000000000000(node=0|zone=2) [ 11.994325] page_type: f5(slab) [ 11.994515] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.994821] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.995122] page dumped because: kasan: bad access detected [ 11.995343] [ 11.995437] Memory state around the buggy address: [ 11.995610] ffff888102a2d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.995900] ffff888102a2d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.996176] >ffff888102a2d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.996467] ^ [ 11.996626] ffff888102a2d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.996877] ffff888102a2d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.997090] ================================================================== [ 11.918091] ================================================================== [ 11.918846] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.919601] Write of size 1 at addr ffff888102a2d173 by task kunit_try_catch/155 [ 11.920406] [ 11.921610] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 11.921924] Tainted: [N]=TEST [ 11.921959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.922179] Call Trace: [ 11.922247] <TASK> [ 11.922404] dump_stack_lvl+0x73/0xb0 [ 11.922506] print_report+0xd1/0x650 [ 11.922536] ? __virt_addr_valid+0x1db/0x2d0 [ 11.922560] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.922581] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.922603] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.922625] kasan_report+0x141/0x180 [ 11.922648] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.922680] __asan_report_store1_noabort+0x1b/0x30 [ 11.922701] kmalloc_oob_right+0x6f0/0x7f0 [ 11.922723] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.922745] ? __schedule+0x10cc/0x2b30 [ 11.922768] ? __pfx_read_tsc+0x10/0x10 [ 11.922788] ? ktime_get_ts64+0x86/0x230 [ 11.922815] kunit_try_run_case+0x1a5/0x480 [ 11.922841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.922862] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.922886] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.922908] ? __kthread_parkme+0x82/0x180 [ 11.922930] ? preempt_count_sub+0x50/0x80 [ 11.922957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.922979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.923000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.923022] kthread+0x337/0x6f0 [ 11.923039] ? trace_preempt_on+0x20/0xc0 [ 11.923063] ? __pfx_kthread+0x10/0x10 [ 11.923081] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.923101] ? calculate_sigpending+0x7b/0xa0 [ 11.923123] ? __pfx_kthread+0x10/0x10 [ 11.923141] ret_from_fork+0x41/0x80 [ 11.923161] ? __pfx_kthread+0x10/0x10 [ 11.923179] ret_from_fork_asm+0x1a/0x30 [ 11.923230] </TASK> [ 11.923304] [ 11.939197] Allocated by task 155: [ 11.939901] kasan_save_stack+0x45/0x70 [ 11.940383] kasan_save_track+0x18/0x40 [ 11.940894] kasan_save_alloc_info+0x3b/0x50 [ 11.941472] __kasan_kmalloc+0xb7/0xc0 [ 11.941966] __kmalloc_cache_noprof+0x189/0x420 [ 11.942523] kmalloc_oob_right+0xa9/0x7f0 [ 11.943078] kunit_try_run_case+0x1a5/0x480 [ 11.943603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.944123] kthread+0x337/0x6f0 [ 11.944250] ret_from_fork+0x41/0x80 [ 11.944394] ret_from_fork_asm+0x1a/0x30 [ 11.945002] [ 11.945419] The buggy address belongs to the object at ffff888102a2d100 [ 11.945419] which belongs to the cache kmalloc-128 of size 128 [ 11.946806] The buggy address is located 0 bytes to the right of [ 11.946806] allocated 115-byte region [ffff888102a2d100, ffff888102a2d173) [ 11.947887] [ 11.948057] The buggy address belongs to the physical page: [ 11.949066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2d [ 11.950107] flags: 0x200000000000000(node=0|zone=2) [ 11.951076] page_type: f5(slab) [ 11.951908] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.952265] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.952623] page dumped because: kasan: bad access detected [ 11.953423] [ 11.953731] Memory state around the buggy address: [ 11.954671] ffff888102a2d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.955422] ffff888102a2d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.956127] >ffff888102a2d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.956664] ^ [ 11.956926] ffff888102a2d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.957673] ffff888102a2d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.958502] ================================================================== [ 11.960884] ================================================================== [ 11.961586] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.961819] Write of size 1 at addr ffff888102a2d178 by task kunit_try_catch/155 [ 11.962079] [ 11.962175] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 11.962220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.962231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.962252] Call Trace: [ 11.962265] <TASK> [ 11.962281] dump_stack_lvl+0x73/0xb0 [ 11.962321] print_report+0xd1/0x650 [ 11.962343] ? __virt_addr_valid+0x1db/0x2d0 [ 11.962364] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.962384] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.962406] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.962610] kasan_report+0x141/0x180 [ 11.962638] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.962670] __asan_report_store1_noabort+0x1b/0x30 [ 11.962756] kmalloc_oob_right+0x6bd/0x7f0 [ 11.962779] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.962802] ? __schedule+0x10cc/0x2b30 [ 11.962824] ? __pfx_read_tsc+0x10/0x10 [ 11.962843] ? ktime_get_ts64+0x86/0x230 [ 11.962868] kunit_try_run_case+0x1a5/0x480 [ 11.962892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.962915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.962937] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.962959] ? __kthread_parkme+0x82/0x180 [ 11.962980] ? preempt_count_sub+0x50/0x80 [ 11.963004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.963026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.963047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.963069] kthread+0x337/0x6f0 [ 11.963085] ? trace_preempt_on+0x20/0xc0 [ 11.963108] ? __pfx_kthread+0x10/0x10 [ 11.963126] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.963145] ? calculate_sigpending+0x7b/0xa0 [ 11.963166] ? __pfx_kthread+0x10/0x10 [ 11.963184] ret_from_fork+0x41/0x80 [ 11.963203] ? __pfx_kthread+0x10/0x10 [ 11.963220] ret_from_fork_asm+0x1a/0x30 [ 11.963251] </TASK> [ 11.963262] [ 11.972787] Allocated by task 155: [ 11.972970] kasan_save_stack+0x45/0x70 [ 11.973168] kasan_save_track+0x18/0x40 [ 11.973319] kasan_save_alloc_info+0x3b/0x50 [ 11.973658] __kasan_kmalloc+0xb7/0xc0 [ 11.973815] __kmalloc_cache_noprof+0x189/0x420 [ 11.974001] kmalloc_oob_right+0xa9/0x7f0 [ 11.974142] kunit_try_run_case+0x1a5/0x480 [ 11.974358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.974741] kthread+0x337/0x6f0 [ 11.974864] ret_from_fork+0x41/0x80 [ 11.974996] ret_from_fork_asm+0x1a/0x30 [ 11.975239] [ 11.975346] The buggy address belongs to the object at ffff888102a2d100 [ 11.975346] which belongs to the cache kmalloc-128 of size 128 [ 11.976036] The buggy address is located 5 bytes to the right of [ 11.976036] allocated 115-byte region [ffff888102a2d100, ffff888102a2d173) [ 11.976457] [ 11.976529] The buggy address belongs to the physical page: [ 11.976700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2d [ 11.977147] flags: 0x200000000000000(node=0|zone=2) [ 11.977390] page_type: f5(slab) [ 11.977558] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.977978] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.978295] page dumped because: kasan: bad access detected [ 11.978508] [ 11.978607] Memory state around the buggy address: [ 11.978803] ffff888102a2d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.979020] ffff888102a2d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.979330] >ffff888102a2d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.979904] ^ [ 11.980181] ffff888102a2d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.980408] ffff888102a2d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.980657] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 146.596073] WARNING: CPU: 1 PID: 2739 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 146.596718] Modules linked in: [ 146.597295] CPU: 1 UID: 0 PID: 2739 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 146.598687] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 146.599392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 146.600218] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 146.600828] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 8c 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 146.602207] RSP: 0000:ffff888102217c78 EFLAGS: 00010286 [ 146.602809] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 146.603495] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa302397c [ 146.604497] RBP: ffff888102217ca0 R08: 0000000000000000 R09: ffffed1020a13b40 [ 146.604722] R10: ffff88810509da07 R11: 0000000000000000 R12: ffffffffa3023968 [ 146.605337] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102217d38 [ 146.606349] FS: 0000000000000000(0000) GS:ffff8881b6193000(0000) knlGS:0000000000000000 [ 146.607278] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.608023] CR2: 00007ffff7ffe000 CR3: 0000000157eba000 CR4: 00000000000006f0 [ 146.608384] DR0: ffffffffa5030884 DR1: ffffffffa5030889 DR2: ffffffffa503088a [ 146.608607] DR3: ffffffffa503088b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 146.608820] Call Trace: [ 146.609359] <TASK> [ 146.609737] drm_test_rect_calc_vscale+0x108/0x270 [ 146.610518] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 146.611350] ? __schedule+0x10cc/0x2b30 [ 146.611946] ? __pfx_read_tsc+0x10/0x10 [ 146.612686] ? ktime_get_ts64+0x86/0x230 [ 146.613348] kunit_try_run_case+0x1a5/0x480 [ 146.614102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.614555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 146.614730] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 146.615016] ? __kthread_parkme+0x82/0x180 [ 146.615429] ? preempt_count_sub+0x50/0x80 [ 146.615809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.616381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 146.617042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 146.617355] kthread+0x337/0x6f0 [ 146.617480] ? trace_preempt_on+0x20/0xc0 [ 146.617630] ? __pfx_kthread+0x10/0x10 [ 146.617766] ? _raw_spin_unlock_irq+0x47/0x80 [ 146.618064] ? calculate_sigpending+0x7b/0xa0 [ 146.618535] ? __pfx_kthread+0x10/0x10 [ 146.619028] ret_from_fork+0x41/0x80 [ 146.619388] ? __pfx_kthread+0x10/0x10 [ 146.619728] ret_from_fork_asm+0x1a/0x30 [ 146.620305] </TASK> [ 146.620546] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 146.624122] WARNING: CPU: 0 PID: 2741 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 146.624434] Modules linked in: [ 146.624579] CPU: 0 UID: 0 PID: 2741 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 146.625115] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 146.625612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 146.626617] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 146.627146] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 8c 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 146.629096] RSP: 0000:ffff888103cdfc78 EFLAGS: 00010286 [ 146.629505] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 146.629721] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa30239b4 [ 146.630098] RBP: ffff888103cdfca0 R08: 0000000000000000 R09: ffffed1020a44620 [ 146.630785] R10: ffff888105223107 R11: 0000000000000000 R12: ffffffffa30239a0 [ 146.631651] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103cdfd38 [ 146.632400] FS: 0000000000000000(0000) GS:ffff8881b6093000(0000) knlGS:0000000000000000 [ 146.632701] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.633105] CR2: 00007ffff7ffe000 CR3: 0000000157eba000 CR4: 00000000000006f0 [ 146.633717] DR0: ffffffffa5030880 DR1: ffffffffa5030881 DR2: ffffffffa5030883 [ 146.634571] DR3: ffffffffa5030885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 146.635212] Call Trace: [ 146.635332] <TASK> [ 146.635434] drm_test_rect_calc_vscale+0x108/0x270 [ 146.635612] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 146.635789] ? __schedule+0x10cc/0x2b30 [ 146.636070] ? __pfx_read_tsc+0x10/0x10 [ 146.636222] ? ktime_get_ts64+0x86/0x230 [ 146.636428] kunit_try_run_case+0x1a5/0x480 [ 146.636647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.636852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 146.637233] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 146.637507] ? __kthread_parkme+0x82/0x180 [ 146.637723] ? preempt_count_sub+0x50/0x80 [ 146.638029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.638213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 146.638437] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 146.638789] kthread+0x337/0x6f0 [ 146.639106] ? trace_preempt_on+0x20/0xc0 [ 146.639276] ? __pfx_kthread+0x10/0x10 [ 146.639475] ? _raw_spin_unlock_irq+0x47/0x80 [ 146.639684] ? calculate_sigpending+0x7b/0xa0 [ 146.640009] ? __pfx_kthread+0x10/0x10 [ 146.640172] ret_from_fork+0x41/0x80 [ 146.640313] ? __pfx_kthread+0x10/0x10 [ 146.640508] ret_from_fork_asm+0x1a/0x30 [ 146.640752] </TASK> [ 146.640894] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 146.567733] WARNING: CPU: 0 PID: 2729 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 146.568140] Modules linked in: [ 146.568455] CPU: 0 UID: 0 PID: 2729 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 146.569069] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 146.569357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 146.569683] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 146.570102] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 146.570841] RSP: 0000:ffff888104fefc78 EFLAGS: 00010286 [ 146.571234] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 146.571556] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa30239b8 [ 146.571873] RBP: ffff888104fefca0 R08: 0000000000000000 R09: ffffed1020a446e0 [ 146.572412] R10: ffff888105223707 R11: 0000000000000000 R12: ffffffffa30239a0 [ 146.572767] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888104fefd38 [ 146.573052] FS: 0000000000000000(0000) GS:ffff8881b6093000(0000) knlGS:0000000000000000 [ 146.573709] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.574178] CR2: 00007ffff7ffe000 CR3: 0000000157eba000 CR4: 00000000000006f0 [ 146.574512] DR0: ffffffffa5030880 DR1: ffffffffa5030881 DR2: ffffffffa5030883 [ 146.574848] DR3: ffffffffa5030885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 146.575140] Call Trace: [ 146.575369] <TASK> [ 146.575511] drm_test_rect_calc_hscale+0x108/0x270 [ 146.575733] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 146.576144] ? __schedule+0x10cc/0x2b30 [ 146.576341] ? __pfx_read_tsc+0x10/0x10 [ 146.576545] ? ktime_get_ts64+0x86/0x230 [ 146.576747] kunit_try_run_case+0x1a5/0x480 [ 146.577060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.577456] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 146.577697] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 146.578129] ? __kthread_parkme+0x82/0x180 [ 146.578357] ? preempt_count_sub+0x50/0x80 [ 146.578558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.578771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 146.579187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 146.579581] kthread+0x337/0x6f0 [ 146.579721] ? trace_preempt_on+0x20/0xc0 [ 146.580115] ? __pfx_kthread+0x10/0x10 [ 146.580338] ? _raw_spin_unlock_irq+0x47/0x80 [ 146.580547] ? calculate_sigpending+0x7b/0xa0 [ 146.580783] ? __pfx_kthread+0x10/0x10 [ 146.581087] ret_from_fork+0x41/0x80 [ 146.581242] ? __pfx_kthread+0x10/0x10 [ 146.581437] ret_from_fork_asm+0x1a/0x30 [ 146.581633] </TASK> [ 146.581765] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 146.537417] WARNING: CPU: 1 PID: 2727 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 146.538844] Modules linked in: [ 146.539459] CPU: 1 UID: 0 PID: 2727 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 146.540337] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 146.540812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 146.541605] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 146.542314] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 146.543467] RSP: 0000:ffff88810445fc78 EFLAGS: 00010286 [ 146.543666] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 146.544146] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa3023980 [ 146.545090] RBP: ffff88810445fca0 R08: 0000000000000000 R09: ffffed10207a7e00 [ 146.545861] R10: ffff888103d3f007 R11: 0000000000000000 R12: ffffffffa3023968 [ 146.546868] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810445fd38 [ 146.547795] FS: 0000000000000000(0000) GS:ffff8881b6193000(0000) knlGS:0000000000000000 [ 146.548752] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.549192] CR2: 00007ffff7ffe000 CR3: 0000000157eba000 CR4: 00000000000006f0 [ 146.549847] DR0: ffffffffa5030884 DR1: ffffffffa5030889 DR2: ffffffffa503088a [ 146.550755] DR3: ffffffffa503088b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 146.551483] Call Trace: [ 146.552109] <TASK> [ 146.552507] drm_test_rect_calc_hscale+0x108/0x270 [ 146.553209] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 146.553436] ? __schedule+0x10cc/0x2b30 [ 146.553587] ? __pfx_read_tsc+0x10/0x10 [ 146.553732] ? ktime_get_ts64+0x86/0x230 [ 146.554208] kunit_try_run_case+0x1a5/0x480 [ 146.554824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.555599] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 146.556200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 146.556813] ? __kthread_parkme+0x82/0x180 [ 146.557489] ? preempt_count_sub+0x50/0x80 [ 146.558195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.558860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 146.559562] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 146.559781] kthread+0x337/0x6f0 [ 146.560181] ? trace_preempt_on+0x20/0xc0 [ 146.560799] ? __pfx_kthread+0x10/0x10 [ 146.561327] ? _raw_spin_unlock_irq+0x47/0x80 [ 146.562187] ? calculate_sigpending+0x7b/0xa0 [ 146.562673] ? __pfx_kthread+0x10/0x10 [ 146.563347] ret_from_fork+0x41/0x80 [ 146.563504] ? __pfx_kthread+0x10/0x10 [ 146.563644] ret_from_fork_asm+0x1a/0x30 [ 146.563798] </TASK> [ 146.563910] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 145.818731] WARNING: CPU: 1 PID: 2525 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 145.819196] Modules linked in: [ 145.819520] CPU: 1 UID: 0 PID: 2525 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 145.820170] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 145.820438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 145.820842] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 145.821275] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 145.822477] RSP: 0000:ffff88810736fb30 EFLAGS: 00010246 [ 145.822701] RAX: dffffc0000000000 RBX: ffff88810736fc28 RCX: 0000000000000000 [ 145.823363] RDX: 1ffff11020e6df8e RSI: ffff88810736fc28 RDI: ffff88810736fc70 [ 145.823784] RBP: ffff88810736fb70 R08: ffff888103c8c000 R09: ffffffffa2fca5a0 [ 145.824303] R10: 0000000000000003 R11: 00000000aa4b4975 R12: ffff888103c8c000 [ 145.824725] R13: ffff88810031fae8 R14: ffff88810736fba8 R15: 0000000000000000 [ 145.825214] FS: 0000000000000000(0000) GS:ffff8881b6193000(0000) knlGS:0000000000000000 [ 145.825689] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.826170] CR2: 00007ffff7ffe000 CR3: 0000000157eba000 CR4: 00000000000006f0 [ 145.826499] DR0: ffffffffa5030884 DR1: ffffffffa5030889 DR2: ffffffffa503088a [ 145.826799] DR3: ffffffffa503088b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 145.827352] Call Trace: [ 145.827497] <TASK> [ 145.827596] ? add_dr+0xc1/0x1d0 [ 145.827791] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 145.828250] ? add_dr+0x148/0x1d0 [ 145.828423] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 145.828709] ? __drmm_add_action+0x1a4/0x280 [ 145.829449] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 145.829677] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 145.830023] ? __drmm_add_action_or_reset+0x22/0x50 [ 145.830234] ? __schedule+0x10cc/0x2b30 [ 145.830440] ? __pfx_read_tsc+0x10/0x10 [ 145.830639] ? ktime_get_ts64+0x86/0x230 [ 145.830851] kunit_try_run_case+0x1a5/0x480 [ 145.831272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.831471] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 145.831724] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 145.832016] ? __kthread_parkme+0x82/0x180 [ 145.832331] ? preempt_count_sub+0x50/0x80 [ 145.832503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.832763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 145.833133] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 145.833438] kthread+0x337/0x6f0 [ 145.833613] ? trace_preempt_on+0x20/0xc0 [ 145.833817] ? __pfx_kthread+0x10/0x10 [ 145.834000] ? _raw_spin_unlock_irq+0x47/0x80 [ 145.834278] ? calculate_sigpending+0x7b/0xa0 [ 145.834654] ? __pfx_kthread+0x10/0x10 [ 145.834889] ret_from_fork+0x41/0x80 [ 145.835089] ? __pfx_kthread+0x10/0x10 [ 145.835525] ret_from_fork_asm+0x1a/0x30 [ 145.835740] </TASK> [ 145.835878] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 145.782990] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 145.783120] WARNING: CPU: 1 PID: 2521 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 145.786046] Modules linked in: [ 145.786511] CPU: 1 UID: 0 PID: 2521 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 145.787310] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 145.787511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 145.787889] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 145.788381] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 6b 80 84 00 48 c7 c1 a0 55 fc a2 4c 89 fa 48 c7 c7 00 56 fc a2 48 89 c6 e8 a2 d8 81 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 145.789363] RSP: 0000:ffff8881053ffb68 EFLAGS: 00010282 [ 145.789655] RAX: 0000000000000000 RBX: ffff8881053ffc40 RCX: 1ffffffff47a4b3c [ 145.789944] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 145.790456] RBP: ffff8881053ffb90 R08: 0000000000000000 R09: fffffbfff47a4b3c [ 145.790738] R10: 0000000000000003 R11: 0000000000036c38 R12: ffff8881053ffc18 [ 145.791109] R13: ffff88810292d800 R14: ffff888103c8a000 R15: ffff888102712a00 [ 145.791535] FS: 0000000000000000(0000) GS:ffff8881b6193000(0000) knlGS:0000000000000000 [ 145.791950] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.792365] CR2: 00007ffff7ffe000 CR3: 0000000157eba000 CR4: 00000000000006f0 [ 145.792730] DR0: ffffffffa5030884 DR1: ffffffffa5030889 DR2: ffffffffa503088a [ 145.793179] DR3: ffffffffa503088b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 145.793853] Call Trace: [ 145.794051] <TASK> [ 145.794279] drm_test_framebuffer_free+0x1ab/0x610 [ 145.794496] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 145.794752] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 145.795009] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 145.795358] ? __drmm_add_action_or_reset+0x22/0x50 [ 145.796045] ? __schedule+0x10cc/0x2b30 [ 145.796333] ? __pfx_read_tsc+0x10/0x10 [ 145.796545] ? ktime_get_ts64+0x86/0x230 [ 145.796758] kunit_try_run_case+0x1a5/0x480 [ 145.797438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.797777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 145.798238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 145.798479] ? __kthread_parkme+0x82/0x180 [ 145.798688] ? preempt_count_sub+0x50/0x80 [ 145.799249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.799471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 145.799790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 145.800310] kthread+0x337/0x6f0 [ 145.800610] ? trace_preempt_on+0x20/0xc0 [ 145.800786] ? __pfx_kthread+0x10/0x10 [ 145.801407] ? _raw_spin_unlock_irq+0x47/0x80 [ 145.801623] ? calculate_sigpending+0x7b/0xa0 [ 145.801832] ? __pfx_kthread+0x10/0x10 [ 145.802391] ret_from_fork+0x41/0x80 [ 145.802555] ? __pfx_kthread+0x10/0x10 [ 145.803070] ret_from_fork_asm+0x1a/0x30 [ 145.803313] </TASK> [ 145.803540] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 144.556801] WARNING: CPU: 1 PID: 1959 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 144.557551] Modules linked in: [ 144.557721] CPU: 1 UID: 0 PID: 1959 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 144.558521] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.559220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.560258] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 144.560737] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 cf 21 02 48 89 df e8 d8 [ 144.562277] RSP: 0000:ffff88810360fc90 EFLAGS: 00010246 [ 144.562485] RAX: dffffc0000000000 RBX: ffff8881049b0000 RCX: 0000000000000000 [ 144.562702] RDX: 1ffff11020936032 RSI: ffffffffa01f17f8 RDI: ffff8881049b0190 [ 144.563061] RBP: ffff88810360fca0 R08: 1ffff11020063f69 R09: ffffed10206c1f65 [ 144.563829] R10: 0000000000000003 R11: ffffffff9f780898 R12: 0000000000000000 [ 144.564669] R13: ffff88810360fd38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 144.565477] FS: 0000000000000000(0000) GS:ffff8881b6193000(0000) knlGS:0000000000000000 [ 144.566363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.566555] CR2: 00007ffff7ffe000 CR3: 0000000157eba000 CR4: 00000000000006f0 [ 144.566769] DR0: ffffffffa5030884 DR1: ffffffffa5030889 DR2: ffffffffa503088a [ 144.567011] DR3: ffffffffa503088b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.567827] Call Trace: [ 144.568133] <TASK> [ 144.568408] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 144.568717] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 144.569078] ? __schedule+0x10cc/0x2b30 [ 144.569592] ? __pfx_read_tsc+0x10/0x10 [ 144.570072] ? ktime_get_ts64+0x86/0x230 [ 144.570560] kunit_try_run_case+0x1a5/0x480 [ 144.570980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.571273] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.571501] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.571674] ? __kthread_parkme+0x82/0x180 [ 144.571823] ? preempt_count_sub+0x50/0x80 [ 144.572002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.572297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.572629] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.573001] kthread+0x337/0x6f0 [ 144.573206] ? trace_preempt_on+0x20/0xc0 [ 144.573392] ? __pfx_kthread+0x10/0x10 [ 144.573677] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.574021] ? calculate_sigpending+0x7b/0xa0 [ 144.574287] ? __pfx_kthread+0x10/0x10 [ 144.574744] ret_from_fork+0x41/0x80 [ 144.574985] ? __pfx_kthread+0x10/0x10 [ 144.575278] ret_from_fork_asm+0x1a/0x30 [ 144.575527] </TASK> [ 144.575654] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 144.480246] WARNING: CPU: 0 PID: 1951 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 144.480651] Modules linked in: [ 144.480827] CPU: 0 UID: 0 PID: 1951 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 144.481596] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.482231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.482709] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 144.483355] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 cf 21 02 48 89 df e8 d8 [ 144.483940] RSP: 0000:ffff888104e67c90 EFLAGS: 00010246 [ 144.484164] RAX: dffffc0000000000 RBX: ffff888102356000 RCX: 0000000000000000 [ 144.484489] RDX: 1ffff1102046ac32 RSI: ffffffffa01f17f8 RDI: ffff888102356190 [ 144.484767] RBP: ffff888104e67ca0 R08: 1ffff11020063f69 R09: ffffed10209ccf65 [ 144.485232] R10: 0000000000000003 R11: ffffffff9f780898 R12: 0000000000000000 [ 144.485475] R13: ffff888104e67d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 144.485781] FS: 0000000000000000(0000) GS:ffff8881b6093000(0000) knlGS:0000000000000000 [ 144.486394] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.486689] CR2: 00007ffff7ffe000 CR3: 0000000157eba000 CR4: 00000000000006f0 [ 144.487166] DR0: ffffffffa5030880 DR1: ffffffffa5030881 DR2: ffffffffa5030883 [ 144.487534] DR3: ffffffffa5030885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.487860] Call Trace: [ 144.488050] <TASK> [ 144.488237] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 144.488559] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 144.488939] ? __schedule+0x10cc/0x2b30 [ 144.489245] ? __pfx_read_tsc+0x10/0x10 [ 144.489472] ? ktime_get_ts64+0x86/0x230 [ 144.489667] kunit_try_run_case+0x1a5/0x480 [ 144.489970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.490186] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.490451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.490667] ? __kthread_parkme+0x82/0x180 [ 144.491076] ? preempt_count_sub+0x50/0x80 [ 144.491311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.491473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.491732] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.492049] kthread+0x337/0x6f0 [ 144.492263] ? trace_preempt_on+0x20/0xc0 [ 144.492561] ? __pfx_kthread+0x10/0x10 [ 144.492717] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.493079] ? calculate_sigpending+0x7b/0xa0 [ 144.493281] ? __pfx_kthread+0x10/0x10 [ 144.493604] ret_from_fork+0x41/0x80 [ 144.493775] ? __pfx_kthread+0x10/0x10 [ 144.493963] ret_from_fork_asm+0x1a/0x30 [ 144.494311] </TASK> [ 144.494462] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 114.151044] WARNING: CPU: 1 PID: 675 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 114.151918] Modules linked in: [ 114.152302] CPU: 1 UID: 0 PID: 675 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 114.152981] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 114.153179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 114.153445] RIP: 0010:intlog10+0x2a/0x40 [ 114.153595] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 c7 19 81 02 90 <0f> 0b 90 31 c0 e9 bc 19 81 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 114.154282] RSP: 0000:ffff88810749fcb0 EFLAGS: 00010246 [ 114.154542] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020e93fb4 [ 114.154852] RDX: 1ffffffff45d2510 RSI: 1ffff11020e93fb3 RDI: 0000000000000000 [ 114.155297] RBP: ffff88810749fd60 R08: 0000000000000000 R09: ffffed10207cf080 [ 114.155627] R10: ffff888103e78407 R11: 0000000000000000 R12: 1ffff11020e93f97 [ 114.155912] R13: ffffffffa2e92880 R14: 0000000000000000 R15: ffff88810749fd38 [ 114.156326] FS: 0000000000000000(0000) GS:ffff8881b6193000(0000) knlGS:0000000000000000 [ 114.156624] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.156898] CR2: ffff88815a90b009 CR3: 0000000157eba000 CR4: 00000000000006f0 [ 114.157174] DR0: ffffffffa5030884 DR1: ffffffffa5030889 DR2: ffffffffa503088a [ 114.157605] DR3: ffffffffa503088b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 114.157889] Call Trace: [ 114.158064] <TASK> [ 114.158200] ? intlog10_test+0xf2/0x220 [ 114.158388] ? __pfx_intlog10_test+0x10/0x10 [ 114.158588] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 114.158825] ? trace_hardirqs_on+0x37/0xe0 [ 114.158985] ? __pfx_read_tsc+0x10/0x10 [ 114.159375] ? ktime_get_ts64+0x86/0x230 [ 114.159599] kunit_try_run_case+0x1a5/0x480 [ 114.159784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 114.160225] ? queued_spin_lock_slowpath+0x116/0xb40 [ 114.160466] ? __kthread_parkme+0x82/0x180 [ 114.160650] ? preempt_count_sub+0x50/0x80 [ 114.160871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 114.161163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 114.161381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 114.161656] kthread+0x337/0x6f0 [ 114.161832] ? trace_preempt_on+0x20/0xc0 [ 114.162142] ? __pfx_kthread+0x10/0x10 [ 114.162345] ? _raw_spin_unlock_irq+0x47/0x80 [ 114.162530] ? calculate_sigpending+0x7b/0xa0 [ 114.162759] ? __pfx_kthread+0x10/0x10 [ 114.163150] ret_from_fork+0x41/0x80 [ 114.163325] ? __pfx_kthread+0x10/0x10 [ 114.163507] ret_from_fork_asm+0x1a/0x30 [ 114.163718] </TASK> [ 114.163852] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 114.109516] WARNING: CPU: 0 PID: 657 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 114.110595] Modules linked in: [ 114.110844] CPU: 0 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D N 6.15.0-rc7 #1 PREEMPT(voluntary) [ 114.111601] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 114.111834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 114.112471] RIP: 0010:intlog2+0xdf/0x110 [ 114.112725] Code: e9 a2 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 8f d6 56 ff 8b 45 e4 eb [ 114.113843] RSP: 0000:ffff888107527cb0 EFLAGS: 00010246 [ 114.114330] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020ea4fb4 [ 114.114619] RDX: 1ffffffff45d2564 RSI: 1ffff11020ea4fb3 RDI: 0000000000000000 [ 114.115247] RBP: ffff888107527d60 R08: 0000000000000000 R09: ffffed1020548320 [ 114.115611] R10: ffff888102a41907 R11: 0000000000000000 R12: 1ffff11020ea4f97 [ 114.116368] R13: ffffffffa2e92b20 R14: 0000000000000000 R15: ffff888107527d38 [ 114.116794] FS: 0000000000000000(0000) GS:ffff8881b6093000(0000) knlGS:0000000000000000 [ 114.117383] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.117635] CR2: dffffc0000000000 CR3: 0000000157eba000 CR4: 00000000000006f0 [ 114.118142] DR0: ffffffffa5030880 DR1: ffffffffa5030881 DR2: ffffffffa5030883 [ 114.118553] DR3: ffffffffa5030885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 114.118854] Call Trace: [ 114.119328] <TASK> [ 114.119576] ? intlog2_test+0xf2/0x220 [ 114.120240] ? __pfx_intlog2_test+0x10/0x10 [ 114.120471] ? __schedule+0x10cc/0x2b30 [ 114.120655] ? __pfx_read_tsc+0x10/0x10 [ 114.120849] ? ktime_get_ts64+0x86/0x230 [ 114.121413] kunit_try_run_case+0x1a5/0x480 [ 114.121810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 114.122251] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 114.122477] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 114.122702] ? __kthread_parkme+0x82/0x180 [ 114.122873] ? preempt_count_sub+0x50/0x80 [ 114.123129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 114.123403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 114.123778] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 114.124209] kthread+0x337/0x6f0 [ 114.124407] ? trace_preempt_on+0x20/0xc0 [ 114.124606] ? __pfx_kthread+0x10/0x10 [ 114.124777] ? _raw_spin_unlock_irq+0x47/0x80 [ 114.124946] ? calculate_sigpending+0x7b/0xa0 [ 114.125164] ? __pfx_kthread+0x10/0x10 [ 114.125425] ret_from_fork+0x41/0x80 [ 114.125614] ? __pfx_kthread+0x10/0x10 [ 114.125820] ret_from_fork_asm+0x1a/0x30 [ 114.126105] </TASK> [ 114.126221] ---[ end trace 0000000000000000 ]---